openstack/puppet-keystone
Code Issues Proposed changes

Add manage_resources param to keystone::bootstrap

Browse Source 
This adds the parameter manage_resources to the
keystone::bootstrap class so that one can skip
the actual bootstrap command but still let the
class handle the resources.

Change-Id: I15b70c6d86182d38a8d464ca6c4dc5a9e9afee43
This commit is contained in:
Tobias Urdin 2024-05-10 09:30:46 +02:00
parent d1b26af8e7
commit a337525145
3 changed files with 46 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/bootstrap.pp
View File

@ -58,6 +58,10 @@
# (Optional) Whether to run keystone-manage bootstrap command.
# Defaults to true
#
# [*manage_resources*]
# (Optional) Whether to manage resources created by bootstrap.
# Defaults to true
#
class keystone::bootstrap (
String[1] $password,
String[1] $username = 'admin',
@ -72,6 +76,7 @@ class keystone::bootstrap (
String[1] $region = 'RegionOne',
Enum['public', 'internal', 'admin'] $interface = 'public',
Boolean $bootstrap = true,
Boolean $manage_resources = true,
) inherits keystone::params {
include keystone::deps
@ -121,7 +126,9 @@ class keystone::bootstrap (
notify => Anchor['keystone::service::begin'],
tag => 'keystone-bootstrap',
}
}
if $manage_resources {
# Since the bootstrap is not guaranteed to execute on each run we
# use the below resources to make sure the current resources are
# correct so if some value was updated we set that.

10
releasenotes/notes/bootstrap-manage_resources-dbf6cd7fcdd192a5.yaml Normal file
View File

@ -0,0 +1,10 @@
---
features:
- |
Added new ``manage_resources`` (default to true) in ``keystone::bootstrap``
class that can be set to false to not manage resources created by bootstrap.
upgrade:
- |
If you're setting ``bootstrap`` parameter in ``keystone::bootstrap`` class
to false you now also need to set ``manage_resources`` to false to keep the
same behaviour.

36
spec/classes/keystone_bootstrap_spec.rb
View File

@ -227,13 +227,13 @@ describe 'keystone::bootstrap' do
it { is_expected.to_not contain_exec('keystone bootstrap') }
it { is_expected.to_not contain_keystone_role('admin') }
it { is_expected.to_not contain_keystone_user('admin') }
it { is_expected.to_not contain_keystone_tenant('services') }
it { is_expected.to_not contain_keystone_tenant('admin') }
it { is_expected.to_not contain_keystone_user_role('admin@admin') }
it { is_expected.to_not contain_keystone_service('keystone::identity') }
it { is_expected.to_not contain_keystone_endpoint('RegionOne/keystone::identity') }
it { is_expected.to contain_keystone_role('admin') }
it { is_expected.to contain_keystone_user('admin') }
it { is_expected.to contain_keystone_tenant('services') }
it { is_expected.to contain_keystone_tenant('admin') }
it { is_expected.to contain_keystone_user_role('admin@admin') }
it { is_expected.to contain_keystone_service('keystone::identity') }
it { is_expected.to contain_keystone_endpoint('RegionOne/keystone::identity') }
it { is_expected.to contain_file('/etc/openstack').with(
:ensure => 'directory',
@ -276,6 +276,28 @@ describe 'keystone::bootstrap' do
it { is_expected.to contain_exec('keystone bootstrap').with_user('some') }
end
context 'with bootstrap enabled and manage_resource to false' do
let :params do
{
:bootstrap => false,
:manage_resources => false,
:password => 'secret'
}
end
it { is_expected.to contain_class('keystone::deps') }
it { is_expected.to_not contain_exec('keystone bootstrap') }
it { is_expected.to_not contain_keystone_role('admin') }
it { is_expected.to_not contain_keystone_user('admin') }
it { is_expected.to_not contain_keystone_tenant('services') }
it { is_expected.to_not contain_keystone_tenant('admin') }
it { is_expected.to_not contain_keystone_user_role('admin@admin') }
it { is_expected.to_not contain_keystone_service('keystone::identity') }
it { is_expected.to_not contain_keystone_endpoint('RegionOne/keystone::identity') }
end
context 'when setting interface to internal' do
let :params do
{