From a34e31d0f71bfab54c02c5209534b6ab8ac0ef50 Mon Sep 17 00:00:00 2001 From: Tobias Urdin Date: Wed, 8 Jul 2020 18:17:37 +0200 Subject: [PATCH] Convert more to rspec-puppet-facts After this it's only the keystone init class and the keystone ldap backend definition left. puppet-keystone is the last module then everything is using rspec-puppet-facts. Conflicts: spec/classes/keystone_federation_identity_provider_spec.rb Change-Id: I3d22478a6d3f9feeacfa7d6ca9c728f9f9f2b361 (cherry picked from commit 8f5c6835db775690dbc7ff192e147c5a19ac5ffc) (cherry picked from commit 79083edebb3670b5d5eac4d62d4a66f4a444f56c) --- ...stone_federation_identity_provider_spec.rb | 187 +++++++++------- spec/classes/keystone_ldap_spec.rb | 205 ++++++++++-------- 2 files changed, 218 insertions(+), 174 deletions(-) diff --git a/spec/classes/keystone_federation_identity_provider_spec.rb b/spec/classes/keystone_federation_identity_provider_spec.rb index 1f93c6a2f..27283c168 100644 --- a/spec/classes/keystone_federation_identity_provider_spec.rb +++ b/spec/classes/keystone_federation_identity_provider_spec.rb @@ -1,25 +1,20 @@ require 'spec_helper' describe 'keystone::federation::identity_provider' do - - let :pre_condition do - "class { 'keystone': - admin_token => 'dummy', - service_name => 'httpd', - enable_ssl=> true }" - end - let :params do - { :user => 'keystone', + { + :user => 'keystone', :certfile => '/etc/keystone/ssl/certs/signing_cert.pem', :keyfile => '/etc/keystone/ssl/private/signing_key.pem', :idp_entity_id => 'https://keystone.example.com/v3/OS-FEDERATION/saml2/idp', :idp_sso_endpoint => 'https://keystone.example.com/v3/OS-FEDERATION/saml2/sso', - :idp_metadata_path => '/etc/keystone/saml2_idp_metadata.xml' } + :idp_metadata_path => '/etc/keystone/saml2_idp_metadata.xml' + } end let :optional_params do - { :idp_organization_name => 'ExampleCompany', + { + :idp_organization_name => 'ExampleCompany', :idp_organization_display_name => 'Example', :idp_organization_url => 'www.example.com', :idp_contact_company => 'someone', @@ -27,85 +22,115 @@ describe 'keystone::federation::identity_provider' do :idp_contact_surname => 'surname', :idp_contact_email => 'name@example.com', :idp_contact_telephone => '+55000000000', - :idp_contact_type => 'other' } + :idp_contact_type => 'other' + } end - shared_examples_for 'keystone federation identity provider' do + shared_examples 'keystone::federation::identity_provider' do + let :pre_condition do + "class { 'keystone': + admin_token => 'dummy', + service_name => 'httpd', + enable_ssl => true, + }" + end - it { is_expected.to contain_class('keystone::params') } + context 'with required params' do + it { is_expected.to contain_class('keystone::params') } - context 'keystone not running under apache' do - let :pre_condition do - "class { 'keystone': - admin_token => 'dummy', - service_name => 'keystone', - enable_ssl=> true }" + it { is_expected.to contain_package('xmlsec1').with( + :ensure => 'present', + )} + + it { is_expected.to contain_package('python-pysaml2').with( + :ensure => 'present', + )} + + it { + is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) + is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) + is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) + is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) + is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) + } + + it { is_expected.to contain_exec('saml_idp_metadata').with( + :command => "keystone-manage saml_idp_metadata > #{params[:idp_metadata_path]}", + :creates => "#{params[:idp_metadata_path]}", + )} + + it { is_expected.to contain_file("#{params[:idp_metadata_path]}").with( + :ensure => 'present', + :mode => '0600', + :owner => 'keystone', + )} + end + + context 'with keystone optional params' do + before do + params.merge!(optional_params) end - it_raises 'a Puppet::Error', /Keystone need to be running under Apache for Federation work./ + it { + is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) + is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) + is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) + is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) + is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) + is_expected.to contain_keystone_config('saml/idp_organization_name').with_value(params[:idp_organization_name]) + is_expected.to contain_keystone_config('saml/idp_organization_display_name').with_value(params[:idp_organization_display_name]) + is_expected.to contain_keystone_config('saml/idp_organization_url').with_value(params[:idp_organization_url]) + is_expected.to contain_keystone_config('saml/idp_contact_company').with_value(params[:idp_contact_company]) + is_expected.to contain_keystone_config('saml/idp_contact_name').with_value(params[:idp_contact_name]) + is_expected.to contain_keystone_config('saml/idp_contact_surname').with_value(params[:idp_contact_surname]) + is_expected.to contain_keystone_config('saml/idp_contact_email').with_value(params[:idp_contact_email]) + is_expected.to contain_keystone_config('saml/idp_contact_telephone').with_value(params[:idp_contact_telephone]) + is_expected.to contain_keystone_config('saml/idp_contact_type').with_value(params[:idp_contact_type]) + } end - it 'should have' do - is_expected.to contain_package('xmlsec1').with( - :ensure => 'present', - ) - is_expected.to contain_package('python-pysaml2').with( - :ensure => 'present', - ) + context 'with invalid values for idp_contact_type' do + before do + params.merge!(:idp_contact_type => 'foobar') + end + + it { is_expected.to raise_error(Puppet::Error, /Allowed values for idp_contact_type are: technical, support, administrative, billing and other/) } end - - it 'should configure keystone.conf' do - is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) - is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) - is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) - is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) - is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) - end - - it { is_expected.to contain_exec('saml_idp_metadata').with( - :command => "keystone-manage saml_idp_metadata > #{params[:idp_metadata_path]}", - :creates => "#{params[:idp_metadata_path]}", - ) } - - it 'creates saml idp metadata file' do - is_expected.to contain_file("#{params[:idp_metadata_path]}").with( - :ensure => 'present', - :mode => '0600', - :owner => 'keystone', - ) - end - - context 'configure Keystone with optional params' do - before :each do - params.merge!(optional_params) - end - - it 'should configure keystone.conf' do - is_expected.to contain_keystone_config('saml/certfile').with_value(params[:certfile]) - is_expected.to contain_keystone_config('saml/keyfile').with_value(params[:keyfile]) - is_expected.to contain_keystone_config('saml/idp_entity_id').with_value(params[:idp_entity_id]) - is_expected.to contain_keystone_config('saml/idp_sso_endpoint').with_value(params[:idp_sso_endpoint]) - is_expected.to contain_keystone_config('saml/idp_metadata_path').with_value(params[:idp_metadata_path]) - is_expected.to contain_keystone_config('saml/idp_organization_name').with_value(params[:idp_organization_name]) - is_expected.to contain_keystone_config('saml/idp_organization_display_name').with_value(params[:idp_organization_display_name]) - is_expected.to contain_keystone_config('saml/idp_organization_url').with_value(params[:idp_organization_url]) - is_expected.to contain_keystone_config('saml/idp_contact_company').with_value(params[:idp_contact_company]) - is_expected.to contain_keystone_config('saml/idp_contact_name').with_value(params[:idp_contact_name]) - is_expected.to contain_keystone_config('saml/idp_contact_surname').with_value(params[:idp_contact_surname]) - is_expected.to contain_keystone_config('saml/idp_contact_email').with_value(params[:idp_contact_email]) - is_expected.to contain_keystone_config('saml/idp_contact_telephone').with_value(params[:idp_contact_telephone]) - is_expected.to contain_keystone_config('saml/idp_contact_type').with_value(params[:idp_contact_type]) - end - end - - context 'with invalid values for idp_contact_type' do - before do - params.merge!(:idp_contact_type => 'foobar') - end - - it_raises 'a Puppet::Error', /Allowed values for idp_contact_type are: technical, support, administrative, billing and other/ - end - end + shared_examples 'keystone::federation::identity_provider without Apache' do + let :pre_condition do + "class { 'keystone': + admin_token => 'dummy', + service_name => '#{platform_params[:keystone_service]}', + enable_ssl => true, + }" + end + + context 'with default parameters' do + it { is_expected.to raise_error(Puppet::Error, /Keystone need to be running under Apache for Federation work./) } + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts()) + end + + let (:platform_params) do + if facts[:osfamily] == 'RedHat' + keystone_service = 'openstack-keystone' + else + keystone_service = 'keystone' + end + { :keystone_service => keystone_service } + end + + it_behaves_like 'keystone::federation::identity_provider' + it_behaves_like 'keystone::federation::identity_provider without Apache' + end + end end diff --git a/spec/classes/keystone_ldap_spec.rb b/spec/classes/keystone_ldap_spec.rb index 6bdc9cf63..29445be2f 100644 --- a/spec/classes/keystone_ldap_spec.rb +++ b/spec/classes/keystone_ldap_spec.rb @@ -1,7 +1,7 @@ require 'spec_helper' describe 'keystone::ldap' do - describe 'with basic params' do + shared_examples 'keystone::ldap' do let :params do { :url => 'ldap://foo', @@ -81,109 +81,128 @@ describe 'keystone::ldap' do :auth_pool_connection_lifetime => 200, } end - it { is_expected.to contain_package('python-ldappool') } - it 'should have basic params' do - # basic params - is_expected.to contain_keystone_config('ldap/url').with_value('ldap://foo') - is_expected.to contain_keystone_config('ldap/user').with_value('cn=foo,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/password').with_value('abcdefg').with_secret(true) - is_expected.to contain_keystone_config('ldap/suffix').with_value('dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/query_scope').with_value('sub') - is_expected.to contain_keystone_config('ldap/page_size').with_value('50') - # users - is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_filter').with_value('(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)') - is_expected.to contain_keystone_config('ldap/user_objectclass').with_value('inetUser') - is_expected.to contain_keystone_config('ldap/user_id_attribute').with_value('uid') - is_expected.to contain_keystone_config('ldap/user_name_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/user_description_attribute').with_value('description') - is_expected.to contain_keystone_config('ldap/user_mail_attribute').with_value('mail') - is_expected.to contain_keystone_config('ldap/user_enabled_attribute').with_value('UserAccountControl') - is_expected.to contain_keystone_config('ldap/user_enabled_mask').with_value('2') - is_expected.to contain_keystone_config('ldap/user_enabled_default').with_value('512') - is_expected.to contain_keystone_config('ldap/user_enabled_invert').with_value('False') - is_expected.to contain_keystone_config('ldap/user_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/user_default_project_id_attribute').with_value('defaultProject') - is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_pass_attribute').with_value('krbPassword') - is_expected.to contain_keystone_config('ldap/user_enabled_emulation').with_value('True') - is_expected.to contain_keystone_config('ldap/user_enabled_emulation_dn').with_value('cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/user_additional_attribute_mapping').with_value('description:name, gecos:name') + context 'with parameters' do + it { is_expected.to contain_package('python-ldappool') } - # projects - is_expected.to contain_keystone_config('ldap/project_tree_dn').with_value('ou=projects,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/project_filter').with_value('') - is_expected.to contain_keystone_config('ldap/project_objectclass').with_value('organizationalUnit') - is_expected.to contain_keystone_config('ldap/project_id_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/project_member_attribute').with_value('member') - is_expected.to contain_keystone_config('ldap/project_desc_attribute').with_value('description') - is_expected.to contain_keystone_config('ldap/project_name_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/project_enabled_attribute').with_value('enabled') - is_expected.to contain_keystone_config('ldap/project_domain_id_attribute').with_value('businessCategory') - is_expected.to contain_keystone_config('ldap/project_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/project_allow_create').with_value('True') - is_expected.to contain_keystone_config('ldap/project_allow_update').with_value('True') - is_expected.to contain_keystone_config('ldap/project_allow_delete').with_value('True') - is_expected.to contain_keystone_config('ldap/project_enabled_emulation').with_value('False') - is_expected.to contain_keystone_config('ldap/project_enabled_emulation_dn').with_value('True') - is_expected.to contain_keystone_config('ldap/project_additional_attribute_mapping').with_value('cn=enabled,ou=openstack,dc=example,dc=com') + it { + is_expected.to contain_keystone_config('ldap/url').with_value('ldap://foo') + is_expected.to contain_keystone_config('ldap/user').with_value('cn=foo,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/password').with_value('abcdefg').with_secret(true) + is_expected.to contain_keystone_config('ldap/suffix').with_value('dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/query_scope').with_value('sub') + is_expected.to contain_keystone_config('ldap/page_size').with_value('50') + } - # roles - is_expected.to contain_keystone_config('ldap/role_tree_dn').with_value('ou=roles,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/role_filter').with_value('') - is_expected.to contain_keystone_config('ldap/role_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_config('ldap/role_id_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/role_name_attribute').with_value('ou') - is_expected.to contain_keystone_config('ldap/role_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_config('ldap/role_attribute_ignore').with_value('description') - is_expected.to contain_keystone_config('ldap/role_allow_create').with_value('True') - is_expected.to contain_keystone_config('ldap/role_allow_update').with_value('True') - is_expected.to contain_keystone_config('ldap/role_allow_delete').with_value('True') - is_expected.to contain_keystone_config('ldap/role_additional_attribute_mapping').with_value('') + it { + is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/user_filter').with_value('(memberOf=cn=openstack,cn=groups,cn=accounts,dc=example,dc=com)') + is_expected.to contain_keystone_config('ldap/user_objectclass').with_value('inetUser') + is_expected.to contain_keystone_config('ldap/user_id_attribute').with_value('uid') + is_expected.to contain_keystone_config('ldap/user_name_attribute').with_value('cn') + is_expected.to contain_keystone_config('ldap/user_description_attribute').with_value('description') + is_expected.to contain_keystone_config('ldap/user_mail_attribute').with_value('mail') + is_expected.to contain_keystone_config('ldap/user_enabled_attribute').with_value('UserAccountControl') + is_expected.to contain_keystone_config('ldap/user_enabled_mask').with_value('2') + is_expected.to contain_keystone_config('ldap/user_enabled_default').with_value('512') + is_expected.to contain_keystone_config('ldap/user_enabled_invert').with_value('False') + is_expected.to contain_keystone_config('ldap/user_attribute_ignore').with_value('') + is_expected.to contain_keystone_config('ldap/user_default_project_id_attribute').with_value('defaultProject') + is_expected.to contain_keystone_config('ldap/user_tree_dn').with_value('cn=users,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/user_pass_attribute').with_value('krbPassword') + is_expected.to contain_keystone_config('ldap/user_enabled_emulation').with_value('True') + is_expected.to contain_keystone_config('ldap/user_enabled_emulation_dn').with_value('cn=openstack-enabled,cn=groups,cn=accounts,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/user_additional_attribute_mapping').with_value('description:name, gecos:name') + } - # groups - is_expected.to contain_keystone_config('ldap/group_tree_dn').with_value('ou=groups,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/group_filter').with_value('cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/group_objectclass').with_value('organizationalRole') - is_expected.to contain_keystone_config('ldap/group_id_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/group_member_attribute').with_value('roleOccupant') - is_expected.to contain_keystone_config('ldap/group_members_are_ids').with_value('True') - is_expected.to contain_keystone_config('ldap/group_desc_attribute').with_value('description') - is_expected.to contain_keystone_config('ldap/group_name_attribute').with_value('cn') - is_expected.to contain_keystone_config('ldap/group_attribute_ignore').with_value('') - is_expected.to contain_keystone_config('ldap/group_additional_attribute_mapping').with_value('') + it { + is_expected.to contain_keystone_config('ldap/project_tree_dn').with_value('ou=projects,ou=openstack,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/project_filter').with_value('') + is_expected.to contain_keystone_config('ldap/project_objectclass').with_value('organizationalUnit') + is_expected.to contain_keystone_config('ldap/project_id_attribute').with_value('ou') + is_expected.to contain_keystone_config('ldap/project_member_attribute').with_value('member') + is_expected.to contain_keystone_config('ldap/project_desc_attribute').with_value('description') + is_expected.to contain_keystone_config('ldap/project_name_attribute').with_value('ou') + is_expected.to contain_keystone_config('ldap/project_enabled_attribute').with_value('enabled') + is_expected.to contain_keystone_config('ldap/project_domain_id_attribute').with_value('businessCategory') + is_expected.to contain_keystone_config('ldap/project_attribute_ignore').with_value('') + is_expected.to contain_keystone_config('ldap/project_allow_create').with_value('True') + is_expected.to contain_keystone_config('ldap/project_allow_update').with_value('True') + is_expected.to contain_keystone_config('ldap/project_allow_delete').with_value('True') + is_expected.to contain_keystone_config('ldap/project_enabled_emulation').with_value('False') + is_expected.to contain_keystone_config('ldap/project_enabled_emulation_dn').with_value('True') + is_expected.to contain_keystone_config('ldap/project_additional_attribute_mapping').with_value('cn=enabled,ou=openstack,dc=example,dc=com') + } - # referrals - is_expected.to contain_keystone_config('ldap/chase_referrals').with_value('False') + it { + is_expected.to contain_keystone_config('ldap/role_tree_dn').with_value('ou=roles,ou=openstack,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/role_filter').with_value('') + is_expected.to contain_keystone_config('ldap/role_objectclass').with_value('organizationalRole') + is_expected.to contain_keystone_config('ldap/role_id_attribute').with_value('cn') + is_expected.to contain_keystone_config('ldap/role_name_attribute').with_value('ou') + is_expected.to contain_keystone_config('ldap/role_member_attribute').with_value('roleOccupant') + is_expected.to contain_keystone_config('ldap/role_attribute_ignore').with_value('description') + is_expected.to contain_keystone_config('ldap/role_allow_create').with_value('True') + is_expected.to contain_keystone_config('ldap/role_allow_update').with_value('True') + is_expected.to contain_keystone_config('ldap/role_allow_delete').with_value('True') + is_expected.to contain_keystone_config('ldap/role_additional_attribute_mapping').with_value('') + } - # tls - is_expected.to contain_keystone_config('ldap/use_tls').with_value('False') - is_expected.to contain_keystone_config('ldap/tls_cacertdir').with_value('/etc/ssl/certs/') - is_expected.to contain_keystone_config('ldap/tls_cacertfile').with_value('/etc/ssl/certs/ca-certificates.crt') - is_expected.to contain_keystone_config('ldap/tls_req_cert').with_value('demand') + it { + is_expected.to contain_keystone_config('ldap/group_tree_dn').with_value('ou=groups,ou=openstack,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/group_filter').with_value('cn=enabled-groups,cn=groups,cn=accounts,dc=example,dc=com') + is_expected.to contain_keystone_config('ldap/group_objectclass').with_value('organizationalRole') + is_expected.to contain_keystone_config('ldap/group_id_attribute').with_value('cn') + is_expected.to contain_keystone_config('ldap/group_member_attribute').with_value('roleOccupant') + is_expected.to contain_keystone_config('ldap/group_members_are_ids').with_value('True') + is_expected.to contain_keystone_config('ldap/group_desc_attribute').with_value('description') + is_expected.to contain_keystone_config('ldap/group_name_attribute').with_value('cn') + is_expected.to contain_keystone_config('ldap/group_attribute_ignore').with_value('') + is_expected.to contain_keystone_config('ldap/group_additional_attribute_mapping').with_value('') + } - # ldap pooling - is_expected.to contain_keystone_config('ldap/use_pool').with_value('True') - is_expected.to contain_keystone_config('ldap/pool_size').with_value('20') - is_expected.to contain_keystone_config('ldap/pool_retry_max').with_value('2') - is_expected.to contain_keystone_config('ldap/pool_retry_delay').with_value('0.2') - is_expected.to contain_keystone_config('ldap/pool_connection_timeout').with_value('222') - is_expected.to contain_keystone_config('ldap/pool_connection_lifetime').with_value('222') - is_expected.to contain_keystone_config('ldap/use_auth_pool').with_value('True') - is_expected.to contain_keystone_config('ldap/auth_pool_size').with_value('20') - is_expected.to contain_keystone_config('ldap/auth_pool_connection_lifetime').with_value('200') + it { is_expected.to contain_keystone_config('ldap/chase_referrals').with_value('False') } - # drivers - is_expected.to contain_keystone_config('identity/driver').with_value('ldap') + it { + is_expected.to contain_keystone_config('ldap/use_tls').with_value('False') + is_expected.to contain_keystone_config('ldap/tls_cacertdir').with_value('/etc/ssl/certs/') + is_expected.to contain_keystone_config('ldap/tls_cacertfile').with_value('/etc/ssl/certs/ca-certificates.crt') + is_expected.to contain_keystone_config('ldap/tls_req_cert').with_value('demand') + } + + it { + is_expected.to contain_keystone_config('ldap/use_pool').with_value('True') + is_expected.to contain_keystone_config('ldap/pool_size').with_value('20') + is_expected.to contain_keystone_config('ldap/pool_retry_max').with_value('2') + is_expected.to contain_keystone_config('ldap/pool_retry_delay').with_value('0.2') + is_expected.to contain_keystone_config('ldap/pool_connection_timeout').with_value('222') + is_expected.to contain_keystone_config('ldap/pool_connection_lifetime').with_value('222') + is_expected.to contain_keystone_config('ldap/use_auth_pool').with_value('True') + is_expected.to contain_keystone_config('ldap/auth_pool_size').with_value('20') + is_expected.to contain_keystone_config('ldap/auth_pool_connection_lifetime').with_value('200') + } + + it { is_expected.to contain_keystone_config('identity/driver').with_value('ldap') } end - end - describe 'with packages unmanaged' do - let :params do - { :manage_packages => false } - end + context 'with manage_packages set to false' do + before do + params.merge!( :manage_packages => false ) + end + it { is_expected.to_not contain_package('python-ldappool') } + end end + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts()) + end + + it_behaves_like 'keystone::ldap' + end + end end