Drop User/group resource dependency
This patch is a squash between: * I35187a857ae6e67b301d62e30525eaab75707161 * I30d759697ed42dc35f8df8e231c9e012d2762894 It entirely drops the usage of User resource dependency. Note: since beaker jobs were failing with sepeparated patches, we decided to use one patchset so Beaker job can pass the CI. Change-Id: Id69eca0ce73ba7c16aca939821234717618f5ec4 Closes-bug: #1458915 Co-Authored-By: Drew Fisher <drew.fisher@oracle.com>
This commit is contained in:
parent
363d63ac3d
commit
b68858f7fe
|
@ -49,6 +49,10 @@
|
||||||
# (optional) Path to file to which rows should be archived
|
# (optional) Path to file to which rows should be archived
|
||||||
# Defaults to '/var/log/keystone/keystone-tokenflush.log'.
|
# Defaults to '/var/log/keystone/keystone-tokenflush.log'.
|
||||||
#
|
#
|
||||||
|
# [*user*]
|
||||||
|
# (optional) Defaults to 'keystone'.
|
||||||
|
# Allow to run the crontab on behalf any user.
|
||||||
|
#
|
||||||
class keystone::cron::token_flush (
|
class keystone::cron::token_flush (
|
||||||
$ensure = present,
|
$ensure = present,
|
||||||
$minute = 1,
|
$minute = 1,
|
||||||
|
@ -57,7 +61,8 @@ class keystone::cron::token_flush (
|
||||||
$month = '*',
|
$month = '*',
|
||||||
$weekday = '*',
|
$weekday = '*',
|
||||||
$maxdelay = 0,
|
$maxdelay = 0,
|
||||||
$destination = '/var/log/keystone/keystone-tokenflush.log'
|
$destination = '/var/log/keystone/keystone-tokenflush.log',
|
||||||
|
$user = 'keystone',
|
||||||
) {
|
) {
|
||||||
|
|
||||||
if $maxdelay == 0 {
|
if $maxdelay == 0 {
|
||||||
|
@ -70,11 +75,12 @@ class keystone::cron::token_flush (
|
||||||
ensure => $ensure,
|
ensure => $ensure,
|
||||||
command => "${sleep}keystone-manage token_flush >>${destination} 2>&1",
|
command => "${sleep}keystone-manage token_flush >>${destination} 2>&1",
|
||||||
environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
|
environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
|
||||||
user => 'keystone',
|
user => $user,
|
||||||
minute => $minute,
|
minute => $minute,
|
||||||
hour => $hour,
|
hour => $hour,
|
||||||
monthday => $monthday,
|
monthday => $monthday,
|
||||||
month => $month,
|
month => $month,
|
||||||
weekday => $weekday
|
weekday => $weekday,
|
||||||
|
require => Package['keystone'],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,7 +19,6 @@ class keystone::db::sync(
|
||||||
user => 'keystone',
|
user => 'keystone',
|
||||||
refreshonly => true,
|
refreshonly => true,
|
||||||
subscribe => [Package['keystone'], Keystone_config['database/connection']],
|
subscribe => [Package['keystone'], Keystone_config['database/connection']],
|
||||||
require => User['keystone'],
|
|
||||||
}
|
}
|
||||||
|
|
||||||
Exec['keystone-manage db_sync'] ~> Service<| title == 'keystone' |>
|
Exec['keystone-manage db_sync'] ~> Service<| title == 'keystone' |>
|
||||||
|
|
|
@ -651,33 +651,14 @@ class keystone(
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
group { 'keystone':
|
|
||||||
ensure => present,
|
|
||||||
system => true,
|
|
||||||
require => Package['keystone'],
|
|
||||||
}
|
|
||||||
|
|
||||||
user { 'keystone':
|
|
||||||
ensure => 'present',
|
|
||||||
gid => 'keystone',
|
|
||||||
system => true,
|
|
||||||
require => Package['keystone'],
|
|
||||||
}
|
|
||||||
|
|
||||||
file { ['/etc/keystone', '/var/log/keystone', '/var/lib/keystone']:
|
file { ['/etc/keystone', '/var/log/keystone', '/var/lib/keystone']:
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
mode => '0750',
|
|
||||||
owner => 'keystone',
|
|
||||||
group => 'keystone',
|
|
||||||
require => Package['keystone'],
|
require => Package['keystone'],
|
||||||
notify => Service[$service_name],
|
notify => Service[$service_name],
|
||||||
}
|
}
|
||||||
|
|
||||||
file { '/etc/keystone/keystone.conf':
|
file { '/etc/keystone/keystone.conf':
|
||||||
ensure => present,
|
ensure => present,
|
||||||
mode => '0600',
|
|
||||||
owner => 'keystone',
|
|
||||||
group => 'keystone',
|
|
||||||
require => Package['keystone'],
|
require => Package['keystone'],
|
||||||
notify => Service[$service_name],
|
notify => Service[$service_name],
|
||||||
}
|
}
|
||||||
|
@ -812,12 +793,10 @@ class keystone(
|
||||||
if $enable_pki_setup {
|
if $enable_pki_setup {
|
||||||
exec { 'keystone-manage pki_setup':
|
exec { 'keystone-manage pki_setup':
|
||||||
path => '/usr/bin',
|
path => '/usr/bin',
|
||||||
user => 'keystone',
|
|
||||||
refreshonly => true,
|
refreshonly => true,
|
||||||
creates => $signing_keyfile,
|
creates => $signing_keyfile,
|
||||||
notify => Service[$service_name],
|
notify => Service[$service_name],
|
||||||
subscribe => Package['keystone'],
|
subscribe => Package['keystone'],
|
||||||
require => User['keystone'],
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -939,7 +918,6 @@ class keystone(
|
||||||
validate_string($fernet_key_repository)
|
validate_string($fernet_key_repository)
|
||||||
exec { 'keystone-manage fernet_setup':
|
exec { 'keystone-manage fernet_setup':
|
||||||
path => '/usr/bin',
|
path => '/usr/bin',
|
||||||
user => 'keystone',
|
|
||||||
refreshonly => true,
|
refreshonly => true,
|
||||||
creates => "${fernet_key_repository}/0",
|
creates => "${fernet_key_repository}/0",
|
||||||
notify => Service[$service_name],
|
notify => Service[$service_name],
|
||||||
|
|
|
@ -28,7 +28,8 @@ describe 'keystone::cron::token_flush' do
|
||||||
:hour => params[:hour],
|
:hour => params[:hour],
|
||||||
:monthday => params[:monthday],
|
:monthday => params[:monthday],
|
||||||
:month => params[:month],
|
:month => params[:month],
|
||||||
:weekday => params[:weekday]
|
:weekday => params[:weekday],
|
||||||
|
:require => 'Package[keystone]',
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -50,7 +51,31 @@ describe 'keystone::cron::token_flush' do
|
||||||
:hour => params[:hour],
|
:hour => params[:hour],
|
||||||
:monthday => params[:monthday],
|
:monthday => params[:monthday],
|
||||||
:month => params[:month],
|
:month => params[:month],
|
||||||
:weekday => params[:weekday]
|
:weekday => params[:weekday],
|
||||||
|
:require => 'Package[keystone]',
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'when specifying a user param' do
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:user => 'keystonecustom'
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures a cron with delay' do
|
||||||
|
is_expected.to contain_cron('keystone-manage token_flush').with(
|
||||||
|
:ensure => 'present',
|
||||||
|
:command => 'keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1',
|
||||||
|
:environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
|
||||||
|
:user => 'keystonecustom',
|
||||||
|
:minute => 1,
|
||||||
|
:hour => 0,
|
||||||
|
:monthday => '*',
|
||||||
|
:month => '*',
|
||||||
|
:weekday => '*',
|
||||||
|
:require => 'Package[keystone]',
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -72,7 +97,8 @@ describe 'keystone::cron::token_flush' do
|
||||||
:hour => params[:hour],
|
:hour => params[:hour],
|
||||||
:monthday => params[:monthday],
|
:monthday => params[:monthday],
|
||||||
:month => params[:month],
|
:month => params[:month],
|
||||||
:weekday => params[:weekday]
|
:weekday => params[:weekday],
|
||||||
|
:require => 'Package[keystone]',
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -9,7 +9,6 @@ describe 'keystone::db::sync' do
|
||||||
:user => 'keystone',
|
:user => 'keystone',
|
||||||
:refreshonly => true,
|
:refreshonly => true,
|
||||||
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
||||||
:require => 'User[keystone]'
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
@ -27,7 +26,6 @@ describe 'keystone::db::sync' do
|
||||||
:user => 'keystone',
|
:user => 'keystone',
|
||||||
:refreshonly => true,
|
:refreshonly => true,
|
||||||
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
||||||
:require => 'User[keystone]'
|
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
|
@ -127,24 +127,10 @@ describe 'keystone' do
|
||||||
'ensure' => param_hash['client_package_ensure'],
|
'ensure' => param_hash['client_package_ensure'],
|
||||||
) }
|
) }
|
||||||
|
|
||||||
it { is_expected.to contain_group('keystone').with(
|
|
||||||
'ensure' => 'present',
|
|
||||||
'system' => true
|
|
||||||
) }
|
|
||||||
|
|
||||||
it { is_expected.to contain_user('keystone').with(
|
|
||||||
'ensure' => 'present',
|
|
||||||
'gid' => 'keystone',
|
|
||||||
'system' => true
|
|
||||||
) }
|
|
||||||
|
|
||||||
it 'should contain the expected directories' do
|
it 'should contain the expected directories' do
|
||||||
['/etc/keystone', '/var/log/keystone', '/var/lib/keystone'].each do |d|
|
['/etc/keystone', '/var/log/keystone', '/var/lib/keystone'].each do |d|
|
||||||
is_expected.to contain_file(d).with(
|
is_expected.to contain_file(d).with(
|
||||||
'ensure' => 'directory',
|
'ensure' => 'directory',
|
||||||
'owner' => 'keystone',
|
|
||||||
'group' => 'keystone',
|
|
||||||
'mode' => '0750',
|
|
||||||
'require' => 'Package[keystone]'
|
'require' => 'Package[keystone]'
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
@ -157,7 +143,6 @@ describe 'keystone' do
|
||||||
:user => 'keystone',
|
:user => 'keystone',
|
||||||
:refreshonly => true,
|
:refreshonly => true,
|
||||||
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
:subscribe => ['Package[keystone]', 'Keystone_config[database/connection]'],
|
||||||
:require => 'User[keystone]'
|
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue