openstack/puppet-keystone
Code Issues Proposed changes

Add the ability to control LDAP package mgmt

Browse Source 
In some instances you may not want this module managing the LDAP
packages, so we'll wrap it with a conditional that defaults to the old
behavior.

Change-Id: Ib1b401178facf364a6a62e4ca00084c56d0ecc4d
This commit is contained in:
Matt Fischer 2016-03-23 08:36:32 -06:00
parent abca05ec47
commit c11b324573
4 changed files with 40 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
manifests/ldap.pp
View File

@ -361,6 +361,11 @@
# accepts latest or specific versions. # accepts latest or specific versions.
# Defaults to present. # Defaults to present.
# #
# [*manage_packages*]
# (optional) Whether or not this module should manage
# LDAP support packages.
# Defaults to true.
#
# === DEPRECATED group/name # === DEPRECATED group/name
# #
# == Dependencies # == Dependencies
@ -456,13 +461,16 @@ class keystone::ldap(
$auth_pool_size = 100, $auth_pool_size = 100,
$auth_pool_connection_lifetime = 60, $auth_pool_connection_lifetime = 60,
$package_ensure = present, $package_ensure = present,
$manage_packages = true,
) { ) {
include ::keystone::deps include ::keystone::deps
$ldap_packages = ['python-ldap', 'python-ldappool'] if $manage_packages {
ensure_resource('package', $ldap_packages, { ensure => $package_ensure, $ldap_packages = ['python-ldap', 'python-ldappool']
tag => 'keystone-package' }) ensure_resource('package', $ldap_packages, { ensure => $package_ensure,
tag => 'keystone-package' })
}
if ($tls_cacertdir != undef) { if ($tls_cacertdir != undef) {
file { $tls_cacertdir: file { $tls_cacertdir:

18
manifests/ldap_backend.pp
View File

@ -364,6 +364,11 @@
# accepts latest or specific versions. # accepts latest or specific versions.
# Defaults to present. # Defaults to present.
# #
# [*manage_packages*]
# (optional) Whether or not this module should manage
# LDAP support packages.
# Defaults to true.
#
# === DEPRECATED group/name # === DEPRECATED group/name
# #
# == Dependencies # == Dependencies
@ -450,6 +455,7 @@ define keystone::ldap_backend(
$auth_pool_size = 100, $auth_pool_size = 100,
$auth_pool_connection_lifetime = 60, $auth_pool_connection_lifetime = 60,
$package_ensure = present, $package_ensure = present,
$manage_packages = true,
) { ) {
include ::keystone::deps include ::keystone::deps
@ -474,11 +480,13 @@ define keystone::ldap_backend(
$domain = $name $domain = $name
$ldap_packages = ['python-ldap', 'python-ldappool'] if $manage_packages {
ensure_resource('package', $ldap_packages, { $ldap_packages = ['python-ldap', 'python-ldappool']
ensure => $package_ensure, ensure_resource('package', $ldap_packages, {
tag => ['openstack', 'keystone-package'], ensure => $package_ensure,
}) tag => ['openstack', 'keystone-package'],
})
}
if ($tls_cacertdir != undef) { if ($tls_cacertdir != undef) {
ensure_resource('file', $tls_cacertdir, { ensure => directory }) ensure_resource('file', $tls_cacertdir, { ensure => directory })

7
releasenotes/notes/manage_ldap_packages-3b739e338f3e59c2.yaml Normal file
View File

@ -0,0 +1,7 @@
---
features:
- Add the ability to manage LDAP support packages
or not. In some instances you may not want this
module installing the LDAP support packages even
if you are using LDAP with keystone. The default
behavior will be no change from before.

8
spec/classes/keystone_ldap_spec.rb
View File

@ -184,4 +184,12 @@ describe 'keystone::ldap' do
end end
end end
describe 'with packages unmanaged' do
let :params do
{ :manage_packages => false }
end
it { is_expected.to_not contain_package('python-ldap') }
it { is_expected.to_not contain_package('python-ldappool') }
end
end end