Add the ability to control LDAP package mgmt
In some instances you may not want this module managing the LDAP packages, so we'll wrap it with a conditional that defaults to the old behavior. Change-Id: Ib1b401178facf364a6a62e4ca00084c56d0ecc4d
This commit is contained in:
parent
abca05ec47
commit
c11b324573
@ -361,6 +361,11 @@
|
||||
# accepts latest or specific versions.
|
||||
# Defaults to present.
|
||||
#
|
||||
# [*manage_packages*]
|
||||
# (optional) Whether or not this module should manage
|
||||
# LDAP support packages.
|
||||
# Defaults to true.
|
||||
#
|
||||
# === DEPRECATED group/name
|
||||
#
|
||||
# == Dependencies
|
||||
@ -456,13 +461,16 @@ class keystone::ldap(
|
||||
$auth_pool_size = 100,
|
||||
$auth_pool_connection_lifetime = 60,
|
||||
$package_ensure = present,
|
||||
$manage_packages = true,
|
||||
) {
|
||||
|
||||
include ::keystone::deps
|
||||
|
||||
if $manage_packages {
|
||||
$ldap_packages = ['python-ldap', 'python-ldappool']
|
||||
ensure_resource('package', $ldap_packages, { ensure => $package_ensure,
|
||||
tag => 'keystone-package' })
|
||||
}
|
||||
|
||||
if ($tls_cacertdir != undef) {
|
||||
file { $tls_cacertdir:
|
||||
|
@ -364,6 +364,11 @@
|
||||
# accepts latest or specific versions.
|
||||
# Defaults to present.
|
||||
#
|
||||
# [*manage_packages*]
|
||||
# (optional) Whether or not this module should manage
|
||||
# LDAP support packages.
|
||||
# Defaults to true.
|
||||
#
|
||||
# === DEPRECATED group/name
|
||||
#
|
||||
# == Dependencies
|
||||
@ -450,6 +455,7 @@ define keystone::ldap_backend(
|
||||
$auth_pool_size = 100,
|
||||
$auth_pool_connection_lifetime = 60,
|
||||
$package_ensure = present,
|
||||
$manage_packages = true,
|
||||
) {
|
||||
|
||||
include ::keystone::deps
|
||||
@ -474,11 +480,13 @@ define keystone::ldap_backend(
|
||||
|
||||
$domain = $name
|
||||
|
||||
if $manage_packages {
|
||||
$ldap_packages = ['python-ldap', 'python-ldappool']
|
||||
ensure_resource('package', $ldap_packages, {
|
||||
ensure => $package_ensure,
|
||||
tag => ['openstack', 'keystone-package'],
|
||||
})
|
||||
}
|
||||
|
||||
if ($tls_cacertdir != undef) {
|
||||
ensure_resource('file', $tls_cacertdir, { ensure => directory })
|
||||
|
@ -0,0 +1,7 @@
|
||||
---
|
||||
features:
|
||||
- Add the ability to manage LDAP support packages
|
||||
or not. In some instances you may not want this
|
||||
module installing the LDAP support packages even
|
||||
if you are using LDAP with keystone. The default
|
||||
behavior will be no change from before.
|
@ -184,4 +184,12 @@ describe 'keystone::ldap' do
|
||||
end
|
||||
end
|
||||
|
||||
describe 'with packages unmanaged' do
|
||||
let :params do
|
||||
{ :manage_packages => false }
|
||||
end
|
||||
it { is_expected.to_not contain_package('python-ldap') }
|
||||
it { is_expected.to_not contain_package('python-ldappool') }
|
||||
end
|
||||
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user