Merge "Add description support to keystone_user"

2022-04-12 16:09:49 +00:00 · 2022-04-12 16:09:49 +00:00 · e7e5aff840
parent 6e68e8faf4 9bb3834df4
commit e7e5aff840
7 changed files with 85 additions and 5 deletions
--- a/lib/puppet/provider/keystone.rb
+++ b/lib/puppet/provider/keystone.rb
@ -163,9 +163,14 @@ class Puppet::Provider::Keystone < Puppet::Provider::Openstack

  def self.fetch_user(name, domain)
    domain ||= default_domain
-    system_request('user', 'show',
-                   [name, '--domain', domain],
-                   {:no_retry_exception_msgs => /No user with a name or ID/})
+    user = system_request('user', 'show',
+                          [name, '--domain', domain],
+                          {:no_retry_exception_msgs => /No user with a name or ID/})
+    # The description key is only set if it exists
+    if user and user.key?(:id) and !user.key?(:description)
+        user[:description] = ''
+    end
+    user
  rescue Puppet::ExecutionFailure => e
    raise e unless e.message =~ /No user with a name or ID/
  end
--- a/lib/puppet/provider/keystone_user/openstack.rb
+++ b/lib/puppet/provider/keystone_user/openstack.rb
@ -38,6 +38,9 @@ Puppet::Type.type(:keystone_user).provide(
    if resource[:password]
      properties << '--password' << resource[:password]
    end
+    if resource[:description]
+      properties << '--description' << resource[:description]
+    end
    if resource[:email]
      properties << '--email' << resource[:email]
    end
@ -63,6 +66,7 @@ Puppet::Type.type(:keystone_user).provide(
      options << '--disable' if @property_flush[:enabled] == :false
      # There is a --description flag for the set command, but it does not work if the value is empty
      options << '--password' << resource[:password] if @property_flush[:password]
+      options << '--description' << resource[:description] if @property_flush[:description]
      options << '--email'    << resource[:email]    if @property_flush[:email]
      # project handled in tenant= separately
      unless options.empty?
@ -98,6 +102,10 @@ Puppet::Type.type(:keystone_user).provide(
    @property_flush[:enabled] = value
  end

+  def description=(value)
+    @property_flush[:description] = value
+  end
+
  def email=(value)
    @property_flush[:email] = value
  end
--- a/lib/puppet/type/keystone_user.rb
+++ b/lib/puppet/type/keystone_user.rb
@ -43,6 +43,10 @@ Puppet::Type.newtype(:keystone_user) do
    end
  end

+  newproperty(:description) do
+    newvalues(/\S/)
+  end
+
  newproperty(:email) do
    newvalues(/^(\S+@\S+)|$/)
  end
--- a/releasenotes/notes/keystone-user-provider-description-18806553c4b2be3f.yaml
+++ b/releasenotes/notes/keystone-user-provider-description-18806553c4b2be3f.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Added ``description`` parameter to ``keystone_user`` resource.
--- a/spec/acceptance/keystone_wsgi_apache_spec.rb
+++ b/spec/acceptance/keystone_wsgi_apache_spec.rb
@ -52,6 +52,13 @@ describe 'keystone server running with Apache/WSGI with resources' do
        ensure => present,
        roles  => ['admin'],
      }
+      keystone_user { 'user_with_description':
+        ensure      => present,
+        enabled     => true,
+        description => 'my super description',
+        email       => 'me@example.tld',
+        password    => 'super_secret',
+      }
      # service user exists only in the service_domain - must
      # use v3 api
      keystone::resource::service_identity { 'civ3::service_domain':
@ -79,8 +86,10 @@ describe 'keystone server running with Apache/WSGI with resources' do

    shared_examples_for 'keystone user/tenant/service/role/endpoint resources using v3 API' do |auth_creds|
      it 'should find ci user' do
-        command("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 user list") do |r|
+        command("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 user list --long") do |r|
          expect(r.stdout).to match(/ci/)
+          expect(r.stdout).to match(/user\_with\_description/)
+          expect(r.stdout).to match(/my\ super\ description/)
          expect(r.stderr).to be_empty
        end
      end
--- a/spec/unit/provider/keystone_spec.rb
+++ b/spec/unit/provider/keystone_spec.rb
@ -122,7 +122,7 @@ id="the_project_id"
 name="The User"
 id="the_user_id"
 ')
-      expect(klass.fetch_user('The User', 'Default')).to eq({:name=>"The User", :id=>"the_user_id"})
+      expect(klass.fetch_user('The User', 'Default')).to eq({:name=>"The User", :id=>"the_user_id", :description=>""})
    end
  end

--- a/spec/unit/provider/keystone_user/openstack_spec.rb
+++ b/spec/unit/provider/keystone_user/openstack_spec.rb
@ -110,6 +110,18 @@ username="user1"
          end
        end
      end
+      context '.description' do
+        it 'change the description' do
+          described_class.expects(:openstack)
+            .with('user', 'set', ['--description', 'new description',
+                                     '37b7086693ec482389799da5dc546fa4'])
+            .returns('""')
+          provider.expects(:id).returns('37b7086693ec482389799da5dc546fa4')
+          provider.expects(:resource).returns(:description => 'new description')
+          provider.description = 'new description'
+          provider.flush
+        end
+      end
      context '.email' do
        it 'change the mail' do
          described_class.expects(:openstack)
@ -288,6 +300,44 @@ username="user1"
          }
        ]
      end
+
+      context 'description provided' do
+        let(:resources) do
+          [
+            Puppet::Type.type(:keystone_user).new(
+              :title         => 'user1',
+              :ensure        => :present,
+              :enabled       => 'True',
+              :password      => 'secret',
+              :description   => 'my description',
+              :email         => 'user1@example.com',
+            )
+          ]
+        end
+        before(:each) do
+          described_class.expects(:openstack)
+            .with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--description', 'my description', '--email', 'user1@example.com', '--domain', 'Default'])
+            .returns('description="my description"
+email="user1@example.com"
+enabled="True"
+id="user1_id"
+name="user1"
+username="user1"
+')
+        end
+        include_examples 'create the correct resource', [
+          {
+            'description in resource' => {
+              :name        => 'user1',
+              :ensure      => 'present',
+              :enabled     => 'True',
+              :password    => 'secret',
+              :description => 'my description',
+              :email       => 'user1@example.com'
+            }
+          }
+        ]
+      end
    end

    context 'different name, identical resource' do