From f65517dcf02145606c3c524c52d237639775a0e7 Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragstad@gmail.com>
Date: Wed, 18 Mar 2020 18:04:58 +0000
Subject: [PATCH] Update ldap-backend options

Several of the options defined in ldap_backend.pp were using duplicate
values already specified in keystone/conf/ldap.py. Instead of
duplicating the same value, we can set them to undefined and just let
the default values from keystone come through.

This commit also updates the values of use_pool and use_auth_pool to
True so they're consistent with the default values in keystone.

Co-Authored-By: Dave Wilde <dwilde@redhat.com>

Change-Id: I507d1b736dbbb147c67b9d399c033703b432b16d
(cherry picked from commit 1081ac51db7f560e5856809480fb98c215747476)
(cherry picked from commit e59b90669832d5bc20da2da0c0ac5ed9c16e656f)
(cherry picked from commit 2821509f0e7f67b711257d1621dfe28701b910aa)
(cherry picked from commit 6e29624320cb4cb5ed3bcc4bc93cae609cd3effe)
---
 manifests/ldap_backend.pp                    | 36 ++++++++++----------
 spec/acceptance/keystone_wsgi_apache_spec.rb | 18 ----------
 2 files changed, 18 insertions(+), 36 deletions(-)

diff --git a/manifests/ldap_backend.pp b/manifests/ldap_backend.pp
index 5ee5d2d00..ec6d64794 100644
--- a/manifests/ldap_backend.pp
+++ b/manifests/ldap_backend.pp
@@ -341,40 +341,40 @@
 #
 # [*use_pool*]
 #   Enable LDAP connection pooling. (boolean value)
-#   Defaults to false
+#   Defaults to 'undef'
 #
 # [*pool_size*]
 #   Connection pool size. (integer value)
-#   Defaults to '10'
+#   Defaults to 'undef'
 #
 # [*pool_retry_max*]
 #   Maximum count of reconnect trials. (integer value)
-#   Defaults to '3'
+#   Defaults to 'undef'
 #
 # [*pool_retry_delay*]
 #   Time span in seconds to wait between two reconnect trials. (floating point value)
-#   Defaults to '0.1'
+#   Defaults to 'undef'
 #
 # [*pool_connection_timeout*]
 #   Connector timeout in seconds. Value -1 indicates indefinite wait for response. (integer value)
-#   Defaults to '-1'
+#   Defaults to 'undef'
 #
 # [*pool_connection_lifetime*]
 #   Connection lifetime in seconds. (integer value)
-#   Defaults to '600'
+#   Defaults to 'undef'
 #
 # [*use_auth_pool*]
 #   Enable LDAP connection pooling for end user authentication.
 #   If use_pool is disabled, then this setting is meaningless and is not used at all. (boolean value)
-#   Defaults to false
+#   Defaults to 'undef'
 #
 # [*auth_pool_size*]
 #   End user auth connection pool size. (integer value)
-#   Defaults to '100'
+#   Defaults to 'undef'
 #
 # [*auth_pool_connection_lifetime*]
 #   End user auth connection lifetime in seconds. (integer value)
-#   Defaults to '60'
+#   Defaults to 'undef'
 #
 # [*package_ensure*]
 #   (optional) Desired ensure state of packages.
@@ -471,15 +471,15 @@ define keystone::ldap_backend(
   $identity_driver                      = 'ldap',
   $assignment_driver                    = undef,
   $credential_driver                    = undef,
-  $use_pool                             = false,
-  $pool_size                            = 10,
-  $pool_retry_max                       = 3,
-  $pool_retry_delay                     = 0.1,
-  $pool_connection_timeout              = -1,
-  $pool_connection_lifetime             = 600,
-  $use_auth_pool                        = false,
-  $auth_pool_size                       = 100,
-  $auth_pool_connection_lifetime        = 60,
+  $use_pool                             = undef,
+  $pool_size                            = undef,
+  $pool_retry_max                       = undef,
+  $pool_retry_delay                     = undef,
+  $pool_connection_timeout              = undef,
+  $pool_connection_lifetime             = undef,
+  $use_auth_pool                        = undef,
+  $auth_pool_size                       = undef,
+  $auth_pool_connection_lifetime        = undef,
   $package_ensure                       = present,
   $manage_packages                      = true,
   $create_domain_entry                  = false,
diff --git a/spec/acceptance/keystone_wsgi_apache_spec.rb b/spec/acceptance/keystone_wsgi_apache_spec.rb
index 007f9afb4..05143c4ed 100644
--- a/spec/acceptance/keystone_wsgi_apache_spec.rb
+++ b/spec/acceptance/keystone_wsgi_apache_spec.rb
@@ -353,17 +353,8 @@ EOC
           it_behaves_like 'a_valid_configuration', <<-EOC
 
 [ldap]
-use_pool=False
-pool_retry_delay=0.1
 url=ldap://foo
-auth_pool_size=100
-auth_pool_connection_lifetime=60
 user=cn=foo,dc=example,dc=com
-pool_connection_timeout=-1
-use_auth_pool=False
-pool_connection_lifetime=600
-pool_size=10
-pool_retry_max=3
 EOC
         end
 
@@ -371,17 +362,8 @@ EOC
           it_behaves_like 'a_valid_configuration', <<-EOC
 
 [ldap]
-pool_retry_delay=0.1
 url=ldap://bar
 user=cn=bar,dc=test,dc=com
-use_pool=False
-pool_retry_max=3
-pool_size=10
-auth_pool_size=100
-auth_pool_connection_lifetime=60
-use_auth_pool=False
-pool_connection_lifetime=600
-pool_connection_timeout=-1
 EOC
         end
       end