b8dfd90084
... because that version is quite old and we don't expect it is still used. This also updates the output string used in unit tests according to the one in newer versions. Change-Id: I18a8ced73197efe96964d760c3a97703f8d8b6b9
130 lines
3.6 KiB
Ruby
130 lines
3.6 KiB
Ruby
require 'json'
|
|
require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/keystone')
|
|
|
|
class Puppet::Error::OpenstackDuplicateRemoteId < Puppet::Error; end
|
|
|
|
Puppet::Type.type(:keystone_identity_provider).provide(
|
|
:openstack,
|
|
:parent => Puppet::Provider::Keystone
|
|
) do
|
|
|
|
desc 'Provider to manage keystone identity provider.'
|
|
|
|
@credentials = Puppet::Provider::Openstack::CredentialsV3.new
|
|
|
|
mk_resource_methods
|
|
|
|
def create
|
|
properties = []
|
|
remote_ids = []
|
|
remote_id_file = []
|
|
option_enable = '--enable'
|
|
|
|
remote_ids += resource[:remote_ids] if resource[:remote_ids]
|
|
|
|
remote_id_file += ['--remote-id-file', resource[:remote_id_file]] if
|
|
resource[:remote_id_file]
|
|
|
|
properties += self.class.remote_ids_cli(remote_ids)
|
|
properties += remote_id_file
|
|
|
|
option_enable = '--disable' if resource[:enabled] == :false
|
|
properties << option_enable
|
|
|
|
properties += ['--description', resource[:description]] if
|
|
resource[:description]
|
|
properties << resource[:name]
|
|
|
|
@property_hash = self.class.system_request('identity provider',
|
|
'create',
|
|
properties)
|
|
|
|
rescue Puppet::ExecutionFailure => e
|
|
if e.message =~
|
|
/openstack Conflict occurred attempting to store identity_provider/
|
|
raise(Puppet::Error::OpenstackDuplicateRemoteId,
|
|
'One of the remote-id of this resource is already ' \
|
|
'registered by another identity provider: ' \
|
|
"#{e.message}")
|
|
else
|
|
raise e
|
|
end
|
|
else
|
|
@property_hash[:ensure] = :present
|
|
end
|
|
|
|
def destroy
|
|
self.class.system_request('identity provider', 'delete', id)
|
|
@property_hash.clear
|
|
end
|
|
|
|
def exists?
|
|
@property_hash[:ensure] == :present
|
|
end
|
|
|
|
def self.instances
|
|
list = system_request('identity provider', 'list')
|
|
list.collect do |identity_provider|
|
|
|
|
current_resource =
|
|
system_request('identity provider', 'show', identity_provider[:id])
|
|
new(
|
|
:name => identity_provider[:id],
|
|
:id => identity_provider[:id],
|
|
:description => identity_provider[:description],
|
|
:enabled => identity_provider[:enabled].downcase.chomp == 'true' ? true : false,
|
|
:remote_ids => clean_remote_ids(current_resource[:remote_ids]),
|
|
:ensure => :present
|
|
)
|
|
end
|
|
end
|
|
|
|
def self.prefetch(resources)
|
|
identity_providers = instances
|
|
resources.keys.each do |name|
|
|
if provider = identity_providers.find { |existing| existing.name == name }
|
|
resources[name].provider = provider
|
|
end
|
|
end
|
|
end
|
|
|
|
# puppetlabs/PUP-1470: to be removed when puppet 3.5 is no longer supported.
|
|
def enabled
|
|
if @property_hash[:enabled].nil?
|
|
:absent
|
|
else
|
|
@property_hash[:enabled]
|
|
end
|
|
end
|
|
|
|
def enabled=(value)
|
|
options = value == :false ? ['--disable'] : ['--enable']
|
|
options << id
|
|
self.class.system_request('identity provider', 'set', options)
|
|
end
|
|
|
|
def remote_ids=(value)
|
|
options = []
|
|
options += self.class.remote_ids_cli(value)
|
|
self.class.system_request('identity provider', 'set', options + [id]) unless
|
|
options.empty?
|
|
end
|
|
|
|
def remote_id_file=(value)
|
|
options = ['--remote-id-file', value]
|
|
self.class.system_request('identity provider', 'set', options + [id])
|
|
end
|
|
|
|
def remote_id_file
|
|
remote_ids
|
|
end
|
|
|
|
def self.clean_remote_ids(remote_ids)
|
|
remote_ids.split(',').map(&:strip)
|
|
end
|
|
|
|
def self.remote_ids_cli(remote_ids)
|
|
remote_ids.map { |e| ['--remote-id', e.to_s] }.flatten
|
|
end
|
|
end
|