a5da52ec52
This code moves all deps to an external class so that Keystone can be installed with mechanisms besides packages (like venv or docker). This also cleans-up the dependency tree by removing false or confusing dependencies. Change-Id: If69cd7cba267f75faad51fdbc80a58b24d2095d8 Co-Author: Clayton O'Neill <clayton.oneill@twcable.com>
42 lines
846 B
Puppet
42 lines
846 B
Puppet
# == Class: keystone::policy
|
|
#
|
|
# Configure the keystone policies
|
|
#
|
|
# === Parameters
|
|
#
|
|
# [*policies*]
|
|
# (optional) Set of policies to configure for keystone
|
|
# Example :
|
|
# {
|
|
# 'keystone-context_is_admin' => {
|
|
# 'key' => 'context_is_admin',
|
|
# 'value' => 'true'
|
|
# },
|
|
# 'keystone-default' => {
|
|
# 'key' => 'default',
|
|
# 'value' => 'rule:admin_or_owner'
|
|
# }
|
|
# }
|
|
# Defaults to empty hash.
|
|
#
|
|
# [*policy_path*]
|
|
# (optional) Path to the nova policy.json file
|
|
# Defaults to /etc/keystone/policy.json
|
|
#
|
|
class keystone::policy (
|
|
$policies = {},
|
|
$policy_path = '/etc/keystone/policy.json',
|
|
) {
|
|
|
|
include ::keystone::deps
|
|
|
|
validate_hash($policies)
|
|
|
|
Openstacklib::Policy::Base {
|
|
file_path => $policy_path,
|
|
}
|
|
|
|
create_resources('openstacklib::policy::base', $policies)
|
|
|
|
}
|