openstack/puppet-keystone
Code Issues Proposed changes
Files
e6c53594f3b32663611e09770211a6db0b69fee9
puppet-keystone/spec/classes/keystone_wsgi_apache_spec.rb
Alex Schultz e6c53594f3 Make admin and public scripts configurable 
When we switched to using the package provided wsgi scripts for
keystone, we lost the ability to override these scripts. This change
updates the apache::wsgi::apache class to actually allow for the
overriding of the admin and public wsgi scripts.

Change-Id: I683f1ef95700d9382d480a1daca41cf9ed5ccd26
2016-07-06 12:13:37 -06:00

399 lines
15 KiB
Ruby
Raw Blame History

require 'spec_helper'
describe 'keystone::wsgi::apache' do
let :global_facts do
{
:processorcount => 42,
:concat_basedir => '/var/lib/puppet/concat',
:fqdn => 'some.host.tld'
}
end
let :pre_condition do
[
'class { keystone: admin_token => "dummy", service_name => "httpd", enable_ssl => true }'
]
end
shared_examples_for 'apache serving keystone with mod_wsgi' do
it { is_expected.to contain_service('httpd').with_name(platform_parameters[:httpd_service_name]) }
it { is_expected.to contain_class('keystone::params') }
it { is_expected.to contain_class('apache') }
it { is_expected.to contain_class('apache::mod::wsgi') }
it { is_expected.to contain_class('keystone::db::sync') }
describe 'with default parameters' do
it { is_expected.to contain_file("#{platform_parameters[:wsgi_script_path]}").with(
'ensure' => 'directory',
'owner' => 'keystone',
'group' => 'keystone',
'require' => 'Anchor[keystone::install::end]',
)}
it { is_expected.to contain_file('keystone_wsgi_admin').with(
'ensure' => 'file',
'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin",
'source' => platform_parameters[:wsgi_admin_script_source],
'owner' => 'keystone',
'group' => 'keystone',
'mode' => '0644',
'require' => "File[#{platform_parameters[:wsgi_script_path]}]",
)}
it { is_expected.to contain_file('keystone_wsgi_main').with(
'ensure' => 'file',
'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-public",
'source' => platform_parameters[:wsgi_public_script_source],
'owner' => 'keystone',
'group' => 'keystone',
'mode' => '0644',
'require' => "File[#{platform_parameters[:wsgi_script_path]}]",
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with(
'servername' => 'some.host.tld',
'ip' => nil,
'port' => '35357',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'keystone',
'docroot_group' => 'keystone',
'ssl' => 'true',
'wsgi_daemon_process' => 'keystone_admin',
'wsgi_daemon_process_options' => {
'user' => 'keystone',
'group' => 'keystone',
'processes' => '1',
'threads' => '42',
'display-name' => 'keystone-admin',
},
'wsgi_process_group' => 'keystone_admin',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin" },
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'headers' => nil,
'require' => 'File[keystone_wsgi_admin]',
'access_log_format' => false,
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'servername' => 'some.host.tld',
'ip' => nil,
'port' => '5000',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'keystone',
'docroot_group' => 'keystone',
'ssl' => 'true',
'wsgi_daemon_process' => 'keystone_main',
'wsgi_daemon_process_options' => {
'user' => 'keystone',
'group' => 'keystone',
'processes' => '1',
'threads' => '42',
'display-name' => 'keystone-main',
},
'wsgi_process_group' => 'keystone_main',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" },
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'headers' => nil,
'require' => 'File[keystone_wsgi_main]',
'access_log_format' => false,
)}
it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
end
describe 'when overriding parameters using different ports' do
let :params do
{
:servername => 'dummy.host',
:bind_host => '10.42.51.1',
:admin_bind_host => '10.42.51.2',
:public_port => 12345,
:admin_port => 4142,
:ssl => false,
:workers => 37,
:vhost_custom_fragment => 'LimitRequestFieldSize 81900'
}
end
it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with(
'servername' => 'dummy.host',
'ip' => '10.42.51.2',
'port' => '4142',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'keystone',
'docroot_group' => 'keystone',
'ssl' => 'false',
'wsgi_daemon_process' => 'keystone_admin',
'wsgi_daemon_process_options' => {
'user' => 'keystone',
'group' => 'keystone',
'processes' => '37',
'threads' => '42',
'display-name' => 'keystone-admin',
},
'wsgi_process_group' => 'keystone_admin',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin" },
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'require' => 'File[keystone_wsgi_admin]',
'custom_fragment' => 'LimitRequestFieldSize 81900'
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'servername' => 'dummy.host',
'ip' => '10.42.51.1',
'port' => '12345',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'keystone',
'docroot_group' => 'keystone',
'ssl' => 'false',
'wsgi_daemon_process' => 'keystone_main',
'wsgi_daemon_process_options' => {
'user' => 'keystone',
'group' => 'keystone',
'processes' => '37',
'threads' => '42',
'display-name' => 'keystone-main',
},
'wsgi_process_group' => 'keystone_main',
'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" },
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'require' => 'File[keystone_wsgi_main]',
'custom_fragment' => 'LimitRequestFieldSize 81900'
)}
it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
end
describe 'when admin_bind_host is not set default to bind_host' do
let :params do
{
:servername => 'dummy.host',
:bind_host => '10.42.51.1',
:public_port => 12345,
:admin_port => 4142,
:ssl => false,
:workers => 37,
:vhost_custom_fragment => 'LimitRequestFieldSize 81900'
}
end
it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with(
'ip' => '10.42.51.1'
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'ip' => '10.42.51.1'
)}
it { is_expected.to contain_concat("#{platform_parameters[:httpd_ports_file]}") }
end
describe 'when overriding parameters using same port' do
let :params do
{
:servername => 'dummy.host',
:public_port => 4242,
:admin_port => 4242,
:public_path => '/main/endpoint/',
:admin_path => '/admin/endpoint/',
:ssl => true,
:workers => 37,
}
end
it { is_expected.to_not contain_apache__vhost('keystone_wsgi_admin') }
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'servername' => 'dummy.host',
'ip' => nil,
'port' => '4242',
'docroot' => "#{platform_parameters[:wsgi_script_path]}",
'docroot_owner' => 'keystone',
'docroot_group' => 'keystone',
'ssl' => 'true',
'wsgi_daemon_process' => 'keystone_main',
'wsgi_daemon_process_options' => {
'user' => 'keystone',
'group' => 'keystone',
'processes' => '37',
'threads' => '42',
'display-name' => 'keystone-main',
},
'wsgi_process_group' => 'keystone_main',
'wsgi_script_aliases' => {
'/main/endpoint' => "#{platform_parameters[:wsgi_script_path]}/keystone-public",
'/admin/endpoint' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin"
},
'wsgi_application_group' => '%{GLOBAL}',
'wsgi_pass_authorization' => 'On',
'require' => 'File[keystone_wsgi_main]'
)}
end
describe 'when overriding parameters using same port and same path' do
let :params do
{
:servername => 'dummy.host',
:public_port => 4242,
:admin_port => 4242,
:public_path => '/endpoint/',
:admin_path => '/endpoint/',
:ssl => true,
:workers => 37,
}
end
it_raises 'a Puppet::Error', /When using the same port for public & private endpoints, public_path and admin_path should be different\./
end
describe 'when overriding default apache logging' do
let :params do
{
:servername => 'dummy.host',
:access_log_format => 'foo',
}
end
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'servername' => 'dummy.host',
'access_log_format' => 'foo',
)}
end
describe 'when overriding parameters using symlink and custom file source' do
let :params do
{
:wsgi_script_ensure => 'link',
:wsgi_script_source => '/opt/keystone/httpd/keystone.py',
}
end
it { is_expected.to contain_file('keystone_wsgi_admin').with(
'ensure' => 'link',
'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-admin",
'target' => '/opt/keystone/httpd/keystone.py',
'owner' => 'keystone',
'group' => 'keystone',
'mode' => '0644',
'require' => "File[#{platform_parameters[:wsgi_script_path]}]",
)}
it { is_expected.to contain_file('keystone_wsgi_main').with(
'ensure' => 'link',
'path' => "#{platform_parameters[:wsgi_script_path]}/keystone-public",
'target' => '/opt/keystone/httpd/keystone.py',
'owner' => 'keystone',
'group' => 'keystone',
'mode' => '0644',
'require' => "File[#{platform_parameters[:wsgi_script_path]}]",
)}
end
describe 'when overriding parameters using wsgi chunked request' do
let :params do
{
:wsgi_chunked_request => 'On'
}
end
it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with(
'wsgi_chunked_request' => 'On'
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'wsgi_chunked_request' => 'On'
)}
end
describe 'when overriding parameters using additional headers' do
let :params do
{
:headers => 'set X-Frame-Options "DENY"'
}
end
it { is_expected.to contain_apache__vhost('keystone_wsgi_admin').with(
'headers' => 'set X-Frame-Options "DENY"'
)}
it { is_expected.to contain_apache__vhost('keystone_wsgi_main').with(
'headers' => 'set X-Frame-Options "DENY"'
)}
end
describe 'when overriding script paths with link' do
let :params do
{
:wsgi_file_target => 'link',
:wsgi_admin_script_source => '/home/foo/admin-script',
:wsgi_public_script_source => '/home/foo/public-script',
}
end
it 'should contain correct files' do
is_expected.to contain_file('keystone_wsgi_admin').with(
'path' => "#{facts[:wsgi_script_path]}/keystone-admin",
'target' => params[:wsgi_admin_script_source]
)
is_expected.to contain_file('keystone_wsgi_main').with(
'path' => "#{facts[:wsgi_script_path]}/keystone-public",
'target' => params[:wsgi_public_script_source]
)
end
end
describe 'when overriding script paths with source' do
let :params do
{
:wsgi_admin_script_source => '/home/foo/admin-script',
:wsgi_public_script_source => '/home/foo/public-script',
}
end
it 'should contain correct files' do
is_expected.to contain_file('keystone_wsgi_admin').with(
'path' => "#{facts[:wsgi_script_path]}/keystone-admin",
'source' => params[:wsgi_admin_script_source]
)
is_expected.to contain_file('keystone_wsgi_main').with(
'path' => "#{facts[:wsgi_script_path]}/keystone-public",
'source' => params[:wsgi_public_script_source]
)
end
end
end
on_supported_os({
}).each do |os,facts|
let (:facts) do
facts.merge!(OSDefaults.get_facts({}))
end
let(:platform_parameters) do
case facts[:osfamily]
when 'Debian'
{
:httpd_service_name => 'apache2',
:httpd_ports_file => '/etc/apache2/ports.conf',
:wsgi_script_path => '/usr/lib/cgi-bin/keystone',
:wsgi_admin_script_source => '/usr/bin/keystone-wsgi-admin',
:wsgi_public_script_source => '/usr/bin/keystone-wsgi-public'
}
when 'RedHat'
{
:httpd_service_name => 'httpd',
:httpd_ports_file => '/etc/httpd/conf/ports.conf',
:wsgi_script_path => '/var/www/cgi-bin/keystone',
:wsgi_admin_script_source => '/usr/bin/keystone-wsgi-admin',
:wsgi_public_script_source => '/usr/bin/keystone-wsgi-public'
}
end
end
end
end
View Git Blame Copy Permalink