Add x509 class to manage x509 config
Add a new class magnum::x509 to manage x509 section of magnum config Change-Id: I7774507d112b1cf94e0240d78f67f7c186ef5b30
This commit is contained in:
parent
ec182eb7c1
commit
4f55ae389d
46
manifests/x509.pp
Normal file
46
manifests/x509.pp
Normal file
@ -0,0 +1,46 @@
|
|||||||
|
# == Class: magnum::x509
|
||||||
|
#
|
||||||
|
# Manages the magnum x509 config
|
||||||
|
#
|
||||||
|
# === Parameters:
|
||||||
|
#
|
||||||
|
# [*allow_ca*]
|
||||||
|
# (optional) Certificate can get the CA flag in x509 extensions.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*allowed_extensions*]
|
||||||
|
# (optional) List of allowed x509 extensions.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*allowed_key_usage*]
|
||||||
|
# (optional) List of allowed x509 key usage.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*term_of_validity*]
|
||||||
|
# (optional) Number of days for which a certificate is valid.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*rsa_key_size*]
|
||||||
|
# (optional) Size of generated private key.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
class magnum::x509 (
|
||||||
|
$allow_ca = $::os_service_default,
|
||||||
|
$allowed_extensions = $::os_service_default,
|
||||||
|
$allowed_key_usage = $::os_service_default,
|
||||||
|
$term_of_validity = $::os_service_default,
|
||||||
|
$rsa_key_size = $::os_service_default,
|
||||||
|
) {
|
||||||
|
|
||||||
|
include magnum::deps
|
||||||
|
|
||||||
|
magnum_config {
|
||||||
|
'x509/allow_ca': value => $allow_ca;
|
||||||
|
'x509/allowed_extensions': value => join(any2array($allowed_extensions), ',');
|
||||||
|
'x509/allowed_key_usage': value => join(any2array($allowed_key_usage), ',');
|
||||||
|
'x509/term_of_validity': value => $term_of_validity;
|
||||||
|
'x509/rsa_key_size': value => $rsa_key_size;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
5
releasenotes/notes/add-x509-9143664020ffef4c.yaml
Normal file
5
releasenotes/notes/add-x509-9143664020ffef4c.yaml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
A new ``magnum::x509`` class has been added to manage the [x509] section of
|
||||||
|
magnum config.
|
48
spec/classes/magnum_x509_spec.rb
Normal file
48
spec/classes/magnum_x509_spec.rb
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'magnum::x509' do
|
||||||
|
|
||||||
|
shared_examples 'magnum::x509' do
|
||||||
|
|
||||||
|
context 'with default parameters' do
|
||||||
|
let :params do
|
||||||
|
{}
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allow_ca').with_value('<SERVICE DEFAULT>') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allowed_extensions').with_value('<SERVICE DEFAULT>') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allowed_key_usage').with_value('<SERVICE DEFAULT>') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/term_of_validity').with_value('<SERVICE DEFAULT>') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/rsa_key_size').with_value('<SERVICE DEFAULT>') }
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with specific parameters' do
|
||||||
|
let :params do
|
||||||
|
{ :allow_ca => true,
|
||||||
|
:allowed_extensions => ['keyUsage', 'extendedKeyUsage'],
|
||||||
|
:allowed_key_usage => ['Digital Signature', 'Non Repudiation'],
|
||||||
|
:term_of_validity => 3650,
|
||||||
|
:rsa_key_size => 4096,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allow_ca').with_value(true) }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allowed_extensions').with_value('keyUsage,extendedKeyUsage') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/allowed_key_usage').with_value('Digital Signature,Non Repudiation') }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/term_of_validity').with_value(3650) }
|
||||||
|
it { is_expected.to contain_magnum_config('x509/rsa_key_size').with_value(4096) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
on_supported_os({
|
||||||
|
:supported_os => OSDefaults.get_supported_os
|
||||||
|
}).each do |os,facts|
|
||||||
|
context "on #{os}" do
|
||||||
|
let (:facts) do
|
||||||
|
facts.merge!(OSDefaults.get_facts())
|
||||||
|
end
|
||||||
|
|
||||||
|
it_configures 'magnum::x509'
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue
Block a user