Merge "Update outdated parameters in manila::volume::cinder"

This commit is contained in:
Zuul 2020-04-27 19:37:58 +00:00 committed by Gerrit Code Review
commit 5be24ae902
3 changed files with 263 additions and 23 deletions

View File

@ -4,11 +4,69 @@
#
# === Parameters
#
# [*insecure*]
# (optional) Verify HTTPS connections
# Defaults to $::os_service_default
#
# [*auth_url*]
# (optional) Authentication URL
# Defaults to $::os_service_default
#
# [*auth_type*]
# (optional) Authentication type to load
# Defaults to $::os_service_default
#
# [*cafile*]
# (optional) PEM encoded Certificate Authority to use when verifying HTTPS
# connections.
# Defaults to $::os_service_default
#
# [*user_domain_name*]
# (optional) User's domain name
# Defaults to 'Default'
#
# [*project_domain_name*]
# (optional) Domain name containing project
# Defaults to 'Default'
#
# [*project_name*]
# (optional) Project name to scope to
# Defaults to 'services'
#
# [*region_name*]
# (optional) Region name for connecting to cinder
# Defaults to $::os_service_default
#
# [*endpoint_type*]
# (optional) The type of cinder endpoint to use when
# looking up in the keystone catalog.
# Defaults to $::os_service_default
#
# [*username*]
# (optional) Username
# Defaults to 'cinder'
#
# [*password*]
# (optional) User's password
# Only required if auth_type has been set to "password"
# Defaults to undef
#
# [*http_retries*]
# (optional) Number of cinderclient retries on failed http calls.
# Defaults to $::os_service_default
#
# [*cross_az_attach*]
# (optional) Allow attach between instance and volume in different
# availability zones.
# Defaults to $::os_service_default
#
# === DEPRECATED PARAMETERS
#
# [*cinder_catalog_info*]
# (optional) Info to match when looking for cinder in the service
# catalog. Format is : separated values of the form:
# <service_type>:<service_name>:<endpoint_type>
# Defaults to 'volume:cinder:publicURL'
# Defaults to undef
#
# [*cinder_ca_certificates_file*]
# (optional) Location of ca certificates file to use for cinder
@ -17,20 +75,20 @@
#
# [*cinder_http_retries*]
# (optional) Number of cinderclient retries on failed http calls.
# Defaults to 3
# Defaults to undef
#
# [*cinder_api_insecure*]
# (optional) Allow to perform insecure SSL requests to cinder
# Defaults to false
# Defaults to undef
#
# [*cinder_cross_az_attach*]
# (optional) Allow attach between instance and volume in different
# availability zones.
# Defaults to true
# Defaults to undef
#
# [*cinder_admin_username*]
# (optional) Cinder admin username.
# Defaults to 'cinder'
# Defaults to undef
#
# [*cinder_admin_password*]
# (optional) Cinder admin password.
@ -38,35 +96,103 @@
#
# [*cinder_admin_tenant_name*]
# (optional) Cinder admin tenant name
# Defaults to 'services'
# Defaults to undef
#
# [*cinder_admin_auth_url*]
# (optional) Identity service url
# Defaults to 'http://localhost:5000/v3'
# Defaults to undef
#
class manila::volume::cinder (
$cinder_catalog_info = 'volume:cinder:publicURL',
$insecure = $::os_service_default,
$auth_url = $::os_service_default,
$auth_type = $::os_service_default,
$cafile = $::os_service_default,
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$project_name = 'services',
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'cinder',
$password = undef,
$http_retries = $::os_service_default,
$cross_az_attach = $::os_service_default,
# DEPRECATED PARAMETERS
$cinder_catalog_info = undef,
$cinder_ca_certificates_file = undef,
$cinder_http_retries = 3,
$cinder_api_insecure = false,
$cinder_cross_az_attach = true,
$cinder_admin_username = 'cinder',
$cinder_http_retries = undef,
$cinder_api_insecure = undef,
$cinder_cross_az_attach = undef,
$cinder_admin_username = undef,
$cinder_admin_password = undef,
$cinder_admin_tenant_name = 'services',
$cinder_admin_auth_url = 'http://localhost:5000/v3',
$cinder_admin_tenant_name = undef,
$cinder_admin_auth_url = undef,
) {
include manila::deps
if $cinder_catalog_info {
warning('The cinder_catalog_info parameter is deprecated, has no effect and will be removed in a future release.')
}
if $cinder_api_insecure {
warning('The cinder_api_insecure parameter is deprecated, use insecure instead.')
}
if $cinder_ca_certificates_file {
warning('The cinder_ca_certificates_file parameter is deprecated, use cafile instead.')
}
if $cinder_admin_username {
warning('The cinder_admin_username parameter is deprecated, use username instead.')
}
if $cinder_admin_password {
warning('The cinder_admin_password parameter is deprecated, use password instead.')
}
if $cinder_admin_tenant_name {
warning('The cinder_admin_tenant_name parameter is deprecated, use project_name instead.')
}
if $cinder_admin_auth_url {
warning('The cinder_admin_auth_url parameter is deprecated, use auth_url instead.')
}
if $cinder_http_retries {
warning('The cinder_http_retries parameter is deprecated, use http_retries instead')
}
if $cinder_cross_az_attach {
warning('The cinder_cross_az_attach parameter is deprecated, use cross_az_attach instead')
}
$insecure_real = pick($cinder_api_insecure, $insecure)
$cafile_real = pick($cinder_ca_certificates_file, $cafile)
$username_real = pick($cinder_admin_username, $username)
$password_real = pick_default($cinder_admin_password, $password)
$project_name_real = pick($cinder_admin_tenant_name, $project_name)
$auth_url_real = pick($cinder_admin_auth_url, $auth_url)
$http_retries_real = pick($cinder_http_retries, $http_retries)
$cross_az_attach_real = pick($cinder_cross_az_attach, $cross_az_attach)
manila_config {
'DEFAULT/cinder_catalog_info': value => $cinder_catalog_info;
'DEFAULT/cinder_ca_certificates_file': value => $cinder_ca_certificates_file;
'DEFAULT/cinder_http_retries': value => $cinder_http_retries;
'DEFAULT/cinder_api_insecure': value => $cinder_api_insecure;
'DEFAULT/cinder_cross_az_attach': value => $cinder_cross_az_attach;
'DEFAULT/cinder_admin_username': value => $cinder_admin_username;
'DEFAULT/cinder_admin_password': value => $cinder_admin_password, secret => true;
'DEFAULT/cinder_admin_tenant_name': value => $cinder_admin_tenant_name;
'DEFAULT/cinder_admin_auth_url': value => $cinder_admin_auth_url;
'cinder/insecure': value => $insecure_real;
'cinder/auth_url': value => $auth_url_real;
'cinder/auth_type': value => $auth_type;
'cinder/cafile': value => $cafile_real;
'cinder/region_name': value => $region_name;
'cinder/endpoint_type': value => $endpoint_type;
'cinder/http_retries': value => $http_retries_real;
'cinder/cross_az_attach': value => $cross_az_attach_real;
}
if $auth_type == 'password' {
manila_config {
'cinder/username': value => $username_real;
'cinder/user_domain_name': value => $user_domain_name;
'cinder/password': value => $password_real, secret => true;
'cinder/project_name': value => $project_name_real;
'cinder/project_domain_name': value => $project_domain_name;
}
}
}

View File

@ -0,0 +1,18 @@
---
features:
- |
Now ``manila::volume::cinder`` can configure required parameters for
Keystone v3 auth.
deprecations:
- |
The following parameters in ``manila::volume::cinder`` class has been
deprecated and will be removed in a future release.
- ``cinder_catalog_info``
- ``cinder_ca_certificates_file``
- ``cinder_http_retries``
- ``cinder_cross_az_attach``
- ``cinder_admin_username``
- ``cinder_admin_password``
- ``cinder_admin_tenant_name``
- ``cinder_admin_auth_url``

View File

@ -0,0 +1,96 @@
require 'spec_helper'
describe 'manila::volume::cinder' do
shared_examples 'manila::cinder' do
context 'with default parameters' do
it 'configures manila volume cinder' do
is_expected.to contain_manila_config('cinder/insecure').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/auth_url').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/auth_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/http_retries').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/cross_az_attach').with_value('<SERVICE DEFAULT>')
# These should be added only when auth_type is 'password'
is_expected.not_to contain_manila_config('cinder/user_domain_name')
is_expected.not_to contain_manila_config('cinder/project_domain_name')
is_expected.not_to contain_manila_config('cinder/project_name')
is_expected.not_to contain_manila_config('cinder/username')
is_expected.not_to contain_manila_config('cinder/password')
end
end
context 'with overridden parameters' do
let :params do
{
:insecure => true,
:auth_url => 'http://127.0.0.2:5000/',
:auth_type => 'password',
:cafile => '/etc/ssl/certs/ca.crt',
:region_name => 'RegionOne',
:endpoint_type => 'publicURL',
:username => 'cinderv1',
:password => '123123',
:http_retries => 3,
:cross_az_attach => true,
}
end
it 'configures manila cinder with overridden parameters' do
is_expected.to contain_manila_config('cinder/insecure').with_value(true)
is_expected.to contain_manila_config('cinder/auth_url').with_value('http://127.0.0.2:5000/')
is_expected.to contain_manila_config('cinder/auth_type').with_value('password')
is_expected.to contain_manila_config('cinder/cafile').with_value('/etc/ssl/certs/ca.crt')
is_expected.to contain_manila_config('cinder/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_name').with_value('services')
is_expected.to contain_manila_config('cinder/region_name').with_value('RegionOne')
is_expected.to contain_manila_config('cinder/endpoint_type').with_value('publicURL')
is_expected.to contain_manila_config('cinder/username').with_value('cinderv1')
is_expected.to contain_manila_config('cinder/password').with_value('123123').with_secret(true)
is_expected.to contain_manila_config('cinder/http_retries').with_value(3)
is_expected.to contain_manila_config('cinder/cross_az_attach').with_value('true')
end
end
context 'with deprecated parameters' do
let :params do
{
:cinder_api_insecure => true,
:cinder_ca_certificates_file => '/foo/ssl/certs/ca.crt',
:auth_type => 'password',
:cinder_admin_tenant_name => 'service2',
:cinder_admin_username => 'cinderv2',
:cinder_admin_password => '321321',
:cinder_http_retries => 3,
:cinder_cross_az_attach => true,
}
end
it 'configures manila volume cinder with deprecated parameters' do
is_expected.to contain_manila_config('cinder/auth_type').with_value('password')
is_expected.to contain_manila_config('cinder/insecure').with_value(true)
is_expected.to contain_manila_config('cinder/cafile').with_value('/foo/ssl/certs/ca.crt')
is_expected.to contain_manila_config('cinder/project_name').with_value('service2')
is_expected.to contain_manila_config('cinder/username').with_value('cinderv2')
is_expected.to contain_manila_config('cinder/password').with_value('321321')
is_expected.to contain_manila_config('cinder/http_retries').with_value(3)
is_expected.to contain_manila_config('cinder/cross_az_attach').with_value('true')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
it_behaves_like 'manila::cinder'
end
end
end