puppet-neutron/spec/classes/neutron_keystone_auth_spec.rb

require 'spec_helper'

describe 'neutron::keystone::auth' do

  describe 'with default class parameters' do
    let :params do
      {
        :password => 'neutron_password',
        :tenant   => 'foobar'
      }
    end

    it { should contain_keystone_user('neutron').with(
      :ensure   => 'present',
      :password => 'neutron_password',
      :tenant   => 'foobar'
    ) }

    it { should contain_keystone_user_role('neutron@foobar').with(
      :ensure  => 'present',
      :roles   => 'admin'
    )}

    it { should contain_keystone_service('neutron').with(
      :ensure      => 'present',
      :type        => 'network',
      :description => 'Neutron Networking Service'
    ) }

    it { should contain_keystone_endpoint('RegionOne/neutron').with(
      :ensure       => 'present',
      :public_url   => "http://127.0.0.1:9696/",
      :admin_url    => "http://127.0.0.1:9696/",
      :internal_url => "http://127.0.0.1:9696/"
    ) }

  end

  describe 'when configuring neutron-server' do
    let :pre_condition do
      "class { 'neutron::server': auth_password => 'test' }"
    end

    let :facts do
      { :osfamily => 'Debian' }
    end

    let :params do
      {
        :password => 'neutron_password',
        :tenant   => 'foobar'
      }
    end

    it { should contain_keystone_endpoint('RegionOne/neutron').with_notify('Service[neutron-server]') }
  end

  describe 'when overriding public_protocol, public_port and public address' do

    let :params do
      {
        :password         => 'neutron_password',
        :public_protocol  => 'https',
        :public_port      => '80',
        :public_address   => '10.10.10.10',
        :port             => '81',
        :internal_address => '10.10.10.11',
        :admin_address    => '10.10.10.12'
      }
    end

    it { should contain_keystone_endpoint('RegionOne/neutron').with(
      :ensure       => 'present',
      :public_url   => "https://10.10.10.10:80/",
      :internal_url => "http://10.10.10.11:81/",
      :admin_url    => "http://10.10.10.12:81/"
    ) }

  end

  describe 'when overriding admin_protocol and internal_protocol' do

    let :params do
      {
        :password          => 'neutron_password',
        :admin_protocol    => 'https',
        :internal_protocol => 'https',
      }
    end

    it { should contain_keystone_endpoint('RegionOne/neutron').with(
      :ensure       => 'present',
      :public_url   => "http://127.0.0.1:9696/",
      :admin_url    => "https://127.0.0.1:9696/",
      :internal_url => "https://127.0.0.1:9696/"
    ) }

  end

  describe 'when overriding auth name' do

    let :params do
      {
        :password => 'foo',
        :auth_name => 'neutrony'
      }
    end

    it { should contain_keystone_user('neutrony') }

    it { should contain_keystone_user_role('neutrony@services') }

    it { should contain_keystone_service('neutrony') }

    it { should contain_keystone_endpoint('RegionOne/neutrony') }

  end

  describe 'when overriding service name' do

    let :params do
      {
        :service_name => 'neutron_service',
        :password     => 'neutron_password'
      }
    end

    it { should contain_keystone_user('neutron') }
    it { should contain_keystone_user_role('neutron@services') }
    it { should contain_keystone_service('neutron_service') }
    it { should contain_keystone_endpoint('RegionOne/neutron_service') }

  end

  describe 'when disabling user configuration' do

    let :params do
      {
        :password       => 'neutron_password',
        :configure_user => false
      }
    end

    it { should_not contain_keystone_user('neutron') }

    it { should contain_keystone_user_role('neutron@services') }

    it { should contain_keystone_service('neutron').with(
      :ensure      => 'present',
      :type        => 'network',
      :description => 'Neutron Networking Service'
    ) }

  end

  describe 'when disabling user and user role configuration' do

    let :params do
      {
        :password            => 'neutron_password',
        :configure_user      => false,
        :configure_user_role => false
      }
    end

    it { should_not contain_keystone_user('neutron') }

    it { should_not contain_keystone_user_role('neutron@services') }

    it { should contain_keystone_service('neutron').with(
      :ensure      => 'present',
      :type        => 'network',
      :description => 'Neutron Networking Service'
    ) }

  end

end
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`require 'spec_helper'`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`describe 'neutron::keystone::auth' do`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00
			`describe 'with default class parameters' do`
			`let :params do`
			`{`
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`:password => 'neutron_password',`
Cleans up the keystone manifest This patch makes the following changes to the keystone auth manifest: * Fixes the tenant variable in the Keystone_user_role notification * Modifies the tests to account for the above point Change-Id: I94716b165750f0a89112028608b78ff6712c54de 2013-05-06 14:57:22 -06:00			`:tenant => 'foobar'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`}`
			`end`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_user('neutron').with(`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:ensure => 'present',`
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`:password => 'neutron_password',`
Cleans up the keystone manifest This patch makes the following changes to the keystone auth manifest: * Fixes the tenant variable in the Keystone_user_role notification * Modifies the tests to account for the above point Change-Id: I94716b165750f0a89112028608b78ff6712c54de 2013-05-06 14:57:22 -06:00			`:tenant => 'foobar'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`) }`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_user_role('neutron@foobar').with(`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:ensure => 'present',`
Add basic rspec tests to ensure catalog compiles * Add basic rspec tests * Add required fixtures: mysql, vswitch. * Fix relationship between Package['dnsmasq'] and Package['quantum-dhcp-agent']. RedHat does not have such package and catalog compilation would fail on RedHat platforms. * Restore Ruby 1.8 compatibility by removing trailing comma on the final element of hash. Change-Id: I7cfc2f9b308116fe9c8b7f242f794792be0be678 2013-05-03 01:25:55 -04:00			`:roles => 'admin'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`)}`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_service('neutron').with(`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:ensure => 'present',`
			`:type => 'network',`
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`:description => 'Neutron Networking Service'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`) }`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_endpoint('RegionOne/neutron').with(`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:ensure => 'present',`
			`:public_url => "http://127.0.0.1:9696/",`
			`:admin_url => "http://127.0.0.1:9696/",`
			`:internal_url => "http://127.0.0.1:9696/"`
			`) }`

			`end`

Ensure keystone endpoint set before service starts As neutron-server is mostly useless without having the keystone service+endpoint set, in the case where both keystone and neutron-server are on the same machine, this patch adds a soft dependency to ensure that the keystone catalog includes neutron This has a knock on effect of fixing openstack::provisioner, which would sometimes try to create neutron networks, the type for which soft depends on neutron-server, without there being an endpoint set in the keystone catalog Change-Id: I658e1b3e2c448b9a7da9e013c4e105b9ec824893 2013-10-30 15:10:41 +11:00			`describe 'when configuring neutron-server' do`
			`let :pre_condition do`
			`"class { 'neutron::server': auth_password => 'test' }"`
			`end`

			`let :facts do`
			`{ :osfamily => 'Debian' }`
			`end`

			`let :params do`
			`{`
			`:password => 'neutron_password',`
			`:tenant => 'foobar'`
			`}`
			`end`

			`it { should contain_keystone_endpoint('RegionOne/neutron').with_notify('Service[neutron-server]') }`
			`end`

Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`describe 'when overriding public_protocol, public_port and public address' do`

			`let :params do`
			`{`
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`:password => 'neutron_password',`
Cleans up the keystone manifest This patch makes the following changes to the keystone auth manifest: * Fixes the tenant variable in the Keystone_user_role notification * Modifies the tests to account for the above point Change-Id: I94716b165750f0a89112028608b78ff6712c54de 2013-05-06 14:57:22 -06:00			`:public_protocol => 'https',`
			`:public_port => '80',`
			`:public_address => '10.10.10.10',`
			`:port => '81',`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:internal_address => '10.10.10.11',`
Cleans up the keystone manifest This patch makes the following changes to the keystone auth manifest: * Fixes the tenant variable in the Keystone_user_role notification * Modifies the tests to account for the above point Change-Id: I94716b165750f0a89112028608b78ff6712c54de 2013-05-06 14:57:22 -06:00			`:admin_address => '10.10.10.12'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`}`
			`end`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_endpoint('RegionOne/neutron').with(`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`:ensure => 'present',`
			`:public_url => "https://10.10.10.10:80/",`
			`:internal_url => "http://10.10.10.11:81/",`
			`:admin_url => "http://10.10.10.12:81/"`
			`) }`

			`end`

add parameter for endpoint protocols This gives the ability to specify https endpoint for internal and/or admin endpoints. backport: havana Change-Id: Icf7cd49c7e7a99b873b861bff51a1317a563f2be 2014-03-06 16:27:47 +01:00			`describe 'when overriding admin_protocol and internal_protocol' do`

			`let :params do`
			`{`
			`:password => 'neutron_password',`
			`:admin_protocol => 'https',`
			`:internal_protocol => 'https',`
			`}`
			`end`

			`it { should contain_keystone_endpoint('RegionOne/neutron').with(`
			`:ensure => 'present',`
			`:public_url => "http://127.0.0.1:9696/",`
			`:admin_url => "https://127.0.0.1:9696/",`
			`:internal_url => "https://127.0.0.1:9696/"`
			`) }`

			`end`

Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`describe 'when overriding auth name' do`

			`let :params do`
			`{`
			`:password => 'foo',`
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`:auth_name => 'neutrony'`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`}`
			`end`

Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_user('neutrony') }`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_user_role('neutrony@services') }`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_service('neutrony') }`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00
Rename quantum to neutron. Global replacement of all Quantum references with Neutron. Change-Id: I74ad15e382589ced6f47d0783e3e952627fcd0f7 2013-08-05 13:20:54 -04:00			`it { should contain_keystone_endpoint('RegionOne/neutrony') }`
Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00
			`end`

Adds ability to override service name for service catalog Instead of forcing the name of the service in the service catalog to match auth_name, this allows the ability to explicitly set the service name, spearately from auth_name. If service_name is not specified, it's value defaults to the value of auth_name (which maintains the current behavior.) Closes-bug: #1359755 Change-Id: Ieec7cdaab792b48c4640f6e1f2470e48640387d7 2014-08-13 07:55:40 -06:00			`describe 'when overriding service name' do`

			`let :params do`
			`{`
			`:service_name => 'neutron_service',`
			`:password => 'neutron_password'`
			`}`
			`end`

			`it { should contain_keystone_user('neutron') }`
			`it { should contain_keystone_user_role('neutron@services') }`
			`it { should contain_keystone_service('neutron_service') }`
			`it { should contain_keystone_endpoint('RegionOne/neutron_service') }`

			`end`

Make user creation optional when creating service. In some cases it is useful to be able to just configure the service in Keystone and not the service user. This is the case when e.g. a read only LDAP backend is used. Added parameters configure_user and configure_user_role (default to true). Change-Id: I6b0b7e2554e982550d71d8427ce2ea94f04f55e8 Closes-Bug: 1360232 2014-08-22 15:37:09 +03:00			`describe 'when disabling user configuration' do`

			`let :params do`
			`{`
			`:password => 'neutron_password',`
			`:configure_user => false`
			`}`
			`end`

			`it { should_not contain_keystone_user('neutron') }`

			`it { should contain_keystone_user_role('neutron@services') }`

			`it { should contain_keystone_service('neutron').with(`
			`:ensure => 'present',`
			`:type => 'network',`
			`:description => 'Neutron Networking Service'`
			`) }`

			`end`

			`describe 'when disabling user and user role configuration' do`

			`let :params do`
			`{`
			`:password => 'neutron_password',`
			`:configure_user => false,`
			`:configure_user_role => false`
			`}`
			`end`

			`it { should_not contain_keystone_user('neutron') }`

			`it { should_not contain_keystone_user_role('neutron@services') }`

			`it { should contain_keystone_service('neutron').with(`
			`:ensure => 'present',`
			`:type => 'network',`
			`:description => 'Neutron Networking Service'`
			`) }`

			`end`

Allow changed to public_protocol and public_port This change allow to configure the public_protocol and public_port of quantum endpoint and add tests for the keystone/auth.pp file Change-Id: I0e643d60bde99a0524944b7ed96d445ba63300fe 2013-05-02 15:04:23 +02:00			`end`