b276901eed
This change introduces the new purge_config parameter to the policy class so that any policy rules not managed by puppet manifests can be cleared. Co-Authored-By: Martin Schuppert <mschuppert@redhat.com> Depends-On: https://review.opendev.org/802305 Change-Id: Ief0ba5da927484a4e691a1e1796b1e9e4879d8df
86 lines
2.5 KiB
Ruby
86 lines
2.5 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe 'neutron::policy' do
|
|
shared_examples 'neutron::policy' do
|
|
|
|
context 'setup policy with parameters' do
|
|
let :params do
|
|
{
|
|
:enforce_scope => false,
|
|
:enforce_new_defaults => false,
|
|
:policy_path => '/etc/neutron/policy.yaml',
|
|
:policy_dirs => '/etc/neutron/policy.d',
|
|
:policies => {
|
|
'context_is_admin' => {
|
|
'key' => 'context_is_admin',
|
|
'value' => 'foo:bar'
|
|
}
|
|
}
|
|
}
|
|
end
|
|
|
|
it 'set up the policies' do
|
|
is_expected.to contain_openstacklib__policy('/etc/neutron/policy.yaml').with(
|
|
:policies => {
|
|
'context_is_admin' => {
|
|
'key' => 'context_is_admin',
|
|
'value' => 'foo:bar'
|
|
}
|
|
},
|
|
:policy_path => '/etc/neutron/policy.yaml',
|
|
:file_user => 'root',
|
|
:file_group => 'neutron',
|
|
:file_format => 'yaml',
|
|
:purge_config => false,
|
|
)
|
|
is_expected.to contain_oslo__policy('neutron_config').with(
|
|
:enforce_scope => false,
|
|
:enforce_new_defaults => false,
|
|
:policy_file => '/etc/neutron/policy.yaml',
|
|
:policy_dirs => '/etc/neutron/policy.d',
|
|
)
|
|
end
|
|
end
|
|
|
|
context 'with empty policies and purge_config enabled' do
|
|
let :params do
|
|
{
|
|
:enforce_scope => false,
|
|
:enforce_new_defaults => false,
|
|
:policy_path => '/etc/neutron/policy.yaml',
|
|
:policies => {},
|
|
:purge_config => true,
|
|
}
|
|
end
|
|
|
|
it 'set up the policies' do
|
|
is_expected.to contain_openstacklib__policy('/etc/neutron/policy.yaml').with(
|
|
:policies => {},
|
|
:policy_path => '/etc/neutron/policy.yaml',
|
|
:file_user => 'root',
|
|
:file_group => 'neutron',
|
|
:file_format => 'yaml',
|
|
:purge_config => true,
|
|
)
|
|
is_expected.to contain_oslo__policy('neutron_config').with(
|
|
:enforce_scope => false,
|
|
:enforce_new_defaults => false,
|
|
:policy_file => '/etc/neutron/policy.yaml',
|
|
)
|
|
end
|
|
end
|
|
end
|
|
|
|
on_supported_os({
|
|
:supported_os => OSDefaults.get_supported_os
|
|
}).each do |os,facts|
|
|
context "on #{os}" do
|
|
let (:facts) do
|
|
facts.merge!(OSDefaults.get_facts())
|
|
end
|
|
|
|
it_behaves_like 'neutron::policy'
|
|
end
|
|
end
|
|
end
|