Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1]. Use option www_authenticate_uri from group keystone_authtoken. [1]https://review.openstack.org/#/c/508522/ Change-Id: I0dd36ef1f1f5dcdc57413736ecb8f2555712c36d Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316 Closes-Bug: #1759098
This commit is contained in:
ZhongShengping
parent
e9aa809dd3
commit
20d93c4148
|
|
@ -82,7 +82,7 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
|
|||
|
||||
def self.get_nova_credentials
|
||||
#needed keys for authentication
|
||||
auth_keys = ['auth_uri', 'project_name', 'username', 'password']
|
||||
auth_keys = ['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||
conf = nova_conf
|
||||
if conf and conf['keystone_authtoken'] and
|
||||
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
|
||||
|
|
@ -111,7 +111,7 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
|
|||
|
||||
def self.get_auth_endpoint
|
||||
q = nova_credentials
|
||||
"#{q['auth_uri']}"
|
||||
"#{q['www_authenticate_uri']}"
|
||||
end
|
||||
|
||||
def self.auth_endpoint
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ Puppet::Type.newtype(:nova_aggregate) do
|
|||
ensurable
|
||||
|
||||
autorequire(:nova_config) do
|
||||
['auth_uri', 'project_name', 'username', 'password']
|
||||
['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||
end
|
||||
|
||||
newparam(:name, :namevar => true) do
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ Puppet::Type.newtype(:nova_flavor) do
|
|||
ensurable
|
||||
|
||||
autorequire(:nova_config) do
|
||||
['auth_uri', 'project_name', 'username', 'password']
|
||||
['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||
end
|
||||
|
||||
# Require the nova-api service to be running
|
||||
|
|
|
|||
|
|
@ -552,7 +552,8 @@ as a standalone service, or httpd for being run by a httpd server")
|
|||
#Admin tenant name real
|
||||
$atnr = $::nova::keystone::authtoken::project_name
|
||||
#Keystone Auth URI
|
||||
$kau = $::nova::keystone::authtoken::auth_uri
|
||||
# TODO(tobasco): Remove pick when auth_uri is removed.
|
||||
$kau = pick($::nova::keystone::authtoken::auth_uri, $::nova::keystone::authtoken::www_authenticate_uri)
|
||||
$defaults = {
|
||||
'nova-api' => {
|
||||
'command' => "nova --os-auth-url ${kau} --os-project-name ${atnr} --os-username ${aur} --os-password ${apr} flavor-list",
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@
|
|||
# (Optional) Authentication type to load
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# [*www_authenticate_uri*]
|
||||
# (Optional) Complete public Identity API endpoint.
|
||||
# Defaults to 'http://127.0.0.1:5000/'.
|
||||
#
|
||||
|
|
@ -178,6 +178,12 @@
|
|||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# (Optional) Complete public Identity API endpoint.
|
||||
# Defaults to undef
|
||||
#
|
||||
class nova::keystone::authtoken(
|
||||
$username = 'nova',
|
||||
$password = $::os_service_default,
|
||||
|
|
@ -188,7 +194,7 @@ class nova::keystone::authtoken(
|
|||
$insecure = $::os_service_default,
|
||||
$auth_section = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$auth_uri = 'http://127.0.0.1:5000/',
|
||||
$www_authenticate_uri = 'http://127.0.0.1:5000/',
|
||||
$auth_version = $::os_service_default,
|
||||
$cache = $::os_service_default,
|
||||
$cafile = $::os_service_default,
|
||||
|
|
@ -213,6 +219,8 @@ class nova::keystone::authtoken(
|
|||
$manage_memcache_package = false,
|
||||
$region_name = $::os_service_default,
|
||||
$token_cache_time = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_uri = undef,
|
||||
) {
|
||||
|
||||
include ::nova::deps
|
||||
|
|
@ -221,12 +229,17 @@ class nova::keystone::authtoken(
|
|||
fail('Please set password for nova service user')
|
||||
}
|
||||
|
||||
if $auth_uri {
|
||||
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||
}
|
||||
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||
|
||||
keystone::resource::authtoken { 'nova_config':
|
||||
username => $username,
|
||||
password => $password,
|
||||
project_name => $project_name,
|
||||
auth_url => $auth_url,
|
||||
auth_uri => $auth_uri,
|
||||
www_authenticate_uri => $www_authenticate_uri_real,
|
||||
auth_version => $auth_version,
|
||||
auth_type => $auth_type,
|
||||
auth_section => $auth_section,
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@
|
|||
# (Optional) Authentication type to load
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# [*www_authenticate_uri*]
|
||||
# (Optional) Complete public Identity API endpoint.
|
||||
# Defaults to 'http://127.0.0.1:5000/'.
|
||||
#
|
||||
|
|
@ -178,6 +178,12 @@
|
|||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*auth_uri*]
|
||||
# (Optional) Complete public Identity API endpoint.
|
||||
# Defaults to undef
|
||||
#
|
||||
class nova::metadata::novajoin::authtoken(
|
||||
$username = 'novajoin',
|
||||
$password = $::os_service_default,
|
||||
|
|
@ -188,7 +194,7 @@ class nova::metadata::novajoin::authtoken(
|
|||
$insecure = $::os_service_default,
|
||||
$auth_section = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$auth_uri = 'http://127.0.0.1:5000/',
|
||||
$www_authenticate_uri = 'http://127.0.0.1:5000/',
|
||||
$auth_version = $::os_service_default,
|
||||
$cache = $::os_service_default,
|
||||
$cafile = $::os_service_default,
|
||||
|
|
@ -213,18 +219,25 @@ class nova::metadata::novajoin::authtoken(
|
|||
$manage_memcache_package = false,
|
||||
$region_name = $::os_service_default,
|
||||
$token_cache_time = $::os_service_default,
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_uri = undef,
|
||||
) {
|
||||
|
||||
if is_service_default($password) {
|
||||
fail('Please set password for novajoin service user')
|
||||
}
|
||||
|
||||
if $auth_uri {
|
||||
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||
}
|
||||
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||
|
||||
keystone::resource::authtoken { 'novajoin_config':
|
||||
username => $username,
|
||||
password => $password,
|
||||
project_name => $project_name,
|
||||
auth_url => $auth_url,
|
||||
auth_uri => $auth_uri,
|
||||
www_authenticate_uri => $www_authenticate_uri_real,
|
||||
auth_version => $auth_version,
|
||||
auth_type => $auth_type,
|
||||
auth_section => $auth_section,
|
||||
|
|
|
|||
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
deprecations:
|
||||
- nova::keystone::authtoken::auth_uri is deprecated and will be removed in a future release.
|
||||
Please use www_authenticate_uri instead.
|
||||
- nova::metadata::novajoin::authtoken::auth_uri is deprecated and will be removed in a future release.
|
||||
Please use www_authenticate_uri instead.
|
||||
|
|
@ -20,7 +20,7 @@ describe 'nova::keystone::authtoken' do
|
|||
is_expected.to contain_nova_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_type').with_value('password')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000/')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000/')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||
|
|
@ -50,7 +50,7 @@ describe 'nova::keystone::authtoken' do
|
|||
context 'when overriding parameters' do
|
||||
before do
|
||||
params.merge!({
|
||||
:auth_uri => 'https://10.0.0.1:9999/',
|
||||
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||
:username => 'myuser',
|
||||
:password => 'mypasswd',
|
||||
:auth_url => 'http://:127.0.0.1:35357',
|
||||
|
|
@ -90,7 +90,7 @@ describe 'nova::keystone::authtoken' do
|
|||
end
|
||||
|
||||
it 'configure keystone_authtoken' do
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||
is_expected.to contain_nova_config('keystone_authtoken/username').with_value(params[:username])
|
||||
is_expected.to contain_nova_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||
is_expected.to contain_nova_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
|||
is_expected.to contain_novajoin_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_type').with_value('password')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000/')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000/')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||
|
|
@ -50,7 +50,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
|||
context 'when overriding parameters' do
|
||||
before do
|
||||
params.merge!({
|
||||
:auth_uri => 'https://10.0.0.1:9999/',
|
||||
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||
:username => 'myuser',
|
||||
:password => 'mypasswd',
|
||||
:auth_url => 'http://:127.0.0.1:35357',
|
||||
|
|
@ -90,7 +90,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
|||
end
|
||||
|
||||
it 'configure keystone_authtoken' do
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/username').with_value(params[:username])
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||
|
|
|
|||
|
|
@ -11,11 +11,11 @@ describe Puppet::Provider::Nova do
|
|||
|
||||
let :credential_hash do
|
||||
{
|
||||
'auth_uri' => 'https://192.168.56.210:35357/v2.0/',
|
||||
'project_name' => 'admin_tenant',
|
||||
'username' => 'admin',
|
||||
'password' => 'password',
|
||||
'region_name' => 'Region1',
|
||||
'www_authenticate_uri' => 'https://192.168.56.210:35357/v2.0/',
|
||||
'project_name' => 'admin_tenant',
|
||||
'username' => 'admin',
|
||||
'password' => 'password',
|
||||
'region_name' => 'Region1',
|
||||
}
|
||||
end
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue