Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1]. Use option www_authenticate_uri from group keystone_authtoken. [1]https://review.openstack.org/#/c/508522/ Change-Id: I0dd36ef1f1f5dcdc57413736ecb8f2555712c36d Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316 Closes-Bug: #1759098
This commit is contained in:
ZhongShengping
parent
e9aa809dd3
commit
20d93c4148
|
|
@ -82,7 +82,7 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
|
||||||
|
|
||||||
def self.get_nova_credentials
|
def self.get_nova_credentials
|
||||||
#needed keys for authentication
|
#needed keys for authentication
|
||||||
auth_keys = ['auth_uri', 'project_name', 'username', 'password']
|
auth_keys = ['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||||
conf = nova_conf
|
conf = nova_conf
|
||||||
if conf and conf['keystone_authtoken'] and
|
if conf and conf['keystone_authtoken'] and
|
||||||
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
|
auth_keys.all?{|k| !conf['keystone_authtoken'][k].nil?}
|
||||||
|
|
@ -111,7 +111,7 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
|
||||||
|
|
||||||
def self.get_auth_endpoint
|
def self.get_auth_endpoint
|
||||||
q = nova_credentials
|
q = nova_credentials
|
||||||
"#{q['auth_uri']}"
|
"#{q['www_authenticate_uri']}"
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.auth_endpoint
|
def self.auth_endpoint
|
||||||
|
|
|
||||||
|
|
@ -50,7 +50,7 @@ Puppet::Type.newtype(:nova_aggregate) do
|
||||||
ensurable
|
ensurable
|
||||||
|
|
||||||
autorequire(:nova_config) do
|
autorequire(:nova_config) do
|
||||||
['auth_uri', 'project_name', 'username', 'password']
|
['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||||
end
|
end
|
||||||
|
|
||||||
newparam(:name, :namevar => true) do
|
newparam(:name, :namevar => true) do
|
||||||
|
|
|
||||||
|
|
@ -56,7 +56,7 @@ Puppet::Type.newtype(:nova_flavor) do
|
||||||
ensurable
|
ensurable
|
||||||
|
|
||||||
autorequire(:nova_config) do
|
autorequire(:nova_config) do
|
||||||
['auth_uri', 'project_name', 'username', 'password']
|
['www_authenticate_uri', 'project_name', 'username', 'password']
|
||||||
end
|
end
|
||||||
|
|
||||||
# Require the nova-api service to be running
|
# Require the nova-api service to be running
|
||||||
|
|
|
||||||
|
|
@ -552,7 +552,8 @@ as a standalone service, or httpd for being run by a httpd server")
|
||||||
#Admin tenant name real
|
#Admin tenant name real
|
||||||
$atnr = $::nova::keystone::authtoken::project_name
|
$atnr = $::nova::keystone::authtoken::project_name
|
||||||
#Keystone Auth URI
|
#Keystone Auth URI
|
||||||
$kau = $::nova::keystone::authtoken::auth_uri
|
# TODO(tobasco): Remove pick when auth_uri is removed.
|
||||||
|
$kau = pick($::nova::keystone::authtoken::auth_uri, $::nova::keystone::authtoken::www_authenticate_uri)
|
||||||
$defaults = {
|
$defaults = {
|
||||||
'nova-api' => {
|
'nova-api' => {
|
||||||
'command' => "nova --os-auth-url ${kau} --os-project-name ${atnr} --os-username ${aur} --os-password ${apr} flavor-list",
|
'command' => "nova --os-auth-url ${kau} --os-project-name ${atnr} --os-username ${aur} --os-password ${apr} flavor-list",
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@
|
||||||
# (Optional) Authentication type to load
|
# (Optional) Authentication type to load
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*auth_uri*]
|
# [*www_authenticate_uri*]
|
||||||
# (Optional) Complete public Identity API endpoint.
|
# (Optional) Complete public Identity API endpoint.
|
||||||
# Defaults to 'http://127.0.0.1:5000/'.
|
# Defaults to 'http://127.0.0.1:5000/'.
|
||||||
#
|
#
|
||||||
|
|
@ -178,6 +178,12 @@
|
||||||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
#
|
||||||
|
# [*auth_uri*]
|
||||||
|
# (Optional) Complete public Identity API endpoint.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class nova::keystone::authtoken(
|
class nova::keystone::authtoken(
|
||||||
$username = 'nova',
|
$username = 'nova',
|
||||||
$password = $::os_service_default,
|
$password = $::os_service_default,
|
||||||
|
|
@ -188,7 +194,7 @@ class nova::keystone::authtoken(
|
||||||
$insecure = $::os_service_default,
|
$insecure = $::os_service_default,
|
||||||
$auth_section = $::os_service_default,
|
$auth_section = $::os_service_default,
|
||||||
$auth_type = 'password',
|
$auth_type = 'password',
|
||||||
$auth_uri = 'http://127.0.0.1:5000/',
|
$www_authenticate_uri = 'http://127.0.0.1:5000/',
|
||||||
$auth_version = $::os_service_default,
|
$auth_version = $::os_service_default,
|
||||||
$cache = $::os_service_default,
|
$cache = $::os_service_default,
|
||||||
$cafile = $::os_service_default,
|
$cafile = $::os_service_default,
|
||||||
|
|
@ -213,6 +219,8 @@ class nova::keystone::authtoken(
|
||||||
$manage_memcache_package = false,
|
$manage_memcache_package = false,
|
||||||
$region_name = $::os_service_default,
|
$region_name = $::os_service_default,
|
||||||
$token_cache_time = $::os_service_default,
|
$token_cache_time = $::os_service_default,
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
$auth_uri = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include ::nova::deps
|
include ::nova::deps
|
||||||
|
|
@ -221,12 +229,17 @@ class nova::keystone::authtoken(
|
||||||
fail('Please set password for nova service user')
|
fail('Please set password for nova service user')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $auth_uri {
|
||||||
|
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||||
|
}
|
||||||
|
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||||
|
|
||||||
keystone::resource::authtoken { 'nova_config':
|
keystone::resource::authtoken { 'nova_config':
|
||||||
username => $username,
|
username => $username,
|
||||||
password => $password,
|
password => $password,
|
||||||
project_name => $project_name,
|
project_name => $project_name,
|
||||||
auth_url => $auth_url,
|
auth_url => $auth_url,
|
||||||
auth_uri => $auth_uri,
|
www_authenticate_uri => $www_authenticate_uri_real,
|
||||||
auth_version => $auth_version,
|
auth_version => $auth_version,
|
||||||
auth_type => $auth_type,
|
auth_type => $auth_type,
|
||||||
auth_section => $auth_section,
|
auth_section => $auth_section,
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@
|
||||||
# (Optional) Authentication type to load
|
# (Optional) Authentication type to load
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*auth_uri*]
|
# [*www_authenticate_uri*]
|
||||||
# (Optional) Complete public Identity API endpoint.
|
# (Optional) Complete public Identity API endpoint.
|
||||||
# Defaults to 'http://127.0.0.1:5000/'.
|
# Defaults to 'http://127.0.0.1:5000/'.
|
||||||
#
|
#
|
||||||
|
|
@ -178,6 +178,12 @@
|
||||||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
#
|
||||||
|
# [*auth_uri*]
|
||||||
|
# (Optional) Complete public Identity API endpoint.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class nova::metadata::novajoin::authtoken(
|
class nova::metadata::novajoin::authtoken(
|
||||||
$username = 'novajoin',
|
$username = 'novajoin',
|
||||||
$password = $::os_service_default,
|
$password = $::os_service_default,
|
||||||
|
|
@ -188,7 +194,7 @@ class nova::metadata::novajoin::authtoken(
|
||||||
$insecure = $::os_service_default,
|
$insecure = $::os_service_default,
|
||||||
$auth_section = $::os_service_default,
|
$auth_section = $::os_service_default,
|
||||||
$auth_type = 'password',
|
$auth_type = 'password',
|
||||||
$auth_uri = 'http://127.0.0.1:5000/',
|
$www_authenticate_uri = 'http://127.0.0.1:5000/',
|
||||||
$auth_version = $::os_service_default,
|
$auth_version = $::os_service_default,
|
||||||
$cache = $::os_service_default,
|
$cache = $::os_service_default,
|
||||||
$cafile = $::os_service_default,
|
$cafile = $::os_service_default,
|
||||||
|
|
@ -213,18 +219,25 @@ class nova::metadata::novajoin::authtoken(
|
||||||
$manage_memcache_package = false,
|
$manage_memcache_package = false,
|
||||||
$region_name = $::os_service_default,
|
$region_name = $::os_service_default,
|
||||||
$token_cache_time = $::os_service_default,
|
$token_cache_time = $::os_service_default,
|
||||||
|
# DEPRECATED PARAMETERS
|
||||||
|
$auth_uri = undef,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
if is_service_default($password) {
|
if is_service_default($password) {
|
||||||
fail('Please set password for novajoin service user')
|
fail('Please set password for novajoin service user')
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $auth_uri {
|
||||||
|
warning('The auth_uri parameter is deprecated. Please use www_authenticate_uri instead.')
|
||||||
|
}
|
||||||
|
$www_authenticate_uri_real = pick($auth_uri, $www_authenticate_uri)
|
||||||
|
|
||||||
keystone::resource::authtoken { 'novajoin_config':
|
keystone::resource::authtoken { 'novajoin_config':
|
||||||
username => $username,
|
username => $username,
|
||||||
password => $password,
|
password => $password,
|
||||||
project_name => $project_name,
|
project_name => $project_name,
|
||||||
auth_url => $auth_url,
|
auth_url => $auth_url,
|
||||||
auth_uri => $auth_uri,
|
www_authenticate_uri => $www_authenticate_uri_real,
|
||||||
auth_version => $auth_version,
|
auth_version => $auth_version,
|
||||||
auth_type => $auth_type,
|
auth_type => $auth_type,
|
||||||
auth_section => $auth_section,
|
auth_section => $auth_section,
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
deprecations:
|
||||||
|
- nova::keystone::authtoken::auth_uri is deprecated and will be removed in a future release.
|
||||||
|
Please use www_authenticate_uri instead.
|
||||||
|
- nova::metadata::novajoin::authtoken::auth_uri is deprecated and will be removed in a future release.
|
||||||
|
Please use www_authenticate_uri instead.
|
||||||
|
|
@ -20,7 +20,7 @@ describe 'nova::keystone::authtoken' do
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_nova_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_nova_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_type').with_value('password')
|
is_expected.to contain_nova_config('keystone_authtoken/auth_type').with_value('password')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000/')
|
is_expected.to contain_nova_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000/')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_nova_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_nova_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_nova_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||||
|
|
@ -50,7 +50,7 @@ describe 'nova::keystone::authtoken' do
|
||||||
context 'when overriding parameters' do
|
context 'when overriding parameters' do
|
||||||
before do
|
before do
|
||||||
params.merge!({
|
params.merge!({
|
||||||
:auth_uri => 'https://10.0.0.1:9999/',
|
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||||
:username => 'myuser',
|
:username => 'myuser',
|
||||||
:password => 'mypasswd',
|
:password => 'mypasswd',
|
||||||
:auth_url => 'http://:127.0.0.1:35357',
|
:auth_url => 'http://:127.0.0.1:35357',
|
||||||
|
|
@ -90,7 +90,7 @@ describe 'nova::keystone::authtoken' do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'configure keystone_authtoken' do
|
it 'configure keystone_authtoken' do
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
is_expected.to contain_nova_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/username').with_value(params[:username])
|
is_expected.to contain_nova_config('keystone_authtoken/username').with_value(params[:username])
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
is_expected.to contain_nova_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||||
is_expected.to contain_nova_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
is_expected.to contain_nova_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_novajoin_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_novajoin_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_type').with_value('password')
|
is_expected.to contain_novajoin_config('keystone_authtoken/auth_type').with_value('password')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_uri').with_value('http://127.0.0.1:5000/')
|
is_expected.to contain_novajoin_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000/')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_novajoin_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_novajoin_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_novajoin_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
|
||||||
|
|
@ -50,7 +50,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
||||||
context 'when overriding parameters' do
|
context 'when overriding parameters' do
|
||||||
before do
|
before do
|
||||||
params.merge!({
|
params.merge!({
|
||||||
:auth_uri => 'https://10.0.0.1:9999/',
|
:www_authenticate_uri => 'https://10.0.0.1:9999/',
|
||||||
:username => 'myuser',
|
:username => 'myuser',
|
||||||
:password => 'mypasswd',
|
:password => 'mypasswd',
|
||||||
:auth_url => 'http://:127.0.0.1:35357',
|
:auth_url => 'http://:127.0.0.1:35357',
|
||||||
|
|
@ -90,7 +90,7 @@ describe 'nova::metadata::novajoin::authtoken' do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'configure keystone_authtoken' do
|
it 'configure keystone_authtoken' do
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_uri').with_value('https://10.0.0.1:9999/')
|
is_expected.to contain_novajoin_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/username').with_value(params[:username])
|
is_expected.to contain_novajoin_config('keystone_authtoken/username').with_value(params[:username])
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
is_expected.to contain_novajoin_config('keystone_authtoken/password').with_value(params[:password]).with_secret(true)
|
||||||
is_expected.to contain_novajoin_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
is_expected.to contain_novajoin_config('keystone_authtoken/auth_url').with_value(params[:auth_url])
|
||||||
|
|
|
||||||
|
|
@ -11,11 +11,11 @@ describe Puppet::Provider::Nova do
|
||||||
|
|
||||||
let :credential_hash do
|
let :credential_hash do
|
||||||
{
|
{
|
||||||
'auth_uri' => 'https://192.168.56.210:35357/v2.0/',
|
'www_authenticate_uri' => 'https://192.168.56.210:35357/v2.0/',
|
||||||
'project_name' => 'admin_tenant',
|
'project_name' => 'admin_tenant',
|
||||||
'username' => 'admin',
|
'username' => 'admin',
|
||||||
'password' => 'password',
|
'password' => 'password',
|
||||||
'region_name' => 'Region1',
|
'region_name' => 'Region1',
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue