diff --git a/manifests/api.pp b/manifests/api.pp index 466ee18c3..01c5018c0 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -352,19 +352,22 @@ as a standalone service, or httpd for being run by a httpd server") } if $validate { - #Shrinking the variables names in favor of not - #having more than 140 chars per line - #Admin user real - $aur = $::nova::keystone::authtoken::username - #Admin password real - $apr = $::nova::keystone::authtoken::password - #Admin tenant name real - $atnr = $::nova::keystone::authtoken::project_name - #Keystone Auth URI - $kau = $::nova::keystone::authtoken::www_authenticate_uri + $authtoken_values = { + 'username' => $::nova::keystone::authtoken::username, + 'password' => $::nova::keystone::authtoken::password, + 'project_name' => $::nova::keystone::authtoken::project_name, + 'www_authenticate_uri' => $::nova::keystone::authtoken::www_authenticate_uri, + } + $authtoken = merge($authtoken_values, $::nova::keystone::authtoken::params) $defaults = { 'nova-api' => { - 'command' => "nova --os-auth-url ${kau} --os-project-name ${atnr} --os-username ${aur} --os-password ${apr} flavor-list", + 'command' => @("CMD"/L) + nova --os-auth-url ${authtoken['www_authenticate_uri']} \ + --os-project-name ${authtoken['project_name']} \ + --os-username ${authtoken['username']} \ + --os-password ${authtoken['password']} \ + flavor-list + |- CMD } } $validation_options_hash = merge ($defaults, $validation_options) diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp index 74ef41193..efed9336f 100644 --- a/manifests/keystone/authtoken.pp +++ b/manifests/keystone/authtoken.pp @@ -182,6 +182,10 @@ # "public", "internal" or "admin". # Defaults to $::os_service_default. # +# [*params*] +# (Optional) Hash of additional parameters to pass through to the keystone +# authtoken class. Values set here override the individual parameters above. +# class nova::keystone::authtoken( $username = 'nova', $password = $::os_service_default, @@ -218,6 +222,7 @@ class nova::keystone::authtoken( $service_token_roles = $::os_service_default, $service_token_roles_required = $::os_service_default, $interface = $::os_service_default, + $params = {}, ) { include nova::deps @@ -226,41 +231,44 @@ class nova::keystone::authtoken( fail('Please set password for nova service user') } - keystone::resource::authtoken { 'nova_config': - username => $username, - password => $password, - project_name => $project_name, - auth_url => $auth_url, - www_authenticate_uri => $www_authenticate_uri, - auth_version => $auth_version, - auth_type => $auth_type, - auth_section => $auth_section, - user_domain_name => $user_domain_name, - project_domain_name => $project_domain_name, - insecure => $insecure, - cache => $cache, - cafile => $cafile, - certfile => $certfile, - delay_auth_decision => $delay_auth_decision, - enforce_token_bind => $enforce_token_bind, - http_connect_timeout => $http_connect_timeout, - http_request_max_retries => $http_request_max_retries, - include_service_catalog => $include_service_catalog, - keyfile => $keyfile, - memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout, - memcache_pool_dead_retry => $memcache_pool_dead_retry, - memcache_pool_maxsize => $memcache_pool_maxsize, - memcache_pool_socket_timeout => $memcache_pool_socket_timeout, - memcache_secret_key => $memcache_secret_key, - memcache_security_strategy => $memcache_security_strategy, - memcache_use_advanced_pool => $memcache_use_advanced_pool, - memcache_pool_unused_timeout => $memcache_pool_unused_timeout, - memcached_servers => $memcached_servers, - manage_memcache_package => $manage_memcache_package, - region_name => $region_name, - token_cache_time => $token_cache_time, - service_token_roles => $service_token_roles, - service_token_roles_required => $service_token_roles_required, - interface => $interface, + keystone::resource::authtoken { + 'nova_config': + * => $params; + default: + username => $username, + password => $password, + project_name => $project_name, + auth_url => $auth_url, + www_authenticate_uri => $www_authenticate_uri, + auth_version => $auth_version, + auth_type => $auth_type, + auth_section => $auth_section, + user_domain_name => $user_domain_name, + project_domain_name => $project_domain_name, + insecure => $insecure, + cache => $cache, + cafile => $cafile, + certfile => $certfile, + delay_auth_decision => $delay_auth_decision, + enforce_token_bind => $enforce_token_bind, + http_connect_timeout => $http_connect_timeout, + http_request_max_retries => $http_request_max_retries, + include_service_catalog => $include_service_catalog, + keyfile => $keyfile, + memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout, + memcache_pool_dead_retry => $memcache_pool_dead_retry, + memcache_pool_maxsize => $memcache_pool_maxsize, + memcache_pool_socket_timeout => $memcache_pool_socket_timeout, + memcache_secret_key => $memcache_secret_key, + memcache_security_strategy => $memcache_security_strategy, + memcache_use_advanced_pool => $memcache_use_advanced_pool, + memcache_pool_unused_timeout => $memcache_pool_unused_timeout, + memcached_servers => $memcached_servers, + manage_memcache_package => $manage_memcache_package, + region_name => $region_name, + token_cache_time => $token_cache_time, + service_token_roles => $service_token_roles, + service_token_roles_required => $service_token_roles_required, + interface => $interface; } } diff --git a/spec/classes/nova_api_spec.rb b/spec/classes/nova_api_spec.rb index e032ee1b0..3f75865f0 100644 --- a/spec/classes/nova_api_spec.rb +++ b/spec/classes/nova_api_spec.rb @@ -6,6 +6,7 @@ describe 'nova::api' do "include nova class { 'nova::keystone::authtoken': password => 'passw0rd', + params => { 'username' => 'novae' }, }" end @@ -143,7 +144,7 @@ describe 'nova::api' do }) end it { is_expected.to contain_openstacklib__service_validation('nova-api').with( - :command => 'nova --os-auth-url http://127.0.0.1:5000/ --os-project-name services --os-username nova --os-password passw0rd flavor-list', + :command => 'nova --os-auth-url http://127.0.0.1:5000/ --os-project-name services --os-username novae --os-password passw0rd flavor-list', :subscribe => 'Service[nova-api]', )} diff --git a/spec/classes/nova_keystone_authtoken_spec.rb b/spec/classes/nova_keystone_authtoken_spec.rb index 247ed2772..b2591a50f 100644 --- a/spec/classes/nova_keystone_authtoken_spec.rb +++ b/spec/classes/nova_keystone_authtoken_spec.rb @@ -86,6 +86,7 @@ describe 'nova::keystone::authtoken' do :service_token_roles => ['service'], :service_token_roles_required => true, :interface => 'internal', + :params => { 'service_type' => "compute" }, }) end @@ -124,12 +125,26 @@ describe 'nova::keystone::authtoken' do is_expected.to contain_nova_config('keystone_authtoken/service_token_roles').with_value(params[:service_token_roles]) is_expected.to contain_nova_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required]) is_expected.to contain_nova_config('keystone_authtoken/interface').with_value(params[:interface]) + is_expected.to contain_nova_config('keystone_authtoken/service_type').with_value(params[:params]['service_type']) end it 'installs python memcache package' do is_expected.to contain_package('python-memcache') end end + + context 'when overriding parameters via params hash' do + before do + params.merge!({ + :username => 'myuser', + :params => { 'username' => "myotheruser" }, + }) + end + + it 'configure keystone_authtoken' do + is_expected.to contain_nova_config('keystone_authtoken/username').with_value(params[:params]['username']) + end + end end on_supported_os({