Add support for rootwrap.conf

Change-Id: I69a85a9fc5179d984325747c63b3bb52a0153b22
2021-12-27 10:16:01 +09:00 · 2021-12-27 10:16:01 +09:00 · 6bf4526ff1
parent 5c819fbe34
commit 6bf4526ff1
8 changed files with 222 additions and 41 deletions
--- a/lib/puppet/provider/nova_rootwrap_config/ini_setting.rb
+++ b/lib/puppet/provider/nova_rootwrap_config/ini_setting.rb
@ -0,0 +1,10 @@
+Puppet::Type.type(:nova_rootwrap_config).provide(
+  :ini_setting,
+  :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting)
+) do
+
+  def self.file_path
+    '/etc/nova/rootwrap.conf'
+  end
+
+end
--- a/lib/puppet/type/nova_rootwrap_config.rb
+++ b/lib/puppet/type/nova_rootwrap_config.rb
@ -0,0 +1,29 @@
+Puppet::Type.newtype(:nova_rootwrap_config) do
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    desc 'Section/setting name to manage from /etc/nova/rootwrap.conf'
+    newvalues(/\S+\/\S+/)
+  end
+
+  newproperty(:value) do
+    desc 'The value of the setting to be defined.'
+    munge do |value|
+      value = value.to_s.strip
+      value.capitalize! if value =~ /^(true|false)$/i
+      value
+    end
+    newvalues(/^[\S ]*$/)
+  end
+
+  newparam(:ensure_absent_val) do
+    desc 'A value that is specified as the value property will behave as if ensure => absent was specified'
+    defaultto('<SERVICE DEFAULT>')
+  end
+
+  autorequire(:anchor) do
+    ['nova::install::end']
+  end
+
+end
--- a/manifests/config.pp
+++ b/manifests/config.pp
@ -2,41 +2,50 @@
 #
 # This class is used to manage arbitrary Nova configurations.
 #
-# === Parameters
-#
-# [*nova_config*]
+# example xxx_config
 #   (optional) Allow configuration of arbitrary Nova configurations.
-#   The value is an hash of nova_config resources. Example:
+#   The value is a hash of xxx_config resources. Example:
+#   server_config =>
 #   { 'DEFAULT/foo' => { value => 'fooValue'},
 #     'DEFAULT/bar' => { value => 'barValue'}
 #   }
+#
+#   NOTE: { 'DEFAULT/foo': value => 'fooValue'; 'DEFAULT/bar': value => 'barValue'} is invalid.
+#
 #   In yaml format, Example:
-#   nova_config:
+#   server_config:
 #     DEFAULT/foo:
 #       value: fooValue
 #     DEFAULT/bar:
 #       value: barValue
 #
+# === Parameters
+#
+# [*nova_config*]
+#   (optional) Allow configuration of nova.conf configurations.
+#
+# [*nova_api_paste_ini*]
+#   (optional) Allow configuration of api-paste.ini configurations.
+#
+# [*nova_rootwrap_config*]
+#   (optional) Allow configuration of rootwrap.conf configurations.
+#
 #   NOTE: The configuration MUST NOT be already handled by this module
 #   or Puppet catalog compilation will fail with duplicate resources.
 #
-# [*nova_api_paste_ini*]
-#   (optional) Allow configuration of arbitrary Nova paste api configurations.
-#   The value is an hash of nova_api_paste_ini resources. Example:
-#   { 'DEFAULT/foo' => { value => 'fooValue'},
-#     'DEFAULT/bar' => { value => 'barValue'}
-#   }
-#
 class nova::config (
-  $nova_config        = {},
-  $nova_api_paste_ini = {},
+  $nova_config          = {},
+  $nova_api_paste_ini   = {},
+  $nova_rootwrap_config = {},
 ) {

  include nova::deps

  validate_legacy(Hash, 'validate_hash', $nova_config)
  validate_legacy(Hash, 'validate_hash', $nova_api_paste_ini)
+  validate_legacy(Hash, 'validate_hash', $nova_rootwrap_config)

  create_resources('nova_config', $nova_config)
  create_resources('nova_api_paste_ini', $nova_api_paste_ini)
+  create_resources('nova_rootwrap_config', $nova_rootwrap_config)
 }
--- a/manifests/deps.pp
+++ b/manifests/deps.pp
@ -27,6 +27,11 @@ class nova::deps {
  -> Nova_api_paste_ini<||>
  ~> Anchor['nova::config::end']

+  # rootwrap config should occur in the config block also.
+  Anchor['nova::config::begin']
+  -> Nova_rootwrap_config<||>
+  ~> Anchor['nova::config::end']
+
  # policy config should occur in the config block also.
  Anchor['nova::config::begin']
  -> Openstacklib::Policy<||>
--- a/releasenotes/notes/rootwrap-7376efdc78fc6fdf.yaml
+++ b/releasenotes/notes/rootwrap-7376efdc78fc6fdf.yaml
@ -0,0 +1,9 @@
+---
+features:
+  - |
+    The new ``nova_rootwrap_config`` resource has been added. This resource
+    can be used to manage contents of ``rootwrap.conf``
+
+  - |
+    The new ``nova::config::nova_rootwrap_config`` parameter has been added.
+    This parameter accepts arbitrary configuration of ``rootwrap.conf``.
--- a/spec/classes/nova_config_spec.rb
+++ b/spec/classes/nova_config_spec.rb
@ -1,48 +1,62 @@
 require 'spec_helper'

 describe 'nova::config' do
-  shared_examples 'nova::config' do
+  let(:config_hash) do {
+    'DEFAULT/foo' => { 'value'  => 'fooValue' },
+    'DEFAULT/bar' => { 'value'  => 'barValue' },
+    'DEFAULT/baz' => { 'ensure' => 'absent' }
+  }
+  end
+
+  shared_examples 'nova_config' do
    let :params do
-      {
-        :nova_config => {
-          'DEFAULT/foo' => { 'value'  => 'fooValue' },
-          'DEFAULT/bar' => { 'value'  => 'barValue' },
-          'DEFAULT/baz' => { 'ensure' => 'absent' }
-        },
-        :nova_api_paste_ini => {
-          'DEFAULT/foo2' => { 'value'  => 'fooValue' },
-          'DEFAULT/bar2' => { 'value'  => 'barValue' },
-          'DEFAULT/baz2' => { 'ensure' => 'absent' }
-        }
-      }
+      { :nova_config => config_hash }
    end

-    context 'with specified configs' do
-      it { should contain_class('nova::deps') }
+    it { is_expected.to contain_class('nova::deps') }

-      it {
-        should contain_nova_config('DEFAULT/foo').with_value('fooValue')
-        should contain_nova_config('DEFAULT/bar').with_value('barValue')
-        should contain_nova_config('DEFAULT/baz').with_ensure('absent')
-      }
+    it 'configures arbitrary nova-config configurations' do
+      is_expected.to contain_nova_config('DEFAULT/foo').with_value('fooValue')
+      is_expected.to contain_nova_config('DEFAULT/bar').with_value('barValue')
+      is_expected.to contain_nova_config('DEFAULT/baz').with_ensure('absent')
+    end
+  end

-      it {
-        should contain_nova_api_paste_ini('DEFAULT/foo2').with_value('fooValue')
-        should contain_nova_api_paste_ini('DEFAULT/bar2').with_value('barValue')
-        should contain_nova_api_paste_ini('DEFAULT/baz2').with_ensure('absent')
-      }
+  shared_examples 'nova_api_paste_ini' do
+    let :params do
+      { :nova_api_paste_ini => config_hash }
+    end
+
+    it 'configures arbitrary nova-api-paste-ini configurations' do
+      is_expected.to contain_nova_api_paste_ini('DEFAULT/foo').with_value('fooValue')
+      is_expected.to contain_nova_api_paste_ini('DEFAULT/bar').with_value('barValue')
+      is_expected.to contain_nova_api_paste_ini('DEFAULT/baz').with_ensure('absent')
+    end
+  end
+
+  shared_examples 'nova_rootwrap_config' do
+    let :params do
+      { :nova_rootwrap_config => config_hash }
+    end
+
+    it 'configures arbitrary nova-rootwrap-config configurations' do
+      is_expected.to contain_nova_rootwrap_config('DEFAULT/foo').with_value('fooValue')
+      is_expected.to contain_nova_rootwrap_config('DEFAULT/bar').with_value('barValue')
+      is_expected.to contain_nova_rootwrap_config('DEFAULT/baz').with_ensure('absent')
    end
  end

  on_supported_os({
-    :supported_os => OSDefaults.get_supported_os
+    :supported_os   => OSDefaults.get_supported_os
  }).each do |os,facts|
    context "on #{os}" do
      let (:facts) do
        facts.merge!(OSDefaults.get_facts())
      end

-      it_behaves_like 'nova::config'
+      it_behaves_like 'nova_config'
+      it_behaves_like 'nova_api_paste_ini'
+      it_behaves_like 'nova_rootwrap_config'
    end
  end
 end
--- a/spec/unit/provider/nova_rootwrap_config/ini_setting_spec.rb
+++ b/spec/unit/provider/nova_rootwrap_config/ini_setting_spec.rb
@ -0,0 +1,41 @@
+require 'spec_helper'
+provider_class = Puppet::Type.type(:nova_rootwrap_config).provider(:ini_setting)
+describe provider_class do
+
+  it 'should default to the default setting when no other one is specified' do
+    resource = Puppet::Type::Nova_rootwrap_config.new(
+      {:name => 'DEFAULT/foo', :value => 'bar'}
+    )
+    provider = provider_class.new(resource)
+    expect(provider.section).to eq('DEFAULT')
+    expect(provider.setting).to eq('foo')
+  end
+
+  it 'should allow setting to be set explicitly' do
+    resource = Puppet::Type::Nova_rootwrap_config.new(
+      {:name => 'dude/foo', :value => 'bar'}
+    )
+    provider = provider_class.new(resource)
+    expect(provider.section).to eq('dude')
+    expect(provider.setting).to eq('foo')
+  end
+
+  it 'should ensure absent when <SERVICE DEFAULT> is specified as a value' do
+    resource = Puppet::Type::Nova_rootwrap_config.new(
+      {:name => 'dude/foo', :value => '<SERVICE DEFAULT>'}
+    )
+    provider = provider_class.new(resource)
+    provider.exists?
+    expect(resource[:ensure]).to eq :absent
+  end
+
+  it 'should ensure absent when value matches ensure_absent_val' do
+    resource = Puppet::Type::Nova_rootwrap_config.new(
+      {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' }
+    )
+    provider = provider_class.new(resource)
+    provider.exists?
+    expect(resource[:ensure]).to eq :absent
+  end
+
+end
--- a/spec/unit/type/nova_rootwrap_config_spec.rb
+++ b/spec/unit/type/nova_rootwrap_config_spec.rb
@ -0,0 +1,64 @@
+require 'puppet'
+require 'puppet/type/nova_rootwrap_config'
+
+describe 'Puppet::Type.type(:nova_rootwrap_config)' do
+  before :each do
+    @nova_rootwrap_config = Puppet::Type.type(:nova_rootwrap_config).new(:name => 'DEFAULT/foo', :value => 'bar')
+  end
+
+ it 'should require a name' do
+    expect {
+      Puppet::Type.type(:nova_rootwrap_config).new({})
+    }.to raise_error(Puppet::Error, 'Title or name must be provided')
+  end
+
+  it 'should not expect a name with whitespace' do
+    expect {
+      Puppet::Type.type(:nova_rootwrap_config).new(:name => 'f oo')
+    }.to raise_error(Puppet::Error, /Parameter name failed/)
+  end
+
+  it 'should fail when there is no section' do
+    expect {
+      Puppet::Type.type(:nova_rootwrap_config).new(:name => 'foo')
+    }.to raise_error(Puppet::Error, /Parameter name failed/)
+  end
+
+  it 'should not require a value when ensure is absent' do
+    Puppet::Type.type(:nova_rootwrap_config).new(:name => 'DEFAULT/foo', :ensure => :absent)
+  end
+
+  it 'should accept a valid value' do
+    @nova_rootwrap_config[:value] = 'bar'
+    expect(@nova_rootwrap_config[:value]).to eq('bar')
+  end
+
+  it 'should not accept a value with whitespace' do
+    @nova_rootwrap_config[:value] = 'b ar'
+    expect(@nova_rootwrap_config[:value]).to eq('b ar')
+  end
+
+  it 'should accept valid ensure values' do
+    @nova_rootwrap_config[:ensure] = :present
+    expect(@nova_rootwrap_config[:ensure]).to eq(:present)
+    @nova_rootwrap_config[:ensure] = :absent
+    expect(@nova_rootwrap_config[:ensure]).to eq(:absent)
+  end
+
+  it 'should not accept invalid ensure values' do
+    expect {
+      @nova_rootwrap_config[:ensure] = :latest
+    }.to raise_error(Puppet::Error, /Invalid value/)
+  end
+
+  it 'should autorequire the package that install the file' do
+    catalog = Puppet::Resource::Catalog.new
+    anchor = Puppet::Type.type(:anchor).new(:name => 'nova::install::end')
+    catalog.add_resource anchor, @nova_rootwrap_config
+    dependency = @nova_rootwrap_config.autorequire
+    expect(dependency.size).to eq(1)
+    expect(dependency[0].target).to eq(@nova_rootwrap_config)
+    expect(dependency[0].source).to eq(anchor)
+  end
+
+end