openstack/puppet-nova
Code Issues Proposed changes

Add support for [libvirt] supported_tpm_secret_security

Browse Source 
Depends-on: https://review.opendev.org/942502
Change-Id: Ie15e1589cceec31631457056dd4ad2fd168b0377
Signed-off-by: Takashi Kajinami <kajinamit@oss.nttdata.com>
This commit is contained in:
Takashi Kajinami
2026-03-15 15:11:46 +09:00
parent 5101aa9e83
commit bbe253cd62
3 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
manifests/compute/libvirt.pp
View File

@@ -219,6 +219,11 @@
# Trusted Platform Module (TPM) functionality, runs as.
# Defaults to $facts['os_service_default']
#
# [*supported_tpm_secret_security*]
# (optional) The list of TPL security policies supported by this compute
# host.
# Defaults to $facts['os_service_default']
#
# [*max_queues*]
# (optional) The maximum number of virtio queue pairs that can be enabled
# when creating a multiqueue guest. The number of virtio queues allocated
@@ -288,6 +293,7 @@ class nova::compute::libvirt (
$swtpm_enabled = $facts['os_service_default'],
$swtpm_user = $facts['os_service_default'],
$swtpm_group = $facts['os_service_default'],
$supported_tpm_secret_security = $facts['os_service_default'],
$max_queues = $facts['os_service_default'],
$wait_soft_reboot_seconds = $facts['os_service_default'],
$tb_cache_size = $facts['os_service_default'],
@@ -411,6 +417,7 @@ will be removed in a future release")
'libvirt/swtpm_enabled': value => $swtpm_enabled;
'libvirt/swtpm_user' : value => $swtpm_user;
'libvirt/swtpm_group': value => $swtpm_group;
'libvirt/supported_tpm_secret_security': value => join(any2array($supported_tpm_secret_security), ',');
'libvirt/max_queues': value => $max_queues;
'libvirt/num_memory_encrypted_guests': value => pick($num_memory_encrypted_guests, $facts['os_service_default']);
'libvirt/wait_soft_reboot_seconds': value => $wait_soft_reboot_seconds;

5
releasenotes/notes/libvirt-supported_tpm_secret_security-a4e9ff4a554d5947.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
features:
- |
The new ``nova::compute::libvirt::supported_tpm_secret_security`` parameter
has been added.

3
spec/classes/nova_compute_libvirt_spec.rb
View File

@@ -55,6 +55,7 @@ describe 'nova::compute::libvirt' do
it { is_expected.to contain_nova_config('libvirt/swtpm_enabled').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/swtpm_user').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/swtpm_group').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/supported_tpm_secret_security').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/max_queues').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/num_memory_encrypted_guests').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/wait_soft_reboot_seconds').with_value('<SERVICE DEFAULT>')}
@@ -101,6 +102,7 @@ describe 'nova::compute::libvirt' do
:swtpm_enabled => true,
:swtpm_user => 'libvirt',
:swtpm_group => 'libvirt',
:supported_tpm_secret_security => ['user', 'host', 'deployment'],
:max_queues => 4,
:num_memory_encrypted_guests => 255,
:wait_soft_reboot_seconds => 120,
@@ -152,6 +154,7 @@ describe 'nova::compute::libvirt' do
it { is_expected.to contain_nova_config('libvirt/swtpm_enabled').with_value(true)}
it { is_expected.to contain_nova_config('libvirt/swtpm_user').with_value('libvirt')}
it { is_expected.to contain_nova_config('libvirt/swtpm_group').with_value('libvirt')}
it { is_expected.to contain_nova_config('libvirt/supported_tpm_secret_security').with_value('user,host,deployment')}
it { is_expected.to contain_nova_config('libvirt/max_queues').with_value(4)}
it { is_expected.to contain_nova_config('libvirt/num_memory_encrypted_guests').with_value(255)}
it { is_expected.to contain_nova_config('libvirt/wait_soft_reboot_seconds').with_value(120)}