openstack
/
puppet-nova
Code Issues Proposed changes

Remove password hash generation in each puppet modules 

... and migrate it to openstacklib so that all logics about database
configuration are implemented in one common place.

Depends-on: https://review.opendev.org/#/c/728595/
Change-Id: I0f7d05983a6d8bc6808f8595bc9d94c6aa4f7800
This commit is contained in:
Takashi Kajinami 2020-05-17 09:21:48 +09:00
parent 2c32631e90
commit c6b53de070
9 changed files with 62 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/db/mysql.pp
View File

@ -51,7 +51,7 @@ class nova::db::mysql(
::openstacklib::db::mysql { 'nova': ::openstacklib::db::mysql { 'nova':
user => $user, user => $user,
password_hash => mysql::password($password), password => $password,
dbname => $dbname, dbname => $dbname,
host => $host, host => $host,
charset => $charset, charset => $charset,
@ -63,7 +63,7 @@ class nova::db::mysql(
# need for cell_v2 # need for cell_v2
::openstacklib::db::mysql { 'nova_cell0': ::openstacklib::db::mysql { 'nova_cell0':
user => $user, user => $user,
password_hash => mysql::password($password), password => $password,
dbname => "${dbname}_cell0", dbname => "${dbname}_cell0",
host => $host, host => $host,
charset => $charset, charset => $charset,

2
manifests/db/mysql_api.pp
View File

@ -45,7 +45,7 @@ class nova::db::mysql_api(
::openstacklib::db::mysql { 'nova_api': ::openstacklib::db::mysql { 'nova_api':
user => $user, user => $user,
password_hash => mysql::password($password), password => $password,
dbname => $dbname, dbname => $dbname,
host => $host, host => $host,
charset => $charset, charset => $charset,

20
manifests/db/postgresql.pp
View File

@ -41,21 +41,21 @@ class nova::db::postgresql(
include nova::deps include nova::deps
::openstacklib::db::postgresql { 'nova': ::openstacklib::db::postgresql { 'nova':
password_hash => postgresql_password($user, $password), password => $password,
dbname => $dbname, dbname => $dbname,
user => $user, user => $user,
encoding => $encoding, encoding => $encoding,
privileges => $privileges, privileges => $privileges,
} }
if $setup_cell0 { if $setup_cell0 {
# need for cell_v2 # need for cell_v2
::openstacklib::db::postgresql { 'nova_cell0': ::openstacklib::db::postgresql { 'nova_cell0':
password_hash => postgresql_password($user, $password), password => $password,
dbname => "${dbname}_cell0", dbname => "${dbname}_cell0",
user => $user, user => $user,
encoding => $encoding, encoding => $encoding,
privileges => $privileges, privileges => $privileges,
} }
} }

10
manifests/db/postgresql_api.pp
View File

@ -35,11 +35,11 @@ class nova::db::postgresql_api(
include nova::deps include nova::deps
::openstacklib::db::postgresql { 'nova_api': ::openstacklib::db::postgresql { 'nova_api':
password_hash => postgresql_password($user, $password), password => $password,
dbname => $dbname, dbname => $dbname,
user => $user, user => $user,
encoding => $encoding, encoding => $encoding,
privileges => $privileges, privileges => $privileges,
} }
Anchor['nova::db::begin'] Anchor['nova::db::begin']

6
metadata.json
View File

@ -33,10 +33,6 @@
"name": "puppet/rabbitmq", "name": "puppet/rabbitmq",
"version_requirement": ">=8.4.0 <11.0.0" "version_requirement": ">=8.4.0 <11.0.0"
}, },
{
"name": "puppetlabs/mysql",
"version_requirement": ">=6.0.0 <11.0.0"
},
{ {
"name": "puppetlabs/stdlib", "name": "puppetlabs/stdlib",
"version_requirement": ">=5.0.0 <7.0.0" "version_requirement": ">=5.0.0 <7.0.0"
@ -96,4 +92,4 @@
"source": "git://github.com/openstack/puppet-nova.git", "source": "git://github.com/openstack/puppet-nova.git",
"summary": "Puppet module for OpenStack Nova", "summary": "Puppet module for OpenStack Nova",
"version": "17.0.0" "version": "17.0.0"
} }

26
spec/classes/nova_db_mysql_api_spec.rb
View File

@ -9,7 +9,7 @@ describe 'nova::db::mysql_api' do
end end
let :required_params do let :required_params do
{ :password => "qwerty" } { :password => "novapass" }
end end
context 'with only required params' do context 'with only required params' do
@ -17,23 +17,21 @@ describe 'nova::db::mysql_api' do
required_params required_params
end end
it { is_expected.to contain_openstacklib__db__mysql('nova_api').with( it { is_expected.to contain_openstacklib__db__mysql('nova_api').with(
:user => 'nova_api', :user => 'nova_api',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
)} )}
end end
context 'overriding allowed_hosts param to array' do context 'overriding allowed_hosts param to array' do
let :params do let :params do
{ :password => 'novapass', { :allowed_hosts => ['127.0.0.1','%'] }.merge(required_params)
:allowed_hosts => ['127.0.0.1','%'],
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova_api').with( it { is_expected.to contain_openstacklib__db__mysql('nova_api').with(
:user => 'nova_api', :user => 'nova_api',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
:allowed_hosts => ['127.0.0.1','%'], :allowed_hosts => ['127.0.0.1','%'],
@ -42,14 +40,12 @@ describe 'nova::db::mysql_api' do
context 'overriding allowed_hosts param to string' do context 'overriding allowed_hosts param to string' do
let :params do let :params do
{ :password => 'novapass2', { :allowed_hosts => '192.168.1.1' }.merge(required_params)
:allowed_hosts => '192.168.1.1',
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova_api').with( it { is_expected.to contain_openstacklib__db__mysql('nova_api').with(
:user => 'nova_api', :user => 'nova_api',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
:allowed_hosts => '192.168.1.1', :allowed_hosts => '192.168.1.1',
@ -58,9 +54,7 @@ describe 'nova::db::mysql_api' do
context 'when overriding charset' do context 'when overriding charset' do
let :params do let :params do
{ :password => 'novapass', { :charset => 'latin1' }.merge(required_params)
:charset => 'latin1',
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova_api').with( it { is_expected.to contain_openstacklib__db__mysql('nova_api').with(

38
spec/classes/nova_db_mysql_spec.rb
View File

@ -9,7 +9,7 @@ describe 'nova::db::mysql' do
end end
let :required_params do let :required_params do
{ :password => "qwerty" } { :password => "novapass" }
end end
context 'with only required params' do context 'with only required params' do
@ -17,31 +17,29 @@ describe 'nova::db::mysql' do
required_params required_params
end end
it { is_expected.to contain_openstacklib__db__mysql('nova').with( it { is_expected.to contain_openstacklib__db__mysql('nova').with(
:user => 'nova', :user => 'nova',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
)} )}
it { is_expected.to contain_openstacklib__db__mysql('nova_cell0').with( it { is_expected.to contain_openstacklib__db__mysql('nova_cell0').with(
:user => 'nova', :user => 'nova',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
:create_user => false, :create_user => false,
)} )}
end end
context 'overriding allowed_hosts param to array' do context 'overriding allowed_hosts param to array' do
let :params do let :params do
{ :password => 'novapass', { :allowed_hosts => ['127.0.0.1','%'] }.merge(required_params)
:allowed_hosts => ['127.0.0.1','%'],
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova').with( it { is_expected.to contain_openstacklib__db__mysql('nova').with(
:user => 'nova', :user => 'nova',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
:allowed_hosts => ['127.0.0.1','%'], :allowed_hosts => ['127.0.0.1','%'],
@ -50,14 +48,12 @@ describe 'nova::db::mysql' do
context 'overriding allowed_hosts param to string' do context 'overriding allowed_hosts param to string' do
let :params do let :params do
{ :password => 'novapass2', { :allowed_hosts => '192.168.1.1' }.merge(required_params)
:allowed_hosts => '192.168.1.1',
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova').with( it { is_expected.to contain_openstacklib__db__mysql('nova').with(
:user => 'nova', :user => 'nova',
:password_hash => '*AA1420F182E88B9E5F874F6FBE7459291E8F4601', :password => 'novapass',
:charset => 'utf8', :charset => 'utf8',
:collate => 'utf8_general_ci', :collate => 'utf8_general_ci',
:allowed_hosts => '192.168.1.1', :allowed_hosts => '192.168.1.1',
@ -66,9 +62,7 @@ describe 'nova::db::mysql' do
context 'when overriding charset' do context 'when overriding charset' do
let :params do let :params do
{ :password => 'novapass', { :charset => 'latin1' }.merge(required_params)
:charset => 'latin1',
}.merge(required_params)
end end
it { is_expected.to contain_openstacklib__db__mysql('nova').with( it { is_expected.to contain_openstacklib__db__mysql('nova').with(
@ -78,7 +72,7 @@ describe 'nova::db::mysql' do
context 'when disabling cell0 setup' do context 'when disabling cell0 setup' do
let :params do let :params do
{ :setup_cell0 => false}.merge(required_params) { :setup_cell0 => false }.merge(required_params)
end end
it { is_expected.to_not contain_openstacklib__db__mysql('nova_cell0') } it { is_expected.to_not contain_openstacklib__db__mysql('nova_cell0') }

12
spec/classes/nova_db_postgresql_api_spec.rb
View File

@ -4,7 +4,7 @@ describe 'nova::db::postgresql_api' do
shared_examples_for 'nova::db::postgresql' do shared_examples_for 'nova::db::postgresql' do
let :req_params do let :req_params do
{ :password => 'pw' } { :password => 'novapass' }
end end
let :pre_condition do let :pre_condition do
@ -16,12 +16,14 @@ describe 'nova::db::postgresql_api' do
req_params req_params
end end
it { is_expected.to contain_postgresql__server__db('nova_api').with( it { is_expected.to contain_openstacklib__db__postgresql('nova_api').with(
:user => 'nova_api', :user => 'nova_api',
:password => 'md581802bf81b206888b50950e640d70549' :password => 'novapass',
:dbname => 'nova_api',
:encoding => nil,
:privileges => 'ALL',
)} )}
end end
end end
on_supported_os({ on_supported_os({

20
spec/classes/nova_db_postgresql_spec.rb
View File

@ -17,19 +17,19 @@ describe 'nova::db::postgresql' do
end end
it { should contain_openstacklib__db__postgresql('nova').with( it { should contain_openstacklib__db__postgresql('nova').with(
:password_hash => 'md557ae0608fad632bf0155cb9502a6b454', :password => 'pw',
:dbname => 'nova', :dbname => 'nova',
:user => 'nova', :user => 'nova',
:encoding => nil, :encoding => nil,
:privileges => 'ALL', :privileges => 'ALL',
)} )}
it { should contain_openstacklib__db__postgresql('nova_cell0').with( it { should contain_openstacklib__db__postgresql('nova_cell0').with(
:password_hash => 'md557ae0608fad632bf0155cb9502a6b454', :password => 'pw',
:dbname => 'nova_cell0', :dbname => 'nova_cell0',
:user => 'nova', :user => 'nova',
:encoding => nil, :encoding => nil,
:privileges => 'ALL', :privileges => 'ALL',
)} )}
end end