|
|
|
@ -1,19 +1,6 @@
|
|
|
|
|
require 'spec_helper' |
|
|
|
|
|
|
|
|
|
describe 'nova::metadata::novajoin::api' do |
|
|
|
|
|
|
|
|
|
let :facts do |
|
|
|
|
@default_facts.merge( |
|
|
|
|
{ |
|
|
|
|
:osfamily => 'RedHat', |
|
|
|
|
:processorcount => '7', |
|
|
|
|
:fqdn => "undercloud.example.com", |
|
|
|
|
:operatingsystemrelease => '7.0', |
|
|
|
|
:ipa_hostname => 'ipa.ipadomain' |
|
|
|
|
} |
|
|
|
|
) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
let :default_params do |
|
|
|
|
{ |
|
|
|
|
:bind_address => '127.0.0.1', |
|
|
|
@ -41,186 +28,171 @@ describe 'nova::metadata::novajoin::api' do
|
|
|
|
|
} |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
[{}, |
|
|
|
|
{ |
|
|
|
|
:bind_address => '0.0.0.0', |
|
|
|
|
:api_paste_config => '/etc/novajoin/join-api-paste.ini', |
|
|
|
|
:auth_strategy => 'noauth2', |
|
|
|
|
:auth_type => 'password', |
|
|
|
|
:cacert => '/etc/ipa/ca.crt', |
|
|
|
|
:connect_retries => 2, |
|
|
|
|
:debug => true, |
|
|
|
|
:enabled => false, |
|
|
|
|
:enable_ipa_client_install => false, |
|
|
|
|
:ensure_package => 'present', |
|
|
|
|
:join_listen_port => '9921', |
|
|
|
|
:keytab => '/etc/krb5.conf', |
|
|
|
|
:log_dir => '/var/log/novajoin', |
|
|
|
|
:manage_service => true, |
|
|
|
|
:service_user => 'novajoin1', |
|
|
|
|
:project_domain_name => 'default', |
|
|
|
|
:project_name => 'service', |
|
|
|
|
:user_domain_id => 'default', |
|
|
|
|
:ipa_domain => 'EXAMPLE2.COM', |
|
|
|
|
:keystone_auth_url => 'https://keystone2.example.com:5000', |
|
|
|
|
:service_password => 'my_secret_password2', |
|
|
|
|
:transport_url => 'rabbit:rabbit_pass2@rabbit_host', |
|
|
|
|
} |
|
|
|
|
].each do |param_set| |
|
|
|
|
let :pre_condition do |
|
|
|
|
"class { '::ipaclient': password => 'join_otp', } |
|
|
|
|
class { '::nova::metadata::novajoin::authtoken': |
|
|
|
|
password => 'passw0rd', |
|
|
|
|
}" |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
shared_examples 'nova::metadata::novajoin::api' do |
|
|
|
|
[{}, |
|
|
|
|
{ |
|
|
|
|
:bind_address => '0.0.0.0', |
|
|
|
|
:api_paste_config => '/etc/novajoin/join-api-paste.ini', |
|
|
|
|
:auth_strategy => 'noauth2', |
|
|
|
|
:auth_type => 'password', |
|
|
|
|
:cacert => '/etc/ipa/ca.crt', |
|
|
|
|
:connect_retries => 2, |
|
|
|
|
:debug => true, |
|
|
|
|
:enabled => false, |
|
|
|
|
:enable_ipa_client_install => false, |
|
|
|
|
:ensure_package => 'present', |
|
|
|
|
:join_listen_port => '9921', |
|
|
|
|
:keytab => '/etc/krb5.conf', |
|
|
|
|
:log_dir => '/var/log/novajoin', |
|
|
|
|
:manage_service => true, |
|
|
|
|
:service_user => 'novajoin1', |
|
|
|
|
:project_domain_name => 'default', |
|
|
|
|
:project_name => 'service', |
|
|
|
|
:user_domain_id => 'default', |
|
|
|
|
:ipa_domain => 'EXAMPLE2.COM', |
|
|
|
|
:keystone_auth_url => 'https://keystone2.example.com:5000', |
|
|
|
|
:service_password => 'my_secret_password2', |
|
|
|
|
:transport_url => 'rabbit:rabbit_pass2@rabbit_host', |
|
|
|
|
} |
|
|
|
|
].each do |param_set| |
|
|
|
|
context "when #{param_set == {} ? "using default" : "specifying"} class parameters" do |
|
|
|
|
let :param_hash do |
|
|
|
|
default_params.merge(param_set) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe "when #{param_set == {} ? "using default" : "specifying"} class parameters" do |
|
|
|
|
let :params do |
|
|
|
|
param_hash |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
let :param_hash do |
|
|
|
|
default_params.merge(param_set) |
|
|
|
|
it { should contain_class('nova::metadata::novajoin::authtoken') } |
|
|
|
|
|
|
|
|
|
it { should contain_service('novajoin-server').with( |
|
|
|
|
'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', |
|
|
|
|
'enable' => param_hash[:enabled], |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
it { should contain_service('novajoin-notify').with( |
|
|
|
|
'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', |
|
|
|
|
'enable' => param_hash[:enabled], |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
it { |
|
|
|
|
should contain_novajoin_config('DEFAULT/join_listen').with_value(param_hash[:bind_address]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/api_paste_config').with_value(param_hash[:api_paste_config]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/auth_strategy').with_value(param_hash[:auth_strategy]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/cacert').with_value(param_hash[:cacert]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/connect_retries').with_value(param_hash[:connect_retries]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/debug').with_value(param_hash[:debug]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/join_listen_port').with_value(param_hash[:join_listen_port]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/keytab').with_value(param_hash[:keytab]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/log_dir').with_value(param_hash[:log_dir]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/domain').with_value(param_hash[:ipa_domain]) |
|
|
|
|
should contain_novajoin_config('DEFAULT/transport_url').with_value(param_hash[:transport_url]) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
it { |
|
|
|
|
should contain_novajoin_config('service_credentials/auth_type').with_value(param_hash[:auth_type]) |
|
|
|
|
should contain_novajoin_config('service_credentials/auth_url').with_value(param_hash[:keystone_auth_url]) |
|
|
|
|
should contain_novajoin_config('service_credentials/password').with_value(param_hash[:service_password]) |
|
|
|
|
should contain_novajoin_config('service_credentials/project_name').with_value(param_hash[:project_name]) |
|
|
|
|
should contain_novajoin_config('service_credentials/user_domain_id').with_value(param_hash[:user_domain_id]) |
|
|
|
|
should contain_novajoin_config('service_credentials/project_domain_name').with_value(param_hash[:project_domain_name]) |
|
|
|
|
should contain_novajoin_config('service_credentials/username').with_value(param_hash[:service_user]) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
it { |
|
|
|
|
if param_hash[:enable_ipa_client_install] |
|
|
|
|
should contain_exec('get-service-user-keytab').with( |
|
|
|
|
'command' => "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s `grep xmlrpc_uri /etc/ipa/default.conf | cut -d/ -f3` \ |
|
|
|
|
-p nova/undercloud.example.com -k #{param_hash[:keytab]}", |
|
|
|
|
) |
|
|
|
|
else |
|
|
|
|
should contain_exec('get-service-user-keytab').with( |
|
|
|
|
'command' => "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s ipa.ipadomain \ |
|
|
|
|
-p nova/undercloud.example.com -k #{param_hash[:keytab]}", |
|
|
|
|
) |
|
|
|
|
end |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
it { should contain_file("/var/log/novajoin").with( |
|
|
|
|
'ensure' => 'directory', |
|
|
|
|
'owner' => "#{param_hash[:service_user]}", |
|
|
|
|
'group' => "#{param_hash[:service_user]}", |
|
|
|
|
'recurse' => true |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
it { should contain_file("#{param_hash[:keytab]}").with( |
|
|
|
|
'owner' => "#{param_hash[:service_user]}", |
|
|
|
|
'require' => 'Exec[get-service-user-keytab]', |
|
|
|
|
)} |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'with disabled service managing' do |
|
|
|
|
let :params do |
|
|
|
|
param_hash |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
let :pre_condition do |
|
|
|
|
"class { '::ipaclient': |
|
|
|
|
password => 'join_otp' |
|
|
|
|
} |
|
|
|
|
class { '::nova::metadata::novajoin::authtoken': |
|
|
|
|
password => 'passw0rd', |
|
|
|
|
} |
|
|
|
|
" |
|
|
|
|
{ |
|
|
|
|
:manage_service => false, |
|
|
|
|
:enabled => false, |
|
|
|
|
:ipa_domain => 'EXAMPLE.COM', |
|
|
|
|
:service_password => 'my_secret_password', |
|
|
|
|
:transport_url => 'rabbit:rabbit_pass@rabbit_host', |
|
|
|
|
} |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_class('nova::metadata::novajoin::authtoken') } |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_service('novajoin-server').with( |
|
|
|
|
'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', |
|
|
|
|
'enable' => param_hash[:enabled], |
|
|
|
|
it { should contain_service('novajoin-server').with( |
|
|
|
|
'ensure' => nil, |
|
|
|
|
'enable' => false, |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
) } |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_service('novajoin-notify').with( |
|
|
|
|
'ensure' => (param_hash[:manage_service] && param_hash[:enabled]) ? 'running': 'stopped', |
|
|
|
|
'enable' => param_hash[:enabled], |
|
|
|
|
it { should contain_service('novajoin-notify').with( |
|
|
|
|
'ensure' => nil, |
|
|
|
|
'enable' => false, |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
) } |
|
|
|
|
|
|
|
|
|
it 'is_expected.to configure default parameters' do |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/join_listen').with_value(param_hash[:bind_address]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/api_paste_config').with_value(param_hash[:api_paste_config]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/auth_strategy').with_value(param_hash[:auth_strategy]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/cacert').with_value(param_hash[:cacert]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/connect_retries').with_value(param_hash[:connect_retries]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/debug').with_value(param_hash[:debug]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/join_listen_port').with_value(param_hash[:join_listen_port]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/keytab').with_value(param_hash[:keytab]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/log_dir').with_value(param_hash[:log_dir]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/domain').with_value(param_hash[:ipa_domain]) |
|
|
|
|
is_expected.to contain_novajoin_config('DEFAULT/transport_url').with_value(param_hash[:transport_url]) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'is_expected.to configure service credentials' do |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/auth_type').with_value(param_hash[:auth_type]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/auth_url').with_value(param_hash[:keystone_auth_url]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/password').with_value(param_hash[:service_password]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/project_name').with_value(param_hash[:project_name]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/user_domain_id').with_value(param_hash[:user_domain_id]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/project_domain_name').with_value(param_hash[:project_domain_name]) |
|
|
|
|
is_expected.to contain_novajoin_config('service_credentials/username').with_value(param_hash[:service_user]) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'is_expected.to get service user keytab' do |
|
|
|
|
if param_hash[:enable_ipa_client_install] |
|
|
|
|
is_expected.to contain_exec('get-service-user-keytab').with( |
|
|
|
|
'command' => "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s `grep xmlrpc_uri /etc/ipa/default.conf | cut -d/ -f3` \ |
|
|
|
|
-p nova/undercloud.example.com -k #{param_hash[:keytab]}", |
|
|
|
|
) |
|
|
|
|
else |
|
|
|
|
is_expected.to contain_exec('get-service-user-keytab').with( |
|
|
|
|
'command' => "/usr/bin/kinit -kt /etc/krb5.keytab && ipa-getkeytab -s ipa.ipadomain \ |
|
|
|
|
-p nova/undercloud.example.com -k #{param_hash[:keytab]}", |
|
|
|
|
) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_file("/var/log/novajoin").with( |
|
|
|
|
'ensure' => 'directory', |
|
|
|
|
'owner' => "#{param_hash[:service_user]}", |
|
|
|
|
'group' => "#{param_hash[:service_user]}", |
|
|
|
|
'recurse' => true |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_file("#{param_hash[:keytab]}").with( |
|
|
|
|
'owner' => "#{param_hash[:service_user]}", |
|
|
|
|
'require' => 'Exec[get-service-user-keytab]', |
|
|
|
|
)} |
|
|
|
|
|
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe 'with disabled service managing' do |
|
|
|
|
let :facts do |
|
|
|
|
OSDefaults.get_facts({ |
|
|
|
|
:osfamily => 'RedHat', |
|
|
|
|
:operatingsystem => 'RedHat', |
|
|
|
|
:operatingsystemrelease => '7.0', |
|
|
|
|
}) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
shared_examples 'nova::metadata::novajoin::api on RedHat' do |
|
|
|
|
let :params do |
|
|
|
|
{ |
|
|
|
|
:manage_service => false, |
|
|
|
|
:enabled => false, |
|
|
|
|
:ipa_domain => 'EXAMPLE.COM', |
|
|
|
|
:service_password => 'my_secret_password', |
|
|
|
|
:transport_url => 'rabbit:rabbit_pass@rabbit_host', |
|
|
|
|
} |
|
|
|
|
default_params |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
let :pre_condition do |
|
|
|
|
"class { '::ipaclient': password => 'join_otp', } |
|
|
|
|
class { '::nova::metadata::novajoin::authtoken': |
|
|
|
|
password => 'passw0rd', |
|
|
|
|
}" |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_service('novajoin-server').with( |
|
|
|
|
'ensure' => nil, |
|
|
|
|
'enable' => false, |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
) } |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_service('novajoin-notify').with( |
|
|
|
|
'ensure' => nil, |
|
|
|
|
'enable' => false, |
|
|
|
|
'hasstatus' => true, |
|
|
|
|
'hasrestart' => true, |
|
|
|
|
'tag' => 'openstack', |
|
|
|
|
) } |
|
|
|
|
it { should contain_package('python-novajoin').with( |
|
|
|
|
:tag => ['openstack', 'novajoin-package'], |
|
|
|
|
)} |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
describe 'on RedHat platforms' do |
|
|
|
|
let :facts do |
|
|
|
|
OSDefaults.get_facts({ |
|
|
|
|
:osfamily => 'RedHat', |
|
|
|
|
:operatingsystem => 'RedHat', |
|
|
|
|
:operatingsystemrelease => '7.0', |
|
|
|
|
}) |
|
|
|
|
end |
|
|
|
|
let(:params) { default_params } |
|
|
|
|
on_supported_os({ |
|
|
|
|
:supported_os => OSDefaults.get_supported_os |
|
|
|
|
}).each do |os,facts| |
|
|
|
|
context "on #{os}" do |
|
|
|
|
let (:facts) do |
|
|
|
|
facts.merge!(OSDefaults.get_facts({ :ipa_hostname => 'ipa.ipadomain', |
|
|
|
|
:fqdn => "undercloud.example.com" })) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
let :pre_condition do |
|
|
|
|
"class { '::ipaclient': password => 'join_otp', } |
|
|
|
|
class { '::nova::metadata::novajoin::authtoken': |
|
|
|
|
password => 'passw0rd', |
|
|
|
|
}" |
|
|
|
|
if facts[:osfamily] == 'RedHat' |
|
|
|
|
it_behaves_like 'nova::metadata::novajoin::api' |
|
|
|
|
it_behaves_like 'nova::metadata::novajoin::api on RedHat' |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it { is_expected.to contain_package('python-novajoin').with( |
|
|
|
|
:tag => ['openstack', 'novajoin-package'], |
|
|
|
|
)} |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|