Add support for the keystone_authtoken/service_type parameter

Change-Id: Ia25c71328b4f98b5ffa57e1f8b322c4da1ab45b9

manifests/keystone/authtoken.pp

@@ -176,6 +176,11 @@
 #   true/false
 #   Defaults to $::os_service_default.
 #
+# [*service_type*]
+#  (Optional) The name or type of the service as it appears in the service
+#  catalog. This is used to validate tokens that have restricted access rules.
+#  Defaults to $::os_service_default.
+#
 # [*interface*]
 #  (Optional) Interface to use for the Identity API endpoint. Valid values are
 #  "public", "internal" or "admin".
@@ -216,6 +221,7 @@ class octavia::keystone::authtoken(
   $token_cache_time               = $::os_service_default,
   $service_token_roles            = $::os_service_default,
   $service_token_roles_required   = $::os_service_default,
+  $service_type                   = $::os_service_default,
   $interface                      = $::os_service_default,
 ) {
 
@@ -256,6 +262,7 @@ class octavia::keystone::authtoken(
     token_cache_time               => $token_cache_time,
     service_token_roles            => $service_token_roles,
     service_token_roles_required   => $service_token_roles_required,
+    service_type                   => $service_type,
     interface                      => $interface,
   }
 }

releasenotes/notes/keystone-authtoken-service_type-28c5a0e20cd5bdd4.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The new ``octavia::keystone::authtoken::service_type`` parameter has been
+    added to configure the service_type parameter in authtoken middleware.

spec/classes/octavia_keystone_authtoken_spec.rb

@@ -49,6 +49,7 @@ describe 'octavia::keystone::authtoken' do
         is_expected.to contain_octavia_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('keystone_authtoken/service_token_roles').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('keystone_authtoken/service_type').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('keystone_authtoken/interface').with_value('<SERVICE DEFAULT>')
       end
     end
@@ -90,6 +91,7 @@ describe 'octavia::keystone::authtoken' do
           :token_cache_time                     => '301',
           :service_token_roles                  => ['service'],
           :service_token_roles_required         => false,
+          :service_type                         => 'identity',
           :interface                            => 'internal',
         })
       end
@@ -128,6 +130,7 @@ describe 'octavia::keystone::authtoken' do
         is_expected.to contain_octavia_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
         is_expected.to contain_octavia_config('keystone_authtoken/service_token_roles').with_value(params[:service_token_roles])
         is_expected.to contain_octavia_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
+        is_expected.to contain_octavia_config('keystone_authtoken/service_type').with_value(params[:service_type])
         is_expected.to contain_octavia_config('keystone_authtoken/interface').with_value(params[:interface])
       end