Deprecate allow_insecure_clients option

The allow_insecure_clients has been deprecated[1].

[1]https://review.opendev.org/#/c/417629/

Change-Id: I42c519f74d6b53570a8aaf9f4423d0a41ff4f0e4
Closes-Bug: #1902158
This commit is contained in:
ZhongShengping 2020-11-02 14:42:04 +08:00
parent 87e2716495
commit 8a8940c87e
3 changed files with 29 additions and 22 deletions

View File

@ -136,10 +136,6 @@
# (Optional) Password for decrypting ssl_key_file (if encrypted) # (Optional) Password for decrypting ssl_key_file (if encrypted)
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
# #
# [*amqp_allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP
# Defaults to $::os_service_default.
#
# [*amqp_sasl_mechanisms*] # [*amqp_sasl_mechanisms*]
# (Optional) Space separated list of acceptable SASL mechanisms # (Optional) Space separated list of acceptable SASL mechanisms
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
@ -224,6 +220,10 @@
# before error is raised. Set to -1 to specify an infinite retry count. # before error is raised. Set to -1 to specify an infinite retry count.
# Defaults to undef. # Defaults to undef.
# #
# [*amqp_allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP
# Defaults to undef.
#
class octavia ( class octavia (
$package_ensure = 'present', $package_ensure = 'present',
$default_transport_url = $::os_service_default, $default_transport_url = $::os_service_default,
@ -252,7 +252,6 @@ class octavia (
$amqp_ssl_cert_file = $::os_service_default, $amqp_ssl_cert_file = $::os_service_default,
$amqp_ssl_key_file = $::os_service_default, $amqp_ssl_key_file = $::os_service_default,
$amqp_ssl_key_password = $::os_service_default, $amqp_ssl_key_password = $::os_service_default,
$amqp_allow_insecure_clients = $::os_service_default,
$amqp_sasl_mechanisms = $::os_service_default, $amqp_sasl_mechanisms = $::os_service_default,
$amqp_sasl_config_dir = $::os_service_default, $amqp_sasl_config_dir = $::os_service_default,
$amqp_sasl_config_name = $::os_service_default, $amqp_sasl_config_name = $::os_service_default,
@ -273,11 +272,17 @@ class octavia (
$database_max_overflow = undef, $database_max_overflow = undef,
$database_pool_timeout = undef, $database_pool_timeout = undef,
$database_db_max_retries = undef, $database_db_max_retries = undef,
$amqp_allow_insecure_clients = undef,
) inherits octavia::params { ) inherits octavia::params {
include octavia::deps include octavia::deps
include octavia::db include octavia::db
if $amqp_allow_insecure_clients != undef {
warning('The amqp_allow_insecure_clients parameter is deprecated and \
will be removed in a future release.')
}
if $database_connection != undef { if $database_connection != undef {
warning('The database_connection parameter is deprecated and will be \ warning('The database_connection parameter is deprecated and will be \
removed in a future realse. Use octavia::db::database_connection instead') removed in a future realse. Use octavia::db::database_connection instead')
@ -346,22 +351,21 @@ removed in a future realse. Use octavia::db::database_db_max_retries instead')
} }
oslo::messaging::amqp { 'octavia_config': oslo::messaging::amqp { 'octavia_config':
server_request_prefix => $amqp_server_request_prefix, server_request_prefix => $amqp_server_request_prefix,
broadcast_prefix => $amqp_broadcast_prefix, broadcast_prefix => $amqp_broadcast_prefix,
group_request_prefix => $amqp_group_request_prefix, group_request_prefix => $amqp_group_request_prefix,
container_name => $amqp_container_name, container_name => $amqp_container_name,
idle_timeout => $amqp_idle_timeout, idle_timeout => $amqp_idle_timeout,
trace => $amqp_trace, trace => $amqp_trace,
ssl_ca_file => $amqp_ssl_ca_file, ssl_ca_file => $amqp_ssl_ca_file,
ssl_cert_file => $amqp_ssl_cert_file, ssl_cert_file => $amqp_ssl_cert_file,
ssl_key_file => $amqp_ssl_key_file, ssl_key_file => $amqp_ssl_key_file,
ssl_key_password => $amqp_ssl_key_password, ssl_key_password => $amqp_ssl_key_password,
allow_insecure_clients => $amqp_allow_insecure_clients, sasl_mechanisms => $amqp_sasl_mechanisms,
sasl_mechanisms => $amqp_sasl_mechanisms, sasl_config_dir => $amqp_sasl_config_dir,
sasl_config_dir => $amqp_sasl_config_dir, sasl_config_name => $amqp_sasl_config_name,
sasl_config_name => $amqp_sasl_config_name, username => $amqp_username,
username => $amqp_username, password => $amqp_password,
password => $amqp_password,
} }
oslo::messaging::default { 'octavia_config': oslo::messaging::default { 'octavia_config':

View File

@ -0,0 +1,4 @@
---
deprecations:
- allow_insecure_clients option is now deprecated for removal, the
parameter has no effect.

View File

@ -196,7 +196,6 @@ describe 'octavia' do
is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_cert_file').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_key_file').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_key_password').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/ssl_key_password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/allow_insecure_clients').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_mechanisms').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_mechanisms').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_config_dir').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_config_dir').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_config_name').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('oslo_messaging_amqp/sasl_config_name').with_value('<SERVICE DEFAULT>')