From 8da92eaa02615aea46b5f888b04c4f28b28e0a5e Mon Sep 17 00:00:00 2001
From: Tobias Urdin <tobias.urdin@binero.se>
Date: Wed, 29 Aug 2018 11:36:44 +0200
Subject: [PATCH] Add allow_tls_terminated_listeners config option

Adds the allow_tls_terminated_listeners config option to
the octavia::api class, this sets the
[api_settings]/allow_tls_terminated_listeners option in
the octavia.conf file.

Change-Id: I9da0f52addaab9c484ce5d5cfa9b233439a873e6
(cherry picked from commit 14c52579f186c87dbbca61cd499e0624243af65c)
---
 manifests/api.pp                              | 30 +++++++++++--------
 ...terminated_listeners-5555b0b3bc8c5313.yaml |  5 ++++
 spec/classes/octavia_api_spec.rb              | 15 ++++++----
 3 files changed, 32 insertions(+), 18 deletions(-)
 create mode 100644 releasenotes/notes/api-allow_tls_terminated_listeners-5555b0b3bc8c5313.yaml

diff --git a/manifests/api.pp b/manifests/api.pp
index 7b75dc87..7551afa7 100644
--- a/manifests/api.pp
+++ b/manifests/api.pp
@@ -30,19 +30,24 @@
 #   (optional) The handler that the API communicates with
 #   Defaults to $::os_service_default
 #
+# [*allow_tls_terminated_listeners*]
+#   (optional) Boolean if we allow creation of TLS terminated listeners.
+#   Defaults to $::os_service_default
+#
 # [*sync_db*]
 #   (optional) Run octavia-db-manage upgrade head on api nodes after installing the package.
 #   Defaults to false
 #
 class octavia::api (
-  $manage_service  = true,
-  $enabled         = true,
-  $package_ensure  = 'present',
-  $host            = '0.0.0.0',
-  $port            = '9876',
-  $auth_strategy   = 'keystone',
-  $api_handler     = $::os_service_default,
-  $sync_db         = false,
+  $manage_service                 = true,
+  $enabled                        = true,
+  $package_ensure                 = 'present',
+  $host                           = '0.0.0.0',
+  $port                           = '9876',
+  $auth_strategy                  = 'keystone',
+  $api_handler                    = $::os_service_default,
+  $allow_tls_terminated_listeners = $::os_service_default,
+  $sync_db                        = false,
 ) inherits octavia::params {
 
   include ::octavia::deps
@@ -81,10 +86,11 @@ class octavia::api (
   }
 
   octavia_config {
-    'api_settings/bind_host'     : value => $host;
-    'api_settings/bind_port'     : value => $port;
-    'api_settings/auth_strategy' : value => $auth_strategy;
-    'api_settings/api_handler'   : value => $api_handler;
+    'api_settings/bind_host':                      value => $host;
+    'api_settings/bind_port':                      value => $port;
+    'api_settings/auth_strategy':                  value => $auth_strategy;
+    'api_settings/api_handler':                    value => $api_handler;
+    'api_settings/allow_tls_terminated_listeners': value => $allow_tls_terminated_listeners;
   }
 
 }
diff --git a/releasenotes/notes/api-allow_tls_terminated_listeners-5555b0b3bc8c5313.yaml b/releasenotes/notes/api-allow_tls_terminated_listeners-5555b0b3bc8c5313.yaml
new file mode 100644
index 00000000..03f4ed07
--- /dev/null
+++ b/releasenotes/notes/api-allow_tls_terminated_listeners-5555b0b3bc8c5313.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Added new parameter octavia::api::allow_tls_terminated_listeners which can
+    be used to set the allow_tls_terminated_listeners config option.
diff --git a/spec/classes/octavia_api_spec.rb b/spec/classes/octavia_api_spec.rb
index 8583cec4..3a803187 100644
--- a/spec/classes/octavia_api_spec.rb
+++ b/spec/classes/octavia_api_spec.rb
@@ -12,12 +12,13 @@ describe 'octavia::api' do
   end
 
   let :params do
-    { :enabled        => true,
-      :manage_service => true,
-      :package_ensure => 'latest',
-      :port           => '9876',
-      :host           => '0.0.0.0',
-      :api_handler    => 'queue_producer',
+    { :enabled                        => true,
+      :manage_service                 => true,
+      :package_ensure                 => 'latest',
+      :port                           => '9876',
+      :host                           => '0.0.0.0',
+      :api_handler                    => 'queue_producer',
+      :allow_tls_terminated_listeners => false,
     }
   end
 
@@ -45,6 +46,7 @@ describe 'octavia::api' do
         is_expected.to contain_octavia_config('api_settings/bind_port').with_value( '9876' )
         is_expected.to contain_octavia_config('api_settings/auth_strategy').with_value( 'keystone' )
         is_expected.to contain_octavia_config('api_settings/api_handler').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value('<SERVICE DEFAULT>')
       end
       it 'does not sync the database' do
         is_expected.not_to contain_class('octavia::db::sync')
@@ -55,6 +57,7 @@ describe 'octavia::api' do
       is_expected.to contain_octavia_config('api_settings/bind_host').with_value( params[:host] )
       is_expected.to contain_octavia_config('api_settings/bind_port').with_value( params[:port] )
       is_expected.to contain_octavia_config('api_settings/api_handler').with_value( params[:api_handler] )
+      is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value( params[:allow_tls_terminated_listeners] )
     end
 
     [{:enabled => true}, {:enabled => false}].each do |param_hash|