Add missing options to octavia::certificates

Adds new parameter for the missing options that can
be configured in the certificates section in octavia.conf

Change-Id: Id3de1ec92f7bc309fefaa8f96f3c353e328bfbbf
This commit is contained in:
Tobias Urdin 2018-08-30 11:10:04 +02:00
parent 54c9e53a27
commit 9b285e740f
3 changed files with 43 additions and 1 deletions

View File

@ -4,6 +4,22 @@
# #
# === Parameters # === Parameters
# #
# [*cert_generator*]
# (Optional) Certificate generator to use.
# Defaults to $::os_service_default
#
# [*cert_manager*]
# (Optional) Certificate manager to use.
# Defaults to $::os_service_default
#
# [*region_name*]
# (Optional) Region name to use when connecting to cert manager.
# Defaults to $::os_service_default
#
# [*endpoint_type*]
# (Optional) Endpoint type to use when connecting to cert manager.
# Defaults to $::os_service_default
#
# [*ca_certificate*] # [*ca_certificate*]
# (Optional) Path to the CA certificate for Octavia # (Optional) Path to the CA certificate for Octavia
# Defaults to $::os_service_default # Defaults to $::os_service_default
@ -41,6 +57,10 @@
# Defaults to 'octavia' # Defaults to 'octavia'
# #
class octavia::certificates ( class octavia::certificates (
$cert_generator = $::os_service_default,
$cert_manager = $::os_service_default,
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$ca_certificate = $::os_service_default, $ca_certificate = $::os_service_default,
$ca_private_key = $::os_service_default, $ca_private_key = $::os_service_default,
$ca_private_key_passphrase = $::os_service_default, $ca_private_key_passphrase = $::os_service_default,
@ -55,6 +75,10 @@ class octavia::certificates (
include ::octavia::deps include ::octavia::deps
octavia_config { octavia_config {
'certificates/cert_generator' : value => $cert_generator;
'certificates/cert_manager' : value => $cert_manager;
'certificates/region_name' : value => $region_name;
'certificates/endpoint_type' : value => $endpoint_type;
'certificates/ca_certificate' : value => $ca_certificate; 'certificates/ca_certificate' : value => $ca_certificate;
'certificates/ca_private_key' : value => $ca_private_key; 'certificates/ca_private_key' : value => $ca_private_key;
'certificates/ca_private_key_passphrase' : value => $ca_private_key_passphrase; 'certificates/ca_private_key_passphrase' : value => $ca_private_key_passphrase;

View File

@ -0,0 +1,6 @@
---
features:
- |
Added new parameter cert_generator, cert_manager, region_name and endpoint_type
to the octavia::certificates class that configures the certificates section in
the octavia.conf file.

View File

@ -5,6 +5,10 @@ describe 'octavia::certificates' do
context 'with default params' do context 'with default params' do
it 'configures octavia certificate manager' do it 'configures octavia certificate manager' do
is_expected.to contain_octavia_config('certificates/cert_generator').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/cert_manager').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('<SERVICE DEFAULT>')
@ -19,7 +23,11 @@ describe 'octavia::certificates' do
context 'when certificates are configured' do context 'when certificates are configured' do
let :params do let :params do
{ :ca_certificate => '/etc/octavia/ca.pem', { :cert_generator => 'local_cert_generator',
:cert_manager => 'barbican_cert_manager',
:region_name => 'RegionOne',
:endpoint_type => 'internalURL',
:ca_certificate => '/etc/octavia/ca.pem',
:ca_private_key => '/etc/octavia/key.pem', :ca_private_key => '/etc/octavia/key.pem',
:ca_private_key_passphrase => 'secure123', :ca_private_key_passphrase => 'secure123',
:client_cert => '/etc/octavia/client.pem' :client_cert => '/etc/octavia/client.pem'
@ -27,6 +35,10 @@ describe 'octavia::certificates' do
end end
it 'configures octavia certificate manager' do it 'configures octavia certificate manager' do
is_expected.to contain_octavia_config('certificates/cert_generator').with_value('local_cert_generator')
is_expected.to contain_octavia_config('certificates/cert_manager').with_value('barbican_cert_manager')
is_expected.to contain_octavia_config('certificates/region_name').with_value('RegionOne')
is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('internalURL')
is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('/etc/octavia/ca.pem') is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('/etc/octavia/ca.pem')
is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('/etc/octavia/key.pem') is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('/etc/octavia/key.pem')
is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('secure123') is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('secure123')