From c32562a9620d87740251285b8d51595cbace8dcc Mon Sep 17 00:00:00 2001
From: Tobias Urdin <tobias.urdin@binero.se>
Date: Thu, 30 Aug 2018 11:10:04 +0200
Subject: [PATCH] Add missing options to octavia::certificates

Adds new parameter for the missing options that can
be configured in the certificates section in octavia.conf

Change-Id: Id3de1ec92f7bc309fefaa8f96f3c353e328bfbbf
(cherry picked from commit 9b285e740f4fa79003b344649c069772f3f28e50)
---
 manifests/certificates.pp                     | 24 +++++++++++++++++++
 ...certificates-options-45294bca5186878e.yaml |  6 +++++
 spec/classes/octavia_certificates_spec.rb     | 14 ++++++++++-
 3 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/certificates-options-45294bca5186878e.yaml

diff --git a/manifests/certificates.pp b/manifests/certificates.pp
index a5c562c6..df84eb1d 100644
--- a/manifests/certificates.pp
+++ b/manifests/certificates.pp
@@ -4,6 +4,22 @@
 #
 # === Parameters
 #
+# [*cert_generator*]
+#   (Optional) Certificate generator to use.
+#   Defaults to $::os_service_default
+#
+# [*cert_manager*]
+#   (Optional) Certificate manager to use.
+#   Defaults to $::os_service_default
+#
+# [*region_name*]
+#   (Optional) Region name to use when connecting to cert manager.
+#   Defaults to $::os_service_default
+#
+# [*endpoint_type*]
+#   (Optional) Endpoint type to use when connecting to cert manager.
+#   Defaults to $::os_service_default
+#
 # [*ca_certificate*]
 #   (Optional) Path to the CA certificate for Octavia
 #   Defaults to $::os_service_default
@@ -41,6 +57,10 @@
 #   Defaults to 'octavia'
 #
 class octavia::certificates (
+  $cert_generator            = $::os_service_default,
+  $cert_manager              = $::os_service_default,
+  $region_name               = $::os_service_default,
+  $endpoint_type             = $::os_service_default,
   $ca_certificate            = $::os_service_default,
   $ca_private_key            = $::os_service_default,
   $ca_private_key_passphrase = $::os_service_default,
@@ -55,6 +75,10 @@ class octavia::certificates (
   include ::octavia::deps
 
   octavia_config {
+    'certificates/cert_generator'            : value => $cert_generator;
+    'certificates/cert_manager'              : value => $cert_manager;
+    'certificates/region_name'               : value => $region_name;
+    'certificates/endpoint_type'             : value => $endpoint_type;
     'certificates/ca_certificate'            : value => $ca_certificate;
     'certificates/ca_private_key'            : value => $ca_private_key;
     'certificates/ca_private_key_passphrase' : value => $ca_private_key_passphrase;
diff --git a/releasenotes/notes/certificates-options-45294bca5186878e.yaml b/releasenotes/notes/certificates-options-45294bca5186878e.yaml
new file mode 100644
index 00000000..267628a4
--- /dev/null
+++ b/releasenotes/notes/certificates-options-45294bca5186878e.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Added new parameter cert_generator, cert_manager, region_name and endpoint_type
+    to the octavia::certificates class that configures the certificates section in
+    the octavia.conf file.
diff --git a/spec/classes/octavia_certificates_spec.rb b/spec/classes/octavia_certificates_spec.rb
index 20188ed5..66cc356b 100644
--- a/spec/classes/octavia_certificates_spec.rb
+++ b/spec/classes/octavia_certificates_spec.rb
@@ -5,6 +5,10 @@ describe 'octavia::certificates' do
 
     context 'with default params' do
       it 'configures octavia certificate manager' do
+        is_expected.to contain_octavia_config('certificates/cert_generator').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('certificates/cert_manager').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('certificates/region_name').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('<SERVICE DEFAULT>')
@@ -19,7 +23,11 @@ describe 'octavia::certificates' do
 
     context 'when certificates are configured' do
       let :params do
-        { :ca_certificate            => '/etc/octavia/ca.pem',
+        { :cert_generator            => 'local_cert_generator',
+          :cert_manager              => 'barbican_cert_manager',
+          :region_name               => 'RegionOne',
+          :endpoint_type             => 'internalURL',
+          :ca_certificate            => '/etc/octavia/ca.pem',
           :ca_private_key            => '/etc/octavia/key.pem',
           :ca_private_key_passphrase => 'secure123',
           :client_cert               => '/etc/octavia/client.pem'
@@ -27,6 +35,10 @@ describe 'octavia::certificates' do
       end
 
       it 'configures octavia certificate manager' do
+        is_expected.to contain_octavia_config('certificates/cert_generator').with_value('local_cert_generator')
+        is_expected.to contain_octavia_config('certificates/cert_manager').with_value('barbican_cert_manager')
+        is_expected.to contain_octavia_config('certificates/region_name').with_value('RegionOne')
+        is_expected.to contain_octavia_config('certificates/endpoint_type').with_value('internalURL')
         is_expected.to contain_octavia_config('certificates/ca_certificate').with_value('/etc/octavia/ca.pem')
         is_expected.to contain_octavia_config('certificates/ca_private_key').with_value('/etc/octavia/key.pem')
         is_expected.to contain_octavia_config('certificates/ca_private_key_passphrase').with_value('secure123')