[service_auth] Define default values

Currently all parameters of the octavia::service_auth class default to $::os_service_default. However the [service_auth] parameters are required to make Octavia work correctly and users always need to define these parameters. This change updates default of these parameters, following the global default values we use for service authentication. Change-Id: I655e9f1de3e32adac089a494a9d755e83eacc577
2022-02-07 22:18:32 +09:00
parent be9130696f
commit ce727fb1aa
3 changed files with 52 additions and 37 deletions
--- a/manifests/service_auth.pp
+++ b/manifests/service_auth.pp
@@ -3,46 +3,45 @@
 #
 # === Parameters:
 #
+# [*password*]
+#   (required) Password for user
+#
 # [*auth_url*]
 #   (optional) Keystone Authentication URL
-#   Defaults to $::os_service_default
+#   Defaults to 'http://localhost:5000'
 #
 # [*username*]
 #   (optional) User for accessing neutron and other services.
-#   Defaults to $::os_service_default
+#   Defaults to 'octavia'
 #
 # [*project_name*]
 #   (optional) Tenant for accessing neutron and other services
-#   Defaults to $::os_service_default
-#
-# [*password*]
-#   (optional) Password for user
-#   Defaults to $::os_service_default
+#   Defaults to 'services'
 #
 # [*user_domain_name*]
 #   (optional) keystone user domain
-#   Defaults to $::os_service_default
+#   Defaults to 'Default'
 #
 # [*project_domain_name*]
 #   (optional) keystone project domain
-#   Defaults to $::os_service_default
+#   Defaults to 'Default'
 #
 # [*auth_type*]
 #   (optional) keystone authentication type
-#   Defaults to $::os_service_default
+#   Defaults to 'password'
 #
 # [*region_name*]
 #   (Optional) The region in which the identity server can be found.
 #   Defaults to $::os_service_default.
 #
 class octavia::service_auth (
-  $auth_url            = $::os_service_default,
-  $username            = $::os_service_default,
-  $project_name        = $::os_service_default,
-  $password            = $::os_service_default,
-  $user_domain_name    = $::os_service_default,
-  $project_domain_name = $::os_service_default,
-  $auth_type           = $::os_service_default,
+  $password,
+  $auth_url            = 'http://localhost:5000',
+  $username            = 'octavia',
+  $project_name        = 'services',
+  $user_domain_name    = 'Default',
+  $project_domain_name = 'Default',
+  $auth_type           = 'password',
  $region_name         = $::os_service_default,
 ) {

--- a/releasenotes/notes/service_auth-defaults-d8f26d966207f906.yaml
+++ b/releasenotes/notes/service_auth-defaults-d8f26d966207f906.yaml
@@ -0,0 +1,9 @@
+---
+upgrade:
+  - |
+    The ``octavia::service_auth::password`` parameter is now required.
+
+  - |
+    Default values of the ``octavia::service_auth`` parameeters have been
+    updated, so that standalone deployment can be set up with less parameters
+    set.
--- a/spec/classes/octavia_service_auth_spec.rb
+++ b/spec/classes/octavia_service_auth_spec.rb
@@ -3,41 +3,48 @@ require 'spec_helper'
 describe 'octavia::service_auth' do

  shared_examples_for 'service-auth' do
+
+    let :params do
+      {
+        :password => 'secrete'
+      }
+    end
+
    context 'with default params' do
      it 'configures default auth' do
-        is_expected.to contain_octavia_config('service_auth/auth_url').with_value('<SERVICE DEFAULT>')
-        is_expected.to contain_octavia_config('service_auth/username').with_value('<SERVICE DEFAULT>')
-        is_expected.to contain_octavia_config('service_auth/project_name').with_value('<SERVICE DEFAULT>')
-        is_expected.to contain_octavia_config('service_auth/password').with_value('<SERVICE DEFAULT>').with_secret(true)
-        is_expected.to contain_octavia_config('service_auth/user_domain_name').with_value('<SERVICE DEFAULT>')
-        is_expected.to contain_octavia_config('service_auth/project_domain_name').with_value('<SERVICE DEFAULT>')
-        is_expected.to contain_octavia_config('service_auth/auth_type').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_octavia_config('service_auth/auth_url').with_value('http://localhost:5000')
+        is_expected.to contain_octavia_config('service_auth/username').with_value('octavia')
+        is_expected.to contain_octavia_config('service_auth/project_name').with_value('services')
+        is_expected.to contain_octavia_config('service_auth/password').with_value('secrete').with_secret(true)
+        is_expected.to contain_octavia_config('service_auth/user_domain_name').with_value('Default')
+        is_expected.to contain_octavia_config('service_auth/project_domain_name').with_value('Default')
+        is_expected.to contain_octavia_config('service_auth/auth_type').with_value('password')
        is_expected.to contain_octavia_config('service_auth/region_name').with_value('<SERVICE DEFAULT>')
      end
    end

    context 'when credentials are configured' do
-      let :params do
-        { :auth_url                 => 'http://199.199.199.199:64371',
-          :username                 => 'some_user',
-          :project_name             => 'some_project_name',
-          :password                 => 'secure123',
-          :user_domain_name         => 'my_domain_name',
-          :project_domain_name      => 'our_domain_name',
-          :auth_type                => 'password',
-          :region_name              => 'region2',
-        }
+      before do
+        params.merge!({
+          :auth_url            => 'http://199.199.199.199:64371',
+          :username            => 'some_user',
+          :project_name        => 'some_project_name',
+          :user_domain_name    => 'my_domain_name',
+          :project_domain_name => 'our_domain_name',
+          :auth_type           => 'v3password',
+          :region_name         => 'regionOne',
+        })
      end

      it 'configures credentials' do
        is_expected.to contain_octavia_config('service_auth/auth_url').with_value('http://199.199.199.199:64371')
        is_expected.to contain_octavia_config('service_auth/username').with_value('some_user')
        is_expected.to contain_octavia_config('service_auth/project_name').with_value('some_project_name')
-        is_expected.to contain_octavia_config('service_auth/password').with_value('secure123').with_secret(true)
+        is_expected.to contain_octavia_config('service_auth/password').with_value('secrete').with_secret(true)
        is_expected.to contain_octavia_config('service_auth/user_domain_name').with_value('my_domain_name')
        is_expected.to contain_octavia_config('service_auth/project_domain_name').with_value('our_domain_name')
-        is_expected.to contain_octavia_config('service_auth/auth_type').with_value('password')
-        is_expected.to contain_octavia_config('service_auth/region_name').with_value('region2')
+        is_expected.to contain_octavia_config('service_auth/auth_type').with_value('v3password')
+        is_expected.to contain_octavia_config('service_auth/region_name').with_value('regionOne')
      end
    end
  end