Add auth file from openstack repo

This commit adds the openrc templating that was
in the old openstack repository, with some changes
to the parameter names to match those in the file itself.

Change-Id: I979ea227c93153c15ea78c0c47b9c94843a314af
This commit is contained in:
Michael Chapman 2014-12-01 23:18:43 +11:00
parent 0fc013377b
commit 67dfb62e4d
3 changed files with 195 additions and 0 deletions

92
manifests/auth_file.pp Normal file
View File

@ -0,0 +1,92 @@
# == Class: openstack_extras::auth_file
#
# Creates an auth file that can be used to export
# environment variables that can be used to authenticate
# against a keystone server.
#
# === Parameters
#
# [*password*]
# (required) Password for this account as defined in keystone
#
# [*auth_url*]
# (optional) URL to authenticate against
# Defaults to 'http://127.0.0.1:5000/v2.0/'
#
# [*service_token*]
# (optional) Keystone service token
# NOTE: This setting will trigger a warning from keystone.
# Authentication credentials will be ignored by keystone client
# in favor of token authentication.
# Defaults to undef.
#
# [*service_endpoint*]
# (optional) Keystone service endpoint
# Defaults to 'http://127.0.0.1:35357/v2.0/'
#
# [*username*]
# (optional) Username for this account as defined in keystone
# Defaults to 'admin'.
#
# [*tenant_name*]
# (optional) Tenant for this account as defined in keystone
# Defaults to 'openstack'.
#
# [*region_name*]
# (optional) Openstack region to use
# Defaults to 'RegionOne'.
#
# [*use_no_cache*]
# (optional) Do not use the auth token cache.
# Defaults to true.
#
# [*cinder_endpoint_type*]
# (optional) The Cinder endpoint to use
# Defaults to 'publicURL'.
#
# [*glance_endpoint_type*]
# (optional) The Glance endpoint to use
# Defaults to 'publicURL'.
#
# [*keystone_endpoint_type*]
# (optional) The Keystone endpoint to use
# Defaults to 'publicURL'.
#
# [*nova_endpoint_type*]
# (optional) The Nova endpoint to use
# Defaults to 'publicURL'.
#
# [*neutron_endpoint_type*]
# (optional) The Neutron endpoint to use
# Defaults to 'publicURL'.
#
# [*auth_strategy*]
# (optional) The method to use for authentication
# Defaults to 'keystone'.
#
class openstack_extras::auth_file(
$password = undef,
$auth_url = 'http://127.0.0.1:5000/v2.0/',
$service_token = undef,
$service_endpoint = 'http://127.0.0.1:35357/v2.0/',
$username = 'admin',
$tenant_name = 'openstack',
$region_name = 'RegionOne',
$use_no_cache = true,
$cinder_endpoint_type = 'publicURL',
$glance_endpoint_type = 'publicURL',
$keystone_endpoint_type = 'publicURL',
$nova_endpoint_type = 'publicURL',
$neutron_endpoint_type = 'publicURL',
$auth_strategy = 'keystone',
) {
if ! $password {
fail('You must specify a password for openstack_extras::auth_file')
}
file { '/root/openrc':
owner => 'root',
group => 'root',
mode => '0700',
content => template('openstack_extras/openrc.erb')
}
}

View File

@ -0,0 +1,86 @@
require 'spec_helper'
describe 'openstack_extras::auth_file' do
describe "when only passing default class parameters" do
let :params do
{ :password => 'admin' }
end
it 'should create a openrc file' do
verify_contents(subject, '/root/openrc', [
'export OS_NO_CACHE=\'true\'',
'export OS_TENANT_NAME=\'openstack\'',
'export OS_USERNAME=\'admin\'',
'export OS_PASSWORD=\'admin\'',
'export OS_AUTH_URL=\'http://127.0.0.1:5000/v2.0/\'',
'export OS_AUTH_STRATEGY=\'keystone\'',
'export OS_REGION_NAME=\'RegionOne\'',
'export CINDER_ENDPOINT_TYPE=\'publicURL\'',
'export GLANCE_ENDPOINT_TYPE=\'publicURL\'',
'export KEYSTONE_ENDPOINT_TYPE=\'publicURL\'',
'export NOVA_ENDPOINT_TYPE=\'publicURL\'',
'export NEUTRON_ENDPOINT_TYPE=\'publicURL\''
])
end
end
describe 'when overriding parameters' do
let :params do
{
:password => 'admin',
:auth_url => 'http://127.0.0.2:5000/v2.0/',
:service_token => 'servicetoken',
:service_endpoint => 'http://127.0.0.2:35357/v2.0/',
:username => 'myuser',
:tenant_name => 'mytenant',
:region_name => 'myregion',
:use_no_cache => 'false',
:cinder_endpoint_type => 'internalURL',
:glance_endpoint_type => 'internalURL',
:keystone_endpoint_type => 'internalURL',
:nova_endpoint_type => 'internalURL',
:neutron_endpoint_type => 'internalURL',
:auth_strategy => 'no_auth',
}
end
it 'should create a openrc file' do
verify_contents(subject, '/root/openrc', [
'export OS_SERVICE_TOKEN=\'servicetoken\'',
'export OS_SERVICE_ENDPOINT=\'http://127.0.0.2:35357/v2.0/\'',
'export OS_NO_CACHE=\'false\'',
'export OS_TENANT_NAME=\'mytenant\'',
'export OS_USERNAME=\'myuser\'',
'export OS_PASSWORD=\'admin\'',
'export OS_AUTH_URL=\'http://127.0.0.2:5000/v2.0/\'',
'export OS_AUTH_STRATEGY=\'no_auth\'',
'export OS_REGION_NAME=\'myregion\'',
'export CINDER_ENDPOINT_TYPE=\'internalURL\'',
'export GLANCE_ENDPOINT_TYPE=\'internalURL\'',
'export KEYSTONE_ENDPOINT_TYPE=\'internalURL\'',
'export NOVA_ENDPOINT_TYPE=\'internalURL\'',
'export NEUTRON_ENDPOINT_TYPE=\'internalURL\''
])
end
end
describe "handle password and token with single quotes" do
let :params do
{
:password => 'singlequote\'',
:service_token => 'key\'stone'
}
end
it 'should create a openrc file' do
verify_contents(subject, '/root/openrc', [
'export OS_SERVICE_TOKEN=\'key\\\'stone\'',
'export OS_PASSWORD=\'singlequote\\\'\'',
])
end
end
end

17
templates/openrc.erb Normal file
View File

@ -0,0 +1,17 @@
#!/bin/sh
<% if @service_token -%>
export OS_SERVICE_TOKEN='<%= @service_token.gsub(/'/){ %q(\') } %>'
export OS_SERVICE_ENDPOINT='<%= @service_endpoint %>'
<% end -%>
export OS_NO_CACHE='<%= @use_no_cache %>'
export OS_TENANT_NAME='<%= @tenant_name %>'
export OS_USERNAME='<%= @username %>'
export OS_PASSWORD='<%= @password.gsub(/'/){ %q(\') } %>'
export OS_AUTH_URL='<%= @auth_url %>'
export OS_AUTH_STRATEGY='<%= @auth_strategy %>'
export OS_REGION_NAME='<%= @region_name %>'
export CINDER_ENDPOINT_TYPE='<%= @cinder_endpoint_type %>'
export GLANCE_ENDPOINT_TYPE='<%= @glance_endpoint_type %>'
export KEYSTONE_ENDPOINT_TYPE='<%= @keystone_endpoint_type %>'
export NOVA_ENDPOINT_TYPE='<%= @nova_endpoint_type %>'
export NEUTRON_ENDPOINT_TYPE='<%= @neutron_endpoint_type %>'