policy.json: Allow puppet modules to manage policy.json

Currently puppet modules does not allow one to manage policy.json. This commit aims to create a common resource for people to manage their policies. Change-Id: I1cd7765cdcbddb7e7ad5d720f1efa382641712f2
2014-09-19 16:52:52 -04:00
parent c374bed10f
commit 37935472f1
4 changed files with 98 additions and 0 deletions
--- a/manifests/policy.pp
+++ b/manifests/policy.pp
@@ -0,0 +1,19 @@
+# == Class: openstacklib::policies
+#
+# This resource is an helper to call the policy definition
+#
+# == Parameters:
+#
+#  [*policies*]
+#    Hash of policies one would like to set to specific values
+#    hash; optional
+#
+class openstacklib::policy (
+  $policies = {},
+) {
+
+  validate_hash($policies)
+
+  create_resources('openstacklib::policy::base', $policies)
+
+}
--- a/manifests/policy/base.pp
+++ b/manifests/policy/base.pp
@@ -0,0 +1,31 @@
+# == Definition: openstacklib::policy::base
+#
+# This resource configures the policy.json file for an OpenStack service
+#
+# == Parameters:
+#
+#  [*file_path*]
+#    Path to the policy.json file
+#    string; required
+#
+#  [*key*]
+#    The key to replace the value for
+#    string; required; the key to replace the value for
+#
+#  [*value*]
+#    The value to set
+#    string; optional; the value to set
+#
+define openstacklib::policy::base (
+  $file_path,
+  $key,
+  $value = '',
+) {
+
+  augeas { "${file_path}-${key}-${value}" :
+    lens    => 'Json.lns',
+    incl    => $file_path,
+    changes => "set dict/entry[*][.=\"${key}\"]/string ${value}"
+  }
+
+}
--- a/spec/classes/openstacklib_policy_spec.rb
+++ b/spec/classes/openstacklib_policy_spec.rb
@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+describe 'openstacklib::policy' do
+
+  let :params do
+    {
+      :policies => {
+        'foo' => {
+          'file_path' => '/etc/nova/policy.json',
+          'key'       => 'context_is_admin',
+          'value'     => 'foo:bar'
+        }
+      }
+    }
+  end
+
+  it 'configures the proper policy' do
+    should contain_openstacklib__policy__base('foo').with(
+      :file_path => '/etc/nova/policy.json',
+      :key       => 'context_is_admin',
+      :value     => 'foo:bar'
+    )
+  end
+
+end
--- a/spec/defines/openstacklib_policy_spec.rb
+++ b/spec/defines/openstacklib_policy_spec.rb
@@ -0,0 +1,23 @@
+require 'spec_helper'
+
+describe 'openstacklib::policy::base' do
+
+  let :title do
+    'nova-contest_is_admin'
+  end
+
+  let :params do
+    {:file_path => '/etc/nova/policy.json',
+    :key       => 'context_is_admin',
+    :value     => 'foo:bar'}
+  end
+
+  it 'configures the proper policy' do
+    should contain_augeas('/etc/nova/policy.json-context_is_admin-foo:bar').with(
+      'lens'    => 'Json.lns',
+      'incl'    => '/etc/nova/policy.json',
+      'changes' => 'set dict/entry[*][.="context_is_admin"]/string foo:bar'
+    )
+  end
+
+end