policy.json: Allow puppet modules to manage policy.json
Currently puppet modules does not allow one to manage policy.json. This commit aims to create a common resource for people to manage their policies. Change-Id: I1cd7765cdcbddb7e7ad5d720f1efa382641712f2
This commit is contained in:
Yanis Guenane
19
manifests/policy.pp
Normal file
19
manifests/policy.pp
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
# == Class: openstacklib::policies
|
||||||
|
#
|
||||||
|
# This resource is an helper to call the policy definition
|
||||||
|
#
|
||||||
|
# == Parameters:
|
||||||
|
#
|
||||||
|
# [*policies*]
|
||||||
|
# Hash of policies one would like to set to specific values
|
||||||
|
# hash; optional
|
||||||
|
#
|
||||||
|
class openstacklib::policy (
|
||||||
|
$policies = {},
|
||||||
|
) {
|
||||||
|
|
||||||
|
validate_hash($policies)
|
||||||
|
|
||||||
|
create_resources('openstacklib::policy::base', $policies)
|
||||||
|
|
||||||
|
}
|
||||||
31
manifests/policy/base.pp
Normal file
31
manifests/policy/base.pp
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
# == Definition: openstacklib::policy::base
|
||||||
|
#
|
||||||
|
# This resource configures the policy.json file for an OpenStack service
|
||||||
|
#
|
||||||
|
# == Parameters:
|
||||||
|
#
|
||||||
|
# [*file_path*]
|
||||||
|
# Path to the policy.json file
|
||||||
|
# string; required
|
||||||
|
#
|
||||||
|
# [*key*]
|
||||||
|
# The key to replace the value for
|
||||||
|
# string; required; the key to replace the value for
|
||||||
|
#
|
||||||
|
# [*value*]
|
||||||
|
# The value to set
|
||||||
|
# string; optional; the value to set
|
||||||
|
#
|
||||||
|
define openstacklib::policy::base (
|
||||||
|
$file_path,
|
||||||
|
$key,
|
||||||
|
$value = '',
|
||||||
|
) {
|
||||||
|
|
||||||
|
augeas { "${file_path}-${key}-${value}" :
|
||||||
|
lens => 'Json.lns',
|
||||||
|
incl => $file_path,
|
||||||
|
changes => "set dict/entry[*][.=\"${key}\"]/string ${value}"
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
25
spec/classes/openstacklib_policy_spec.rb
Normal file
25
spec/classes/openstacklib_policy_spec.rb
Normal file
@@ -0,0 +1,25 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'openstacklib::policy' do
|
||||||
|
|
||||||
|
let :params do
|
||||||
|
{
|
||||||
|
:policies => {
|
||||||
|
'foo' => {
|
||||||
|
'file_path' => '/etc/nova/policy.json',
|
||||||
|
'key' => 'context_is_admin',
|
||||||
|
'value' => 'foo:bar'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures the proper policy' do
|
||||||
|
should contain_openstacklib__policy__base('foo').with(
|
||||||
|
:file_path => '/etc/nova/policy.json',
|
||||||
|
:key => 'context_is_admin',
|
||||||
|
:value => 'foo:bar'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
23
spec/defines/openstacklib_policy_spec.rb
Normal file
23
spec/defines/openstacklib_policy_spec.rb
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'openstacklib::policy::base' do
|
||||||
|
|
||||||
|
let :title do
|
||||||
|
'nova-contest_is_admin'
|
||||||
|
end
|
||||||
|
|
||||||
|
let :params do
|
||||||
|
{:file_path => '/etc/nova/policy.json',
|
||||||
|
:key => 'context_is_admin',
|
||||||
|
:value => 'foo:bar'}
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures the proper policy' do
|
||||||
|
should contain_augeas('/etc/nova/policy.json-context_is_admin-foo:bar').with(
|
||||||
|
'lens' => 'Json.lns',
|
||||||
|
'incl' => '/etc/nova/policy.json',
|
||||||
|
'changes' => 'set dict/entry[*][.="context_is_admin"]/string foo:bar'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user