From f451dbed3a72a9e90b24b01354e5f41ae788e6f9 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Wed, 27 Dec 2023 01:04:02 +0900
Subject: [PATCH] Simplify policies definition
Currently the openstacklib::policy::policies parameter requires
the following format.
openstacklib::policy { 'foo':
policies => {
'title' => {
'key' => 'policy-key',
'value' => 'policy-value'
}
},
...
}
However the top level key ('title') is used to determine resource
names and does not affect actual configuration. This is quite redundant
and sometimes confusing to users.
This allows using title strings to define policy keys. With this change
users can use a policies value like the following example. This is
similar to the existing config classes interface.
openstacklib::policy { 'foo':
policies => {
'policy-key' => {
'value' => 'policy-value'
}
},
...
}
Change-Id: I7f8caa2b3e5cab852f64c5fdbb3452485d8aabab
---
manifests/policy/base.pp | 5 ++-
spec/defines/openstacklib_policy_base_spec.rb | 44 ++++++++++---------
2 files changed, 27 insertions(+), 22 deletions(-)
diff --git a/manifests/policy/base.pp b/manifests/policy/base.pp
index a0d81230..efdbeddc 100644
--- a/manifests/policy/base.pp
+++ b/manifests/policy/base.pp
@@ -8,7 +8,8 @@
# (required) Path to the policy.json file
#
# [*key*]
-# (required) The key to replace the value for
+# (optional) The key to replace the value for
+# Defaults to $name
#
# [*value*]
# (optional) The value to set
@@ -38,7 +39,7 @@
#
define openstacklib::policy::base (
Stdlib::Absolutepath $file_path,
- String[1] $key,
+ String[1] $key = $name,
String $value = '',
$file_mode = '0640',
$file_user = undef,
diff --git a/spec/defines/openstacklib_policy_base_spec.rb b/spec/defines/openstacklib_policy_base_spec.rb
index c15d07ae..40ccf126 100644
--- a/spec/defines/openstacklib_policy_base_spec.rb
+++ b/spec/defines/openstacklib_policy_base_spec.rb
@@ -2,15 +2,14 @@ require 'spec_helper'
describe 'openstacklib::policy::base' do
shared_examples 'openstacklib::policy::base' do
- context 'with policy.json' do
- let :title do
- 'nova-contest_is_admin'
- end
+ let :title do
+ 'context_is_admin or owner'
+ end
+ context 'with policy.json' do
let :params do
{
:file_path => '/etc/nova/policy.json',
- :key => 'context_is_admin or owner',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
@@ -45,14 +44,9 @@ describe 'openstacklib::policy::base' do
end
context 'with policy.yaml' do
- let :title do
- 'nova-contest_is_admin'
- end
-
let :params do
{
:file_path => '/etc/nova/policy.yaml',
- :key => 'context_is_admin or owner',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
@@ -105,14 +99,9 @@ describe 'openstacklib::policy::base' do
end
context 'with purge_config enabled' do
- let :title do
- 'nova-contest_is_admin'
- end
-
let :params do
{
:file_path => '/etc/nova/policy.yaml',
- :key => 'context_is_admin or owner',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
@@ -132,14 +121,9 @@ describe 'openstacklib::policy::base' do
end
context 'with json file_path and yaml file format' do
- let :title do
- 'nova-contest_is_admin'
- end
-
let :params do
{
:file_path => '/etc/nova/policy.json',
- :key => 'context_is_admin or owner',
:value => 'foo:bar',
:file_mode => '0644',
:file_user => 'foo',
@@ -150,6 +134,26 @@ describe 'openstacklib::policy::base' do
it { should raise_error(Puppet::Error) }
end
+
+ context 'with key overridden' do
+ let :params do
+ {
+ :file_path => '/etc/nova/policy.yaml',
+ :key => 'context_is_admin',
+ :value => 'foo:bar',
+ :file_mode => '0644',
+ :file_user => 'foo',
+ :file_group => 'bar',
+ :file_format => 'yaml',
+ }
+ end
+
+ it { should contain_file_line('/etc/nova/policy.yaml-context_is_admin').with(
+ :path => '/etc/nova/policy.yaml',
+ :line => '\'context_is_admin\': \'foo:bar\'',
+ :match => '^[\'"]?context_is_admin(?!:)[\'"]?\s*:.+'
+ ) }
+ end
end
on_supported_os({