openstack/puppet-openstacklib
Code Issues Proposed changes
Files
2f76f651b2999cdd66f057171aa4e6bb7e2c6511
puppet-openstacklib/lib/puppet/util/openstack.rb
Gilles Dubreuil d4073c2721 Targeting Keystone V3 API support 
The default domain (id 'default', name 'Default') is where the V2
tenants/users are defined. So V3, which is now the default API's version
can and should be used.  Beeing able to use V3 domains needs to be
supported by specifying the domain name for a project/user.

This patch :
- Adds project and user domain names
- Renames tenant (v2) as project (v3)
- Renames os-auth-url to os-url, when using an authicated token against a
  service url, to distinct them from each other, as in OSC
(opentackclient)
- Updates newparam(:auth) accordingly to describe v2/v3 credential
  examples

Note: Keystone API v2 is deprecated [1]

[1] http://docs.openstack.org/developer/keystone/http-api.html#should-i-use-v2-0-or-v3

Change-Id: I72f79129a6875eb433eeb8a62f928e7210db134a
2015-04-03 13:17:25 +11:00

67 lines
1.4 KiB
Ruby
Raw Blame History

# Add the auth parameter to whatever type is given
module Puppet::Util::Openstack
def self.add_openstack_type_methods(type, comment)
type.newparam(:auth) do
desc <<EOT
Hash of authentication credentials. Credentials can be specified as either :
1. Using a project/user with a password
For Keystone API V2:
auth => {
'username' => 'test',
'password' => 'changeme',
'project_name' => 'test',
'auth_url' => 'http://localhost:35357/v2.0'
}
or altenatively for Keystone API V3:
auth => {
'username' => 'test',
'password' => 'changeme',
'project_name' => 'test',
'project_domain_name' => 'domain1',
'user_domain_name' => 'domain1',
'auth_url' => 'http://localhost:35357/v3'
}
2. Using a path to an openrc file containing these credentials
auth => {
'openrc' => '/root/openrc'
}
3. Using a service token
For Keystone API V2:
auth => {
'token' => 'example',
'url' => 'http://localhost:35357/v2.0'
}
Alternatively for Keystone API V3:
auth => {
'token' => 'example',
'url' => 'http://localhost:35357/v3.0'
}
If not present, the provider will look for environment variables for
password credentials.
#{comment}
EOT
validate do |value|
raise(Puppet::Error, 'This property must be a hash') unless value.is_a?(Hash)
end
end
type.autorequire(:package) do
'python-openstackclient'
end
end
end
View Git Blame Copy Permalink