openstack/puppet-openstacklib
Code Issues Proposed changes
Files
61aeda0b485274a7f8f1ede6e603d74318dd5d85
puppet-openstacklib/manifests/policy/base.pp
Takashi Kajinami 61aeda0b48 policy: Raise error when file_path and file_format are inconsistent 
We have replaced policy.yaml with policy.json following the community
goal[1], but it might be possible that users are not aware of that
migration and still expect json files.
This change ensures that users are not expecting json file based on
the given file path.

[1] https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: Ie2e5a6798e8603585c20b947eb91bbad5453934b
2021-03-25 13:38:08 +00:00

109 lines
3.0 KiB
Puppet
Raw Blame History

# == Definition: openstacklib::policy::base
#
# This resource configures the policy.json file for an OpenStack service
#
# == Parameters:
#
# [*file_path*]
# Path to the policy.json file
# string; required
#
# [*key*]
# The key to replace the value for
# string; required; the key to replace the value for
#
# [*value*]
# The value to set
# string; optional; the value to set
#
# [*file_mode*]
# (optional) Permission mode for the policy file
# Defaults to '0640'
#
# [*file_user*]
# (optional) User for the policy file
# Defaults to undef
#
# [*file_group*]
# (optional) Group for the policy file
# Defaults to undef
#
# [*file_format*]
# (optional) Format for file contents. Valid values
# are 'json' or 'yaml'.
# Defaults to 'json'.
#
define openstacklib::policy::base (
$file_path,
$key,
$value = '',
$file_mode = '0640',
$file_user = undef,
$file_group = undef,
$file_format = 'json',
) {
case $file_format {
'json': {
warning('Json format is deprecated and will be removed in a future release')
ensure_resource('file', $file_path, {
mode => $file_mode,
owner => $file_user,
group => $file_group,
replace => false, # augeas will manage the content, we just need to make sure it exists
content => '{}'
})
# Add entry if it doesn't exists
augeas { "${file_path}-${key}-${value}-add":
lens => 'Json.lns',
incl => $file_path,
changes => [
"set dict/entry[last()+1] \"${key}\"",
"set dict/entry[last()]/string \"${value}\"",
],
onlyif => "match dict/entry[*][.=\"${key}\"] size == 0",
}
# Requires that the entry is added before this call or it will fail.
augeas { "${file_path}-${key}-${value}" :
lens => 'Json.lns',
incl => $file_path,
changes => "set dict/entry[*][.=\"${key}\"]/string \"${value}\"",
}
File<| title == $file_path |>
-> Augeas<| title == "${file_path}-${key}-${value}-add" |>
~> Augeas<| title == "${file_path}-${key}-${value}" |>
}
'yaml': {
if stdlib::extname($file_path) == '.json' {
# NOTE(tkajinam): It is likely that user is not aware of migration from
# policy.json to policy.yaml
fail("file_path: ${file_path} should be a yaml file instead of a json file")
}
ensure_resource('file', $file_path, {
mode => $file_mode,
owner => $file_user,
group => $file_group,
replace => false, # augeas will manage the content, we just need to make sure it exists
content => ''
})
file_line { "${file_path}-${key}" :
path => $file_path,
line => "'${key}': '${value}'",
match => "^['\"]?${key}['\"]?\\s*:.+"
}
File<| title == $file_path |>
-> File_line<| title == "${file_path}-${key}" |>
}
default: {
fail("${file_format} is an unsupported policy file format. Choose 'json' or 'yaml'.")
}
}
}
View Git Blame Copy Permalink