Add support for key manager options

This change implements support for key manager options which are
implemented in the castellan library and currently used by nova,
cinder and glance.

Change-Id: I11484961efe207cefbac775a7847b4fd9bec8dc2
This commit is contained in:
Takashi Kajinami 2021-01-27 20:46:02 +09:00
parent c9e8002639
commit 1e4a48a5fe
4 changed files with 191 additions and 0 deletions

25
manifests/key_manager.pp Normal file
View File

@ -0,0 +1,25 @@
# == Define: oslo::key_manager
#
# Configure key_manager options implemented in the castellan library
#
# === Parameters
#
# [*config*]
# (Optional) The resource type used to apply configuration parameters.
# Defaults to $name
#
# [*backend*]
# (Optional) Specify the key manager implementation.
# Defaults to $::os_service_default
#
define oslo::key_manager(
$config = $name,
$backend = $::os_service_default,
) {
$key_manager_options = {
'key_manager/backend' => { value => $backend },
}
create_resources($config, $key_manager_options)
}

View File

@ -0,0 +1,62 @@
# == Define: oslo::key_manager::barbican
#
# Setup and configure Barbican Key Manager options
#
# === Parameters
#
# [*config*]
# (Optional) The resource type used to apply configuration parameters.
# Defaults to $name
#
# [*barbican_endpoint*]
# (Optional) Use this endpoint to connect to Barbican.
# Defaults to $::os_service_default
#
# [*barbican_api_version*]
# (Optional) Version of the Barbican API.
# Defaults to $::os_service_default
#
# [*auth_endpoint*]
# (Optional) Use this endpoint to connect to Keystone.
# Defaults to $::os_service_default
#
# [*retry_delay*]
# (Optional) Number of seconds to wait before retrying poll for key creation
# completion.
# Defaults to $::os_service_default
#
# [*number_of_retries*]
# (Optional) Number of times to retry poll fo key creation completion.
# Defaults to $::os_service_default
#
# [*barbican_endpoint_type*]
# (Optional) Specifies the type of endpoint.
# Defaults to $::os_service_default
#
# [*barbican_region_name*]
# (Optional) Specifies the region of the chosen endpoint.
# Defaults to $::os_service_default
#
define oslo::key_manager::barbican (
$config = $name,
$barbican_endpoint = $::os_service_default,
$barbican_api_version = $::os_service_default,
$auth_endpoint = $::os_service_default,
$retry_delay = $::os_service_default,
$number_of_retries = $::os_service_default,
$barbican_endpoint_type = $::os_service_default,
$barbican_region_name = $::os_service_default,
) {
$barbican_options = {
'barbican/barbican_endpoint' => { value => $barbican_endpoint },
'barbican/barbican_api_version' => { value => $barbican_api_version },
'barbican/auth_endpoint' => { value => $auth_endpoint },
'barbican/retry_delay' => { value => $retry_delay },
'barbican/number_of_retries' => { value => $number_of_retries },
'barbican/barbican_endpoint_type' => { value => $barbican_endpoint_type },
'barbican/barbican_region_name' => { value => $barbican_region_name },
}
create_resources($config, $barbican_options)
}

View File

@ -0,0 +1,61 @@
require 'spec_helper'
describe 'oslo::key_manager::barbican' do
let (:title) { 'keystone_config' }
shared_examples 'oslo::key_manager::barbican' do
context 'with default parameters' do
let :params do
{}
end
it 'configure key_manager default params' do
is_expected.to contain_keystone_config('barbican/barbican_endpoint').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/barbican_api_version').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/auth_endpoint').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/retry_delay').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/number_of_retries').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/barbican_endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican/barbican_region_name').with_value('<SERVICE DEFAULT>')
end
end
context 'with parameters overridden' do
let :params do
{
:barbican_endpoint => 'http://localhost:9311/',
:barbican_api_version => 'v1',
:auth_endpoint => 'http://localhost:5000',
:retry_delay => 1,
:number_of_retries => 60,
:barbican_endpoint_type => 'public',
:barbican_region_name => 'regionOne',
}
end
it 'configure key_manager params' do
is_expected.to contain_keystone_config('barbican/barbican_endpoint').with_value('http://localhost:9311/')
is_expected.to contain_keystone_config('barbican/barbican_api_version').with_value('v1')
is_expected.to contain_keystone_config('barbican/auth_endpoint').with_value('http://localhost:5000')
is_expected.to contain_keystone_config('barbican/retry_delay').with_value(1)
is_expected.to contain_keystone_config('barbican/number_of_retries').with_value(60)
is_expected.to contain_keystone_config('barbican/barbican_endpoint_type').with_value('public')
is_expected.to contain_keystone_config('barbican/barbican_region_name').with_value('regionOne')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
include_examples 'oslo::key_manager::barbican'
end
end
end

View File

@ -0,0 +1,43 @@
require 'spec_helper'
describe 'oslo::key_manager' do
let (:title) { 'keystone_config' }
shared_examples 'oslo::key_manager' do
context 'with default parameters' do
let :params do
{}
end
it 'configure key_manager default params' do
is_expected.to contain_keystone_config('key_manager/backend').with_value('<SERVICE DEFAULT>')
end
end
context 'with parameters overridden' do
let :params do
{
:backend => 'barbican'
}
end
it 'configure key_manager params' do
is_expected.to contain_keystone_config('key_manager/backend').with_value('barbican')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
include_examples 'oslo::key_manager'
end
end
end