Add support for key manager options

This change implements support for key manager options which are implemented in the castellan library and currently used by nova, cinder and glance. Change-Id: I11484961efe207cefbac775a7847b4fd9bec8dc2
2021-01-27 20:46:02 +09:00 · 2021-01-27 20:46:02 +09:00 · 1e4a48a5fe
commit 1e4a48a5fe
parent c9e8002639
4 changed files with 191 additions and 0 deletions
--- a/manifests/key_manager.pp
+++ b/manifests/key_manager.pp
@ -0,0 +1,25 @@
+# == Define: oslo::key_manager
+#
+# Configure key_manager options implemented in the castellan library
+#
+# === Parameters
+#
+# [*config*]
+#   (Optional) The resource type used to apply configuration parameters.
+#   Defaults to $name
+#
+# [*backend*]
+#   (Optional) Specify the key manager implementation.
+#   Defaults to $::os_service_default
+#
+define oslo::key_manager(
+  $config  = $name,
+  $backend = $::os_service_default,
+) {
+
+  $key_manager_options = {
+    'key_manager/backend' => { value => $backend },
+  }
+
+  create_resources($config, $key_manager_options)
+}
--- a/manifests/key_manager/barbican.pp
+++ b/manifests/key_manager/barbican.pp
@ -0,0 +1,62 @@
+# == Define: oslo::key_manager::barbican
+#
+# Setup and configure Barbican Key Manager options
+#
+# === Parameters
+#
+# [*config*]
+#   (Optional) The resource type used to apply configuration parameters.
+#   Defaults to $name
+#
+# [*barbican_endpoint*]
+#   (Optional) Use this endpoint to connect to Barbican.
+#   Defaults to $::os_service_default
+#
+# [*barbican_api_version*]
+#   (Optional) Version of the Barbican API.
+#   Defaults to $::os_service_default
+#
+# [*auth_endpoint*]
+#   (Optional) Use this endpoint to connect to Keystone.
+#   Defaults to $::os_service_default
+#
+# [*retry_delay*]
+#   (Optional) Number of seconds to wait before retrying poll for key creation
+#   completion.
+#   Defaults to $::os_service_default
+#
+# [*number_of_retries*]
+#   (Optional) Number of times to retry poll fo key creation completion.
+#   Defaults to $::os_service_default
+#
+# [*barbican_endpoint_type*]
+#   (Optional) Specifies the type of endpoint.
+#   Defaults to $::os_service_default
+#
+# [*barbican_region_name*]
+#   (Optional) Specifies the region of the chosen endpoint.
+#   Defaults to $::os_service_default
+#
+define oslo::key_manager::barbican (
+  $config                 = $name,
+  $barbican_endpoint      = $::os_service_default,
+  $barbican_api_version   = $::os_service_default,
+  $auth_endpoint          = $::os_service_default,
+  $retry_delay            = $::os_service_default,
+  $number_of_retries      = $::os_service_default,
+  $barbican_endpoint_type = $::os_service_default,
+  $barbican_region_name   = $::os_service_default,
+) {
+
+  $barbican_options = {
+    'barbican/barbican_endpoint'      => { value => $barbican_endpoint },
+    'barbican/barbican_api_version'   => { value => $barbican_api_version },
+    'barbican/auth_endpoint'          => { value => $auth_endpoint },
+    'barbican/retry_delay'            => { value => $retry_delay },
+    'barbican/number_of_retries'      => { value => $number_of_retries },
+    'barbican/barbican_endpoint_type' => { value => $barbican_endpoint_type },
+    'barbican/barbican_region_name'   => { value => $barbican_region_name },
+  }
+
+  create_resources($config, $barbican_options)
+}
--- a/spec/defines/oslo_key_manager_barbican_spec.rb
+++ b/spec/defines/oslo_key_manager_barbican_spec.rb
@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe 'oslo::key_manager::barbican' do
+
+  let (:title) { 'keystone_config' }
+
+  shared_examples 'oslo::key_manager::barbican' do
+
+    context 'with default parameters' do
+      let :params do
+        {}
+      end
+
+      it 'configure key_manager default params' do
+        is_expected.to contain_keystone_config('barbican/barbican_endpoint').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/barbican_api_version').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/auth_endpoint').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/retry_delay').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/number_of_retries').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/barbican_endpoint_type').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('barbican/barbican_region_name').with_value('<SERVICE DEFAULT>')
+      end
+    end
+
+    context 'with parameters overridden' do
+      let :params do
+        {
+          :barbican_endpoint      => 'http://localhost:9311/',
+          :barbican_api_version   => 'v1',
+          :auth_endpoint          => 'http://localhost:5000',
+          :retry_delay            => 1,
+          :number_of_retries      => 60,
+          :barbican_endpoint_type => 'public',
+          :barbican_region_name   => 'regionOne',
+        }
+      end
+
+      it 'configure key_manager params' do
+        is_expected.to contain_keystone_config('barbican/barbican_endpoint').with_value('http://localhost:9311/')
+        is_expected.to contain_keystone_config('barbican/barbican_api_version').with_value('v1')
+        is_expected.to contain_keystone_config('barbican/auth_endpoint').with_value('http://localhost:5000')
+        is_expected.to contain_keystone_config('barbican/retry_delay').with_value(1)
+        is_expected.to contain_keystone_config('barbican/number_of_retries').with_value(60)
+        is_expected.to contain_keystone_config('barbican/barbican_endpoint_type').with_value('public')
+        is_expected.to contain_keystone_config('barbican/barbican_region_name').with_value('regionOne')
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      include_examples 'oslo::key_manager::barbican'
+    end
+  end
+end
--- a/spec/defines/oslo_key_manager_spec.rb
+++ b/spec/defines/oslo_key_manager_spec.rb
@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe 'oslo::key_manager' do
+
+  let (:title) { 'keystone_config' }
+
+  shared_examples 'oslo::key_manager' do
+
+    context 'with default parameters' do
+      let :params do
+        {}
+      end
+
+      it 'configure key_manager default params' do
+        is_expected.to contain_keystone_config('key_manager/backend').with_value('<SERVICE DEFAULT>')
+      end
+    end
+
+    context 'with parameters overridden' do
+      let :params do
+        {
+          :backend => 'barbican'
+        }
+      end
+
+      it 'configure key_manager params' do
+        is_expected.to contain_keystone_config('key_manager/backend').with_value('barbican')
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      include_examples 'oslo::key_manager'
+    end
+  end
+end