From 6da102955d17797894ca8f94ee8a63ab25923414 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Mon, 7 Oct 2024 23:52:58 +0900
Subject: [PATCH] Accept list value for ciphers

The [ssl] ciphers option accepts cipher list. Accept a list value and
format it in openssl cipher list format (one or more string separated
by colons).

Change-Id: Ic3f87023af0577412d29d2047b6ae140053f2c8a
---
 manifests/service/ssl.pp              |  2 +-
 spec/defines/oslo_service_ssl_spec.rb | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/manifests/service/ssl.pp b/manifests/service/ssl.pp
index 46e2690..6173036 100644
--- a/manifests/service/ssl.pp
+++ b/manifests/service/ssl.pp
@@ -47,7 +47,7 @@ define oslo::service::ssl (
   $service_options = {
     'ssl/ca_file'   => { value => $ca_file },
     'ssl/cert_file' => { value => $cert_file },
-    'ssl/ciphers'   => { value => $ciphers },
+    'ssl/ciphers'   => { value => join(any2array($ciphers), ':') },
     'ssl/key_file'  => { value => $key_file },
     'ssl/version'   => { value => $version },
   }
diff --git a/spec/defines/oslo_service_ssl_spec.rb b/spec/defines/oslo_service_ssl_spec.rb
index 40e11e2..ebc5229 100644
--- a/spec/defines/oslo_service_ssl_spec.rb
+++ b/spec/defines/oslo_service_ssl_spec.rb
@@ -59,6 +59,17 @@ describe 'oslo::service::ssl' do
         should raise_error(Puppet::Error)
       end
     end
+
+    context 'with list values' do
+      let :params do
+        {
+          :ciphers => ['HIGH', '!RC4', '!MD5', '!aNULL', '!eNULL', '!EXP', '!LOW', '!MEDIUM'],
+        }
+      end
+      it 'configures ssl parameters' do
+        is_expected.to contain_keystone_config('ssl/ciphers').with_value('HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM')
+      end
+    end
   end
 
   on_supported_os({