openstack/puppet-oslo
Code Issues Proposed changes

Deprecate allow_insecure_clients option

Browse Source 
The allow_insecure_clients has been deprecated[1].

[1]https://review.opendev.org/#/c/417629/

Change-Id: Id6b6ac8dd9532dd243f7b6af776a14bbb798c997
Closes-Bug: #1902158
This commit is contained in:
ZhongShengping 2020-11-02 14:38:36 +08:00
parent c74f960c1b
commit c08a99f05c
3 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
manifests/messaging/amqp.pp
View File

@ -89,10 +89,6 @@
# (Optional) Password for decrypting ssl_key_file (if encrypted)
# Defaults to $::os_service_default.
#
# [*allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP
# Defaults to $::os_service_default.
#
# [*sasl_mechanisms*]
# (Optional) Space separated list of acceptable SASL mechanisms
# Defaults to $::os_service_default.
@ -125,6 +121,12 @@
# (Optional) The deadline for a sent notification message delivery
# Defaults to $::os_service_default.
#
# DEPRECATED PARAMETERS
#
# [*allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP
# Defaults to undef.
#
define oslo::messaging::amqp(
$addressing_mode = $::os_service_default,
$server_request_prefix = $::os_service_default,
@ -146,7 +148,6 @@ define oslo::messaging::amqp(
$ssl_cert_file = $::os_service_default,
$ssl_key_file = $::os_service_default,
$ssl_key_password = $::os_service_default,
$allow_insecure_clients = $::os_service_default,
$sasl_mechanisms = $::os_service_default,
$sasl_config_dir = $::os_service_default,
$sasl_config_name = $::os_service_default,
@ -155,7 +156,15 @@ define oslo::messaging::amqp(
$password = $::os_service_default,
$default_send_timeout = $::os_service_default,
$default_notify_timeout = $::os_service_default,
# DEPRECATED PARAMETERS
$allow_insecure_clients = undef,
){
if $allow_insecure_clients != undef {
warning('The allow_insecure_clients parameter is deprecated and \
will be removed in a future release.')
}
$amqp_options={ 'oslo_messaging_amqp/addressing_mode' => { value => $addressing_mode },
'oslo_messaging_amqp/server_request_prefix' => { value => $server_request_prefix },
'oslo_messaging_amqp/broadcast_prefix' => { value => $broadcast_prefix },
@ -176,7 +185,6 @@ define oslo::messaging::amqp(
'oslo_messaging_amqp/ssl_cert_file' => { value => $ssl_cert_file },
'oslo_messaging_amqp/ssl_key_file' => { value => $ssl_key_file },
'oslo_messaging_amqp/ssl_key_password' => { value => $ssl_key_password, secret => true },
'oslo_messaging_amqp/allow_insecure_clients' => { value => $allow_insecure_clients },
'oslo_messaging_amqp/sasl_mechanisms' => { value => $sasl_mechanisms },
'oslo_messaging_amqp/sasl_config_dir' => { value => $sasl_config_dir },
'oslo_messaging_amqp/sasl_config_name' => { value => $sasl_config_name },

4
releasenotes/notes/deprecate_allow_insecure_clients-option-bca936c587b71a40.yaml Normal file
View File

@ -0,0 +1,4 @@
---
deprecations:
- allow_insecure_clients option is now deprecated for removal, the
parameter has no effect.

1
spec/defines/oslo_messaging_amqp_spec.rb
View File

@ -28,7 +28,6 @@ describe 'oslo::messaging::amqp' do
is_expected.to contain_keystone_config('oslo_messaging_amqp/ssl_cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_messaging_amqp/ssl_key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_messaging_amqp/ssl_key_password').with_value('<SERVICE DEFAULT>').with_secret(true)
is_expected.to contain_keystone_config('oslo_messaging_amqp/allow_insecure_clients').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_messaging_amqp/sasl_mechanisms').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_messaging_amqp/sasl_config_dir').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('oslo_messaging_amqp/sasl_config_name').with_value('<SERVICE DEFAULT>')