openstack/puppet-oslo
Code Issues Proposed changes
Files
bdf0c6f1b4730e7e8288aa4e75d25002695df43c
puppet-oslo/spec/defines/oslo_key_manager_barbican_service_user_spec.rb
Takashi Kajinami bdf0c6f1b4 key_manager: Add service user options for Barbican key manager 
This change introduces some parameters to set up the service user token
feature for Barbican key manager, which was implemented during the Xena
cycle[1].

This basically replicates the implementation in puppet-keystone class.
We should not make this dependent on puppet-keystone to avoid circular
dependency between puppet-oslo and puppet-keystone.

[1] 162039467ad0dfc5e25a16b75d9072d607690702

Change-Id: I6d94318929cf4bcfc61180494110d0e5812356c0
2021-09-23 22:07:01 +09:00

95 lines
4.7 KiB
Ruby
Raw Blame History

require 'spec_helper'
describe 'oslo::key_manager::barbican::service_user' do
let (:title) { 'keystone_config' }
let :params do
{ :username => 'keystone',
:password => 'secret',
:auth_url => 'http://127.0.0.1:5000',
:project_name => 'services' }
end
shared_examples 'oslo::key_manager::barbican::service_user' do
context 'with only required parameters' do
it 'configures keystone service_user' do
is_expected.to contain_keystone_config('barbican_service_user/username').with_value('keystone')
is_expected.to contain_keystone_config('barbican_service_user/password').with_value('secret').with_secret(true)
is_expected.to contain_keystone_config('barbican_service_user/auth_url').with_value( params[:auth_url] )
is_expected.to contain_keystone_config('barbican_service_user/project_name').with_value( params[:project_name] )
is_expected.to contain_keystone_config('barbican_service_user/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/user_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/insecure').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/auth_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/auth_version').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/certfile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/keyfile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('barbican_service_user/region_name').with_value('<SERVICE DEFAULT>')
end
end
context 'set all keystone service_user parameters' do
before do
params.merge! ({
:username => 'username',
:password => 'hardpassword',
:auth_url => 'http://127.1.1.127:5000/',
:project_name => 'NoProject',
:user_domain_name => 'MyDomain',
:project_domain_name => 'OurDomain',
:insecure => true,
:auth_type => 'password',
:auth_version => '3',
:cafile => 'cafile.pem',
:certfile => 'certfile.crt',
:keyfile => 'somekey.key',
:region_name => 'MyRegion',
})
end
it 'override keystone service_user parameters' do
is_expected.to contain_keystone_config('barbican_service_user/username').with_value(params[:username])
is_expected.to contain_keystone_config('barbican_service_user/password').with_value(params[:password]).with_secret(true)
is_expected.to contain_keystone_config('barbican_service_user/auth_url').with_value( params[:auth_url] )
is_expected.to contain_keystone_config('barbican_service_user/project_name').with_value( params[:project_name] )
is_expected.to contain_keystone_config('barbican_service_user/user_domain_name').with_value(params[:user_domain_name])
is_expected.to contain_keystone_config('barbican_service_user/project_domain_name').with_value(params[:project_domain_name])
is_expected.to contain_keystone_config('barbican_service_user/insecure').with_value(params[:insecure])
is_expected.to contain_keystone_config('barbican_service_user/auth_version').with_value(params[:auth_version])
is_expected.to contain_keystone_config('barbican_service_user/cafile').with_value(params[:cafile])
is_expected.to contain_keystone_config('barbican_service_user/certfile').with_value(params[:certfile])
is_expected.to contain_keystone_config('barbican_service_user/keyfile').with_value(params[:keyfile])
is_expected.to contain_keystone_config('barbican_service_user/region_name').with_value(params[:region_name])
end
end
context 'without password required parameter' do
let :params do
params.delete(:password)
end
it { expect { is_expected.to raise_error(Puppet::Error) } }
end
context 'without specify project' do
let :params do
params.delete(:project_name)
end
it { expect { is_expected.to raise_error(Puppet::Error) } }
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
include_examples 'oslo::key_manager::barbican::service_user'
end
end
end
View Git Blame Copy Permalink