Browse Source

Service_token_roles_required missing in the server config file

Service_token_roles_required missing in the server config file which
allows backwards compatibility to ensure that the service tokens are
compared against a list of possible roles for validity.

Change-Id: I1ddaeaef16995c80dae8389de9b50cc517bbf53f
Closes-Bug: 1778198
tags/1.2.0
ZhongShengping 3 months ago
parent
commit
015d353f0b

+ 8
- 0
manifests/keystone/authtoken.pp View File

@@ -161,6 +161,12 @@
161 161
 #   (in seconds). Set to -1 to disable caching completely. Integer value
162 162
 #   Defaults to $::os_service_default.
163 163
 #
164
+# [*service_token_roles_required*]
165
+#   (optional) backwards compatibility to ensure that the service tokens are
166
+#   compared against a list of possible roles for validity
167
+#   true/false
168
+#   Defaults to $::os_service_default.
169
+#
164 170
 class placement::keystone::authtoken(
165 171
   $username                       = 'placement',
166 172
   $password                       = $::os_service_default,
@@ -194,6 +200,7 @@ class placement::keystone::authtoken(
194 200
   $manage_memcache_package        = false,
195 201
   $region_name                    = $::os_service_default,
196 202
   $token_cache_time               = $::os_service_default,
203
+  $service_token_roles_required   = $::os_service_default,
197 204
 ) {
198 205
 
199 206
   include ::placement::deps
@@ -231,5 +238,6 @@ class placement::keystone::authtoken(
231 238
     manage_memcache_package        => $manage_memcache_package,
232 239
     region_name                    => $region_name,
233 240
     token_cache_time               => $token_cache_time,
241
+    service_token_roles_required   => $service_token_roles_required,
234 242
   }
235 243
 }

+ 5
- 0
releasenotes/notes/service_token_roles_required-94f66345c25d21cc.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+features:
3
+  - Service_token_roles_required missing in the server config file which
4
+    allows backwards compatibility to ensure that the service tokens are
5
+    compared against a list of possible roles for validity.

+ 3
- 0
spec/classes/placement_keystone_authtoken_spec.rb View File

@@ -40,6 +40,7 @@ describe 'placement::keystone::authtoken' do
40 40
         is_expected.to contain_placement_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
41 41
         is_expected.to contain_placement_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
42 42
         is_expected.to contain_placement_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
43
+        is_expected.to contain_placement_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
43 44
       }
44 45
     end
45 46
 
@@ -78,6 +79,7 @@ describe 'placement::keystone::authtoken' do
78 79
           :manage_memcache_package        => true,
79 80
           :region_name                    => 'region2',
80 81
           :token_cache_time               => '301',
82
+          :service_token_roles_required   => false,
81 83
         })
82 84
       end
83 85
 
@@ -113,6 +115,7 @@ describe 'placement::keystone::authtoken' do
113 115
         is_expected.to contain_placement_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
114 116
         is_expected.to contain_placement_config('keystone_authtoken/region_name').with_value(params[:region_name])
115 117
         is_expected.to contain_placement_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
118
+        is_expected.to contain_placement_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
116 119
       }
117 120
 
118 121
       it { is_expected.to contain_package('python-memcache') }

Loading…
Cancel
Save