Use a 'params' hash for authtoken parameters

This change adds the 'params' hash in authtoken class, to implement
the same functionality as the one recently introduced into
puppet-nova[1].

[1] 5c38281e1b698f157f03bf1815733277c541c30b

Change-Id: I2fb3a97eed29f602fab5081f1b53df6422921ea6
This commit is contained in:
Takashi Kajinami 2021-08-26 22:46:25 +09:00
parent 79f2186b00
commit 8b8addd751
2 changed files with 58 additions and 37 deletions

View File

@ -187,6 +187,10 @@
# "public", "internal" or "admin"(default).
# Defaults to $::os_service_default.
#
# [*params*]
# (Optional) Hash of additional parameters to pass through to the keystone
# authtoken class. Values set here override the individual parameters above.
#
class placement::keystone::authtoken(
$username = 'placement',
$password = $::os_service_default,
@ -224,6 +228,7 @@ class placement::keystone::authtoken(
$service_token_roles_required = $::os_service_default,
$service_type = $::os_service_default,
$interface = $::os_service_default,
$params = {},
) {
include placement::deps
@ -232,42 +237,45 @@ class placement::keystone::authtoken(
fail('Please set password for Placement service user')
}
keystone::resource::authtoken { 'placement_config':
username => $username,
password => $password,
project_name => $project_name,
auth_url => $auth_url,
www_authenticate_uri => $www_authenticate_uri,
auth_version => $auth_version,
auth_type => $auth_type,
auth_section => $auth_section,
user_domain_name => $user_domain_name,
project_domain_name => $project_domain_name,
insecure => $insecure,
cache => $cache,
cafile => $cafile,
certfile => $certfile,
delay_auth_decision => $delay_auth_decision,
enforce_token_bind => $enforce_token_bind,
http_connect_timeout => $http_connect_timeout,
http_request_max_retries => $http_request_max_retries,
include_service_catalog => $include_service_catalog,
keyfile => $keyfile,
memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout,
memcache_pool_dead_retry => $memcache_pool_dead_retry,
memcache_pool_maxsize => $memcache_pool_maxsize,
memcache_pool_socket_timeout => $memcache_pool_socket_timeout,
memcache_secret_key => $memcache_secret_key,
memcache_security_strategy => $memcache_security_strategy,
memcache_use_advanced_pool => $memcache_use_advanced_pool,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcached_servers => $memcached_servers,
manage_memcache_package => $manage_memcache_package,
region_name => $region_name,
token_cache_time => $token_cache_time,
service_token_roles => $service_token_roles,
service_token_roles_required => $service_token_roles_required,
service_type => $service_type,
interface => $interface,
keystone::resource::authtoken {
'placement_config':
* => $params;
default:
username => $username,
password => $password,
project_name => $project_name,
auth_url => $auth_url,
www_authenticate_uri => $www_authenticate_uri,
auth_version => $auth_version,
auth_type => $auth_type,
auth_section => $auth_section,
user_domain_name => $user_domain_name,
project_domain_name => $project_domain_name,
insecure => $insecure,
cache => $cache,
cafile => $cafile,
certfile => $certfile,
delay_auth_decision => $delay_auth_decision,
enforce_token_bind => $enforce_token_bind,
http_connect_timeout => $http_connect_timeout,
http_request_max_retries => $http_request_max_retries,
include_service_catalog => $include_service_catalog,
keyfile => $keyfile,
memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout,
memcache_pool_dead_retry => $memcache_pool_dead_retry,
memcache_pool_maxsize => $memcache_pool_maxsize,
memcache_pool_socket_timeout => $memcache_pool_socket_timeout,
memcache_secret_key => $memcache_secret_key,
memcache_security_strategy => $memcache_security_strategy,
memcache_use_advanced_pool => $memcache_use_advanced_pool,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcached_servers => $memcached_servers,
manage_memcache_package => $manage_memcache_package,
region_name => $region_name,
token_cache_time => $token_cache_time,
service_token_roles => $service_token_roles,
service_token_roles_required => $service_token_roles_required,
service_type => $service_type,
interface => $interface;
}
}

View File

@ -128,6 +128,19 @@ describe 'placement::keystone::authtoken' do
it { is_expected.to contain_package('python-memcache') }
end
context 'when overriding parameters via params hash' do
before do
params.merge!({
:username => 'myuser',
:params => { 'username' => 'myotheruser' },
})
end
it 'configure keystone_authtoken' do
is_expected.to contain_placement_config('keystone_authtoken/username').with_value(params[:params]['username'])
end
end
end
on_supported_os({