Adjust yes/no to be booleans
Change-Id: I28b76ae92c5a9ca773d0297483bd1f550b094e41
This commit is contained in:
parent
5c6da3e066
commit
43f80842c7
|
@ -34,7 +34,7 @@
|
|||
#
|
||||
# [*listener_auth_peer*]
|
||||
# (optional)
|
||||
# Defaults to 'no'
|
||||
# Defaults to false
|
||||
#
|
||||
# [*listener_idle_timeout*]
|
||||
# (optional)
|
||||
|
@ -51,11 +51,11 @@
|
|||
#
|
||||
# [*listener_require_encrypt*]
|
||||
# (optional) Require the connection to the peer to be encrypted
|
||||
# Defaults to 'no'
|
||||
# Defaults to false
|
||||
#
|
||||
# [*listener_require_ssl*]
|
||||
# (optional) Require the use of SSL or TLS on the connection
|
||||
# Defaults to 'no'
|
||||
# Defaults to false
|
||||
#
|
||||
# [*listener_sasl_mech*]
|
||||
# (optional) List of accepted SASL auth mechanisms
|
||||
|
@ -157,12 +157,12 @@ class qdr(
|
|||
$enable_service = true,
|
||||
$extra_listeners = [],
|
||||
$listener_addr = '127.0.0.1',
|
||||
$listener_auth_peer = 'no',
|
||||
$listener_auth_peer = false,
|
||||
$listener_idle_timeout = '16',
|
||||
$listener_max_frame_size = '16384',
|
||||
$listener_port = '5672',
|
||||
$listener_require_encrypt = 'no',
|
||||
$listener_require_ssl = 'no',
|
||||
$listener_require_encrypt = false,
|
||||
$listener_require_ssl = false,
|
||||
$listener_sasl_mech = 'ANONYMOUS',
|
||||
$listener_ssl_cert_db = undef,
|
||||
$listener_ssl_cert_file = undef,
|
||||
|
@ -196,9 +196,12 @@ class qdr(
|
|||
validate_legacy(String, 'validate_string', $router_id)
|
||||
validate_legacy(String, 'validate_string', $listener_addr)
|
||||
validate_legacy(Integer, 'validate_re', $listener_port, ['\d+'])
|
||||
validate_legacy(Enum['yes', 'no'], 'validate_re', $listener_auth_peer, ['^(yes$|no$)'])
|
||||
validate_legacy(String, 'validate_string', $listener_sasl_mech)
|
||||
|
||||
$listener_auth_peer_bool = qdr::fixTruthy($listener_auth_peer)
|
||||
$listener_require_encrypt_bool = qdr::fixTruthy($listener_require_encrypt)
|
||||
$listener_require_ssl_bool = qdr::fixTruthy($listener_require_ssl)
|
||||
|
||||
# TODO (ansmith) - manage repo via openstack-extras
|
||||
# if $::operatingsystem == 'Ubuntu' {
|
||||
# include apt
|
||||
|
@ -217,3 +220,17 @@ class qdr(
|
|||
-> Class['::qdr::service']
|
||||
|
||||
}
|
||||
|
||||
function qdr::fixTruthy($truthyvar) >> Boolean {
|
||||
if $truthyvar.is_a(String) {
|
||||
validate_legacy(Enum['yes', 'no'], 'validate_re', $truthyvar, ['^(yes$|no$)'])
|
||||
if $truthyvar == 'yes' {
|
||||
return true
|
||||
} elsif $truthyvar == 'no' {
|
||||
return false
|
||||
}
|
||||
} else {
|
||||
validate_legacy(Boolean, 'validate_bool', $truthyvar)
|
||||
return $truthyvar
|
||||
}
|
||||
}
|
||||
|
|
|
@ -75,7 +75,7 @@ describe 'qdr' do
|
|||
should contain_file('qdrouterd.conf').with_content(/workerThreads: 8/)
|
||||
should contain_file('qdrouterd.conf').with_content(/host: 127.0.0.1/)
|
||||
should contain_file('qdrouterd.conf').with_content(/port: 5672/)
|
||||
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: no/)
|
||||
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: false/)
|
||||
should contain_file('qdrouterd.conf').with_content(/saslMechanisms: ANONYMOUS/)
|
||||
should contain_file('qdrouterd.conf').without_content(/sslProfile {/)
|
||||
should contain_file('qdrouterd.conf').without_content(/connector {/)
|
||||
|
@ -90,7 +90,7 @@ describe 'qdr' do
|
|||
:router_worker_threads => '4',
|
||||
:listener_addr => '10.1.1.1',
|
||||
:listener_port => '5671',
|
||||
:listener_auth_peer => 'yes',
|
||||
:listener_auth_peer => true,
|
||||
:listener_sasl_mech => 'ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN',
|
||||
:connectors => [{'role' => 'inter-router'}],
|
||||
:extra_listeners => [{'mode' => 'interior'}],
|
||||
|
@ -102,7 +102,7 @@ describe 'qdr' do
|
|||
should contain_file('qdrouterd.conf').with_content(/workerThreads: 4/)
|
||||
should contain_file('qdrouterd.conf').with_content(/host: 10.1.1.1/)
|
||||
should contain_file('qdrouterd.conf').with_content(/port: 5671/)
|
||||
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: yes/)
|
||||
should contain_file('qdrouterd.conf').with_content(/authenticatePeer: true/)
|
||||
should contain_file('qdrouterd.conf').with_content(/saslMechanisms: ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN/)
|
||||
should contain_file('qdrouterd.conf').with_content(/role: inter-router/)
|
||||
should contain_file('qdrouterd.conf').with_content(/mode: interior/)
|
||||
|
@ -113,6 +113,25 @@ describe 'qdr' do
|
|||
|
||||
context 'with qdr ssl enabled' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:listener_require_ssl => true,
|
||||
:listener_ssl_cert_db => '/etc/ssl/certs/ca-bundle.crt',
|
||||
:listener_ssl_cert_file => '/etc/pki/ca-trust/source/anchors/puppet_qdr.pem',
|
||||
:listener_ssl_key_file => '/etc/qpid-dispatch/ssl/puppet_qdr.pem',
|
||||
}
|
||||
end
|
||||
|
||||
it do
|
||||
should contain_file('qdrouterd.conf').with_content(/sslProfile {/)
|
||||
should contain_file('qdrouterd.conf').with_content(/certDb: \/etc\/ssl\/certs\/ca-bundle.crt/)
|
||||
should contain_file('qdrouterd.conf').with_content(/certFile: \/etc\/pki\/ca-trust\/source\/anchors\/puppet_qdr.pem/)
|
||||
should contain_file('qdrouterd.conf').with_content(/keyFile: \/etc\/qpid-dispatch\/ssl\/puppet_qdr.pem/)
|
||||
end
|
||||
end
|
||||
|
||||
context 'with qdr ssl enabled using backwards compatible truthy string' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:listener_require_ssl => 'yes',
|
||||
|
@ -130,6 +149,21 @@ describe 'qdr' do
|
|||
end
|
||||
end
|
||||
|
||||
context 'with qdr ssl disabled using backwards compatible truthy string' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:listener_require_ssl => 'no',
|
||||
:listener_ssl_cert_file => 'SHOULDNOTSHOWUP',
|
||||
}
|
||||
end
|
||||
|
||||
it do
|
||||
|
||||
should contain_file('qdrouterd.conf').without_content(/SHOULDNOTSHOWUP/)
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
|
|
|
@ -29,7 +29,7 @@ router {
|
|||
saslConfigName: <%= @router_sasl_name %>
|
||||
}
|
||||
|
||||
<%- if @listener_require_ssl == 'yes' -%>
|
||||
<%- if @listener_require_ssl_bool -%>
|
||||
sslProfile {
|
||||
name: <%= @router_id %>
|
||||
certDb: <%= @listener_ssl_cert_db %>
|
||||
|
@ -50,10 +50,10 @@ sslProfile {
|
|||
listener {
|
||||
host: <%= @listener_addr %>
|
||||
port: <%= @listener_port %>
|
||||
<%- if @listener_require_ssl == 'yes' -%>
|
||||
<%- if @listener_require_ssl_bool -%>
|
||||
sslProfile: <%= @router_id %>
|
||||
<%- end -%>
|
||||
authenticatePeer: <%= @listener_auth_peer %>
|
||||
authenticatePeer: <%= @listener_auth_peer_bool %>
|
||||
saslMechanisms: <%= @listener_sasl_mech %>
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue