Add support for the interface parameter in authtoken middleware
This patch adds support for [keystone_authtoken] interface parameter, so that operators can define which endpoint should be used by authtoken middleware. Change-Id: I2e84c07cd0609d9636682326f70b9d366994205f (cherry picked from commitd733228e00
) (cherry picked from commitf77f29b4ea
)
This commit is contained in:
parent
e8c5a9de67
commit
b93e88d0d6
|
@ -168,6 +168,11 @@
|
||||||
# true/false
|
# true/false
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
#
|
#
|
||||||
|
# [*interface*]
|
||||||
|
# (Optional) Interface to use for the Identity API endpoint. Valid values are
|
||||||
|
# "public", "internal" or "admin".
|
||||||
|
# Defaults to $::os_service_default.
|
||||||
|
#
|
||||||
class sahara::keystone::authtoken(
|
class sahara::keystone::authtoken(
|
||||||
$username = 'sahara',
|
$username = 'sahara',
|
||||||
$password = $::os_service_default,
|
$password = $::os_service_default,
|
||||||
|
@ -202,6 +207,7 @@ class sahara::keystone::authtoken(
|
||||||
$region_name = $::os_service_default,
|
$region_name = $::os_service_default,
|
||||||
$token_cache_time = $::os_service_default,
|
$token_cache_time = $::os_service_default,
|
||||||
$service_token_roles_required = $::os_service_default,
|
$service_token_roles_required = $::os_service_default,
|
||||||
|
$interface = $::os_service_default,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include ::sahara::deps
|
include ::sahara::deps
|
||||||
|
@ -240,6 +246,7 @@ class sahara::keystone::authtoken(
|
||||||
region_name => $region_name,
|
region_name => $region_name,
|
||||||
token_cache_time => $token_cache_time,
|
token_cache_time => $token_cache_time,
|
||||||
service_token_roles_required => $service_token_roles_required,
|
service_token_roles_required => $service_token_roles_required,
|
||||||
|
interface => $interface,
|
||||||
}
|
}
|
||||||
|
|
||||||
sahara_config {
|
sahara_config {
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
The new ``sahara::keystone::authtoken::interface`` parameter has been added,
|
||||||
|
which can be used to set the interface parameter in authtoken middleware.
|
|
@ -43,6 +43,7 @@ describe 'sahara::keystone::authtoken' do
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_sahara_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_sahara_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
|
is_expected.to contain_sahara_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
|
||||||
|
is_expected.to contain_sahara_config('keystone_authtoken/interface').with_value('<SERVICE DEFAULT>')
|
||||||
is_expected.to contain_sahara_config('trustee/username').with_value('sahara')
|
is_expected.to contain_sahara_config('trustee/username').with_value('sahara')
|
||||||
is_expected.to contain_sahara_config('trustee/password').with_value('sahara_password')
|
is_expected.to contain_sahara_config('trustee/password').with_value('sahara_password')
|
||||||
is_expected.to contain_sahara_config('trustee/auth_url').with_value('http://127.0.0.1:5000/')
|
is_expected.to contain_sahara_config('trustee/auth_url').with_value('http://127.0.0.1:5000/')
|
||||||
|
@ -90,6 +91,7 @@ describe 'sahara::keystone::authtoken' do
|
||||||
:region_name => 'region2',
|
:region_name => 'region2',
|
||||||
:token_cache_time => '301',
|
:token_cache_time => '301',
|
||||||
:service_token_roles_required => false,
|
:service_token_roles_required => false,
|
||||||
|
:interface => 'internal',
|
||||||
})
|
})
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -126,6 +128,7 @@ describe 'sahara::keystone::authtoken' do
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/region_name').with_value(params[:region_name])
|
is_expected.to contain_sahara_config('keystone_authtoken/region_name').with_value(params[:region_name])
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
|
is_expected.to contain_sahara_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
|
||||||
is_expected.to contain_sahara_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
|
is_expected.to contain_sahara_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
|
||||||
|
is_expected.to contain_sahara_config('keystone_authtoken/interface').with_value(params[:interface])
|
||||||
is_expected.to contain_sahara_config('trustee/username').with_value(params[:username])
|
is_expected.to contain_sahara_config('trustee/username').with_value(params[:username])
|
||||||
is_expected.to contain_sahara_config('trustee/password').with_value(params[:password]).with_secret(true)
|
is_expected.to contain_sahara_config('trustee/password').with_value(params[:password]).with_secret(true)
|
||||||
is_expected.to contain_sahara_config('trustee/auth_url').with_value(params[:auth_url])
|
is_expected.to contain_sahara_config('trustee/auth_url').with_value(params[:auth_url])
|
||||||
|
|
Loading…
Reference in New Issue