Browse Source

Service_token_roles_required missing in the server config file

Service_token_roles_required missing in the server config file which
allows backwards compatibility to ensure that the service tokens are
compared against a list of possible roles for validity.

Change-Id: I985f74ca445fab6be1a7d8bf3f33531f0330149a
Closes-Bug: 1778198
tags/1.2.0
ZhongShengping 3 months ago
parent
commit
865209bd1b

+ 8
- 0
manifests/keystone/authtoken.pp View File

@@ -160,6 +160,12 @@
160 160
 #   (in seconds). Set to -1 to disable caching completely. Integer value
161 161
 #   Defaults to $::os_service_default.
162 162
 #
163
+# [*service_token_roles_required*]
164
+#   (optional) backwards compatibility to ensure that the service tokens are
165
+#   compared against a list of possible roles for validity
166
+#   true/false
167
+#   Defaults to $::os_service_default.
168
+#
163 169
 class senlin::keystone::authtoken(
164 170
   $password,
165 171
   $username                       = 'senlin',
@@ -193,6 +199,7 @@ class senlin::keystone::authtoken(
193 199
   $manage_memcache_package        = false,
194 200
   $region_name                    = $::os_service_default,
195 201
   $token_cache_time               = $::os_service_default,
202
+  $service_token_roles_required   = $::os_service_default,
196 203
 ) {
197 204
 
198 205
   include ::senlin::deps
@@ -230,6 +237,7 @@ class senlin::keystone::authtoken(
230 237
     manage_memcache_package        => $manage_memcache_package,
231 238
     region_name                    => $region_name,
232 239
     token_cache_time               => $token_cache_time,
240
+    service_token_roles_required   => $service_token_roles_required,
233 241
   }
234 242
 }
235 243
 

+ 5
- 0
releasenotes/notes/service_token_roles_required-b9edb92dee509b67.yaml View File

@@ -0,0 +1,5 @@
1
+---
2
+features:
3
+  - Service_token_roles_required missing in the server config file which
4
+    allows backwards compatibility to ensure that the service tokens are
5
+    compared against a list of possible roles for validity.

+ 3
- 0
spec/classes/senlin_keystone_authtoken_spec.rb View File

@@ -42,6 +42,7 @@ describe 'senlin::keystone::authtoken' do
42 42
         is_expected.to contain_senlin_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
43 43
         is_expected.to contain_senlin_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
44 44
         is_expected.to contain_senlin_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
45
+        is_expected.to contain_senlin_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
45 46
       end
46 47
     end
47 48
 
@@ -80,6 +81,7 @@ describe 'senlin::keystone::authtoken' do
80 81
           :manage_memcache_package              => true,
81 82
           :region_name                          => 'region2',
82 83
           :token_cache_time                     => '301',
84
+          :service_token_roles_required         => false,
83 85
         })
84 86
       end
85 87
 
@@ -115,6 +117,7 @@ describe 'senlin::keystone::authtoken' do
115 117
         is_expected.to contain_senlin_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
116 118
         is_expected.to contain_senlin_config('keystone_authtoken/region_name').with_value(params[:region_name])
117 119
         is_expected.to contain_senlin_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
120
+        is_expected.to contain_senlin_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
118 121
       end
119 122
 
120 123
       it 'installs python memcache package' do

Loading…
Cancel
Save