Deprecate is_admin option from Keystone mw config in Swift proxy

This option has been deprecated some time ago, and finally been removed in Mitaka. Let's deprecate this setting in puppet-swift too; there is no longer a reason to use it from Mitaka on. This patch makes it a noop parameter. See Id6bc10c3e84262c0a9e6160a76af03c0ad363e9c in Swift for reference. Change-Id: I525f5010d56ccdd205a0f9d55db99b0f359f35c3 Co-Authored-By: Pete Zaitcev <zaitcev@redhat.com>
2016-07-20 22:03:16 +02:00 · 2016-07-20 22:03:16 +02:00 · 0bb520569b
parent e8959ee631
commit 0bb520569b
4 changed files with 16 additions and 10 deletions
--- a/manifests/proxy/keystone.pp
+++ b/manifests/proxy/keystone.pp
@ -10,14 +10,14 @@
 #    Swift operator roles must be defined in swift::keystone::auth because
 #    keystone API access is usually not available on Swift proxy nodes.
 #
-#  [*is_admin*]
-#   (Optional) Set to true to allow users to set ACLs on their account.
-#    Defaults to true.
-#
 # [*reseller_prefix*]
 #   (Optional) The prefix used for reseller URL.
 #   Defaults to 'AUTH_'
 #
+# DEPRECATED PARAMETERS
+# [*is_admin*]
+#   Deprecated, this parameter does nothing.
+#
 # == Authors
 #
 #  Dan Bode dan@puppetlabs.com
@ -25,12 +25,17 @@
 #
 class swift::proxy::keystone(
  $operator_roles      = ['admin', 'SwiftOperator'],
-  $is_admin            = true,
-  $reseller_prefix     = 'AUTH_'
+  $reseller_prefix     = 'AUTH_',
+  # DEPRECATED PARAMETERS
+  $is_admin            = undef
 ) {

  include ::swift::deps

+  if $is_admin {
+        warning('is_admin parameter is deprecated, has no effect and will be removed in a future release.')
+  }
+
  concat::fragment { 'swift_keystone':
    target  => '/etc/swift/proxy-server.conf',
    content => template('swift/proxy/keystone.conf.erb'),
--- a/releasenotes/notes/swift_keystone_middleware_is_admin-3743720dc053f65e.yaml
+++ b/releasenotes/notes/swift_keystone_middleware_is_admin-3743720dc053f65e.yaml
@ -0,0 +1,5 @@
+---
+deprecations:
+  - The Swift Keystone middleware option is_admin has been deprecated in the
+    Mitaka release and should be no longer used. It has no more effect and will
+    be removed in a future version.
--- a/spec/classes/swift_proxy_keystone_spec.rb
+++ b/spec/classes/swift_proxy_keystone_spec.rb
@ -15,7 +15,6 @@ describe 'swift::proxy::keystone' do
  describe 'with defaults' do

    it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/operator_roles = admin, SwiftOperator/) }
-    it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/is_admin = true/) }
    it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/reseller_prefix = AUTH_/) }

  end
@ -25,12 +24,10 @@ describe 'swift::proxy::keystone' do
    let :params do
      {
        :operator_roles  => 'foo',
-        :is_admin        => 'false',
        :reseller_prefix => 'SWIFT_'
      }

      it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/operator_roles = foo/) }
-      it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/is_admin = false/) }
      it { is_expected.to contain_concat_fragment('swift_keystone').with_content(/reseller_prefix = SWIFT_/) }

    end
--- a/templates/proxy/keystone.conf.erb
+++ b/templates/proxy/keystone.conf.erb
@ -2,5 +2,4 @@
 [filter:keystone]
 use = egg:swift#keystoneauth
 operator_roles = <%= @operator_roles.to_a.join(', ') %>
-is_admin = <%= @is_admin %>
 reseller_prefix = <%= @reseller_prefix %>