From eb5eb1f961e3cc7406a4ed7362f32fd8fe4076df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mathieu=20Gagne=CC=81?= <mgagne@iweb.com>
Date: Tue, 11 Feb 2014 15:46:20 -0500
Subject: [PATCH] Add ability to disable endpoint configuration

It is possible to disable endpoint configuration by setting
the value of the configure_endpoint and configure_s3_endpoint
parameters to false.

The default value is true, preserving default behavior.

Change-Id: I0f9afb78c181573a30f93dc4f862f86baa3efe31
Closes-bug: #1279071
---
 manifests/keystone/auth.pp               | 67 ++++++++++++++----------
 spec/classes/swift_keystone_auth_spec.rb | 17 ++++++
 2 files changed, 55 insertions(+), 29 deletions(-)

diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp
index 0aed3d96..5a07ce85 100644
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@@ -18,20 +18,22 @@
 #  Array of strings. List of roles Swift considers as admin.
 #
 class swift::keystone::auth(
-  $auth_name         = 'swift',
-  $password          = 'swift_password',
-  $port              = '8080',
-  $tenant            = 'services',
-  $email             = 'swift@localhost',
-  $region            = 'RegionOne',
-  $operator_roles    = ['admin', 'SwiftOperator'],
-  $public_protocol   = 'http',
-  $public_address    = '127.0.0.1',
-  $public_port       = undef,
-  $admin_protocol    = 'http',
-  $admin_address     = undef,
-  $internal_protocol = 'http',
-  $internal_address  = undef
+  $auth_name              = 'swift',
+  $password               = 'swift_password',
+  $port                   = '8080',
+  $tenant                 = 'services',
+  $email                  = 'swift@localhost',
+  $region                 = 'RegionOne',
+  $operator_roles         = ['admin', 'SwiftOperator'],
+  $public_protocol        = 'http',
+  $public_address         = '127.0.0.1',
+  $public_port            = undef,
+  $admin_protocol         = 'http',
+  $admin_address          = undef,
+  $internal_protocol      = 'http',
+  $internal_address       = undef,
+  $configure_endpoint     = true,
+  $configure_s3_endpoint = true
 ) {
 
   if ! $public_port {
@@ -67,24 +69,31 @@ class swift::keystone::auth(
     type        => 'object-store',
     description => 'Openstack Object-Store Service',
   }
-  keystone_endpoint { "${region}/${auth_name}":
-    ensure       => present,
-    public_url   => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
-    admin_url    => "${admin_protocol}://${real_admin_address}:${port}/",
-    internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
+
+  if $configure_endpoint {
+    keystone_endpoint { "${region}/${auth_name}":
+      ensure       => present,
+      public_url   => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
+      admin_url    => "${admin_protocol}://${real_admin_address}:${port}/",
+      internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
+    }
   }
 
-  keystone_service { "${auth_name}_s3":
-    ensure      => present,
-    type        => 's3',
-    description => 'Openstack S3 Service',
-  }
-  keystone_endpoint { "${region}/${auth_name}_s3":
-    ensure       => present,
-    public_url   => "${public_protocol}://${public_address}:${real_public_port}",
-    admin_url    => "${admin_protocol}://${real_admin_address}:${port}",
-    internal_url => "${internal_protocol}://${real_internal_address}:${port}",
+  if $configure_s3_endpoint {
+    keystone_service { "${auth_name}_s3":
+      ensure      => present,
+      type        => 's3',
+      description => 'Openstack S3 Service',
+    }
+
+    keystone_endpoint { "${region}/${auth_name}_s3":
+      ensure       => present,
+      public_url   => "${public_protocol}://${public_address}:${real_public_port}",
+      admin_url    => "${admin_protocol}://${real_admin_address}:${port}",
+      internal_url => "${internal_protocol}://${real_internal_address}:${port}",
+    }
   }
+
   if $operator_roles {
     #Roles like "admin" may be defined elsewhere, so use ensure_resource
     ensure_resource('keystone_role', $operator_roles, { 'ensure' => 'present' })
diff --git a/spec/classes/swift_keystone_auth_spec.rb b/spec/classes/swift_keystone_auth_spec.rb
index 1ba6c9fa..b94767c6 100644
--- a/spec/classes/swift_keystone_auth_spec.rb
+++ b/spec/classes/swift_keystone_auth_spec.rb
@@ -59,6 +59,23 @@ describe 'swift::keystone::auth' do
         it { should contain_keystone_role(role_name).with_ensure('present') }
       end
     end
+
+    context 'when disabling endpoint configuration' do
+      before do
+        params.merge!(:configure_endpoint => false)
+      end
+
+      it { should_not contain_keystone_endpoint('RegionOne/swift') }
+    end
+
+    context 'when disabling S3 endpoint' do
+      before do
+        params.merge!(:configure_s3_endpoint => false)
+      end
+
+      it { should_not contain_keystone_service('swift_s3') }
+      it { should_not contain_keystone_endpoint('RegionOne/swift_s3') }
+    end
   end
 
   shared_examples_for 'keystone auth configuration' do