Add support for audit middleware

Co-Authored-By: Christian Schwede <cschwede@redhat.com> Depends-On: Id1b2944783ecaaa631ce9c1ceebfa1a30de4d4c6 Change-Id: Ifa4e2ed894844ab1c7501f8edc18e55a9dea7e61
2019-08-30 12:24:22 +02:00 · 2019-08-30 12:24:22 +02:00 · 2976c7d889
parent 5ac50fe577
commit 2976c7d889
3 changed files with 69 additions and 0 deletions
--- a/manifests/proxy/audit.pp
+++ b/manifests/proxy/audit.pp
@ -0,0 +1,31 @@
+# == Class: swift::proxy::audit
+#
+# Configure audit middleware for Swift proxy.
+#
+# === Parameters
+#
+# [*filter_factory*]
+#   (Optional) The audit filter factory.
+#   Defaults to 'keystonemiddleware.audit:filter_factory'
+#
+# [*audit_map_file*]
+#   (Optional) The audit map file.
+#   Defaults to '/etc/pycadf/swift_api_audit_map.conf'
+#
+# == Authors
+#
+# Christian Schwede <cschwede@redhat.com>
+# Tobias Urdin <tobias.urdin@binero.se>
+#
+class swift::proxy::audit (
+  $filter_factory = 'keystonemiddleware.audit:filter_factory',
+  $audit_map_file = '/etc/pycadf/swift_api_audit_map.conf',
+) {
+
+  include ::swift::deps
+
+  swift_proxy_config {
+    'filter:audit/paste.filter_factory': value => $filter_factory;
+    'filter:audit/audit_map_file':       value => $audit_map_file;
+  }
+}
--- a/releasenotes/notes/add-swift-proxy-audit-3ee76986d46aa9f4.yaml
+++ b/releasenotes/notes/add-swift-proxy-audit-3ee76986d46aa9f4.yaml
@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Added swift::proxy::audit class to configure audit middleware for Swift proxy.
--- a/spec/classes/swift_proxy_audit_spec.rb
+++ b/spec/classes/swift_proxy_audit_spec.rb
@ -0,0 +1,34 @@
+require 'spec_helper'
+
+describe 'swift::proxy::audit' do
+  shared_examples 'swift::proxy::audit' do
+    context 'when using default parameters' do
+      it { is_expected.to contain_swift_proxy_config('filter:audit/paste.filter_factory').with_value('keystonemiddleware.audit:filter_factory') }
+      it { is_expected.to contain_swift_proxy_config('filter:audit/audit_map_file').with_value('/etc/pycadf/swift_api_audit_map.conf') }
+    end
+
+    context 'when overriding default parameters' do
+      let :params do
+        {
+          :filter_factory => 'keystonemiddleware.audit:some_audit',
+          :audit_map_file => '/etc/some_audit/some_audit.conf'
+        }
+      end
+
+      it { is_expected.to contain_swift_proxy_config('filter:audit/paste.filter_factory').with_value('keystonemiddleware.audit:some_audit') }
+      it { is_expected.to contain_swift_proxy_config('filter:audit/audit_map_file').with_value('/etc/some_audit/some_audit.conf') }
+    end
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'swift::proxy::audit'
+    end
+  end
+end