Add system/project reader roles parameters
Change-Id: I34640f6245ad94d32c0a8eba46bf5ffc5e2efb81
This commit is contained in:
parent
787a87d24f
commit
969babc71e
|
@ -20,23 +20,39 @@
|
||||||
# (Optional)
|
# (Optional)
|
||||||
# Defaults to Undef.
|
# Defaults to Undef.
|
||||||
#
|
#
|
||||||
|
# [*project_reader_roles*]
|
||||||
|
# Project reader roles are similar to account owners, but are not
|
||||||
|
# allowed to write any data.
|
||||||
|
# (Optional)
|
||||||
|
# Default to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*system_reader_roles*]
|
||||||
|
# System reader roles are similar to reseller_admin_roles, but are not
|
||||||
|
# allowed to write any data.
|
||||||
|
# (Optional)
|
||||||
|
# Default to $::os_service_default
|
||||||
|
#
|
||||||
# == Authors
|
# == Authors
|
||||||
#
|
#
|
||||||
# Dan Bode dan@puppetlabs.com
|
# Dan Bode dan@puppetlabs.com
|
||||||
# Francois Charlier fcharlier@ploup.net
|
# Francois Charlier fcharlier@ploup.net
|
||||||
#
|
#
|
||||||
class swift::proxy::keystone(
|
class swift::proxy::keystone(
|
||||||
$operator_roles = ['admin', 'SwiftOperator'],
|
$operator_roles = ['admin', 'SwiftOperator'],
|
||||||
$reseller_prefix = 'AUTH_',
|
$reseller_prefix = 'AUTH_',
|
||||||
$reseller_admin_role = undef,
|
$reseller_admin_role = undef,
|
||||||
|
$project_reader_roles = $::os_service_default,
|
||||||
|
$system_reader_roles = $::os_service_default,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include swift::deps
|
include swift::deps
|
||||||
|
|
||||||
swift_proxy_config {
|
swift_proxy_config {
|
||||||
'filter:keystone/use': value => 'egg:swift#keystoneauth';
|
'filter:keystone/use': value => 'egg:swift#keystoneauth';
|
||||||
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
|
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
|
||||||
'filter:keystone/reseller_prefix': value => $reseller_prefix;
|
'filter:keystone/reseller_prefix': value => $reseller_prefix;
|
||||||
'filter:keystone/reseller_admin_role': value => $reseller_admin_role;
|
'filter:keystone/reseller_admin_role': value => $reseller_admin_role;
|
||||||
|
'filter:keystone/project_reader_roles': value => join(any2array($project_reader_roles), ', ');
|
||||||
|
'filter:keystone/system_reader_roles': value => join(any2array($system_reader_roles), ', ');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Adds new parameters to set system and project reader role configs in Swift.
|
|
@ -7,19 +7,25 @@ describe 'swift::proxy::keystone' do
|
||||||
describe 'with defaults' do
|
describe 'with defaults' do
|
||||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/operator_roles').with_value('admin, SwiftOperator') }
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/operator_roles').with_value('admin, SwiftOperator') }
|
||||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_prefix').with_value('AUTH_') }
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_prefix').with_value('AUTH_') }
|
||||||
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/project_reader_roles').with_value('<SERVICE DEFAULT>') }
|
||||||
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/system_reader_roles').with_value('<SERVICE DEFAULT>') }
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'with parameter overrides' do
|
describe 'with parameter overrides' do
|
||||||
let :params do
|
let :params do
|
||||||
{
|
{
|
||||||
:operator_roles => 'foo',
|
:operator_roles => 'foo',
|
||||||
:reseller_prefix => 'SWIFT_',
|
:reseller_prefix => 'SWIFT_',
|
||||||
:reseller_admin_role => 'ResellerAdmin'
|
:reseller_admin_role => 'ResellerAdmin',
|
||||||
|
:project_reader_roles => ['SwiftProjectReader'],
|
||||||
|
:system_reader_roles => ['SwiftSystemReader'],
|
||||||
}
|
}
|
||||||
|
|
||||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/operator_roles').with_value('foo') }
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/operator_roles').with_value('foo') }
|
||||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_prefix').with_value('SWIFT_') }
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_prefix').with_value('SWIFT_') }
|
||||||
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_admin_role').with_value('ResellerAdmin') }
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/reseller_admin_role').with_value('ResellerAdmin') }
|
||||||
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/project_reader_roles').with_value('SwiftProjectReader') }
|
||||||
|
it { is_expected.to contain_swift_proxy_config('filter:keystone/system_reader_roles').with_value('SwiftSystemReader') }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue