Allow configuration of admin and internal protocols for keystone endpoint

The public address is already configurable (http or https). This change introduces the possibility of also configuring admin and internal endpoint protocols as well. They are defaulted to http and therefore the change is non-breaking and backwards compatible. There was also no existing spec tests for overriding the public protocol, this is fixed in this commit. Change-Id: I1baafa444636729c4b73d2cca0753f6348fbd2a0
2014-01-17 15:35:50 -05:00 · 2014-01-17 15:35:50 -05:00 · a5b5e1211f
commit a5b5e1211f
parent 449fd78f48
2 changed files with 32 additions and 4 deletions
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@ -29,7 +29,9 @@ class swift::keystone::auth(
  $public_protocol   = 'http',
  $public_address    = undef,
  $public_port       = undef,
+  $admin_protocol    = 'http',
  $admin_address     = undef,
+  $internal_protocol = 'http',
  $internal_address  = undef
 ) {

@ -78,8 +80,8 @@ if $address != '127.0.0.1' {
  keystone_endpoint { "${region}/${auth_name}":
    ensure       => present,
    public_url   => "${public_protocol}://${real_public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
-    admin_url    => "http://${real_admin_address}:${port}/",
-    internal_url => "http://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
+    admin_url    => "${admin_protocol}://${real_admin_address}:${port}/",
+    internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
  }

  keystone_service { "${auth_name}_s3":
@ -90,8 +92,8 @@ if $address != '127.0.0.1' {
  keystone_endpoint { "${region}/${auth_name}_s3":
    ensure       => present,
    public_url   => "${public_protocol}://${real_public_address}:${real_public_port}",
-    admin_url    => "http://${real_admin_address}:${port}",
-    internal_url => "http://${real_internal_address}:${port}",
+    admin_url    => "${admin_protocol}://${real_admin_address}:${port}",
+    internal_url => "${internal_protocol}://${real_internal_address}:${port}",
  }
  if $operator_roles {
    #Roles like "admin" may be defined elsewhere, so use ensure_resource
--- a/spec/classes/swift_keystone_auth_spec.rb
+++ b/spec/classes/swift_keystone_auth_spec.rb
@ -46,6 +46,32 @@ describe 'swift::keystone::auth' do
    end
  end

+  describe 'overriding public_port public_protocol, admin_protocol and internal_protocol' do
+
+    let :params do
+      {
+        :port              => '443',
+        :public_protocol   => 'https',
+        :admin_protocol    => 'https',
+        :internal_protocol => 'https',
+      }
+    end
+
+    it { should contain_keystone_endpoint('RegionOne/swift').with(
+      :ensure       => 'present',
+      :public_url   => "https://127.0.0.1:443/v1/AUTH_%(tenant_id)s",
+      :admin_url    => "https://127.0.0.1:443/",
+      :internal_url => "https://127.0.0.1:443/v1/AUTH_%(tenant_id)s"
+    ) }
+
+    it { should contain_keystone_endpoint('RegionOne/swift_s3').with(
+      :ensure       => 'present',
+      :public_url   => 'https://127.0.0.1:443',
+      :admin_url    => 'https://127.0.0.1:443',
+      :internal_url => 'https://127.0.0.1:443'
+    ) }
+  end
+
  describe 'when overriding public_port, public address, admin_address and internal_address' do

    let :params do