Do not test detail of keystone::resource::service_identity

... but test interfaces of that resource type. This helps us avoid
direct breakage caused by any change in puppet-keystone.

Change-Id: I137857f621bfa2fd29f19e621d665979b5cee3d0

spec/classes/swift_keystone_auth_spec.rb

@@ -1,185 +1,114 @@
+#
+# Unit tests for swift::keystone::auth
+#
+
 require 'spec_helper'
 
 describe 'swift::keystone::auth' do
-  let :params do
-    { }
-  end
-
-  let :default_params do
-    {
-      :auth_name         => 'swift',
-      :password          => 'swift_password',
-      :tenant            => 'services',
-      :email             => 'swift@localhost',
-      :region            => 'RegionOne',
-      :operator_roles    => ['admin', 'SwiftOperator'],
-      :public_url        => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
-      :admin_url         => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
-      :internal_url      => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
-      :public_url_s3     => 'http://127.0.0.1:8080',
-      :admin_url_s3      => 'http://127.0.0.1:8080',
-      :internal_url_s3   => 'http://127.0.0.1:8080',
-      :service_name      => 'swift',
-      :service_name_s3   => 'swift_s3',
-    }
-  end
-
-  shared_examples 'swift::keystone::auth' do
+  shared_examples_for 'swift::keystone::auth' do
     context 'with default class parameters' do
-      it_configures 'keystone::auth::configuration'
-
-      ['admin', 'SwiftOperator'].each do |role_name|
-        it { is_expected.to contain_keystone_role(role_name).with_ensure('present') }
+      let :params do
+        { :password => 'swift_password' }
       end
+
+      it { is_expected.to contain_keystone__resource__service_identity('swift').with(
+        :configure_user      => true,
+        :configure_user_role => true,
+        :configure_endpoint  => true,
+        :service_name        => 'swift',
+        :service_type        => 'object-store',
+        :service_description => 'Openstack Object-Store Service',
+        :region              => 'RegionOne',
+        :auth_name           => 'swift',
+        :password            => 'swift_password',
+        :email               => 'swift@localhost',
+        :tenant              => 'services',
+        :public_url          => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
+        :internal_url        => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
+        :admin_url           => 'http://127.0.0.1:8080',
+      ) }
+
+      it { is_expected.to contain_keystone__resource__service_identity('swift_s3').with(
+        :configure_user      => false,
+        :configure_user_role => false,
+        :configure_endpoint  => true,
+        :service_name        => 'swift_s3',
+        :service_type        => 's3',
+        :service_description => 'Openstack S3 Service',
+        :region              => 'RegionOne',
+        :public_url          => 'http://127.0.0.1:8080',
+        :internal_url        => 'http://127.0.0.1:8080',
+        :admin_url           => 'http://127.0.0.1:8080',
+      ) }
+
+      it { is_expected.to contain_keystone_role('admin').with(
+        :ensure => 'present'
+      ) }
+      it { is_expected.to contain_keystone_role('SwiftOperator').with(
+        :ensure => 'present'
+      ) }
     end
 
-    context 'with custom parameters' do
-      before do
-        params.merge!({
-          :auth_name       => 'object_store',
-          :password        => 'passw0rd',
-          :tenant          => 'admin',
-          :email           => 'object_store@localhost',
-          :region          => 'RegionTwo',
-          :operator_roles  => ['admin', 'SwiftOperator', 'Gopher'],
-          :public_url      => 'https://10.0.0.10:8080/v1/AUTH_%(tenant_id)s',
-          :internal_url    => 'https://10.0.0.11:8080/v1/AUTH_%(tenant_id)s',
-          :admin_url       => 'https://10.0.0.11:8080/v1/AUTH_%(tenant_id)s',
-          :public_url_s3   => 'https://10.0.0.10:8080',
-          :internal_url_s3 => 'https://10.0.0.11:8080',
-          :admin_url_s3    => 'https://10.0.0.11:8080',
-        })
+    context 'when overriding parameters' do
+      let :params do
+        { :password               => 'swift_password',
+          :auth_name              => 'alt_swift',
+          :email                  => 'alt_swift@alt_localhost',
+          :tenant                 => 'alt_service',
+          :configure_endpoint     => false,
+          :configure_s3_endpoint  => false,
+          :configure_user         => false,
+          :configure_user_role    => false,
+          :service_description    => 'Alternative Openstack Object-Store Service',
+          :service_name           => 'alt_service',
+          :service_type           => 'alt_object-store',
+          :service_description_s3 => 'Alternative Openstack S3 Service',
+          :service_name_s3        => 'alt_service_s3',
+          :service_type_s3        => 'alt_s3',
+          :region                 => 'RegionTwo',
+          :public_url             => 'https://10.10.10.10:80',
+          :internal_url           => 'http://10.10.10.11:81',
+          :admin_url              => 'http://10.10.10.12:81',
+          :operator_roles         => ['role1', 'role2']
+        }
       end
 
-      it_configures 'keystone::auth::configuration'
+      it { is_expected.to contain_keystone__resource__service_identity('swift').with(
+        :configure_user      => false,
+        :configure_user_role => false,
+        :configure_endpoint  => false,
+        :service_name        => 'alt_service',
+        :service_type        => 'alt_object-store',
+        :service_description => 'Alternative Openstack Object-Store Service',
+        :region              => 'RegionTwo',
+        :auth_name           => 'alt_swift',
+        :password            => 'swift_password',
+        :email               => 'alt_swift@alt_localhost',
+        :tenant              => 'alt_service',
+        :public_url          => 'https://10.10.10.10:80',
+        :internal_url        => 'http://10.10.10.11:81',
+        :admin_url           => 'http://10.10.10.12:81',
+      ) }
+      it { is_expected.to contain_keystone__resource__service_identity('swift_s3').with(
+        :configure_user      => false,
+        :configure_user_role => false,
+        :configure_endpoint  => false,
+        :service_name        => 'alt_service_s3',
+        :service_type        => 'alt_s3',
+        :service_description => 'Alternative Openstack S3 Service',
+        :region              => 'RegionTwo',
+        :public_url          => 'http://127.0.0.1:8080',
+        :internal_url        => 'http://127.0.0.1:8080',
+        :admin_url           => 'http://127.0.0.1:8080',
+      ) }
 
-      ['admin', 'SwiftOperator', 'Gopher'].each do |role_name|
-        it { is_expected.to contain_keystone_role(role_name).with_ensure('present') }
-      end
-
-      it { is_expected.to contain_keystone_endpoint("#{params[:region]}/#{default_params[:service_name]}::object-store").with(
-        :ensure       => 'present',
-        :public_url   => params[:public_url],
-        :admin_url    => params[:admin_url],
-        :internal_url => params[:internal_url],
-      )}
-
-      it { is_expected.to contain_keystone_endpoint("#{params[:region]}/#{default_params[:service_name_s3]}::s3").with(
-        :ensure       => 'present',
-        :public_url   => params[:public_url_s3],
-        :admin_url    => params[:admin_url_s3],
-        :internal_url => params[:internal_url_s3],
-      )}
-
-      context 'when disabling endpoint configuration' do
-        before do
-          params.merge!(:configure_endpoint => false)
-        end
-
-        it { is_expected.to_not contain_keystone_endpoint('RegionOne/swift::object-store') }
-      end
-
-      context 'when disabling S3 endpoint' do
-        before do
-          params.merge!(:configure_s3_endpoint => false)
-        end
-
-        it { is_expected.to_not contain_keystone_service('swift_s3::s3') }
-        it { is_expected.to_not contain_keystone_endpoint('RegionOne/swift_s3::s3') }
-      end
+      it { is_expected.to contain_keystone_role('role1').with(
+        :ensure => 'present'
+      ) }
+      it { is_expected.to contain_keystone_role('role2').with(
+        :ensure => 'present'
+      ) }
     end
-
-    context 'when overriding service name' do
-      before do
-        params.merge!({
-          :service_name    => 'swift_service',
-          :service_name_s3 => 'swift_service_s3',
-        })
-      end
-
-      it 'configures correct user name' do
-        is_expected.to contain_keystone_user('swift')
-      end
-
-      it 'configures correct user role' do
-        is_expected.to contain_keystone_user_role('swift@services')
-      end
-
-      it 'configures correct service name' do
-        is_expected.to contain_keystone_service('swift_service::object-store')
-        is_expected.to contain_keystone_service('swift_service_s3::s3')
-      end
-
-      it 'configures correct endpoint name' do
-        is_expected.to contain_keystone_endpoint('RegionOne/swift_service::object-store')
-        is_expected.to contain_keystone_endpoint('RegionOne/swift_service_s3::s3')
-      end
-    end
-  end
-
-  shared_examples 'keystone::auth::configuration' do
-    let :p do
-      default_params.merge( params )
-    end
-
-    context 'when user configuration is set to default' do
-
-      it { is_expected.to contain_keystone_user(p[:auth_name]).with(
-        :ensure   => 'present',
-        :password => p[:password],
-        :email    => p[:email],
-      )}
-
-      it { is_expected.to contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}").with(
-        :ensure  => 'present',
-        :roles   => ['admin'],
-      )}
-
-      it { is_expected.to contain_keystone_service("swift::object-store").with(
-        :ensure      => 'present',
-        :type        => 'object-store',
-        :description => 'Openstack Object-Store Service'
-      )}
-
-      it { is_expected.to contain_keystone_service('swift_s3::s3').with(
-        :ensure      => 'present',
-        :type        => 's3',
-        :description => 'Openstack S3 Service'
-      )}
-    end
-
-    context 'when user configuration is disabled' do
-      before do
-        params.merge!( :configure_user => false )
-      end
-
-      it { is_expected.to_not contain_keystone_user(p[:auth_name]) }
-      it { is_expected.to contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}") }
-
-      it { is_expected.to contain_keystone_service('swift::object-store').with(
-        :ensure       => 'present',
-        :type         => 'object-store',
-        :description  => 'Openstack Object-Store Service'
-        )}
-    end
-
-    context 'when disabling user and role configuration' do
-      before do
-        params.merge!(
-          :configure_user       => false,
-          :configure_user_role  => false
-        )
-      end
-
-        it { is_expected.to_not contain_keystone_user(p[:auth_name]) }
-        it { is_expected.to_not contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}") }
-
-        it { is_expected.to contain_keystone_service('swift::object-store').with(
-          :ensure       => 'present',
-          :type         => 'object-store',
-          :description  => 'Openstack Object-Store Service'
-        )}
-     end
   end
 
   on_supported_os({
@@ -187,10 +116,10 @@ describe 'swift::keystone::auth' do
   }).each do |os,facts|
     context "on #{os}" do
       let (:facts) do
-        facts.merge(OSDefaults.get_facts())
+        facts.merge!(OSDefaults.get_facts())
       end
 
-      it_configures 'swift::keystone::auth'
+      it_behaves_like 'swift::keystone::auth'
     end
   end
 end