openstack/puppet-swift
Code Issues Proposed changes

Add ability to disable endpoint configuration

Browse Source 
It is possible to disable endpoint configuration by setting
the value of the configure_endpoint and configure_s3_endpoint
parameters to false.

The default value is true, preserving default behavior.

Change-Id: I0f9afb78c181573a30f93dc4f862f86baa3efe31
Closes-bug: #1279071
This commit is contained in:
Mathieu Gagné 2014-02-11 15:46:20 -05:00
parent c26875a010
commit eb5eb1f961
2 changed files with 55 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
manifests/keystone/auth.pp
View File

@ -18,20 +18,22 @@
# Array of strings. List of roles Swift considers as admin.
#
class swift::keystone::auth(
$auth_name = 'swift',
$password = 'swift_password',
$port = '8080',
$tenant = 'services',
$email = 'swift@localhost',
$region = 'RegionOne',
$operator_roles = ['admin', 'SwiftOperator'],
$public_protocol = 'http',
$public_address = '127.0.0.1',
$public_port = undef,
$admin_protocol = 'http',
$admin_address = undef,
$internal_protocol = 'http',
$internal_address = undef
$auth_name = 'swift',
$password = 'swift_password',
$port = '8080',
$tenant = 'services',
$email = 'swift@localhost',
$region = 'RegionOne',
$operator_roles = ['admin', 'SwiftOperator'],
$public_protocol = 'http',
$public_address = '127.0.0.1',
$public_port = undef,
$admin_protocol = 'http',
$admin_address = undef,
$internal_protocol = 'http',
$internal_address = undef,
$configure_endpoint = true,
$configure_s3_endpoint = true
) {
if ! $public_port {
@ -67,24 +69,31 @@ class swift::keystone::auth(
type => 'object-store',
description => 'Openstack Object-Store Service',
}
keystone_endpoint { "${region}/${auth_name}":
ensure => present,
public_url => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
admin_url => "${admin_protocol}://${real_admin_address}:${port}/",
internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
if $configure_endpoint {
keystone_endpoint { "${region}/${auth_name}":
ensure => present,
public_url => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
admin_url => "${admin_protocol}://${real_admin_address}:${port}/",
internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
}
}
keystone_service { "${auth_name}_s3":
ensure => present,
type => 's3',
description => 'Openstack S3 Service',
}
keystone_endpoint { "${region}/${auth_name}_s3":
ensure => present,
public_url => "${public_protocol}://${public_address}:${real_public_port}",
admin_url => "${admin_protocol}://${real_admin_address}:${port}",
internal_url => "${internal_protocol}://${real_internal_address}:${port}",
if $configure_s3_endpoint {
keystone_service { "${auth_name}_s3":
ensure => present,
type => 's3',
description => 'Openstack S3 Service',
}
keystone_endpoint { "${region}/${auth_name}_s3":
ensure => present,
public_url => "${public_protocol}://${public_address}:${real_public_port}",
admin_url => "${admin_protocol}://${real_admin_address}:${port}",
internal_url => "${internal_protocol}://${real_internal_address}:${port}",
}
}
if $operator_roles {
#Roles like "admin" may be defined elsewhere, so use ensure_resource
ensure_resource('keystone_role', $operator_roles, { 'ensure' => 'present' })

17
spec/classes/swift_keystone_auth_spec.rb
View File

@ -59,6 +59,23 @@ describe 'swift::keystone::auth' do
it { should contain_keystone_role(role_name).with_ensure('present') }
end
end
context 'when disabling endpoint configuration' do
before do
params.merge!(:configure_endpoint => false)
end
it { should_not contain_keystone_endpoint('RegionOne/swift') }
end
context 'when disabling S3 endpoint' do
before do
params.merge!(:configure_s3_endpoint => false)
end
it { should_not contain_keystone_service('swift_s3') }
it { should_not contain_keystone_endpoint('RegionOne/swift_s3') }
end
end
shared_examples_for 'keystone auth configuration' do