Add ability to disable endpoint configuration

It is possible to disable endpoint configuration by setting the value of the configure_endpoint and configure_s3_endpoint parameters to false. The default value is true, preserving default behavior. Change-Id: I0f9afb78c181573a30f93dc4f862f86baa3efe31 Closes-bug: #1279071
2014-02-11 15:46:20 -05:00 · 2014-02-11 15:46:20 -05:00 · eb5eb1f961
commit eb5eb1f961
parent c26875a010
2 changed files with 55 additions and 29 deletions
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@ -18,20 +18,22 @@
 #  Array of strings. List of roles Swift considers as admin.
 #
 class swift::keystone::auth(
-  $auth_name         = 'swift',
+  $auth_name              = 'swift',
-  $password          = 'swift_password',
+  $password               = 'swift_password',
-  $port              = '8080',
+  $port                   = '8080',
-  $tenant            = 'services',
+  $tenant                 = 'services',
-  $email             = 'swift@localhost',
+  $email                  = 'swift@localhost',
-  $region            = 'RegionOne',
+  $region                 = 'RegionOne',
-  $operator_roles    = ['admin', 'SwiftOperator'],
+  $operator_roles         = ['admin', 'SwiftOperator'],
-  $public_protocol   = 'http',
+  $public_protocol        = 'http',
-  $public_address    = '127.0.0.1',
+  $public_address         = '127.0.0.1',
-  $public_port       = undef,
+  $public_port            = undef,
-  $admin_protocol    = 'http',
+  $admin_protocol         = 'http',
-  $admin_address     = undef,
+  $admin_address          = undef,
-  $internal_protocol = 'http',
+  $internal_protocol      = 'http',
-  $internal_address  = undef
+  $internal_address       = undef,
  $configure_endpoint     = true,
  $configure_s3_endpoint = true
 ) {
  if ! $public_port {
@ -67,24 +69,31 @@ class swift::keystone::auth(
    type        => 'object-store',
    description => 'Openstack Object-Store Service',
  }
-  keystone_endpoint { "${region}/${auth_name}":
+
-    ensure       => present,
+  if $configure_endpoint {
-    public_url   => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
+    keystone_endpoint { "${region}/${auth_name}":
-    admin_url    => "${admin_protocol}://${real_admin_address}:${port}/",
+      ensure       => present,
-    internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
+      public_url   => "${public_protocol}://${public_address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
      admin_url    => "${admin_protocol}://${real_admin_address}:${port}/",
      internal_url => "${internal_protocol}://${real_internal_address}:${port}/v1/AUTH_%(tenant_id)s",
    }
  }
-  keystone_service { "${auth_name}_s3":
+  if $configure_s3_endpoint {
-    ensure      => present,
+    keystone_service { "${auth_name}_s3":
-    type        => 's3',
+      ensure      => present,
-    description => 'Openstack S3 Service',
+      type        => 's3',
-  }
+      description => 'Openstack S3 Service',
-  keystone_endpoint { "${region}/${auth_name}_s3":
+    }
-    ensure       => present,
+
-    public_url   => "${public_protocol}://${public_address}:${real_public_port}",
+    keystone_endpoint { "${region}/${auth_name}_s3":
-    admin_url    => "${admin_protocol}://${real_admin_address}:${port}",
+      ensure       => present,
-    internal_url => "${internal_protocol}://${real_internal_address}:${port}",
+      public_url   => "${public_protocol}://${public_address}:${real_public_port}",
      admin_url    => "${admin_protocol}://${real_admin_address}:${port}",
      internal_url => "${internal_protocol}://${real_internal_address}:${port}",
    }
  }
  if $operator_roles {
    #Roles like "admin" may be defined elsewhere, so use ensure_resource
    ensure_resource('keystone_role', $operator_roles, { 'ensure' => 'present' })
--- a/spec/classes/swift_keystone_auth_spec.rb
+++ b/spec/classes/swift_keystone_auth_spec.rb
@ -59,6 +59,23 @@ describe 'swift::keystone::auth' do
        it { should contain_keystone_role(role_name).with_ensure('present') }
      end
    end
    context 'when disabling endpoint configuration' do
      before do
        params.merge!(:configure_endpoint => false)
      end
      it { should_not contain_keystone_endpoint('RegionOne/swift') }
    end
    context 'when disabling S3 endpoint' do
      before do
        params.merge!(:configure_s3_endpoint => false)
      end
      it { should_not contain_keystone_service('swift_s3') }
      it { should_not contain_keystone_endpoint('RegionOne/swift_s3') }
    end
  end
  shared_examples_for 'keystone auth configuration' do