openstack/puppet-swift
Code Issues Proposed changes
stable/2023.2
puppet-swift/manifests/proxy/keystone.pp
Takashi Kajinami 109cd356de Replace legacy facts and use fact hash 
... because the latest lint no longer allows usage of legacy facts and
top scope fact.

Change-Id: I4c0a9357fcc4184df852024e1f6f36c0ed2e1440
2023-03-02 14:47:43 +09:00

59 lines
2.0 KiB
Puppet
Raw Permalink Blame History

#
# This class can be set to manage keystone middleware for swift proxy
#
# == Parameters
#
# [*operator_roles*]
# (Optional) a list of keystone roles a user must have to gain access to Swift.
# Defaults to ['admin', 'SwiftOperator']
# Must be an array of strings
# Swift operator roles must be defined in swift::keystone::auth because
# keystone API access is usually not available on Swift proxy nodes.
#
# [*reseller_prefix*]
# (Optional) The prefix used for reseller URL.
# Defaults to 'AUTH_'
#
# [*reseller_admin_role*]
# The reseller admin role has the ability to create and delete accounts.
# This role defines who has the ability to manage other swift accounts.
# (Optional)
# Defaults to Undef.
#
# [*project_reader_roles*]
# Project reader roles are similar to account owners, but are not
# allowed to write any data.
# (Optional)
# Default to $facts['os_service_default']
#
# [*system_reader_roles*]
# System reader roles are similar to reseller_admin_roles, but are not
# allowed to write any data.
# (Optional)
# Default to $facts['os_service_default']
#
# == Authors
#
# Dan Bode dan@puppetlabs.com
# Francois Charlier fcharlier@ploup.net
#
class swift::proxy::keystone(
$operator_roles = ['admin', 'SwiftOperator'],
$reseller_prefix = 'AUTH_',
$reseller_admin_role = undef,
$project_reader_roles = $facts['os_service_default'],
$system_reader_roles = $facts['os_service_default'],
) {
include swift::deps
swift_proxy_config {
'filter:keystone/use': value => 'egg:swift#keystoneauth';
'filter:keystone/operator_roles': value => join(any2array($operator_roles), ', ');
'filter:keystone/reseller_prefix': value => $reseller_prefix;
'filter:keystone/reseller_admin_role': value => $reseller_admin_role;
'filter:keystone/project_reader_roles': value => join(any2array($project_reader_roles), ', ');
'filter:keystone/system_reader_roles': value => join(any2array($system_reader_roles), ', ');
}
}
View Git Blame Copy Permalink