puppet-swift/spec/classes/swift_keystone_auth_spec.rb

require 'spec_helper'

describe 'swift::keystone::auth' do

  let :params do
    { }
  end

  let :default_params do
    {
      :auth_name         => 'swift',
      :password          => 'swift_password',
      :port              => '8080',
      :tenant            => 'services',
      :email             => 'swift@localhost',
      :region            => 'RegionOne',
      :operator_roles    => ['admin', 'SwiftOperator'],
      :public_url        => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
      :admin_url         => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
      :internal_url      => 'http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s',
      :public_url_s3     => 'http://127.0.0.1:8080',
      :admin_url_s3      => 'http://127.0.0.1:8080',
      :internal_url_s3   => 'http://127.0.0.1:8080',
      :service_name      => 'swift',
      :service_name_s3   => 'swift_s3',
    }
  end

  shared_examples_for 'swift keystone auth' do
    context 'with default class parameters' do
      it_configures 'keystone auth configuration'

      ['admin', 'SwiftOperator'].each do |role_name|
        it { is_expected.to contain_keystone_role(role_name).with_ensure('present') }
      end
    end

    context 'with custom parameters' do
      before do
        params.merge!({
          :auth_name       => 'object_store',
          :password        => 'passw0rd',
          :tenant          => 'admin',
          :email           => 'object_store@localhost',
          :region          => 'RegionTwo',
          :operator_roles  => ['admin', 'SwiftOperator', 'Gopher'],
          :public_url      => 'https://10.0.0.10:8080/v1/AUTH_%(tenant_id)s',
          :internal_url    => 'https://10.0.0.11:8080/v1/AUTH_%(tenant_id)s',
          :admin_url       => 'https://10.0.0.11:8080/v1/AUTH_%(tenant_id)s',
          :public_url_s3   => 'https://10.0.0.10:8080',
          :internal_url_s3 => 'https://10.0.0.11:8080',
          :admin_url_s3    => 'https://10.0.0.11:8080',
        })
      end

      it_configures 'keystone auth configuration'

      ['admin', 'SwiftOperator', 'Gopher'].each do |role_name|
        it { is_expected.to contain_keystone_role(role_name).with_ensure('present') }
      end

      it { is_expected.to contain_keystone_endpoint("#{params[:region]}/#{default_params[:service_name]}::object-store").with(
        :ensure       => 'present',
        :public_url   => params[:public_url],
        :admin_url    => params[:admin_url],
        :internal_url => params[:internal_url],
      )}

      it { is_expected.to contain_keystone_endpoint("#{params[:region]}/#{default_params[:service_name_s3]}::s3").with(
        :ensure       => 'present',
        :public_url   => params[:public_url_s3],
        :admin_url    => params[:admin_url_s3],
        :internal_url => params[:internal_url_s3],
      )}

      context 'when disabling endpoint configuration' do
        before do
          params.merge!(:configure_endpoint => false)
        end

        it { is_expected.to_not contain_keystone_endpoint('RegionOne/swift::object-store') }
      end

      context 'when disabling S3 endpoint' do
        before do
          params.merge!(:configure_s3_endpoint => false)
        end

        it { is_expected.to_not contain_keystone_service('swift_s3::s3') }
        it { is_expected.to_not contain_keystone_endpoint('RegionOne/swift_s3::s3') }
      end
    end

    context 'with deprecated endpoint parameters' do
      before do
        params.merge!({
          :auth_name         => 'object_store',
          :password          => 'passw0rd',
          :port              => '443',
          :tenant            => 'admin',
          :email             => 'object_store@localhost',
          :region            => 'RegionTwo',
          :operator_roles    => ['admin', 'SwiftOperator', 'Gopher'],
          :public_protocol   => 'https',
          :public_address    => 'public.example.org',
          :public_port       => '443',
          :admin_protocol    => 'https',
          :admin_address     => 'admin.example.org',
          :internal_protocol => 'https',
          :internal_address  => 'internal.example.org',
          :endpoint_prefix   => 'KEY_AUTH',
          :service_name      => 'swift',
          :service_name_s3   => 'swift_s3'
        })
      end

      let :p do
        default_params.merge( params )
      end

      it { is_expected.to contain_keystone_endpoint("#{p[:region]}/#{p[:service_name]}::object-store").with(
        :ensure       => 'present',
        :public_url   => "#{p[:public_protocol]}://#{p[:public_address]}:#{p[:public_port]}/v1/#{p[:endpoint_prefix]}_%(tenant_id)s",
        :admin_url    => "#{p[:admin_protocol]}://#{p[:admin_address]}:#{p[:port]}",
        :internal_url => "#{p[:internal_protocol]}://#{p[:internal_address]}:#{p[:port]}/v1/#{p[:endpoint_prefix]}_%(tenant_id)s"
      )}

      it { is_expected.to contain_keystone_endpoint("#{p[:region]}/#{p[:service_name_s3]}::s3").with(
        :ensure       => 'present',
        :public_url   => "#{p[:public_protocol]}://#{p[:public_address]}:#{p[:port]}",
        :admin_url    => "#{p[:admin_protocol]}://#{p[:admin_address]}:#{p[:port]}",
        :internal_url => "#{p[:internal_protocol]}://#{p[:internal_address]}:#{p[:port]}"
      )}
    end
  end

  shared_examples_for 'keystone auth configuration' do
    let :p do
      default_params.merge( params )
    end

    context 'when user configuration is set to default' do

      it { is_expected.to contain_keystone_user(p[:auth_name]).with(
        :ensure   => 'present',
        :password => p[:password],
        :email    => p[:email],
      )}

      it { is_expected.to contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}").with(
        :ensure  => 'present',
        :roles   => ['admin'],
      )}

      it { is_expected.to contain_keystone_service("swift::object-store").with(
        :ensure      => 'present',
        :type        => 'object-store',
        :description => 'Openstack Object-Store Service'
      )}

      it { is_expected.to contain_keystone_service('swift_s3::s3').with(
        :ensure      => 'present',
        :type        => 's3',
        :description => 'Openstack S3 Service'
      )}
    end

    context 'when user configuration is disabled' do
      before do
        params.merge!( :configure_user => false )
      end

      it { is_expected.to_not contain_keystone_user(p[:auth_name]) }
      it { is_expected.to contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}") }

      it { is_expected.to contain_keystone_service('swift::object-store').with(
        :ensure       => 'present',
        :type         => 'object-store',
        :description  => 'Openstack Object-Store Service'
        )}
    end

    context 'when disabling user and role configuration' do
      before do
        params.merge!(
          :configure_user       => false,
          :configure_user_role  => false
        )
      end

        it { is_expected.to_not contain_keystone_user(p[:auth_name]) }
        it { is_expected.to_not contain_keystone_user_role("#{p[:auth_name]}@#{p[:tenant]}") }

        it { is_expected.to contain_keystone_service('swift::object-store').with(
          :ensure       => 'present',
          :type         => 'object-store',
          :description  => 'Openstack Object-Store Service'
        )}
     end
  end

  context 'on Debian platforms' do
    let :facts do
      { :osfamily => 'Debian' }
    end

    it_configures 'swift keystone auth'
  end

  context 'on RedHat platforms' do
    let :facts do
      { :osfamily => 'RedHat' }
    end

    it_configures 'swift keystone auth'
  end

  context 'when overriding service name' do
    before do
      params.merge!({
        :service_name    => 'swift_service',
        :service_name_s3 => 'swift_service_s3',
      })
    end
    it 'configures correct user name' do
      is_expected.to contain_keystone_user('swift')
    end
    it 'configures correct user role' do
      is_expected.to contain_keystone_user_role('swift@services')
    end
    it 'configures correct service name' do
      is_expected.to contain_keystone_service('swift_service::object-store')
      is_expected.to contain_keystone_service('swift_service_s3::s3')
    end
    it 'configures correct endpoint name' do
      is_expected.to contain_keystone_endpoint('RegionOne/swift_service::object-store')
      is_expected.to contain_keystone_endpoint('RegionOne/swift_service_s3::s3')
    end
  end

end