Add support for enforce_scope parameters
This change introduces support for the [enforce_scope] parameters so that users can enable scope enforcement in each service. Note that for keystone there is a different parameter for its tempest plugin ([identity-feature-enabled] enforce_scope) and that parameter is also set according to the tempest parameter by this change. Change-Id: I34222a58051c2d219600f39156f577fc183a2dc8
This commit is contained in:
Takashi Kajinami
parent
eade1cc6f8
commit
6fbab839e3
|
|
@ -171,6 +171,16 @@
|
|||
# Defaults to false
|
||||
# [*barbican_available*]
|
||||
# Defaults to false
|
||||
# [*cinder_enforce_scope*]
|
||||
# Defaults to $::os_service_default
|
||||
# [*glance_enforce_scope*]
|
||||
# Defaults to $::os_service_default
|
||||
# [*keystone_enforce_scope*]
|
||||
# Defaults to $::os_service_default
|
||||
# [*neutron_enforce_scope*]
|
||||
# Defaults to $::os_service_default
|
||||
# [*nova_enforce_scope*]
|
||||
# Defaults to $::os_service_default
|
||||
# [*keystone_v3*]
|
||||
# Defaults to true
|
||||
# [*auth_version*]
|
||||
|
|
@ -338,6 +348,11 @@ class tempest(
|
|||
$vitrage_available = false,
|
||||
$octavia_available = false,
|
||||
$barbican_available = false,
|
||||
$cinder_enforce_scope = $::os_service_default,
|
||||
$glance_enforce_scope = $::os_service_default,
|
||||
$keystone_enforce_scope = $::os_service_default,
|
||||
$neutron_enforce_scope = $::os_service_default,
|
||||
$nova_enforce_scope = $::os_service_default,
|
||||
$keystone_v3 = true,
|
||||
$auth_version = 'v3',
|
||||
$run_service_broker_tests = false,
|
||||
|
|
@ -576,6 +591,12 @@ class tempest(
|
|||
'service_available/zaqar': value => $zaqar_available;
|
||||
'service_available/ec2api': value => $ec2api_available;
|
||||
'service_available/octavia': value => $octavia_available;
|
||||
'enforce_scope/cinder': value => $cinder_enforce_scope;
|
||||
'enforce_scope/glance': value => $glance_enforce_scope;
|
||||
'enforce_scope/keystone': value => $keystone_enforce_scope;
|
||||
'identity-feature-enabled/enforce_scope': value => $keystone_enforce_scope;
|
||||
'enforce_scope/neutron': value => $neutron_enforce_scope;
|
||||
'enforce_scope/nova': value => $nova_enforce_scope;
|
||||
'whitebox/db_uri': value => $whitebox_db_uri;
|
||||
'cli/cli_dir': value => $cli_dir;
|
||||
'scenario/img_file': value => $img_file_real;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The following parameters have been added to the ``tempest`` class.
|
||||
|
||||
- ``cinder_enforce_scope``
|
||||
- ``glance_enforce_scope``
|
||||
- ``keystone_enforce_scope``
|
||||
- ``neutron_enforce_scope``
|
||||
- ``nova_enforce_scope``
|
||||
|
|
@ -269,6 +269,12 @@ describe 'tempest' do
|
|||
is_expected.to contain_tempest_config('service_available/designate').with(:value => false)
|
||||
is_expected.to contain_tempest_config('service_available/octavia').with(:value => false)
|
||||
is_expected.to contain_tempest_config('service_available/barbican').with(:value => false)
|
||||
is_expected.to contain_tempest_config('enforce_scope/cinder').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('enforce_scope/glance').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('enforce_scope/keystone').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('identity-feature-enabled/enforce_scope').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('enforce_scope/neutron').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('enforce_scope/nova').with(:value => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_tempest_config('whitebox/db_uri').with(:value => nil)
|
||||
is_expected.to contain_tempest_config('cli/cli_dir').with(:value => nil)
|
||||
is_expected.to contain_oslo__concurrency('tempest_config').with(
|
||||
|
|
|
|||
Loading…
Reference in New Issue