Add basic unit tests for tripleo::profile::base::keystone

Change-Id: I9e6ce53ea06aededbf3b96a986f2b27283484867
This commit is contained in:
Takashi Kajinami 2019-09-17 10:14:13 +09:00
parent 2fede0c3af
commit 6080f92919
2 changed files with 178 additions and 0 deletions

View File

@ -0,0 +1,176 @@
#
# Copyright (C) 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'spec_helper'
describe 'tripleo::profile::base::keystone' do
let :params do
{
:step => 5,
:bootstrap_node => 'node.example.com',
:oslomsg_rpc_hosts => [ '192.168.0.1' ],
:oslomsg_rpc_username => 'keystone1',
:oslomsg_rpc_password => 'foo',
:oslomsg_rpc_port => '1234',
:oslomsg_notify_hosts => [ '192.168.0.2' ],
:oslomsg_notify_username => 'keystone2',
:oslomsg_notify_password => 'baa',
:oslomsg_notify_port => '5678',
}
end
shared_examples_for 'tripleo::profile::base::keystone' do
context 'with step less than 3' do
before do
params.merge!({ :step => 1 })
end
it 'should do nothing' do
is_expected.to contain_class('tripleo::profile::base::keystone')
is_expected.to_not contain_class('keystone')
is_expected.to_not contain_class('keystone::config')
is_expected.to_not contain_class('keystone::logging')
is_expected.to_not contain_class('tripleo::profile::base::apache')
is_expected.to_not contain_class('keystone::wsgi::apache')
is_expected.to_not contain_class('keystone::cors')
is_expected.to_not contain_class('keystone::security_compliance')
is_expected.to_not contain_class('keystone::ldap_backend')
is_expected.to_not contain_class('keystone::federation::openidc')
is_expected.to_not contain_class('keystone::cron::token_flush')
end
end
context 'with step 3 on bootstrap node' do
before do
params.merge!({ :step => 3 })
end
it 'should trigger complete configuration' do
is_expected.to contain_class('keystone').with(
:default_transport_url => 'rabbit://keystone1:foo@192.168.0.1:1234/?ssl=0',
:notification_transport_url => 'rabbit://keystone2:baa@192.168.0.2:5678/?ssl=0'
)
is_expected.to contain_class('keystone::config')
is_expected.to contain_class('keystone::logging')
is_expected.to contain_class('tripleo::profile::base::apache')
is_expected.to contain_class('keystone::wsgi::apache')
is_expected.to contain_class('keystone::cors')
is_expected.to contain_class('keystone::security_compliance')
is_expected.to_not contain_class('keystone::ldap_backend')
is_expected.to_not contain_class('keystone::federation::openidc')
is_expected.to_not contain_class('keystone::cron::token_flush')
end
end
context 'with step 3 not on bootstrap node' do
before do
params.merge!(
{ :step => 3,
:bootstrap_node => 'other.example.com'
}
)
end
it 'should not trigger any configuration' do
is_expected.to contain_class('tripleo::profile::base::keystone')
is_expected.to_not contain_class('keystone')
is_expected.to_not contain_class('keystone::config')
is_expected.to_not contain_class('keystone::logging')
is_expected.to_not contain_class('tripleo::profile::base::apache')
is_expected.to_not contain_class('keystone::wsgi::apache')
is_expected.to_not contain_class('keystone::cors')
is_expected.to_not contain_class('keystone::security_compliance')
is_expected.to_not contain_class('keystone::ldap_backend')
is_expected.to_not contain_class('keystone::federation::openidc')
is_expected.to_not contain_class('keystone::cron::token_flush')
end
end
context 'with step 4 on bootstrap node' do
before do
params.merge!({ :step => 4 })
end
it 'should trigger keystone configuration' do
is_expected.to contain_class('keystone').with(
:default_transport_url => 'rabbit://keystone1:foo@192.168.0.1:1234/?ssl=0',
:notification_transport_url => 'rabbit://keystone2:baa@192.168.0.2:5678/?ssl=0'
)
is_expected.to contain_class('keystone::config')
is_expected.to contain_class('keystone::logging')
is_expected.to contain_class('tripleo::profile::base::apache')
is_expected.to contain_class('keystone::wsgi::apache')
is_expected.to contain_class('keystone::cors')
is_expected.to contain_class('keystone::security_compliance')
is_expected.to_not contain_class('keystone::ldap_backend')
is_expected.to_not contain_class('keystone::federation::openidc')
is_expected.to contain_class('keystone::cron::token_flush')
end
end
context 'with step 4 on other node' do
before do
params.merge!(
{ :step => 4,
:bootstrap_node => 'other.example.com'
}
)
end
it 'should trigger keystone configuration' do
is_expected.to contain_class('keystone').with(
:default_transport_url => 'rabbit://keystone1:foo@192.168.0.1:1234/?ssl=0',
:notification_transport_url => 'rabbit://keystone2:baa@192.168.0.2:5678/?ssl=0'
)
is_expected.to contain_class('keystone::config')
is_expected.to contain_class('keystone::logging')
is_expected.to contain_class('tripleo::profile::base::apache')
is_expected.to contain_class('keystone::wsgi::apache')
is_expected.to contain_class('keystone::cors')
is_expected.to contain_class('keystone::security_compliance')
is_expected.to_not contain_class('keystone::ldap_backend')
is_expected.to_not contain_class('keystone::federation::openidc')
is_expected.to contain_class('keystone::cron::token_flush')
end
end
context 'with step 4 and db_purge disabled' do
before do
params.merge!(
{ :step => 4,
:bootstrap_node => 'other.example.com',
:manage_db_purge => false
}
)
end
it 'should not trigger token_flush configuration' do
is_expected.to_not contain_class('keystone::cron::token_flush')
end
end
end
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) do
facts.merge({ :hostname => 'node.example.com' })
end
it_behaves_like 'tripleo::profile::base::keystone'
end
end
end

View File

@ -115,6 +115,8 @@ pacemaker::resource_defaults::defaults:
# pcmk instance ha
keystone::endpoint::public_url: 'localhost:5000'
keystone::admin_password: 'password'
keystone::admin_token: 'admintoken'
keystone::roles::admin::password: 'password'
# tripleo firewall service_rules
tripleo::dynamic_rules::firewall_rules:
'11-neutron':