openstack/puppet-trove
Code Issues Proposed changes

Prepare to rename trove::api::service_credentials

Browse Source 
This class is used by all services but is still kept under the api
directory.

Change-Id: I4016752d94da35ea257f9c76079a33797151640b
This commit is contained in:
Takashi Kajinami 2024-03-25 13:05:54 +09:00
parent 225592993c
commit 22ef63f8f9
5 changed files with 177 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/api.pp
View File

@ -128,7 +128,9 @@ class trove::api(
include trove::deps
include trove::db
include trove::db::sync
include trove::api::service_credentials
if (!defined(Class[trove::service_credentials])) {
include trove::api::service_credentials
}
# basic service config
trove_config {

28
manifests/api/service_credentials.pp
View File

@ -46,23 +46,17 @@ class trove::api::service_credentials (
include trove::deps
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $facts['os_service_default']
$project_domain_name_real = $facts['os_service_default']
}
warning("The trove::api::service_credentials class is deprecated. \
Use the trove::service_credentials class instead.")
trove_config {
'service_credentials/auth_url': value => $auth_url;
'service_credentials/username': value => $username;
'service_credentials/password': value => $password, secret => true;
'service_credentials/project_name': value => $project_name_real;
'service_credentials/project_domain_name': value => $project_domain_name_real;
'service_credentials/system_scope': value => $system_scope;
'service_credentials/user_domain_name': value => $user_domain_name;
'service_credentials/region_name': value => $region_name;
class { 'trove::service_credentials':
password => $password,
auth_url => $auth_url,
region_name => $region_name,
username => $username,
project_name => $project_name,
project_domain_name => $project_domain_name,
user_domain_name => $user_domain_name,
system_scope => $system_scope,
}
}

68
manifests/service_credentials.pp Normal file
View File

@ -0,0 +1,68 @@
# The trove::service_credentials class helps configure auth settings
#
# == Parameters
#
# [*password*]
# (required) the keystone password for trove services
#
# [*auth_url*]
# (optional) the keystone public endpoint
# Defaults to 'http://127.0.0.1:5000'
#
# [*region_name*]
# (optional) the keystone region of this node
# Defaults to 'RegionOne'
#
# [*username*]
# (optional) the keystone user for trove services
# Defaults to 'trove'
#
# [*project_name*]
# (optional) the keystone tenant name for trove services
# Defaults to 'services'
#
# [*project_domain_name*]
# (optional) the keystone project domain name for trove services
# Defaults to 'Default'
#
# [*user_domain_name*]
# (optional) the keystone user domain name for trove services
# Defaults to 'Default'
#
# [*system_scope*]
# (optional) Scope for system operations.
# Defaults to $facts['os_service_default']
#
class trove::service_credentials (
$password,
$auth_url = 'http://127.0.0.1:5000',
$region_name = 'RegionOne',
$username = 'trove',
$project_name = 'services',
$project_domain_name = 'Default',
$user_domain_name = 'Default',
$system_scope = $facts['os_service_default'],
) {
include trove::deps
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $facts['os_service_default']
$project_domain_name_real = $facts['os_service_default']
}
trove_config {
'service_credentials/auth_url': value => $auth_url;
'service_credentials/username': value => $username;
'service_credentials/password': value => $password, secret => true;
'service_credentials/project_name': value => $project_name_real;
'service_credentials/project_domain_name': value => $project_domain_name_real;
'service_credentials/system_scope': value => $system_scope;
'service_credentials/user_domain_name': value => $user_domain_name;
'service_credentials/region_name': value => $region_name;
}
}

5
releasenotes/notes/deprecate-api-service_credentials-a988f20f56a499e4.yaml Normal file
View File

@ -0,0 +1,5 @@
---
deprecations:
- |
The ``trove::api::service_credentials`` class has been deprecated. Use
the ``trove::service_credentials`` class instead.

90
spec/classes/trove_service_credentials_spec.rb Normal file
View File

@ -0,0 +1,90 @@
#
# Copyright (C) 2020 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'spec_helper'
describe 'trove::service_credentials' do
shared_examples 'trove::service_credentials' do
let :params do
{
:password => 'verysecrete'
}
end
context 'with default parameters' do
it 'configures service credentials with default parameters' do
is_expected.to contain_trove_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000')
is_expected.to contain_trove_config('service_credentials/username').with_value('trove')
is_expected.to contain_trove_config('service_credentials/password').with_value('verysecrete').with_secret(true)
is_expected.to contain_trove_config('service_credentials/project_name').with_value('services')
is_expected.to contain_trove_config('service_credentials/region_name').with_value('RegionOne')
is_expected.to contain_trove_config('service_credentials/user_domain_name').with_value('Default')
is_expected.to contain_trove_config('service_credentials/project_domain_name').with_value('Default')
is_expected.to contain_trove_config('service_credentials/system_scope').with_value('<SERVICE DEFAULT>')
end
end
context 'when overriding defaults' do
before do
params.merge!({
:auth_url => 'http://localhost:5000',
:username => 'trove2',
:project_name => 'services2',
:region_name => 'RegionTwo',
:user_domain_name => 'MyDomain',
:project_domain_name => 'MyDomain',
})
end
it 'configures service credentials with default parameters' do
is_expected.to contain_trove_config('service_credentials/auth_url').with_value('http://localhost:5000')
is_expected.to contain_trove_config('service_credentials/username').with_value('trove2')
is_expected.to contain_trove_config('service_credentials/project_name').with_value('services2')
is_expected.to contain_trove_config('service_credentials/region_name').with_value('RegionTwo')
is_expected.to contain_trove_config('service_credentials/user_domain_name').with_value('MyDomain')
is_expected.to contain_trove_config('service_credentials/project_domain_name').with_value('MyDomain')
is_expected.to contain_trove_config('service_credentials/system_scope').with_value('<SERVICE DEFAULT>')
end
end
context 'when system_scope is set' do
before do
params.merge!(
:system_scope => 'all'
)
end
it 'configures system-scoped credential' do
is_expected.to contain_trove_config('service_credentials/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_trove_config('service_credentials/project_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_trove_config('service_credentials/system_scope').with_value('all')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
let (:facts) do
facts.merge!(OSDefaults.get_facts())
end
context "on #{os}" do
it_configures 'trove::service_credentials'
end
end
end