Browse Source

Deprecate allow_insecure_clients option

The allow_insecure_clients has been deprecated[1].

[1]https://review.opendev.org/#/c/417629/

Change-Id: I35d388bc026496defea9cd6883b8a4618ba18b98
Closes-Bug: #1902158
changes/52/760752/2
ZhongShengping 2 years ago
parent
commit
16f773dab3
  1. 49
      manifests/init.pp
  2. 4
      releasenotes/notes/deprecate_allow_insecure_clients-option-8440060a378c7306.yaml
  3. 1
      spec/classes/watcher_init_spec.rb

49
manifests/init.pp

@ -196,10 +196,6 @@
# (Optional) Debug: dump AMQP frames to stdout.
# Defaults to $::os_service_default
#
# [*amqp_allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP.
# Defaults to $::os_service_default
#
# [*amqp_sasl_config_name*]
# (Optional) Name of configuration file (without .conf suffix).
# Defaults to $::os_service_default
@ -232,6 +228,12 @@
# in the watcher config.
# Defaults to false.
#
# DEPRECATED PARAMETERS
#
# [*amqp_allow_insecure_clients*]
# (Optional) Accept clients using either SSL or plain TCP.
# Defaults to undef.
#
# === Authors
#
# Daniel Pawlik <daniel.pawlik@corp.ovh.com>
@ -280,7 +282,6 @@ class watcher (
$amqp_ssl_cert_file = $::os_service_default,
$amqp_broadcast_prefix = $::os_service_default,
$amqp_trace = $::os_service_default,
$amqp_allow_insecure_clients = $::os_service_default,
$amqp_sasl_config_name = $::os_service_default,
$amqp_sasl_config_dir = $::os_service_default,
$amqp_group_request_prefix = $::os_service_default,
@ -288,6 +289,8 @@ class watcher (
$notification_transport_url = $::os_service_default,
$notification_driver = $::os_service_default,
$notification_topics = $::os_service_default,
# DEPRECATED PARAMETERS
$amqp_allow_insecure_clients = undef,
) {
include openstacklib::openstackclient
@ -297,6 +300,11 @@ class watcher (
include watcher::policy
include watcher::db
if $amqp_allow_insecure_clients != undef {
warning('The amqp_allow_insecure_clients parameter is deprecated and \
will be removed in a future release.')
}
package { 'watcher':
ensure => $package_ensure,
name => $::watcher::params::common_package_name,
@ -338,22 +346,21 @@ class watcher (
}
oslo::messaging::amqp { 'watcher_config':
username => $amqp_username,
password => $amqp_password,
server_request_prefix => $amqp_server_request_prefix,
broadcast_prefix => $amqp_broadcast_prefix,
group_request_prefix => $amqp_group_request_prefix,
container_name => $amqp_container_name,
idle_timeout => $amqp_idle_timeout,
trace => $amqp_trace,
ssl_ca_file => $amqp_ssl_ca_file,
ssl_cert_file => $amqp_ssl_cert_file,
ssl_key_file => $amqp_ssl_key_file,
ssl_key_password => $amqp_ssl_key_password,
allow_insecure_clients => $amqp_allow_insecure_clients,
sasl_mechanisms => $amqp_sasl_mechanisms,
sasl_config_dir => $amqp_sasl_config_dir,
sasl_config_name => $amqp_sasl_config_name,
username => $amqp_username,
password => $amqp_password,
server_request_prefix => $amqp_server_request_prefix,
broadcast_prefix => $amqp_broadcast_prefix,
group_request_prefix => $amqp_group_request_prefix,
container_name => $amqp_container_name,
idle_timeout => $amqp_idle_timeout,
trace => $amqp_trace,
ssl_ca_file => $amqp_ssl_ca_file,
ssl_cert_file => $amqp_ssl_cert_file,
ssl_key_file => $amqp_ssl_key_file,
ssl_key_password => $amqp_ssl_key_password,
sasl_mechanisms => $amqp_sasl_mechanisms,
sasl_config_dir => $amqp_sasl_config_dir,
sasl_config_name => $amqp_sasl_config_name,
}
oslo::messaging::default { 'watcher_config':

4
releasenotes/notes/deprecate_allow_insecure_clients-option-8440060a378c7306.yaml

@ -0,0 +1,4 @@
---
deprecations:
- allow_insecure_clients option is now deprecated for removal, the
parameter has no effect.

1
spec/classes/watcher_init_spec.rb

@ -184,7 +184,6 @@ describe 'watcher' do
is_expected.to contain_watcher_config('oslo_messaging_amqp/ssl_cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/ssl_key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/ssl_key_password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/allow_insecure_clients').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/sasl_mechanisms').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/sasl_config_dir').with_value('<SERVICE DEFAULT>')
is_expected.to contain_watcher_config('oslo_messaging_amqp/sasl_config_name').with_value('<SERVICE DEFAULT>')

Loading…
Cancel
Save