openstack/puppet-zaqar
Code Issues Proposed changes

Merge "Add service role by default"

Browse Source
This commit is contained in:
Zuul
2025-10-13 15:04:10 +00:00
committed by Gerrit Code Review
parent 60e770ca2e 2c982572c1
commit b1abb3257b
3 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/keystone/auth.pp
View File

@@ -21,7 +21,7 @@
# #
# [*roles*] # [*roles*]
# (Optional) List of roles assigned to neutron user. # (Optional) List of roles assigned to neutron user.
# Defaults to ['admin'] # Defaults to ['admin', 'service']
# #
# [*system_scope*] # [*system_scope*]
# (Optional) Scope for system operations. # (Optional) Scope for system operations.
@@ -86,7 +86,7 @@ class zaqar::keystone::auth (
$internal_url = 'http://127.0.0.1:8888', $internal_url = 'http://127.0.0.1:8888',
$region = 'RegionOne', $region = 'RegionOne',
$tenant = 'services', $tenant = 'services',
$roles = ['admin'], $roles = ['admin', 'service'],
$system_scope = 'all', $system_scope = 'all',
$system_roles = [], $system_roles = [],
$configure_endpoint = true, $configure_endpoint = true,

5
releasenotes/notes/service-role-92fe736a9d03ab40.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
features:
- |
The ``zaqar::keystone::auth`` class now adds the ``service`` role by
default. Set the ``roles`` parameter not to add the role.

6
spec/classes/zaqar_keystone_auth_spec.rb
View File

@@ -24,7 +24,7 @@ describe 'zaqar::keystone::auth' do
:password => 'zaqar_password', :password => 'zaqar_password',
:email => 'zaqar@localhost', :email => 'zaqar@localhost',
:tenant => 'services', :tenant => 'services',
:roles => ['admin'], :roles => ['admin', 'service'],
:system_scope => 'all', :system_scope => 'all',
:system_roles => [], :system_roles => [],
:public_url => 'http://127.0.0.1:8888', :public_url => 'http://127.0.0.1:8888',
@@ -39,7 +39,7 @@ describe 'zaqar::keystone::auth' do
:auth_name => 'alt_zaqar', :auth_name => 'alt_zaqar',
:email => 'alt_zaqar@alt_localhost', :email => 'alt_zaqar@alt_localhost',
:tenant => 'alt_service', :tenant => 'alt_service',
:roles => ['admin', 'service'], :roles => ['admin'],
:system_scope => 'alt_all', :system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'], :system_roles => ['admin', 'member', 'reader'],
:configure_endpoint => false, :configure_endpoint => false,
@@ -68,7 +68,7 @@ describe 'zaqar::keystone::auth' do
:password => 'zaqar_password', :password => 'zaqar_password',
:email => 'alt_zaqar@alt_localhost', :email => 'alt_zaqar@alt_localhost',
:tenant => 'alt_service', :tenant => 'alt_service',
:roles => ['admin', 'service'], :roles => ['admin'],
:system_scope => 'alt_all', :system_scope => 'alt_all',
:system_roles => ['admin', 'member', 'reader'], :system_roles => ['admin', 'member', 'reader'],
:public_url => 'https://10.10.10.10:80', :public_url => 'https://10.10.10.10:80',