keyring: clean method to add a group

Add 'nova' and 'cinder' users to 'cephkeyring' group using a better way, more "Puppetist" Bug #402
2014-04-11 12:05:34 +02:00
parent 9c73677a19
commit 861acfc4cd
4 changed files with 2 additions and 14 deletions
--- a/manifests/compute/hypervisor.pp
+++ b/manifests/compute/hypervisor.pp
@@ -149,12 +149,7 @@ Host *
    ensure_resource('group', 'cephkeyring', {
      ensure => 'present'
    })
-
-    # puppet-nova already manages 'nova' user
-    # we just want to ensure nova is part of the group.
-    ensure_resource('exec', 'add-nova-to-cephkeyring-group', {
-      command => 'useradd -G cephkeyring nova || true'
-    })
+    User<<| title == 'nova' |>> { groups +> 'cephkeyring' }

    ensure_resource('file', "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
      owner   => 'cephkeyring',
--- a/manifests/volume/backend/rbd.pp
+++ b/manifests/volume/backend/rbd.pp
@@ -79,12 +79,7 @@ define cloud::volume::backend::rbd (
  ensure_resource('group', 'cephkeyring', {
    ensure => 'present'
  })
-
-  # puppet-nova already manages 'cinder' user
-  # we just want to ensure cinder is part of the group.
-  ensure_resource('exec', 'add-cinder-to-cephkeyring-group', {
-    command => 'useradd -G cephkeyring cinder || true'
-  })
+  User<<| title == 'cinder' |>> { groups +> 'cephkeyring' }

  ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
    owner   => 'cephkeyring',
--- a/spec/classes/cloud_compute_hypervisor_spec.rb
+++ b/spec/classes/cloud_compute_hypervisor_spec.rb
@@ -239,7 +239,6 @@ describe 'cloud::compute::hypervisor' do
      should contain_nova_config('DEFAULT/libvirt_images_rbd_ceph_conf').with('value' => '/etc/ceph/ceph.conf')
      should contain_nova_config('DEFAULT/rbd_user').with('value' => 'cinder')
      should contain_nova_config('DEFAULT/rbd_secret_uuid').with('value' => 'secrete')
-      should contain_exec('add-nova-to-cephkeyring-group').with( :command => 'useradd -G cephkeyring nova || true')
      should contain_group('cephkeyring').with(:ensure => 'present')
    end

--- a/spec/classes/cloud_volume_storage_spec.rb
+++ b/spec/classes/cloud_volume_storage_spec.rb
@@ -106,7 +106,6 @@ describe 'cloud::volume::storage' do
          :os_password    => 'secret',
          :os_auth_url    => 'http://keystone.host:5000/v2.0'
        )
-        should contain_exec('add-cinder-to-cephkeyring-group').with( :command => 'useradd -G cephkeyring cinder || true')
        should contain_group('cephkeyring').with(:ensure => 'present')
      end
    end