diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index 004fd40..5557ff9 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -1,38 +1,58 @@ +# == Class: openstack::auth_file # # Creates an auth file that can be used to export # environment variables that can be used to authenticate # against a keystone server. # +# === Parameters +# +# [*admin_password*] +# (required) Admin password. +# [*controller_node*] +# (optional) Keystone address. Defaults to '127.0.0.1'. +# [*keystone_admin_token*] +# (optional) Admin token. +# NOTE: This setting will trigger a warning from keystone. +# Authentication credentials will be ignored by keystone client +# in favor of token authentication. Defaults to undef. +# [*admin_user*] +# (optional) Defaults to 'admin'. +# [*admin_tenant*] +# (optional) Defaults to 'admin'. +# [*region_name*] +# (optional) Defaults to 'RegionOne'. +# [*use_no_cache*] +# (optional) Do not use the auth token cache. Defaults to true. +# [*cinder_endpoint_type*] +# (optional) Defaults to 'publicURL'. +# [*glance_endpoint_type*] +# (optional) Defaults to 'publicURL'. +# [*keystone_endpoint_type*] +# (optional) Defaults to 'publicURL'. +# [*nova_endpoint_type*] +# (optional) Defaults to 'publicURL'. +# [*quantum_endpoint_type*] +# (optional) Defaults to 'publicURL'. +# class openstack::auth_file( - $controller_node = '127.0.0.1', - $keystone_admin_token = undef, - $admin_user = 'admin', - $admin_password = undef, - $admin_tenant = 'admin', - $region_name = 'RegionOne', - $use_no_cache = true + $admin_password, + $controller_node = '127.0.0.1', + $keystone_admin_token = undef, + $admin_user = 'admin', + $admin_tenant = 'admin', + $region_name = 'RegionOne', + $use_no_cache = true, + $cinder_endpoint_type = 'publicURL', + $glance_endpoint_type = 'publicURL', + $keystone_endpoint_type = 'publicURL', + $nova_endpoint_type = 'publicURL', + $quantum_endpoint_type = 'publicURL', ) { - if ($keystone_admin_token) { - file { '/root/openrc': - content => - " - export OS_SERVICE_TOKEN=${keystone_admin_token} - export OS_SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/ - " - } - } else { - file { '/root/openrc': - content => - " - export OS_NO_CACHE=${use_no_cache} - export OS_TENANT_NAME=${admin_tenant} - export OS_USERNAME=${admin_user} - export OS_PASSWORD='${admin_password}' - export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\" - export OS_AUTH_STRATEGY=keystone - export OS_REGION_NAME=${region_name} - " - } + file { '/root/openrc': + owner => 'root', + group => 'root', + mode => '0700', + content => template("${module_name}/openrc.erb") } } diff --git a/spec/classes/openstack_auth_file_spec.rb b/spec/classes/openstack_auth_file_spec.rb index 19fd0e7..3ee8f39 100644 --- a/spec/classes/openstack_auth_file_spec.rb +++ b/spec/classes/openstack_auth_file_spec.rb @@ -9,36 +9,55 @@ describe 'openstack::auth_file' do end it 'should create a openrc file' do - should contain_file('/root/openrc').with_content( - ' - export OS_NO_CACHE=true - export OS_TENANT_NAME=admin - export OS_USERNAME=admin - export OS_PASSWORD=\'admin\' - export OS_AUTH_URL="http://127.0.0.1:5000/v2.0/" - export OS_AUTH_STRATEGY=keystone - export OS_REGION_NAME=RegionOne - ' - ) + verify_contents(subject, '/root/openrc', [ + 'export OS_NO_CACHE=true', + 'export OS_TENANT_NAME=admin', + 'export OS_USERNAME=admin', + 'export OS_PASSWORD=admin', + 'export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/', + 'export OS_AUTH_STRATEGY=keystone', + 'export OS_REGION_NAME=RegionOne', + 'export CINDER_ENDPOINT_TYPE=publicURL', + 'export GLANCE_ENDPOINT_TYPE=publicURL', + 'export KEYSTONE_ENDPOINT_TYPE=publicURL', + 'export NOVA_ENDPOINT_TYPE=publicURL', + 'export QUANTUM_ENDPOINT_TYPE=publicURL' + ]) end end - describe 'when overridding' do + describe 'when overriding parameters' do - let :params do - { - :controller_node => '127.0.0.2', - :keystone_admin_token => 'keystone', - } - end + let :params do + { + :controller_node => '127.0.0.2', + :admin_password => 'admin', + :keystone_admin_token => 'keystone', + :cinder_endpoint_type => 'privateURL', + :glance_endpoint_type => 'privateURL', + :keystone_endpoint_type => 'privateURL', + :nova_endpoint_type => 'privateURL', + :quantum_endpoint_type => 'privateURL', + } + end - it 'should create a openrc file' do - should contain_file('/root/openrc').with_content( - ' - export OS_SERVICE_TOKEN=keystone - export OS_SERVICE_ENDPOINT=http://127.0.0.2:35357/v2.0/ - ' - ) - end + it 'should create a openrc file' do + verify_contents(subject, '/root/openrc', [ + 'export OS_SERVICE_TOKEN=keystone', + 'export OS_SERVICE_ENDPOINT=http://127.0.0.2:35357/v2.0/', + 'export OS_NO_CACHE=true', + 'export OS_TENANT_NAME=admin', + 'export OS_USERNAME=admin', + 'export OS_PASSWORD=admin', + 'export OS_AUTH_URL=http://127.0.0.2:5000/v2.0/', + 'export OS_AUTH_STRATEGY=keystone', + 'export OS_REGION_NAME=RegionOne', + 'export CINDER_ENDPOINT_TYPE=privateURL', + 'export GLANCE_ENDPOINT_TYPE=privateURL', + 'export KEYSTONE_ENDPOINT_TYPE=privateURL', + 'export NOVA_ENDPOINT_TYPE=privateURL', + 'export QUANTUM_ENDPOINT_TYPE=privateURL' + ]) + end end end diff --git a/templates/openrc.erb b/templates/openrc.erb new file mode 100644 index 0000000..355670a --- /dev/null +++ b/templates/openrc.erb @@ -0,0 +1,17 @@ +#!/bin/sh +<% if @keystone_admin_token -%> +export OS_SERVICE_TOKEN=<%= @keystone_admin_token %> +export OS_SERVICE_ENDPOINT=http://<%= @controller_node %>:35357/v2.0/ +<% end -%> +export OS_NO_CACHE=<%= @use_no_cache %> +export OS_TENANT_NAME=<%= @admin_tenant %> +export OS_USERNAME=<%= @admin_user %> +export OS_PASSWORD=<%= @admin_password %> +export OS_AUTH_URL=http://<%= @controller_node %>:5000/v2.0/ +export OS_AUTH_STRATEGY=keystone +export OS_REGION_NAME=<%= @region_name %> +export CINDER_ENDPOINT_TYPE=<%= @cinder_endpoint_type %> +export GLANCE_ENDPOINT_TYPE=<%= @glance_endpoint_type %> +export KEYSTONE_ENDPOINT_TYPE=<%= @keystone_endpoint_type %> +export NOVA_ENDPOINT_TYPE=<%= @nova_endpoint_type %> +export QUANTUM_ENDPOINT_TYPE=<%= @quantum_endpoint_type %>