From 1fe95ffb068fe4e6b213c98f5fdd839850d298aa Mon Sep 17 00:00:00 2001
From: Dan Bode <dan@puppetlabs.com>
Date: Fri, 11 Jan 2013 16:43:07 -0800
Subject: [PATCH] Add swift to keystone class

This commit adds keystone auth objects to the
openstack::keystone class. This allows users to
easily add a swift services auth user to their
existing keystone servers. It is not enabled by
default.
---
 .fixtures.yml                           |  1 +
 manifests/keystone.pp                   | 34 ++++++++++++++
 spec/classes/openstack_keystone_spec.rb | 61 +++++++++++++++++++++++++
 3 files changed, 96 insertions(+)
 create mode 100644 spec/classes/openstack_keystone_spec.rb

diff --git a/.fixtures.yml b/.fixtures.yml
index a939f70..6be0844 100644
--- a/.fixtures.yml
+++ b/.fixtures.yml
@@ -16,5 +16,6 @@ fixtures:
     'inifile':  'git://github.com/cprice-puppet/puppetlabs-inifile'
     "create_resources": 'git://github.com/puppetlabs/puppetlabs-create_resources'
     'vswitch': 'git://github.com/ekarlso/puppet-vswitch'
+    'swift' : 'git://github.com/puppetlabs/puppetlabs-swift'
   symlinks:
     "openstack": "#{source_dir}"
diff --git a/manifests/keystone.pp b/manifests/keystone.pp
index 2a6c41f..1e3080d 100644
--- a/manifests/keystone.pp
+++ b/manifests/keystone.pp
@@ -23,6 +23,7 @@
 # [admin_address] Keystone admin address. Optional. Defaults to  $internal_address
 # [glance] Set up glance endpoints and auth. Optional. Defaults to  true
 # [nova] Set up nova endpoints and auth. Optional. Defaults to  true
+# [swift] Set up swift endpoints and auth. Optional. Defaults to false
 # [enabled] If the service is active (true) or passive (false).
 #   Optional. Defaults to  true
 #
@@ -47,6 +48,7 @@ class openstack::keystone (
   $nova_user_password,
   $cinder_user_password,
   $quantum_user_password,
+  $swift_user_password      = false,
   $public_address,
   $db_type                  = 'mysql',
   $db_user                  = 'keystone',
@@ -69,10 +71,14 @@ class openstack::keystone (
   $quantum_public_address   = false,
   $quantum_internal_address = false,
   $quantum_admin_address    = false,
+  $swift_public_address     = false,
+  $swift_internal_address   = false,
+  $swift_admin_address      = false,
   $glance                   = true,
   $nova                     = true,
   $cinder                   = true,
   $quantum                  = true,
+  $swift                    = false,
   $enabled                  = true
 ) {
 
@@ -155,6 +161,21 @@ class openstack::keystone (
   } else {
     $quantum_admin_real = $quantum_internal_real
   }
+  if($swift_public_address) {
+    $swift_public_real = $swift_public_address
+  } else {
+    $swift_public_real = $public_address
+  }
+  if($swift_internal_address) {
+    $swift_internal_real = $swift_internal_address
+  } else {
+    $swift_internal_real = $swift_public_real
+  }
+  if($swift_admin_address) {
+    $swift_admin_real = $swift_admin_address
+  } else {
+    $swift_admin_real = $swift_internal_real
+  }
 
   class { '::keystone':
     verbose        => $verbose,
@@ -222,6 +243,19 @@ class openstack::keystone (
         region           => $region,
       }
     }
+
+    if $swift {
+
+      if ! $swift_user_password {
+        fail('Must set a swift_user_password when swift auth is being configured')
+      }
+
+      class { 'swift::keystone::auth':
+        password         => $swift_user_password,
+        address          => $swift_public_real,
+        region           => $region,
+      }
+    }
   }
 
 }
diff --git a/spec/classes/openstack_keystone_spec.rb b/spec/classes/openstack_keystone_spec.rb
new file mode 100644
index 0000000..553284f
--- /dev/null
+++ b/spec/classes/openstack_keystone_spec.rb
@@ -0,0 +1,61 @@
+require 'spec_helper'
+
+describe 'openstack::keystone' do
+  # minimum set of default parameters
+  let :default_params do
+    {
+      :db_host                => '127.0.0.1',
+      :db_password            => 'pass',
+      :admin_token            => 'token',
+      :admin_email            => 'email@address.com',
+      :admin_password         => 'pass',
+      :glance_user_password   => 'pass',
+      :nova_user_password     => 'pass',
+      :cinder_user_password   => 'pass',
+      :quantum_user_password  => 'pass',
+      :swift_user_password    => false,
+      :public_address         => '127.0.0.1',
+    }
+  end
+
+  let :facts do
+    {
+      :operatingsystem => 'Ubuntu',
+      :osfamily        => 'Debian',
+    }
+  end
+
+  let :params do
+    default_params
+  end
+
+  describe 'without swift' do
+    it { should_not contain_class('swift::keystone::auth') }
+  end
+
+  describe 'swift' do
+    describe 'without password' do
+      let :params do
+        default_params.merge(:swift => true)
+      end
+      it 'should fail when the password is not set' do
+        expect do
+          subject
+        end.to raise_error(Puppet::Error)
+      end
+    end
+    describe 'with password' do
+      let :params do
+        default_params.merge(:swift => true, :swift_user_password => 'dude')
+      end
+      it do
+        should contain_class('swift::keystone::auth').with(
+          :password => 'dude',
+          :address  => '127.0.0.1',
+          :region   => 'RegionOne'
+        )
+      end
+    end
+  end
+
+end