Fix Keystone 'token-get' Error

Previously, users would receive an error similar to the one below
after sourcing keystone authentication variables
(i.e. source openrc) and running the puppet agent:

debug: Puppet::Type::Keystone_user::ProviderKeystone:
Executing '/usr/bin/keystone --os-auth-url
http://127.0.0.1:35357/v2.0/ token-get'
err: /Stage[main]/Nova::Keystone::Auth/Keystone_user[nova]:
Could not evaluate: Execution of '/usr/bin/keystone --os-auth-url
http://127.0.0.1:35357/v2.0/ token-get' returned 1: Configuration
error: Client configured to run without a service catalog.
Run the client using --os-auth-url or OS_AUTH_URL, instead of
--os-endpoint or OS_SERVICE_ENDPOINT, for example.
WARNING: Bypassing authentication using a token & endpoint
(authentication credentials are being ignored).

Even though the OS_AUTH_URL was being provided in the auth file,
Keystone will ignore it and other variables related to user/pswd
based authnetication.  This is because only one form of auth
(token or user/password) can be used at a time and Keystone
will prefer token-based auth if both are provided.

This change introduces the new parameter use_token_auth to set
the Keystone auth file based on user/password or token-based
authentication.  Defaults to false for backwards compatibility
and to use user/password authentication.

Additional Information:
  http://docs.openstack.org/developer/keystone/configuration.html
  https://lists.launchpad.net/openstack/msg22356.html

Additionally, Region support was added through the region_name
parameter.  Defaults to RegionOne for backwards compatibility and
to use the default region named RegionOne.

Change-Id: I913d8da5b753c8db40a05ba2ae1784750f722a5b

manifests/auth_file.pp

@@ -4,24 +4,35 @@
 # against a keystone server.
 #
 class openstack::auth_file(
-  $admin_password,
   $controller_node      = '127.0.0.1',
-  $keystone_admin_token = 'keystone_admin_token',
+  $keystone_admin_token = undef,
   $admin_user           = 'admin',
+  $admin_password       = undef,
   $admin_tenant         = 'admin',
+  $region_name          = 'RegionOne',
   $use_no_cache         = true
 ) {
-  file { '/root/openrc':
+
-    content =>
+  if ($keystone_admin_token) {
-  "
+    file { '/root/openrc':
-  export OS_NO_CACHE=${use_no_cache}
+        content =>
-  export OS_TENANT_NAME=${admin_tenant}
+    "
-  export OS_USERNAME=${admin_user}
+    export OS_SERVICE_TOKEN=${keystone_admin_token}
-  export OS_PASSWORD='${admin_password}'
+    export OS_SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/
-  export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\"
+    "
-  export OS_AUTH_STRATEGY=keystone
+    }
-  export SERVICE_TOKEN=${keystone_admin_token}
+  } else {
-  export SERVICE_ENDPOINT=http://${controller_node}:35357/v2.0/
+    file { '/root/openrc':
-  "
+      content =>
+    "
+    export OS_NO_CACHE=${use_no_cache}
+    export OS_TENANT_NAME=${admin_tenant}
+    export OS_USERNAME=${admin_user}
+    export OS_PASSWORD='${admin_password}'
+    export OS_AUTH_URL=\"http://${controller_node}:5000/v2.0/\"
+    export OS_AUTH_STRATEGY=keystone
+    export OS_REGION_NAME=${region_name}
+    "
+    }
   }
 }

spec/classes/openstack_auth_file_spec.rb

@@ -2,7 +2,7 @@ require 'spec_helper'
 
 describe 'openstack::auth_file' do
 
-  describe "when only passing required class parameters" do
+  describe "when only passing default class parameters" do
 
     let :params do
       { :admin_password => 'admin' }
@@ -10,16 +10,15 @@ describe 'openstack::auth_file' do
 
     it 'should create a openrc file' do
       should contain_file('/root/openrc').with_content(
-  '
+    '
-  export OS_NO_CACHE=true
+    export OS_NO_CACHE=true
-  export OS_TENANT_NAME=admin
+    export OS_TENANT_NAME=admin
-  export OS_USERNAME=admin
+    export OS_USERNAME=admin
-  export OS_PASSWORD=\'admin\'
+    export OS_PASSWORD=\'admin\'
-  export OS_AUTH_URL="http://127.0.0.1:5000/v2.0/"
+    export OS_AUTH_URL="http://127.0.0.1:5000/v2.0/"
-  export OS_AUTH_STRATEGY=keystone
+    export OS_AUTH_STRATEGY=keystone
-  export SERVICE_TOKEN=keystone_admin_token
+    export OS_REGION_NAME=RegionOne
-  export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0/
+    '
-  '
         )
     end
   end
@@ -28,27 +27,17 @@ describe 'openstack::auth_file' do
 
       let :params do
         {
-          :admin_password        => 'nova',
           :controller_node       => '127.0.0.2',
           :keystone_admin_token  => 'keystone',
-          :admin_user            => 'nova',
-          :admin_tenant          => 'nova',
-          :use_no_cache          => false,
         }
       end
 
       it 'should create a openrc file' do
         should contain_file('/root/openrc').with_content(
-  '
+    '
-  export OS_NO_CACHE=false
+    export OS_SERVICE_TOKEN=keystone
-  export OS_TENANT_NAME=nova
+    export OS_SERVICE_ENDPOINT=http://127.0.0.2:35357/v2.0/
-  export OS_USERNAME=nova
+    '
-  export OS_PASSWORD=\'nova\'
-  export OS_AUTH_URL="http://127.0.0.2:5000/v2.0/"
-  export OS_AUTH_STRATEGY=keystone
-  export SERVICE_TOKEN=keystone
-  export SERVICE_ENDPOINT=http://127.0.0.2:35357/v2.0/
-  '
         )
       end
   end