Browse Source

Rewrite additional domains generation

This patch makes use of Puppet native function
create_resources() in order to generate
Keystone domain resources from hash
provided by parce_it() function.

This approach required modification of parce_it()
function so it can parse list of additional domains strings
and generate a hash in form of:

domain1_name => { property1 => value1,
                  property2 => value2,
                  .....
                  propertyx => valuex },
domain2_name => { property1 => value1,
                  property2 => value2,
                  .....
                  propertyx => valuex },
.....and so on

This form of hash is suitable to be taken by create_resources()
function. Puppet define plugin_ldap::multiple_domain
was also modified to comply with create_resources()
function.

Change-Id: I14321af5efa18f1381a51668ed1c5c50c06a0002
Closes-Bug: #1658655
Mykyta Karpin 2 years ago
parent
commit
7cf2e0f36e

+ 20
- 13
deployment_scripts/puppet/modules/plugin_ldap/lib/puppet/parser/functions/parse_it.rb View File

@@ -1,25 +1,32 @@
1 1
 module Puppet::Parser::Functions
2 2
   newfunction(:parse_it, :type => :rvalue, :doc => <<-EOS
3
-This function parses text area, create hash and returns values
4
-for keystone domain creation
3
+This function parses text area, creates hash and returns it
4
+for keystone domains creation
5 5
 EOS
6 6
   ) do |args|
7 7
 
8
-    param_hash = {}
9
-    cert_chain = args[0].slice!(/^(ca_chain=-----BEGIN CERTIFICATE-----)(.*[\r\n])+(-----END CERTIFICATE-----[\s\S]*?)$/)
8
+    domains_hash = {}
10 9
 
11
-    if cert_chain
12
-      splited_cert_chain = cert_chain.split('=',2)
13
-      param_hash[splited_cert_chain[0]] = splited_cert_chain[1]
14
-    end
10
+    args[0].each do |item|
11
+      param_hash = {}
12
+      cert_chain = item.slice!(/^(ca_chain=-----BEGIN CERTIFICATE-----)(.*[\r\n])+(-----END CERTIFICATE-----[\s\S]*?)$/)
13
+
14
+      if cert_chain
15
+        splited_cert_chain = cert_chain.split('=',2)
16
+        param_hash[splited_cert_chain[0]] = splited_cert_chain[1]
17
+      end
15 18
 
16
-    splited_text = args[0].split("\n")
17
-    splited_text.each do |item|
18
-      splited_line = item.split('=',2)
19
-      param_hash[splited_line[0]] = splited_line[1]
19
+      splited_text = item.split("\n")
20
+      splited_text.each do |param|
21
+        splited_line = param.split('=',2)
22
+        if splited_line[0] and splited_line[0] != :undef
23
+          param_hash[splited_line[0]] = splited_line[1]
24
+        end
25
+      end
26
+      domains_hash[param_hash['domain']] = param_hash
20 27
     end
21 28
 
22
-    return param_hash
29
+    return domains_hash
23 30
   end
24 31
 end
25 32
 

+ 4
- 2
deployment_scripts/puppet/modules/plugin_ldap/manifests/controller.pp View File

@@ -89,12 +89,14 @@ class plugin_ldap::controller {
89 89
   #Create domains using info from text area 'List of additional Domains'
90 90
   if $additional_domains {
91 91
     $domains_list = split($additional_domains, '^$')
92
-    plugin_ldap::multiple_domain { $domains_list:
92
+    $domains_hash = parse_it($domains_list)
93
+    $domain_defaults = {
93 94
       identity_driver       => $identity_driver,
94
-      ldap_proxy            => $ldap_proxy,
95
+      ldap_proxy_default    => $ldap_proxy,
95 96
       management_vip        => $management_vip,
96 97
       slapd_config_template => $proxy_data[1],
97 98
     }
99
+    create_resources(plugin_ldap::multiple_domain, $domains_hash, $domain_defaults)
98 100
   }
99 101
 
100 102
   file { '/etc/keystone/domains':

+ 69
- 46
deployment_scripts/puppet/modules/plugin_ldap/manifests/multiple_domain.pp View File

@@ -1,26 +1,49 @@
1 1
 define plugin_ldap::multiple_domain (
2
-  $domain_info             = $title,
3
-  $identity_driver         = undef,
4
-  $ldap_proxy              = undef,
5
-  $management_vip          = undef,
6
-  $slapd_config_template   = undef,
7
-  $slapd_conf              = '/etc/ldap/slapd.conf',
2
+  $domain                 = $title,
3
+  $identity_driver        = undef,
4
+  $url                    = undef,
5
+  $use_tls                = undef,
6
+  $ca_chain               = undef,
7
+  $suffix                 = undef,
8
+  $user                   = undef,
9
+  $password               = undef,
10
+  $query_scope            = undef,
11
+  $user_tree_dn           = undef,
12
+  $user_filter            = undef,
13
+  $user_objectclass       = undef,
14
+  $user_id_attribute      = undef,
15
+  $user_name_attribute    = undef,
16
+  $user_pass_attribute    = undef,
17
+  $user_enabled_attribute = undef,
18
+  $user_enabled_default   = undef,
19
+  $user_enabled_mask      = undef,
20
+  $user_allow_create      = undef,
21
+  $user_allow_update      = undef,
22
+  $user_allow_delete      = undef,
23
+  $group_tree_dn          = undef,
24
+  $group_filter           = undef,
25
+  $group_objectclass      = undef,
26
+  $group_id_attribute     = undef,
27
+  $group_name_attribute   = undef,
28
+  $group_member_attribute = undef,
29
+  $group_desc_attribute   = undef,
30
+  $group_allow_create     = undef,
31
+  $group_allow_update     = undef,
32
+  $group_allow_delete     = undef,
33
+  $page_size              = undef,
34
+  $chase_referrals        = undef,
35
+  $ldap_proxy             = undef,
36
+  $ldap_proxy_default     = undef,
37
+  $management_vip         = undef,
38
+  $slapd_config_template  = undef,
39
+  $slapd_conf             = '/etc/ldap/slapd.conf',
8 40
 ){
9 41
 
10
-  $domain_params_hash = parse_it($domain_info)
42
+  # ldap_url variable is used in slapd.conf templates
43
+  $ldap_url = $url
11 44
 
12
-  $domain                 = $domain_params_hash['domain']
13
-  $suffix                 = $domain_params_hash['suffix']
14
-  $user_tree_dn           = $domain_params_hash['user_tree_dn']
15
-  $user                   = $domain_params_hash['user']
16
-  $password               = $domain_params_hash['password']
17
-  $ldap_url               = $domain_params_hash['url']
18
-  $use_tls                = $domain_params_hash['use_tls']
19
-  $ldap_proxy_multidomain = $domain_params_hash['ldap_proxy']
20
-  $ca_chain               = $domain_params_hash['ca_chain']
21
-
22
-  if $ldap_proxy and $ldap_proxy_multidomain =~ /^[Tt]rue$/ {
23
-    $url = "ldap://${management_vip}"
45
+  if $ldap_proxy_default and $ldap_proxy =~ /^[Tt]rue$/ {
46
+    $url_real = "ldap://${management_vip}"
24 47
 
25 48
     if $domain in $slapd_config_template {
26 49
       if $use_tls =~ /^[Ff]alse$/ {
@@ -48,44 +71,44 @@ define plugin_ldap::multiple_domain (
48 71
     }
49 72
     $tls = false
50 73
   } else {
51
-    $url = $domain_params_hash['url']
74
+    $url_real = $url
52 75
     $tls = $use_tls ? { /^[Tt]rue$/ => true, default => false }
53 76
   }
54 77
 
55
-  plugin_ldap::keystone { "$domain_params_hash['domain']" :
78
+  plugin_ldap::keystone { $domain :
56 79
     domain                 => $domain,
57 80
     identity_driver        => $identity_driver,
58
-    url                    => $url,
81
+    url                    => $url_real,
59 82
     use_tls                => $tls,
60 83
     ca_chain               => $ca_chain,
61 84
     suffix                 => $suffix,
62 85
     user                   => $user,
63 86
     password               => $password,
64
-    query_scope            => $domain_params_hash['query_scope'],
87
+    query_scope            => $query_scope,
65 88
     user_tree_dn           => $user_tree_dn,
66
-    user_filter            => $domain_params_hash['user_filter'],
67
-    user_objectclass       => $domain_params_hash['user_objectclass'],
68
-    user_id_attribute      => $domain_params_hash['user_id_attribute'],
69
-    user_name_attribute    => $domain_params_hash['user_name_attribute'],
70
-    user_pass_attribute    => $domain_params_hash['user_pass_attribute'],
71
-    user_enabled_attribute => $domain_params_hash['user_enabled_attribute'],
72
-    user_enabled_default   => $domain_params_hash['user_enabled_default'],
73
-    user_enabled_mask      => $domain_params_hash['user_enabled_mask'],
74
-    user_allow_create      => $domain_params_hash['user_allow_create'],
75
-    user_allow_update      => $domain_params_hash['user_allow_update'],
76
-    user_allow_delete      => $domain_params_hash['user_allow_delete'],
77
-    group_tree_dn          => $domain_params_hash['group_tree_dn'],
78
-    group_filter           => $domain_params_hash['group_filter'],
79
-    group_objectclass      => $domain_params_hash['group_objectclass'],
80
-    group_id_attribute     => $domain_params_hash['group_id_attribute'],
81
-    group_name_attribute   => $domain_params_hash['group_name_attribute'],
82
-    group_member_attribute => $domain_params_hash['group_member_attribute'],
83
-    group_desc_attribute   => $domain_params_hash['group_desc_attribute'],
84
-    group_allow_create     => $domain_params_hash['group_allow_create'],
85
-    group_allow_update     => $domain_params_hash['group_allow_update'],
86
-    group_allow_delete     => $domain_params_hash['group_allow_delete'],
87
-    page_size              => $domain_params_hash['page_size'],
88
-    chase_referrals        => $domain_params_hash['chase_referrals'],
89
+    user_filter            => $user_filter,
90
+    user_objectclass       => $user_objectclass,
91
+    user_id_attribute      => $user_id_attribute,
92
+    user_name_attribute    => $user_name_attribute,
93
+    user_pass_attribute    => $user_pass_attribute,
94
+    user_enabled_attribute => $user_enabled_attribute,
95
+    user_enabled_default   => $user_enabled_default,
96
+    user_enabled_mask      => $user_enabled_mask,
97
+    user_allow_create      => $user_allow_create,
98
+    user_allow_update      => $user_allow_update,
99
+    user_allow_delete      => $user_allow_delete,
100
+    group_tree_dn          => $group_tree_dn,
101
+    group_filter           => $group_filter,
102
+    group_objectclass      => $group_objectclass,
103
+    group_id_attribute     => $group_id_attribute,
104
+    group_name_attribute   => $group_name_attribute,
105
+    group_member_attribute => $group_member_attribute,
106
+    group_desc_attribute   => $group_desc_attribute,
107
+    group_allow_create     => $group_allow_create,
108
+    group_allow_update     => $group_allow_update,
109
+    group_allow_delete     => $group_allow_delete,
110
+    page_size              => $page_size,
111
+    chase_referrals        => $chase_referrals,
89 112
   }
90 113
 
91 114
 }

Loading…
Cancel
Save