Rewrite additional domains generation

This patch makes use of Puppet native function
create_resources() in order to generate
Keystone domain resources from hash
provided by parce_it() function.

This approach required modification of parce_it()
function so it can parse list of additional domains strings
and generate a hash in form of:

domain1_name => { property1 => value1,
                  property2 => value2,
                  .....
                  propertyx => valuex },
domain2_name => { property1 => value1,
                  property2 => value2,
                  .....
                  propertyx => valuex },
.....and so on

This form of hash is suitable to be taken by create_resources()
function. Puppet define plugin_ldap::multiple_domain
was also modified to comply with create_resources()
function.

Change-Id: I14321af5efa18f1381a51668ed1c5c50c06a0002
Closes-Bug: #1658655

deployment_scripts/puppet/modules/plugin_ldap/lib/puppet/parser/functions/parse_it.rb

@@ -1,25 +1,32 @@
 module Puppet::Parser::Functions
   newfunction(:parse_it, :type => :rvalue, :doc => <<-EOS
-This function parses text area, create hash and returns values
+This function parses text area, creates hash and returns it
-for keystone domain creation
+for keystone domains creation
 EOS
   ) do |args|
 
-    param_hash = {}
+    domains_hash = {}
-    cert_chain = args[0].slice!(/^(ca_chain=-----BEGIN CERTIFICATE-----)(.*[\r\n])+(-----END CERTIFICATE-----[\s\S]*?)$/)
 
-    if cert_chain
+    args[0].each do |item|
-      splited_cert_chain = cert_chain.split('=',2)
+      param_hash = {}
-      param_hash[splited_cert_chain[0]] = splited_cert_chain[1]
+      cert_chain = item.slice!(/^(ca_chain=-----BEGIN CERTIFICATE-----)(.*[\r\n])+(-----END CERTIFICATE-----[\s\S]*?)$/)
+
+      if cert_chain
+        splited_cert_chain = cert_chain.split('=',2)
+        param_hash[splited_cert_chain[0]] = splited_cert_chain[1]
+      end
+
+      splited_text = item.split("\n")
+      splited_text.each do |param|
+        splited_line = param.split('=',2)
+        if splited_line[0] and splited_line[0] != :undef
+          param_hash[splited_line[0]] = splited_line[1]
+        end
+      end
+      domains_hash[param_hash['domain']] = param_hash
     end
 
-    splited_text = args[0].split("\n")
+    return domains_hash
-    splited_text.each do |item|
-      splited_line = item.split('=',2)
-      param_hash[splited_line[0]] = splited_line[1]
-    end
-
-    return param_hash
   end
 end
 

deployment_scripts/puppet/modules/plugin_ldap/manifests/controller.pp

@@ -89,12 +89,14 @@ class plugin_ldap::controller {
   #Create domains using info from text area 'List of additional Domains'
   if $additional_domains {
     $domains_list = split($additional_domains, '^$')
-    plugin_ldap::multiple_domain { $domains_list:
+    $domains_hash = parse_it($domains_list)
+    $domain_defaults = {
       identity_driver       => $identity_driver,
-      ldap_proxy            => $ldap_proxy,
+      ldap_proxy_default    => $ldap_proxy,
       management_vip        => $management_vip,
       slapd_config_template => $proxy_data[1],
     }
+    create_resources(plugin_ldap::multiple_domain, $domains_hash, $domain_defaults)
   }
 
   file { '/etc/keystone/domains':

deployment_scripts/puppet/modules/plugin_ldap/manifests/multiple_domain.pp

@@ -1,26 +1,49 @@
 define plugin_ldap::multiple_domain (
-  $domain_info             = $title,
+  $domain                 = $title,
-  $identity_driver         = undef,
+  $identity_driver        = undef,
-  $ldap_proxy              = undef,
+  $url                    = undef,
-  $management_vip          = undef,
+  $use_tls                = undef,
-  $slapd_config_template   = undef,
+  $ca_chain               = undef,
-  $slapd_conf              = '/etc/ldap/slapd.conf',
+  $suffix                 = undef,
+  $user                   = undef,
+  $password               = undef,
+  $query_scope            = undef,
+  $user_tree_dn           = undef,
+  $user_filter            = undef,
+  $user_objectclass       = undef,
+  $user_id_attribute      = undef,
+  $user_name_attribute    = undef,
+  $user_pass_attribute    = undef,
+  $user_enabled_attribute = undef,
+  $user_enabled_default   = undef,
+  $user_enabled_mask      = undef,
+  $user_allow_create      = undef,
+  $user_allow_update      = undef,
+  $user_allow_delete      = undef,
+  $group_tree_dn          = undef,
+  $group_filter           = undef,
+  $group_objectclass      = undef,
+  $group_id_attribute     = undef,
+  $group_name_attribute   = undef,
+  $group_member_attribute = undef,
+  $group_desc_attribute   = undef,
+  $group_allow_create     = undef,
+  $group_allow_update     = undef,
+  $group_allow_delete     = undef,
+  $page_size              = undef,
+  $chase_referrals        = undef,
+  $ldap_proxy             = undef,
+  $ldap_proxy_default     = undef,
+  $management_vip         = undef,
+  $slapd_config_template  = undef,
+  $slapd_conf             = '/etc/ldap/slapd.conf',
 ){
 
-  $domain_params_hash = parse_it($domain_info)
+  # ldap_url variable is used in slapd.conf templates
+  $ldap_url = $url
 
-  $domain                 = $domain_params_hash['domain']
+  if $ldap_proxy_default and $ldap_proxy =~ /^[Tt]rue$/ {
-  $suffix                 = $domain_params_hash['suffix']
+    $url_real = "ldap://${management_vip}"
-  $user_tree_dn           = $domain_params_hash['user_tree_dn']
-  $user                   = $domain_params_hash['user']
-  $password               = $domain_params_hash['password']
-  $ldap_url               = $domain_params_hash['url']
-  $use_tls                = $domain_params_hash['use_tls']
-  $ldap_proxy_multidomain = $domain_params_hash['ldap_proxy']
-  $ca_chain               = $domain_params_hash['ca_chain']
-
-  if $ldap_proxy and $ldap_proxy_multidomain =~ /^[Tt]rue$/ {
-    $url = "ldap://${management_vip}"
 
     if $domain in $slapd_config_template {
       if $use_tls =~ /^[Ff]alse$/ {
@@ -48,44 +71,44 @@ define plugin_ldap::multiple_domain (
     }
     $tls = false
   } else {
-    $url = $domain_params_hash['url']
+    $url_real = $url
     $tls = $use_tls ? { /^[Tt]rue$/ => true, default => false }
   }
 
-  plugin_ldap::keystone { "$domain_params_hash['domain']" :
+  plugin_ldap::keystone { $domain :
     domain                 => $domain,
     identity_driver        => $identity_driver,
-    url                    => $url,
+    url                    => $url_real,
     use_tls                => $tls,
     ca_chain               => $ca_chain,
     suffix                 => $suffix,
     user                   => $user,
     password               => $password,
-    query_scope            => $domain_params_hash['query_scope'],
+    query_scope            => $query_scope,
     user_tree_dn           => $user_tree_dn,
-    user_filter            => $domain_params_hash['user_filter'],
+    user_filter            => $user_filter,
-    user_objectclass       => $domain_params_hash['user_objectclass'],
+    user_objectclass       => $user_objectclass,
-    user_id_attribute      => $domain_params_hash['user_id_attribute'],
+    user_id_attribute      => $user_id_attribute,
-    user_name_attribute    => $domain_params_hash['user_name_attribute'],
+    user_name_attribute    => $user_name_attribute,
-    user_pass_attribute    => $domain_params_hash['user_pass_attribute'],
+    user_pass_attribute    => $user_pass_attribute,
-    user_enabled_attribute => $domain_params_hash['user_enabled_attribute'],
+    user_enabled_attribute => $user_enabled_attribute,
-    user_enabled_default   => $domain_params_hash['user_enabled_default'],
+    user_enabled_default   => $user_enabled_default,
-    user_enabled_mask      => $domain_params_hash['user_enabled_mask'],
+    user_enabled_mask      => $user_enabled_mask,
-    user_allow_create      => $domain_params_hash['user_allow_create'],
+    user_allow_create      => $user_allow_create,
-    user_allow_update      => $domain_params_hash['user_allow_update'],
+    user_allow_update      => $user_allow_update,
-    user_allow_delete      => $domain_params_hash['user_allow_delete'],
+    user_allow_delete      => $user_allow_delete,
-    group_tree_dn          => $domain_params_hash['group_tree_dn'],
+    group_tree_dn          => $group_tree_dn,
-    group_filter           => $domain_params_hash['group_filter'],
+    group_filter           => $group_filter,
-    group_objectclass      => $domain_params_hash['group_objectclass'],
+    group_objectclass      => $group_objectclass,
-    group_id_attribute     => $domain_params_hash['group_id_attribute'],
+    group_id_attribute     => $group_id_attribute,
-    group_name_attribute   => $domain_params_hash['group_name_attribute'],
+    group_name_attribute   => $group_name_attribute,
-    group_member_attribute => $domain_params_hash['group_member_attribute'],
+    group_member_attribute => $group_member_attribute,
-    group_desc_attribute   => $domain_params_hash['group_desc_attribute'],
+    group_desc_attribute   => $group_desc_attribute,
-    group_allow_create     => $domain_params_hash['group_allow_create'],
+    group_allow_create     => $group_allow_create,
-    group_allow_update     => $domain_params_hash['group_allow_update'],
+    group_allow_update     => $group_allow_update,
-    group_allow_delete     => $domain_params_hash['group_allow_delete'],
+    group_allow_delete     => $group_allow_delete,
-    page_size              => $domain_params_hash['page_size'],
+    page_size              => $page_size,
-    chase_referrals        => $domain_params_hash['chase_referrals'],
+    chase_referrals        => $chase_referrals,
   }
 
 }