diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp index c511124..d5c12e2 100644 --- a/manifests/keystone/auth.pp +++ b/manifests/keystone/auth.pp @@ -52,6 +52,14 @@ # [*internal_url*] # (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8889') # +# [*manage_rating_role*] +# (optional) If true, this will manage the Keystone role for $rating_role. +# Defaults to 'true'. +# +# [*rating_role*] +# (optional) Keystone role for cloudkitty rating users. +# Defaults to 'rating'. +# class cloudkitty::keystone::auth ( $password, $auth_name = 'cloudkitty', @@ -67,6 +75,8 @@ class cloudkitty::keystone::auth ( $public_url = 'http://127.0.0.1:8889', $admin_url = 'http://127.0.0.1:8889', $internal_url = 'http://127.0.0.1:8889', + $manage_rating_role = true, + $rating_role = 'rating', ) { include ::cloudkitty::deps @@ -93,4 +103,11 @@ class cloudkitty::keystone::auth ( admin_url => $admin_url, } + if $manage_rating_role { + keystone_role { $rating_role: + ensure => present, + } + } + } + diff --git a/spec/classes/cloudkitty_keystone_auth_spec.rb b/spec/classes/cloudkitty_keystone_auth_spec.rb index 7c0d0e9..7229b54 100644 --- a/spec/classes/cloudkitty_keystone_auth_spec.rb +++ b/spec/classes/cloudkitty_keystone_auth_spec.rb @@ -33,6 +33,10 @@ describe 'cloudkitty::keystone::auth' do :admin_url => 'http://127.0.0.1:8889', :internal_url => 'http://127.0.0.1:8889', ) } + + it { is_expected.to contain_keystone_role('rating').with( + :ensure => 'present', + ) } end context 'when overriding URL parameters' do @@ -112,6 +116,19 @@ describe 'cloudkitty::keystone::auth' do ) } end + + context 'when disabling rating role management' do + + let :params do + { + :password => 'cloudkitty_password', + :manage_rating_role => false, + :rating_role => 'rating', + } + end + + it { is_expected.not_to contain_keystone_role('rating') } + end end on_supported_os({