openstack/puppet-ironic
Code Issues Proposed changes

Use common implementation to manage audit middleware options

Browse Source 
Depends-on: https://review.opendev.org/957837
Change-Id: Icff8e7201351666f688374c31d2adac0fbb097cd
Signed-off-by: Takashi Kajinami <kajinamit@oss.nttdata.com>
This commit is contained in:
Takashi Kajinami
2025-08-19 15:39:04 +09:00
parent c903ce1d90
commit 63a8b10fa1
2 changed files with 17 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
manifests/audit.pp
View File

@@ -9,12 +9,12 @@
# Defaults to $facts['os_service_default'] # Defaults to $facts['os_service_default']
# #
# [*audit_map_file*] # [*audit_map_file*]
# (Optional) Path to audit map file for ironic-api service. # (Optional) Path to audit map file.
# Defaults to $facts['os_service_default'] # Defaults to $facts['os_service_default']
# #
# [*ignore_req_list*] # [*ignore_req_list*]
# (Optional) Comma separated list of Ironic REST API HTTP methods # (Optional) List of REST API HTTP methods to be ignored during audit
# to be ignored during audit logging. # logging.
# Defaults to $facts['os_service_default'] # Defaults to $facts['os_service_default']
# #
class ironic::audit ( class ironic::audit (
@@ -26,8 +26,11 @@ class ironic::audit (
include ironic::deps include ironic::deps
ironic_config { ironic_config {
'audit/enabled': value => $enabled; 'audit/enabled': value => $enabled;
'audit/audit_map_file': value => $audit_map_file; }
'audit/ignore_req_list': value => join(any2array($ignore_req_list), ',');
oslo::audit { 'ironic_config':
audit_map_file => $audit_map_file,
ignore_req_list => $ignore_req_list,
} }
} }

24
spec/classes/ironic_audit_spec.rb
View File

@@ -11,8 +11,10 @@ describe 'ironic::audit' do
it 'configures default values' do it 'configures default values' do
is_expected.to contain_ironic_config('audit/enabled').with_value('<SERVICE DEFAULT>') is_expected.to contain_ironic_config('audit/enabled').with_value('<SERVICE DEFAULT>')
is_expected.to contain_ironic_config('audit/audit_map_file').with_value('<SERVICE DEFAULT>') is_expected.to contain_oslo__audit('ironic_config').with(
is_expected.to contain_ironic_config('audit/ignore_req_list').with_value('<SERVICE DEFAULT>') :audit_map_file => '<SERVICE DEFAULT>',
:ignore_req_list => '<SERVICE DEFAULT>',
)
end end
end end
@@ -21,26 +23,16 @@ describe 'ironic::audit' do
{ {
:enabled => true, :enabled => true,
:audit_map_file => '/etc/ironic/api_audit_map.conf', :audit_map_file => '/etc/ironic/api_audit_map.conf',
:ignore_req_list => 'GET,POST', :ignore_req_list => ['GET', 'POST'],
} }
end end
it 'configures specified values' do it 'configures specified values' do
is_expected.to contain_ironic_config('audit/enabled').with_value(true) is_expected.to contain_ironic_config('audit/enabled').with_value(true)
is_expected.to contain_ironic_config('audit/audit_map_file').with_value('/etc/ironic/api_audit_map.conf') is_expected.to contain_oslo__audit('ironic_config').with(
is_expected.to contain_ironic_config('audit/ignore_req_list').with_value('GET,POST') :audit_map_file => '/etc/ironic/api_audit_map.conf',
end
end
context 'with ignore_req_list in array' do
let :params do
{
:ignore_req_list => ['GET', 'POST'], :ignore_req_list => ['GET', 'POST'],
} )
end
it 'configures ignore_req_list with a comma separated list' do
is_expected.to contain_ironic_config('audit/ignore_req_list').with_value('GET,POST')
end end
end end
end end