openstack/puppet-manila
Code Issues Proposed changes

Set credential parameters when auth_type != password

Browse Source 
Currently some classes ignore keystone credential parameters like
username, but it causes the problem with some other "auth_type"s like
v3password, which require these credential parameters.

This change makes sure that all credential parameters are set
regardless of auth_type value.

Change-Id: Ifa605ced3f6cb1472535e0ce9dd776a4a47c0328
This commit is contained in:
Takashi Kajinami 2020-08-22 21:26:25 +09:00
parent fe08c435f0
commit 167e104ef5
7 changed files with 61 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
manifests/compute/nova.pp
View File

@ -48,8 +48,7 @@
#
# [*password*]
# (optional) User's password
# Only required if auth_type has been set to "password"
# Defaults to undef
# Defaults to $::os_service_default
#
class manila::compute::nova (
$insecure = $::os_service_default,
@ -62,7 +61,7 @@ class manila::compute::nova (
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'nova',
$password = undef,
$password = $::os_service_default,
) {
include manila::deps
@ -74,10 +73,6 @@ class manila::compute::nova (
'nova/cafile': value => $cafile;
'nova/region_name': value => $region_name;
'nova/endpoint_type': value => $endpoint_type;
}
if $auth_type == 'password' {
manila_config {
'nova/username': value => $username;
'nova/user_domain_name': value => $user_domain_name;
'nova/password': value => $password, secret => true;
@ -85,4 +80,3 @@ class manila::compute::nova (
'nova/project_domain_name': value => $project_domain_name;
}
}
}

13
manifests/network/neutron.pp
View File

@ -52,7 +52,7 @@
#
# [*password*]
# (optional) User's password
# Defaults to undef
# Defaults to $::os_service_default
#
# [*network_plugin_ipv4_enabled*]
# (optional) Whether to support Ipv4 network resource
@ -74,7 +74,7 @@ class manila::network::neutron (
$timeout = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'neutron',
$password = undef,
$password = $::os_service_default,
$network_plugin_ipv4_enabled = $::os_service_default,
$network_plugin_ipv6_enabled = $::os_service_default,
) {
@ -90,17 +90,12 @@ class manila::network::neutron (
'neutron/region_name': value => $region_name;
'neutron/timeout': value => $timeout;
'neutron/endpoint_type': value => $endpoint_type;
'DEFAULT/network_plugin_ipv4_enabled': value => $network_plugin_ipv4_enabled;
'DEFAULT/network_plugin_ipv6_enabled': value => $network_plugin_ipv6_enabled;
}
if $auth_type == 'password' {
manila_config {
'neutron/username': value => $username;
'neutron/user_domain_name': value => $user_domain_name;
'neutron/password': value => $password, secret => true;
'neutron/project_name': value => $project_name;
'neutron/project_domain_name': value => $project_domain_name;
}
'DEFAULT/network_plugin_ipv4_enabled': value => $network_plugin_ipv4_enabled;
'DEFAULT/network_plugin_ipv6_enabled': value => $network_plugin_ipv6_enabled;
}
}

16
manifests/volume/cinder.pp
View File

@ -48,8 +48,7 @@
#
# [*password*]
# (optional) User's password
# Only required if auth_type has been set to "password"
# Defaults to undef
# Defaults to $::os_service_default
#
# [*http_retries*]
# (optional) Number of cinderclient retries on failed http calls.
@ -92,7 +91,7 @@
#
# [*cinder_admin_password*]
# (optional) Cinder admin password.
# Defaults to undef
# Defaults to $::os_service_default
#
# [*cinder_admin_tenant_name*]
# (optional) Cinder admin tenant name
@ -113,7 +112,7 @@ class manila::volume::cinder (
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'cinder',
$password = undef,
$password = $::os_service_default,
$http_retries = $::os_service_default,
$cross_az_attach = $::os_service_default,
# DEPRECATED PARAMETERS
@ -182,17 +181,12 @@ class manila::volume::cinder (
'cinder/cafile': value => $cafile_real;
'cinder/region_name': value => $region_name;
'cinder/endpoint_type': value => $endpoint_type;
'cinder/http_retries': value => $http_retries_real;
'cinder/cross_az_attach': value => $cross_az_attach_real;
}
if $auth_type == 'password' {
manila_config {
'cinder/username': value => $username_real;
'cinder/user_domain_name': value => $user_domain_name;
'cinder/password': value => $password_real, secret => true;
'cinder/project_name': value => $project_name_real;
'cinder/project_domain_name': value => $project_domain_name;
}
'cinder/http_retries': value => $http_retries_real;
'cinder/cross_az_attach': value => $cross_az_attach_real;
}
}

10
releasenotes/notes/auth_type-fix-62bc3acab9700deb.yaml Normal file
View File

@ -0,0 +1,10 @@
---
fixes:
- |
Now the following classes set keystone_credential parameters lik username
in manila.conf, even auth_type is not ``password``. This fixes the problem
with the other auth_type value like ``v3password``.
- ``manila::compute::nova``
- ``manila::network::neutron``
- ``manila::volume::cinder``

12
spec/classes/manila_compute_nova_spec.rb
View File

@ -8,15 +8,13 @@ describe 'manila::compute::nova' do
is_expected.to contain_manila_config('nova/auth_url').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/auth_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_name').with_value('services')
is_expected.to contain_manila_config('nova/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/endpoint_type').with_value('<SERVICE DEFAULT>')
# These should be added only when auth_type is 'password'
is_expected.not_to contain_manila_config('nova/user_domain_name')
is_expected.not_to contain_manila_config('nova/project_domain_name')
is_expected.not_to contain_manila_config('nova/project_name')
is_expected.not_to contain_manila_config('nova/username')
is_expected.not_to contain_manila_config('nova/password')
is_expected.to contain_manila_config('nova/username').with_value('nova')
is_expected.to contain_manila_config('nova/password').with_value('<SERVICE DEFAULT>')
end
end

12
spec/classes/manila_network_neutron_spec.rb
View File

@ -8,18 +8,16 @@ describe 'manila::network::neutron' do
is_expected.to contain_manila_config('neutron/auth_url').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/auth_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_name').with_value('services')
is_expected.to contain_manila_config('neutron/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/username').with_value('neutron')
is_expected.to contain_manila_config('neutron/password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('DEFAULT/network_plugin_ipv4_enabled').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('DEFAULT/network_plugin_ipv6_enabled').with_value('<SERVICE DEFAULT>')
# These should be added only when auth_type is 'password'
is_expected.not_to contain_manila_config('neutron/user_domain_name')
is_expected.not_to contain_manila_config('neutron/project_domain_name')
is_expected.not_to contain_manila_config('neutron/project_name')
is_expected.not_to contain_manila_config('neutron/username')
is_expected.not_to contain_manila_config('neutron/password')
end
end

12
spec/classes/manila_volume_cinder.rb
View File

@ -10,15 +10,13 @@ describe 'manila::volume::cinder' do
is_expected.to contain_manila_config('cinder/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_name').with_value('services')
is_expected.to contain_manila_config('cinder/username').with_value('cinder')
is_expected.to contain_manila_config('cinder/password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/http_retries').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/cross_az_attach').with_value('<SERVICE DEFAULT>')
# These should be added only when auth_type is 'password'
is_expected.not_to contain_manila_config('cinder/user_domain_name')
is_expected.not_to contain_manila_config('cinder/project_domain_name')
is_expected.not_to contain_manila_config('cinder/project_name')
is_expected.not_to contain_manila_config('cinder/username')
is_expected.not_to contain_manila_config('cinder/password')
end
end