From 955836e129669188aad4534a0719273f35866f51 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Mon, 4 Apr 2022 17:39:42 +0900 Subject: [PATCH] vnc: Clear vencrypt_* parameters by default ... to make sure the unused parameters are removed from nova.conf. Change-Id: I1e8527efe31f88334f3af53a427e5c4cf28ae885 --- manifests/vncproxy.pp | 6 ++++++ spec/classes/nova_vnc_proxy_spec.rb | 26 ++++++++++++++------------ 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/manifests/vncproxy.pp b/manifests/vncproxy.pp index b75259baf..045fa7b72 100644 --- a/manifests/vncproxy.pp +++ b/manifests/vncproxy.pp @@ -100,6 +100,12 @@ class nova::vncproxy( $auth_schemes = 'vencrypt' } } else { + nova_config { + 'vnc/vencrypt_ca_certs': ensure => absent; + 'vnc/vencrypt_client_cert': ensure => absent; + 'vnc/vencrypt_client_key': ensure => absent; + } + $auth_schemes = 'none' } diff --git a/spec/classes/nova_vnc_proxy_spec.rb b/spec/classes/nova_vnc_proxy_spec.rb index 1653f0596..b2906ba91 100644 --- a/spec/classes/nova_vnc_proxy_spec.rb +++ b/spec/classes/nova_vnc_proxy_spec.rb @@ -13,10 +13,12 @@ describe 'nova::vncproxy' do end context 'with default parameters' do - - it { is_expected.to contain_nova_config('vnc/novncproxy_host').with(:value => '0.0.0.0') } - it { is_expected.to contain_nova_config('vnc/novncproxy_port').with(:value => '6080') } - it { is_expected.to contain_nova_config('vnc/auth_schemes').with(:value => 'none') } + it { is_expected.to contain_nova_config('vnc/novncproxy_host').with_value('0.0.0.0') } + it { is_expected.to contain_nova_config('vnc/novncproxy_port').with_value('6080') } + it { is_expected.to contain_nova_config('vnc/auth_schemes').with_value('none') } + it { is_expected.to contain_nova_config('vnc/vencrypt_client_key').with_ensure('absent')} + it { is_expected.to contain_nova_config('vnc/vencrypt_client_cert').with_ensure('absent')} + it { is_expected.to contain_nova_config('vnc/vencrypt_ca_certs').with_ensure('absent')} it { is_expected.to contain_package('nova-vncproxy').with( :name => platform_params[:nova_vncproxy_package], @@ -60,10 +62,10 @@ describe 'nova::vncproxy' do :vencrypt_ca => '/baz.pem' } end - it { is_expected.to contain_nova_config('vnc/auth_schemes').with(:value => 'vencrypt,none') } - it { is_expected.to contain_nova_config('vnc/vencrypt_client_key').with(:value => '/foo.key')} - it { is_expected.to contain_nova_config('vnc/vencrypt_client_cert').with(:value => '/bar.pem')} - it { is_expected.to contain_nova_config('vnc/vencrypt_ca_certs').with(:value => '/baz.pem')} + it { is_expected.to contain_nova_config('vnc/auth_schemes').with_value('vencrypt,none') } + it { is_expected.to contain_nova_config('vnc/vencrypt_client_key').with_value('/foo.key')} + it { is_expected.to contain_nova_config('vnc/vencrypt_client_cert').with_value('/bar.pem')} + it { is_expected.to contain_nova_config('vnc/vencrypt_ca_certs').with_value('/baz.pem')} end context 'with vencrypt without noauth' do @@ -76,10 +78,10 @@ describe 'nova::vncproxy' do :vencrypt_ca => '/baz.pem' } end - it { is_expected.to contain_nova_config('vnc/auth_schemes').with(:value => 'vencrypt') } - it { is_expected.to contain_nova_config('vnc/vencrypt_client_key').with(:value => '/foo.key')} - it { is_expected.to contain_nova_config('vnc/vencrypt_client_cert').with(:value => '/bar.pem')} - it { is_expected.to contain_nova_config('vnc/vencrypt_ca_certs').with(:value => '/baz.pem')} + it { is_expected.to contain_nova_config('vnc/auth_schemes').with_value('vencrypt') } + it { is_expected.to contain_nova_config('vnc/vencrypt_client_key').with_value('/foo.key')} + it { is_expected.to contain_nova_config('vnc/vencrypt_client_cert').with_value('/bar.pem')} + it { is_expected.to contain_nova_config('vnc/vencrypt_ca_certs').with_value('/baz.pem')} end context 'with no auth method set' do