Providing an option to disable configure_user in Keystone

Currently configure_user and configure_user_role parameters are set to true. There should be an option to configure the parameter with appropriate values. For Example, If we are using Keystone User entries from LDAP, We can't create/update the user. Change-Id: Ifecd56e3d1f0d82d45436025497746bb6394e188 Closes-Bug: #1583920
2016-05-20 06:25:13 -04:00 · 2016-05-20 06:25:13 -04:00 · c780bfc964
commit c780bfc964
parent 2c4809cd76
2 changed files with 22 additions and 2 deletions
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@ -36,6 +36,14 @@
 # [*configure_endpoint*]
 #   Should Trove endpoint be configured? Defaults to 'true'.
 #
+# [*configure_user*]
+#   Should Trove user be configured?
+#   Defaults to 'true'.
+#
+# [*configure_user_role*]
+#   Should Trove user_role be configured?
+#   Defaults to 'true'.
+#
 # [*service_type*]
 #   Type of service. Defaults to 'database'.
 #
@ -120,6 +128,8 @@ class trove::keystone::auth (
  $auth_name           = 'trove',
  $email               = 'trove@localhost',
  $tenant              = 'services',
+  $configure_user      = true,
+  $configure_user_role = true,
  $configure_endpoint  = true,
  $service_name        = undef,
  $service_type        = 'database',
@ -208,8 +218,8 @@ class trove::keystone::auth (
  ~> Service <| tag == 'trove-server' |>

  keystone::resource::service_identity { 'trove':
-    configure_user      => true,
-    configure_user_role => true,
+    configure_user      => $configure_user,
+    configure_user_role => $configure_user_role,
    configure_endpoint  => $configure_endpoint,
    service_name        => $real_service_name,
    service_type        => $service_type,
--- a/spec/classes/trove_keystone_auth_spec.rb
+++ b/spec/classes/trove_keystone_auth_spec.rb
@ -136,4 +136,14 @@ describe 'trove::keystone::auth' do

    it { is_expected.to_not contain_keystone_endpoint('RegionOne/neutron::database') }
  end
+
+  describe 'when disabling user and user_role configuration' do
+    let :params do
+      { :configure_user      => false,
+        :configure_user_role => false,
+        :password            => 'trove_password' }
+    end
+    it { is_expected.to_not contain_keystone_user('trove') }
+    it { is_expected.to_not contain_keystone_user_role('trove@services') }
+  end
 end