Use a 'params' hash for authtoken parameters

This change adds the 'params' hash in authtoken class, to implement
the same functionality as the one recently introduced into
puppet-nova[1].

[1] 5c38281e1b698f157f03bf1815733277c541c30b

Change-Id: Iae359ee38cac10190f9813b14cd3a2f92a59d1b6
This commit is contained in:
Takashi Kajinami 2021-08-27 15:08:50 +09:00
parent 2ba372a398
commit 8b8601618a
2 changed files with 58 additions and 37 deletions

View File

@ -187,6 +187,10 @@
# "public", "internal" or "admin". # "public", "internal" or "admin".
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
# #
# [*params*]
# (Optional) Hash of additional parameters to pass through to the keystone
# authtoken class. Values set here override the individual parameters above.
#
class zaqar::keystone::authtoken( class zaqar::keystone::authtoken(
$username = 'zaqar', $username = 'zaqar',
$password = $::os_service_default, $password = $::os_service_default,
@ -224,6 +228,7 @@ class zaqar::keystone::authtoken(
$service_token_roles_required = $::os_service_default, $service_token_roles_required = $::os_service_default,
$service_type = $::os_service_default, $service_type = $::os_service_default,
$interface = $::os_service_default, $interface = $::os_service_default,
$params = {}
) { ) {
include zaqar::deps include zaqar::deps
@ -232,42 +237,45 @@ class zaqar::keystone::authtoken(
fail('Please set password for Zaqar service user') fail('Please set password for Zaqar service user')
} }
keystone::resource::authtoken { 'zaqar_config': keystone::resource::authtoken {
username => $username, 'zaqar_config':
password => $password, * => $params;
project_name => $project_name, default:
auth_url => $auth_url, username => $username,
www_authenticate_uri => $www_authenticate_uri, password => $password,
auth_version => $auth_version, project_name => $project_name,
auth_type => $auth_type, auth_url => $auth_url,
auth_section => $auth_section, www_authenticate_uri => $www_authenticate_uri,
user_domain_name => $user_domain_name, auth_version => $auth_version,
project_domain_name => $project_domain_name, auth_type => $auth_type,
insecure => $insecure, auth_section => $auth_section,
cache => $cache, user_domain_name => $user_domain_name,
cafile => $cafile, project_domain_name => $project_domain_name,
certfile => $certfile, insecure => $insecure,
delay_auth_decision => $delay_auth_decision, cache => $cache,
enforce_token_bind => $enforce_token_bind, cafile => $cafile,
http_connect_timeout => $http_connect_timeout, certfile => $certfile,
http_request_max_retries => $http_request_max_retries, delay_auth_decision => $delay_auth_decision,
include_service_catalog => $include_service_catalog, enforce_token_bind => $enforce_token_bind,
keyfile => $keyfile, http_connect_timeout => $http_connect_timeout,
memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout, http_request_max_retries => $http_request_max_retries,
memcache_pool_dead_retry => $memcache_pool_dead_retry, include_service_catalog => $include_service_catalog,
memcache_pool_maxsize => $memcache_pool_maxsize, keyfile => $keyfile,
memcache_pool_socket_timeout => $memcache_pool_socket_timeout, memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout,
memcache_secret_key => $memcache_secret_key, memcache_pool_dead_retry => $memcache_pool_dead_retry,
memcache_security_strategy => $memcache_security_strategy, memcache_pool_maxsize => $memcache_pool_maxsize,
memcache_use_advanced_pool => $memcache_use_advanced_pool, memcache_pool_socket_timeout => $memcache_pool_socket_timeout,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout, memcache_secret_key => $memcache_secret_key,
memcached_servers => $memcached_servers, memcache_security_strategy => $memcache_security_strategy,
manage_memcache_package => $manage_memcache_package, memcache_use_advanced_pool => $memcache_use_advanced_pool,
region_name => $region_name, memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
token_cache_time => $token_cache_time, memcached_servers => $memcached_servers,
service_token_roles => $service_token_roles, manage_memcache_package => $manage_memcache_package,
service_token_roles_required => $service_token_roles_required, region_name => $region_name,
service_type => $service_type, token_cache_time => $token_cache_time,
interface => $interface, service_token_roles => $service_token_roles,
service_token_roles_required => $service_token_roles_required,
service_type => $service_type,
interface => $interface;
} }
} }

View File

@ -133,6 +133,19 @@ describe 'zaqar::keystone::authtoken' do
is_expected.to contain_package('python-memcache') is_expected.to contain_package('python-memcache')
end end
end end
context 'when overriding parameters via params hash' do
before do
params.merge!({
:username => 'myuser',
:params => { 'username' => 'myotheruser' },
})
end
it 'configure keystone_authtoken' do
is_expected.to contain_zaqar_config('keystone_authtoken/username').with_value(params[:params]['username'])
end
end
end end
on_supported_os({ on_supported_os({