openstack/puppet-manila
Code Issues Proposed changes

Merge "Globally support system scope credentials"

Browse Source
This commit is contained in:
Zuul 2022-03-11 10:49:43 +00:00 committed by Gerrit Code Review
commit d41e0ecf22
9 changed files with 135 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
manifests/compute/nova.pp
View File

@ -33,6 +33,10 @@
# (optional) Project name to scope to
# Defaults to 'services'
#
# [*system_scope*]
# (optional) Scope for system operations.
# Defaults to $::os_service_default
#
# [*region_name*]
# (optional) Region name for connecting to nova
# Defaults to $::os_service_default
@ -62,6 +66,7 @@ class manila::compute::nova (
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$project_name = 'services',
$system_scope = $::os_service_default,
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'nova',
@ -71,6 +76,14 @@ class manila::compute::nova (
include manila::deps
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $::os_service_default
$project_domain_name_real = $::os_service_default
}
manila_config {
'nova/insecure': value => $insecure;
'nova/auth_url': value => $auth_url;
@ -81,8 +94,9 @@ class manila::compute::nova (
'nova/username': value => $username;
'nova/user_domain_name': value => $user_domain_name;
'nova/password': value => $password, secret => true;
'nova/project_name': value => $project_name;
'nova/project_domain_name': value => $project_domain_name;
'nova/project_name': value => $project_name_real;
'nova/project_domain_name': value => $project_domain_name_real;
'nova/system_scope': value => $system_scope;
'nova/api_microversion': value => $api_microversion;
}
}

18
manifests/image/glance.pp
View File

@ -45,6 +45,10 @@
# (optional) Project name to scope to
# Defaults to 'services'
#
# [*system_scope*]
# (optional) Scope for system operations.
# Defaults to $::os_service_default
#
# [*region_name*]
# (optional) Region name for connecting to cinder
# Defaults to $::os_service_default
@ -73,6 +77,7 @@ class manila::image::glance (
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$project_name = 'services',
$system_scope = $::os_service_default,
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'glance',
@ -81,6 +86,14 @@ class manila::image::glance (
include manila::deps
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $::os_service_default
$project_domain_name_real = $::os_service_default
}
manila_config {
'glance/api_microversion': value => $api_microversion;
'glance/insecure': value => $insecure;
@ -90,8 +103,9 @@ class manila::image::glance (
'glance/certfile': value => $certfile;
'glance/keyfile': value => $keyfile;
'glance/user_domain_name': value => $user_domain_name;
'glance/project_domain_name': value => $project_domain_name;
'glance/project_name': value => $project_name;
'glance/project_domain_name': value => $project_domain_name_real;
'glance/project_name': value => $project_name_real;
'glance/system_scope': value => $system_scope;
'glance/region_name': value => $region_name;
'glance/endpoint_type': value => $endpoint_type;
'glance/username': value => $username;

20
manifests/network/neutron.pp
View File

@ -33,6 +33,10 @@
# (optional) Project name to scope to
# Defaults to 'services'
#
# [*system_scope*]
# (optional) Scope for system operations.
# Defaults to $::os_service_default
#
# [*region_name*]
# (optional) Region name for connecting to neutron
# Defaults to $::os_service_default
@ -70,6 +74,7 @@ class manila::network::neutron (
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$project_name = 'services',
$system_scope = $::os_service_default,
$region_name = $::os_service_default,
$timeout = $::os_service_default,
$endpoint_type = $::os_service_default,
@ -79,11 +84,21 @@ class manila::network::neutron (
$network_plugin_ipv6_enabled = $::os_service_default,
) {
include manila::deps
# TODO(tkajinam): Remove this after Yoga release
manila_config {
'DEFAULT/network_api_class': ensure => absent;
}
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $::os_service_default
$project_domain_name_real = $::os_service_default
}
manila_config {
'neutron/insecure': value => $insecure;
'neutron/auth_url': value => $auth_url;
@ -95,8 +110,9 @@ class manila::network::neutron (
'neutron/username': value => $username;
'neutron/user_domain_name': value => $user_domain_name;
'neutron/password': value => $password, secret => true;
'neutron/project_name': value => $project_name;
'neutron/project_domain_name': value => $project_domain_name;
'neutron/project_name': value => $project_name_real;
'neutron/project_domain_name': value => $project_domain_name_real;
'neutron/system_scope': value => $system_scope;
'DEFAULT/network_plugin_ipv4_enabled': value => $network_plugin_ipv4_enabled;
'DEFAULT/network_plugin_ipv6_enabled': value => $network_plugin_ipv6_enabled;
}

18
manifests/volume/cinder.pp
View File

@ -33,6 +33,10 @@
# (optional) Project name to scope to
# Defaults to 'services'
#
# [*system_scope*]
# (optional) Scope for system operations.
# Defaults to $::os_service_default
#
# [*region_name*]
# (optional) Region name for connecting to cinder
# Defaults to $::os_service_default
@ -67,6 +71,7 @@ class manila::volume::cinder (
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$project_name = 'services',
$system_scope = $::os_service_default,
$region_name = $::os_service_default,
$endpoint_type = $::os_service_default,
$username = 'cinder',
@ -77,6 +82,14 @@ class manila::volume::cinder (
include manila::deps
if is_service_default($system_scope) {
$project_name_real = $project_name
$project_domain_name_real = $project_domain_name
} else {
$project_name_real = $::os_service_default
$project_domain_name_real = $::os_service_default
}
manila_config {
'cinder/insecure': value => $insecure;
'cinder/auth_url': value => $auth_url;
@ -87,8 +100,9 @@ class manila::volume::cinder (
'cinder/username': value => $username;
'cinder/user_domain_name': value => $user_domain_name;
'cinder/password': value => $password, secret => true;
'cinder/project_name': value => $project_name;
'cinder/project_domain_name': value => $project_domain_name;
'cinder/project_name': value => $project_name_real;
'cinder/project_domain_name': value => $project_domain_name_real;
'cinder/system_scope': value => $system_scope;
'cinder/http_retries': value => $http_retries;
'cinder/cross_az_attach': value => $cross_az_attach;
}

9
releasenotes/notes/system_scope-all-4a661d5cc27d448a.yaml Normal file
View File

@ -0,0 +1,9 @@
---
features:
- |
The new ``system_scope`` parameter has been added to the following classes.
- ``manila::compute::nova``
- ``manila::image::glance``
- ``manila::network::neutron``
- ``manila::volume::cinder``

15
spec/classes/manila_compute_nova_spec.rb
View File

@ -11,6 +11,7 @@ describe 'manila::compute::nova' do
is_expected.to contain_manila_config('nova/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_name').with_value('services')
is_expected.to contain_manila_config('nova/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/username').with_value('nova')
@ -42,6 +43,7 @@ describe 'manila::compute::nova' do
is_expected.to contain_manila_config('nova/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('nova/project_name').with_value('services')
is_expected.to contain_manila_config('nova/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/region_name').with_value('RegionOne')
is_expected.to contain_manila_config('nova/endpoint_type').with_value('publicURL')
is_expected.to contain_manila_config('nova/username').with_value('novav1')
@ -49,6 +51,19 @@ describe 'manila::compute::nova' do
is_expected.to contain_manila_config('nova/api_microversion').with_value('2.10')
end
end
context 'when system_scope is set' do
let :params do
{
:system_scope => 'all'
}
end
it 'configures system-scoped credential' do
is_expected.to contain_manila_config('nova/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/project_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('nova/system_scope').with_value('all')
end
end
end
on_supported_os({

15
spec/classes/manila_image_glance_spec.rb
View File

@ -14,6 +14,7 @@ describe 'manila::image::glance' do
is_expected.to contain_manila_config('glance/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('glance/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('glance/project_name').with_value('services')
is_expected.to contain_manila_config('glance/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/endpoint_type').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/username').with_value('glance')
@ -47,12 +48,26 @@ describe 'manila::image::glance' do
is_expected.to contain_manila_config('glance/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('glance/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('glance/project_name').with_value('services')
is_expected.to contain_manila_config('glance/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/region_name').with_value('RegionOne')
is_expected.to contain_manila_config('glance/endpoint_type').with_value('publicURL')
is_expected.to contain_manila_config('glance/username').with_value('glancev1')
is_expected.to contain_manila_config('glance/password').with_value('123123').with_secret(true)
end
end
context 'when system_scope is set' do
let :params do
{
:system_scope => 'all'
}
end
it 'configures system-scoped credential' do
is_expected.to contain_manila_config('glance/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/project_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('glance/system_scope').with_value('all')
end
end
end
on_supported_os({

15
spec/classes/manila_network_neutron_spec.rb
View File

@ -11,6 +11,7 @@ describe 'manila::network::neutron' do
is_expected.to contain_manila_config('neutron/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_name').with_value('services')
is_expected.to contain_manila_config('neutron/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/endpoint_type').with_value('<SERVICE DEFAULT>')
@ -46,6 +47,7 @@ describe 'manila::network::neutron' do
is_expected.to contain_manila_config('neutron/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('neutron/project_name').with_value('services')
is_expected.to contain_manila_config('neutron/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/region_name').with_value('RegionOne')
is_expected.to contain_manila_config('neutron/timeout').with_value(30)
is_expected.to contain_manila_config('neutron/endpoint_type').with_value('publicURL')
@ -55,6 +57,19 @@ describe 'manila::network::neutron' do
is_expected.to contain_manila_config('DEFAULT/network_plugin_ipv6_enabled').with_value(true)
end
end
context 'when system_scope is set' do
let :params do
{
:system_scope => 'all'
}
end
it 'configures system-scoped credential' do
is_expected.to contain_manila_config('neutron/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/project_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('neutron/system_scope').with_value('all')
end
end
end
on_supported_os({

15
spec/classes/manila_volume_cinder_spec.rb
View File

@ -13,6 +13,7 @@ describe 'manila::volume::cinder' do
is_expected.to contain_manila_config('cinder/user_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_name').with_value('services')
is_expected.to contain_manila_config('cinder/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/username').with_value('cinder')
is_expected.to contain_manila_config('cinder/password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/http_retries').with_value('<SERVICE DEFAULT>')
@ -45,6 +46,7 @@ describe 'manila::volume::cinder' do
is_expected.to contain_manila_config('cinder/project_domain_name').with_value('Default')
is_expected.to contain_manila_config('cinder/project_name').with_value('services')
is_expected.to contain_manila_config('cinder/region_name').with_value('RegionOne')
is_expected.to contain_manila_config('cinder/system_scope').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/endpoint_type').with_value('publicURL')
is_expected.to contain_manila_config('cinder/username').with_value('cinderv1')
is_expected.to contain_manila_config('cinder/password').with_value('123123').with_secret(true)
@ -52,6 +54,19 @@ describe 'manila::volume::cinder' do
is_expected.to contain_manila_config('cinder/cross_az_attach').with_value('true')
end
end
context 'when system_scope is set' do
let :params do
{
:system_scope => 'all'
}
end
it 'configures system-scoped credential' do
is_expected.to contain_manila_config('cinder/project_domain_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/project_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_manila_config('cinder/system_scope').with_value('all')
end
end
end
on_supported_os({