]> review.fuel-infra Code Review - puppet-modules/puppet-ceilometer.git/commitdiff
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 8e594d0)
Service_token_roles_required missing in the server config file
authorZhongShengping <chdzsp@163.com>
Fri, 15 Feb 2019 02:02:59 +0000 (10:02 +0800)
committerZhongShengping <chdzsp@163.com>
Fri, 15 Feb 2019 02:02:59 +0000 (10:02 +0800)
Service_token_roles_required missing in the server config file which
allows backwards compatibility to ensure that the service tokens are
compared against a list of possible roles for validity.

Change-Id: Ia79d517dd64720ba8ba00c5d572ec2dbf66bf831
Closes-Bug: 1778198

manifests/keystone/authtoken.pp patch | blob | history
releasenotes/notes/service_token_roles_required-be0830cbcbe1e4c4.yaml [new file with mode: 0644] patch | blob
spec/classes/ceilometer_keystone_authtoken_spec.rb patch | blob | history

diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp
index d3257325854d066af28d00734f731471289140da..29494bda7a76553aef4a71cdd99f9a81e8f1339b 100644 (file)
--- a/manifests/keystone/authtoken.pp
+++ b/manifests/keystone/authtoken.pp
@@ -161,6 +161,12 @@
 #   (in seconds). Set to -1 to disable caching completely. Integer value
 #   Defaults to $::os_service_default.
 #
+# [*service_token_roles_required*]
+#   (optional) backwards compatibility to ensure that the service tokens are
+#   compared against a list of possible roles for validity
+#   true/false
+#   Defaults to $::os_service_default.
+#
 # DEPRECATED PARAMETERS
 #
 # [*check_revocations_for_cached*]
@@ -213,6 +219,7 @@ class ceilometer::keystone::authtoken(
   $manage_memcache_package        = false,
   $region_name                    = $::os_service_default,
   $token_cache_time               = $::os_service_default,
+  $service_token_roles_required   = $::os_service_default,
   # DEPRECATED PARAMETERS
   $check_revocations_for_cached   = undef,
   $hash_algorithms                = undef,
@@ -265,5 +272,6 @@ class ceilometer::keystone::authtoken(
     manage_memcache_package        => $manage_memcache_package,
     region_name                    => $region_name,
     token_cache_time               => $token_cache_time,
+    service_token_roles_required   => $service_token_roles_required,
   }
 }
diff --git a/releasenotes/notes/service_token_roles_required-be0830cbcbe1e4c4.yaml b/releasenotes/notes/service_token_roles_required-be0830cbcbe1e4c4.yaml
new file mode 100644 (file)
index 0000000..60a4521
--- /dev/null
+++ b/releasenotes/notes/service_token_roles_required-be0830cbcbe1e4c4.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - Service_token_roles_required missing in the server config file which
+    allows backwards compatibility to ensure that the service tokens are
+    compared against a list of possible roles for validity.
diff --git a/spec/classes/ceilometer_keystone_authtoken_spec.rb b/spec/classes/ceilometer_keystone_authtoken_spec.rb
index fa6b274148c6a316f77a8d80e58bcb0e7ed1cff2..7040ea99b46688487ccdadef1c3469cb43783058 100644 (file)
--- a/spec/classes/ceilometer_keystone_authtoken_spec.rb
+++ b/spec/classes/ceilometer_keystone_authtoken_spec.rb
@@ -42,6 +42,7 @@ describe 'ceilometer::keystone::authtoken' do
         is_expected.to contain_ceilometer_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_ceilometer_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
         is_expected.to contain_ceilometer_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_ceilometer_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
       end
     end
 
@@ -80,6 +81,7 @@ describe 'ceilometer::keystone::authtoken' do
           :manage_memcache_package              => true,
           :region_name                          => 'region2',
           :token_cache_time                     => '301',
+          :service_token_roles_required         => false,
         })
       end
 
@@ -115,6 +117,7 @@ describe 'ceilometer::keystone::authtoken' do
         is_expected.to contain_ceilometer_config('keystone_authtoken/memcached_servers').with_value('memcached01:11211,memcached02:11211')
         is_expected.to contain_ceilometer_config('keystone_authtoken/region_name').with_value(params[:region_name])
         is_expected.to contain_ceilometer_config('keystone_authtoken/token_cache_time').with_value(params[:token_cache_time])
+        is_expected.to contain_ceilometer_config('keystone_authtoken/service_token_roles_required').with_value(params[:service_token_roles_required])
       end
 
       it 'installs python memcache package' do