# == Class: ceilometer::agent::auth
#
+# DEPRECATED !
# The ceilometer::agent::auth class helps configure common
# auth settings for the agents.
#
#
# [*auth_url*]
# (Optional) the keystone public endpoint
-# Defaults to 'http://localhost:5000'.
+# Defaults to undef.
#
# [*auth_region*]
# (Optional) the keystone region of this node
-# Defaults to $::os_service_default.
+# Defaults to undef.
#
# [*auth_user*]
# (Optional) the keystone user for ceilometer services
-# Defaults to 'ceilometer'.
+# Defaults to undef.
#
# [*auth_password*]
# (Required) the keystone password for ceilometer services
#
# [*auth_tenant_name*]
# (Optional) the keystone tenant name for ceilometer services
-# Defaults to 'services'.
+# Defaults to undef.
#
# [*auth_tenant_id*]
# (Optional) the keystone tenant id for ceilometer services.
#
# [*auth_user_domain_name*]
# (Optional) domain name for auth user.
-# Defaults to 'Default'.
+# Defaults to undef.
#
# [*auth_project_domain_name*]
# (Optional) domain name for auth project.
-# Defaults to 'Default'.
+# Defaults to undef.
#
# [*auth_type*]
# (Optional) Authentication type to load.
-# Defaults to 'password'.
+# Defaults to undef.
#
class ceilometer::agent::auth (
$auth_password,
- $auth_url = 'http://localhost:5000',
- $auth_region = $::os_service_default,
- $auth_user = 'ceilometer',
- $auth_tenant_name = 'services',
+ $auth_url = undef,
+ $auth_region = undef,
+ $auth_user = undef,
+ $auth_tenant_name = undef,
$auth_tenant_id = undef,
$auth_cacert = undef,
$auth_endpoint_type = undef,
- $auth_user_domain_name = 'Default',
- $auth_project_domain_name = 'Default',
- $auth_type = 'password',
+ $auth_user_domain_name = undef,
+ $auth_project_domain_name = undef,
+ $auth_type = undef
) {
include ceilometer::deps
- if ! $auth_cacert {
- ceilometer_config { 'service_credentials/cafile': ensure => absent }
- } else {
- ceilometer_config { 'service_credentials/cafile': value => $auth_cacert }
- }
+ warning('The ceilometer::agent::auth class has been deprecated. \
+Use the ceilometer::agent::service_credentials classs instead')
- ceilometer_config {
- 'service_credentials/auth_url' : value => $auth_url;
- 'service_credentials/region_name' : value => $auth_region;
- 'service_credentials/username' : value => $auth_user;
- 'service_credentials/password' : value => $auth_password, secret => true;
- 'service_credentials/project_name' : value => $auth_tenant_name;
- 'service_credentials/user_domain_name' : value => $auth_user_domain_name;
- 'service_credentials/project_domain_name': value => $auth_project_domain_name;
- 'service_credentials/auth_type' : value => $auth_type;
- }
+ include ceilometer::agent::service_credentials
+ # Since we use names instead of ids for keystone credentials in most of
+ # our modules, we'll just deprecated this feature and don't migrate this
+ # to the new service_credentials class.
if $auth_tenant_id {
ceilometer_config {
'service_credentials/project_id' : value => $auth_tenant_id;
}
}
-
- if $auth_endpoint_type {
- ceilometer_config {
- 'service_credentials/interface' : value => $auth_endpoint_type;
- }
- }
}
--- /dev/null
+# == Class: ceilometer::agent::service_credentials
+#
+# The ceilometer::agent::service_credentials class helps configure common
+# service credentials settings for the agents.
+#
+# === Parameters:
+#
+# [*auth_url*]
+# (Optional) the keystone public endpoint
+# Defaults to 'http://localhost:5000'.
+#
+# [*region_name*]
+# (Optional) the keystone region of this node
+# Defaults to $::os_service_default.
+#
+# [*username*]
+# (Optional) the keystone user for ceilometer services
+# Defaults to 'ceilometer'.
+#
+# [*password*]
+# (Required) the keystone password for ceilometer services
+#
+# [*project_name*]
+# (Optional) the keystone project name for ceilometer services
+# Defaults to 'services'.
+#
+# [*cafile*]
+# (Optional) Certificate chain for SSL validation.
+# Defaults to $::os_service_default.
+#
+# [*interface*]
+# (Optional) Type of endpoint in Identity service catalog to use for
+# communication with OpenStack services.
+# Defaults to $::os_service_default.
+#
+# [*user_domain_name*]
+# (Optional) domain name for auth user.
+# Defaults to 'Default'.
+#
+# [*project_domain_name*]
+# (Optional) domain name for auth project.
+# Defaults to 'Default'.
+#
+# [*auth_type*]
+# (Optional) Authentication type to load.
+# Defaults to 'password'.
+#
+class ceilometer::agent::service_credentials (
+ $password = false,
+ $auth_url = 'http://localhost:5000',
+ $region_name = $::os_service_default,
+ $username = 'ceilometer',
+ $project_name = 'services',
+ $cafile = $::os_service_default,
+ $interface = $::os_service_default,
+ $user_domain_name = 'Default',
+ $project_domain_name = 'Default',
+ $auth_type = 'password',
+) {
+
+ include ceilometer::deps
+
+ $password_real = pick($::ceilometer::agent::auth::auth_password, $password)
+ if ! $password_real {
+ fail('The password parameter is required')
+ }
+
+ $auth_url_real = pick($::ceilometer::agent::auth::auth_url, $auth_url)
+ $region_name_real = pick($::ceilometer::agent::auth::auth_region, $region_name)
+ $username_real = pick($::ceilometer::agent::auth::auth_user, $username)
+ $project_name_real = pick($::ceilometer::agent::auth::auth_tenant_name, $project_name)
+ $cafile_real = pick($::ceilometer::agent::auth::auth_cacert, $cafile)
+ $interface_real = pick($::ceilometer::agent::auth::auth_endpoint_type, $interface)
+ $user_domain_name_real = pick($::ceilometer::agent::auth::auth_user_domain_name, $user_domain_name)
+ $project_domain_name_real = pick($::ceilometer::agent::auth::auth_project_domain_name, $project_domain_name)
+ $auth_type_real = pick($::ceilometer::agent::auth::auth_type, $auth_type)
+
+ ceilometer_config {
+ 'service_credentials/auth_url' : value => $auth_url_real;
+ 'service_credentials/region_name' : value => $region_name_real;
+ 'service_credentials/username' : value => $username_real;
+ 'service_credentials/password' : value => $password_real, secret => true;
+ 'service_credentials/project_name' : value => $project_name_real;
+ 'service_credentials/cafile' : value => $cafile_real;
+ 'service_credentials/interface' : value => $interface_real;
+ 'service_credentials/user_domain_name' : value => $user_domain_name_real;
+ 'service_credentials/project_domain_name': value => $project_domain_name_real;
+ 'service_credentials/auth_type' : value => $auth_type_real;
+ }
+}
--- /dev/null
+---
+deprecations:
+ - |
+ The ``ceilometer::agent::auth`` class has been deprecated. Use the
+ ``ceilometer::agent::service_credentials`` class instead.
is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
- is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password')
- is_expected.to contain_ceilometer_config('service_credentials/password').with_value(params[:auth_password]).with_secret(true)
+ is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
- is_expected.to contain_ceilometer_config('service_credentials/cafile').with(:ensure => 'absent')
+ is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
--- /dev/null
+require 'spec_helper'
+
+describe 'ceilometer::agent::service_credentials' do
+
+ let :pre_condition do
+ "class { 'ceilometer': telemetry_secret => 's3cr3t' }"
+ end
+
+ let :params do
+ { :password => 'password' }
+ end
+
+ shared_examples_for 'ceilometer::agent::service_credentials' do
+
+ context 'wtih default values' do
+ it 'configures authentication' do
+ is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
+ is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
+ is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
+ is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
+ is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
+ is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('<SERVICE DEFAULT>')
+ is_expected.to contain_ceilometer_config('service_credentials/interface').with_value('<SERVICE DEFAULT>')
+ is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
+ is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
+ is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
+ end
+ end
+
+ context 'when overriding parameters' do
+ before do
+ params.merge!(
+ :auth_url => 'http://192.168.0.1:5000',
+ :region_name => 'regionOne',
+ :username => 'ceilometer2',
+ :project_name => 'services2',
+ :cafile => '/tmp/dummy.pem',
+ :interface => 'internalURL',
+ :auth_type => 'v3password',
+ :user_domain_name => 'MyDomain',
+ :project_domain_name => 'MyProjDomain',
+ )
+ end
+
+ it 'configures the specified values' do
+ is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://192.168.0.1:5000')
+ is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('regionOne')
+ is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer2')
+ is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
+ is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services2')
+ is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('/tmp/dummy.pem')
+ is_expected.to contain_ceilometer_config('service_credentials/interface').with_value('internalURL')
+ is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('MyDomain')
+ is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('MyProjDomain')
+ is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('v3password')
+ end
+ end
+
+ end
+
+ on_supported_os({
+ :supported_os => OSDefaults.get_supported_os
+ }).each do |os,facts|
+ context "on #{os}" do
+ let (:facts) do
+ facts.merge!(OSDefaults.get_facts())
+ end
+
+ it_behaves_like 'ceilometer::agent::service_credentials'
+ end
+ end
+
+end
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff