+++ /dev/null
-# == Class: ceilometer::agent::auth
-#
-# DEPRECATED !
-# The ceilometer::agent::auth class helps configure common
-# auth settings for the agents.
-#
-# === Parameters:
-#
-# [*auth_url*]
-# (Optional) the keystone public endpoint
-# Defaults to undef.
-#
-# [*auth_region*]
-# (Optional) the keystone region of this node
-# Defaults to undef.
-#
-# [*auth_user*]
-# (Optional) the keystone user for ceilometer services
-# Defaults to undef.
-#
-# [*auth_password*]
-# (Required) the keystone password for ceilometer services
-#
-# [*auth_tenant_name*]
-# (Optional) the keystone tenant name for ceilometer services
-# Defaults to undef.
-#
-# [*auth_tenant_id*]
-# (Optional) the keystone tenant id for ceilometer services.
-# Defaults to undef.
-#
-# [*auth_cacert*]
-# (Optional) Certificate chain for SSL validation.
-# Defaults to 'None'.
-#
-# [*auth_endpoint_type*]
-# (Optional) Type of endpoint in Identity service catalog to use for
-# communication with OpenStack services.
-# Defaults to undef.
-#
-# [*auth_user_domain_name*]
-# (Optional) domain name for auth user.
-# Defaults to undef.
-#
-# [*auth_project_domain_name*]
-# (Optional) domain name for auth project.
-# Defaults to undef.
-#
-# [*auth_type*]
-# (Optional) Authentication type to load.
-# Defaults to undef.
-#
-class ceilometer::agent::auth (
- $auth_password,
- $auth_url = undef,
- $auth_region = undef,
- $auth_user = undef,
- $auth_tenant_name = undef,
- $auth_tenant_id = undef,
- $auth_cacert = undef,
- $auth_endpoint_type = undef,
- $auth_user_domain_name = undef,
- $auth_project_domain_name = undef,
- $auth_type = undef
-) {
-
- include ceilometer::deps
-
- warning('The ceilometer::agent::auth class has been deprecated. \
-Use the ceilometer::agent::service_credentials classs instead')
-
- include ceilometer::agent::service_credentials
-
- # Since we use names instead of ids for keystone credentials in most of
- # our modules, we'll just deprecated this feature and don't migrate this
- # to the new service_credentials class.
- if $auth_tenant_id {
- ceilometer_config {
- 'service_credentials/project_id' : value => $auth_tenant_id;
- }
- }
-}
#
# === Parameters:
#
+# [*password*]
+# (Required) the keystone password for ceilometer services
+#
# [*auth_url*]
# (Optional) the keystone public endpoint
# Defaults to 'http://localhost:5000'.
# (Optional) the keystone user for ceilometer services
# Defaults to 'ceilometer'.
#
-# [*password*]
-# (Required) the keystone password for ceilometer services
-#
# [*project_name*]
# (Optional) the keystone project name for ceilometer services
# Defaults to 'services'.
# Defaults to 'password'.
#
class ceilometer::agent::service_credentials (
- $password = false,
+ $password,
$auth_url = 'http://localhost:5000',
$region_name = $::os_service_default,
$username = 'ceilometer',
include ceilometer::deps
- $password_real = pick($::ceilometer::agent::auth::auth_password, $password)
- if ! $password_real {
- fail('The password parameter is required')
- }
-
- $auth_url_real = pick($::ceilometer::agent::auth::auth_url, $auth_url)
- $region_name_real = pick($::ceilometer::agent::auth::auth_region, $region_name)
- $username_real = pick($::ceilometer::agent::auth::auth_user, $username)
- $project_name_real = pick($::ceilometer::agent::auth::auth_tenant_name, $project_name)
- $cafile_real = pick($::ceilometer::agent::auth::auth_cacert, $cafile)
- $interface_real = pick($::ceilometer::agent::auth::auth_endpoint_type, $interface)
- $user_domain_name_real = pick($::ceilometer::agent::auth::auth_user_domain_name, $user_domain_name)
- $project_domain_name_real = pick($::ceilometer::agent::auth::auth_project_domain_name, $project_domain_name)
- $auth_type_real = pick($::ceilometer::agent::auth::auth_type, $auth_type)
-
ceilometer_config {
- 'service_credentials/auth_url' : value => $auth_url_real;
- 'service_credentials/region_name' : value => $region_name_real;
- 'service_credentials/username' : value => $username_real;
- 'service_credentials/password' : value => $password_real, secret => true;
- 'service_credentials/project_name' : value => $project_name_real;
- 'service_credentials/cafile' : value => $cafile_real;
- 'service_credentials/interface' : value => $interface_real;
- 'service_credentials/user_domain_name' : value => $user_domain_name_real;
- 'service_credentials/project_domain_name': value => $project_domain_name_real;
- 'service_credentials/auth_type' : value => $auth_type_real;
+ 'service_credentials/auth_url' : value => $auth_url;
+ 'service_credentials/region_name' : value => $region_name;
+ 'service_credentials/username' : value => $username;
+ 'service_credentials/password' : value => $password, secret => true;
+ 'service_credentials/project_name' : value => $project_name;
+ 'service_credentials/cafile' : value => $cafile;
+ 'service_credentials/interface' : value => $interface;
+ 'service_credentials/user_domain_name' : value => $user_domain_name;
+ 'service_credentials/project_domain_name': value => $project_domain_name;
+ 'service_credentials/auth_type' : value => $auth_type;
}
}
--- /dev/null
+---
+upgrade:
+ - |
+ The deprecated ``ceilometer::agent::auth`` class has been removed. Use
+ the ``ceilometer::agent::service_credentials`` class instead.
+++ /dev/null
-require 'spec_helper'
-
-describe 'ceilometer::agent::auth' do
-
- let :pre_condition do
- "class { 'ceilometer': telemetry_secret => 's3cr3t' }"
- end
-
- let :params do
- { :auth_url => 'http://localhost:5000',
- :auth_region => '<SERVICE DEFAULT>',
- :auth_user => 'ceilometer',
- :auth_password => 'password',
- :auth_tenant_name => 'services',
- }
- end
-
- shared_examples_for 'ceilometer-agent-auth' do
-
- it 'configures authentication' do
- is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
- is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
- is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
- is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
- is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
- is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('<SERVICE DEFAULT>')
- is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
- is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
- is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
- end
-
- context 'when overriding parameters' do
- before do
- params.merge!(
- :auth_cacert => '/tmp/dummy.pem',
- :auth_endpoint_type => 'internalURL',
- :auth_type => 'password',
- :auth_user_domain_name => 'MyDomain',
- :auth_project_domain_name => 'MyProjDomain',
- )
- end
- it { is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value(params[:auth_cacert]) }
- it { is_expected.to contain_ceilometer_config('service_credentials/interface').with_value(params[:auth_endpoint_type]) }
- it { is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value(params[:auth_user_domain_name]) }
- it { is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value(params[:auth_project_domain_name]) }
- it { is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value(params[:auth_type]) }
- end
-
- end
-
- on_supported_os({
- :supported_os => OSDefaults.get_supported_os
- }).each do |os,facts|
- context "on #{os}" do
- let (:facts) do
- facts.merge!(OSDefaults.get_facts())
- end
-
- it_behaves_like 'ceilometer-agent-auth'
- end
- end
-
-end
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff