From: Takashi Kajinami <tkajinam@redhat.com>
Date: Tue, 16 Feb 2021 02:54:05 +0000 (+0900)
Subject: Use consistent names for service_credentials options
X-Git-Tag: 18.4.0~2^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=9a5323ad18b9bc0e15b514ea98449a3ea5d58b68;p=puppet-modules%2Fpuppet-ceilometer.git

Use consistent names for service_credentials options

This change renames ceilometer::agent::auth and its parameters to be
consistent with the section name and the parameter names in ceilometer
service. This allows operators more easily guess how the class and its
parameters correspond to the options in ceilometer.

Change-Id: I7ec7e5e36cad537117e8abb8fe0e67b8b8be48e9
---

diff --git a/manifests/agent/auth.pp b/manifests/agent/auth.pp
index a00f443..ea1bce2 100644
--- a/manifests/agent/auth.pp
+++ b/manifests/agent/auth.pp
@@ -1,5 +1,6 @@
 # == Class: ceilometer::agent::auth
 #
+# DEPRECATED !
 # The ceilometer::agent::auth class helps configure common
 # auth settings for the agents.
 #
@@ -7,22 +8,22 @@
 #
 # [*auth_url*]
 #   (Optional) the keystone public endpoint
-#   Defaults to 'http://localhost:5000'.
+#   Defaults to undef.
 #
 # [*auth_region*]
 #   (Optional) the keystone region of this node
-#   Defaults to $::os_service_default.
+#   Defaults to undef.
 #
 # [*auth_user*]
 #   (Optional) the keystone user for ceilometer services
-#   Defaults to 'ceilometer'.
+#   Defaults to undef.
 #
 # [*auth_password*]
 #   (Required) the keystone password for ceilometer services
 #
 # [*auth_tenant_name*]
 #   (Optional) the keystone tenant name for ceilometer services
-#   Defaults to 'services'.
+#   Defaults to undef.
 #
 # [*auth_tenant_id*]
 #   (Optional) the keystone tenant id for ceilometer services.
@@ -39,58 +40,43 @@
 #
 # [*auth_user_domain_name*]
 #   (Optional) domain name for auth user.
-#   Defaults to 'Default'.
+#   Defaults to undef.
 #
 # [*auth_project_domain_name*]
 #   (Optional) domain name for auth project.
-#   Defaults to 'Default'.
+#   Defaults to undef.
 #
 # [*auth_type*]
 #   (Optional) Authentication type to load.
-#   Defaults to 'password'.
+#   Defaults to undef.
 #
 class ceilometer::agent::auth (
   $auth_password,
-  $auth_url                 = 'http://localhost:5000',
-  $auth_region              = $::os_service_default,
-  $auth_user                = 'ceilometer',
-  $auth_tenant_name         = 'services',
+  $auth_url                 = undef,
+  $auth_region              = undef,
+  $auth_user                = undef,
+  $auth_tenant_name         = undef,
   $auth_tenant_id           = undef,
   $auth_cacert              = undef,
   $auth_endpoint_type       = undef,
-  $auth_user_domain_name    = 'Default',
-  $auth_project_domain_name = 'Default',
-  $auth_type                = 'password',
+  $auth_user_domain_name    = undef,
+  $auth_project_domain_name = undef,
+  $auth_type                = undef
 ) {
 
   include ceilometer::deps
 
-  if ! $auth_cacert {
-    ceilometer_config { 'service_credentials/cafile': ensure => absent }
-  } else {
-    ceilometer_config { 'service_credentials/cafile': value => $auth_cacert }
-  }
+  warning('The ceilometer::agent::auth class has been deprecated. \
+Use the ceilometer::agent::service_credentials classs instead')
 
-  ceilometer_config {
-    'service_credentials/auth_url'           : value => $auth_url;
-    'service_credentials/region_name'        : value => $auth_region;
-    'service_credentials/username'           : value => $auth_user;
-    'service_credentials/password'           : value => $auth_password, secret => true;
-    'service_credentials/project_name'       : value => $auth_tenant_name;
-    'service_credentials/user_domain_name'   : value => $auth_user_domain_name;
-    'service_credentials/project_domain_name': value => $auth_project_domain_name;
-    'service_credentials/auth_type'          : value => $auth_type;
-  }
+  include ceilometer::agent::service_credentials
 
+  # Since we use names instead of ids for keystone credentials in most of
+  # our modules, we'll just deprecated this feature and don't migrate this
+  # to the new service_credentials class.
   if $auth_tenant_id {
     ceilometer_config {
       'service_credentials/project_id' : value => $auth_tenant_id;
     }
   }
-
-  if $auth_endpoint_type {
-    ceilometer_config {
-      'service_credentials/interface' : value => $auth_endpoint_type;
-    }
-  }
 }
diff --git a/manifests/agent/service_credentials.pp b/manifests/agent/service_credentials.pp
new file mode 100644
index 0000000..5d3ed31
--- /dev/null
+++ b/manifests/agent/service_credentials.pp
@@ -0,0 +1,90 @@
+# == Class: ceilometer::agent::service_credentials
+#
+# The ceilometer::agent::service_credentials class helps configure common
+# service credentials settings for the agents.
+#
+# === Parameters:
+#
+# [*auth_url*]
+#   (Optional) the keystone public endpoint
+#   Defaults to 'http://localhost:5000'.
+#
+# [*region_name*]
+#   (Optional) the keystone region of this node
+#   Defaults to $::os_service_default.
+#
+# [*username*]
+#   (Optional) the keystone user for ceilometer services
+#   Defaults to 'ceilometer'.
+#
+# [*password*]
+#   (Required) the keystone password for ceilometer services
+#
+# [*project_name*]
+#   (Optional) the keystone project name for ceilometer services
+#   Defaults to 'services'.
+#
+# [*cafile*]
+#   (Optional) Certificate chain for SSL validation.
+#   Defaults to $::os_service_default.
+#
+# [*interface*]
+#   (Optional) Type of endpoint in Identity service catalog to use for
+#   communication with OpenStack services.
+#   Defaults to $::os_service_default.
+#
+# [*user_domain_name*]
+#   (Optional) domain name for auth user.
+#   Defaults to 'Default'.
+#
+# [*project_domain_name*]
+#   (Optional) domain name for auth project.
+#   Defaults to 'Default'.
+#
+# [*auth_type*]
+#   (Optional) Authentication type to load.
+#   Defaults to 'password'.
+#
+class ceilometer::agent::service_credentials (
+  $password            = false,
+  $auth_url            = 'http://localhost:5000',
+  $region_name         = $::os_service_default,
+  $username            = 'ceilometer',
+  $project_name        = 'services',
+  $cafile              = $::os_service_default,
+  $interface           = $::os_service_default,
+  $user_domain_name    = 'Default',
+  $project_domain_name = 'Default',
+  $auth_type           = 'password',
+) {
+
+  include ceilometer::deps
+
+  $password_real = pick($::ceilometer::agent::auth::auth_password, $password)
+  if ! $password_real {
+    fail('The password parameter is required')
+  }
+
+  $auth_url_real = pick($::ceilometer::agent::auth::auth_url, $auth_url)
+  $region_name_real = pick($::ceilometer::agent::auth::auth_region, $region_name)
+  $username_real = pick($::ceilometer::agent::auth::auth_user, $username)
+  $project_name_real = pick($::ceilometer::agent::auth::auth_tenant_name, $project_name)
+  $cafile_real = pick($::ceilometer::agent::auth::auth_cacert, $cafile)
+  $interface_real = pick($::ceilometer::agent::auth::auth_endpoint_type, $interface)
+  $user_domain_name_real = pick($::ceilometer::agent::auth::auth_user_domain_name, $user_domain_name)
+  $project_domain_name_real = pick($::ceilometer::agent::auth::auth_project_domain_name, $project_domain_name)
+  $auth_type_real = pick($::ceilometer::agent::auth::auth_type, $auth_type)
+
+  ceilometer_config {
+    'service_credentials/auth_url'           : value => $auth_url_real;
+    'service_credentials/region_name'        : value => $region_name_real;
+    'service_credentials/username'           : value => $username_real;
+    'service_credentials/password'           : value => $password_real, secret => true;
+    'service_credentials/project_name'       : value => $project_name_real;
+    'service_credentials/cafile'             : value => $cafile_real;
+    'service_credentials/interface'          : value => $interface_real;
+    'service_credentials/user_domain_name'   : value => $user_domain_name_real;
+    'service_credentials/project_domain_name': value => $project_domain_name_real;
+    'service_credentials/auth_type'          : value => $auth_type_real;
+  }
+}
diff --git a/releasenotes/notes/service_credentials-c8bf6bbf763bc08e.yaml b/releasenotes/notes/service_credentials-c8bf6bbf763bc08e.yaml
new file mode 100644
index 0000000..6d3a3ce
--- /dev/null
+++ b/releasenotes/notes/service_credentials-c8bf6bbf763bc08e.yaml
@@ -0,0 +1,5 @@
+---
+deprecations:
+  - |
+    The ``ceilometer::agent::auth`` class has been deprecated. Use the
+    ``ceilometer::agent::service_credentials`` class instead.
diff --git a/spec/classes/ceilometer_agent_auth_spec.rb b/spec/classes/ceilometer_agent_auth_spec.rb
index 71ccaec..9a97a30 100644
--- a/spec/classes/ceilometer_agent_auth_spec.rb
+++ b/spec/classes/ceilometer_agent_auth_spec.rb
@@ -21,10 +21,9 @@ describe 'ceilometer::agent::auth' do
       is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
       is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
       is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
-      is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password')
-      is_expected.to contain_ceilometer_config('service_credentials/password').with_value(params[:auth_password]).with_secret(true)
+      is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
       is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
-      is_expected.to contain_ceilometer_config('service_credentials/cafile').with(:ensure => 'absent')
+      is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('<SERVICE DEFAULT>')
       is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
       is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
       is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
diff --git a/spec/classes/ceilometer_agent_service_credentials_spec.rb b/spec/classes/ceilometer_agent_service_credentials_spec.rb
new file mode 100644
index 0000000..4a20621
--- /dev/null
+++ b/spec/classes/ceilometer_agent_service_credentials_spec.rb
@@ -0,0 +1,73 @@
+require 'spec_helper'
+
+describe 'ceilometer::agent::service_credentials' do
+
+  let :pre_condition do
+    "class { 'ceilometer': telemetry_secret => 's3cr3t' }"
+  end
+
+  let :params do
+    { :password => 'password' }
+  end
+
+  shared_examples_for 'ceilometer::agent::service_credentials' do
+
+    context 'wtih default values' do
+      it 'configures authentication' do
+        is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://localhost:5000')
+        is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer')
+        is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
+        is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services')
+        is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_ceilometer_config('service_credentials/interface').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('Default')
+        is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('Default')
+        is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('password')
+      end
+    end
+
+    context 'when overriding parameters' do
+      before do
+        params.merge!(
+          :auth_url            => 'http://192.168.0.1:5000',
+          :region_name         => 'regionOne',
+          :username            => 'ceilometer2',
+          :project_name        => 'services2',
+          :cafile              => '/tmp/dummy.pem',
+          :interface           => 'internalURL',
+          :auth_type           => 'v3password',
+          :user_domain_name    => 'MyDomain',
+          :project_domain_name => 'MyProjDomain',
+        )
+      end
+
+      it 'configures the specified values' do
+        is_expected.to contain_ceilometer_config('service_credentials/auth_url').with_value('http://192.168.0.1:5000')
+        is_expected.to contain_ceilometer_config('service_credentials/region_name').with_value('regionOne')
+        is_expected.to contain_ceilometer_config('service_credentials/username').with_value('ceilometer2')
+        is_expected.to contain_ceilometer_config('service_credentials/password').with_value('password').with_secret(true)
+        is_expected.to contain_ceilometer_config('service_credentials/project_name').with_value('services2')
+        is_expected.to contain_ceilometer_config('service_credentials/cafile').with_value('/tmp/dummy.pem')
+        is_expected.to contain_ceilometer_config('service_credentials/interface').with_value('internalURL')
+        is_expected.to contain_ceilometer_config('service_credentials/user_domain_name').with_value('MyDomain')
+        is_expected.to contain_ceilometer_config('service_credentials/project_domain_name').with_value('MyProjDomain')
+        is_expected.to contain_ceilometer_config('service_credentials/auth_type').with_value('v3password')
+      end
+    end
+
+  end
+
+  on_supported_os({
+    :supported_os => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'ceilometer::agent::service_credentials'
+    end
+  end
+
+end