From ff76bd223dadaf0dc1f8272a26c13ee8662c86a3 Mon Sep 17 00:00:00 2001 From: Lukas Bezdicka Date: Mon, 11 May 2015 12:48:53 +0200 Subject: [PATCH] Update keystone to edf8c3e1753b5ad0eaf982f5932ce61c55a987bd edf8c3e1753b5ad0eaf982f5932ce61c55a987bd Merge "Only declare openstackclient class if updating version" 8a422583bf8167c18995d309b2f865b529a878cc Merge "Fix spec tests for RSpec 3.x and Puppet 4.x" e1bba1c44538ac5050f720d4791028fb1b4ec352 Only declare openstackclient class if updating version 72d78202ea433fe519776a4f99fa30a74e294ac5 Merge "Add native types for keystone paste configuration" 2d48f32bb1ce321d9e1ba34047e6229faf0d1255 Merge "Set WSGI process display-name" 918801754bfdc8539dd5c880d8131939b99a708b Merge "Beaker tests" 15deb08f5c2a4ff56dda977e2a1479fb2edc601d Merge "Support notification_format" 7e4085b70f8f79d1014cfe384a070c9d35c2ffe2 Beaker tests 3ab8faf6a1acfbf827296f41bd2e22b7f8071350 Fix spec tests for RSpec 3.x and Puppet 4.x d7aa157e5eebf75001f22bab29d24a480437e4fa Bump rspec-puppet to 2.1.0 098d349d0ac0e167b4c4beba05108c29c8dac3db Merge "MySQL: change default MySQL collate to utf8_general_ci" 1e4ede1730adb3df58de869afc180cb0eed88916 MySQL: change default MySQL collate to utf8_general_ci dec3a56696e284177b58a68f16125edbfc43951f Merge "LDAP: add support to configure credential driver" 9acb9468fc2d54e18d678fcd4cf84f35bd872a53 Support notification_format 120b20bf07722fc8218e646af19724716311e46c LDAP: add support to configure credential driver 7108a6e64f8e3c2c7586ce74b6af686dc16c6a28 Set WSGI process display-name 1699792a23b86d6b50ca21d7e57871d71b6a29c6 Add native types for keystone paste configuration Change-Id: I114b4a097b0180a6883a22bc50903748795066ab --- Puppetfile | 2 +- keystone/Gemfile | 3 +- keystone/README.md | 12 +++ .../keystone_paste_ini/ini_setting.rb | 27 +++++++ .../lib/puppet/type/keystone_paste_ini.rb | 43 ++++++++++ keystone/manifests/db/mysql.pp | 4 +- keystone/manifests/init.pp | 18 ++++- keystone/manifests/ldap.pp | 12 +++ keystone/manifests/wsgi/apache.pp | 24 ++++-- .../spec/acceptance/basic_keystone_spec.rb | 78 +++++++++++++++++++ keystone/spec/acceptance/nodesets/default.yml | 9 +++ .../spec/acceptance/nodesets/nodepool.yml | 9 +++ .../spec/classes/keystone_db_mysql_spec.rb | 3 +- keystone/spec/classes/keystone_ldap_spec.rb | 6 +- keystone/spec/classes/keystone_spec.rb | 7 +- .../spec/classes/keystone_wsgi_apache_spec.rb | 35 +++++++++ ...keystone_resource_service_identity_spec.rb | 2 +- keystone/spec/spec_helper_acceptance.rb | 46 +++++++++++ .../keystone_paste_ini/ini_setting_spec.rb | 29 +++++++ keystone/spec/unit/provider/keystone_spec.rb | 18 ++--- .../spec/unit/type/keystone_paste_ini_spec.rb | 23 ++++++ 21 files changed, 382 insertions(+), 28 deletions(-) create mode 100644 keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb create mode 100644 keystone/lib/puppet/type/keystone_paste_ini.rb create mode 100644 keystone/spec/acceptance/basic_keystone_spec.rb create mode 100644 keystone/spec/acceptance/nodesets/default.yml create mode 100644 keystone/spec/acceptance/nodesets/nodepool.yml create mode 100644 keystone/spec/spec_helper_acceptance.rb create mode 100644 keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb create mode 100644 keystone/spec/unit/type/keystone_paste_ini_spec.rb diff --git a/Puppetfile b/Puppetfile index d93f9055d..d61c7b979 100644 --- a/Puppetfile +++ b/Puppetfile @@ -83,7 +83,7 @@ mod 'keepalived', :git => 'https://github.com/Unyonsys/puppet-module-keepalived.git' mod 'keystone', - :commit => 'c1f5e5159f2bae6003a535c8ce3070d8cfb7f089', + :commit => 'edf8c3e1753b5ad0eaf982f5932ce61c55a987bd', :git => 'https://github.com/stackforge/puppet-keystone.git' mod 'manila', diff --git a/keystone/Gemfile b/keystone/Gemfile index b0b2d45ff..519db4b6f 100644 --- a/keystone/Gemfile +++ b/keystone/Gemfile @@ -2,7 +2,7 @@ source 'https://rubygems.org' group :development, :test do gem 'puppetlabs_spec_helper', :require => false - gem 'rspec-puppet', '~> 2.0.0', :require => false + gem 'rspec-puppet', '~> 2.1.0', :require => false gem 'metadata-json-lint' gem 'puppet-lint-param-docs' @@ -18,6 +18,7 @@ group :development, :test do gem 'json' gem 'webmock' + gem 'beaker-rspec', '~> 2.2.4', :require => false end if puppetversion = ENV['PUPPET_GEM_VERSION'] diff --git a/keystone/README.md b/keystone/README.md index 316b4b1ba..f72a72d23 100644 --- a/keystone/README.md +++ b/keystone/README.md @@ -148,6 +148,18 @@ Limitations * If you've setup Openstack using previous versions of this module you need to be aware that it used UUID as the dedault to the token_format parameter but now defaults to PKI. If you're using this module to manage a Grizzly Openstack deployment that was set up using a development release of the modules or are attempting an upgrade from Folsom then you'll need to make sure you set the token_format to UUID at classification time. +Beaker-Rspec +------------ + +This module has beaker-rspec tests + +To run: + +``shell +bundle install +bundle exec rspec spec/acceptance +`` + Development ----------- diff --git a/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb b/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb new file mode 100644 index 000000000..23a47af65 --- /dev/null +++ b/keystone/lib/puppet/provider/keystone_paste_ini/ini_setting.rb @@ -0,0 +1,27 @@ +Puppet::Type.type(:keystone_paste_ini).provide( + :ini_setting, + :parent => Puppet::Type.type(:ini_setting).provider(:ruby) +) do + + def section + resource[:name].split('/', 2).first + end + + def setting + resource[:name].split('/', 2).last + end + + def separator + '=' + end + + def self.file_path + '/etc/keystone/keystone-paste.ini' + end + + # this needs to be removed. This has been replaced with the class method + def file_path + self.class.file_path + end + +end diff --git a/keystone/lib/puppet/type/keystone_paste_ini.rb b/keystone/lib/puppet/type/keystone_paste_ini.rb new file mode 100644 index 000000000..e315a9570 --- /dev/null +++ b/keystone/lib/puppet/type/keystone_paste_ini.rb @@ -0,0 +1,43 @@ +Puppet::Type.newtype(:keystone_paste_ini) do + + ensurable + + newparam(:name, :namevar => true) do + desc 'Section/setting name to manage from keystone/keystone-paste.ini' + newvalues(/\S+\/\S+/) + end + + newproperty(:value) do + desc 'The value of the setting to be defined.' + munge do |value| + value = value.to_s.strip + value.capitalize! if value =~ /^(true|false)$/i + value + end + + def is_to_s( currentvalue ) + if resource.secret? + return '[old secret redacted]' + else + return currentvalue + end + end + + def should_to_s( newvalue ) + if resource.secret? + return '[new secret redacted]' + else + return newvalue + end + end + end + + newparam(:secret, :boolean => true) do + desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' + + newvalues(:true, :false) + + defaultto false + end + +end diff --git a/keystone/manifests/db/mysql.pp b/keystone/manifests/db/mysql.pp index 7baef9415..dc94896cd 100644 --- a/keystone/manifests/db/mysql.pp +++ b/keystone/manifests/db/mysql.pp @@ -32,7 +32,7 @@ # [*collate*] # (Optional) The database collate. # Only used with mysql modules >= 2.2. -# Defaults to 'utf8_unicode_ci' +# Defaults to 'utf8_general_ci' # # === Deprecated Parameters # @@ -57,7 +57,7 @@ $user = 'keystone', $host = '127.0.0.1', $charset = 'utf8', - $collate = 'utf8_unicode_ci', + $collate = 'utf8_general_ci', $mysql_module = undef, $allowed_hosts = undef ) { diff --git a/keystone/manifests/init.pp b/keystone/manifests/init.pp index 4750e165d..20fbb7abc 100644 --- a/keystone/manifests/init.pp +++ b/keystone/manifests/init.pp @@ -211,6 +211,10 @@ # (optional) AMQP topics to publish to when using the RPC notification driver. # Default to false. # +# [*notification_format*] +# Format for the notifications. Valid values are 'basic' and 'cadf'. +# Default to undef +# # [*control_exchange*] # (optional) AMQP exchange to connect to if using RabbitMQ or Qpid # Default to false. @@ -431,6 +435,7 @@ $kombu_ssl_version = 'TLSv1', $notification_driver = false, $notification_topics = false, + $notification_format = undef, $control_exchange = false, $validate_service = false, $validate_insecure = false, @@ -486,8 +491,12 @@ name => $::keystone::params::package_name, tag => 'openstack', } - class { '::openstacklib::openstackclient': - package_ensure => $client_package_ensure, + if $client_package_ensure == 'present' { + include '::openstacklib::openstackclient' + } else { + class { '::openstacklib::openstackclient': + package_ensure => $client_package_ensure, + } } group { 'keystone': @@ -714,6 +723,11 @@ } else { keystone_config { 'DEFAULT/notification_topics': ensure => absent } } + if $notification_format { + keystone_config { 'DEFAULT/notification_format': value => $notification_format } + } else { + keystone_config { 'DEFAULT/notification_format': ensure => absent } + } if $control_exchange { keystone_config { 'DEFAULT/control_exchange': value => $control_exchange } } else { diff --git a/keystone/manifests/ldap.pp b/keystone/manifests/ldap.pp index 33ff97785..05428e971 100644 --- a/keystone/manifests/ldap.pp +++ b/keystone/manifests/ldap.pp @@ -311,6 +311,10 @@ # == class: keystone::ldap # Identity backend driver. (string value) # Defaults to 'undef' # +# [*credential_driver*] +# Credential backend driver. (string value) +# Defaults to 'undef' +# # [*assignment_driver*] # Assignment backend driver. (string value) # Defaults to 'undef' @@ -469,6 +473,7 @@ # == class: keystone::ldap $tls_req_cert = undef, $identity_driver = undef, $assignment_driver = undef, + $credential_driver = undef, $use_pool = false, $pool_size = 10, $pool_retry_max = 3, @@ -677,6 +682,12 @@ # == class: keystone::ldap } } + if ($credential_driver != undef) { + if ! ($credential_driver =~ /^keystone.credential.backends.*Credential$/) { + fail('credential driver should be of the form \'keystone.credential.backends.*Credential\'') + } + } + if ($tls_cacertdir != undef) { file { $tls_cacertdir: ensure => directory @@ -762,6 +773,7 @@ # == class: keystone::ldap 'ldap/auth_pool_size': value => $auth_pool_size; 'ldap/auth_pool_connection_lifetime': value => $auth_pool_connection_lifetime; 'identity/driver': value => $identity_driver; + 'credential/driver': value => $credential_driver; 'assignment/driver': value => $assignment_driver; } } diff --git a/keystone/manifests/wsgi/apache.pp b/keystone/manifests/wsgi/apache.pp index aa45db453..165e399e9 100644 --- a/keystone/manifests/wsgi/apache.pp +++ b/keystone/manifests/wsgi/apache.pp @@ -181,12 +181,22 @@ require => [File[$::keystone::params::keystone_wsgi_script_path], Package['keystone']], } - $wsgi_daemon_process_options = { - user => 'keystone', - group => 'keystone', - processes => $workers, - threads => $threads, + $wsgi_daemon_process_options_main = { + user => 'keystone', + group => 'keystone', + processes => $workers, + threads => $threads, + display-name => 'keystone-main', } + + $wsgi_daemon_process_options_admin = { + user => 'keystone', + group => 'keystone', + processes => $workers, + threads => $threads, + display-name => 'keystone-admin', + } + $wsgi_script_aliases_main = hash([$public_path_real,"${::keystone::params::keystone_wsgi_script_path}/main"]) $wsgi_script_aliases_admin = hash([$admin_path_real, "${::keystone::params::keystone_wsgi_script_path}/admin"]) @@ -214,7 +224,7 @@ ssl_crl => $ssl_crl, ssl_certs_dir => $ssl_certs_dir, wsgi_daemon_process => 'keystone_main', - wsgi_daemon_process_options => $wsgi_daemon_process_options, + wsgi_daemon_process_options => $wsgi_daemon_process_options_main, wsgi_process_group => 'keystone_main', wsgi_script_aliases => $wsgi_script_aliases_main_real, require => File['keystone_wsgi_main'], @@ -239,7 +249,7 @@ ssl_crl => $ssl_crl, ssl_certs_dir => $ssl_certs_dir, wsgi_daemon_process => 'keystone_admin', - wsgi_daemon_process_options => $wsgi_daemon_process_options, + wsgi_daemon_process_options => $wsgi_daemon_process_options_admin, wsgi_process_group => 'keystone_admin', wsgi_script_aliases => $wsgi_script_aliases_admin, require => File['keystone_wsgi_admin'], diff --git a/keystone/spec/acceptance/basic_keystone_spec.rb b/keystone/spec/acceptance/basic_keystone_spec.rb new file mode 100644 index 000000000..069ea67a2 --- /dev/null +++ b/keystone/spec/acceptance/basic_keystone_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper_acceptance' + +describe 'basic keystone server with resources' do + + context 'default parameters' do + + it 'should work with no errors' do + pp= <<-EOS + Exec { logoutput => 'on_failure' } + + # Common resources + include ::apt + # some packages are not autoupgraded in trusty. + # it will be fixed in liberty, but broken in kilo. + $need_to_be_upgraded = ['python-tz', 'python-pbr'] + apt::source { 'trusty-updates-kilo': + location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu/', + release => 'trusty-updates', + required_packages => 'ubuntu-cloud-keyring', + repos => 'kilo/main', + trusted_source => true, + } -> + package { $need_to_be_upgraded: + ensure => latest, + } + class { '::mysql::server': } + + # Keystone resources + class { '::keystone::client': } + class { '::keystone::cron::token_flush': } + class { '::keystone::db::mysql': + password => 'keystone', + } + class { '::keystone': + verbose => true, + debug => true, + database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', + admin_token => 'admin_token', + enabled => true, + } + class { '::keystone::roles::admin': + email => 'test@example.tld', + password => 'a_big_secret', + } + class { '::keystone::endpoint': + public_url => "https://${::fqdn}:5000/", + admin_url => "https://${::fqdn}:35357/", + } + ::keystone::resource::service_identity { 'beaker-ci': + service_type => 'beaker', + service_description => 'beaker service', + service_name => 'beaker', + public_url => 'http://127.0.0.1:1234', + admin_url => 'http://127.0.0.1:1234', + internal_url => 'http://127.0.0.1:1234', + } + EOS + + + # Run it twice and test for idempotency + apply_manifest(pp, :catch_failures => true) + apply_manifest(pp, :catch_changes => true) + end + + describe port(5000) do + it { is_expected.to be_listening.with('tcp') } + end + + describe port(35357) do + it { is_expected.to be_listening.with('tcp') } + end + + describe cron do + it { should have_entry('1 0 * * * keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1').with_user('keystone') } + end + + end +end diff --git a/keystone/spec/acceptance/nodesets/default.yml b/keystone/spec/acceptance/nodesets/default.yml new file mode 100644 index 000000000..a2c1ecc63 --- /dev/null +++ b/keystone/spec/acceptance/nodesets/default.yml @@ -0,0 +1,9 @@ +HOSTS: + ubuntu-14.04-amd64: + roles: + - master + platform: ubuntu-14.04-amd64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/keystone/spec/acceptance/nodesets/nodepool.yml b/keystone/spec/acceptance/nodesets/nodepool.yml new file mode 100644 index 000000000..a2c1ecc63 --- /dev/null +++ b/keystone/spec/acceptance/nodesets/nodepool.yml @@ -0,0 +1,9 @@ +HOSTS: + ubuntu-14.04-amd64: + roles: + - master + platform: ubuntu-14.04-amd64 + hypervisor : none + ip: 127.0.0.1 +CONFIG: + type: foss diff --git a/keystone/spec/classes/keystone_db_mysql_spec.rb b/keystone/spec/classes/keystone_db_mysql_spec.rb index 2b4698dd4..f032aa99f 100644 --- a/keystone/spec/classes/keystone_db_mysql_spec.rb +++ b/keystone/spec/classes/keystone_db_mysql_spec.rb @@ -25,7 +25,8 @@ 'password_hash' => '*B552157B14BCEDDCEAA06767A012F31BDAA9CE3D', 'dbname' => 'keystone', 'host' => '127.0.0.1', - 'charset' => 'utf8' + 'charset' => 'utf8', + :collate => 'utf8_general_ci', )} end diff --git a/keystone/spec/classes/keystone_ldap_spec.rb b/keystone/spec/classes/keystone_ldap_spec.rb index 966ca6af7..0d36624c4 100644 --- a/keystone/spec/classes/keystone_ldap_spec.rb +++ b/keystone/spec/classes/keystone_ldap_spec.rb @@ -73,6 +73,7 @@ :tls_cacertfile => '/etc/ssl/certs/ca-certificates.crt', :tls_req_cert => 'demand', :identity_driver => 'keystone.identity.backends.ldap.Identity', + :credential_driver => 'keystone.credential.backends.ldap.Credential', :assignment_driver => 'keystone.assignment.backends.ldap.Assignment', :use_pool => 'True', :pool_size => 20, @@ -182,6 +183,7 @@ # drivers is_expected.to contain_keystone_config('identity/driver').with_value('keystone.identity.backends.ldap.Identity') + is_expected.to contain_keystone_config('credential/driver').with_value('keystone.credential.backends.ldap.Credential') is_expected.to contain_keystone_config('assignment/driver').with_value('keystone.assignment.backends.ldap.Assignment') end end @@ -209,7 +211,7 @@ end it 'should work with deprecated params' do is_expected.to contain_keystone_config('ldap/project_tree_dn').with_value('ou=projects,ou=openstack,dc=example,dc=com') - is_expected.to contain_keystone_config('ldap/project_filter').with_value(nil) + is_expected.to contain_keystone_config('ldap/project_filter') is_expected.to contain_keystone_config('ldap/project_objectclass').with_value('organizationalUnit') is_expected.to contain_keystone_config('ldap/project_id_attribute').with_value('ou') is_expected.to contain_keystone_config('ldap/project_member_attribute').with_value('member') @@ -217,7 +219,7 @@ is_expected.to contain_keystone_config('ldap/project_name_attribute').with_value('ou') is_expected.to contain_keystone_config('ldap/project_enabled_attribute').with_value('enabled') is_expected.to contain_keystone_config('ldap/project_domain_id_attribute').with_value('businessCategory') - is_expected.to contain_keystone_config('ldap/project_attribute_ignore').with_value(nil) + is_expected.to contain_keystone_config('ldap/project_attribute_ignore') is_expected.to contain_keystone_config('ldap/project_allow_create').with_value('True') is_expected.to contain_keystone_config('ldap/project_allow_update').with_value('True') is_expected.to contain_keystone_config('ldap/project_allow_delete').with_value('True') diff --git a/keystone/spec/classes/keystone_spec.rb b/keystone/spec/classes/keystone_spec.rb index fe2c0033d..44b9eee53 100644 --- a/keystone/spec/classes/keystone_spec.rb +++ b/keystone/spec/classes/keystone_spec.rb @@ -611,8 +611,9 @@ end it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value(nil) } - it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_vaule(nil) } - it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_vaule(nil) } + it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value(nil) } + it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value(nil) } + it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value(nil) } end describe 'with RabbitMQ communication SSLed' do @@ -668,12 +669,14 @@ default_params.merge({ :notification_driver => 'keystone.openstack.common.notifier.rpc_notifier', :notification_topics => 'notifications', + :notification_format => 'cadf', :control_exchange => 'keystone' }) end it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value('keystone.openstack.common.notifier.rpc_notifier') } it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value('notifications') } + it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('cadf') } it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('keystone') } end diff --git a/keystone/spec/classes/keystone_wsgi_apache_spec.rb b/keystone/spec/classes/keystone_wsgi_apache_spec.rb index 7b8da08d6..0612b9424 100644 --- a/keystone/spec/classes/keystone_wsgi_apache_spec.rb +++ b/keystone/spec/classes/keystone_wsgi_apache_spec.rb @@ -61,6 +61,13 @@ 'docroot_group' => 'keystone', 'ssl' => 'true', 'wsgi_daemon_process' => 'keystone_admin', + 'wsgi_daemon_process_options' => { + 'user' => 'keystone', + 'group' => 'keystone', + 'processes' => '1', + 'threads' => '42', + 'display-name' => 'keystone-admin', + }, 'wsgi_process_group' => 'keystone_admin', 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/admin" }, 'require' => 'File[keystone_wsgi_admin]' @@ -75,6 +82,13 @@ 'docroot_group' => 'keystone', 'ssl' => 'true', 'wsgi_daemon_process' => 'keystone_main', + 'wsgi_daemon_process_options' => { + 'user' => 'keystone', + 'group' => 'keystone', + 'processes' => '1', + 'threads' => '42', + 'display-name' => 'keystone-main', + }, 'wsgi_process_group' => 'keystone_main', 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" }, 'require' => 'File[keystone_wsgi_main]' @@ -103,6 +117,13 @@ 'docroot_group' => 'keystone', 'ssl' => 'false', 'wsgi_daemon_process' => 'keystone_admin', + 'wsgi_daemon_process_options' => { + 'user' => 'keystone', + 'group' => 'keystone', + 'processes' => '37', + 'threads' => '42', + 'display-name' => 'keystone-admin', + }, 'wsgi_process_group' => 'keystone_admin', 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/admin" }, 'require' => 'File[keystone_wsgi_admin]' @@ -117,6 +138,13 @@ 'docroot_group' => 'keystone', 'ssl' => 'false', 'wsgi_daemon_process' => 'keystone_main', + 'wsgi_daemon_process_options' => { + 'user' => 'keystone', + 'group' => 'keystone', + 'processes' => '37', + 'threads' => '42', + 'display-name' => 'keystone-main', + }, 'wsgi_process_group' => 'keystone_main', 'wsgi_script_aliases' => { '/' => "#{platform_parameters[:wsgi_script_path]}/main" }, 'require' => 'File[keystone_wsgi_main]' @@ -149,6 +177,13 @@ 'docroot_group' => 'keystone', 'ssl' => 'true', 'wsgi_daemon_process' => 'keystone_main', + 'wsgi_daemon_process_options' => { + 'user' => 'keystone', + 'group' => 'keystone', + 'processes' => '37', + 'threads' => '42', + 'display-name' => 'keystone-main', + }, 'wsgi_process_group' => 'keystone_main', 'wsgi_script_aliases' => { '/main/endpoint' => "#{platform_parameters[:wsgi_script_path]}/main", diff --git a/keystone/spec/defines/keystone_resource_service_identity_spec.rb b/keystone/spec/defines/keystone_resource_service_identity_spec.rb index a906ddc90..18979635e 100644 --- a/keystone/spec/defines/keystone_resource_service_identity_spec.rb +++ b/keystone/spec/defines/keystone_resource_service_identity_spec.rb @@ -45,7 +45,7 @@ it { is_expected.to contain_keystone_user_role("#{title}@services").with( :ensure => 'present', - :roles => 'admin', + :roles => ['admin'], )} it { is_expected.to contain_keystone_service(title).with( diff --git a/keystone/spec/spec_helper_acceptance.rb b/keystone/spec/spec_helper_acceptance.rb new file mode 100644 index 000000000..23590bf52 --- /dev/null +++ b/keystone/spec/spec_helper_acceptance.rb @@ -0,0 +1,46 @@ +require 'beaker-rspec' + +hosts.each do |host| + + install_puppet + + on host, "mkdir -p #{host['distmoduledir']}" +end + +RSpec.configure do |c| + # Project root + proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..')) + + # Readable test descriptions + c.formatter = :documentation + + # Configure all nodes in nodeset + c.before :suite do + # Install module and dependencies + hosts.each do |host| + + # install git + install_package host, 'git' + + # clean out any module cruft + shell('rm -fr /etc/puppet/modules/*') + + # install library modules from the forge + on host, puppet('module','install','puppetlabs-mysql'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','dprince/qpid'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','duritong/sysctl'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-inifile'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','stahnma-epel'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-rabbitmq'), { :acceptable_exit_codes => 0 } + on host, puppet('module','install','puppetlabs-apache'), { :acceptable_exit_codes => 0 } + + # install puppet modules from git, use master + shell('git clone https://git.openstack.org/stackforge/puppet-openstacklib /etc/puppet/modules/openstacklib') + + # Install the module being tested + puppet_module_install(:source => proj_root, :module_name => 'keystone') + # List modules installed to help with debugging + on hosts[0], puppet('module','list'), { :acceptable_exit_codes => 0 } + end + end +end diff --git a/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb b/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb new file mode 100644 index 000000000..2eff5d63f --- /dev/null +++ b/keystone/spec/unit/provider/keystone_paste_ini/ini_setting_spec.rb @@ -0,0 +1,29 @@ +# +# these tests are a little concerning b/c they are hacking around the +# modulepath, so these tests will not catch issues that may eventually arise +# related to loading these plugins. +# I could not, for the life of me, figure out how to programatcally set the modulepath +$LOAD_PATH.push( + File.join( + File.dirname(__FILE__), + '..', + '..', + '..', + 'fixtures', + 'modules', + 'inifile', + 'lib') +) +require 'spec_helper' +provider_class = Puppet::Type.type(:keystone_paste_ini).provider(:ini_setting) +describe provider_class do + + it 'should allow setting to be set explicitly' do + resource = Puppet::Type::Keystone_paste_ini.new( + {:name => 'dude/foo', :value => 'bar'} + ) + provider = provider_class.new(resource) + provider.section.should == 'dude' + provider.setting.should == 'foo' + end +end diff --git a/keystone/spec/unit/provider/keystone_spec.rb b/keystone/spec/unit/provider/keystone_spec.rb index de9ceb0d1..6a40dacf4 100644 --- a/keystone/spec/unit/provider/keystone_spec.rb +++ b/keystone/spec/unit/provider/keystone_spec.rb @@ -51,63 +51,63 @@ def self.reset mock = {'DEFAULT' => {'admin_token' => 'foo'}} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_token.should == 'foo' + expect(klass.get_admin_token).to eq('foo') end it 'should use the specified bind_host in the admin endpoint' do mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '35357' }} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'http://192.168.56.210:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('http://192.168.56.210:35357/v2.0/') end it 'should use localhost in the admin endpoint if bind_host is 0.0.0.0' do mock = {'DEFAULT' => { 'admin_bind_host' => '0.0.0.0', 'admin_port' => '35357' }} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'http://127.0.0.1:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('http://127.0.0.1:35357/v2.0/') end it 'should use [::1] in the admin endpoint if bind_host is ::0' do mock = {'DEFAULT' => { 'admin_bind_host' => '::0', 'admin_port' => '35357' }} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'http://[::1]:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('http://[::1]:35357/v2.0/') end it 'should use localhost in the admin endpoint if bind_host is unspecified' do mock = {'DEFAULT' => { 'admin_port' => '35357' }} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'http://127.0.0.1:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('http://127.0.0.1:35357/v2.0/') end it 'should use https if ssl is enabled' do mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '35357' }, 'ssl' => {'enable' => 'True'}} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'https://192.168.56.210:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('https://192.168.56.210:35357/v2.0/') end it 'should use http if ssl is disabled' do mock = {'DEFAULT' => {'admin_bind_host' => '192.168.56.210', 'admin_port' => '35357' }, 'ssl' => {'enable' => 'False'}} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'http://192.168.56.210:35357/v2.0/' + expect(klass.get_admin_endpoint).to eq('http://192.168.56.210:35357/v2.0/') end it 'should use the defined admin_endpoint if available' do mock = {'DEFAULT' => {'admin_endpoint' => 'https://keystone.example.com' }, 'ssl' => {'enable' => 'False'}} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'https://keystone.example.com/v2.0/' + expect(klass.get_admin_endpoint).to eq('https://keystone.example.com/v2.0/') end it 'should handle an admin_endpoint with a trailing slash' do mock = {'DEFAULT' => {'admin_endpoint' => 'https://keystone.example.com/' }, 'ssl' => {'enable' => 'False'}} Puppet::Util::IniConfig::File.expects(:new).returns(mock) mock.expects(:read).with('/etc/keystone/keystone.conf') - klass.get_admin_endpoint.should == 'https://keystone.example.com/v2.0/' + expect(klass.get_admin_endpoint).to eq('https://keystone.example.com/v2.0/') end end diff --git a/keystone/spec/unit/type/keystone_paste_ini_spec.rb b/keystone/spec/unit/type/keystone_paste_ini_spec.rb new file mode 100644 index 000000000..98f7157b6 --- /dev/null +++ b/keystone/spec/unit/type/keystone_paste_ini_spec.rb @@ -0,0 +1,23 @@ +require 'spec_helper' +# this hack is required for now to ensure that the path is set up correctly +# to retrive the parent provider +$LOAD_PATH.push( + File.join( + File.dirname(__FILE__), + '..', + '..', + 'fixtures', + 'modules', + 'inifile', + 'lib') +) +require 'puppet/type/keystone_paste_ini' +describe 'Puppet::Type.type(:keystone_paste_ini)' do + before :each do + @keystone_paste_ini = Puppet::Type.type(:keystone_paste_ini).new(:name => 'DEFAULT/foo', :value => 'bar') + end + it 'should accept a valid value' do + @keystone_paste_ini[:value] = 'bar' + @keystone_paste_ini[:value].should == 'bar' + end +end