summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-04-06 22:30:06 +0000
committerGerrit Code Review <review@openstack.org>2017-04-06 22:30:07 +0000
commit4fa62dfaaa4653c4c1c3c55ae51927499885abbb (patch)
treed3aa95a1b93632b2790826180a3bcda1aa058c59
parentbd89e21fe86d81b91ca4e963e8f47bcb7b92a208 (diff)
parentb8388e378a9151bccbac0db0478b1ef5d1e2e3fb (diff)
Merge "Add a trigger to call ldap_backend define"
-rw-r--r--manifests/profile/base/keystone.pp16
-rw-r--r--releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml5
2 files changed, 21 insertions, 0 deletions
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp
index bb3f387..5909337 100644
--- a/manifests/profile/base/keystone.pp
+++ b/manifests/profile/base/keystone.pp
@@ -59,6 +59,15 @@
# heat admin user name
# Defaults to undef
#
+# [*ldap_backends_config*]
+# Configuration for keystone::ldap_backend. This takes a hash that will
+# create each backend specified.
+# Defaults to undef
+#
+# [*ldap_backend_enable*]
+# Enables creating per-domain LDAP backends for keystone.
+# Default to false
+#
# [*manage_db_purge*]
# (Optional) Whether keystone token flushing should be enabled
# Defaults to hiera('keystone_enable_db_purge', true)
@@ -126,6 +135,8 @@ class tripleo::profile::base::keystone (
$heat_admin_email = undef,
$heat_admin_password = undef,
$heat_admin_user = undef,
+ $ldap_backends_config = undef,
+ $ldap_backend_enable = false,
$manage_db_purge = hiera('keystone_enable_db_purge', true),
$public_endpoint_network = hiera('keystone_public_api_network', undef),
$oslomsg_rpc_proto = hiera('messaging_rpc_service_name', 'rabbit'),
@@ -207,6 +218,11 @@ class tripleo::profile::base::keystone (
ssl_key_admin => $tls_keyfile_admin,
}
include ::keystone::cors
+
+ if $ldap_backend_enable {
+ validate_hash($ldap_backends_config)
+ create_resources('::keystone::ldap_backend', $ldap_backends_config)
+ }
}
if $step >= 4 and $manage_db_purge {
diff --git a/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml
new file mode 100644
index 0000000..0fb9271
--- /dev/null
+++ b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - Add keystone::ldap_backend call as resource when is trigged to setup a LDAP
+ backend as keystone domain. This allows per-domain LDAP backends for
+ keystone.