diff options
author | Jenkins <jenkins@review.openstack.org> | 2017-04-06 22:30:06 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2017-04-06 22:30:07 +0000 |
commit | 4fa62dfaaa4653c4c1c3c55ae51927499885abbb (patch) | |
tree | d3aa95a1b93632b2790826180a3bcda1aa058c59 | |
parent | bd89e21fe86d81b91ca4e963e8f47bcb7b92a208 (diff) | |
parent | b8388e378a9151bccbac0db0478b1ef5d1e2e3fb (diff) |
Merge "Add a trigger to call ldap_backend define"
-rw-r--r-- | manifests/profile/base/keystone.pp | 16 | ||||
-rw-r--r-- | releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml | 5 |
2 files changed, 21 insertions, 0 deletions
diff --git a/manifests/profile/base/keystone.pp b/manifests/profile/base/keystone.pp index bb3f387..5909337 100644 --- a/manifests/profile/base/keystone.pp +++ b/manifests/profile/base/keystone.pp @@ -59,6 +59,15 @@ # heat admin user name # Defaults to undef # +# [*ldap_backends_config*] +# Configuration for keystone::ldap_backend. This takes a hash that will +# create each backend specified. +# Defaults to undef +# +# [*ldap_backend_enable*] +# Enables creating per-domain LDAP backends for keystone. +# Default to false +# # [*manage_db_purge*] # (Optional) Whether keystone token flushing should be enabled # Defaults to hiera('keystone_enable_db_purge', true) @@ -126,6 +135,8 @@ class tripleo::profile::base::keystone ( $heat_admin_email = undef, $heat_admin_password = undef, $heat_admin_user = undef, + $ldap_backends_config = undef, + $ldap_backend_enable = false, $manage_db_purge = hiera('keystone_enable_db_purge', true), $public_endpoint_network = hiera('keystone_public_api_network', undef), $oslomsg_rpc_proto = hiera('messaging_rpc_service_name', 'rabbit'), @@ -207,6 +218,11 @@ class tripleo::profile::base::keystone ( ssl_key_admin => $tls_keyfile_admin, } include ::keystone::cors + + if $ldap_backend_enable { + validate_hash($ldap_backends_config) + create_resources('::keystone::ldap_backend', $ldap_backends_config) + } } if $step >= 4 and $manage_db_purge { diff --git a/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml new file mode 100644 index 0000000..0fb9271 --- /dev/null +++ b/releasenotes/notes/add-ldap-backend-48e875e971343e2a.yaml @@ -0,0 +1,5 @@ +--- +features: + - Add keystone::ldap_backend call as resource when is trigged to setup a LDAP + backend as keystone domain. This allows per-domain LDAP backends for + keystone. |