summaryrefslogtreecommitdiffstats
path: root/components/congress/puppet
diff options
context:
space:
mode:
authorblsaws <bryan.sullivan@att.com>2016-05-11 21:22:03 -0700
committerblsaws <bs3131@att.com>2016-05-11 21:27:35 -0700
commit2928ffc921af0ec26ccfda1b973f7eebbc64d88f (patch)
tree7b38060b2e1e19f48c3f3eb4c92465b3e71735e3 /components/congress/puppet
parent2f9c61889d640dce26a9d0350caa43bb2faae82e (diff)
Add baseline puppet module
JIRA: COPPER-2 Change-Id: Ieb773594917aeca48ceca4250de9b4aede9961a8 Signed-off-by: blsaws <bs3131@att.com>
Diffstat (limited to 'components/congress/puppet')
-rw-r--r--components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb27
-rw-r--r--components/congress/puppet/lib/puppet/type/congress_config.rb42
-rw-r--r--components/congress/puppet/manifests/client.pp27
-rw-r--r--components/congress/puppet/manifests/config.pp30
-rw-r--r--components/congress/puppet/manifests/db.pp97
-rw-r--r--components/congress/puppet/manifests/db/mysql.pp69
-rw-r--r--components/congress/puppet/manifests/db/postgresql.pp55
-rw-r--r--components/congress/puppet/manifests/db/sync.pp14
-rw-r--r--components/congress/puppet/manifests/init.pp410
-rw-r--r--components/congress/puppet/manifests/keystone/auth.pp93
-rw-r--r--components/congress/puppet/manifests/logging.pp251
-rw-r--r--components/congress/puppet/manifests/params.pp31
-rw-r--r--components/congress/puppet/manifests/policy.pp39
-rw-r--r--components/congress/puppet/manifests/service.pp55
-rw-r--r--components/congress/puppet/metadata.json34
-rw-r--r--components/congress/puppet/spec/classes/congress_db_mysql_spec.rb62
-rw-r--r--components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb58
-rw-r--r--components/congress/puppet/spec/classes/congress_db_spec.rb78
-rw-r--r--components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb123
-rw-r--r--components/congress/puppet/spec/classes/congress_logging_spec.rb144
-rw-r--r--components/congress/puppet/spec/classes/congress_policy_spec.rb41
-rw-r--r--components/congress/puppet/spec/shared_examples.rb5
-rw-r--r--components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb68
-rw-r--r--components/congress/puppet/spec/unit/type/congress_config_spec.rb64
-rw-r--r--components/congress/puppet/tests/init.pp12
25 files changed, 1929 insertions, 0 deletions
diff --git a/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb b/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb
new file mode 100644
index 0000000..3d324b6
--- /dev/null
+++ b/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb
@@ -0,0 +1,27 @@
+Puppet::Type.type(:congress_config).provide(
+ :ini_setting,
+ :parent => Puppet::Type.type(:ini_setting).provider(:ruby)
+) do
+
+ def section
+ resource[:name].split('/', 2).first
+ end
+
+ def setting
+ resource[:name].split('/', 2).last
+ end
+
+ def separator
+ '='
+ end
+
+ def self.file_path
+ '/etc/congress/congress.conf'
+ end
+
+ # added for backwards compatibility with older versions of inifile
+ def file_path
+ self.class.file_path
+ end
+
+end
diff --git a/components/congress/puppet/lib/puppet/type/congress_config.rb b/components/congress/puppet/lib/puppet/type/congress_config.rb
new file mode 100644
index 0000000..3b76fc6
--- /dev/null
+++ b/components/congress/puppet/lib/puppet/type/congress_config.rb
@@ -0,0 +1,42 @@
+Puppet::Type.newtype(:congress_config) do
+
+ ensurable
+
+ newparam(:name, :namevar => true) do
+ desc 'Section/setting name to manage from /etc/congress/congress.conf'
+ newvalues(/\S+\/\S+/)
+ end
+
+ newproperty(:value) do
+ desc 'The value of the setting to be defined.'
+ munge do |value|
+ value = value.to_s.strip
+ value.capitalize! if value =~ /^(true|false)$/i
+ value
+ end
+
+ def is_to_s( currentvalue )
+ if resource.secret?
+ return '[old secret redacted]'
+ else
+ return currentvalue
+ end
+ end
+
+ def should_to_s( newvalue )
+ if resource.secret?
+ return '[new secret redacted]'
+ else
+ return newvalue
+ end
+ end
+ end
+
+ newparam(:secret, :boolean => true) do
+ desc 'Whether to hide the value from Puppet logs. Defaults to `false`.'
+
+ newvalues(:true, :false)
+
+ defaultto false
+ end
+end
diff --git a/components/congress/puppet/manifests/client.pp b/components/congress/puppet/manifests/client.pp
new file mode 100644
index 0000000..bb016e4
--- /dev/null
+++ b/components/congress/puppet/manifests/client.pp
@@ -0,0 +1,27 @@
+# == Class: congress::client
+#
+# Installs congress client.
+#
+# === Parameters
+#
+# [*ensure*]
+# (optional) Ensure state of the package.
+# Defaults to 'present'.
+#
+class congress::client (
+ $ensure = 'present'
+) {
+
+ package { 'python-congressclient':
+ ensure => $ensure,
+ tag => 'openstack',
+ }
+
+ if $ensure == 'present' {
+ include '::openstacklib::openstackclient'
+ } else {
+ class { '::openstacklib::openstackclient':
+ package_ensure => $ensure,
+ }
+ }
+}
diff --git a/components/congress/puppet/manifests/config.pp b/components/congress/puppet/manifests/config.pp
new file mode 100644
index 0000000..0a59d07
--- /dev/null
+++ b/components/congress/puppet/manifests/config.pp
@@ -0,0 +1,30 @@
+# == Class: congress::config
+#
+# This class is used to manage arbitrary congress configurations.
+#
+# === Parameters
+#
+# [*congress_config*]
+# (optional) Allow configuration of arbitrary congress configurations.
+# The value is an hash of congress_config resources. Example:
+# { 'DEFAULT/foo' => { value => 'fooValue'},
+# 'DEFAULT/bar' => { value => 'barValue'}
+# }
+# In yaml format, Example:
+# congress_config:
+# DEFAULT/foo:
+# value: fooValue
+# DEFAULT/bar:
+# value: barValue
+#
+# NOTE: The configuration MUST NOT be already handled by this module
+# or Puppet catalog compilation will fail with duplicate resources.
+#
+class congress::config (
+ $congress_config = {},
+) {
+
+ validate_hash($congress_config)
+
+ create_resources('congress_config', $congress_config)
+}
diff --git a/components/congress/puppet/manifests/db.pp b/components/congress/puppet/manifests/db.pp
new file mode 100644
index 0000000..33dccc4
--- /dev/null
+++ b/components/congress/puppet/manifests/db.pp
@@ -0,0 +1,97 @@
+# == Class: congress::db
+#
+# Configure the congress database connection
+#
+# === Parameters
+#
+# [*database_connection*]
+# Url used to connect to database.
+# (Optional) Defaults to 'sqlite:////var/lib/congress/congress.sqlite'.
+#
+# [*database_idle_timeout*]
+# Timeout when db connections should be reaped.
+# (Optional) Defaults to 3600.
+#
+# [*database_max_retries*]
+# Maximum number of database connection retries during startup.
+# Setting -1 implies an infinite retry count.
+# (Optional) Defaults to 10.
+#
+# [*database_retry_interval*]
+# Interval between retries of opening a database connection.
+# (Optional) Defaults to 10.
+#
+# [*database_min_pool_size*]
+# Minimum number of SQL connections to keep open in a pool.
+# (Optional) Defaults to 1.
+#
+# [*database_max_pool_size*]
+# Maximum number of SQL connections to keep open in a pool.
+# (Optional) Defaults to 10.
+#
+# [*database_max_overflow*]
+# If set, use this value for max_overflow with sqlalchemy.
+# (Optional) Defaults to 20.
+#
+class congress::db (
+ $database_connection = 'sqlite:////var/lib/congress/congress.sqlite',
+ $database_idle_timeout = 3600,
+ $database_min_pool_size = 1,
+ $database_max_pool_size = 10,
+ $database_max_retries = 10,
+ $database_retry_interval = 10,
+ $database_max_overflow = 20,
+) {
+
+ # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
+ # to use congress::<myparam> if congress::db::<myparam> isn't specified.
+ $database_connection_real = pick($::congress::database_connection, $database_connection)
+ $database_idle_timeout_real = pick($::congress::database_idle_timeout, $database_idle_timeout)
+ $database_min_pool_size_real = pick($::congress::database_min_pool_size, $database_min_pool_size)
+ $database_max_pool_size_real = pick($::congress::database_max_pool_size, $database_max_pool_size)
+ $database_max_retries_real = pick($::congress::database_max_retries, $database_max_retries)
+ $database_retry_interval_real = pick($::congress::database_retry_interval, $database_retry_interval)
+ $database_max_overflow_real = pick($::congress::database_max_overflow, $database_max_overflow)
+
+ validate_re($database_connection_real,
+ '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
+
+ if $database_connection_real {
+ case $database_connection_real {
+ /^mysql:\/\//: {
+ $backend_package = false
+ require 'mysql::bindings'
+ require 'mysql::bindings::python'
+ }
+ /^postgresql:\/\//: {
+ $backend_package = false
+ require 'postgresql::lib::python'
+ }
+ /^sqlite:\/\//: {
+ $backend_package = $::congress::params::sqlite_package_name
+ }
+ default: {
+ fail('Unsupported backend configured')
+ }
+ }
+
+ if $backend_package and !defined(Package[$backend_package]) {
+ package {'congress-backend-package':
+ ensure => present,
+ name => $backend_package,
+ tag => 'openstack',
+ }
+ }
+
+ congress_config {
+ 'database/connection': value => $database_connection_real, secret => true;
+ 'database/idle_timeout': value => $database_idle_timeout_real;
+ 'database/min_pool_size': value => $database_min_pool_size_real;
+ 'database/max_retries': value => $database_max_retries_real;
+ 'database/retry_interval': value => $database_retry_interval_real;
+ 'database/max_pool_size': value => $database_max_pool_size_real;
+ 'database/max_overflow': value => $database_max_overflow_real;
+ }
+ }
+
+}
diff --git a/components/congress/puppet/manifests/db/mysql.pp b/components/congress/puppet/manifests/db/mysql.pp
new file mode 100644
index 0000000..456b812
--- /dev/null
+++ b/components/congress/puppet/manifests/db/mysql.pp
@@ -0,0 +1,69 @@
+# The congress::db::mysql class implements mysql backend for congress
+#
+# This class can be used to create tables, users and grant
+# privelege for a mysql congress database.
+#
+# == parameters
+#
+# [*password*]
+# (Mandatory) Password to connect to the database.
+# Defaults to 'false'.
+#
+# [*dbname*]
+# (Optional) Name of the database.
+# Defaults to 'congress'.
+#
+# [*user*]
+# (Optional) User to connect to the database.
+# Defaults to 'congress'.
+#
+# [*host*]
+# (Optional) The default source host user is allowed to connect from.
+# Defaults to '127.0.0.1'
+#
+# [*allowed_hosts*]
+# (Optional) Other hosts the user is allowed to connect from.
+# Defaults to 'undef'.
+#
+# [*charset*]
+# (Optional) The database charset.
+# Defaults to 'utf8'
+#
+# [*collate*]
+# (Optional) The database collate.
+# Only used with mysql modules >= 2.2.
+# Defaults to 'utf8_general_ci'
+#
+# == Dependencies
+# Class['mysql::server']
+#
+# == Examples
+#
+# == Authors
+#
+# == Copyright
+#
+class congress::db::mysql(
+ $password,
+ $dbname = 'congress',
+ $user = 'congress',
+ $host = '127.0.0.1',
+ $charset = 'utf8',
+ $collate = 'utf8_general_ci',
+ $allowed_hosts = undef
+) {
+
+ validate_string($password)
+
+ ::openstacklib::db::mysql { 'congress':
+ user => $user,
+ password_hash => mysql_password($password),
+ dbname => $dbname,
+ host => $host,
+ charset => $charset,
+ collate => $collate,
+ allowed_hosts => $allowed_hosts,
+ }
+
+ ::Openstacklib::Db::Mysql['congress'] ~> Exec<| title == 'congress-manage db_sync' |>
+}
diff --git a/components/congress/puppet/manifests/db/postgresql.pp b/components/congress/puppet/manifests/db/postgresql.pp
new file mode 100644
index 0000000..4766eca
--- /dev/null
+++ b/components/congress/puppet/manifests/db/postgresql.pp
@@ -0,0 +1,55 @@
+# == Class: congress::db::postgresql
+#
+# Class that configures postgresql for congress
+# Requires the Puppetlabs postgresql module.
+#
+# === Parameters
+#
+# [*password*]
+# (Required) Password to connect to the database.
+#
+# [*dbname*]
+# (Optional) Name of the database.
+# Defaults to 'congress'.
+#
+# [*user*]
+# (Optional) User to connect to the database.
+# Defaults to 'congress'.
+#
+# [*encoding*]
+# (Optional) The charset to use for the database.
+# Default to undef.
+#
+# [*privileges*]
+# (Optional) Privileges given to the database user.
+# Default to 'ALL'
+#
+# == Dependencies
+#
+# == Examples
+#
+# == Authors
+#
+# == Copyright
+#
+class congress::db::postgresql(
+ $password,
+ $dbname = 'congress',
+ $user = 'congress',
+ $encoding = undef,
+ $privileges = 'ALL',
+) {
+
+ Class['congress::db::postgresql'] -> Service<| title == 'congress' |>
+
+ ::openstacklib::db::postgresql { 'congress':
+ password_hash => postgresql_password($user, $password),
+ dbname => $dbname,
+ user => $user,
+ encoding => $encoding,
+ privileges => $privileges,
+ }
+
+ ::Openstacklib::Db::Postgresql['congress'] ~> Exec<| title == 'congress-manage db_sync' |>
+
+}
diff --git a/components/congress/puppet/manifests/db/sync.pp b/components/congress/puppet/manifests/db/sync.pp
new file mode 100644
index 0000000..bb07f7e
--- /dev/null
+++ b/components/congress/puppet/manifests/db/sync.pp
@@ -0,0 +1,14 @@
+#
+# Class to execute "congress-manage db_sync
+#
+class congress::db::sync {
+ exec { 'congress-manage db_sync':
+ path => '/usr/bin',
+ user => 'congress',
+ refreshonly => true,
+ subscribe => [Package['congress'], congress_config['database/connection']],
+ require => User['congress'],
+ }
+
+ Exec['congress-manage db_sync'] ~> Service<| title == 'congress' |>
+}
diff --git a/components/congress/puppet/manifests/init.pp b/components/congress/puppet/manifests/init.pp
new file mode 100644
index 0000000..a1367c3
--- /dev/null
+++ b/components/congress/puppet/manifests/init.pp
@@ -0,0 +1,410 @@
+# == Class: congress
+#
+# Module for managing congress config
+#
+# === Parameters
+#
+# [*keystone_password*]
+# (required) Password used to authentication.
+#
+# [*package_ensure*]
+# (optional) Desired ensure state of packages.
+# accepts latest or specific versions.
+# Defaults to present.
+#
+# [*client_package_ensure*]
+# (optional) Desired ensure state of the client package.
+# accepts latest or specific versions.
+# Defaults to present.
+#
+# [*bind_host*]
+# (optional) The IP address that congress binds to.
+# Default to '0.0.0.0'.
+#
+# [*bind_port*]
+# (optional) Port that congress binds to.
+# Defaults to '1789'
+#
+# [*verbose*]
+# (optional) Rather congress should log at verbose level.
+# Defaults to undef.
+#
+# [*debug*]
+# (optional) Rather congress should log at debug level.
+# Defaults to undef.
+#
+# [*auth_type*]
+# (optional) Type is authorization being used.
+# Defaults to 'keystone'
+#
+# [*auth_uri*]
+# (optional) Complete public Identity API endpoint.
+# Defaults to false.
+#
+# [*identity_uri*]
+# (optional) Complete admin Identity API endpoint.
+# Defaults to: false
+#
+# [*keystone_tenant*]
+# (optional) Tenant to authenticate to.
+# Defaults to services.
+#
+# [*keystone_user*]
+# (optional) User to authenticate as with keystone.
+# Defaults to 'congress'.
+#
+# [*manage_service*]
+# (Optional) If Puppet should manage service startup / shutdown.
+# Defaults to true.
+#
+# [*enabled*]
+# (optional) If the congress services should be enabled.
+# Default to true.
+#
+# [*database_connection*]
+# (optional) Url used to connect to database.
+# Defaults to undef.
+#
+# [*database_idle_timeout*]
+# (optional) Timeout when db connections should be reaped.
+# Defaults to undef.
+#
+# [*database_max_retries*]
+# (optional) Maximum number of database connection retries during startup.
+# Setting -1 implies an infinite retry count.
+# (Defaults to undef)
+#
+# [*database_retry_interval*]
+# (optional) Interval between retries of opening a database connection.
+# (Defaults to undef)
+#
+# [*database_min_pool_size*]
+# (optional) Minimum number of SQL connections to keep open in a pool.
+# Defaults to: undef
+#
+# [*database_max_pool_size*]
+# (optional) Maximum number of SQL connections to keep open in a pool.
+# Defaults to: undef
+#
+# [*database_max_overflow*]
+# (optional) If set, use this value for max_overflow with sqlalchemy.
+# Defaults to: undef
+#
+# [*rpc_backend*]
+# (Optional) Use these options to configure the RabbitMQ message system.
+# Defaults to 'rabbit'
+#
+# [*control_exchange*]
+# (Optional)
+# Defaults to 'openstack'.
+#
+# [*rabbit_host*]
+# (Optional) IP or hostname of the rabbit server.
+# Defaults to '127.0.0.1'
+#
+# [*rabbit_port*]
+# (Optional) Port of the rabbit server.
+# Defaults to 5672.
+#
+# [*rabbit_hosts*]
+# (Optional) Array of host:port (used with HA queues).
+# If defined, will remove rabbit_host & rabbit_port parameters from config
+# Defaults to undef.
+#
+# [*rabbit_userid*]
+# (Optional) User to connect to the rabbit server.
+# Defaults to 'guest'
+#
+# [*rabbit_password*]
+# (Required) Password to connect to the rabbit_server.
+# Defaults to empty. Required if using the Rabbit (kombu)
+# backend.
+#
+# [*rabbit_virtual_host*]
+# (Optional) Virtual_host to use.
+# Defaults to '/'
+#
+# [*rabbit_heartbeat_timeout_threshold*]
+# (optional) Number of seconds after which the RabbitMQ broker is considered
+# down if the heartbeat keepalive fails. Any value >0 enables heartbeats.
+# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently
+# closed, resulting in missed or lost messages from the queue.
+# (Requires kombu >= 3.0.7 and amqp >= 1.4.0)
+# Defaults to 0
+#
+# [*rabbit_heartbeat_rate*]
+# (optional) How often during the rabbit_heartbeat_timeout_threshold period to
+# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2
+# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked
+# every 30 seconds.
+# Defaults to 2
+#
+# [*rabbit_use_ssl*]
+# (optional) Connect over SSL for RabbitMQ
+# Defaults to false
+#
+# [*kombu_ssl_ca_certs*]
+# (optional) SSL certification authority file (valid only if SSL enabled).
+# Defaults to $::os_service_default
+#
+# [*kombu_ssl_certfile*]
+# (optional) SSL cert file (valid only if SSL enabled).
+# Defaults to $::os_service_default
+#
+# [*kombu_ssl_keyfile*]
+# (optional) SSL key file (valid only if SSL enabled).
+# Defaults to $::os_service_default
+#
+# [*kombu_ssl_version*]
+# (optional) SSL version to use (valid only if SSL enabled).
+# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
+# available on some distributions.
+# Defaults to $::os_service_default
+#
+# [*kombu_reconnect_delay*]
+# (optional) How long to wait before reconnecting in response to an AMQP
+# consumer cancel notification.
+# Defaults to $::os_service_default
+#
+# [*amqp_durable_queues*]
+# Use durable queues in amqp.
+# (Optional) Defaults to false.
+#
+# [*service_provider*]
+# (optional) Provider, that can be used for congress service.
+# Default value defined in congress::params for given operation system.
+# If you use Pacemaker or another Cluster Resource Manager, you can make
+# custom service provider for changing start/stop/status behavior of service,
+# and set it here.
+#
+# [*service_name*]
+# (optional) Name of the service that will be providing the
+# server functionality of congress.
+# Defaults to '$::congress::params::service_name'
+#
+# [*sync_db*]
+# (Optional) Run db sync on the node.
+# Defaults to true
+#
+# == Dependencies
+# None
+#
+# == Examples
+#
+# class { 'congress':
+# keystone_password => 'congress',
+# keystone_tenant => 'service',
+# auth_uri => 'http://192.168.122.6:5000/',
+# identity_uri => 'http://192.168.122.6:35357/',
+# database_connection => 'mysql://congress:password@192.168.122.6/congress',
+# rabbit_host => '192.168.122.6',
+# rabbit_password => 'guest',
+# }
+#
+# class { 'congress::db::mysql':
+# password => 'password',
+# host => '192.168.122.6',
+# }
+#
+# class { 'congress::keystone::auth':
+# password => 'congress',
+# tenant => 'service',
+# admin_url => 'http://192.168.122.6:1789',
+# internal_url => 'http://192.168.122.6:1789',
+# public_url => 'http://192.168.122.6:1789',
+# region => 'regionOne',
+# }
+#
+# == Authors
+#
+# Dan Radez <dradez@redhat.com>
+#
+# == Copyright
+#
+# Copyright 2015 Red Hat Inc, unless otherwise noted.
+#
+
+class congress(
+ $keystone_password,
+ $package_ensure = 'present',
+ $client_package_ensure = 'present',
+ $bind_host = '0.0.0.0',
+ $bind_port = '1789',
+ $verbose = undef,
+ $debug = undef,
+ $auth_type = 'keystone',
+ $auth_uri = false,
+ $identity_uri = false,
+ $keystone_tenant = 'services',
+ $keystone_user = 'congress',
+ $manage_service = true,
+ $enabled = true,
+ $database_connection = undef,
+ $database_idle_timeout = undef,
+ $database_max_retries = undef,
+ $database_retry_interval = undef,
+ $database_min_pool_size = undef,
+ $database_max_pool_size = undef,
+ $database_max_overflow = undef,
+ $rpc_backend = 'rabbit',
+ $control_exchange = 'congress',
+ $rabbit_host = '127.0.0.1',
+ $rabbit_port = 5672,
+ $rabbit_hosts = false,
+ $rabbit_virtual_host = '/',
+ $rabbit_heartbeat_timeout_threshold = 0,
+ $rabbit_heartbeat_rate = 2,
+ $rabbit_userid = 'guest',
+ $rabbit_password = false,
+ $rabbit_use_ssl = false,
+ $kombu_ssl_ca_certs = $::os_service_default,
+ $kombu_ssl_certfile = $::os_service_default,
+ $kombu_ssl_keyfile = $::os_service_default,
+ $kombu_ssl_version = $::os_service_default,
+ $kombu_reconnect_delay = $::os_service_default,
+ $amqp_durable_queues = false,
+ $service_provider = $::congress::params::service_provider,
+ $service_name = $::congress::params::service_name,
+) inherits congress::params {
+ congress_config {
+ 'DEFAULT/drivers' : value => 'congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources. keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver';
+ }
+
+ if $identity_uri {
+ congress_config { 'keystone_authtoken/identity_uri': value => $identity_uri; }
+ congress_config { 'keystone_authtoken/auth_url' : value => $identity_uri; }
+ } else {
+ congress_config { 'keystone_authtoken/identity_uri': ensure => absent; }
+ }
+
+ if $auth_uri {
+ congress_config { 'keystone_authtoken/auth_uri': value => $auth_uri; }
+ } else {
+ congress_config { 'keystone_authtoken/auth_uri': ensure => absent; }
+ }
+
+ if $auth_type == 'keystone' {
+ congress_config {
+ 'keystone_authtoken/project_name' : value => $keystone_tenant;
+ 'keystone_authtoken/username' : value => $keystone_user;
+ 'keystone_authtoken/password' : value => $keystone_password, secret => true;
+ }
+ }
+
+ congress_config<||> ~> Service[$service_name]
+ congress_config<||> ~> Exec<| title == 'congress-manage db_sync'|>
+
+ include ::congress::db
+ include ::congress::params
+
+ if $sync_db {
+ include ::congress::db::sync
+ Class['::congress::db::sync'] ~> Service[$service_name]
+ }
+ if $rpc_backend == 'rabbit' {
+
+ if ! $rabbit_password {
+ fail('Please specify a rabbit_password parameter.')
+ }
+
+ congress_config {
+ 'DEFAULT/rabbit_password': value => $rabbit_password, secret => true;
+ 'DEFAULT/rabbit_userid': value => $rabbit_userid;
+ 'DEFAULT/rabbit_virtual_host': value => $rabbit_virtual_host;
+ 'DEFAULT/control_exchange': value => $control_exchange;
+ #'DEFAULT/rabbit_use_ssl': value => $rabbit_use_ssl;
+ #'DEFAULT/kombu_reconnect_delay': value => $kombu_reconnect_delay;
+ #'DEFAULT/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold;
+ #'DEFAULT/heartbeat_rate': value => $rabbit_heartbeat_rate;
+ #'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues;
+ }
+
+ if $rabbit_use_ssl {
+ congress_config {
+ 'DEFAULT/kombu_ssl_version' : value => $kombu_ssl_version;
+ 'DEFAULT/kombu_ssl_ca_certs' : value => $kombu_ssl_ca_certs;
+ 'DEFAULT/kombu_ssl_certfile' : value => $kombu_ssl_certfile;
+ 'DEFAULT/kombu_ssl_keyfile' : value => $kombu_ssl_keyfile;
+ }
+ }
+
+ if $rabbit_hosts {
+ congress_config { 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ',') }
+ congress_config { 'DEFAULT/rabbit_ha_queues': value => true }
+ congress_config { 'DEFAULT/rabbit_host': ensure => absent }
+ congress_config { 'DEFAULT/rabbit_port': ensure => absent }
+ } else {
+ congress_config { 'DEFAULT/rabbit_host': value => $rabbit_host }
+ congress_config { 'DEFAULT/rabbit_port': value => $rabbit_port }
+ congress_config { 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" }
+ congress_config { 'DEFAULT/rabbit_ha_queues': value => false }
+ }
+
+ }
+
+ package { 'congress':
+ ensure => $package_ensure,
+ name => $::congress::params::package_name,
+ tag => ['openstack', 'congress-package'],
+ }
+ if $client_package_ensure == 'present' {
+ include '::congress::client'
+ } else {
+ class { '::congress::client':
+ ensure => $client_package_ensure,
+ }
+ }
+
+ group { 'congress':
+ ensure => present,
+ system => true,
+ require => Package['congress'],
+ }
+
+ user { 'congress':
+ ensure => 'present',
+ gid => 'congress',
+ system => true,
+ require => Package['congress'],
+ }
+
+ file { ['/etc/congress', '/var/log/congress', '/var/lib/congress']:
+ ensure => directory,
+ mode => '0750',
+ owner => 'congress',
+ group => 'congress',
+ require => Package['congress'],
+ notify => Service[$service_name],
+ }
+
+ file { '/etc/congress/congress.conf':
+ ensure => present,
+ mode => '0600',
+ owner => 'congress',
+ group => 'congress',
+ require => Package['congress'],
+ notify => Service[$service_name],
+ }
+
+ congress_config {
+ 'DEFAULT/bind_host': value => $bind_host;
+ 'DEFAULT/bind_port': value => $bind_port;
+ }
+
+ if $manage_service {
+ if $enabled {
+ $service_ensure = 'running'
+ } else {
+ $service_ensure = 'stopped'
+ }
+ }
+
+ class { '::congress::service':
+ ensure => $service_ensure,
+ service_name => $service_name,
+ enable => $enabled,
+ hasstatus => true,
+ hasrestart => true,
+ provider => $service_provider,
+ }
+}
diff --git a/components/congress/puppet/manifests/keystone/auth.pp b/components/congress/puppet/manifests/keystone/auth.pp
new file mode 100644
index 0000000..13be1f0
--- /dev/null
+++ b/components/congress/puppet/manifests/keystone/auth.pp
@@ -0,0 +1,93 @@
+# == Class: congress::keystone::auth
+#
+# Configures congress user, service and endpoint in Keystone.
+#
+# === Parameters
+#
+# [*password*]
+# (required) Password for congress user.
+#
+# [*auth_name*]
+# Username for congress service. Defaults to 'congress'.
+#
+# [*email*]
+# Email for congress user. Defaults to 'congress@localhost'.
+#
+# [*tenant*]
+# Tenant for congress user. Defaults to 'services'.
+#
+# [*configure_endpoint*]
+# Should congress endpoint be configured? Defaults to 'true'.
+#
+# [*configure_user*]
+# (Optional) Should the service user be configured?
+# Defaults to 'true'.
+#
+# [*configure_user_role*]
+# (Optional) Should the admin role be configured for the service user?
+# Defaults to 'true'.
+#
+# [*service_type*]
+# Type of service. Defaults to 'NFV'.
+#
+# [*admin_url*]
+# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:1789')
+# This url should *not* contain any version or trailing '/'.
+#
+# [*internal_url*]
+# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:1789')
+# This url should *not* contain any version or trailing '/'.
+#
+# [*public_url*]
+# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:1789')
+# This url should *not* contain any version or trailing '/'.
+#
+# [*region*]
+# Region for endpoint. Defaults to 'RegionOne'.
+#
+# [*service_name*]
+# (optional) Name of the service.
+# Defaults to the value of auth_name.
+#
+#
+class congress::keystone::auth (
+ $password,
+ $auth_name = 'congress',
+ $email = 'congress@localhost',
+ $tenant = 'services',
+ $configure_endpoint = true,
+ $configure_user = true,
+ $configure_user_role = true,
+ $service_name = undef,
+ $service_type = 'servicevm',
+ $admin_url = 'http://127.0.0.1:1789',
+ $internal_url = 'http://127.0.0.1:1789',
+ $public_url = 'http://127.0.0.1:1789',
+ $region = 'RegionOne'
+) {
+
+ $real_service_name = pick($service_name, $auth_name)
+
+ if $configure_user_role {
+ Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'congress-server' |>
+ }
+ Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'congress-server' |>
+
+ keystone::resource::service_identity { 'congress':
+ configure_user => $configure_user,
+ configure_user_role => $configure_user_role,
+ configure_endpoint => $configure_endpoint,
+ service_name => $real_service_name,
+ service_type => $service_type,
+ service_description => 'congress VNF Manager service',
+ region => $region,
+ auth_name => $auth_name,
+ password => $password,
+ email => $email,
+ tenant => $tenant,
+ admin_url => "${admin_url}/",
+ internal_url => "${internal_url}/",
+ public_url => "${public_url}/",
+ }
+
+}
diff --git a/components/congress/puppet/manifests/logging.pp b/components/congress/puppet/manifests/logging.pp
new file mode 100644
index 0000000..7bcdc00
--- /dev/null
+++ b/components/congress/puppet/manifests/logging.pp
@@ -0,0 +1,251 @@
+# Class congress::logging
+#
+# congress logging configuration
+#
+# == parameters
+#
+# [*verbose*]
+# (Optional) Should the daemons log verbose messages
+# Defaults to false.
+#
+# [*debug*]
+# (Optional) Should the daemons log debug messages
+# Defaults to false.
+#
+# [*use_syslog*]
+# (Optional) Use syslog for logging.
+# Defaults to false.
+#
+# [*use_stderr*]
+# (optional) Use stderr for logging
+# Defaults to true.
+#
+# [*log_facility*]
+# (Optional) Syslog facility to receive log lines.
+# Defaults to 'LOG_USER'.
+#
+# [*log_dir*]
+# (optional) Directory where logs should be stored.
+# If set to boolean false, it will not log to any directory.
+# Defaults to '/var/log/congress'.
+#
+# [*logging_context_format_string*]
+# (optional) Format string to use for log messages with context.
+# Defaults to undef.
+# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
+# [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
+#
+# [*logging_default_format_string*]
+# (optional) Format string to use for log messages without context.
+# Defaults to undef.
+# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
+# [-] %(instance)s%(message)s'
+#
+# [*logging_debug_format_suffix*]
+# (optional) Formatted data to append to log format when level is DEBUG.
+# Defaults to undef.
+# Example: '%(funcName)s %(pathname)s:%(lineno)d'
+#
+# [*logging_exception_prefix*]
+# (optional) Prefix each line of exception output with this format.
+# Defaults to undef.
+# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
+#
+# [*log_config_append*]
+# The name of an additional logging configuration file.
+# Defaults to undef.
+# See https://docs.python.org/2/howto/logging.html
+#
+# [*default_log_levels*]
+# (optional) Hash of logger (keys) and level (values) pairs.
+# Defaults to undef.
+# Example:
+# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
+# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO',
+# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN',
+# 'requests.packages.urllib3.connectionpool' => 'WARN',
+# 'urllib3.connectionpool' => 'WARN',
+# 'websocket' => 'WARN', 'congressmiddleware' => 'WARN',
+# 'routes.middleware' => 'WARN', stevedore => 'WARN' }
+#
+# [*publish_errors*]
+# (optional) Publish error events (boolean value).
+# Defaults to undef (false if unconfigured).
+#
+# [*fatal_deprecations*]
+# (optional) Make deprecations fatal (boolean value)
+# Defaults to undef (false if unconfigured).
+#
+# [*instance_format*]
+# (optional) If an instance is passed with the log message, format it
+# like this (string value).
+# Defaults to undef.
+# Example: '[instance: %(uuid)s] '
+#
+# [*instance_uuid_format*]
+# (optional) If an instance UUID is passed with the log message, format
+# it like this (string value).
+# Defaults to undef.
+# Example: instance_uuid_format='[instance: %(uuid)s] '
+#
+# [*log_date_format*]
+# (optional) Format string for %%(asctime)s in log records.
+# Defaults to undef.
+# Example: 'Y-%m-%d %H:%M:%S'
+
+class congress::logging(
+ $use_syslog = false,
+ $use_stderr = true,
+ $log_facility = 'LOG_USER',
+ $log_dir = '/var/log/congress',
+ $verbose = false,
+ $debug = false,
+ $logging_context_format_string = undef,
+ $logging_default_format_string = undef,
+ $logging_debug_format_suffix = undef,
+ $logging_exception_prefix = undef,
+ $log_config_append = undef,
+ $default_log_levels = undef,
+ $publish_errors = undef,
+ $fatal_deprecations = undef,
+ $instance_format = undef,
+ $instance_uuid_format = undef,
+ $log_date_format = undef,
+) {
+
+ congress_config {
+ 'DEFAULT/use_syslog' : value => $use_syslog;
+ 'DEFAULT/use_stderr' : value => $use_stderr;
+ 'DEFAULT/log_dir' : value => $log_dir;
+ 'DEFAULT/verbose' : value => $verbose;
+ 'DEFAULT/debug' : value => $debug;
+ 'DEFAULT/syslog_log_facility' : value => $log_facility;
+ }
+
+ if $logging_context_format_string {
+ congress_config {
+ 'DEFAULT/logging_context_format_string' :
+ value => $logging_context_format_string;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/logging_context_format_string' : ensure => absent;
+ }
+ }
+
+ if $logging_default_format_string {
+ congress_config {
+ 'DEFAULT/logging_default_format_string' :
+ value => $logging_default_format_string;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/logging_default_format_string' : ensure => absent;
+ }
+ }
+
+ if $logging_debug_format_suffix {
+ congress_config {
+ 'DEFAULT/logging_debug_format_suffix' :
+ value => $logging_debug_format_suffix;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/logging_debug_format_suffix' : ensure => absent;
+ }
+ }
+
+ if $logging_exception_prefix {
+ congress_config {
+ 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/logging_exception_prefix' : ensure => absent;
+ }
+ }
+
+ if $log_config_append {
+ congress_config {
+ 'DEFAULT/log_config_append' : value => $log_config_append;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/log_config_append' : ensure => absent;
+ }
+ }
+
+ if $default_log_levels {
+ congress_config {
+ 'DEFAULT/default_log_levels' :
+ value => join(sort(join_keys_to_values($default_log_levels, '=')), ',');
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/default_log_levels' : ensure => absent;
+ }
+ }
+
+ if $publish_errors {
+ congress_config {
+ 'DEFAULT/publish_errors' : value => $publish_errors;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/publish_errors' : ensure => absent;
+ }
+ }
+
+ if $fatal_deprecations {
+ congress_config {
+ 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/fatal_deprecations' : ensure => absent;
+ }
+ }
+
+ if $instance_format {
+ congress_config {
+ 'DEFAULT/instance_format' : value => $instance_format;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/instance_format' : ensure => absent;
+ }
+ }
+
+ if $instance_uuid_format {
+ congress_config {
+ 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/instance_uuid_format' : ensure => absent;
+ }
+ }
+
+ if $log_date_format {
+ congress_config {
+ 'DEFAULT/log_date_format' : value => $log_date_format;
+ }
+ }
+ else {
+ congress_config {
+ 'DEFAULT/log_date_format' : ensure => absent;
+ }
+ }
+
+
+}
diff --git a/components/congress/puppet/manifests/params.pp b/components/congress/puppet/manifests/params.pp
new file mode 100644
index 0000000..f2ceed0
--- /dev/null
+++ b/components/congress/puppet/manifests/params.pp
@@ -0,0 +1,31 @@
+#
+# This class contains the platform differences for congress
+#
+class congress::params {
+ $client_package_name = 'python-congressclient'
+
+ case $::osfamily {
+ 'Debian': {
+ $package_name = 'congress'
+ $service_name = 'congress'
+ $python_memcache_package_name = 'python-memcache'
+ $sqlite_package_name = 'python-pysqlite2'
+ $paste_config = undef
+ case $::operatingsystem {
+ 'Debian': {
+ $service_provider = undef
+ }
+ default: {
+ $service_provider = 'upstart'
+ }
+ }
+ }
+ 'RedHat': {
+ $package_name = 'openstack-congress'
+ $service_name = 'openstack-congress'
+ $python_memcache_package_name = 'python-memcached'
+ $sqlite_package_name = undef
+ $service_provider = undef
+ }
+ }
+}
diff --git a/components/congress/puppet/manifests/policy.pp b/components/congress/puppet/manifests/policy.pp
new file mode 100644
index 0000000..cdca472
--- /dev/null
+++ b/components/congress/puppet/manifests/policy.pp
@@ -0,0 +1,39 @@
+# == Class: congress::policy
+#
+# Configure the congress policies
+#
+# === Parameters
+#
+# [*policies*]
+# (optional) Set of policies to configure for congress
+# Example :
+# {
+# 'congress-context_is_admin' => {
+# 'key' => 'context_is_admin',
+# 'value' => 'true'
+# },
+# 'congress-default' => {
+# 'key' => 'default',
+# 'value' => 'rule:admin_or_owner'
+# }
+# }
+# Defaults to empty hash.
+#
+# [*policy_path*]
+# (optional) Path to the nova policy.json file
+# Defaults to /etc/congress/policy.json
+#
+class congress::policy (
+ $policies = {},
+ $policy_path = '/etc/congress/policy.json',
+) {
+
+ validate_hash($policies)
+
+ Openstacklib::Policy::Base {
+ file_path => $policy_path,
+ }
+
+ create_resources('openstacklib::policy::base', $policies)
+
+}
diff --git a/components/congress/puppet/manifests/service.pp b/components/congress/puppet/manifests/service.pp
new file mode 100644
index 0000000..f802e9a
--- /dev/null
+++ b/components/congress/puppet/manifests/service.pp
@@ -0,0 +1,55 @@
+# == Class congress::service
+#
+# Encapsulates the congress service to a class.
+# This allows resources that require congress to
+# require this class, which can optionally
+# validate that the service can actually accept
+# connections.
+#
+# === Parameters
+#
+# [*ensure*]
+# (optional) The desired state of the congress service
+# Defaults to undef
+#
+# [*service_name*]
+# (optional) The name of the congress service
+# Defaults to $::congress::params::service_name
+#
+# [*enable*]
+# (optional) Whether to enable the congress service
+# Defaults to true
+#
+# [*hasstatus*]
+# (optional) Whether the congress service has status
+# Defaults to true
+#
+# [*hasrestart*]
+# (optional) Whether the congress service has restart
+# Defaults to true
+#
+# [*provider*]
+# (optional) Provider for congress service
+# Defaults to $::congress::params::service_provider
+#
+class congress::service(
+ $ensure = undef,
+ $service_name = $::congress::params::service_name,
+ $enable = true,
+ $hasstatus = true,
+ $hasrestart = true,
+ $provider = $::congress::params::service_provider,
+) {
+ include ::congress::params
+
+ service { 'congress':
+ ensure => $ensure,
+ name => $service_name,
+ enable => $enable,
+ hasstatus => $hasstatus,
+ hasrestart => $hasrestart,
+ provider => $provider,
+ tag => 'congress-service',
+ }
+
+}
diff --git a/components/congress/puppet/metadata.json b/components/congress/puppet/metadata.json
new file mode 100644
index 0000000..e94dd68
--- /dev/null
+++ b/components/congress/puppet/metadata.json
@@ -0,0 +1,34 @@
+{
+ "name": "puppet-congress",
+ "version": "0.0.1",
+ "author": "OpenStack Contributors",
+ "summary": "Puppet module for OpenStack congress",
+ "license": "Apache-2.0",
+ "source": "git://github.com/openstack/puppet-congress.git",
+ "project_page": "https://launchpad.net/puppet-congress",
+ "issues_url": "https://bugs.launchpad.net/puppet-congress",
+ "description": "Installs and configures OpenStack congress.",
+ "operatingsystem_support": [
+ {
+ "operatingsystem": "Debian",
+ "operatingsystemrelease": ["8"]
+ },
+ {
+ "operatingsystem": "Fedora",
+ "operatingsystemrelease": ["21","22"]
+ },
+ {
+ "operatingsystem": "RedHat",
+ "operatingsystemrelease": ["7"]
+ },
+ {
+ "operatingsystem": "Ubuntu",
+ "operatingsystemrelease": ["14.04"]
+ }
+ ],
+ "dependencies": [
+ { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
+ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.2.0 <5.0.0" },
+ { "name": "stackforge/openstacklib", "version_requirement": ">=5.0.0 <6.0.0" }
+ ]
+}
diff --git a/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb b/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb
new file mode 100644
index 0000000..6370bac
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb
@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+describe 'congress::db::mysql' do
+
+ let :pre_condition do
+ [
+ 'include mysql::server',
+ 'include congress::db::sync'
+ ]
+ end
+
+ let :facts do
+ { :osfamily => 'Debian' }
+ end
+
+ let :params do
+ {
+ 'password' => 'fooboozoo_default_password',
+ }
+ end
+
+ describe 'with only required params' do
+ it { is_expected.to contain_openstacklib__db__mysql('congress').with(
+ 'user' => 'congress',
+ 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206',
+ 'dbname' => 'congress',
+ 'host' => '127.0.0.1',
+ 'charset' => 'utf8',
+ :collate => 'utf8_general_ci',
+ )}
+ end
+
+ describe "overriding allowed_hosts param to array" do
+ let :params do
+ {
+ :password => 'congresspass',
+ :allowed_hosts => ['127.0.0.1','%']
+ }
+ end
+
+ end
+ describe "overriding allowed_hosts param to string" do
+ let :params do
+ {
+ :password => 'congresspass2',
+ :allowed_hosts => '192.168.1.1'
+ }
+ end
+
+ end
+
+ describe "overriding allowed_hosts param equals to host param " do
+ let :params do
+ {
+ :password => 'congresspass2',
+ :allowed_hosts => '127.0.0.1'
+ }
+ end
+
+ end
+
+end
diff --git a/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb b/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb
new file mode 100644
index 0000000..74abbdb
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb
@@ -0,0 +1,58 @@
+require 'spec_helper'
+
+describe 'congress::db::postgresql' do
+
+ let :req_params do
+ { :password => 'pw' }
+ end
+
+ let :pre_condition do
+ 'include postgresql::server'
+ end
+
+ context 'on a RedHat osfamily' do
+ let :facts do
+ {
+ :osfamily => 'RedHat',
+ :operatingsystemrelease => '7.0',
+ :concat_basedir => '/var/lib/puppet/concat'
+ }
+ end
+
+ context 'with only required parameters' do
+ let :params do
+ req_params
+ end
+
+ it { is_expected.to contain_postgresql__server__db('congress').with(
+ :user => 'congress',
+ :password => 'md5c530c33636c58ae83ca933f39319273e'
+ )}
+ end
+
+ end
+
+ context 'on a Debian osfamily' do
+ let :facts do
+ {
+ :operatingsystemrelease => '7.8',
+ :operatingsystem => 'Debian',
+ :osfamily => 'Debian',
+ :concat_basedir => '/var/lib/puppet/concat'
+ }
+ end
+
+ context 'with only required parameters' do
+ let :params do
+ req_params
+ end
+
+ it { is_expected.to contain_postgresql__server__db('congress').with(
+ :user => 'congress',
+ :password => 'md5c530c33636c58ae83ca933f39319273e'
+ )}
+ end
+
+ end
+
+end
diff --git a/components/congress/puppet/spec/classes/congress_db_spec.rb b/components/congress/puppet/spec/classes/congress_db_spec.rb
new file mode 100644
index 0000000..3b84993
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_db_spec.rb
@@ -0,0 +1,78 @@
+require 'spec_helper'
+
+describe 'congress::db' do
+
+ shared_examples 'congress::db' do
+ context 'with default parameters' do
+ it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:secrete@localhost:3306/congress') }
+ it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3600') }
+ it { is_expected.to contain_congress_config('database/min_pool_size').with_value('1') }
+ it { is_expected.to contain_congress_config('database/max_retries').with_value('10') }
+ it { is_expected.to contain_congress_config('database/retry_interval').with_value('10') }
+ it { is_expected.to contain_congress_config('database/max_pool_size').with_value('10') }
+ it { is_expected.to contain_congress_config('database/max_overflow').with_value('20') }
+ end
+
+ context 'with specific parameters' do
+ let :params do
+ { :database_connection => 'mysql://congress:congress@localhost/congress',
+ :database_idle_timeout => '3601',
+ :database_min_pool_size => '2',
+ :database_max_retries => '11',
+ :database_retry_interval => '11',
+ :database_max_pool_size => '11',
+ :database_max_overflow => '21',
+ }
+ end
+
+ it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:congress@localhost/congress') }
+ it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3601') }
+ it { is_expected.to contain_congress_config('database/min_pool_size').with_value('2') }
+ it { is_expected.to contain_congress_config('database/max_retries').with_value('11') }
+ it { is_expected.to contain_congress_config('database/retry_interval').with_value('11') }
+ it { is_expected.to contain_congress_config('database/max_pool_size').with_value('11') }
+ it { is_expected.to contain_congress_config('database/max_overflow').with_value('21') }
+ end
+
+ context 'with postgresql backend' do
+ let :params do
+ { :database_connection => 'postgresql://congress:congress@localhost/congress', }
+ end
+
+ it 'install the proper backend package' do
+ is_expected.to contain_package('python-psycopg2').with(:ensure => 'present')
+ end
+
+ end
+
+ context 'with incorrect database_connection string' do
+ let :params do
+ { :database_connection => 'sqlite://congress:congress@localhost/congress', }
+ end
+
+ it_raises 'a Puppet::Error', /validate_re/
+ end
+ end
+
+ context 'on Debian platforms' do
+ let :facts do
+ { :osfamily => 'Debian',
+ :operatingsystem => 'Debian',
+ :operatingsystemrelease => 'jessie',
+ }
+ end
+
+ it_configures 'congress::db'
+ end
+
+ context 'on Redhat platforms' do
+ let :facts do
+ { :osfamily => 'RedHat',
+ :operatingsystemrelease => '7.1',
+ }
+ end
+
+ it_configures 'congress::db'
+ end
+
+end
diff --git a/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb b/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb
new file mode 100644
index 0000000..3cb7e59
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb
@@ -0,0 +1,123 @@
+#
+# Unit tests for congress::keystone::auth
+#
+
+require 'spec_helper'
+
+describe 'congress::keystone::auth' do
+
+ let :facts do
+ { :osfamily => 'Debian' }
+ end
+
+ describe 'with default class parameters' do
+ let :params do
+ { :password => 'congress_password',
+ :tenant => 'foobar' }
+ end
+
+ it { is_expected.to contain_keystone_user('congress').with(
+ :ensure => 'present',
+ :password => 'congress_password',
+ ) }
+
+ it { is_expected.to contain_keystone_user_role('congress@foobar').with(
+ :ensure => 'present',
+ :roles => ['admin']
+ )}
+
+ it { is_expected.to contain_keystone_service('congress').with(
+ :ensure => 'present',
+ :type => 'FIXME',
+ :description => 'congress FIXME Service'
+ ) }
+
+ it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with(
+ :ensure => 'present',
+ :public_url => 'http://127.0.0.1:FIXME',
+ :admin_url => 'http://127.0.0.1:FIXME',
+ :internal_url => 'http://127.0.0.1:FIXME',
+ ) }
+ end
+
+ describe 'when overriding URL paramaters' do
+ let :params do
+ { :password => 'congress_password',
+ :public_url => 'https://10.10.10.10:80',
+ :internal_url => 'http://10.10.10.11:81',
+ :admin_url => 'http://10.10.10.12:81', }
+ end
+
+ it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with(
+ :ensure => 'present',
+ :public_url => 'https://10.10.10.10:80',
+ :internal_url => 'http://10.10.10.11:81',
+ :admin_url => 'http://10.10.10.12:81',
+ ) }
+ end
+
+ describe 'when overriding auth name' do
+ let :params do
+ { :password => 'foo',
+ :auth_name => 'congressy' }
+ end
+
+ it { is_expected.to contain_keystone_user('congressy') }
+ it { is_expected.to contain_keystone_user_role('congressy@services') }
+ it { is_expected.to contain_keystone_service('congressy') }
+ it { is_expected.to contain_keystone_endpoint('RegionOne/congressy') }
+ end
+
+ describe 'when overriding service name' do
+ let :params do
+ { :service_name => 'congress_service',
+ :auth_name => 'congress',
+ :password => 'congress_password' }
+ end
+
+ it { is_expected.to contain_keystone_user('congress') }
+ it { is_expected.to contain_keystone_user_role('congress@services') }
+ it { is_expected.to contain_keystone_service('congress_service') }
+ it { is_expected.to contain_keystone_endpoint('RegionOne/congress_service') }
+ end
+
+ describe 'when disabling user configuration' do
+
+ let :params do
+ {
+ :password => 'congress_password',
+ :configure_user => false
+ }
+ end
+
+ it { is_expected.not_to contain_keystone_user('congress') }
+ it { is_expected.to contain_keystone_user_role('congress@services') }
+ it { is_expected.to contain_keystone_service('congress').with(
+ :ensure => 'present',
+ :type => 'FIXME',
+ :description => 'congress FIXME Service'
+ ) }
+
+ end
+
+ describe 'when disabling user and user role configuration' do
+
+ let :params do
+ {
+ :password => 'congress_password',
+ :configure_user => false,
+ :configure_user_role => false
+ }
+ end
+
+ it { is_expected.not_to contain_keystone_user('congress') }
+ it { is_expected.not_to contain_keystone_user_role('congress@services') }
+ it { is_expected.to contain_keystone_service('congress').with(
+ :ensure => 'present',
+ :type => 'FIXME',
+ :description => 'congress FIXME Service'
+ ) }
+
+ end
+
+end
diff --git a/components/congress/puppet/spec/classes/congress_logging_spec.rb b/components/congress/puppet/spec/classes/congress_logging_spec.rb
new file mode 100644
index 0000000..0bfb994
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_logging_spec.rb
@@ -0,0 +1,144 @@
+require 'spec_helper'
+
+describe 'congress::logging' do
+
+ let :params do
+ {
+ }
+ end
+
+ let :log_params do
+ {
+ :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s',
+ :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s',
+ :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d',
+ :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s',
+ :log_config_append => '/etc/congress/logging.conf',
+ :publish_errors => true,
+ :default_log_levels => {
+ 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
+ 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO',
+ 'iso8601' => 'WARN',
+ 'requests.packages.urllib3.connectionpool' => 'WARN' },
+ :fatal_deprecations => true,
+ :instance_format => '[instance: %(uuid)s] ',
+ :instance_uuid_format => '[instance: %(uuid)s] ',
+ :log_date_format => '%Y-%m-%d %H:%M:%S',
+ :use_syslog => true,
+ :use_stderr => false,
+ :log_facility => 'LOG_FOO',
+ :log_dir => '/var/log',
+ :verbose => true,
+ :debug => true,
+ }
+ end
+
+ shared_examples_for 'congress-logging' do
+
+ context 'with basic logging options and default settings' do
+ it_configures 'basic default logging settings'
+ end
+
+ context 'with basic logging options and non-default settings' do
+ before { params.merge!( log_params ) }
+ it_configures 'basic non-default logging settings'
+ end
+
+ context 'with extended logging options' do
+ before { params.merge!( log_params ) }
+ it_configures 'logging params set'
+ end
+
+ context 'without extended logging options' do
+ it_configures 'logging params unset'
+ end
+
+ end
+
+ shared_examples 'basic default logging settings' do
+ it 'configures ceilometer logging settins with default values' do
+ is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'false')
+ is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'true')
+ is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_USER')
+ is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log/congress')
+ is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'false')
+ is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'false')
+ end
+ end
+
+ shared_examples 'basic non-default logging settings' do
+ it 'configures ceilometer logging settins with non-default values' do
+ is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'true')
+ is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'false')
+ is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO')
+ is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log')
+ is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'true')
+ is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'true')
+ end
+ end
+
+ shared_examples_for 'logging params set' do
+ it 'enables logging params' do
+ is_expected.to contain_congress_config('DEFAULT/logging_context_format_string').with_value(
+ '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s')
+
+ is_expected.to contain_congress_config('DEFAULT/logging_default_format_string').with_value(
+ '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s')
+
+ is_expected.to contain_congress_config('DEFAULT/logging_debug_format_suffix').with_value(
+ '%(funcName)s %(pathname)s:%(lineno)d')
+
+ is_expected.to contain_congress_config('DEFAULT/logging_exception_prefix').with_value(
+ '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s')
+
+ is_expected.to contain_congress_config('DEFAULT/log_config_append').with_value(
+ '/etc/congress/logging.conf')
+ is_expected.to contain_congress_config('DEFAULT/publish_errors').with_value(
+ true)
+
+ is_expected.to contain_congress_config('DEFAULT/default_log_levels').with_value(
+ 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO')
+
+ is_expected.to contain_congress_config('DEFAULT/fatal_deprecations').with_value(
+ true)
+
+ is_expected.to contain_congress_config('DEFAULT/instance_format').with_value(
+ '[instance: %(uuid)s] ')
+
+ is_expected.to contain_congress_config('DEFAULT/instance_uuid_format').with_value(
+ '[instance: %(uuid)s] ')
+
+ is_expected.to contain_congress_config('DEFAULT/log_date_format').with_value(
+ '%Y-%m-%d %H:%M:%S')
+ end
+ end
+
+
+ shared_examples_for 'logging params unset' do
+ [ :logging_context_format_string, :logging_default_format_string,
+ :logging_debug_format_suffix, :logging_exception_prefix,
+ :log_config_append, :publish_errors,
+ :default_log_levels, :fatal_deprecations,
+ :instance_format, :instance_uuid_format,
+ :log_date_format, ].each { |param|
+ it { is_expected.to contain_congress_config("DEFAULT/#{param}").with_ensure('absent') }
+ }
+ end
+
+ context 'on Debian platforms' do
+ let :facts do
+ { :osfamily => 'Debian' }
+ end
+
+ it_configures 'congress-logging'
+ end
+
+ context 'on RedHat platforms' do
+ let :facts do
+ { :osfamily => 'RedHat' }
+ end
+
+ it_configures 'congress-logging'
+ end
+
+end
diff --git a/components/congress/puppet/spec/classes/congress_policy_spec.rb b/components/congress/puppet/spec/classes/congress_policy_spec.rb
new file mode 100644
index 0000000..d4e08ca
--- /dev/null
+++ b/components/congress/puppet/spec/classes/congress_policy_spec.rb
@@ -0,0 +1,41 @@
+require 'spec_helper'
+
+describe 'congress::policy' do
+
+ shared_examples_for 'congress policies' do
+ let :params do
+ {
+ :policy_path => '/etc/congress/policy.json',
+ :policies => {
+ 'context_is_admin' => {
+ 'key' => 'context_is_admin',
+ 'value' => 'foo:bar'
+ }
+ }
+ }
+ end
+
+ it 'set up the policies' do
+ is_expected.to contain_openstacklib__policy__base('context_is_admin').with({
+ :key => 'context_is_admin',
+ :value => 'foo:bar'
+ })
+ end
+ end
+
+ context 'on Debian platforms' do
+ let :facts do
+ { :osfamily => 'Debian' }
+ end
+
+ it_configures 'congress policies'
+ end
+
+ context 'on RedHat platforms' do
+ let :facts do
+ { :osfamily => 'RedHat' }
+ end
+
+ it_configures 'congress policies'
+ end
+end
diff --git a/components/congress/puppet/spec/shared_examples.rb b/components/congress/puppet/spec/shared_examples.rb
new file mode 100644
index 0000000..fec0eac
--- /dev/null
+++ b/components/congress/puppet/spec/shared_examples.rb
@@ -0,0 +1,5 @@
+shared_examples_for "a Puppet::Error" do |description|
+ it "with message matching #{description.inspect}" do
+ expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description)
+ end
+end
diff --git a/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb b/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb
new file mode 100644
index 0000000..0c4b9fa
--- /dev/null
+++ b/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb
@@ -0,0 +1,68 @@
+#
+# these tests are a little concerning b/c they are hacking around the
+# modulepath, so these tests will not catch issues that may eventually arise
+# related to loading these plugins.
+# I could not, for the life of me, figure out how to programatcally set the modulepath
+$LOAD_PATH.push(
+ File.join(
+ File.dirname(__FILE__),
+ '..',
+ '..',
+ '..',
+ 'fixtures',
+ 'modules',
+ 'inifile',
+ 'lib')
+)
+$LOAD_PATH.push(
+ File.join(
+ File.dirname(__FILE__),
+ '..',
+ '..',
+ '..',
+ 'fixtures',
+ 'modules',
+ 'openstacklib',
+ 'lib')
+)
+require 'spec_helper'
+provider_class = Puppet::Type.type(:congress_config).provider(:ini_setting)
+describe provider_class do
+
+ it 'should default to the default setting when no other one is specified' do
+ resource = Puppet::Type::congress_config.new(
+ {:name => 'DEFAULT/foo', :value => 'bar'}
+ )
+ provider = provider_class.new(resource)
+ expect(provider.section).to eq('DEFAULT')
+ expect(provider.setting).to eq('foo')
+ end
+
+ it 'should allow setting to be set explicitly' do
+ resource = Puppet::Type::congress_config.new(
+ {:name => 'dude/foo', :value => 'bar'}
+ )
+ provider = provider_class.new(resource)
+ expect(provider.section).to eq('dude')
+ expect(provider.setting).to eq('foo')
+ end
+
+ it 'should ensure absent when <SERVICE DEFAULT> is specified as a value' do
+ resource = Puppet::Type::congress_config.new(
+ {:name => 'dude/foo', :value => '<SERVICE DEFAULT>'}
+ )
+ provider = provider_class.new(resource)
+ provider.exists?
+ expect(resource[:ensure]).to eq :absent
+ end
+
+ it 'should ensure absent when value matches ensure_absent_val' do
+ resource = Puppet::Type::congress_config.new(
+ {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' }
+ )
+ provider = provider_class.new(resource)
+ provider.exists?
+ expect(resource[:ensure]).to eq :absent
+ end
+
+end
diff --git a/components/congress/puppet/spec/unit/type/congress_config_spec.rb b/components/congress/puppet/spec/unit/type/congress_config_spec.rb
new file mode 100644
index 0000000..22a70a1
--- /dev/null
+++ b/components/congress/puppet/spec/unit/type/congress_config_spec.rb
@@ -0,0 +1,64 @@
+require 'puppet'
+require 'puppet/type/congress_config'
+describe 'Puppet::Type.type(:congress_config)' do
+ before :each do
+ @congress_config = Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :value => 'bar')
+ end
+
+ it 'should require a name' do
+ expect {
+ Puppet::Type.type(:congress_config).new({})
+ }.to raise_error(Puppet::Error, 'Title or name must be provided')
+ end
+
+ it 'should not expect a name with whitespace' do
+ expect {
+ Puppet::Type.type(:congress_config).new(:name => 'f oo')
+ }.to raise_error(Puppet::Error, /Parameter name failed/)
+ end
+
+ it 'should fail when there is no section' do
+ expect {
+ Puppet::Type.type(:congress_config).new(:name => 'foo')
+ }.to raise_error(Puppet::Error, /Parameter name failed/)
+ end
+
+ it 'should not require a value when ensure is absent' do
+ Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :ensure => :absent)
+ end
+
+ it 'should accept a valid value' do
+ @congress_config[:value] = 'bar'
+ expect(@congress_config[:value]).to eq('bar')
+ end
+
+ it 'should not accept a value with whitespace' do
+ @congress_config[:value] = 'b ar'
+ expect(@congress_config[:value]).to eq('b ar')
+ end
+
+ it 'should accept valid ensure values' do
+ @congress_config[:ensure] = :present
+ expect(@congress_config[:ensure]).to eq(:present)
+ @congress_config[:ensure] = :absent
+ expect(@congress_config[:ensure]).to eq(:absent)
+ end
+
+ it 'should not accept invalid ensure values' do
+ expect {
+ @congress_config[:ensure] = :latest
+ }.to raise_error(Puppet::Error, /Invalid value/)
+ end
+
+ it 'should autorequire the package that install the file' do
+ catalog = Puppet::Resource::Catalog.new
+ package = Puppet::Type.type(:package).new(:name => 'congress-common')
+ catalog.add_resource package, @congress_config
+ dependency = @congress_config.autorequire
+ expect(dependency.size).to eq(1)
+ expect(dependency[0].target).to eq(@congress_config)
+ expect(dependency[0].source).to eq(package)
+ end
+
+
+end
diff --git a/components/congress/puppet/tests/init.pp b/components/congress/puppet/tests/init.pp
new file mode 100644
index 0000000..922b1cb
--- /dev/null
+++ b/components/congress/puppet/tests/init.pp
@@ -0,0 +1,12 @@
+# The baseline for module testing used by Puppet Labs is that each manifest
+# should have a corresponding test manifest that declares that class or defined
+# type.
+#
+# Tests are then run by using puppet apply --noop (to check for compilation
+# errors and view a log of events) or by fully applying the test in a virtual
+# environment (to compare the resulting system state to the desired state).
+#
+# Learn more about module testing here:
+# http://docs.puppetlabs.com/guides/tests_smoke.html
+#
+include ::congress