diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp index 66ac013..7e4c10b 100644 --- a/manifests/keystone/auth.pp +++ b/manifests/keystone/auth.pp @@ -51,11 +51,15 @@ # [*service_description*] # (optional) Description for keystone service. # Defaults to 'Openstack workflow Service'. - +# # [*configure_user_role*] # (optional) Whether to configure the admin role for the service user. # Defaults to true # +# [*roles*] +# (optional) Roles to give the service user. +# Defaults to undef +# class zaqar::keystone::auth( $password, $email = 'zaqar@localhost', @@ -72,6 +76,7 @@ class zaqar::keystone::auth( $configure_user = true, $configure_user_role = true, $service_description = 'Openstack messaging Service', + $roles = undef, ) { include ::zaqar::deps @@ -93,5 +98,6 @@ class zaqar::keystone::auth( public_url => $public_url, admin_url => $admin_url, internal_url => $internal_url, + roles => $roles, } } diff --git a/releasenotes/notes/keystone_roles-a4c663156355bb51.yaml b/releasenotes/notes/keystone_roles-a4c663156355bb51.yaml new file mode 100644 index 0000000..3ffcb0a --- /dev/null +++ b/releasenotes/notes/keystone_roles-a4c663156355bb51.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + Allow configuration of Zaqar keystone roles, to be able to use as a Swift + user when the backend is configured. diff --git a/spec/classes/zaqar_keystone_auth_spec.rb b/spec/classes/zaqar_keystone_auth_spec.rb index 7a53e94..4b06d94 100644 --- a/spec/classes/zaqar_keystone_auth_spec.rb +++ b/spec/classes/zaqar_keystone_auth_spec.rb @@ -115,6 +115,18 @@ describe 'zaqar::keystone::auth' do ) } end + + describe 'when setting roles' do + let :params do + { :password => 'zaqar_password', + :roles => ['admin', 'ResellerAdmin'] } + end + + it { is_expected.to contain_keystone_user_role('zaqar@services').with( + :ensure => 'present', + :roles => ['admin', 'ResellerAdmin'] + )} + end end on_supported_os({