ceph keyring: manage group via virtual resource

Manage the group membership with a Puppet Virtual Resource.

Bug #402

manifests/compute/hypervisor.pp

@@ -150,9 +150,9 @@ Host *
       ensure => 'present'
     })
 
-    exec {'add-nova-to-group':
-      command => 'usermod -a -G cephkeyring nova'
-    }
+    @user { 'nova': groups => 'cephkeyring' }
+    User <| title == nvoa |>
+    realize User[nova]
 
     ensure_resource('file', "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
       owner   => 'root',

manifests/volume/backend/rbd.pp

@@ -80,9 +80,9 @@ define cloud::volume::backend::rbd (
     ensure => 'present'
   })
 
-  exec {'add-cinder-to-group':
-    command => 'usermod -a -G cephkeyring cinder'
-  }
+  @user { 'cinder': groups => 'cephkeyring' }
+  User <| title == cinder |>
+  realize User[cinder]
 
   ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
     owner   => 'root',

spec/classes/cloud_compute_hypervisor_spec.rb

@@ -240,7 +240,6 @@ describe 'cloud::compute::hypervisor' do
       should contain_nova_config('DEFAULT/rbd_user').with('value' => 'cinder')
       should contain_nova_config('DEFAULT/rbd_secret_uuid').with('value' => 'secrete')
       should contain_group('cephkeyring').with(:ensure => 'present')
-      should contain_exec('add-nova-to-group').with(:command => 'usermod -a -G cephkeyring nova')
     end
 
     it 'configure nova-compute with extra parameters' do

spec/classes/cloud_volume_storage_spec.rb

@@ -107,7 +107,6 @@ describe 'cloud::volume::storage' do
           :os_auth_url    => 'http://keystone.host:5000/v2.0'
         )
         should contain_group('cephkeyring').with(:ensure => 'present')
-        should contain_exec('add-cinder-to-group').with(:command => 'usermod -a -G cephkeyring cinder')
       end
     end