identity: flush tokens every days at midnight

Install a crontab to flush expired keystone tokens every days at
midnight.
The reason is that we are using MySQL backend for token storage and when
having a big deployment, Database could grow faster than we expect.

While we find another backend for Keystone which scale, let's create a
crontab which will avoid a lot of issues in production :-)

.fixtures.yml

@@ -5,7 +5,7 @@ fixtures:
       ref: '6e052620481055cffced7911a0f31bfd0849c68a'
     'keystone':
       repo: 'git://github.com/enovance/puppet-keystone.git'
-      ref: '77dbc80de15b5ef02a5e89c8ef040e70df576a1d'
+      ref: '6aa7a17941056a7de2a7bdeeb99024b5c714f882'
     'nova':
       repo: 'git://github.com/enovance/puppet-nova.git'
       ref: '0249428f294217c2ad5fb75f8d0a0bafac12fe9c'

Puppetfile

@@ -34,7 +34,7 @@ mod 'horizon',
   :ref => '36383e90d1c4013d7989561b00ffcb08c76908de'
 mod 'keystone',
   :git => 'git://github.com/enovance/puppet-keystone.git',
-  :ref => '77dbc80de15b5ef02a5e89c8ef040e70df576a1d'
+  :ref => '6aa7a17941056a7de2a7bdeeb99024b5c714f882'
 mod 'neutron',
   :git => 'git://github.com/enovance/puppet-neutron.git',
   :ref => '66c436bc2f06c5a71d79c674697394a11ec227f9'

manifests/identity.pp

@@ -541,6 +541,9 @@ class cloud::identity (
     password         => $ks_heat_password
   }
 
+  # Purge expored tokens every days at midnight
+  class { 'keystone::cron::token_flush': }
+
   # Note(EmilienM):
   # We check if DB tables are created, if not we populate Keystone DB.
   # It's a hack to fit with our setup where we run MySQL/Galera

spec/classes/cloud_identity_spec.rb

@@ -260,6 +260,10 @@ describe 'cloud::identity' do
       )
     end
 
+    it 'configure a crontab to purge tokens every days at midnight' do
+      should contain_class('keystone::cron::token_flush')
+    end
+
     context 'without syslog' do
       before :each do
         params.merge!(:use_syslog => false)