1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134
|
require 'puppet'
require 'puppet/provider/openstack'
class Puppet::Provider::Openstack::Credentials
KEYS = [
:auth_url, :password, :project_name, :username,
:token, :endpoint, :url,
:identity_api_version,
:region_name,
:interface
]
KEYS.each { |var| attr_accessor var }
def self.defined?(name)
KEYS.include?(name.to_sym)
end
def set(key, val)
if self.class.defined?(key.to_sym)
self.instance_variable_set("@#{key}".to_sym, val)
end
end
def set?
return true if user_password_set? || service_token_set?
end
def service_token_set?
return true if (@token && @endpoint) || (@token && @url)
end
def to_env
env = {}
self.instance_variables.each do |var|
name = var.to_s.sub(/^@/,'OS_').upcase
value = self.instance_variable_get(var)
unless value.nil?
env.merge!(name => value)
end
end
env
end
def scope_set?
@project_name
end
def scope
if @project_name
return 'project'
else
# When only service token is used, there is not way to determine
# the scope unless we inspect the token using keystone API call.
return nil
end
end
def user_password_set?
return true if @username && @password && @project_name && @auth_url
end
def unset
self.instance_variables.each do |var|
if var.to_s != '@identity_api_version' &&
self.instance_variable_defined?(var.to_s)
set(var.to_s.sub(/^@/,''), nil)
end
end
end
def version
self.class.to_s.sub(/.*V/,'').sub('_','.')
end
end
class Puppet::Provider::Openstack::CredentialsV3 < Puppet::Provider::Openstack::Credentials
KEYS = [
:cacert,
:cert,
:default_domain,
:domain_id,
:domain_name,
:key,
:project_domain_id,
:project_domain_name,
:project_id,
:system_scope,
:trust_id,
:user_domain_id,
:user_domain_name,
:user_id,
:cloud,
:client_config_file,
]
KEYS.each { |var| attr_accessor var }
def self.defined?(name)
KEYS.include?(name.to_sym) || super
end
def user_set?
@username || @user_id
end
def scope_set?
@system_scope || @domain_name || @domain_id || @project_name || @project_id
end
def scope
if @project_name || @project_id
return 'project'
elsif @domain_name || @domain_id
return 'domain'
elsif @system_scope
return 'system'
else
# When clouds.yaml is used, parameters are not directly passed to puppet
# so the scope can't be detected.
return nil
end
end
def user_password_set?
return true if (user_set? && @password && scope_set? && @auth_url) || @cloud
end
def initialize
set(:identity_api_version, version)
end
end
|