From 053264927508064e7c832c88b080dec8b85a290e Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: 2022年11月24日 03:00:52 +0900 Subject: [PATCH] cache: Support array value for tls_allowed_ciphers The [oslo_cache] tls_allowed_ciphers option takes a colon-seprated list. This change allows usage of a native array value to set the value so that users can more easily compose up the value without considering the actual value format. Change-Id: I5c295c747a0f19757e3b3c7eaf990b32d7e1af11 --- manifests/cache.pp | 2 +- spec/defines/oslo_cache_spec.rb | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/manifests/cache.pp b/manifests/cache.pp index 54bde2b..5adc10f 100644 --- a/manifests/cache.pp +++ b/manifests/cache.pp @@ -306,7 +306,7 @@ define oslo::cache( 'cache/tls_cafile' => { value => $tls_cafile }, 'cache/tls_certfile' => { value => $tls_certfile }, 'cache/tls_keyfile' => { value => $tls_keyfile }, - 'cache/tls_allowed_ciphers' => { value => $tls_allowed_ciphers }, + 'cache/tls_allowed_ciphers' => { value => join(any2array($tls_allowed_ciphers), ':') }, 'cache/enable_retry_client' => { value => $enable_retry_client }, 'cache/retry_attempts' => { value => $retry_attempts }, 'cache/retry_delay' => { value => $retry_delay }, diff --git a/spec/defines/oslo_cache_spec.rb b/spec/defines/oslo_cache_spec.rb index b3492a3..644658a 100644 --- a/spec/defines/oslo_cache_spec.rb +++ b/spec/defines/oslo_cache_spec.rb @@ -60,10 +60,10 @@ describe 'oslo::cache' do :memcache_pool_unused_timeout => '60', :memcache_pool_connection_get_timeout => '10', :tls_enabled => false, - :tls_cafile => nil, - :tls_certfile => nil, - :tls_keyfile => nil, - :tls_allowed_ciphers => nil, + :tls_cafile => '/path/to/ssl/cafile', + :tls_certfile => '/path/to/ssl/certfile', + :tls_keyfile => '/path/to/ssl/keyfile', + :tls_allowed_ciphers => ['CIPHER_A', 'CIPHER_B'], :enable_retry_client => false, :retry_attempts => 2, :retry_delay => 0, @@ -92,10 +92,10 @@ describe 'oslo::cache' do is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('10') is_expected.to contain_keystone_config('cache/tls_enabled').with_value('false') - is_expected.to contain_keystone_config('cache/tls_cafile').with_value('nil') - is_expected.to contain_keystone_config('cache/tls_certfile').with_value('nil') - is_expected.to contain_keystone_config('cache/tls_keyfile').with_value('nil') - is_expected.to contain_keystone_config('cache/tls_allowed_ciphers').with_value('nil') + is_expected.to contain_keystone_config('cache/tls_cafile').with_value('/path/to/ssl/cafile') + is_expected.to contain_keystone_config('cache/tls_certfile').with_value('/path/to/ssl/certfile') + is_expected.to contain_keystone_config('cache/tls_keyfile').with_value('/path/to/ssl/keyfile') + is_expected.to contain_keystone_config('cache/tls_allowed_ciphers').with_value('CIPHER_A:CIPHER_B') is_expected.to contain_keystone_config('cache/enable_retry_client').with_value('false') is_expected.to contain_keystone_config('cache/retry_attempts').with_value('2') is_expected.to contain_keystone_config('cache/retry_delay').with_value('0')

AltStyle によって変換されたページ (->オリジナル) /