Add Barbican integration
This patch adds Barbican integration to Glance
Change-Id: I879f183ca5f6e7713ebbc5f5fb71702a0219a1d6
Related-PROD: PROD-15205
diff --git a/.kitchen.yml b/.kitchen.yml
index f10eeff..5524d0d 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -58,6 +58,11 @@
pillars-from-files:
glance.sls: tests/pillar/single_ceph.sls
+ - name: single_barbican
+ provisioner:
+ pillars-from-files:
+ glance.sls: tests/pillar/single_barbican.sls
+
- name: single
provisioner:
pillars-from-files:
diff --git a/.travis.yml b/.travis.yml
index e70bb99..8721b7f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -21,6 +21,8 @@
- PLATFORM=trevorj/salty-whales:xenial SUITE=cluster
- PLATFORM=trevorj/salty-whales:trusty SUITE=single_ceph
- PLATFORM=trevorj/salty-whales:xenial SUITE=single_ceph
+ - PLATFORM=trevorj/salty-whales:trusty SUITE=single_barbican
+ - PLATFORM=trevorj/salty-whales:xenial SUITE=single_barbican
- PLATFORM=trevorj/salty-whales:trusty SUITE=single
- PLATFORM=trevorj/salty-whales:xenial SUITE=single
diff --git a/README.rst b/README.rst
index af03680..02da35d 100644
--- a/README.rst
+++ b/README.rst
@@ -56,6 +56,8 @@
enabled: false
api_limit_max: 100
limit_param_default: 50
+ barbican:
+ enabled: true
The pagination is controlled by the *api_limit_max* and *limit_param_default*
parameters as shown above:
@@ -285,6 +287,17 @@
benefit from rbd enhancements.
+Barbican integration glance
+---------------------------
+
+.. code-block:: yaml
+
+ glance:
+ server:
+ barbican:
+ enabled: true
+
+
Client role
-----------
diff --git a/glance/files/ocata/glance-api.conf.Debian b/glance/files/ocata/glance-api.conf.Debian
index 96cf507..c2533c3 100644
--- a/glance/files/ocata/glance-api.conf.Debian
+++ b/glance/files/ocata/glance-api.conf.Debian
@@ -4517,3 +4517,7 @@
# (string value)
# Allowed values: qcow2, raw, vmdk
#conversion_format = raw
+{%- if server.get('barbican', {}).get('enabled', False) %}
+[barbican]
+auth_endpoint = {{ server.identity.get('protocol', 'http') }}://{{ server.identity.get('host', 'localhost') }}:{{ server.identity.get('port', '5000') }}/v3
+{%- endif %}
diff --git a/tests/pillar/single_barbican.sls b/tests/pillar/single_barbican.sls
new file mode 100644
index 0000000..a54ce12
--- /dev/null
+++ b/tests/pillar/single_barbican.sls
@@ -0,0 +1,41 @@
+glance:
+ server:
+ enabled: true
+ version: ocata
+ workers: 1
+ database:
+ engine: mysql
+ host: localhost
+ port: 3306
+ name: glance
+ user: glance
+ password: password
+ registry:
+ host: 127.0.0.1
+ port: 9191
+ bind:
+ address: 127.0.0.1
+ port: 9292
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ port: 35357
+ user: glance
+ password: password
+ region: RegionOne
+ tenant: service
+ endpoint_type: internalURL
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ storage:
+ engine: file
+ policy:
+ publicize_image: "role:admin"
+ add_member:
+ barbican:
+ enabled: true