From 86ed6dd398ab11e7d541802952cb51ed000f3f05 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Mon, 21 Feb 2022 01:30:59 +0900
Subject: [PATCH] Avoid hard-coding OS user/group in each manifest

and replace hard-codes by definition in params.pp .

Change-Id: I423c8e1f773eb9d5e7c5bbf368fd252b7da891bb
---
 manifests/db/sync.pp     | 3 ++-
 manifests/params.pp      | 1 +
 manifests/worker.pp      | 6 +++---
 manifests/wsgi/apache.pp | 4 ++--
 4 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/manifests/db/sync.pp b/manifests/db/sync.pp
index 0687a133..a60bdbfb 100644
--- a/manifests/db/sync.pp
+++ b/manifests/db/sync.pp
@@ -18,11 +18,12 @@ class octavia::db::sync(
 ) {
 
   include octavia::deps
+  include octavia::params
 
   exec { 'octavia-db-sync':
     command     => "octavia-db-manage upgrade head ${extra_params}",
     path        => '/usr/bin',
-    user        => 'octavia',
+    user        => $::octavia::params::user,
     refreshonly => true,
     try_sleep   => 5,
     tries       => 10,
diff --git a/manifests/params.pp b/manifests/params.pp
index 62b6607e..f05db802 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -9,6 +9,7 @@ class octavia::params {
   $housekeeping_service_name   = 'octavia-housekeeping'
   $client_package_name         = 'python3-octaviaclient'
   $ovn_provider_package_name   = 'python3-ovn-octavia-provider'
+  $user                        = 'octavia'
   $group                       = 'octavia'
 
   case $::osfamily {
diff --git a/manifests/worker.pp b/manifests/worker.pp
index b04e8166..e9e3afec 100644
--- a/manifests/worker.pp
+++ b/manifests/worker.pp
@@ -130,12 +130,12 @@ class octavia::worker (
       ensure => directory,
       path   => $key_path,
       mode   => '0700',
-      group  => 'octavia',
-      owner  => 'octavia'
+      group  => $::octavia::params::group,
+      owner  => $::octavia::params::user
     }
 
     ssh_keygen { $::octavia::controller::amp_ssh_key_name:
-      user     => 'octavia',
+      user     => $::octavia::params::user,
       type     => 'rsa',
       bits     => 2048,
       filename => "${key_path}/${::octavia::controller::amp_ssh_key_name}",
diff --git a/manifests/wsgi/apache.pp b/manifests/wsgi/apache.pp
index 1686dbc9..5dea4c73 100644
--- a/manifests/wsgi/apache.pp
+++ b/manifests/wsgi/apache.pp
@@ -138,7 +138,7 @@ class octavia::wsgi::apache (
   ::openstacklib::wsgi::apache { 'octavia_wsgi':
     bind_host                   => $bind_host,
     bind_port                   => $port,
-    group                       => 'octavia',
+    group                       => $::octavia::params::group,
     path                        => $path,
     priority                    => $priority,
     servername                  => $servername,
@@ -151,7 +151,7 @@ class octavia::wsgi::apache (
     ssl_crl_path                => $ssl_crl_path,
     ssl_key                     => $ssl_key,
     threads                     => $threads,
-    user                        => 'octavia',
+    user                        => $::octavia::params::user,
     vhost_custom_fragment       => $vhost_custom_fragment,
     workers                     => $workers,
     wsgi_daemon_process         => 'octavia',