Fix formatting of per-pool osd permissions
osd permissions need to be provided per pool, comma delimited. Update to ensure that correct syntax is used when applying permissions to keys. Change-Id: I0aa9b0c79c0ff8ca9f61f7bf138c42c510fe3318
This commit is contained in:
parent
b8307fd037
commit
187fb76bff
|
@ -218,7 +218,7 @@ def add_pool_to_group(pool, group, namespace=None):
|
|||
|
||||
def pool_permission_list_for_service(service):
|
||||
"""Build the permission string for Ceph for a given service"""
|
||||
permissions = ""
|
||||
permissions = []
|
||||
permission_types = {}
|
||||
for permission, group in service["group_names"].items():
|
||||
if permission not in permission_types:
|
||||
|
@ -226,12 +226,11 @@ def pool_permission_list_for_service(service):
|
|||
for item in group:
|
||||
permission_types[permission].append(item)
|
||||
for permission, groups in permission_types.items():
|
||||
permission = " allow {}".format(permission)
|
||||
permission = "allow {}".format(permission)
|
||||
for group in groups:
|
||||
for pool in service['groups'][group]['pools']:
|
||||
permission = "{} pool={}".format(permission, pool)
|
||||
permissions += permission
|
||||
return ["mon", "allow r", "osd", permissions.strip()]
|
||||
permissions.append("{} pool={}".format(permission, pool))
|
||||
return ["mon", "allow r", "osd", ', '.join(permissions)]
|
||||
|
||||
|
||||
def get_service_groups(service, namespace=None):
|
||||
|
|
|
@ -64,9 +64,10 @@ class CephBrokerTestCase(unittest.TestCase):
|
|||
service='admin',
|
||||
value=json.dumps({"pools": ["glance", "cinder"],
|
||||
"services": ["nova"]}))
|
||||
_check_call.assert_called_with(['ceph', 'auth', 'caps',
|
||||
'client.nova', 'mon', 'allow r', 'osd',
|
||||
'allow rwx pool=glance pool=cinder'])
|
||||
_check_call.assert_called_with([
|
||||
'ceph', 'auth', 'caps',
|
||||
'client.nova', 'mon', 'allow r', 'osd',
|
||||
'allow rwx pool=glance, allow rwx pool=cinder'])
|
||||
|
||||
@mock.patch('ceph_broker.monitor_key_set')
|
||||
@mock.patch('ceph_broker.monitor_key_get')
|
||||
|
|
Loading…
Reference in New Issue