Send credentials as environment variables to subprocess

send credenetials to fuel-client subprocess as env keyword args. Change-Id: I4ab0bb75b939851f19de9b8069bd98cc42164d08 Related-bug: 1557563
2016-03-16 13:06:27 +03:00 · 2016-03-16 13:06:27 +03:00 · 5ab00f5a88
parent 3e31746290
commit 5ab00f5a88
5 changed files with 33 additions and 33 deletions
--- a/octane/handlers/backup_restore/init.py
+++ b/octane/handlers/backup_restore/init.py
@ -10,6 +10,8 @@
 # License for the specific language governing permissions and limitations
 # under the License.

+import os
+
 from octane.handlers.backup_restore import astute
 from octane.handlers.backup_restore import cobbler
 from octane.handlers.backup_restore import fuel_keys
@ -50,3 +52,9 @@ class NailgunCredentialsContext(object):
    def __init__(self, user, password):
        self.user = user
        self.password = password
+
+    def get_credentials_env(self):
+        env = os.environ.copy()
+        env["OS_USERNAME"] = self.user
+        env["OS_PASSWORD"] = self.password
+        return env
--- a/octane/handlers/backup_restore/nailgun_plugins.py
+++ b/octane/handlers/backup_restore/nailgun_plugins.py
@ -32,12 +32,6 @@ class NailgunPluginsArchivator(base.PathArchivator):
    def restore(self):
        super(NailgunPluginsArchivator, self).restore()
        if os.path.exists(self.path):
-            subprocess.call([
-                "fuel",
-                "plugins",
-                "--sync",
-                "--user",
-                self.context.user,
-                "--password",
-                self.context.password
-            ])
+            subprocess.call(
+                ["fuel", "plugins", "--sync"],
+                env=self.context.get_credentials_env())
--- a/octane/handlers/backup_restore/postgres.py
+++ b/octane/handlers/backup_restore/postgres.py
@ -110,17 +110,15 @@ class NailgunArchivator(PostgresArchivator):
                release,
                self.context.user,
                self.context.password)
-        subprocess.call([
-            "fuel",
-            "release",
-            "--sync-deployment-tasks",
-            "--dir",
-            "/etc/puppet/",
-            "--user",
-            self.context.user,
-            "--password",
-            self.context.password
-        ])
+        subprocess.call(
+            [
+                "fuel",
+                "release",
+                "--sync-deployment-tasks",
+                "--dir",
+                "/etc/puppet/",
+            ],
+            env=self.context.get_credentials_env())
        sql_run_prams = [
            "sudo", "-u", "postgres", "psql", "nailgun", "--tuples-only", "-c"]
        results, _ = docker.run_in_container(
--- a/octane/handlers/backup_restore/ssh.py
+++ b/octane/handlers/backup_restore/ssh.py
@ -20,4 +20,6 @@ class SshArchivator(base.PathArchivator):

    def restore(self):
        super(SshArchivator, self).restore()
-        subprocess.call(["fuel-bootstrap", "build", "--activate"])
+        subprocess.call(
+            ["fuel-bootstrap", "build", "--activate"],
+            env=self.context.get_credentials_env())
--- a/octane/tests/test_archivators_restore.py
+++ b/octane/tests/test_archivators_restore.py
@ -140,12 +140,16 @@ def test_path_restore(mocker, cls, path, members):
    subprocess_mock = mocker.patch("octane.util.subprocess.call")
    members = [TestMember(n, f, e) for n, f, e in members]
    archive = TestArchive(members, cls)
-    cls(archive).restore()
+    mocker.patch("os.environ", new_callable=mock.PropertyMock(return_value={}))
+    cls(
+        archive, backup_restore.NailgunCredentialsContext('user', 'password')
+    ).restore()
    for member in members:
        member.assert_extract(path)
    if cls is ssh.SshArchivator:
        subprocess_mock.assert_called_once_with(
-            ["fuel-bootstrap", "build", "--activate"])
+            ["fuel-bootstrap", "build", "--activate"],
+            env={'OS_PASSWORD': 'password', 'OS_USERNAME': 'user'})
    else:
        assert not subprocess_mock.called

@ -489,6 +493,7 @@ def test_post_restore_nailgun(mocker, mock_open, dump, calls, data_for_update):

    mocker.patch.object(keystoneclient, "__init__", mock_init)
    post_data = mocker.patch("requests.post")
+    mocker.patch("os.environ", new_callable=mock.PropertyMock(return_value={}))
    postgres.NailgunArchivator(
        None,
        backup_restore.NailgunCredentialsContext(
@ -506,16 +511,9 @@ def test_post_restore_nailgun(mocker, mock_open, dump, calls, data_for_update):
    json_mock.assert_has_calls([mock.call(d) for d in calls], any_order=True)
    assert json_mock.call_count == 3
    mock_subprocess_call.assert_called_once_with([
-        "fuel",
-        "release",
-        "--sync-deployment-tasks",
-        "--dir",
-        "/etc/puppet/",
-        "--user",
-        "admin",
-        "--password",
-        "password",
-    ])
+        "fuel", "release", "--sync-deployment-tasks", "--dir", "/etc/puppet/"],
+        env={'OS_PASSWORD': 'password', 'OS_USERNAME': 'admin'}
+    )

    run_in_container_mock.assert_called_with(
        "postgres",