From 698856b383a3ee7a9e980e1b2753a7e580ef6674 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tomasz=20Tr=C4=99bski?= <tomasz.trebski@ts.fujitsu.com>
Date: Mon, 22 Aug 2016 08:37:41 +0200
Subject: [PATCH] Use database password from variable

There is a variable that tells what is the database (mysql)
password. However plugin.sh is using a hardcoded password.
Commits provides using DATABASE_PASSWORD variable (the same
one as devstack is using) + defines a variable for m-transform
user - MONASCA_TRANSFORM_DB_PASSWORD

Change-Id: I9fc8296ef31b22564f2cf1536e51ab3abc8c9dc9
---
 devstack/README.md                            |  4 ++++
 .../monasca-transform_mysql.sql               |  3 ---
 devstack/plugin.sh                            | 24 ++++++++++++-------
 tools/vagrant/local.conf                      | 15 +++++++-----
 4 files changed, 29 insertions(+), 17 deletions(-)

diff --git a/devstack/README.md b/devstack/README.md
index d16d099..f91d4b9 100644
--- a/devstack/README.md
+++ b/devstack/README.md
@@ -4,6 +4,10 @@ The Monasca-transform DevStack plugin is tested only on Ubuntu 14.04 (Trusty).
 
 A short cut to running monasca-transform in devstack is implemented with vagrant.
 
+## Variables
+* DATABASE_PASSWORD(default: *secretmysql*) - password to upload monasca-transform schema
+* MONASCA_TRANSFORM_DB_PASSWORD(default: *password*) - password for m-transform user
+
 ## To run monasca-transform using the provided vagrant environment
 
 ### Using any changes made locally to monasca-transform
diff --git a/devstack/files/monasca-transform/monasca-transform_mysql.sql b/devstack/files/monasca-transform/monasca-transform_mysql.sql
index 6be5e43..f45773a 100644
--- a/devstack/files/monasca-transform/monasca-transform_mysql.sql
+++ b/devstack/files/monasca-transform/monasca-transform_mysql.sql
@@ -28,6 +28,3 @@ CREATE TABLE IF NOT EXISTS `pre_transform_specs` (
   `pre_transform_spec` varchar(2048) NOT NULL,
   PRIMARY KEY (`event_type`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
-
-GRANT ALL ON monasca_transform.* TO 'm-transform'@'%' IDENTIFIED BY 'password';
-GRANT ALL ON monasca_transform.* TO 'm-transform'@'localhost' IDENTIFIED BY 'password';
\ No newline at end of file
diff --git a/devstack/plugin.sh b/devstack/plugin.sh
index f2a3195..391d2b8 100755
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@@ -1,4 +1,4 @@
-#
+
 # (C) Copyright 2015 Hewlett Packard Enterprise Development Company LP
 # Copyright 2016 FUJITSU LIMITED
 #
@@ -44,6 +44,9 @@ set -o xtrace
 ERREXIT=$(set +o | grep errexit)
 set -o errexit
 
+# monasca-transform database password
+export MONASCA_TRANSFORM_DB_PASSWORD=${MONASCA_TRANSFORM_DB_PASSWORD:-"password"}
+
 # Determine if we are running in devstack-gate or devstack.
 if [[ $DEST ]]; then
 
@@ -116,9 +119,7 @@ function delete_monasca_transform_files {
 }
 
 function drop_monasca_transform_database {
-    # must login as root@localhost
-    sudo mysql -h "127.0.0.1" -uroot -psecretmysql < "drop database monasca_transform; drop user 'm-transform'@'%' from mysql.user; drop user 'm-transform'@'localhost' from mysql.user;"  || echo "Failed to drop database 'monasca_transform' and/or user 'm-transform' from mysql database, you may wish to do this manually."
-
+    sudo mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST -e "drop database monasca_transform; drop user 'm-transform'@'%' from mysql.user; drop user 'm-transform'@'localhost' from mysql.user;"  || echo "Failed to drop database 'monasca_transform' and/or user 'm-transform' from mysql database, you may wish to do this manually."
 }
 
 function unstack_spark {
@@ -293,7 +294,6 @@ function copy_monasca_transform_files {
 
     sudo cp -f "${MONASCA_TRANSFORM_BASE}"/monasca-transform/devstack/files/monasca-transform/service_runner.py /opt/monasca/transform/lib/.
     sudo cp -f "${MONASCA_TRANSFORM_BASE}"/monasca-transform/devstack/files/monasca-transform/monasca-transform.conf /etc/.
-    sudo  sudo sed -i "s/brokers=192\.168\.15\.6:9092/brokers=${SERVICE_HOST}:9092/g" /etc/monasca-transform.conf
     sudo cp -f "${MONASCA_TRANSFORM_BASE}"/monasca-transform/devstack/files/monasca-transform/driver.py /opt/monasca/transform/lib/.
     ${MONASCA_TRANSFORM_BASE}/monasca-transform/scripts/create_zip.sh
     sudo cp -f "${MONASCA_TRANSFORM_BASE}"/monasca-transform/scripts/monasca-transform.zip /opt/monasca/transform/lib/.
@@ -304,6 +304,10 @@ function copy_monasca_transform_files {
     sudo chown -R monasca-transform:monasca-transform /opt/monasca/transform
     sudo touch /var/log/monasca/transform/monasca-transform.log
     sudo chown monasca-transform:monasca-transform /var/log/monasca/transform/monasca-transform.log
+
+    # set passwords and other variables in configuration files
+    sudo sudo sed -i "s/brokers=192\.168\.15\.6:9092/brokers=${SERVICE_HOST}:9092/g" /etc/monasca-transform.conf
+    sudo sudo sed -i "s/password\s=\spassword/password = ${MONASCA_TRANSFORM_DB_PASSWORD}/g" /etc/monasca-transform.conf
 }
 
 function create_monasca_transform_venv {
@@ -319,11 +323,15 @@ function create_monasca_transform_venv {
 
 function create_and_populate_monasca_transform_database {
     # must login as root@localhost
-    sudo mysql -h "127.0.0.1" -uroot -psecretmysql < /opt/monasca/transform/lib/monasca-transform_mysql.sql || echo "Did the schema change? This process will fail on schema changes."
+    sudo mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST < /opt/monasca/transform/lib/monasca-transform_mysql.sql || echo "Did the schema change? This process will fail on schema changes."
 
-    sudo mysql -h "127.0.0.1" -um-transform -ppassword < /opt/monasca/transform/lib/pre_transform_specs.sql
-    sudo mysql -h "127.0.0.1" -um-transform -ppassword <  /opt/monasca/transform/lib/transform_specs.sql
+    # set grants for m-transform user (needs to be done from localhost)
+    sudo mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST -e "GRANT ALL ON monasca_transform.* TO 'm-transform'@'%' IDENTIFIED BY '${MONASCA_TRANSFORM_DB_PASSWORD}';"
+    sudo mysql -u$DATABASE_USER -p$DATABASE_PASSWORD -h$MYSQL_HOST -e "GRANT ALL ON monasca_transform.* TO 'm-transform'@'localhost' IDENTIFIED BY '${MONASCA_TRANSFORM_DB_PASSWORD}';"
 
+    # copy rest of files after grants are ready
+    sudo mysql -um-transform -p$MONASCA_TRANSFORM_DB_PASSWORD -h$MYSQL_HOST < /opt/monasca/transform/lib/pre_transform_specs.sql
+    sudo mysql -um-transform -p$MONASCA_TRANSFORM_DB_PASSWORD -h$MYSQL_HOST <  /opt/monasca/transform/lib/transform_specs.sql
 }
 
 function install_spark {
diff --git a/tools/vagrant/local.conf b/tools/vagrant/local.conf
index e8c44f0..67919a6 100644
--- a/tools/vagrant/local.conf
+++ b/tools/vagrant/local.conf
@@ -30,12 +30,15 @@ MONASCA_METRICS_DB=${MONASCA_METRICS_DB:-influxdb}
 
 # This line will enable all of Monasca.
 enable_plugin monasca-api /home/vagrant/monasca-api
-# using the above, patched monasca-api we can disable some unnecessary services
+# the following may be disabled to leave monasca transform still functional
 #disable_service monasca-persister
-disable_service monasca-thresh
-disable_service monasca-notification
-disable_service horizon
-disable_service tempest
-disable_service cinder
+#disable_service monasca-thresh
+#disable_service monasca-notification
+#disable_service horizon
+#disable_service tempest
+#disable_service cinder
 enable_plugin monasca-transform /home/vagrant/monasca-transform
+# the following must be disabled as the test does not work at this point
+# see Bug #1636508
+disable_service monasca-smoke-test
 # END DEVSTACK LOCAL.CONF CONTENTS