config options: centralize section: "crypto"

The config options of the "nova.conf" section "crypto" got moved to the new central location "nova/conf/crypto.py" Change-Id: Ia5e970694d384ef39a6050efb5db2f61e6f4205b Implements: blueprint centralize-config-options-newton
2016-01-29 15:01:50 +08:00 · 2016-01-29 15:01:50 +08:00 · ac0fee5d6b
parent 607eb88b08
commit ac0fee5d6b
7 changed files with 74 additions and 46 deletions
--- a/nova/api/openstack/compute/cloudpipe.py
+++ b/nova/api/openstack/compute/cloudpipe.py
@ -14,7 +14,6 @@

 """Connect your vlan to the world."""

-from oslo_config import cfg
 from oslo_utils import fileutils
 from webob import exc

@ -26,14 +25,14 @@ from nova.cloudpipe import pipelib
 from nova import compute
 from nova.compute import utils as compute_utils
 from nova.compute import vm_states
+import nova.conf
 from nova import exception
 from nova.i18n import _
 from nova import network
 from nova import objects
 from nova import utils

-CONF = cfg.CONF
-CONF.import_opt('keys_path', 'nova.crypto')
+CONF = nova.conf.CONF

 ALIAS = 'os-cloudpipe'
 authorize = extensions.os_compute_authorizer(ALIAS)
--- a/nova/api/openstack/compute/legacy_v2/contrib/cloudpipe.py
+++ b/nova/api/openstack/compute/legacy_v2/contrib/cloudpipe.py
@ -14,7 +14,6 @@

 """Connect your vlan to the world."""

-from oslo_config import cfg
 from oslo_utils import fileutils
 from webob import exc

@ -23,13 +22,13 @@ from nova.cloudpipe import pipelib
 from nova import compute
 from nova.compute import utils as compute_utils
 from nova.compute import vm_states
+import nova.conf
 from nova import exception
 from nova.i18n import _
 from nova import network
 from nova import utils

-CONF = cfg.CONF
-CONF.import_opt('keys_path', 'nova.crypto')
+CONF = nova.conf.CONF

 authorize = extensions.extension_authorizer('compute', 'cloudpipe')

--- a/nova/cloudpipe/pipelib.py
+++ b/nova/cloudpipe/pipelib.py
@ -37,7 +37,6 @@ from nova import utils


 CONF = nova.conf.CONF
-CONF.import_opt('keys_path', 'nova.crypto')

 LOG = logging.getLogger(__name__)

--- a/nova/conf/init.py
+++ b/nova/conf/init.py
@ -36,7 +36,7 @@ from nova.conf import conductor
 from nova.conf import consoleauth
 # from nova.conf import cors
 # from nova.conf import cors.subdomain
-# from nova.conf import crypto
+from nova.conf import crypto
 # from nova.conf import database
 # from nova.conf import disk
 from nova.conf import ephemeral_storage
@ -99,7 +99,7 @@ conductor.register_opts(CONF)
 consoleauth.register_opts(CONF)
 # cors.register_opts(CONF)
 # cors.subdomain.register_opts(CONF)
-# crypto.register_opts(CONF)
+crypto.register_opts(CONF)
 # database.register_opts(CONF)
 # disk.register_opts(CONF)
 ephemeral_storage.register_opts(CONF)
--- a/nova/conf/crypto.py
+++ b/nova/conf/crypto.py
@ -0,0 +1,66 @@
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import os
+
+from oslo_config import cfg
+
+from nova.i18n import _
+from nova import paths
+
+crypto_opts = [
+    cfg.StrOpt(
+        'ca_file',
+        default='cacert.pem',
+        help=_('Filename of root CA')),
+    cfg.StrOpt(
+        'key_file',
+        default=os.path.join('private', 'cakey.pem'),
+        help=_('Filename of private key')),
+    cfg.StrOpt(
+        'crl_file',
+        default='crl.pem',
+        help=_('Filename of root Certificate Revocation List')),
+    cfg.StrOpt(
+        'keys_path',
+        default=paths.state_path_def('keys'),
+        help=_('Where we keep our keys')),
+    cfg.StrOpt(
+        'ca_path',
+        default=paths.state_path_def('CA'),
+        help=_('Where we keep our root CA')),
+    cfg.BoolOpt(
+        'use_project_ca',
+        default=False,
+        help=_('Should we use a CA for each project?')),
+    cfg.StrOpt(
+        'user_cert_subject',
+        default='/C=US/ST=California/O=OpenStack/'
+                'OU=NovaDev/CN=%.16s-%.16s-%s',
+        help=_('Subject for certificate for users, %s for '
+               'project, user, timestamp')),
+    cfg.StrOpt(
+        'project_cert_subject',
+        default='/C=US/ST=California/O=OpenStack/'
+                'OU=NovaDev/CN=project-ca-%.16s-%s',
+        help=_('Subject for certificate for projects, %s for '
+               'project, timestamp'))]
+
+
+def register_opts(conf):
+    conf.register_opts(crypto_opts)
+
+
+def list_opts():
+    return {'DEFAULT': crypto_opts}
--- a/nova/crypto.py
+++ b/nova/crypto.py
@ -34,56 +34,23 @@ from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives import serialization
 from cryptography import x509
 from oslo_concurrency import processutils
-from oslo_config import cfg
 from oslo_log import log as logging
 from oslo_utils import excutils
 from oslo_utils import fileutils
 import paramiko
 import six

+import nova.conf
 from nova import context
 from nova import db
 from nova import exception
 from nova.i18n import _, _LE
-from nova import paths
 from nova import utils


 LOG = logging.getLogger(__name__)

-crypto_opts = [
-    cfg.StrOpt('ca_file',
-               default='cacert.pem',
-               help=_('Filename of root CA')),
-    cfg.StrOpt('key_file',
-               default=os.path.join('private', 'cakey.pem'),
-               help=_('Filename of private key')),
-    cfg.StrOpt('crl_file',
-               default='crl.pem',
-               help=_('Filename of root Certificate Revocation List')),
-    cfg.StrOpt('keys_path',
-               default=paths.state_path_def('keys'),
-               help=_('Where we keep our keys')),
-    cfg.StrOpt('ca_path',
-               default=paths.state_path_def('CA'),
-               help=_('Where we keep our root CA')),
-    cfg.BoolOpt('use_project_ca',
-                default=False,
-                help=_('Should we use a CA for each project?')),
-    cfg.StrOpt('user_cert_subject',
-               default='/C=US/ST=California/O=OpenStack/'
-                       'OU=NovaDev/CN=%.16s-%.16s-%s',
-               help=_('Subject for certificate for users, %s for '
-                      'project, user, timestamp')),
-    cfg.StrOpt('project_cert_subject',
-               default='/C=US/ST=California/O=OpenStack/'
-                       'OU=NovaDev/CN=project-ca-%.16s-%s',
-               help=_('Subject for certificate for projects, %s for '
-                      'project, timestamp')),
-    ]
-
-CONF = cfg.CONF
-CONF.register_opts(crypto_opts)
+CONF = nova.conf.CONF


 def ca_folder(project_id=None):
--- a/nova/opts.py
+++ b/nova/opts.py
@ -25,7 +25,6 @@ import nova.console.rpcapi
 import nova.console.serial
 import nova.console.xvp
 import nova.consoleauth.rpcapi
-import nova.crypto
 import nova.db.api
 import nova.db.base
 import nova.db.sqlalchemy.api
@ -55,7 +54,6 @@ def list_opts():
             nova.console.manager.console_manager_opts,
             nova.console.rpcapi.rpcapi_opts,
             nova.console.xvp.xvp_opts,
-             nova.crypto.crypto_opts,
             nova.db.api.db_opts,
             nova.db.sqlalchemy.api.db_opts,
             nova.exception.exc_log_opts,