Migrate to the new Mistral context class
The context sent to actions by Mistral has changed. It is now a class with the potential to carry more context information - we only use the security context at present. This updates the context usage to make it use the security attribute. Closes-Bug: #1718353 Change-Id: I759a1d7a2da0a978b5b784be9f0e58a549b51e06
This commit is contained in:
parent
eb7d89cab1
commit
55a78c5c0d
|
@ -474,11 +474,12 @@ class AnsiblePlaybookAction(base.TripleOAction):
|
||||||
env_variables.update(self.extra_env_variables)
|
env_variables.update(self.extra_env_variables)
|
||||||
|
|
||||||
if self.use_openstack_credentials:
|
if self.use_openstack_credentials:
|
||||||
|
security_ctx = context.security
|
||||||
env_variables.update({
|
env_variables.update({
|
||||||
'OS_AUTH_URL': context.auth_uri,
|
'OS_AUTH_URL': security_ctx.auth_uri,
|
||||||
'OS_USERNAME': context.user_name,
|
'OS_USERNAME': security_ctx.user_name,
|
||||||
'OS_AUTH_TOKEN': context.auth_token,
|
'OS_AUTH_TOKEN': security_ctx.auth_token,
|
||||||
'OS_PROJECT_NAME': context.project_name})
|
'OS_PROJECT_NAME': security_ctx.project_name})
|
||||||
|
|
||||||
command = [str(c) for c in command]
|
command = [str(c) for c in command]
|
||||||
|
|
||||||
|
|
|
@ -48,17 +48,19 @@ class TripleOAction(actions.Action):
|
||||||
return session_and_auth['session']
|
return session_and_auth['session']
|
||||||
|
|
||||||
def get_object_client(self, context):
|
def get_object_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
|
|
||||||
swift_endpoint = keystone_utils.get_endpoint_for_project(
|
swift_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context,
|
security_ctx,
|
||||||
'swift'
|
'swift'
|
||||||
)
|
)
|
||||||
|
|
||||||
kwargs = {
|
kwargs = {
|
||||||
'preauthurl': swift_endpoint.url % {
|
'preauthurl': swift_endpoint.url % {
|
||||||
'tenant_id': context.project_id
|
'tenant_id': security_ctx.project_id
|
||||||
},
|
},
|
||||||
'session': self.get_session(context, 'swift'),
|
'session': self.get_session(security_ctx, 'swift'),
|
||||||
'insecure': context.insecure,
|
'insecure': security_ctx.insecure,
|
||||||
'retries': 10,
|
'retries': 10,
|
||||||
'starting_backoff': 3,
|
'starting_backoff': 3,
|
||||||
'max_backoff': 120
|
'max_backoff': 120
|
||||||
|
@ -82,8 +84,9 @@ class TripleOAction(actions.Action):
|
||||||
return swift_service.SwiftService(options=swift_opts)
|
return swift_service.SwiftService(options=swift_opts)
|
||||||
|
|
||||||
def get_baremetal_client(self, context):
|
def get_baremetal_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
ironic_endpoint = keystone_utils.get_endpoint_for_project(
|
ironic_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context, 'ironic')
|
security_ctx, 'ironic')
|
||||||
|
|
||||||
# FIXME(lucasagomes): Use ironicclient.get_client() instead
|
# FIXME(lucasagomes): Use ironicclient.get_client() instead
|
||||||
# of ironicclient.Client(). Client() might cause errors since
|
# of ironicclient.Client(). Client() might cause errors since
|
||||||
|
@ -91,7 +94,7 @@ class TripleOAction(actions.Action):
|
||||||
# prefered way
|
# prefered way
|
||||||
return ironicclient.Client(
|
return ironicclient.Client(
|
||||||
ironic_endpoint.url,
|
ironic_endpoint.url,
|
||||||
token=context.auth_token,
|
token=security_ctx.auth_token,
|
||||||
region_name=ironic_endpoint.region,
|
region_name=ironic_endpoint.region,
|
||||||
os_ironic_api_version='1.36',
|
os_ironic_api_version='1.36',
|
||||||
# FIXME(lucasagomes):Paramtetize max_retries and
|
# FIXME(lucasagomes):Paramtetize max_retries and
|
||||||
|
@ -104,10 +107,11 @@ class TripleOAction(actions.Action):
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_baremetal_introspection_client(self, context):
|
def get_baremetal_introspection_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
bmi_endpoint = keystone_utils.get_endpoint_for_project(
|
bmi_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context, 'ironic-inspector')
|
security_ctx, 'ironic-inspector')
|
||||||
|
|
||||||
auth = Token(endpoint=bmi_endpoint.url, token=context.auth_token)
|
auth = Token(endpoint=bmi_endpoint.url, token=security_ctx.auth_token)
|
||||||
|
|
||||||
return ironic_inspector_client.ClientV1(
|
return ironic_inspector_client.ClientV1(
|
||||||
api_version='1.2',
|
api_version='1.2',
|
||||||
|
@ -116,28 +120,30 @@ class TripleOAction(actions.Action):
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_image_client(self, context):
|
def get_image_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
glance_endpoint = keystone_utils.get_endpoint_for_project(
|
glance_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context, 'glance')
|
security_ctx, 'glance')
|
||||||
return glanceclient.Client(
|
return glanceclient.Client(
|
||||||
glance_endpoint.url,
|
glance_endpoint.url,
|
||||||
token=context.auth_token,
|
token=security_ctx.auth_token,
|
||||||
region_name=glance_endpoint.region
|
region_name=glance_endpoint.region
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_orchestration_client(self, context):
|
def get_orchestration_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
heat_endpoint = keystone_utils.get_endpoint_for_project(
|
heat_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context, 'heat')
|
security_ctx, 'heat')
|
||||||
|
|
||||||
endpoint_url = keystone_utils.format_url(
|
endpoint_url = keystone_utils.format_url(
|
||||||
heat_endpoint.url,
|
heat_endpoint.url,
|
||||||
{'tenant_id': context.project_id}
|
{'tenant_id': security_ctx.project_id}
|
||||||
)
|
)
|
||||||
|
|
||||||
return heatclient.Client(
|
return heatclient.Client(
|
||||||
endpoint_url,
|
endpoint_url,
|
||||||
region_name=heat_endpoint.region,
|
region_name=heat_endpoint.region,
|
||||||
token=context.auth_token,
|
token=security_ctx.auth_token,
|
||||||
username=context.user_name
|
username=security_ctx.user_name
|
||||||
)
|
)
|
||||||
|
|
||||||
def get_messaging_client(self, context):
|
def get_messaging_client(self, context):
|
||||||
|
@ -160,18 +166,20 @@ class TripleOAction(actions.Action):
|
||||||
return zaqarclient.Client(zaqar_endpoint.url, conf=conf)
|
return zaqarclient.Client(zaqar_endpoint.url, conf=conf)
|
||||||
|
|
||||||
def get_workflow_client(self, context):
|
def get_workflow_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
mistral_endpoint = keystone_utils.get_endpoint_for_project(
|
mistral_endpoint = keystone_utils.get_endpoint_for_project(
|
||||||
context, 'mistral')
|
security_ctx, 'mistral')
|
||||||
|
|
||||||
mc = mistral_client.client(auth_token=context.auth_token,
|
mc = mistral_client.client(auth_token=security_ctx.auth_token,
|
||||||
mistral_url=mistral_endpoint.url)
|
mistral_url=mistral_endpoint.url)
|
||||||
|
|
||||||
return mc
|
return mc
|
||||||
|
|
||||||
def get_compute_client(self, context):
|
def get_compute_client(self, context):
|
||||||
|
security_ctx = context.security
|
||||||
|
|
||||||
conf = keystone_utils.get_session_and_auth(
|
conf = keystone_utils.get_session_and_auth(
|
||||||
context,
|
security_ctx,
|
||||||
service_type='compute'
|
service_type='compute'
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@ class TestActionsBase(tests_base.TestCase):
|
||||||
self.action = base.TripleOAction()
|
self.action = base.TripleOAction()
|
||||||
|
|
||||||
@mock.patch.object(ironicclient, 'Client')
|
@mock.patch.object(ironicclient, 'Client')
|
||||||
def test__get_baremetal_client(self, mock_client, mock_endpoint):
|
def test_get_baremetal_client(self, mock_client, mock_endpoint):
|
||||||
mock_cxt = mock.MagicMock()
|
mock_cxt = mock.MagicMock()
|
||||||
mock_endpoint.return_value = mock.Mock(
|
mock_endpoint.return_value = mock.Mock(
|
||||||
url='http://ironic/v1', region='ironic-region')
|
url='http://ironic/v1', region='ironic-region')
|
||||||
|
@ -41,7 +41,7 @@ class TestActionsBase(tests_base.TestCase):
|
||||||
mock_client.assert_called_once_with(
|
mock_client.assert_called_once_with(
|
||||||
'http://ironic/v1', max_retries=12, os_ironic_api_version='1.36',
|
'http://ironic/v1', max_retries=12, os_ironic_api_version='1.36',
|
||||||
region_name='ironic-region', retry_interval=5, token=mock.ANY)
|
region_name='ironic-region', retry_interval=5, token=mock.ANY)
|
||||||
mock_endpoint.assert_called_once_with(mock_cxt, 'ironic')
|
mock_endpoint.assert_called_once_with(mock_cxt.security, 'ironic')
|
||||||
mock_cxt.assert_not_called()
|
mock_cxt.assert_not_called()
|
||||||
|
|
||||||
def test_cache_key(self, mock_endpoint):
|
def test_cache_key(self, mock_endpoint):
|
||||||
|
|
|
@ -400,12 +400,13 @@ class ProcessTemplatesActionTest(base.TestCase):
|
||||||
swift.get_object = mock.MagicMock()
|
swift.get_object = mock.MagicMock()
|
||||||
swift.get_container = mock.MagicMock()
|
swift.get_container = mock.MagicMock()
|
||||||
get_obj_client_mock.return_value = swift
|
get_obj_client_mock.return_value = swift
|
||||||
|
mock_ctx = mock.MagicMock()
|
||||||
|
|
||||||
# Test
|
# Test
|
||||||
action = templates.ProcessTemplatesAction()
|
action = templates.ProcessTemplatesAction()
|
||||||
action._j2_render_and_put(JINJA_SNIPPET_CONFIG,
|
action._j2_render_and_put(JINJA_SNIPPET_CONFIG,
|
||||||
{'role': 'CustomRole'},
|
{'role': 'CustomRole'},
|
||||||
'customrole-config.yaml')
|
'customrole-config.yaml', context=mock_ctx)
|
||||||
|
|
||||||
action_result = swift.put_object._mock_mock_calls[0]
|
action_result = swift.put_object._mock_mock_calls[0]
|
||||||
|
|
||||||
|
@ -427,12 +428,14 @@ class ProcessTemplatesActionTest(base.TestCase):
|
||||||
swift.get_container = mock.MagicMock(
|
swift.get_container = mock.MagicMock(
|
||||||
side_effect=return_container_files)
|
side_effect=return_container_files)
|
||||||
get_obj_client_mock.return_value = swift
|
get_obj_client_mock.return_value = swift
|
||||||
|
mock_ctx = mock.MagicMock()
|
||||||
|
|
||||||
# Test
|
# Test
|
||||||
action = templates.ProcessTemplatesAction()
|
action = templates.ProcessTemplatesAction()
|
||||||
action._j2_render_and_put(r"{% include 'foo.yaml' %}",
|
action._j2_render_and_put(r"{% include 'foo.yaml' %}",
|
||||||
{'role': 'CustomRole'},
|
{'role': 'CustomRole'},
|
||||||
'customrole-config.yaml')
|
'customrole-config.yaml',
|
||||||
|
context=mock_ctx)
|
||||||
|
|
||||||
action_result = swift.put_object._mock_mock_calls[0]
|
action_result = swift.put_object._mock_mock_calls[0]
|
||||||
|
|
||||||
|
@ -456,12 +459,14 @@ class ProcessTemplatesActionTest(base.TestCase):
|
||||||
swift.get_container = mock.MagicMock(
|
swift.get_container = mock.MagicMock(
|
||||||
side_effect=return_container_files)
|
side_effect=return_container_files)
|
||||||
get_obj_client_mock.return_value = swift
|
get_obj_client_mock.return_value = swift
|
||||||
|
mock_ctx = mock.MagicMock()
|
||||||
|
|
||||||
# Test
|
# Test
|
||||||
action = templates.ProcessTemplatesAction()
|
action = templates.ProcessTemplatesAction()
|
||||||
action._j2_render_and_put(r"{% include 'foo.yaml' %}",
|
action._j2_render_and_put(r"{% include 'foo.yaml' %}",
|
||||||
{'role': 'CustomRole'},
|
{'role': 'CustomRole'},
|
||||||
'bar/customrole-config.yaml')
|
'bar/customrole-config.yaml',
|
||||||
|
context=mock_ctx)
|
||||||
|
|
||||||
action_result = swift.put_object._mock_mock_calls[0]
|
action_result = swift.put_object._mock_mock_calls[0]
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue