Correct the project domain option for authorization

In blazar configuration, we have the following options:

* os_admin_user_domain_name
* os_admin_project_domain_name

They are used for Keystone authentication, but 
``os_admin_project_domain_name`` in the configuration file was not
reflected in Blazar. This is because the Blazar service used
``os_admin_user_domain_name" for both *project* and *user* domain name.

This patch fixes the bug and adds related tests.

Change-Id: Ifbca9f622afba3aa9f41296fff2d34afce22da0a
Closes-Bug: #1779660
This commit is contained in:
Tetsuro Nakamura 2018-06-26 17:45:58 +09:00 committed by Pierre Riteau
parent 8dd7a70a37
commit 3a7f6303ae
7 changed files with 92 additions and 4 deletions

View File

@ -50,7 +50,7 @@ class VirtualInstancePlugin(base.BasePlugin, nova.NovaClientWrapper):
password=CONF.os_admin_password,
user_domain_name=CONF.os_admin_user_domain_name,
project_name=CONF.os_admin_project_name,
project_domain_name=CONF.os_admin_user_domain_name)
project_domain_name=CONF.os_admin_project_domain_name)
self.freepool_name = CONF.nova.aggregate_freepool_name
self.monitor = oshosts.host_plugin.PhysicalHostMonitorPlugin()

View File

@ -83,7 +83,7 @@ class PhysicalHostPlugin(base.BasePlugin, nova.NovaClientWrapper):
password=CONF.os_admin_password,
user_domain_name=CONF.os_admin_user_domain_name,
project_name=CONF.os_admin_project_name,
project_domain_name=CONF.os_admin_user_domain_name)
project_domain_name=CONF.os_admin_project_domain_name)
self.monitor = PhysicalHostMonitorPlugin()
self.monitor.register_healing_handler(self.heal_reservations)
@ -663,7 +663,7 @@ class PhysicalHostMonitorPlugin(base.BaseMonitorPlugin,
password=CONF.os_admin_password,
user_domain_name=CONF.os_admin_user_domain_name,
project_name=CONF.os_admin_project_name,
project_domain_name=CONF.os_admin_user_domain_name)
project_domain_name=CONF.os_admin_project_domain_name)
return cls._instance
def __init__(self):

View File

@ -29,6 +29,10 @@ from blazar.plugins.instances import instance_plugin
from blazar.plugins import oshosts
from blazar import tests
from blazar.utils.openstack import nova
from oslo_config import cfg
from oslo_config import fixture as conf_fixture
CONF = cfg.CONF
class TestVirtualInstancePlugin(tests.TestCase):
@ -36,6 +40,20 @@ class TestVirtualInstancePlugin(tests.TestCase):
def setUp(self):
super(TestVirtualInstancePlugin, self).setUp()
def test_configuration(self):
self.cfg = self.useFixture(conf_fixture.Config(CONF))
self.cfg.config(os_admin_username='fake-user')
self.cfg.config(os_admin_password='fake-passwd')
self.cfg.config(os_admin_user_domain_name='fake-user-domain')
self.cfg.config(os_admin_project_name='fake-pj-name')
self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
plugin = instance_plugin.VirtualInstancePlugin()
self.assertEqual("fake-user", plugin.username)
self.assertEqual("fake-passwd", plugin.password)
self.assertEqual("fake-user-domain", plugin.user_domain_name)
self.assertEqual("fake-pj-name", plugin.project_name)
self.assertEqual("fake-pj-domain", plugin.project_domain_name)
def get_input_values(self, vcpus, memory, disk, amount, affinity,
start, end, lease_id, resource_properties):
values = {'vcpus': vcpus, 'memory_mb': memory, 'disk_gb': disk,

View File

@ -18,6 +18,7 @@ import datetime
import mock
from novaclient import client as nova_client
from oslo_config import cfg
from oslo_config import fixture as conf_fixture
import testtools
from blazar import context
@ -33,6 +34,8 @@ from blazar.utils.openstack import base
from blazar.utils.openstack import nova
from blazar.utils import trusts
CONF = cfg.CONF
class AggregateFake(object):
@ -46,6 +49,14 @@ class PhysicalHostPlugingSetupOnlyTestCase(tests.TestCase):
def setUp(self):
super(PhysicalHostPlugingSetupOnlyTestCase, self).setUp()
self.cfg = self.useFixture(conf_fixture.Config(CONF))
self.cfg.config(os_admin_username='fake-user')
self.cfg.config(os_admin_password='fake-passwd')
self.cfg.config(os_admin_user_domain_name='fake-user-domain')
self.cfg.config(os_admin_project_name='fake-pj-name')
self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
self.context = context
self.patch(self.context, 'BlazarContext')
self.patch(base, 'url_for').return_value = 'http://foo.bar'
@ -57,6 +68,15 @@ class PhysicalHostPlugingSetupOnlyTestCase(tests.TestCase):
self.db_host_extra_capability_get_all_per_host = (
self.patch(self.db_api, 'host_extra_capability_get_all_per_host'))
def test_configuration(self):
self.assertEqual("fake-user", self.fake_phys_plugin.username)
self.assertEqual("fake-passwd", self.fake_phys_plugin.password)
self.assertEqual("fake-user-domain",
self.fake_phys_plugin.user_domain_name)
self.assertEqual("fake-pj-name", self.fake_phys_plugin.project_name)
self.assertEqual("fake-pj-domain",
self.fake_phys_plugin.project_domain_name)
def test__get_extra_capabilities_with_values(self):
self.db_host_extra_capability_get_all_per_host.return_value = [
{'id': 1,
@ -1817,6 +1837,22 @@ class PhysicalHostMonitorPluginTestCase(tests.TestCase):
self.patch(nova_client, 'Client')
self.host_monitor_plugin = host_plugin.PhysicalHostMonitorPlugin()
def test_configuration(self):
# reset the singleton at first
host_plugin.PhysicalHostMonitorPlugin._instance = None
self.cfg = self.useFixture(conf_fixture.Config(CONF))
self.cfg.config(os_admin_password='fake-passwd')
self.cfg.config(os_admin_user_domain_name='fake-user-domain')
self.cfg.config(os_admin_project_name='fake-pj-name')
self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
self.host_monitor_plugin = host_plugin.PhysicalHostMonitorPlugin()
self.assertEqual("fake-passwd", self.host_monitor_plugin.password)
self.assertEqual("fake-user-domain",
self.host_monitor_plugin.user_domain_name)
self.assertEqual("fake-pj-name", self.host_monitor_plugin.project_name)
self.assertEqual("fake-pj-domain",
self.host_monitor_plugin.project_domain_name)
def test_notification_callback_disabled_true(self):
failed_host = {'hypervisor_hostname': 'compute-1'}
event_type = 'service.update'

View File

@ -124,6 +124,13 @@ class ReservationPoolTestCase(tests.TestCase):
self.blazar_owner = nova_conf.blazar_owner
self.blazar_az_prefix = physical_host_conf.blazar_az_prefix
self.cfg = self.useFixture(fixture.Config(CONF))
self.cfg.config(os_admin_username='fake-user')
self.cfg.config(os_admin_password='fake-passwd')
self.cfg.config(os_admin_user_domain_name='fake-user-domain')
self.cfg.config(os_admin_project_name='fake-pj-name')
self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
self.fake_freepool = AggregateFake(i=456,
name=self.freepool_name,
hosts=['host3'])
@ -142,6 +149,13 @@ class ReservationPoolTestCase(tests.TestCase):
self.p_name = self.patch(self.pool, '_generate_aggregate_name')
self.p_name.return_value = self.pool_name
def test_configuration(self):
self.assertEqual("fake-user", self.pool.username)
self.assertEqual("fake-passwd", self.pool.password)
self.assertEqual("fake-user-domain", self.pool.user_domain_name)
self.assertEqual("fake-pj-name", self.pool.project_name)
self.assertEqual("fake-pj-domain", self.pool.project_domain_name)
def _patch_get_aggregate_from_name_or_id(self):
def get_fake_aggregate(*args):
if self.freepool_name in args:

View File

@ -210,7 +210,7 @@ class ReservationPool(NovaClientWrapper):
password=CONF.os_admin_password,
user_domain_name=CONF.os_admin_user_domain_name,
project_name=CONF.os_admin_project_name,
project_domain_name=CONF.os_admin_user_domain_name)
project_domain_name=CONF.os_admin_project_domain_name)
self.config = CONF.nova
self.freepool_name = self.config.aggregate_freepool_name

View File

@ -0,0 +1,20 @@
---
fixes:
- |
In the `Blazar configuration`_, we have the following options:
* os_admin_user_domain_name
* os_admin_project_domain_name
They are used for Keystone authentication. However,
``os_admin_project_domain_name`` in the configuration file was not
reflected in Blazar. This was because internally in the Blazar service
``os_admin_user_domain_name`` was used wrongly for both the project domain
name and the user domain name.
This didn't affect operators who set neither of the values explicitly in
the configuration file, because the default values of the two options are
both set to ``Default``. This release fixes the bug for operators who set
either of the values explicitly.
.. _Blazar configuration: https://docs.openstack.org/blazar/latest/configuration/samples/blazar-conf.html