openstack
/
murano
Code Issues Proposed changes

Merge "Use consistent session options"

This commit is contained in:
Jenkins 2017-07-29 02:55:51 +00:00 committed by Gerrit Code Review
parent 4e138e23b7 78abdaa130
commit 6b9c6a0025
12 changed files with 70 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
murano/api/v1/catalog.py
View File

@ -425,11 +425,12 @@ class Controller(object):
url = glare_settings.url
if not url:
url = self._get_glare_url(request)
# TODO(gyurco): use auth_utils.get_session_client_parameters
client = glare_client.Client(
endpoint=url, token=token, insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file or None,
key_file=glare_settings.keyfile or None,
ca_file=glare_settings.cafile or None,
cert_file=glare_settings.certfile or None,
type_name='murano',
type_version=1)
return client

8
murano/cfapi/cfapi.py
View File

@ -320,13 +320,13 @@ def _get_glareclient(token_id, req):
if not url:
LOG.error('No glare url is specified and no "artifact" '
'service is registered in keystone.')
# TODO(gyurco): use auth_utils.get_session_client_parameters
return glare_client.Client(
endpoint=url, token=token_id,
insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file or None,
key_file=glare_settings.keyfile or None,
ca_file=glare_settings.cafile or None,
cert_file=glare_settings.certfile or None,
type_name='murano',
type_version=1)

21
murano/common/auth_utils.py
View File

@ -138,12 +138,9 @@ def delete_trust(trust):
user_client.trusts.delete(trust)
def _get_config_option(conf_section, option_names, default=None):
if not isinstance(option_names, (list, tuple)):
option_names = (option_names,)
for name in option_names:
if hasattr(conf_section, name):
return getattr(conf_section, name)
def _get_config_option(conf_section, option_name, default=None):
if hasattr(cfg.CONF[conf_section], option_name):
return getattr(cfg.CONF[conf_section], option_name)
return default
@ -151,15 +148,11 @@ def _get_session(auth, conf_section=None):
# Fallback to murano_auth section for TLS parameters
# if no other conf_section supplied
if not conf_section:
conf_section = cfg.CONF[CFG_MURANO_AUTH_GROUP]
session = ka_loading.session.Session().load_from_options(
conf_section = CFG_MURANO_AUTH_GROUP
session = ka_loading.load_session_from_conf_options(
auth=auth,
insecure=_get_config_option(conf_section, 'insecure', False),
cacert=_get_config_option(
conf_section,
('ca_file', 'cafile', 'cacert')),
key=_get_config_option(conf_section, ('key_file', 'keyfile')),
cert=_get_config_option(conf_section, ('cert_file', 'certfile')))
conf=cfg.CONF,
group=conf_section)
return session

101
murano/common/config.py
View File

@ -74,21 +74,6 @@ rabbit_opts = [
heat_opts = [
cfg.StrOpt('url', help='Optional heat endpoint override'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers with Heat API.'),
cfg.StrOpt('ca_file',
help='(SSL) Tells Murano to use the specified certificate file '
'to verify the peer running Heat API.'),
cfg.StrOpt('cert_file',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Heat.'),
cfg.StrOpt('key_file', help='(SSL/SSH) Private key file name to '
'communicate with Heat API.'),
cfg.StrOpt('endpoint_type', default='publicURL',
help='Heat endpoint type.'),
@ -104,28 +89,12 @@ mistral_opts = [
help='Mistral endpoint type.'),
cfg.StrOpt('service_type', default='workflowv2',
help='Mistral service type.'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers with Mistral.'),
cfg.StrOpt('ca_cert',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Mistral.')
help='Mistral service type.')
]
neutron_opts = [
cfg.StrOpt('url', help='Optional neutron endpoint override'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers with Neutron API.'),
cfg.StrOpt('ca_cert',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Neutron.'),
cfg.StrOpt('endpoint_type', default='publicURL',
help='Neutron endpoint type.')
]
@ -134,25 +103,6 @@ murano_opts = [
cfg.StrOpt('url', help='Optional murano url in format '
'like http://0.0.0.0:8082 used by Murano engine'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers used by '
'Murano engine.'),
cfg.StrOpt('cacert',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Murano API '
'used by Murano engine.'),
cfg.StrOpt('cert_file',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Murano '
'used by Murano engine.'),
cfg.StrOpt('key_file', help='(SSL/SSH) Private key file name '
'to communicate with Murano API used by '
'Murano engine.'),
cfg.StrOpt('endpoint_type', default='publicURL',
help='Murano endpoint type used by Murano engine.'),
@ -278,25 +228,6 @@ glare_opts = [
'like http://0.0.0.0:9494 used by Glare API',
deprecated_group='glance'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers with Glare API.',
deprecated_group='glance'),
cfg.StrOpt('ca_file',
help='(SSL) Tells Murano to use the specified certificate file '
'to verify the peer running Glare API.',
deprecated_group='glance'),
cfg.StrOpt('cert_file',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Glare.',
deprecated_group='glance'),
cfg.StrOpt('key_file', help='(SSL/SSH) Private key file name to '
'communicate with Glare API.',
deprecated_group='glance'),
cfg.StrOpt('endpoint_type', default='publicURL',
help='Glare endpoint type.',
deprecated_group='glance')
@ -305,21 +236,6 @@ glare_opts = [
glance_opts = [
cfg.StrOpt('url', help='Optional glance endpoint override'),
cfg.BoolOpt('insecure', default=False,
help='This option explicitly allows Murano to perform '
'"insecure" SSL connections and transfers with Glance API.'),
cfg.StrOpt('ca_file',
help='(SSL) Tells Murano to use the specified certificate file '
'to verify the peer running Glance API.'),
cfg.StrOpt('cert_file',
help='(SSL) Tells Murano to use the specified client '
'certificate file when communicating with Glance.'),
cfg.StrOpt('key_file', help='(SSL/SSH) Private key file name to '
'communicate with Glance API.'),
cfg.StrOpt('endpoint_type', default='publicURL',
help='Glance endpoint type.')
]
@ -358,7 +274,20 @@ CONF.register_opts(glare_opts, group='glare')
CONF.register_opts(glance_opts, group='glance')
CONF.register_opts(murano_auth_opts, group='murano_auth')
ks_loading.register_auth_conf_options(CONF, group='murano_auth')
ks_loading.register_session_conf_options(CONF, group='murano_auth')
for group in ('heat', 'mistral', 'neutron', 'glance', 'glare',
'murano', 'murano_auth'):
ks_loading.register_session_conf_options(
CONF,
group=group,
deprecated_opts={
'cafile': [cfg.DeprecatedOpt('cacert', group),
cfg.DeprecatedOpt('ca_file', group)],
'certfile': [cfg.DeprecatedOpt('cert_file', group)],
'keyfile': [cfg.DeprecatedOpt('key_file', group)]
})
def parse_args(args=None, usage=None, default_config_files=None):

11
murano/engine/package_loader.py
View File

@ -84,20 +84,19 @@ class ApiPackageLoader(package_loader.MuranoPackageLoader):
service_type='artifact',
interface=glare_settings.endpoint_type,
region_name=CONF.home_region)
# TODO(gyurco): use auth_utils.get_session_client_parameters
self._glare_client = glare_client.Client(
endpoint=url, token=token,
insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file or None,
key_file=glare_settings.keyfile or None,
ca_file=glare_settings.cafile or None,
cert_file=glare_settings.certfile or None,
type_name='murano',
type_version=1)
return self._glare_client
@property
def client(self):
murano_settings = CONF.murano
last_glare_client = self._glare_client
if CONF.engine.packages_service in ['glance', 'glare']:
if CONF.engine.packages_service == 'glance':
@ -113,7 +112,7 @@ class ApiPackageLoader(package_loader.MuranoPackageLoader):
parameters = auth_utils.get_session_client_parameters(
service_type='application-catalog',
execution_session=self._execution_session,
conf=murano_settings
conf='murano'
)
self._murano_client = muranoclient.Client(
artifacts_client=artifacts_client, **parameters)

6
murano/engine/system/heat_stack.py
View File

@ -69,7 +69,7 @@ class HeatStack(object):
def _create_client(session, region_name):
parameters = auth_utils.get_session_client_parameters(
service_type='orchestration', region=region_name,
conf=CONF.heat, session=session)
conf='heat', session=session)
return hclient.Client('1', **parameters)
@property
@ -79,11 +79,11 @@ class HeatStack(object):
@staticmethod
@session_local_storage.execution_session_memoize
def _get_client(region_name):
session = auth_utils.get_client_session(conf=CONF.heat)
session = auth_utils.get_client_session(conf='heat')
return HeatStack._create_client(session, region_name)
def _get_token_client(self):
ks_session = auth_utils.get_token_client_session(conf=CONF.heat)
ks_session = auth_utils.get_token_client_session(conf='heat')
return self._create_client(ks_session, self._region_name)
def current(self):

3
murano/engine/system/metadef_browser.py
View File

@ -39,9 +39,8 @@ class MetadefBrowser(object):
@staticmethod
@session_local_storage.execution_session_memoize
def _get_client(region_name):
glance_settings = CONF.glance
return gclient.Client(**auth_utils.get_session_client_parameters(
service_type='image', region=region_name, conf=glance_settings
service_type='image', region=region_name, conf='glance'
))
@property

3
murano/engine/system/net_explorer.py
View File

@ -45,9 +45,8 @@ class NetworkExplorer(object):
@staticmethod
@session_local_storage.execution_session_memoize
def _get_client(region_name):
neutron_settings = CONF.neutron
return nclient.Client(**auth_utils.get_session_client_parameters(
service_type='network', region=region_name, conf=neutron_settings
service_type='network', region=region_name, conf='neutron'
))
@property

3
murano/engine/system/workflowclient.py
View File

@ -67,6 +67,7 @@ class MistralClient(object):
region_name=region)
auth_ref = session.auth.get_access(session)
# TODO(gyurco): use auth_utils.get_session_client_parameters
return mistralcli.client(
mistral_url=mistral_url,
project_id=auth_ref.project_id,
@ -75,7 +76,7 @@ class MistralClient(object):
auth_token=auth_ref.auth_token,
user_id=auth_ref.user_id,
insecure=mistral_settings.insecure,
cacert=mistral_settings.ca_cert
cacert=mistral_settings.cafile
)
def upload(self, definition):

23
murano/opts.py
View File

@ -37,11 +37,20 @@ def build_list(opt_list):
_opt_lists = [
('engine', murano.common.config.engine_opts),
('rabbitmq', murano.common.config.rabbit_opts),
('heat', murano.common.config.heat_opts),
('neutron', murano.common.config.neutron_opts),
('murano', murano.common.config.murano_opts),
('glare', murano.common.config.glare_opts),
('mistral', murano.common.config.mistral_opts),
('heat',
murano.common.config.heat_opts +
ks_loading.get_session_conf_options()),
('neutron',
murano.common.config.neutron_opts +
ks_loading.get_session_conf_options()),
('murano', murano.common.config.murano_opts +
ks_loading.get_session_conf_options()),
('glare',
murano.common.config.glare_opts +
ks_loading.get_session_conf_options()),
('mistral',
murano.common.config.mistral_opts +
ks_loading.get_session_conf_options()),
('networking', murano.common.config.networking_opts),
('stats', murano.common.config.stats_opts),
('murano_auth',
@ -61,7 +70,9 @@ _opt_lists = [
_cfapi_opt_lists = [
('cfapi', murano.common.cf_config.cfapi_opts),
('glare', murano.common.config.glare_opts),
('glare',
murano.common.config.glare_opts +
ks_loading.get_session_conf_options())
]
_opt_lists.extend(oslo_service.sslutils.list_opts())

21
murano/tests/unit/common/test_auth_utils.py
View File

@ -44,7 +44,7 @@ class TestAuthUtils(base.MuranoTestCase):
spec_set=ka_loading).start()
mock_auth_obj.load_auth_from_conf_options.return_value = \
mock.sentinel.auth
mock_auth_obj.session.Session().load_from_options.\
mock_auth_obj.load_session_from_conf_options.\
return_value = mock.sentinel.session
cfg.CONF.set_override('auth_type',
'password',
@ -303,13 +303,12 @@ class TestAuthUtils(base.MuranoTestCase):
mock.sentinel.trust)
def test_get_config_option(self):
option_names = 'foo'
conf_section = mock.Mock(foo='bar')
self.assertEqual('bar', auth_utils._get_config_option(
conf_section, option_names))
cfg.CONF.set_override('url', 'foourl', 'murano')
self.assertEqual('foourl', auth_utils._get_config_option(
'murano', 'url'))
def test_get_config_option_return_default(self):
self.assertIsNone(auth_utils._get_config_option(None, []))
self.assertIsNone(auth_utils._get_config_option(None, 'url'))
def test_get_session(self):
mock_ka_loading = self._init_mock_cfg(True)
@ -317,12 +316,10 @@ class TestAuthUtils(base.MuranoTestCase):
session = auth_utils._get_session(mock.sentinel.auth)
self.assertEqual(mock.sentinel.session, session)
mock_ka_loading.session.Session().load_from_options.\
mock_ka_loading.load_session_from_conf_options.\
assert_called_once_with(auth=mock.sentinel.auth,
cacert=None,
cert=None,
insecure=False,
key=None)
conf=cfg.CONF,
group=auth_utils.CFG_MURANO_AUTH_GROUP)
def test_get_session_client_parameters(self):
@ -334,7 +331,7 @@ class TestAuthUtils(base.MuranoTestCase):
}
result = auth_utils.get_session_client_parameters(
conf=cfg.CONF.murano,
conf='murano',
service_type=mock.sentinel.service_type,
service_name=mock.sentinel.service_name,
session=mock.sentinel.session)

4
murano/tests/unit/test_heat_stack.py
View File

@ -605,7 +605,7 @@ class TestHeatStack(base.MuranoTestCase):
self.assertEqual("<class 'heatclient.v1.client.Client'>",
str(client.__class__))
mock_auth_utils.get_client_session.assert_called_with(
conf=heat_stack.CONF.heat)
conf='heat')
@mock.patch.object(heat_stack, 'auth_utils')
def test_get_token_client(self, mock_auth_utils):
@ -622,7 +622,7 @@ class TestHeatStack(base.MuranoTestCase):
self.assertEqual("<class 'heatclient.v1.client.Client'>",
str(token_client.__class__))
mock_auth_utils.get_token_client_session.assert_called_with(
conf=heat_stack.CONF.heat)
conf='heat')
def test_wait_state(self):
hs = heat_stack.HeatStack('test-stack', None)