Fixes evacuate doesn't honor enable password conf for v3
The evacuate api should honor enable_instance_password conf setting just like server creation, rebuild and rescue api does, enables this flag will returning the instance password from server API call evacuate, If the hypervisor does not support password injection then the password returned will not be correct, this patch just fixes v3 evacuate api, since change return value of v2 could potentially break apps which depend on this being returned. This patch also changes the evacuate response code to 202 to keep consistency with api. DocImpact Change-Id: I2b9e5a067323ca84e2040e175a0425de3c0fafba Closes-Bug: #1244203
This commit is contained in:
guohliu
guohliu
parent
d101e7215b
commit
73ee734667
|
|
@ -13,6 +13,7 @@
|
|||
# under the License.
|
||||
|
||||
|
||||
from oslo.config import cfg
|
||||
from webob import exc
|
||||
|
||||
from nova.api.openstack import common
|
||||
|
|
@ -27,6 +28,10 @@ from nova.openstack.common import log as logging
|
|||
from nova.openstack.common import strutils
|
||||
from nova import utils
|
||||
|
||||
CONF = cfg.CONF
|
||||
CONF.import_opt('enable_instance_password',
|
||||
'nova.api.openstack.compute.servers')
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
ALIAS = "os-evacuate"
|
||||
authorize = extensions.extension_authorizer('compute', 'v3:' + ALIAS)
|
||||
|
|
@ -38,6 +43,7 @@ class EvacuateController(wsgi.Controller):
|
|||
self.compute_api = compute.API()
|
||||
self.host_api = compute.HostAPI()
|
||||
|
||||
@wsgi.response(202)
|
||||
@extensions.expected_errors((400, 404, 409))
|
||||
@wsgi.action('evacuate')
|
||||
@validation.schema(evacuate.evacuate)
|
||||
|
|
@ -82,7 +88,10 @@ class EvacuateController(wsgi.Controller):
|
|||
except exception.ComputeServiceInUse as e:
|
||||
raise exc.HTTPBadRequest(explanation=e.format_message())
|
||||
|
||||
return {'admin_password': password}
|
||||
if CONF.enable_instance_password:
|
||||
return {'admin_password': password}
|
||||
else:
|
||||
return {}
|
||||
|
||||
|
||||
class Evacuate(extensions.V3APIExtensionBase):
|
||||
|
|
|
|||
|
|
@ -146,7 +146,7 @@ class EvacuateTest(test.NoDBTestCase):
|
|||
self.stubs.Set(compute_api.API, 'update', self._fake_update)
|
||||
|
||||
resp = req.get_response(app)
|
||||
self.assertEqual(200, resp.status_int)
|
||||
self.assertEqual(202, resp.status_int)
|
||||
resp_json = jsonutils.loads(resp.body)
|
||||
self.assertEqual("MyNewPass", resp_json['admin_password'])
|
||||
|
||||
|
|
@ -161,7 +161,7 @@ class EvacuateTest(test.NoDBTestCase):
|
|||
self.stubs.Set(compute_api.API, 'update', self._fake_update)
|
||||
|
||||
resp = req.get_response(app)
|
||||
self.assertEqual(200, resp.status_int)
|
||||
self.assertEqual(202, resp.status_int)
|
||||
resp_json = jsonutils.loads(resp.body)
|
||||
self.assertEqual("MyNewPass", resp_json['admin_password'])
|
||||
|
||||
|
|
@ -181,7 +181,7 @@ class EvacuateTest(test.NoDBTestCase):
|
|||
self.stubs.Set(compute_api.API, 'update', self._fake_update)
|
||||
|
||||
resp = req.get_response(app)
|
||||
self.assertEqual(200, resp.status_int)
|
||||
self.assertEqual(202, resp.status_int)
|
||||
resp_json = jsonutils.loads(resp.body)
|
||||
self.assertEqual(CONF.password_length,
|
||||
len(resp_json['admin_password']))
|
||||
|
|
@ -192,7 +192,7 @@ class EvacuateTest(test.NoDBTestCase):
|
|||
self.stubs.Set(compute_api.API, 'update', self._fake_update)
|
||||
|
||||
res = req.get_response(app)
|
||||
self.assertEqual(200, res.status_int)
|
||||
self.assertEqual(202, res.status_int)
|
||||
resp_json = jsonutils.loads(res.body)
|
||||
self.assertIsNone(resp_json['admin_password'])
|
||||
|
||||
|
|
@ -217,3 +217,23 @@ class EvacuateTest(test.NoDBTestCase):
|
|||
req.content_type = 'application/json'
|
||||
res = req.get_response(app)
|
||||
self.assertEqual(403, res.status_int)
|
||||
|
||||
def test_evacuate_disable_password_return(self):
|
||||
self._test_evacuate_enable_instance_password_conf(False)
|
||||
|
||||
def test_evacuate_enable_password_return(self):
|
||||
self._test_evacuate_enable_instance_password_conf(True)
|
||||
|
||||
def _test_evacuate_enable_instance_password_conf(self, enable_pass):
|
||||
self.flags(enable_instance_password=enable_pass)
|
||||
req, app = self._gen_request_with_app({'host': 'my_host',
|
||||
'on_shared_storage': 'False'})
|
||||
self.stubs.Set(compute_api.API, 'update', self._fake_update)
|
||||
|
||||
res = req.get_response(app)
|
||||
self.assertEqual(res.status_int, 202)
|
||||
resp_json = jsonutils.loads(res.body)
|
||||
if enable_pass:
|
||||
self.assertIn('admin_password', resp_json)
|
||||
else:
|
||||
self.assertIsNone(resp_json.get('admin_password'))
|
||||
|
|
|
|||
|
|
@ -58,4 +58,4 @@ class EvacuateJsonTest(test_servers.ServersSampleBase):
|
|||
response = self._do_post('servers/%s/action' % uuid,
|
||||
'server-evacuate-req', req_subs)
|
||||
subs = self._get_regexes()
|
||||
self._verify_response('server-evacuate-resp', subs, response, 200)
|
||||
self._verify_response('server-evacuate-resp', subs, response, 202)
|
||||
|
|
|
|||
Loading…
Reference in New Issue