Merge "Fix nova proxy admin login"

2017-11-16 09:12:47 +00:00 · 2017-11-16 09:12:47 +00:00 · 7fbe598884
parent 1a64c1c413 c6ca687354
commit 7fbe598884
4 changed files with 36 additions and 7 deletions
--- a/trove/common/cfg.py
+++ b/trove/common/cfg.py
@ -366,6 +366,8 @@ common_opts = [
               help="Admin tenant ID used to connect to Nova.", secret=True),
    cfg.StrOpt('nova_proxy_admin_tenant_name', default='',
               help="Admin tenant name used to connect to Nova.", secret=True),
+    cfg.StrOpt('nova_proxy_admin_user_domain_name', default='Default',
+               help="User domain of the admin user used to connect to Nova."),
    cfg.StrOpt('network_label_regex', default='^private$',
               help='Regular expression to match Trove network labels.'),
    cfg.StrOpt('ip_regex', default=None,
--- a/trove/common/remote.py
+++ b/trove/common/remote.py
@ -84,11 +84,11 @@ def guest_client(context, id, manager=None):
    return clazz(context, id)


-def nova_client(context, region_name=None):
+def nova_client(context, region_name=None, password=None):
    if CONF.nova_compute_url:
        url = '%(nova_url)s%(tenant)s' % {
            'nova_url': normalize_url(CONF.nova_compute_url),
-            'tenant': context.tenant}
+            'tenant': context.project_id}
    else:
        url = get_endpoint(context.service_catalog,
                           service_type=CONF.nova_compute_service_type,
@ -97,9 +97,11 @@ def nova_client(context, region_name=None):

    client = Client(CONF.nova_client_version,
                    username=context.user,
+                    password=password,
                    endpoint_override=url,
-                    project_id=context.tenant,
+                    project_id=context.project_id,
                    project_domain_name=context.project_domain_name,
+                    user_domain_name=context.user_domain_name,
                    auth_url=CONF.trove_auth_url,
                    auth_token=context.auth_token,
                    insecure=CONF.nova_api_insecure)
@ -113,7 +115,7 @@ def create_admin_nova_client(context):
    Creates client that uses trove admin credentials
    :return: a client for nova for the trove admin
    """
-    client = create_nova_client(context)
+    client = create_nova_client(context, password=CONF.nova_proxy_admin_pass)
    return client


--- a/trove/taskmanager/manager.py
+++ b/trove/taskmanager/manager.py
@ -45,8 +45,8 @@ class Manager(periodic_task.PeriodicTasks):
        super(Manager, self).__init__(CONF)
        self.admin_context = TroveContext(
            user=CONF.nova_proxy_admin_user,
-            auth_token=CONF.nova_proxy_admin_pass,
-            tenant=CONF.nova_proxy_admin_tenant_id)
+            tenant=CONF.nova_proxy_admin_tenant_id,
+            user_domain_name=CONF.nova_proxy_admin_user_domain_name)
        if CONF.exists_notification_transformer:
            self.exists_transformer = importutils.import_object(
                CONF.exists_notification_transformer,
--- a/trove/tests/unittests/common/test_remote.py
+++ b/trove/tests/unittests/common/test_remote.py
@ -17,7 +17,7 @@
 #
 import uuid

-from mock import patch, MagicMock
+from mock import ANY, patch, MagicMock
 import swiftclient.client
 from testtools import ExpectedException, matchers

@ -363,6 +363,7 @@ class TestCreateNovaClient(trove_testtools.TestCase):
        cfg.CONF.clear_override('nova_compute_url')
        cfg.CONF.clear_override('nova_compute_service_type')
        cfg.CONF.clear_override('os_region_name')
+        cfg.CONF.clear_override('nova_proxy_admin_pass')

    def test_create_with_no_conf_no_catalog(self):
        self.assertRaises(exception.EmptyCatalog,
@ -417,6 +418,30 @@ class TestCreateNovaClient(trove_testtools.TestCase):
        self.assertEqual('%s%s' % (nova_url_from_conf, admin_tenant_id),
                         admin_client.client.endpoint_override)

+    @patch('trove.common.remote.Client', autospec=True)
+    def test_nova_client_password_passthrough(self, nova_mock):
+        test_domain = 'test_domain_name'
+        ctx = TroveContext(user='admin1',
+                           project_id='project_id',
+                           user_domain_name=test_domain,
+                           service_catalog=self.service_catalog)
+        remote.nova_client(ctx, password='adminpass')
+        nova_mock.assert_called_with(ANY, username='admin1',
+                                     password='adminpass',
+                                     user_domain_name=test_domain,
+                                     project_id='project_id',
+                                     auth_token=None,
+                                     auth_url=ANY,
+                                     endpoint_override=ANY,
+                                     project_domain_name=ANY,
+                                     insecure=False)
+
+    @patch('trove.common.remote.create_nova_client', autospec=True)
+    def test_admin_client_password(self, nc_mock):
+        cfg.CONF.set_override('nova_proxy_admin_pass', 's3cr3t3')
+        remote.create_admin_nova_client('mycontext')
+        nc_mock.assert_called_with('mycontext', password='s3cr3t3')
+

 class TestCreateSwiftClient(trove_testtools.TestCase):
    def setUp(self):