Spelling fixes found (mostly) by Codespell.
Change-Id: I2803dc7efc8c357ca48a5284a3c95793363e0263
This commit is contained in:
parent
3143cb6638
commit
817b97871e
|
@ -1,4 +1,4 @@
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -220,7 +220,7 @@ class KeystoneContext(context.OSContextGenerator):
|
||||||
ctxt['ldap_config_flags'] = flags
|
ctxt['ldap_config_flags'] = flags
|
||||||
|
|
||||||
# Only try to decode it if there is something actually set - this
|
# Only try to decode it if there is something actually set - this
|
||||||
# siliences a NoneType warning in the logs if it isn't set
|
# silences a NoneType warning in the logs if it isn't set
|
||||||
password_security_compliance = config('password-security-compliance')
|
password_security_compliance = config('password-security-compliance')
|
||||||
if password_security_compliance:
|
if password_security_compliance:
|
||||||
ctxt['password_security_compliance'] = (
|
ctxt['password_security_compliance'] = (
|
||||||
|
@ -375,7 +375,7 @@ class FernetCronContext(context.OSContextGenerator):
|
||||||
|
|
||||||
|
|
||||||
def fernet_enabled():
|
def fernet_enabled():
|
||||||
"""Helper function for determinining whether Fernet tokens are enabled.
|
"""Helper function for determining whether Fernet tokens are enabled.
|
||||||
|
|
||||||
:returns: True if the fernet keys should be configured.
|
:returns: True if the fernet keys should be configured.
|
||||||
:rtype: bool
|
:rtype: bool
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
#
|
#
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -254,7 +254,7 @@ def config_changed_postupgrade():
|
||||||
release = os_release('keystone')
|
release = os_release('keystone')
|
||||||
if run_in_apache(release=release):
|
if run_in_apache(release=release):
|
||||||
# Need to ensure mod_wsgi is installed and apache2 is reloaded
|
# Need to ensure mod_wsgi is installed and apache2 is reloaded
|
||||||
# immediatly as charm querys its local keystone before restart
|
# immediately as charm queries its local keystone before restart
|
||||||
# decorator can fire
|
# decorator can fire
|
||||||
apt_install(filter_installed_packages(determine_packages()))
|
apt_install(filter_installed_packages(determine_packages()))
|
||||||
# when deployed from source, init scripts aren't installed
|
# when deployed from source, init scripts aren't installed
|
||||||
|
@ -680,7 +680,7 @@ def configure_https():
|
||||||
with any required api updates.
|
with any required api updates.
|
||||||
'''
|
'''
|
||||||
# need to write all to ensure changes to the entire request pipeline
|
# need to write all to ensure changes to the entire request pipeline
|
||||||
# propagate (c-api, haprxy, apache)
|
# propagate (c-api, haproxy, apache)
|
||||||
CONFIGS.write_all()
|
CONFIGS.write_all()
|
||||||
# NOTE (thedac): When using snaps, nginx is installed, skip any apache2
|
# NOTE (thedac): When using snaps, nginx is installed, skip any apache2
|
||||||
# config.
|
# config.
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
#
|
#
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -1726,11 +1726,11 @@ def create_user_credentials(user, passwd_get_callback, passwd_set_callback,
|
||||||
def create_service_credentials(user, new_roles=None):
|
def create_service_credentials(user, new_roles=None):
|
||||||
"""Create credentials for service with given username.
|
"""Create credentials for service with given username.
|
||||||
|
|
||||||
For Keystone v2.0 API compability services are given a user under
|
For Keystone v2.0 API compatibility services are given a user under
|
||||||
config('service-tenant') in DEFAULT_DOMAIN and are given the
|
config('service-tenant') in DEFAULT_DOMAIN and are given the
|
||||||
config('admin-role') role. Tenant is assumed to already exist.
|
config('admin-role') role. Tenant is assumed to already exist.
|
||||||
|
|
||||||
For Keysteone v3 API compability services are given a user in project
|
For Keystone v3 API compatibility services are given a user in project
|
||||||
config('service-tenant') in SERVICE_DOMAIN and are given the
|
config('service-tenant') in SERVICE_DOMAIN and are given the
|
||||||
config('admin-role') role.
|
config('admin-role') role.
|
||||||
|
|
||||||
|
@ -1826,8 +1826,8 @@ def ensure_all_service_accounts_protected_for_pci_dss_options():
|
||||||
def get_real_role_names(roles, manager):
|
def get_real_role_names(roles, manager):
|
||||||
"""Return the name names of the roles.
|
"""Return the name names of the roles.
|
||||||
|
|
||||||
Keystone attempts to be case insensative but not all client code is so
|
Keystone attempts to be case insensitive but not all client code is so
|
||||||
sometimes the case sensative role name as it is stored in the DB is
|
sometimes the case sensitive role name as it is stored in the DB is
|
||||||
needed.
|
needed.
|
||||||
|
|
||||||
:param roles: List of role names
|
:param roles: List of role names
|
||||||
|
@ -1872,7 +1872,7 @@ def add_service_to_keystone(relation_id=None, remote_unit=None):
|
||||||
|
|
||||||
relation_data["auth_port"] = config('admin-port')
|
relation_data["auth_port"] = config('admin-port')
|
||||||
relation_data["service_port"] = config('service-port')
|
relation_data["service_port"] = config('service-port')
|
||||||
# the internal url is binded to the service-port when
|
# the internal URL is bound to the service-port when
|
||||||
# bootstrapping keystone in the function bootstrap_keystone(), the
|
# bootstrapping keystone in the function bootstrap_keystone(), the
|
||||||
# same config is handed over in the relation.
|
# same config is handed over in the relation.
|
||||||
relation_data["internal_port"] = config('service-port')
|
relation_data["internal_port"] = config('service-port')
|
||||||
|
@ -2089,7 +2089,7 @@ def add_credentials_to_keystone(relation_id=None, remote_unit=None):
|
||||||
|
|
||||||
|
|
||||||
def get_protocol():
|
def get_protocol():
|
||||||
"""Determine the http protocol
|
"""Determine the HTTP protocol
|
||||||
|
|
||||||
:returns: http or https
|
:returns: http or https
|
||||||
"""
|
"""
|
||||||
|
@ -2198,14 +2198,14 @@ def send_id_service_notifications(data):
|
||||||
"""Send notification on identity-service relation.
|
"""Send notification on identity-service relation.
|
||||||
|
|
||||||
Services can optionally request notifications of other services endpoint
|
Services can optionally request notifications of other services endpoint
|
||||||
changes. They do this by sending a space seperated list of service names
|
changes. They do this by sending a space separated list of service names
|
||||||
that they wish to be notified of. e.g
|
that they wish to be notified of. e.g
|
||||||
|
|
||||||
subscribe_ep_change="placement neutron"
|
subscribe_ep_change="placement neutron"
|
||||||
|
|
||||||
If the endpoints change for any service in the list then a notification is
|
If the endpoints change for any service in the list then a notification is
|
||||||
sent back with a nonce. e.g. if the neutron ep changes the charm will
|
sent back with a nonce. e.g. if the neutron ep changes the charm will
|
||||||
recieve a json encoded dict of changes:
|
receive a JSON encoded dict of changes:
|
||||||
'ep_changed': '{"neutron": "1c261658"}'
|
'ep_changed': '{"neutron": "1c261658"}'
|
||||||
|
|
||||||
:param data: Dict of key=value to use as trigger for notification.
|
:param data: Dict of key=value to use as trigger for notification.
|
||||||
|
@ -2253,7 +2253,7 @@ def send_id_notifications(data, force=False):
|
||||||
|
|
||||||
Units are expected to ignore notifications that they don't expect.
|
Units are expected to ignore notifications that they don't expect.
|
||||||
|
|
||||||
NOTE: settings that are not required/inuse must always be set to None
|
NOTE: settings that are not required/in use must always be set to None
|
||||||
so that they are removed from the relation.
|
so that they are removed from the relation.
|
||||||
|
|
||||||
:param data: Dict of key=value to use as trigger for notification. If the
|
:param data: Dict of key=value to use as trigger for notification. If the
|
||||||
|
@ -2373,7 +2373,7 @@ def determine_python_path():
|
||||||
|
|
||||||
|
|
||||||
def get_optional_interfaces():
|
def get_optional_interfaces():
|
||||||
"""Return the optional interfaces that should be checked if the relavent
|
"""Return the optional interfaces that should be checked if the relevant
|
||||||
relations have appeared.
|
relations have appeared.
|
||||||
:returns: {general_interface: [specific_int1, specific_int2, ...], ...}
|
:returns: {general_interface: [specific_int1, specific_int2, ...], ...}
|
||||||
"""
|
"""
|
||||||
|
@ -2512,12 +2512,12 @@ def post_snap_install():
|
||||||
""" Specific steps post snap install for this charm
|
""" Specific steps post snap install for this charm
|
||||||
|
|
||||||
"""
|
"""
|
||||||
log("Perfoming post snap install tasks", INFO)
|
log("Performing post snap install tasks", INFO)
|
||||||
PASTE_SRC = ('{}/etc/keystone/keystone-paste.ini'
|
PASTE_SRC = ('{}/etc/keystone/keystone-paste.ini'
|
||||||
''.format(SNAP_BASE_DIR))
|
''.format(SNAP_BASE_DIR))
|
||||||
PASTE_DST = '{}/keystone-paste.ini'.format(SNAP_COMMON_KEYSTONE_DIR)
|
PASTE_DST = '{}/keystone-paste.ini'.format(SNAP_COMMON_KEYSTONE_DIR)
|
||||||
if os.path.exists(PASTE_SRC):
|
if os.path.exists(PASTE_SRC):
|
||||||
log("Perfoming post snap install tasks", INFO)
|
log("Performing post snap install tasks", INFO)
|
||||||
shutil.copy(PASTE_SRC, PASTE_DST)
|
shutil.copy(PASTE_SRC, PASTE_DST)
|
||||||
|
|
||||||
|
|
||||||
|
@ -2727,7 +2727,7 @@ def fernet_keys_rotate_and_sync(log_func=log):
|
||||||
|
|
||||||
The rotation time = token-expiration / (max-active-keys - 2)
|
The rotation time = token-expiration / (max-active-keys - 2)
|
||||||
|
|
||||||
where max-active-keys has a minumum of 3.
|
where max-active-keys has a minimum of 3.
|
||||||
|
|
||||||
:param log_func: Function to use for logging
|
:param log_func: Function to use for logging
|
||||||
:type log_func: func
|
:type log_func: func
|
||||||
|
@ -2769,7 +2769,7 @@ def fernet_keys_rotate_and_sync(log_func=log):
|
||||||
def assemble_endpoints(settings):
|
def assemble_endpoints(settings):
|
||||||
"""
|
"""
|
||||||
Assemble multiple endpoints from relation data. service name
|
Assemble multiple endpoints from relation data. service name
|
||||||
should be prepended to setting name, ie:
|
should be prepended to setting name, i.e.:
|
||||||
realtion-set ec2_service=$foo ec2_region=$foo ec2_public_url=$foo
|
realtion-set ec2_service=$foo ec2_region=$foo ec2_public_url=$foo
|
||||||
relation-set nova_service=$foo nova_region=$foo nova_public_url=$foo
|
relation-set nova_service=$foo nova_region=$foo nova_public_url=$foo
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -55,7 +55,7 @@ the same file that sent the arguments.
|
||||||
|
|
||||||
{
|
{
|
||||||
'result': <whatever the result of the function call was>
|
'result': <whatever the result of the function call was>
|
||||||
'error': <if an error occured, the text of the error
|
'error': <if an error occurred, the text of the error>
|
||||||
}
|
}
|
||||||
|
|
||||||
This system is currently needed to decouple the majority of the charm from the
|
This system is currently needed to decouple the majority of the charm from the
|
||||||
|
@ -125,7 +125,7 @@ def get_keystone_manager(endpoint, charm_credentials, api_version=None):
|
||||||
"""Return a keystonemanager for the correct API version
|
"""Return a keystonemanager for the correct API version
|
||||||
|
|
||||||
If api_version has not been set then create a manager based on the endpoint
|
If api_version has not been set then create a manager based on the endpoint
|
||||||
Use this manager to query the catalogue and determine which api version
|
Use this manager to query the catalogue and determine which API version
|
||||||
should actually be being used. Return the correct client based on that.
|
should actually be being used. Return the correct client based on that.
|
||||||
Function is wrapped in a retry_on_exception to catch the case where the
|
Function is wrapped in a retry_on_exception to catch the case where the
|
||||||
keystone service is still initialising and not responding to requests yet.
|
keystone service is still initialising and not responding to requests yet.
|
||||||
|
@ -135,7 +135,7 @@ def get_keystone_manager(endpoint, charm_credentials, api_version=None):
|
||||||
|
|
||||||
@param endpoint: the keystone endpoint to point client at
|
@param endpoint: the keystone endpoint to point client at
|
||||||
@param charm_credentials: the keystone credentials
|
@param charm_credentials: the keystone credentials
|
||||||
@param api_version: version of the keystone api the client should use
|
@param api_version: version of the keystone API the client should use
|
||||||
@returns keystonemanager class used for interrogating keystone
|
@returns keystonemanager class used for interrogating keystone
|
||||||
"""
|
"""
|
||||||
if api_version:
|
if api_version:
|
||||||
|
@ -192,7 +192,7 @@ class KeystoneManager(object):
|
||||||
def resolve_role_name(self, name):
|
def resolve_role_name(self, name):
|
||||||
"""Find the role_name of a given role
|
"""Find the role_name of a given role
|
||||||
|
|
||||||
Find the case-sensative role name that matches the case-insensative
|
Find the case-sensitive role name that matches the case-insensitive
|
||||||
role name supplied.
|
role name supplied.
|
||||||
|
|
||||||
:param name: Name of role to look up.
|
:param name: Name of role to look up.
|
||||||
|
@ -486,7 +486,7 @@ class KeystoneManager3(KeystoneManager):
|
||||||
users = manager.api.users.list(domain=domain_id)
|
users = manager.api.users.list(domain=domain_id)
|
||||||
for user in users:
|
for user in users:
|
||||||
if user.name.lower() == name.lower():
|
if user.name.lower() == name.lower():
|
||||||
# In v3 Domains are seperate user namespaces so need to
|
# In v3 Domains are separate user namespaces so need to
|
||||||
# check that the domain matched if provided
|
# check that the domain matched if provided
|
||||||
if domain:
|
if domain:
|
||||||
if domain_id == user.domain_id:
|
if domain_id == user.domain_id:
|
||||||
|
@ -518,7 +518,7 @@ class KeystoneManager3(KeystoneManager):
|
||||||
if not domain:
|
if not domain:
|
||||||
raise RuntimeError(
|
raise RuntimeError(
|
||||||
"Can't resolve a domain as no domain or domain_id "
|
"Can't resolve a domain as no domain or domain_id "
|
||||||
"supplid.")
|
"supplied.")
|
||||||
domain_id = manager.resolve_domain_id(domain)
|
domain_id = manager.resolve_domain_id(domain)
|
||||||
if not domain_id:
|
if not domain_id:
|
||||||
raise ValueError(
|
raise ValueError(
|
||||||
|
@ -534,12 +534,12 @@ class KeystoneManager3(KeystoneManager):
|
||||||
"""Update the user with data from the **kwargs.
|
"""Update the user with data from the **kwargs.
|
||||||
|
|
||||||
It is the responsibility of the caller to fully define the user
|
It is the responsibility of the caller to fully define the user
|
||||||
that needs to be udpated. e.g. preferably the user is a
|
that needs to be updated. e.g. preferably the user is a
|
||||||
:class:`keystoneclient.v3.users.User`
|
:class:`keystoneclient.v3.users.User`
|
||||||
|
|
||||||
:param user: The user to be updated.
|
:param user: The user to be updated.
|
||||||
:type user: Union[str, keystoneclient.v3.users.User]
|
:type user: Union[str, keystoneclient.v3.users.User]
|
||||||
:params **kwargs: the keys, values to be udpated.
|
:params **kwargs: the keys, values to be updated.
|
||||||
:type **kwargs: Dict[str, str]
|
:type **kwargs: Dict[str, str]
|
||||||
:returns: the dictionary representation of the updated user
|
:returns: the dictionary representation of the updated user
|
||||||
:rtype: Dict[str, ANY]
|
:rtype: Dict[str, ANY]
|
||||||
|
@ -671,7 +671,7 @@ So in the calling file, you get something like this:
|
||||||
manager = get_manager()
|
manager = get_manager()
|
||||||
manager.some_function(a, b, c, y=10)
|
manager.some_function(a, b, c, y=10)
|
||||||
|
|
||||||
And that gets translated by the calling code into a json structure
|
And that gets translated by the calling code into a JSON structure
|
||||||
that looks like:
|
that looks like:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
@ -690,7 +690,7 @@ the path as the attributes at each level.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
# This script needs 1 argument which is the unix domain socket though which
|
# This script needs 1 argument which is the Unix domain socket though which
|
||||||
# it communicates with the caller. The program stays running until it is
|
# it communicates with the caller. The program stays running until it is
|
||||||
# sent a 'STOP' command by the caller, or is just killed.
|
# sent a 'STOP' command by the caller, or is just killed.
|
||||||
if len(sys.argv) != 2:
|
if len(sys.argv) != 2:
|
||||||
|
|
|
@ -19,7 +19,7 @@ class Codec():
|
||||||
characters, and this is ensured by encoding the message using base64 (which
|
characters, and this is ensured by encoding the message using base64 (which
|
||||||
doesn't contain either of those characters).
|
doesn't contain either of those characters).
|
||||||
|
|
||||||
This is for sending over a unix domain socket which has interesting
|
This is for sending over a Unix domain socket which has interesting
|
||||||
buffering -- this makes sure we can reconstruct entire messages between two
|
buffering -- this makes sure we can reconstruct entire messages between two
|
||||||
processes.
|
processes.
|
||||||
"""
|
"""
|
||||||
|
@ -101,7 +101,7 @@ class Codec():
|
||||||
|
|
||||||
def encode(self, message):
|
def encode(self, message):
|
||||||
"""Encode a message for sending on a channel with inconsistent
|
"""Encode a message for sending on a channel with inconsistent
|
||||||
buffering (e.g. like a unix domain socket.
|
buffering (e.g. like a Unix domain socket).
|
||||||
|
|
||||||
Encodes the message by UTF-8, then base64 and finally adds '%' and '$'
|
Encodes the message by UTF-8, then base64 and finally adds '%' and '$'
|
||||||
to the start and end of the message. This is so the message can be
|
to the start and end of the message. This is so the message can be
|
||||||
|
@ -204,7 +204,7 @@ class UDSClient():
|
||||||
other end of the UDS. Uses the Codec() class to ensure that the
|
other end of the UDS. Uses the Codec() class to ensure that the
|
||||||
messages are properly received and sent.
|
messages are properly received and sent.
|
||||||
|
|
||||||
:returns: the string send by the Server.send() methdod.
|
:returns: the string sent by the Server.send() method.
|
||||||
:rtype: str
|
:rtype: str
|
||||||
:raises: UDSException on Error
|
:raises: UDSException on Error
|
||||||
"""
|
"""
|
||||||
|
@ -243,7 +243,7 @@ class UDSServer():
|
||||||
|
|
||||||
The Server listens for a connection, performs a handshake, and then is in
|
The Server listens for a connection, performs a handshake, and then is in
|
||||||
control of the conversation. The user of Server() should then send a
|
control of the conversation. The user of Server() should then send a
|
||||||
message and wait for a reponse. It's up to the client to disconnect, so an
|
message and wait for a response. It's up to the client to disconnect, so a
|
||||||
protocol level message should be used (e.g. QUIT) that the user of Client()
|
protocol level message should be used (e.g. QUIT) that the user of Client()
|
||||||
will use to close the connection.
|
will use to close the connection.
|
||||||
|
|
||||||
|
@ -271,7 +271,7 @@ class UDSServer():
|
||||||
ensures that a client can connect. The conversation doesn't get
|
ensures that a client can connect. The conversation doesn't get
|
||||||
started until the wait_for_connection() method is called.
|
started until the wait_for_connection() method is called.
|
||||||
|
|
||||||
The server can initialse the Server, then ask the client to connect,
|
The server can initialise the Server, then ask the client to connect,
|
||||||
and then at any point later call wait_for_connection() to get the
|
and then at any point later call wait_for_connection() to get the
|
||||||
conversation going.
|
conversation going.
|
||||||
|
|
||||||
|
@ -323,7 +323,7 @@ class UDSServer():
|
||||||
other end of the UDS. Uses the Codec() class to ensure that the
|
other end of the UDS. Uses the Codec() class to ensure that the
|
||||||
messages are properly received and sent.
|
messages are properly received and sent.
|
||||||
|
|
||||||
:returns: the string send by the Client.send() methdod.
|
:returns: the string sent by the Client.send() method.
|
||||||
:rtype: str
|
:rtype: str
|
||||||
:raises: UDSException on Error
|
:raises: UDSException on Error
|
||||||
"""
|
"""
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Copyright 2016 Canonical Ltd
|
# Copyright 2016-2021 Canonical Ltd
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
|
@ -24,7 +24,7 @@ patch('charmhelpers.core.hookenv.status_set').start()
|
||||||
|
|
||||||
|
|
||||||
def load_config():
|
def load_config():
|
||||||
'''Walk backwords from __file__ looking for config.yaml,
|
'''Walk backwards from __file__ looking for config.yaml,
|
||||||
load and return the 'options' section'
|
load and return the 'options' section'
|
||||||
'''
|
'''
|
||||||
config = None
|
config = None
|
||||||
|
|
Loading…
Reference in New Issue