openstack
/
charms.ceph
Code Issues Proposed changes

Add permission in mon key for newly named command 

Starting with Pacific, the 'osd blacklist' command was renamed to
'osd blocklist'. This patchset changes the allowed commands to
reflect this change.

Change-Id: If2169734f67d21c1c7c1b75677f14ebd0ea054ae
Closes-Bug: #1968369
This commit is contained in:
Luciano Lo Giudice 2022-04-12 21:46:04 -03:00
parent 476ae63f3b
commit 5745ed3ba8
4 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
charms_ceph/broker.py
View File

@ -291,7 +291,8 @@ def pool_permission_list_for_service(service):
for prefix in prefixes:
permissions.append("allow {} object_prefix {}".format(permission,
prefix))
return ['mon', 'allow r, allow command "osd blacklist"',
return ['mon', ('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd', ', '.join(permissions)]

3
charms_ceph/utils.py
View File

@ -1134,7 +1134,8 @@ def get_mds_bootstrap_key():
_default_caps = collections.OrderedDict([
('mon', ['allow r',
'allow command "osd blacklist"']),
'allow command "osd blacklist"',
'allow command "osd blocklist"']),
('osd', ['allow rwx']),
])

18
unit_tests/test_broker.py
View File

@ -37,7 +37,8 @@ class CephBrokerTestCase(unittest.TestCase):
_check_call.assert_called_with(
['ceph', 'auth', 'caps',
'client.nova',
'mon', 'allow r, allow command "osd blacklist"',
'mon', ('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd', 'allow rwx pool=cinder'])
@patch.object(charms_ceph.broker, 'check_call')
@ -70,7 +71,8 @@ class CephBrokerTestCase(unittest.TestCase):
_check_call.assert_called_with([
'ceph', 'auth', 'caps',
'client.nova',
'mon', 'allow r, allow command "osd blacklist"',
'mon', ('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd', 'allow rwx pool=glance, allow rwx pool=cinder'])
@patch.object(charms_ceph.broker, 'monitor_key_set')
@ -178,7 +180,8 @@ class CephBrokerTestCase(unittest.TestCase):
}
result = charms_ceph.broker.pool_permission_list_for_service(service)
self.assertEqual(result, ['mon',
'allow r, allow command "osd blacklist"',
'allow r, allow command "osd blacklist"' +
', allow command "osd blocklist"',
'osd',
'allow rwx pool=glance'])
@ -201,7 +204,8 @@ class CephBrokerTestCase(unittest.TestCase):
result,
[
'mon',
'allow r, allow command "osd blacklist"',
('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd',
'allow r pool=p2, allow rwx pool=glance, allow rwx pool=p1'])
@ -765,7 +769,8 @@ class CephBrokerTestCase(unittest.TestCase):
expect_service_obj),
[
'mon',
'allow r, allow command "osd blacklist"',
('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd',
('allow rwx pool=glance, '
'allow r object_prefix another, '
@ -789,7 +794,8 @@ class CephBrokerTestCase(unittest.TestCase):
expect_service_obj),
[
'mon',
'allow r, allow command "osd blacklist"',
('allow r, allow command "osd blacklist"'
', allow command "osd blocklist"'),
'osd',
('allow rwx pool=glance, '
'allow class-read object_prefix rbd_children')])

6
unit_tests/test_utils.py
View File

@ -548,7 +548,8 @@ class CephTestCase(unittest.TestCase):
'mon.', '--keyring',
'/var/lib/ceph/mon/ceph-osd001/keyring',
'auth', 'get-or-create', 'client.rgw001',
'mon', 'allow r; allow command "osd blacklist"',
'mon', ('allow r; allow command "osd blacklist"'
'; allow command "osd blocklist"'),
'osd', 'allow rwx pool=rbd pool=block'])])
@patch.object(utils.subprocess, 'check_output')
@ -566,7 +567,8 @@ class CephTestCase(unittest.TestCase):
'mon.', '--keyring',
'/var/lib/ceph/mon/ceph-osd001/keyring',
'auth', 'get-or-create', 'client.rgw001',
'mon', 'allow r; allow command "osd blacklist"',
'mon', ('allow r; allow command "osd blacklist"'
'; allow command "osd blocklist"'),
'osd', 'allow rwx'])])
def test_parse_key_with_caps_existing_key(self):