From e70404588002222c8475667ff1a94f4c265a8def Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Fri, 17 Jul 2020 19:02:28 +0000 Subject: [PATCH] Use keystoneauth1 config option loading for masakari client If a custom CA file is configured via [api] cafile, currently communication with Keystone will fail, since the session is not created using this CA file. The [api] insecure option is also ignored. This change fixes the issue by using keystoneauth loading for the auth and session, to ensure all standard configuration options are supported. Change-Id: Idd58b72f7f5242e8135fec71b42adf5dd1852417 Closes-Bug: #1873736 --- masakarimonitors/conf/api.py | 5 ++-- masakarimonitors/ha/masakari.py | 14 +++------- .../tests/unit/ha/test_masakari.py | 28 +++++++++++-------- 3 files changed, 24 insertions(+), 23 deletions(-) diff --git a/masakarimonitors/conf/api.py b/masakarimonitors/conf/api.py index fe3f792..fd6bd9a 100644 --- a/masakarimonitors/conf/api.py +++ b/masakarimonitors/conf/api.py @@ -39,8 +39,9 @@ monitor_api_opts = [ def register_opts(conf): conf.register_group(api_group) conf.register_opts(monitor_api_opts, group=api_group) - conf.register_opts(ks_loading.get_auth_plugin_conf_options('password'), - group=api_group) + ks_loading.register_session_conf_options(conf, api_group) + ks_loading.register_auth_conf_options(conf, api_group) + conf.set_default('auth_type', 'password', group=api_group) def list_opts(): diff --git a/masakarimonitors/ha/masakari.py b/masakarimonitors/ha/masakari.py index 7860e61..509580c 100644 --- a/masakarimonitors/ha/masakari.py +++ b/masakarimonitors/ha/masakari.py @@ -13,8 +13,7 @@ # limitations under the License. import eventlet -from keystoneauth1.identity.generic import password as ks_password -from keystoneauth1 import session as ks_session +from keystoneauth1 import loading as ks_loading from openstack import connection from openstack import exceptions from oslo_log import log as oslo_logging @@ -28,14 +27,9 @@ CONF = masakarimonitors.conf.CONF class SendNotification(object): def _make_client(self): - auth = ks_password.Password( - auth_url=CONF.api.auth_url, - username=CONF.api.username, - password=CONF.api.password, - user_domain_id=CONF.api.user_domain_id, - project_name=CONF.api.project_name, - project_domain_id=CONF.api.project_domain_id) - session = ks_session.Session(auth=auth) + auth = ks_loading.load_auth_from_conf_options(CONF, 'api') + session = ks_loading.load_session_from_conf_options(CONF, 'api', + auth=auth) conn = connection.Connection(session=session, interface=CONF.api.api_interface, region_name=CONF.api.region) diff --git a/masakarimonitors/tests/unit/ha/test_masakari.py b/masakarimonitors/tests/unit/ha/test_masakari.py index 7297e7a..bb37670 100644 --- a/masakarimonitors/tests/unit/ha/test_masakari.py +++ b/masakarimonitors/tests/unit/ha/test_masakari.py @@ -17,15 +17,17 @@ from unittest import mock import uuid import eventlet -from keystoneauth1.identity.generic import password as ks_password -from keystoneauth1 import session as ks_session +from keystoneauth1 import loading as ks_loading from openstack import connection from openstack import exceptions from oslo_utils import timeutils +import masakarimonitors.conf from masakarimonitors.ha import masakari from masakarimonitors.objects import event_constants as ec +CONF = masakarimonitors.conf.CONF + PROFILE_TYPE = "ha" PROFILE_NAME = "masakari" @@ -60,10 +62,10 @@ class TestSendNotification(testtools.TestCase): } @mock.patch.object(connection, 'Connection') - @mock.patch.object(ks_session, 'Session') - @mock.patch.object(ks_password, 'Password') + @mock.patch.object(ks_loading, 'load_session_from_conf_options') + @mock.patch.object(ks_loading, 'load_auth_from_conf_options') def test_send_notification( - self, mock_password, mock_session, mock_connection): + self, mock_auth, mock_session, mock_connection): mock_conn = mock.Mock() mock_conn.instance_ha.return_value = mock.Mock() @@ -80,11 +82,15 @@ class TestSendNotification(testtools.TestCase): generated_time=self.event['notification']['generated_time'], payload=self.event['notification']['payload']) + mock_auth.assert_called_once_with(CONF, 'api') + mock_session.assert_called_once_with(CONF, 'api', + auth=mock_auth.return_value) + @mock.patch.object(connection, 'Connection') - @mock.patch.object(ks_session, 'Session') - @mock.patch.object(ks_password, 'Password') + @mock.patch.object(ks_loading, 'load_session_from_conf_options') + @mock.patch.object(ks_loading, 'load_auth_from_conf_options') def test_send_notification_409_error( - self, mock_password, mock_session, mock_connection): + self, mock_auth, mock_session, mock_connection): mock_conn = mock.Mock() mock_conn.instance_ha.return_value = mock.Mock() @@ -113,10 +119,10 @@ class TestSendNotification(testtools.TestCase): @mock.patch.object(eventlet.greenthread, 'sleep') @mock.patch.object(connection, 'Connection') - @mock.patch.object(ks_session, 'Session') - @mock.patch.object(ks_password, 'Password') + @mock.patch.object(ks_loading, 'load_session_from_conf_options') + @mock.patch.object(ks_loading, 'load_auth_from_conf_options') def test_send_notification_500_error( - self, mock_password, mock_session, mock_connection, mock_sleep): + self, mock_auth, mock_session, mock_connection, mock_sleep): mock_conn = mock.Mock() mock_conn.instance_ha.return_value = mock.Mock()