From ca52061c40e3147fd2b55072789b4b08aa3eb1f1 Mon Sep 17 00:00:00 2001 From: Pavlo Shchelokovskyy Date: Wed, 14 Mar 2018 10:32:00 +0200 Subject: [PATCH] Use 'none' auth plugin since keystoneauth 3.0.0 there is a proper 'none' auth plugin to use for standalone services deployed w/o Keystone support. Use this plugin instead of 'admin_token' for auth_type specified as variants of 'None'. Change-Id: I425f03574858dd582118d5544381af703134da72 --- os_client_config/config.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/os_client_config/config.py b/os_client_config/config.py index ce4f045..f80e158 100644 --- a/os_client_config/config.py +++ b/os_client_config/config.py @@ -872,17 +872,16 @@ class OpenStackConfig(object): return config def _get_auth_loader(self, config): - # Re-use the admin_token plugin for the "None" plugin + # Use the 'none' plugin for variants of None specified, # since it does not look up endpoints or tokens but rather # does a passthrough. This is useful for things like Ironic # that have a keystoneless operational mode, but means we're # still dealing with a keystoneauth Session object, so all the # _other_ things (SSL arg handling, timeout) all work consistently if config['auth_type'] in (None, "None", ''): - config['auth_type'] = 'admin_token' - # Set to notused rather than None because validate_auth will - # strip the value if it's actually python None - config['auth']['token'] = 'notused' + # 'none' auth_plugin has token as 'notused' so validate_auth will + # not strip the value (which it does for actual python None) + config['auth_type'] = 'none' elif config['auth_type'] == 'token_endpoint': # Humans have been trained to use a thing called token_endpoint # That it does not exist in keystoneauth is irrelvant- it not @@ -1238,6 +1237,7 @@ class OpenStackConfig(object): with open(config_file, 'w') as fh: yaml.safe_dump(cur_config, fh, default_flow_style=False) + if __name__ == '__main__': config = OpenStackConfig().get_all_clouds() for cloud in config: