127 lines
4.5 KiB
Python
127 lines
4.5 KiB
Python
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
from keystoneauth1 import loading as ks_loading
|
|
from oslo_config import cfg
|
|
|
|
CONF = cfg.CONF
|
|
|
|
|
|
barbican_group = cfg.OptGroup(
|
|
name='barbican',
|
|
title='Barbican Options',
|
|
help="Barbican options for allowing Deckhand to communicate with "
|
|
"Barbican.")
|
|
|
|
|
|
barbican_opts = [
|
|
# TODO(felipemonteiro): Drop this option once Keystone endpoint lookup is
|
|
# implemented.
|
|
cfg.StrOpt(
|
|
'api_endpoint',
|
|
sample_default='http://barbican.example.org:9311/',
|
|
help='URL override for the Barbican API endpoint.'),
|
|
cfg.IntOpt(
|
|
'max_workers', default=10,
|
|
help='Maximum number of threads used to call secret storage service '
|
|
'concurrently.'),
|
|
# TODO(felipemonteiro): This is better off being removed because the same
|
|
# effect can be achieved through per-test gabbi fixtures that clean up
|
|
# the cache between tests.
|
|
cfg.BoolOpt('enable_cache', default=True,
|
|
help="Whether to enable Barbican secret caching. Useful "
|
|
"for testing to avoid cross-test caching conflicts."),
|
|
cfg.StrOpt(
|
|
'cache_timeout', default=3600,
|
|
help="How long (in seconds) Barbican secret reference/payload lookup "
|
|
"results should remain cached in memory.")
|
|
]
|
|
|
|
|
|
engine_group = cfg.OptGroup(
|
|
name='engine',
|
|
title='Engine Options',
|
|
help="Engine options for allowing behavior specific to Deckhand's engine "
|
|
"to be configured.")
|
|
|
|
|
|
engine_opts = [
|
|
# TODO(felipemonteiro): This is better off being removed because the same
|
|
# effect can be achieved through per-test gabbi fixtures that clean up
|
|
# the cache between tests.
|
|
cfg.BoolOpt('enable_cache', default=True,
|
|
help="Whether to enable the document rendering caching. Useful"
|
|
" for testing to avoid cross-test caching conflicts."),
|
|
cfg.IntOpt('cache_timeout', default=3600,
|
|
help="How long (in seconds) document rendering results should "
|
|
"remain cached in memory."),
|
|
]
|
|
|
|
|
|
jsonpath_group = cfg.OptGroup(
|
|
name='jsonpath',
|
|
title='JSONPath Options',
|
|
help="JSONPath options for allowing JSONPath logic to be configured.")
|
|
|
|
|
|
jsonpath_opts = [
|
|
cfg.IntOpt('cache_timeout', default=3600,
|
|
help="How long (in seconds) JSONPath lookup results should "
|
|
"remain cached in memory.")
|
|
]
|
|
|
|
|
|
default_opts = [
|
|
cfg.BoolOpt('profiler', default=False,
|
|
help="Enables profiling of API requests. Do NOT use in "
|
|
"production."),
|
|
cfg.BoolOpt('development_mode', default=False,
|
|
help="Enables development mode, which disables Keystone "
|
|
"authentication. Do NOT use in production.")
|
|
]
|
|
|
|
|
|
def register_opts(conf):
|
|
conf.register_group(barbican_group)
|
|
conf.register_opts(barbican_opts, group=barbican_group)
|
|
conf.register_opts(engine_opts, group=engine_group)
|
|
conf.register_opts(jsonpath_opts, group=jsonpath_group)
|
|
conf.register_opts(default_opts)
|
|
ks_loading.register_auth_conf_options(conf, group='keystone_authtoken')
|
|
ks_loading.register_auth_conf_options(conf, group=barbican_group.name)
|
|
ks_loading.register_session_conf_options(conf, group=barbican_group.name)
|
|
|
|
|
|
def list_opts():
|
|
opts = {
|
|
None: default_opts,
|
|
'keystone_authtoken': (
|
|
ks_loading.get_session_conf_options() +
|
|
ks_loading.get_auth_common_conf_options() +
|
|
ks_loading.get_auth_plugin_conf_options('password') +
|
|
ks_loading.get_auth_plugin_conf_options('v3password')
|
|
),
|
|
barbican_group: (
|
|
barbican_opts +
|
|
ks_loading.get_session_conf_options() +
|
|
ks_loading.get_auth_common_conf_options() +
|
|
ks_loading.get_auth_plugin_conf_options('v3password')
|
|
),
|
|
jsonpath_group: jsonpath_opts
|
|
}
|
|
return opts
|
|
|
|
|
|
register_opts(CONF)
|