Revert "Use devstack functions for deploying barbican-svc"

Castellan unintentionally can't handle a barbican URL that has a path in addition to the hostname, such as http://ip-address/key-manager, unless it is followed by a forward slash (http://ip-address/key-manager/ ). We should either revert this change before rc1 or merge https://review.openstack.org/#/c/491942/, make a new release of Castellan, and beg for a change in upper-constraints for castellan to handle the new release. This reverts commit 508a34e23c. Change-Id: Iceb3a5fa890d64468cd6e7f5dec297d11a274d20
2017-08-08 22:38:38 +00:00 · 2017-08-08 22:38:38 +00:00 · 3c6df48cbc
commit 3c6df48cbc
parent 508a34e23c
6 changed files with 9 additions and 15 deletions
--- a/devstack/lib/barbican
+++ b/devstack/lib/barbican
@ -144,7 +144,7 @@ function configure_barbican {
    else
        echo_summary "Barbican requires that the RabbitMQ service is enabled"
    fi
-    write_uwsgi_config "$BARBICAN_UWSGI_CONF" "$BARBICAN_WSGI" "/key-manager"
+
    ## Set up keystone

    # Turn on the middleware
@ -186,7 +186,7 @@ function install_barbicanclient {
 # start_barbican - Start running processes, including screen
 function start_barbican {
    # Start the Barbican service up.
-    run_process barbican-svc "$BARBICAN_BIN_DIR/uwsgi --ini $BARBICAN_UWSGI_CONF"
+    run_process barbican-svc "$BARBICAN_BIN_DIR/uwsgi --master --emperor $BARBICAN_CONF_DIR/vassals"

    # Pause while the barbican-svc populates the database, otherwise the retry
    # service below might try to do this at the same time, leading to race
@ -363,12 +363,12 @@ function create_barbican_accounts {
        --os-identity-api-version 3 \
        --region RegionOne \
        $BARBICAN_SERVICE \
-        public "http://$SERVICE_HOST/key-manager"
+        public "http://$SERVICE_HOST:9311"
    openstack endpoint create \
        --os-identity-api-version 3 \
        --region RegionOne \
        $BARBICAN_SERVICE \
-        internal "http://$SERVICE_HOST/key-manager"
+        internal "http://$SERVICE_HOST:9311"

 }

--- a/devstack/settings
+++ b/devstack/settings
@ -17,10 +17,6 @@ PYKMIP_LOG_DIR=${PYKMIP_LOG_DIR:-/var/log/pykmip}
 # Support potential entry-points console scripts
 BARBICAN_BIN_DIR=$(get_python_exec_prefix)

-# WSGI variables
-BARBICAN_WSGI=$BARBICAN_BIN_DIR/barbican-wsgi-api
-BARBICAN_UWSGI_CONF=$BARBICAN_CONF_DIR/barbican-uwsgi.ini
-
 # Set Barbican repository
 BARBICAN_REPO=${BARBICAN_REPO:-${GIT_BASE}/openstack/barbican.git}
 BARBICAN_BRANCH=${BARBICAN_BRANCH:-master}
@ -30,7 +26,7 @@ BARBICANCLIENT_REPO=${BARBICANCLIENT_REPO:-${GIT_BASE}/openstack/python-barbican
 BARBICANCLIENT_BRANCH=${BARBICANCLIENT_BRANCH:-master}

 # Set host href
-BARBICAN_HOST_HREF=${BARBICAN_HOST_HREF:-http://${SERVICE_HOST}/key-manager}
+BARBICAN_HOST_HREF=${BARBICAN_HOST_HREF:-http://${SERVICE_HOST}:9311}

 # Tell Tempest this project is present
 TEMPEST_SERVICES+=,barbican
--- a/functionaltests/api/v1/functional/test_secretmeta.py
+++ b/functionaltests/api/v1/functional/test_secretmeta.py
@ -82,7 +82,7 @@ class SecretMetadataTestCase(base.TestCase):

    @testcase.attr('negative')
    def test_secret_metadata_create_no_secret(self):
-        secret_ref = ('http://localhost/key-manager/secrets/%s' %
+        secret_ref = ('http://localhost:9311/secrets/%s' %
                      uuidutils.generate_uuid(dashed=False))

        meta_resp, metadata_ref = self.behaviors.create_or_update_metadata(
@ -111,7 +111,7 @@ class SecretMetadataTestCase(base.TestCase):

    @testcase.attr('negative')
    def test_secret_metadata_get_no_secret(self):
-        secret_ref = ('http://localhost/key-manager/secrets/%s' %
+        secret_ref = ('http://localhost:9311/secrets/%s' %
                      uuidutils.generate_uuid(dashed=False))

        get_resp = self.behaviors.get_metadata(secret_ref)
--- a/functionaltests/common/client.py
+++ b/functionaltests/common/client.py
@ -199,8 +199,6 @@ class BarbicanClient(object):
            base_url = endpoint['key-manager'][0].get('publicURL')
        else:
            base_url = endpoint['key-manager'][0].get('url')
-        # Handle urls that aren't just an address
-        base_url = self._get_url_w_trailing_slash(base_url)

        # Make sure we handle the edge cases around Keystone providing
        # endpoints with or without versions
--- a/functionaltests/run_tests.sh
+++ b/functionaltests/run_tests.sh
@ -15,7 +15,7 @@
 # How many seconds to wait for the API to be responding before giving up
 API_RESPONDING_TIMEOUT=20

-if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1/key-manager 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
+if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9311/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
    echo "The Barbican API failed to respond within ${API_RESPONDING_TIMEOUT} seconds"
    exit 1
 fi
--- a/functionaltests/run_tests_parallel.sh
+++ b/functionaltests/run_tests_parallel.sh
@ -15,7 +15,7 @@
 # How many seconds to wait for the API to be responding before giving up
 API_RESPONDING_TIMEOUT=20

-if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1/key-manager 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
+if ! timeout ${API_RESPONDING_TIMEOUT} sh -c "while ! curl -s http://127.0.0.1:9311/ 2>/dev/null | grep -q 'v1' ; do sleep 1; done"; then
    echo "The Barbican API failed to respond within ${API_RESPONDING_TIMEOUT} seconds"
    exit 1
 fi