Correct the project domain option for authorization

In blazar configuration, we have the following options:

* os_admin_user_domain_name
* os_admin_project_domain_name

They are used for Keystone authentication, but 
``os_admin_project_domain_name`` in the configuration file was not
reflected in Blazar. This is because the Blazar service used
``os_admin_user_domain_name" for both *project* and *user* domain name.

This patch fixes the bug and adds related tests.

Change-Id: Ifbca9f622afba3aa9f41296fff2d34afce22da0a
Closes-Bug: #1779660

blazar/plugins/instances/instance_plugin.py

@@ -50,7 +50,7 @@ class VirtualInstancePlugin(base.BasePlugin, nova.NovaClientWrapper):
             password=CONF.os_admin_password,
             user_domain_name=CONF.os_admin_user_domain_name,
             project_name=CONF.os_admin_project_name,
-            project_domain_name=CONF.os_admin_user_domain_name)
+            project_domain_name=CONF.os_admin_project_domain_name)
 
         self.freepool_name = CONF.nova.aggregate_freepool_name
         self.monitor = oshosts.host_plugin.PhysicalHostMonitorPlugin()

blazar/plugins/oshosts/host_plugin.py

@@ -83,7 +83,7 @@ class PhysicalHostPlugin(base.BasePlugin, nova.NovaClientWrapper):
             password=CONF.os_admin_password,
             user_domain_name=CONF.os_admin_user_domain_name,
             project_name=CONF.os_admin_project_name,
-            project_domain_name=CONF.os_admin_user_domain_name)
+            project_domain_name=CONF.os_admin_project_domain_name)
         self.monitor = PhysicalHostMonitorPlugin()
         self.monitor.register_healing_handler(self.heal_reservations)
 
@@ -663,7 +663,7 @@ class PhysicalHostMonitorPlugin(base.BaseMonitorPlugin,
                 password=CONF.os_admin_password,
                 user_domain_name=CONF.os_admin_user_domain_name,
                 project_name=CONF.os_admin_project_name,
-                project_domain_name=CONF.os_admin_user_domain_name)
+                project_domain_name=CONF.os_admin_project_domain_name)
         return cls._instance
 
     def __init__(self):

blazar/tests/plugins/instances/test_instance_plugin.py

@@ -29,6 +29,10 @@ from blazar.plugins.instances import instance_plugin
 from blazar.plugins import oshosts
 from blazar import tests
 from blazar.utils.openstack import nova
+from oslo_config import cfg
+from oslo_config import fixture as conf_fixture
+
+CONF = cfg.CONF
 
 
 class TestVirtualInstancePlugin(tests.TestCase):
@@ -36,6 +40,20 @@ class TestVirtualInstancePlugin(tests.TestCase):
     def setUp(self):
         super(TestVirtualInstancePlugin, self).setUp()
 
+    def test_configuration(self):
+        self.cfg = self.useFixture(conf_fixture.Config(CONF))
+        self.cfg.config(os_admin_username='fake-user')
+        self.cfg.config(os_admin_password='fake-passwd')
+        self.cfg.config(os_admin_user_domain_name='fake-user-domain')
+        self.cfg.config(os_admin_project_name='fake-pj-name')
+        self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
+        plugin = instance_plugin.VirtualInstancePlugin()
+        self.assertEqual("fake-user", plugin.username)
+        self.assertEqual("fake-passwd", plugin.password)
+        self.assertEqual("fake-user-domain", plugin.user_domain_name)
+        self.assertEqual("fake-pj-name", plugin.project_name)
+        self.assertEqual("fake-pj-domain", plugin.project_domain_name)
+
     def get_input_values(self, vcpus, memory, disk, amount, affinity,
                          start, end, lease_id, resource_properties):
         values = {'vcpus': vcpus, 'memory_mb': memory, 'disk_gb': disk,

blazar/tests/plugins/test_physical_host_plugin.py

@@ -18,6 +18,7 @@ import datetime
 import mock
 from novaclient import client as nova_client
 from oslo_config import cfg
+from oslo_config import fixture as conf_fixture
 import testtools
 
 from blazar import context
@@ -33,6 +34,8 @@ from blazar.utils.openstack import base
 from blazar.utils.openstack import nova
 from blazar.utils import trusts
 
+CONF = cfg.CONF
+
 
 class AggregateFake(object):
 
@@ -46,6 +49,14 @@ class PhysicalHostPlugingSetupOnlyTestCase(tests.TestCase):
 
     def setUp(self):
         super(PhysicalHostPlugingSetupOnlyTestCase, self).setUp()
+
+        self.cfg = self.useFixture(conf_fixture.Config(CONF))
+        self.cfg.config(os_admin_username='fake-user')
+        self.cfg.config(os_admin_password='fake-passwd')
+        self.cfg.config(os_admin_user_domain_name='fake-user-domain')
+        self.cfg.config(os_admin_project_name='fake-pj-name')
+        self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
+
         self.context = context
         self.patch(self.context, 'BlazarContext')
         self.patch(base, 'url_for').return_value = 'http://foo.bar'
@@ -57,6 +68,15 @@ class PhysicalHostPlugingSetupOnlyTestCase(tests.TestCase):
         self.db_host_extra_capability_get_all_per_host = (
             self.patch(self.db_api, 'host_extra_capability_get_all_per_host'))
 
+    def test_configuration(self):
+        self.assertEqual("fake-user", self.fake_phys_plugin.username)
+        self.assertEqual("fake-passwd", self.fake_phys_plugin.password)
+        self.assertEqual("fake-user-domain",
+                         self.fake_phys_plugin.user_domain_name)
+        self.assertEqual("fake-pj-name", self.fake_phys_plugin.project_name)
+        self.assertEqual("fake-pj-domain",
+                         self.fake_phys_plugin.project_domain_name)
+
     def test__get_extra_capabilities_with_values(self):
         self.db_host_extra_capability_get_all_per_host.return_value = [
             {'id': 1,
@@ -1817,6 +1837,22 @@ class PhysicalHostMonitorPluginTestCase(tests.TestCase):
         self.patch(nova_client, 'Client')
         self.host_monitor_plugin = host_plugin.PhysicalHostMonitorPlugin()
 
+    def test_configuration(self):
+        # reset the singleton at first
+        host_plugin.PhysicalHostMonitorPlugin._instance = None
+        self.cfg = self.useFixture(conf_fixture.Config(CONF))
+        self.cfg.config(os_admin_password='fake-passwd')
+        self.cfg.config(os_admin_user_domain_name='fake-user-domain')
+        self.cfg.config(os_admin_project_name='fake-pj-name')
+        self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
+        self.host_monitor_plugin = host_plugin.PhysicalHostMonitorPlugin()
+        self.assertEqual("fake-passwd", self.host_monitor_plugin.password)
+        self.assertEqual("fake-user-domain",
+                         self.host_monitor_plugin.user_domain_name)
+        self.assertEqual("fake-pj-name", self.host_monitor_plugin.project_name)
+        self.assertEqual("fake-pj-domain",
+                         self.host_monitor_plugin.project_domain_name)
+
     def test_notification_callback_disabled_true(self):
         failed_host = {'hypervisor_hostname': 'compute-1'}
         event_type = 'service.update'

blazar/tests/utils/openstack/test_nova.py

@@ -124,6 +124,13 @@ class ReservationPoolTestCase(tests.TestCase):
         self.blazar_owner = nova_conf.blazar_owner
         self.blazar_az_prefix = physical_host_conf.blazar_az_prefix
 
+        self.cfg = self.useFixture(fixture.Config(CONF))
+        self.cfg.config(os_admin_username='fake-user')
+        self.cfg.config(os_admin_password='fake-passwd')
+        self.cfg.config(os_admin_user_domain_name='fake-user-domain')
+        self.cfg.config(os_admin_project_name='fake-pj-name')
+        self.cfg.config(os_admin_project_domain_name='fake-pj-domain')
+
         self.fake_freepool = AggregateFake(i=456,
                                            name=self.freepool_name,
                                            hosts=['host3'])
@@ -142,6 +149,13 @@ class ReservationPoolTestCase(tests.TestCase):
         self.p_name = self.patch(self.pool, '_generate_aggregate_name')
         self.p_name.return_value = self.pool_name
 
+    def test_configuration(self):
+        self.assertEqual("fake-user", self.pool.username)
+        self.assertEqual("fake-passwd", self.pool.password)
+        self.assertEqual("fake-user-domain", self.pool.user_domain_name)
+        self.assertEqual("fake-pj-name", self.pool.project_name)
+        self.assertEqual("fake-pj-domain", self.pool.project_domain_name)
+
     def _patch_get_aggregate_from_name_or_id(self):
         def get_fake_aggregate(*args):
             if self.freepool_name in args:

blazar/utils/openstack/nova.py

@@ -210,7 +210,7 @@ class ReservationPool(NovaClientWrapper):
             password=CONF.os_admin_password,
             user_domain_name=CONF.os_admin_user_domain_name,
             project_name=CONF.os_admin_project_name,
-            project_domain_name=CONF.os_admin_user_domain_name)
+            project_domain_name=CONF.os_admin_project_domain_name)
 
         self.config = CONF.nova
         self.freepool_name = self.config.aggregate_freepool_name

releasenotes/notes/bug-1779660-b623de868955e7d9.yaml

@@ -0,0 +1,20 @@
+---
+fixes:
+  - |
+    In the `Blazar configuration`_, we have the following options:
+
+    * os_admin_user_domain_name
+    * os_admin_project_domain_name
+
+    They are used for Keystone authentication. However,
+    ``os_admin_project_domain_name`` in the configuration file was not
+    reflected in Blazar. This was because internally in the Blazar service
+    ``os_admin_user_domain_name`` was used wrongly for both the project domain
+    name and the user domain name.
+
+    This didn't affect operators who set neither of the values explicitly in
+    the configuration file, because the default values of the two options are
+    both set to ``Default``. This release fixes the bug for operators who set
+    either of the values explicitly.
+
+    .. _Blazar configuration: https://docs.openstack.org/blazar/latest/configuration/samples/blazar-conf.html