Updates for liberty fixes
This commit is contained in:
parent
a85b9648d7
commit
4e55e2f4c1
11
domain-setup.sh
Normal file
11
domain-setup.sh
Normal file
@ -0,0 +1,11 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
openstack domain create --description "Stack projects and users" heat
|
||||
|
||||
openstack user create --domain heat --password `leader-get heat-domain-admin-passwd` heat_domain_admin
|
||||
|
||||
openstack role add --domain heat --user heat_domain_admin admin
|
||||
|
||||
openstack role create heat_stack_user
|
@ -1,7 +1,7 @@
|
||||
import os
|
||||
|
||||
from charmhelpers.contrib.openstack import context
|
||||
from charmhelpers.core.hookenv import config
|
||||
from charmhelpers.core.hookenv import config, leader_get
|
||||
from charmhelpers.core.host import pwgen
|
||||
from charmhelpers.contrib.hahelpers.cluster import (
|
||||
determine_apache_port,
|
||||
@ -53,14 +53,14 @@ def get_encryption_key():
|
||||
return encryption
|
||||
|
||||
|
||||
class EncryptionContext(context.OSContextGenerator):
|
||||
class HeatSecurityContext(context.OSContextGenerator):
|
||||
|
||||
def __call__(self):
|
||||
ctxt = {}
|
||||
|
||||
# check if we have stored encryption key
|
||||
encryption = get_encryption_key()
|
||||
ctxt['encryption_key'] = encryption
|
||||
ctxt['heat_domain_admin_passwd'] = leader_get('heat-domain-admin-passwd')
|
||||
return ctxt
|
||||
|
||||
|
||||
|
@ -23,11 +23,15 @@ from charmhelpers.core.hookenv import (
|
||||
open_port,
|
||||
unit_get,
|
||||
status_set,
|
||||
leader_get,
|
||||
leader_set,
|
||||
is_leader,
|
||||
)
|
||||
|
||||
from charmhelpers.core.host import (
|
||||
restart_on_change,
|
||||
service_reload,
|
||||
pwgen,
|
||||
)
|
||||
|
||||
from charmhelpers.fetch import (
|
||||
@ -216,6 +220,12 @@ def relation_broken():
|
||||
CONFIGS.write_all()
|
||||
|
||||
|
||||
@hooks.hook('leader-elected')
|
||||
def leader_elected():
|
||||
if is_leader() and not leader_get('heat-domain-admin-passwd'):
|
||||
leader_set('heat-domain-admin-passwd', pwgen(32))
|
||||
|
||||
|
||||
def main():
|
||||
try:
|
||||
hooks.execute(sys.argv)
|
||||
|
@ -37,7 +37,7 @@ from charmhelpers.core.host import (
|
||||
from heat_context import (
|
||||
API_PORTS,
|
||||
HeatIdentityServiceContext,
|
||||
EncryptionContext,
|
||||
HeatSecurityContext,
|
||||
InstanceUserContext,
|
||||
HeatApacheSSLContext,
|
||||
HeatHAProxyContext,
|
||||
@ -86,7 +86,7 @@ CONFIG_FILES = OrderedDict([
|
||||
context.OSConfigFlagContext(),
|
||||
HeatIdentityServiceContext(service=SVC, service_user=SVC),
|
||||
HeatHAProxyContext(),
|
||||
EncryptionContext(),
|
||||
HeatSecurityContext(),
|
||||
InstanceUserContext(),
|
||||
context.SyslogContext(),
|
||||
context.LogLevelContext(),
|
||||
|
1
hooks/leader-elected
Symbolic link
1
hooks/leader-elected
Symbolic link
@ -0,0 +1 @@
|
||||
heat_relations.py
|
@ -7,10 +7,15 @@ instance_user={{ instance_user }}
|
||||
instance_driver=heat.engine.nova
|
||||
plugin_dirs=/usr/lib64/heat,/usr/lib/heat
|
||||
environment_dir=/etc/heat/environment.d
|
||||
deferred_auth_method=password
|
||||
host=heat
|
||||
auth_encryption_key={{ encryption_key }}
|
||||
|
||||
deferred_auth_method=trust
|
||||
|
||||
stack_domain_admin = heat_domain_admin
|
||||
stack_domain_admin_password = {{ heat_domain_admin_passwd }}
|
||||
stack_user_domain_name = heat
|
||||
|
||||
{% if auth_host -%}
|
||||
[keystone_authtoken]
|
||||
identity_uri = {{ service_protocol }}://{{ service_host }}:{{ auth_port }}
|
||||
|
@ -5,7 +5,8 @@ from test_utils import CharmTestCase
|
||||
TO_PATCH = [
|
||||
'get_encryption_key',
|
||||
'generate_ec2_tokens',
|
||||
'config'
|
||||
'config',
|
||||
'leader_get',
|
||||
]
|
||||
|
||||
|
||||
@ -16,9 +17,12 @@ class TestHeatContext(CharmTestCase):
|
||||
|
||||
def test_encryption_configuration(self):
|
||||
self.get_encryption_key.return_value = 'key'
|
||||
self.leader_get.return_value = 'password'
|
||||
self.assertEquals(
|
||||
heat_context.EncryptionContext()(),
|
||||
{'encryption_key': 'key'})
|
||||
heat_context.HeatSecurityContext()(),
|
||||
{'encryption_key': 'key',
|
||||
'heat_domain_admin_passwd': 'password'})
|
||||
self.leader_get.assert_called_with('heat-domain-admin-passwd')
|
||||
|
||||
def test_instance_user_empty_configuration(self):
|
||||
self.config.return_value = None
|
||||
|
@ -240,5 +240,5 @@ class HeatRelationTests(CharmTestCase):
|
||||
self.sync_db_with_multi_ipv6_addresses.return_value = MagicMock()
|
||||
self.test_config.set('prefer-ipv6', True)
|
||||
relations.db_joined()
|
||||
self.sync_db_with_multi_ipv6_addresses.assert_called_with_once(
|
||||
'heat', 'heat')
|
||||
self.sync_db_with_multi_ipv6_addresses.assert_called_with(
|
||||
'heat', 'heat', relation_prefix='heat')
|
||||
|
Loading…
Reference in New Issue
Block a user