Pickup the region name passed in from heatclient
For standalone heat operation, middleware will need to set the region from the X-Region-Name header. Then the keystoneclient will use this region_name instead of the heat_region_name config option. Closes-Bug: 1223068 Change-Id: Ia859e67cf8c6e0d1ed9d9e7f5eab2d138c6421ef
This commit is contained in:
parent
92fc3468ca
commit
2105d1e3a2
@ -34,7 +34,8 @@ class RequestContext(context.RequestContext):
|
||||
tenant_id=None, auth_url=None, roles=None, is_admin=None,
|
||||
read_only=False, show_deleted=False,
|
||||
overwrite=True, trust_id=None, trustor_user_id=None,
|
||||
request_id=None, auth_token_info=None, **kwargs):
|
||||
request_id=None, auth_token_info=None, region_name=None,
|
||||
**kwargs):
|
||||
"""
|
||||
:param overwrite: Set to False to ensure that the greenthread local
|
||||
copy of the index is not overwritten.
|
||||
@ -52,6 +53,7 @@ class RequestContext(context.RequestContext):
|
||||
self.username = username
|
||||
self.user_id = user_id
|
||||
self.password = password
|
||||
self.region_name = region_name
|
||||
self.aws_creds = aws_creds
|
||||
self.tenant_id = tenant_id
|
||||
self.auth_token_info = auth_token_info
|
||||
@ -101,7 +103,8 @@ class RequestContext(context.RequestContext):
|
||||
'is_admin': self.is_admin,
|
||||
'user': self.user,
|
||||
'request_id': self.request_id,
|
||||
'show_deleted': self.show_deleted}
|
||||
'show_deleted': self.show_deleted,
|
||||
'region_name': self.region_name}
|
||||
|
||||
@classmethod
|
||||
def from_dict(cls, values):
|
||||
@ -151,6 +154,7 @@ class ContextMiddleware(wsgi.Middleware):
|
||||
token = headers.get('X-Auth-Token')
|
||||
tenant = headers.get('X-Tenant-Name')
|
||||
tenant_id = headers.get('X-Tenant-Id')
|
||||
region_name = headers.get('X-Region-Name')
|
||||
auth_url = headers.get('X-Auth-Url')
|
||||
roles = headers.get('X-Roles')
|
||||
if roles is not None:
|
||||
@ -170,7 +174,8 @@ class ContextMiddleware(wsgi.Middleware):
|
||||
auth_url=auth_url,
|
||||
roles=roles,
|
||||
request_id=req_id,
|
||||
auth_token_info=token_info)
|
||||
auth_token_info=token_info,
|
||||
region_name=region_name)
|
||||
|
||||
|
||||
def ContextMiddleware_filter_factory(global_conf, **local_conf):
|
||||
|
@ -401,8 +401,8 @@ class KeystoneClientV3(object):
|
||||
body = {'auth': {'scope':
|
||||
{'project': {'id': project_id}},
|
||||
'identity': {'password': {'user': {
|
||||
'domain': domain,
|
||||
'password': password, 'name': username}},
|
||||
'domain': domain,
|
||||
'password': password, 'name': username}},
|
||||
'methods': ['password']}}}
|
||||
t = sess.post(token_url, headers=headers, json=body,
|
||||
authenticated=False)
|
||||
@ -656,7 +656,8 @@ class KeystoneClientV3(object):
|
||||
self.domain_admin_client.users.update(user=user_id, enabled=True)
|
||||
|
||||
def url_for(self, **kwargs):
|
||||
default_region_name = cfg.CONF.region_name_for_services
|
||||
default_region_name = (self.context.region_name or
|
||||
cfg.CONF.region_name_for_services)
|
||||
kwargs.setdefault('region_name', default_region_name)
|
||||
return self.client.service_catalog.url_for(**kwargs)
|
||||
|
||||
|
@ -0,0 +1,31 @@
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import sqlalchemy
|
||||
|
||||
|
||||
def upgrade(migrate_engine):
|
||||
meta = sqlalchemy.MetaData(bind=migrate_engine)
|
||||
|
||||
user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
|
||||
|
||||
region_name = sqlalchemy.Column('region_name',
|
||||
sqlalchemy.String(length=255))
|
||||
region_name.create(user_creds)
|
||||
|
||||
|
||||
def downgrade(migrate_engine):
|
||||
meta = sqlalchemy.MetaData(bind=migrate_engine)
|
||||
|
||||
user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
|
||||
user_creds.c.region_name.drop()
|
@ -164,6 +164,7 @@ class UserCreds(BASE, HeatBase):
|
||||
id = sqlalchemy.Column(sqlalchemy.Integer, primary_key=True)
|
||||
username = sqlalchemy.Column(sqlalchemy.String(255))
|
||||
password = sqlalchemy.Column(sqlalchemy.String(255))
|
||||
region_name = sqlalchemy.Column(sqlalchemy.String(255))
|
||||
decrypt_method = sqlalchemy.Column(sqlalchemy.String(64))
|
||||
tenant = sqlalchemy.Column(sqlalchemy.String(1024))
|
||||
auth_url = sqlalchemy.Column(sqlalchemy.Text)
|
||||
|
@ -306,6 +306,9 @@ class HeatMigrationsCheckers(test_migrations.WalkVersionsMixin,
|
||||
self.assertEqual(3, n_depth('1e9deba9-a305-5f29-84d3-c8165647c47e'))
|
||||
self.assertEqual(0, n_depth('1a4bd1ec-8b21-56cd-964a-f66cb1cfa2f9'))
|
||||
|
||||
def _check_049(self, engine, data):
|
||||
self.assertColumnExists(engine, 'user_creds', 'region_name')
|
||||
|
||||
|
||||
class TestHeatMigrationsMySQL(HeatMigrationsCheckers,
|
||||
test_base.MySQLOpportunisticTestCase):
|
||||
|
@ -42,7 +42,8 @@ class TestRequestContext(common.HeatTestCase):
|
||||
'user_id': 'fooUser',
|
||||
'tenant': 'atenant',
|
||||
'auth_url': 'http://xyz',
|
||||
'aws_creds': 'blah'}
|
||||
'aws_creds': 'blah',
|
||||
'region_name': 'regionOne'}
|
||||
|
||||
super(TestRequestContext, self).setUp()
|
||||
|
||||
@ -59,7 +60,11 @@ class TestRequestContext(common.HeatTestCase):
|
||||
roles=self.ctx.get('roles'),
|
||||
show_deleted=self.ctx.get('show_deleted'),
|
||||
is_admin=self.ctx.get('is_admin'),
|
||||
auth_token_info=self.ctx.get('auth_token_info'))
|
||||
auth_token_info=self.ctx.get('auth_token_info'),
|
||||
trustor_user_id=self.ctx.get('trustor_user_id'),
|
||||
trust_id=self.ctx.get('trust_id'),
|
||||
user=self.ctx.get('user'),
|
||||
region_name=self.ctx.get('region_name'))
|
||||
ctx_dict = ctx.to_dict()
|
||||
del(ctx_dict['request_id'])
|
||||
self.assertEqual(self.ctx, ctx_dict)
|
||||
|
@ -1413,7 +1413,7 @@ class KeystoneClientTest(common.HeatTestCase):
|
||||
self.assertIsNone(heat_ks_client.delete_stack_domain_project(
|
||||
project_id='aprojectid'))
|
||||
|
||||
def _test_url_for(self, service_url, expected_kwargs, **kwargs):
|
||||
def _test_url_for(self, service_url, expected_kwargs, ctx=None, **kwargs):
|
||||
"""
|
||||
Helper function for testing url_for depending on different ways to
|
||||
pass region name.
|
||||
@ -1424,7 +1424,7 @@ class KeystoneClientTest(common.HeatTestCase):
|
||||
.AndReturn(service_url)
|
||||
|
||||
self.m.ReplayAll()
|
||||
ctx = utils.dummy_context()
|
||||
ctx = ctx or utils.dummy_context()
|
||||
heat_ks_client = heat_keystoneclient.KeystoneClient(ctx)
|
||||
self.assertEqual(heat_ks_client.url_for(**kwargs), service_url)
|
||||
self.m.VerifyAll()
|
||||
@ -1451,7 +1451,7 @@ class KeystoneClientTest(common.HeatTestCase):
|
||||
kwargs = {
|
||||
'region_name': 'RegionTwo'
|
||||
}
|
||||
self._test_url_for(service_url, kwargs, **kwargs)
|
||||
self._test_url_for(service_url, kwargs, None, **kwargs)
|
||||
|
||||
def test_url_for_with_region_name_from_config(self):
|
||||
"""
|
||||
@ -1467,6 +1467,26 @@ class KeystoneClientTest(common.HeatTestCase):
|
||||
service_url = 'http://regionone.example.com:1234/v1'
|
||||
self._test_url_for(service_url, kwargs)
|
||||
|
||||
def test_url_for_with_region_name_from_context(self):
|
||||
"""
|
||||
Test that default region name for services from context is passed
|
||||
if region name is not specified in arguments.
|
||||
"""
|
||||
cfg.CONF.set_override('region_name_for_services', 'RegionOne')
|
||||
service_url = 'http://regiontwo.example.com:1234/v1'
|
||||
region_name_for_services = 'RegionTwo'
|
||||
expected_kwargs = {
|
||||
'region_name': region_name_for_services
|
||||
}
|
||||
ctx = utils.dummy_context('test_username',
|
||||
'test_tenant_id',
|
||||
'password',
|
||||
None,
|
||||
None,
|
||||
None,
|
||||
region_name_for_services)
|
||||
self._test_url_for(service_url, expected_kwargs, ctx)
|
||||
|
||||
|
||||
class KeystoneClientTestDomainName(KeystoneClientTest):
|
||||
def setUp(self):
|
||||
|
@ -742,6 +742,7 @@ class SqlAlchemyTest(common.HeatTestCase):
|
||||
|
||||
def test_user_creds_password(self):
|
||||
self.ctx.trust_id = None
|
||||
self.ctx.region_name = 'regionOne'
|
||||
db_creds = db_api.user_creds_create(self.ctx)
|
||||
load_creds = db_api.user_creds_get(db_creds.id)
|
||||
|
||||
@ -749,6 +750,7 @@ class SqlAlchemyTest(common.HeatTestCase):
|
||||
self.assertEqual('password', load_creds.get('password'))
|
||||
self.assertEqual('test_tenant', load_creds.get('tenant'))
|
||||
self.assertEqual('test_tenant_id', load_creds.get('tenant_id'))
|
||||
self.assertEqual('regionOne', load_creds.get('region_name'))
|
||||
self.assertIsNotNone(load_creds.get('created_at'))
|
||||
self.assertIsNone(load_creds.get('updated_at'))
|
||||
self.assertEqual('http://server.test:5000/v2.0',
|
||||
@ -780,12 +782,14 @@ class SqlAlchemyTest(common.HeatTestCase):
|
||||
self.ctx.username = None
|
||||
self.ctx.password = None
|
||||
self.ctx.trust_id = None
|
||||
self.ctx.region_name = None
|
||||
db_creds = db_api.user_creds_create(self.ctx)
|
||||
load_creds = db_api.user_creds_get(db_creds.id)
|
||||
|
||||
self.assertIsNone(load_creds.get('username'))
|
||||
self.assertIsNone(load_creds.get('password'))
|
||||
self.assertIsNone(load_creds.get('trust_id'))
|
||||
self.assertIsNone(load_creds.get('region_name'))
|
||||
|
||||
def test_software_config_create(self):
|
||||
tenant_id = self.ctx.tenant_id
|
||||
|
@ -68,7 +68,7 @@ def reset_dummy_db():
|
||||
|
||||
def dummy_context(user='test_username', tenant_id='test_tenant_id',
|
||||
password='password', roles=None, user_id=None,
|
||||
trust_id=None):
|
||||
trust_id=None, region_name=None):
|
||||
roles = roles or []
|
||||
return context.RequestContext.from_dict({
|
||||
'tenant_id': tenant_id,
|
||||
@ -80,7 +80,8 @@ def dummy_context(user='test_username', tenant_id='test_tenant_id',
|
||||
'is_admin': False,
|
||||
'auth_url': 'http://server.test:5000/v2.0',
|
||||
'auth_token': 'abcd1234',
|
||||
'trust_id': trust_id
|
||||
'trust_id': trust_id,
|
||||
'region_name': region_name
|
||||
})
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user