Pickup the region name passed in from heatclient

For standalone heat operation, middleware will need to set the region from the X-Region-Name header. Then the keystoneclient will use this region_name instead of the heat_region_name config option. Closes-Bug: 1223068 Change-Id: Ia859e67cf8c6e0d1ed9d9e7f5eab2d138c6421ef
2014-11-19 14:50:31 +08:00 · 2014-11-19 14:50:31 +08:00 · 2105d1e3a2
commit 2105d1e3a2
parent 92fc3468ca
9 changed files with 84 additions and 13 deletions
--- a/heat/common/context.py
+++ b/heat/common/context.py
@ -34,7 +34,8 @@ class RequestContext(context.RequestContext):
                 tenant_id=None, auth_url=None, roles=None, is_admin=None,
                 read_only=False, show_deleted=False,
                 overwrite=True, trust_id=None, trustor_user_id=None,
-                 request_id=None, auth_token_info=None, **kwargs):
+                 request_id=None, auth_token_info=None, region_name=None,
+                 **kwargs):
        """
        :param overwrite: Set to False to ensure that the greenthread local
            copy of the index is not overwritten.
@ -52,6 +53,7 @@ class RequestContext(context.RequestContext):
        self.username = username
        self.user_id = user_id
        self.password = password
+        self.region_name = region_name
        self.aws_creds = aws_creds
        self.tenant_id = tenant_id
        self.auth_token_info = auth_token_info
@ -101,7 +103,8 @@ class RequestContext(context.RequestContext):
                'is_admin': self.is_admin,
                'user': self.user,
                'request_id': self.request_id,
-                'show_deleted': self.show_deleted}
+                'show_deleted': self.show_deleted,
+                'region_name': self.region_name}

    @classmethod
    def from_dict(cls, values):
@ -151,6 +154,7 @@ class ContextMiddleware(wsgi.Middleware):
            token = headers.get('X-Auth-Token')
            tenant = headers.get('X-Tenant-Name')
            tenant_id = headers.get('X-Tenant-Id')
+            region_name = headers.get('X-Region-Name')
            auth_url = headers.get('X-Auth-Url')
            roles = headers.get('X-Roles')
            if roles is not None:
@ -170,7 +174,8 @@ class ContextMiddleware(wsgi.Middleware):
                                        auth_url=auth_url,
                                        roles=roles,
                                        request_id=req_id,
-                                        auth_token_info=token_info)
+                                        auth_token_info=token_info,
+                                        region_name=region_name)


 def ContextMiddleware_filter_factory(global_conf, **local_conf):
--- a/heat/common/heat_keystoneclient.py
+++ b/heat/common/heat_keystoneclient.py
@ -401,8 +401,8 @@ class KeystoneClientV3(object):
        body = {'auth': {'scope':
                         {'project': {'id': project_id}},
                         'identity': {'password': {'user': {
-                         'domain': domain,
-                         'password': password, 'name': username}},
+                             'domain': domain,
+                             'password': password, 'name': username}},
                             'methods': ['password']}}}
        t = sess.post(token_url, headers=headers, json=body,
                      authenticated=False)
@ -656,7 +656,8 @@ class KeystoneClientV3(object):
        self.domain_admin_client.users.update(user=user_id, enabled=True)

    def url_for(self, **kwargs):
-        default_region_name = cfg.CONF.region_name_for_services
+        default_region_name = (self.context.region_name or
+                               cfg.CONF.region_name_for_services)
        kwargs.setdefault('region_name', default_region_name)
        return self.client.service_catalog.url_for(**kwargs)

--- a/heat/db/sqlalchemy/migrate_repo/versions/049_user_creds_region_name.py
+++ b/heat/db/sqlalchemy/migrate_repo/versions/049_user_creds_region_name.py
@ -0,0 +1,31 @@
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+import sqlalchemy
+
+
+def upgrade(migrate_engine):
+    meta = sqlalchemy.MetaData(bind=migrate_engine)
+
+    user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
+
+    region_name = sqlalchemy.Column('region_name',
+                                    sqlalchemy.String(length=255))
+    region_name.create(user_creds)
+
+
+def downgrade(migrate_engine):
+    meta = sqlalchemy.MetaData(bind=migrate_engine)
+
+    user_creds = sqlalchemy.Table('user_creds', meta, autoload=True)
+    user_creds.c.region_name.drop()
--- a/heat/db/sqlalchemy/models.py
+++ b/heat/db/sqlalchemy/models.py
@ -164,6 +164,7 @@ class UserCreds(BASE, HeatBase):
    id = sqlalchemy.Column(sqlalchemy.Integer, primary_key=True)
    username = sqlalchemy.Column(sqlalchemy.String(255))
    password = sqlalchemy.Column(sqlalchemy.String(255))
+    region_name = sqlalchemy.Column(sqlalchemy.String(255))
    decrypt_method = sqlalchemy.Column(sqlalchemy.String(64))
    tenant = sqlalchemy.Column(sqlalchemy.String(1024))
    auth_url = sqlalchemy.Column(sqlalchemy.Text)
--- a/heat/tests/db/test_migrations.py
+++ b/heat/tests/db/test_migrations.py
@ -306,6 +306,9 @@ class HeatMigrationsCheckers(test_migrations.WalkVersionsMixin,
        self.assertEqual(3, n_depth('1e9deba9-a305-5f29-84d3-c8165647c47e'))
        self.assertEqual(0, n_depth('1a4bd1ec-8b21-56cd-964a-f66cb1cfa2f9'))

+    def _check_049(self, engine, data):
+        self.assertColumnExists(engine, 'user_creds', 'region_name')
+

 class TestHeatMigrationsMySQL(HeatMigrationsCheckers,
                              test_base.MySQLOpportunisticTestCase):
--- a/heat/tests/test_common_context.py
+++ b/heat/tests/test_common_context.py
@ -42,7 +42,8 @@ class TestRequestContext(common.HeatTestCase):
                    'user_id': 'fooUser',
                    'tenant': 'atenant',
                    'auth_url': 'http://xyz',
-                    'aws_creds': 'blah'}
+                    'aws_creds': 'blah',
+                    'region_name': 'regionOne'}

        super(TestRequestContext, self).setUp()

@ -59,7 +60,11 @@ class TestRequestContext(common.HeatTestCase):
            roles=self.ctx.get('roles'),
            show_deleted=self.ctx.get('show_deleted'),
            is_admin=self.ctx.get('is_admin'),
-            auth_token_info=self.ctx.get('auth_token_info'))
+            auth_token_info=self.ctx.get('auth_token_info'),
+            trustor_user_id=self.ctx.get('trustor_user_id'),
+            trust_id=self.ctx.get('trust_id'),
+            user=self.ctx.get('user'),
+            region_name=self.ctx.get('region_name'))
        ctx_dict = ctx.to_dict()
        del(ctx_dict['request_id'])
        self.assertEqual(self.ctx, ctx_dict)
--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
@ -1413,7 +1413,7 @@ class KeystoneClientTest(common.HeatTestCase):
        self.assertIsNone(heat_ks_client.delete_stack_domain_project(
            project_id='aprojectid'))

-    def _test_url_for(self, service_url, expected_kwargs, **kwargs):
+    def _test_url_for(self, service_url, expected_kwargs, ctx=None, **kwargs):
        """
        Helper function for testing url_for depending on different ways to
        pass region name.
@ -1424,7 +1424,7 @@ class KeystoneClientTest(common.HeatTestCase):
            .AndReturn(service_url)

        self.m.ReplayAll()
-        ctx = utils.dummy_context()
+        ctx = ctx or utils.dummy_context()
        heat_ks_client = heat_keystoneclient.KeystoneClient(ctx)
        self.assertEqual(heat_ks_client.url_for(**kwargs), service_url)
        self.m.VerifyAll()
@ -1451,7 +1451,7 @@ class KeystoneClientTest(common.HeatTestCase):
        kwargs = {
            'region_name': 'RegionTwo'
        }
-        self._test_url_for(service_url, kwargs, **kwargs)
+        self._test_url_for(service_url, kwargs, None, **kwargs)

    def test_url_for_with_region_name_from_config(self):
        """
@ -1467,6 +1467,26 @@ class KeystoneClientTest(common.HeatTestCase):
        service_url = 'http://regionone.example.com:1234/v1'
        self._test_url_for(service_url, kwargs)

+    def test_url_for_with_region_name_from_context(self):
+        """
+        Test that default region name for services from context is passed
+        if region name is not specified in arguments.
+        """
+        cfg.CONF.set_override('region_name_for_services', 'RegionOne')
+        service_url = 'http://regiontwo.example.com:1234/v1'
+        region_name_for_services = 'RegionTwo'
+        expected_kwargs = {
+            'region_name': region_name_for_services
+        }
+        ctx = utils.dummy_context('test_username',
+                                  'test_tenant_id',
+                                  'password',
+                                  None,
+                                  None,
+                                  None,
+                                  region_name_for_services)
+        self._test_url_for(service_url, expected_kwargs, ctx)
+

 class KeystoneClientTestDomainName(KeystoneClientTest):
    def setUp(self):
--- a/heat/tests/test_sqlalchemy_api.py
+++ b/heat/tests/test_sqlalchemy_api.py
@ -742,6 +742,7 @@ class SqlAlchemyTest(common.HeatTestCase):

    def test_user_creds_password(self):
        self.ctx.trust_id = None
+        self.ctx.region_name = 'regionOne'
        db_creds = db_api.user_creds_create(self.ctx)
        load_creds = db_api.user_creds_get(db_creds.id)

@ -749,6 +750,7 @@ class SqlAlchemyTest(common.HeatTestCase):
        self.assertEqual('password', load_creds.get('password'))
        self.assertEqual('test_tenant', load_creds.get('tenant'))
        self.assertEqual('test_tenant_id', load_creds.get('tenant_id'))
+        self.assertEqual('regionOne', load_creds.get('region_name'))
        self.assertIsNotNone(load_creds.get('created_at'))
        self.assertIsNone(load_creds.get('updated_at'))
        self.assertEqual('http://server.test:5000/v2.0',
@ -780,12 +782,14 @@ class SqlAlchemyTest(common.HeatTestCase):
        self.ctx.username = None
        self.ctx.password = None
        self.ctx.trust_id = None
+        self.ctx.region_name = None
        db_creds = db_api.user_creds_create(self.ctx)
        load_creds = db_api.user_creds_get(db_creds.id)

        self.assertIsNone(load_creds.get('username'))
        self.assertIsNone(load_creds.get('password'))
        self.assertIsNone(load_creds.get('trust_id'))
+        self.assertIsNone(load_creds.get('region_name'))

    def test_software_config_create(self):
        tenant_id = self.ctx.tenant_id
--- a/heat/tests/utils.py
+++ b/heat/tests/utils.py
@ -68,7 +68,7 @@ def reset_dummy_db():

 def dummy_context(user='test_username', tenant_id='test_tenant_id',
                  password='password', roles=None, user_id=None,
-                  trust_id=None):
+                  trust_id=None, region_name=None):
    roles = roles or []
    return context.RequestContext.from_dict({
        'tenant_id': tenant_id,
@ -80,7 +80,8 @@ def dummy_context(user='test_username', tenant_id='test_tenant_id',
        'is_admin': False,
        'auth_url': 'http://server.test:5000/v2.0',
        'auth_token': 'abcd1234',
-        'trust_id': trust_id
+        'trust_id': trust_id,
+        'region_name': region_name
    })