diff --git a/bin/heat-engine b/bin/heat-engine index 9fb9f2580f..a6dd89a51c 100755 --- a/bin/heat-engine +++ b/bin/heat-engine @@ -36,6 +36,7 @@ from oslo_config import cfg import oslo_i18n as i18n from oslo_log import log as logging +from heat.common import config from heat.common.i18n import _LC from heat.common import messaging from heat.common import profiler @@ -54,6 +55,8 @@ if __name__ == '__main__': logging.set_defaults() messaging.setup() + config.startup_sanity_check() + mgr = None try: mgr = template._get_template_extension_manager() diff --git a/heat/common/config.py b/heat/common/config.py index 0173b4b92c..59e23c021f 100644 --- a/heat/common/config.py +++ b/heat/common/config.py @@ -21,9 +21,13 @@ from eventlet.green import socket from oslo_config import cfg from oslo_log import log as logging +from heat.common import exception from heat.common.i18n import _ +from heat.common.i18n import _LW from heat.common import wsgi + +LOG = logging.getLogger(__name__) paste_deploy_group = cfg.OptGroup('paste_deploy') paste_deploy_opts = [ cfg.StrOpt('flavor', @@ -277,6 +281,24 @@ revision_opts = [ 'file and add it as another config option.'))] +def startup_sanity_check(): + if (not cfg.CONF.stack_user_domain_id and + not cfg.CONF.stack_user_domain_name): + # FIXME(shardy): Legacy fallback for folks using old heat.conf + # files which lack domain configuration + LOG.warn(_LW('stack_user_domain_id or stack_user_domain_name not ' + 'set in heat.conf falling back to using default')) + else: + domain_admin_user = cfg.CONF.stack_domain_admin + domain_admin_password = cfg.CONF.stack_domain_admin_password + if not (domain_admin_user and domain_admin_password): + raise exception.Error(_('heat.conf misconfigured, cannot ' + 'specify "stack_user_domain_id" or ' + '"stack_user_domain_name" without ' + '"stack_domain_admin" and ' + '"stack_domain_admin_password"')) + + def list_opts(): yield None, rpc_opts yield None, engine_opts diff --git a/heat/common/heat_keystoneclient.py b/heat/common/heat_keystoneclient.py index 0346a95885..a23133b36c 100644 --- a/heat/common/heat_keystoneclient.py +++ b/heat/common/heat_keystoneclient.py @@ -102,16 +102,6 @@ class KeystoneClientV3(object): self._stack_domain_is_id = False self.domain_admin_user = cfg.CONF.stack_domain_admin self.domain_admin_password = cfg.CONF.stack_domain_admin_password - if self.stack_domain: - if not (self.domain_admin_user and self.domain_admin_password): - raise exception.Error(_('heat.conf misconfigured, cannot ' - 'specify "stack_user_domain_id" or ' - '"stack_user_domain_name" without ' - '"stack_domain_admin" and ' - '"stack_domain_admin_password"')) - else: - LOG.warn(_LW('stack_user_domain_id or stack_user_domain_name not ' - 'set in heat.conf falling back to using default')) LOG.debug('Using stack domain %s' % self.stack_domain) @property @@ -360,8 +350,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain user create, ' - 'configure domain in heat.conf')) return self.create_stack_user(username=username, password=password) # We add the new user to a special keystone role # This role is designed to allow easier differentiation of the @@ -413,8 +401,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain user delete, ' - 'configure domain in heat.conf')) return self.delete_stack_user(user_id) try: @@ -434,8 +420,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain project, ' - 'configure domain in heat.conf')) return self.context.tenant_id # Note we use the tenant ID not name to ensure uniqueness in a multi- # domain environment (where the tenant name may not be globally unique) @@ -451,8 +435,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain project, ' - 'configure domain in heat.conf')) return # If stacks are created before configuring the heat domain, they @@ -544,8 +526,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain keypair, ' - 'configure domain in heat.conf')) return self.create_ec2_keypair(user_id) data_blob = {'access': uuid.uuid4().hex, 'secret': uuid.uuid4().hex} @@ -561,8 +541,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain keypair, ' - 'configure domain in heat.conf')) return self.delete_ec2_keypair(credential_id=credential_id) self._check_stack_domain_user(user_id, project_id, 'delete_keypair') try: @@ -580,8 +558,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain disable, ' - 'configure domain in heat.conf')) return self.disable_stack_user(user_id) self._check_stack_domain_user(user_id, project_id, 'disable') self.domain_admin_client.users.update(user=user_id, enabled=False) @@ -590,8 +566,6 @@ class KeystoneClientV3(object): if not self.stack_domain: # FIXME(shardy): Legacy fallback for folks using old heat.conf # files which lack domain configuration - LOG.warn(_LW('Falling back to legacy non-domain enable, ' - 'configure domain in heat.conf')) return self.enable_stack_user(user_id) self._check_stack_domain_user(user_id, project_id, 'enable') self.domain_admin_client.users.update(user=user_id, enabled=True) diff --git a/heat/tests/test_heatclient.py b/heat/tests/test_heatclient.py index 2fd242e614..31cb259f74 100644 --- a/heat/tests/test_heatclient.py +++ b/heat/tests/test_heatclient.py @@ -25,6 +25,7 @@ import mox from oslo_config import cfg import six +from heat.common import config from heat.common import context from heat.common import exception from heat.common import heat_keystoneclient @@ -574,7 +575,6 @@ class KeystoneClientTest(common.HeatTestCase): self.assertIn(expected, six.text_type(exc)) def test_init_domain_cfg_not_set_fallback(self): - """Test error path when config lacks domain config.""" self._clear_domain_override() @@ -594,12 +594,8 @@ class KeystoneClientTest(common.HeatTestCase): cfg.CONF.clear_override('stack_domain_admin') cfg.CONF.clear_override('stack_domain_admin_password') - ctx = utils.dummy_context() - ctx.username = None - ctx.password = None - ctx.trust_id = None err = self.assertRaises(exception.Error, - heat_keystoneclient.KeystoneClient, ctx) + config.startup_sanity_check) exp_msg = ('heat.conf misconfigured, cannot specify ' '"stack_user_domain_id" or "stack_user_domain_name" ' 'without "stack_domain_admin" and '