Merge "Validate URI/URL options by URI type"
This commit is contained in:
Zuul
@@ -14,6 +14,7 @@
|
|||||||
import hashlib
|
import hashlib
|
||||||
|
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
|
from oslo_config import types
|
||||||
from oslo_log import log as logging
|
from oslo_log import log as logging
|
||||||
from oslo_serialization import jsonutils as json
|
from oslo_serialization import jsonutils as json
|
||||||
import requests
|
import requests
|
||||||
@@ -28,13 +29,15 @@ LOG = logging.getLogger(__name__)
|
|||||||
|
|
||||||
|
|
||||||
opts = [
|
opts = [
|
||||||
cfg.StrOpt('auth_uri',
|
cfg.URIOpt('auth_uri',
|
||||||
|
schemes=['http', 'https'],
|
||||||
help=_("Authentication Endpoint URI.")),
|
help=_("Authentication Endpoint URI.")),
|
||||||
cfg.BoolOpt('multi_cloud',
|
cfg.BoolOpt('multi_cloud',
|
||||||
default=False,
|
default=False,
|
||||||
help=_('Allow orchestration of multiple clouds.')),
|
help=_('Allow orchestration of multiple clouds.')),
|
||||||
cfg.ListOpt('allowed_auth_uris',
|
cfg.ListOpt('allowed_auth_uris',
|
||||||
default=[],
|
default=[],
|
||||||
|
item_type=types.URI(schemes=['http', 'https']),
|
||||||
help=_('Allowed keystone endpoints for auth_uri when '
|
help=_('Allowed keystone endpoints for auth_uri when '
|
||||||
'multi_cloud is enabled. At least one endpoint needs '
|
'multi_cloud is enabled. At least one endpoint needs '
|
||||||
'to be specified.')),
|
'to be specified.')),
|
||||||
|
|||||||
@@ -39,12 +39,14 @@ service_opts = [
|
|||||||
cfg.IntOpt('periodic_interval',
|
cfg.IntOpt('periodic_interval',
|
||||||
default=60,
|
default=60,
|
||||||
help=_('Seconds between running periodic tasks.')),
|
help=_('Seconds between running periodic tasks.')),
|
||||||
cfg.StrOpt('heat_metadata_server_url',
|
cfg.URIOpt('heat_metadata_server_url',
|
||||||
|
schemes=['http', 'https'],
|
||||||
help=_('URL of the Heat metadata server. '
|
help=_('URL of the Heat metadata server. '
|
||||||
'NOTE: Setting this is only needed if you require '
|
'NOTE: Setting this is only needed if you require '
|
||||||
'instances to use a different endpoint than in the '
|
'instances to use a different endpoint than in the '
|
||||||
'keystone catalog')),
|
'keystone catalog')),
|
||||||
cfg.StrOpt('heat_waitcondition_server_url',
|
cfg.URIOpt('heat_waitcondition_server_url',
|
||||||
|
schemes=['http', 'https'],
|
||||||
help=_('URL of the Heat waitcondition server.')),
|
help=_('URL of the Heat waitcondition server.')),
|
||||||
cfg.StrOpt('instance_connection_is_secure',
|
cfg.StrOpt('instance_connection_is_secure',
|
||||||
default="0",
|
default="0",
|
||||||
@@ -405,14 +407,14 @@ clients_opts = [
|
|||||||
"be verified."))]
|
"be verified."))]
|
||||||
|
|
||||||
heat_client_opts = [
|
heat_client_opts = [
|
||||||
cfg.StrOpt('url',
|
cfg.URIOpt('url',
|
||||||
default='',
|
schemes=['http', 'https'],
|
||||||
help=_('Optional heat url in format like'
|
help=_('Optional heat url in format like'
|
||||||
' http://0.0.0.0:8004/v1/%(tenant_id)s.'))]
|
' http://0.0.0.0:8004/v1/%(tenant_id)s.'))]
|
||||||
|
|
||||||
keystone_client_opts = [
|
keystone_client_opts = [
|
||||||
cfg.StrOpt('auth_uri',
|
cfg.URIOpt('auth_uri',
|
||||||
default='',
|
schemes=['http', 'https'],
|
||||||
help=_('Unversioned keystone url in format like'
|
help=_('Unversioned keystone url in format like'
|
||||||
' http://0.0.0.0:5000.'))]
|
' http://0.0.0.0:5000.'))]
|
||||||
|
|
||||||
@@ -568,7 +570,7 @@ def load_paste_app(app_name=None):
|
|||||||
return app
|
return app
|
||||||
|
|
||||||
|
|
||||||
def get_client_option(client, option):
|
def get_client_option(client, option, fallback=True):
|
||||||
# look for the option in the [clients_${client}] section
|
# look for the option in the [clients_${client}] section
|
||||||
# unknown options raise cfg.NoSuchOptError
|
# unknown options raise cfg.NoSuchOptError
|
||||||
try:
|
try:
|
||||||
@@ -576,9 +578,11 @@ def get_client_option(client, option):
|
|||||||
cfg.CONF.import_opt(option, 'heat.common.config',
|
cfg.CONF.import_opt(option, 'heat.common.config',
|
||||||
group=group_name)
|
group=group_name)
|
||||||
v = getattr(getattr(cfg.CONF, group_name), option)
|
v = getattr(getattr(cfg.CONF, group_name), option)
|
||||||
if v is not None:
|
if not fallback or v is not None:
|
||||||
return v
|
return v
|
||||||
except cfg.NoSuchGroupError:
|
except cfg.NoSuchGroupError:
|
||||||
|
if not fallback:
|
||||||
|
raise
|
||||||
pass # do not error if the client is unknown
|
pass # do not error if the client is unknown
|
||||||
# look for the option in the generic [clients] section
|
# look for the option in the generic [clients] section
|
||||||
cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
|
cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ class HeatClientPlugin(client_plugin.ClientPlugin):
|
|||||||
def _create(self):
|
def _create(self):
|
||||||
endpoint = self.get_heat_url()
|
endpoint = self.get_heat_url()
|
||||||
args = {}
|
args = {}
|
||||||
if self._get_client_option(CLIENT_NAME, 'url'):
|
if self._get_client_option(CLIENT_NAME, 'url', fallback=False):
|
||||||
# assume that the heat API URL is manually configured because
|
# assume that the heat API URL is manually configured because
|
||||||
# it is not in the keystone catalog, so include the credentials
|
# it is not in the keystone catalog, so include the credentials
|
||||||
# for the standalone auth_password middleware
|
# for the standalone auth_password middleware
|
||||||
@@ -53,7 +53,7 @@ class HeatClientPlugin(client_plugin.ClientPlugin):
|
|||||||
return isinstance(ex, exc.HTTPConflict)
|
return isinstance(ex, exc.HTTPConflict)
|
||||||
|
|
||||||
def get_heat_url(self):
|
def get_heat_url(self):
|
||||||
heat_url = self._get_client_option(CLIENT_NAME, 'url')
|
heat_url = self._get_client_option(CLIENT_NAME, 'url', fallback=False)
|
||||||
if heat_url:
|
if heat_url:
|
||||||
tenant_id = self.context.project_id
|
tenant_id = self.context.project_id
|
||||||
heat_url = heat_url % {'tenant_id': tenant_id}
|
heat_url = heat_url % {'tenant_id': tenant_id}
|
||||||
|
|||||||
@@ -53,7 +53,7 @@ class Ec2TokenTest(common.HeatTestCase):
|
|||||||
def test_conf_get_opts(self):
|
def test_conf_get_opts(self):
|
||||||
cfg.CONF.set_default('auth_uri', 'http://192.0.2.9/v2.0/',
|
cfg.CONF.set_default('auth_uri', 'http://192.0.2.9/v2.0/',
|
||||||
group='ec2authtoken')
|
group='ec2authtoken')
|
||||||
cfg.CONF.set_default('auth_uri', 'this-should-be-ignored',
|
cfg.CONF.set_default('auth_uri', 'http://this-should-be-ignored/',
|
||||||
group='clients_keystone')
|
group='clients_keystone')
|
||||||
ec2 = ec2token.EC2Token(app=None, conf={})
|
ec2 = ec2token.EC2Token(app=None, conf={})
|
||||||
self.assertEqual('http://192.0.2.9/v2.0/', ec2._conf_get('auth_uri'))
|
self.assertEqual('http://192.0.2.9/v2.0/', ec2._conf_get('auth_uri'))
|
||||||
|
|||||||
Reference in New Issue
Block a user