Dmitriy Rabotyagov 2ec0177edc Use Python 3.12 for python3-django job
With migration from ubuntu jammy to noble, python3.11 is not available
anymore. This makes the job to fail on pre-install step.

So let's use Python 3.12 which is available out of the box on Noble
after switch.

This also bumps pylint version, as older one does not work
anymore with Python 3.12. New pylint brings quite some new
rules with it. Some were disabled, some were fixed within this
patch.

Change-Id: I4ba288966c582910e8a822d4531e29c9c005e48f
2024-12-01 21:48:52 +01:00

222 lines
8.1 KiB
Python

# Copyright 2012 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from contextlib import closing
import logging
import tempfile
import zipfile
from django.conf import settings
from django import http
from django import shortcuts
from django.template.loader import render_to_string
from django.urls import reverse_lazy
from django.utils.translation import gettext_lazy as _
from horizon import exceptions
from horizon import forms
from horizon import messages
from horizon import tables
from horizon import views
from openstack_dashboard import api
from openstack_dashboard.dashboards.project.api_access \
import forms as api_access_forms
from openstack_dashboard.dashboards.project.api_access \
import tables as api_access_tables
LOG = logging.getLogger(__name__)
def _get_ec2_credentials(request):
tenant_id = request.user.tenant_id
all_keys = api.keystone.list_ec2_credentials(request,
request.user.id)
key = next((x for x in all_keys if x.tenant_id == tenant_id), None)
if not key:
key = api.keystone.create_ec2_credentials(request,
request.user.id,
tenant_id)
try:
s3_endpoint = api.base.url_for(request,
's3',
endpoint_type='publicURL')
except exceptions.ServiceCatalogException:
s3_endpoint = None
try:
ec2_endpoint = api.base.url_for(request,
'ec2',
endpoint_type='publicURL')
except exceptions.ServiceCatalogException:
ec2_endpoint = None
return {'ec2_access_key': key.access,
'ec2_secret_key': key.secret,
'ec2_endpoint': ec2_endpoint,
's3_endpoint': s3_endpoint}
def _get_openrc_credentials(request):
keystone_url = api.base.url_for(request,
'identity',
endpoint_type='publicURL')
return {
'tenant_id': request.user.tenant_id,
'tenant_name': request.user.tenant_name,
'auth_url': keystone_url,
'user': request.user,
'interface': 'public',
'os_endpoint_type': 'publicURL',
'auth_type': request.session.get('auth_type'),
'region': getattr(request.user, 'services_region') or "",
}
# TODO(stephenfin): Migrate to CBV
def download_ec2_bundle(request):
tenant_name = request.user.tenant_name
# Gather or create our EC2 credentials
try:
context = _get_ec2_credentials(request)
except Exception:
exceptions.handle(request,
_('Unable to fetch EC2 credentials.'),
redirect=request.build_absolute_uri())
# Create our file bundle
template = 'project/api_access/ec2rc.sh.template'
try:
# pylint: disable-next=consider-using-with
temp_zip = tempfile.NamedTemporaryFile(delete=True)
with closing(zipfile.ZipFile(temp_zip.name, mode='w')) as archive:
archive.writestr('ec2rc.sh', render_to_string(template, context))
except Exception:
exceptions.handle(request,
_('Error writing zipfile: %(exc)s'),
redirect=request.build_absolute_uri())
# Send it back
response = http.HttpResponse(content_type='application/zip')
response.write(temp_zip.read())
response['Content-Disposition'] = ('attachment; '
'filename="%s-x509.zip"'
% tenant_name)
response['Content-Length'] = temp_zip.tell()
return response
# TODO(stephenfin): Migrate to CBV
def download_rc_file(request):
template = settings.OPENRC_CUSTOM_TEMPLATE
context = _get_openrc_credentials(request)
# make v3 specific changes
context['user_domain_name'] = request.user.user_domain_name
try:
project_domain_id = request.user.token.project['domain_id']
except KeyError:
project_domain_id = ''
context['project_domain_id'] = project_domain_id
context['os_identity_api_version'] = 3
context['os_auth_version'] = 3
return _download_rc_file_for_template(request, context, template)
# TODO(stephenfin): Migrate to CBV
def download_clouds_yaml_file(request):
template = settings.OPENSTACK_CLOUDS_YAML_CUSTOM_TEMPLATE
context = _get_openrc_credentials(request)
context['cloud_name'] = settings.OPENSTACK_CLOUDS_YAML_NAME
context['profile'] = settings.OPENSTACK_CLOUDS_YAML_PROFILE
context['regions'] = [
region_tuple[1] for region_tuple in settings.AVAILABLE_REGIONS
]
context['user_domain_name'] = request.user.user_domain_name
context['os_identity_api_version'] = 3
context['os_auth_version'] = 3
return _download_rc_file_for_template(request, context, template,
'clouds.yaml')
def _download_rc_file_for_template(request, context, template, filename=None):
try:
content = render_to_string(template, context, request=request)
content = '\n'.join([line for line in content.split('\n')
if line.strip()])
response = http.HttpResponse(content, content_type="text/plain")
if not filename:
filename = '%s-openrc.sh' % context['tenant_name']
disposition = 'attachment; filename="%s"' % filename
response['Content-Disposition'] = disposition.encode('utf-8')
response['Content-Length'] = str(len(response.content))
return response
except Exception as e:
LOG.exception("Exception in DownloadOpenRCForm.")
messages.error(request, _('Error Downloading RC File: %s') % e)
return shortcuts.redirect(request.build_absolute_uri())
class CredentialsView(forms.ModalFormMixin, views.HorizonTemplateView):
template_name = 'project/api_access/credentials.html'
page_title = _("User Credentials Details")
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
try:
context['openrc_creds'] = _get_openrc_credentials(self.request)
except Exception:
exceptions.handle(self.request,
_('Unable to get openrc credentials'))
if api.base.is_service_enabled(self.request, 'ec2'):
try:
context['ec2_creds'] = _get_ec2_credentials(self.request)
except Exception:
exceptions.handle(self.request,
_('Unable to get EC2 credentials'))
return context
class RecreateCredentialsView(forms.ModalFormView):
form_class = api_access_forms.RecreateCredentials
form_id = "recreate_credentials"
page_title = _("Recreate EC2 Credentials")
template_name = \
'project/api_access/recreate_credentials.html'
submit_label = _("Recreate EC2 Credentials")
submit_url = reverse_lazy(
"horizon:project:api_access:recreate_credentials")
success_url = reverse_lazy('horizon:project:api_access:index')
class IndexView(tables.DataTableView):
table_class = api_access_tables.EndpointsTable
page_title = _("API Access")
def get_data(self):
services = []
for i, service in enumerate(self.request.user.service_catalog):
service['id'] = i
services.append(
api.keystone.Service(service,
self.request.user.services_region))
return sorted(services, key=lambda s: s.type)