![Dmitriy Rabotyagov](/assets/img/avatar_default.png)
With migration from ubuntu jammy to noble, python3.11 is not available anymore. This makes the job to fail on pre-install step. So let's use Python 3.12 which is available out of the box on Noble after switch. This also bumps pylint version, as older one does not work anymore with Python 3.12. New pylint brings quite some new rules with it. Some were disabled, some were fixed within this patch. Change-Id: I4ba288966c582910e8a822d4531e29c9c005e48f
222 lines
8.1 KiB
Python
222 lines
8.1 KiB
Python
# Copyright 2012 OpenStack Foundation
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from contextlib import closing
|
|
import logging
|
|
import tempfile
|
|
import zipfile
|
|
|
|
from django.conf import settings
|
|
from django import http
|
|
from django import shortcuts
|
|
from django.template.loader import render_to_string
|
|
from django.urls import reverse_lazy
|
|
from django.utils.translation import gettext_lazy as _
|
|
|
|
from horizon import exceptions
|
|
from horizon import forms
|
|
from horizon import messages
|
|
from horizon import tables
|
|
from horizon import views
|
|
|
|
from openstack_dashboard import api
|
|
from openstack_dashboard.dashboards.project.api_access \
|
|
import forms as api_access_forms
|
|
from openstack_dashboard.dashboards.project.api_access \
|
|
import tables as api_access_tables
|
|
|
|
LOG = logging.getLogger(__name__)
|
|
|
|
|
|
def _get_ec2_credentials(request):
|
|
tenant_id = request.user.tenant_id
|
|
all_keys = api.keystone.list_ec2_credentials(request,
|
|
request.user.id)
|
|
|
|
key = next((x for x in all_keys if x.tenant_id == tenant_id), None)
|
|
if not key:
|
|
key = api.keystone.create_ec2_credentials(request,
|
|
request.user.id,
|
|
tenant_id)
|
|
try:
|
|
s3_endpoint = api.base.url_for(request,
|
|
's3',
|
|
endpoint_type='publicURL')
|
|
except exceptions.ServiceCatalogException:
|
|
s3_endpoint = None
|
|
|
|
try:
|
|
ec2_endpoint = api.base.url_for(request,
|
|
'ec2',
|
|
endpoint_type='publicURL')
|
|
except exceptions.ServiceCatalogException:
|
|
ec2_endpoint = None
|
|
|
|
return {'ec2_access_key': key.access,
|
|
'ec2_secret_key': key.secret,
|
|
'ec2_endpoint': ec2_endpoint,
|
|
's3_endpoint': s3_endpoint}
|
|
|
|
|
|
def _get_openrc_credentials(request):
|
|
keystone_url = api.base.url_for(request,
|
|
'identity',
|
|
endpoint_type='publicURL')
|
|
return {
|
|
'tenant_id': request.user.tenant_id,
|
|
'tenant_name': request.user.tenant_name,
|
|
'auth_url': keystone_url,
|
|
'user': request.user,
|
|
'interface': 'public',
|
|
'os_endpoint_type': 'publicURL',
|
|
'auth_type': request.session.get('auth_type'),
|
|
'region': getattr(request.user, 'services_region') or "",
|
|
}
|
|
|
|
|
|
# TODO(stephenfin): Migrate to CBV
|
|
def download_ec2_bundle(request):
|
|
tenant_name = request.user.tenant_name
|
|
|
|
# Gather or create our EC2 credentials
|
|
try:
|
|
context = _get_ec2_credentials(request)
|
|
except Exception:
|
|
exceptions.handle(request,
|
|
_('Unable to fetch EC2 credentials.'),
|
|
redirect=request.build_absolute_uri())
|
|
|
|
# Create our file bundle
|
|
template = 'project/api_access/ec2rc.sh.template'
|
|
try:
|
|
# pylint: disable-next=consider-using-with
|
|
temp_zip = tempfile.NamedTemporaryFile(delete=True)
|
|
with closing(zipfile.ZipFile(temp_zip.name, mode='w')) as archive:
|
|
archive.writestr('ec2rc.sh', render_to_string(template, context))
|
|
except Exception:
|
|
exceptions.handle(request,
|
|
_('Error writing zipfile: %(exc)s'),
|
|
redirect=request.build_absolute_uri())
|
|
|
|
# Send it back
|
|
response = http.HttpResponse(content_type='application/zip')
|
|
response.write(temp_zip.read())
|
|
response['Content-Disposition'] = ('attachment; '
|
|
'filename="%s-x509.zip"'
|
|
% tenant_name)
|
|
response['Content-Length'] = temp_zip.tell()
|
|
return response
|
|
|
|
|
|
# TODO(stephenfin): Migrate to CBV
|
|
def download_rc_file(request):
|
|
template = settings.OPENRC_CUSTOM_TEMPLATE
|
|
|
|
context = _get_openrc_credentials(request)
|
|
# make v3 specific changes
|
|
context['user_domain_name'] = request.user.user_domain_name
|
|
try:
|
|
project_domain_id = request.user.token.project['domain_id']
|
|
except KeyError:
|
|
project_domain_id = ''
|
|
context['project_domain_id'] = project_domain_id
|
|
context['os_identity_api_version'] = 3
|
|
context['os_auth_version'] = 3
|
|
return _download_rc_file_for_template(request, context, template)
|
|
|
|
|
|
# TODO(stephenfin): Migrate to CBV
|
|
def download_clouds_yaml_file(request):
|
|
template = settings.OPENSTACK_CLOUDS_YAML_CUSTOM_TEMPLATE
|
|
|
|
context = _get_openrc_credentials(request)
|
|
context['cloud_name'] = settings.OPENSTACK_CLOUDS_YAML_NAME
|
|
context['profile'] = settings.OPENSTACK_CLOUDS_YAML_PROFILE
|
|
context['regions'] = [
|
|
region_tuple[1] for region_tuple in settings.AVAILABLE_REGIONS
|
|
]
|
|
|
|
context['user_domain_name'] = request.user.user_domain_name
|
|
context['os_identity_api_version'] = 3
|
|
context['os_auth_version'] = 3
|
|
|
|
return _download_rc_file_for_template(request, context, template,
|
|
'clouds.yaml')
|
|
|
|
|
|
def _download_rc_file_for_template(request, context, template, filename=None):
|
|
try:
|
|
content = render_to_string(template, context, request=request)
|
|
content = '\n'.join([line for line in content.split('\n')
|
|
if line.strip()])
|
|
response = http.HttpResponse(content, content_type="text/plain")
|
|
|
|
if not filename:
|
|
filename = '%s-openrc.sh' % context['tenant_name']
|
|
disposition = 'attachment; filename="%s"' % filename
|
|
response['Content-Disposition'] = disposition.encode('utf-8')
|
|
response['Content-Length'] = str(len(response.content))
|
|
return response
|
|
|
|
except Exception as e:
|
|
LOG.exception("Exception in DownloadOpenRCForm.")
|
|
messages.error(request, _('Error Downloading RC File: %s') % e)
|
|
return shortcuts.redirect(request.build_absolute_uri())
|
|
|
|
|
|
class CredentialsView(forms.ModalFormMixin, views.HorizonTemplateView):
|
|
template_name = 'project/api_access/credentials.html'
|
|
page_title = _("User Credentials Details")
|
|
|
|
def get_context_data(self, **kwargs):
|
|
context = super().get_context_data(**kwargs)
|
|
try:
|
|
context['openrc_creds'] = _get_openrc_credentials(self.request)
|
|
except Exception:
|
|
exceptions.handle(self.request,
|
|
_('Unable to get openrc credentials'))
|
|
if api.base.is_service_enabled(self.request, 'ec2'):
|
|
try:
|
|
context['ec2_creds'] = _get_ec2_credentials(self.request)
|
|
except Exception:
|
|
exceptions.handle(self.request,
|
|
_('Unable to get EC2 credentials'))
|
|
return context
|
|
|
|
|
|
class RecreateCredentialsView(forms.ModalFormView):
|
|
form_class = api_access_forms.RecreateCredentials
|
|
form_id = "recreate_credentials"
|
|
page_title = _("Recreate EC2 Credentials")
|
|
template_name = \
|
|
'project/api_access/recreate_credentials.html'
|
|
submit_label = _("Recreate EC2 Credentials")
|
|
submit_url = reverse_lazy(
|
|
"horizon:project:api_access:recreate_credentials")
|
|
success_url = reverse_lazy('horizon:project:api_access:index')
|
|
|
|
|
|
class IndexView(tables.DataTableView):
|
|
table_class = api_access_tables.EndpointsTable
|
|
page_title = _("API Access")
|
|
|
|
def get_data(self):
|
|
services = []
|
|
for i, service in enumerate(self.request.user.service_catalog):
|
|
service['id'] = i
|
|
services.append(
|
|
api.keystone.Service(service,
|
|
self.request.user.services_region))
|
|
return sorted(services, key=lambda s: s.type)
|