openstack/ironic-inspector
Code Issues Proposed changes

ironic_inspector: ironic: Fix 'auth_type' when 'auth_strategy' is used

Browse Source 
We should override the 'auth_type' to 'none' when using the old way of
setting up authentication with 'auth_strategy' so we can override the
default 'auth_type' value before getting the session information.
This fixes the following issue

Unhandled error: MissingRequiredOptions: Auth plugin requires parameters which were not given: auth_url

This also adds a new testcase to test the strategy='noauth' scenario.

Closes-Bug: #1748263
Change-Id: I875e2b17f5c6829ad81f86c32959cb106bf57e53
This commit is contained in:
Markos Chandras 2018-02-08 14:03:13 +00:00 committed by Pavlo Shchelokovskyy
parent 76978212ea
commit fbeb0783e4
3 changed files with 43 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ironic_inspector/common/ironic.py
View File

@ -83,6 +83,14 @@ def get_client(token=None,
api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover api_version=DEFAULT_IRONIC_API_VERSION): # pragma: no cover
"""Get Ironic client instance.""" """Get Ironic client instance."""
global IRONIC_SESSION global IRONIC_SESSION
# NOTE: To support standalone ironic without keystone
# TODO(pas-ha) remove handling of deprecated opts in Rocky
# TODO(pas-ha) rewrite when ironicclient natively supports 'none' auth
# via sessions https://review.openstack.org/#/c/359061/
if CONF.ironic.auth_strategy == 'noauth':
CONF.set_override('auth_type', 'none', group='ironic')
if not IRONIC_SESSION: if not IRONIC_SESSION:
IRONIC_SESSION = keystone.get_session('ironic') IRONIC_SESSION = keystone.get_session('ironic')
@ -93,14 +101,8 @@ def get_client(token=None,
adapter_opts = dict() adapter_opts = dict()
# NOTE: To support standalone ironic without keystone
# TODO(pas-ha) remove handling of deprecated opts in Rocky
# TODO(pas-ha) rewrite when ironicclient natively supports 'none' auth
# via sessions https://review.openstack.org/#/c/359061/
if CONF.ironic.auth_strategy == 'noauth':
CONF.set_override('auth_type', 'none', group='ironic')
else:
# TODO(pas-ha) use service auth with incoming token # TODO(pas-ha) use service auth with incoming token
if CONF.ironic.auth_type != 'none':
if token is None: if token is None:
args['session'] = IRONIC_SESSION args['session'] = IRONIC_SESSION
else: else:

39
ironic_inspector/test/unit/test_common_ironic.py
View File

@ -27,18 +27,7 @@ from ironic_inspector import utils
CONF = cfg.CONF CONF = cfg.CONF
@mock.patch.object(keystone, 'get_adapter') class TestGetClientBase(object):
@mock.patch.object(keystone, 'register_auth_opts')
@mock.patch.object(keystone, 'get_session')
@mock.patch.object(client, 'Client')
class TestGetClient(base.BaseTest):
def setUp(self):
super(TestGetClient, self).setUp()
ir_utils.reset_ironic_session()
self.cfg.config(auth_strategy='keystone')
self.cfg.config(os_region='somewhere', group='ironic')
self.addCleanup(ir_utils.reset_ironic_session)
def test_get_client_with_auth_token(self, mock_client, mock_load, def test_get_client_with_auth_token(self, mock_client, mock_load,
mock_opts, mock_adapter): mock_opts, mock_adapter):
fake_token = 'token' fake_token = 'token'
@ -70,6 +59,32 @@ class TestGetClient(base.BaseTest):
mock_client.assert_called_once_with(1, fake_ironic_url, **args) mock_client.assert_called_once_with(1, fake_ironic_url, **args)
@mock.patch.object(keystone, 'get_adapter')
@mock.patch.object(keystone, 'register_auth_opts')
@mock.patch.object(keystone, 'get_session')
@mock.patch.object(client, 'Client')
class TestGetClientAuth(TestGetClientBase, base.BaseTest):
def setUp(self):
super(TestGetClientAuth, self).setUp()
ir_utils.reset_ironic_session()
self.cfg.config(auth_strategy='keystone')
self.cfg.config(os_region='somewhere', group='ironic')
self.addCleanup(ir_utils.reset_ironic_session)
@mock.patch.object(keystone, 'get_adapter')
@mock.patch.object(keystone, 'register_auth_opts')
@mock.patch.object(keystone, 'get_session')
@mock.patch.object(client, 'Client')
class TestGetClientNoAuth(TestGetClientBase, base.BaseTest):
def setUp(self):
super(TestGetClientNoAuth, self).setUp()
ir_utils.reset_ironic_session()
self.cfg.config(auth_strategy='noauth')
self.cfg.config(os_region='somewhere', group='ironic')
self.addCleanup(ir_utils.reset_ironic_session)
class TestGetIpmiAddress(base.BaseTest): class TestGetIpmiAddress(base.BaseTest):
def test_ipv4_in_resolves(self): def test_ipv4_in_resolves(self):
node = mock.Mock(spec=['driver_info', 'uuid'], node = mock.Mock(spec=['driver_info', 'uuid'],

6
releasenotes/notes/keystone-noauth-9ba5ad9884c6273c.yaml Normal file
View File

@ -0,0 +1,6 @@
---
fixes:
- |
Ironic introspection no longer tries to access the Identity service if the
``auth_strategy`` option is set to ``noauth`` and the ``auth_type`` option
is not set to ``none``.