Stable Keystone Driver Interfaces

Extended support for versioned driver classes to the rest of the backends based on the design of the initial support for catalog backend @ https://review.openstack.org/#/c/218481/ partially Implements bp stable-driver-interfaces Change-Id: I0078f6dc32932beb6db534ecf22b160097c5a090
2015-08-30 22:19:09 +00:00 · 2015-08-30 22:19:09 +00:00 · ba317dedd8
parent c8e2364240
commit ba317dedd8
32 changed files with 90 additions and 43 deletions
--- a/doc/source/architecture.rst
+++ b/doc/source/architecture.rst
@ -156,17 +156,19 @@ variety of environments and needs. The backend for each service is defined in
 the keystone.conf file with the key ``driver`` under a group associated with
 each service.

-A general class under each backend named ``Driver`` exists to provide an
+A general class exists under each backend to provide an
 abstract base class for any implementations, identifying the expected service
-implementations. The drivers for the services are:
+implementations. The classes are named after the keystone release in which
+they were introduced. For eg. ``DriverV8`` for keystone release version 8.
+The corresponding drivers for the services are:

-* :mod:`keystone.assignment.core.Driver`
-* :mod:`keystone.assignment.core.RoleDriver`
-* :mod:`keystone.catalog.core.Driver`
-* :mod:`keystone.identity.core.Driver`
-* :mod:`keystone.policy.core.Driver`
-* :mod:`keystone.resource.core.Driver`
-* :mod:`keystone.token.core.Driver`
+* :mod:`keystone.assignment.core.AssignmentDriverV8`
+* :mod:`keystone.assignment.core.RoleDriverV8`
+* :mod:`keystone.catalog.core.CatalogDriverV8`
+* :mod:`keystone.identity.core.IdentityDriverV8`
+* :mod:`keystone.policy.core.PolicyDriverV8`
+* :mod:`keystone.resource.core.ResourceDriverV8`
+* :mod:`keystone.token.core.TokenDriverV8`

 If you implement a backend driver for one of the Keystone services, you're
 expected to subclass from these classes.
--- a/keystone/assignment/backends/ldap.py
+++ b/keystone/assignment/backends/ldap.py
@ -31,7 +31,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Assignment(assignment.Driver):
+class Assignment(assignment.AssignmentDriverV8):
    @versionutils.deprecated(
        versionutils.deprecated.KILO,
        remove_in=+2,
--- a/keystone/assignment/backends/sql.py
+++ b/keystone/assignment/backends/sql.py
@ -49,7 +49,7 @@ class AssignmentType(object):
        raise exception.AssignmentTypeCalculationError(**locals())


-class Assignment(keystone_assignment.Driver):
+class Assignment(keystone_assignment.AssignmentDriverV8):

    def default_role_driver(self):
        return 'sql'
--- a/keystone/assignment/core.py
+++ b/keystone/assignment/core.py
@ -911,7 +911,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class AssignmentDriverV8(object):

    def _role_to_dict(self, role_id, inherited):
        role_dict = {'id': role_id}
@ -1158,6 +1158,9 @@ class Driver(object):
        raise exception.NotImplemented()  # pragma: no cover


+Driver = manager.create_legacy_driver(AssignmentDriverV8)
+
+
@dependency.provider('role_api')
@dependency.requires('assignment_api')
 class RoleManager(manager.Manager):
@ -1219,7 +1222,7 @@ class RoleManager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class RoleDriver(object):
+class RoleDriverV8(object):

    def _get_list_limit(self):
        return CONF.role.list_limit or CONF.list_limit
@ -1287,3 +1290,6 @@ class RoleDriver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+RoleDriver = manager.create_legacy_driver(RoleDriverV8)
--- a/keystone/assignment/role_backends/ldap.py
+++ b/keystone/assignment/role_backends/ldap.py
@ -27,7 +27,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Role(assignment.RoleDriver):
+class Role(assignment.RoleDriverV8):

    def __init__(self):
        super(Role, self).__init__()
--- a/keystone/assignment/role_backends/sql.py
+++ b/keystone/assignment/role_backends/sql.py
@ -15,7 +15,7 @@ from keystone.common import sql
 from keystone import exception


-class Role(assignment.RoleDriver):
+class Role(assignment.RoleDriverV8):

    @sql.handle_conflicts(conflict_type='role')
    def create_role(self, role_id, role):
--- a/keystone/contrib/endpoint_filter/backends/sql.py
+++ b/keystone/contrib/endpoint_filter/backends/sql.py
@ -53,7 +53,7 @@ class ProjectEndpointGroupMembership(sql.ModelBase, sql.ModelDictMixin):
                                               'project_id'), {})


-class EndpointFilter(endpoint_filter.Driver):
+class EndpointFilter(endpoint_filter.EndpointFilterDriverV8):

    @sql.handle_conflicts(conflict_type='project_endpoint')
    def add_endpoint_to_project(self, endpoint_id, project_id):
--- a/keystone/contrib/endpoint_filter/core.py
+++ b/keystone/contrib/endpoint_filter/core.py
@ -65,7 +65,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class EndpointFilterDriverV8(object):
    """Interface description for an Endpoint Filter driver."""

    @abc.abstractmethod
@ -291,3 +291,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(EndpointFilterDriverV8)
--- a/keystone/contrib/federation/backends/sql.py
+++ b/keystone/contrib/federation/backends/sql.py
@ -155,7 +155,7 @@ class ServiceProviderModel(sql.ModelBase, sql.DictBase):
        return d


-class Federation(core.Driver):
+class Federation(core.FederationDriverV8):

    # Identity Provider CRUD
    @sql.handle_conflicts(conflict_type='identity_provider')
--- a/keystone/contrib/federation/core.py
+++ b/keystone/contrib/federation/core.py
@ -92,7 +92,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class FederationDriverV8(object):

    @abc.abstractmethod
    def create_idp(self, idp_id, idp):
@ -350,3 +350,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(FederationDriverV8)
--- a/keystone/contrib/oauth1/core.py
+++ b/keystone/contrib/oauth1/core.py
@ -199,7 +199,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class Oauth1DriverV8(object):
    """Interface description for an OAuth1 driver."""

    @abc.abstractmethod
@ -362,3 +362,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(Oauth1DriverV8)
--- a/keystone/contrib/revoke/backends/kvs.py
+++ b/keystone/contrib/revoke/backends/kvs.py
@ -27,7 +27,7 @@ _EVENT_KEY = 'os-revoke-events'
 _KVS_BACKEND = 'openstack.kvs.Memory'


-class Revoke(revoke.Driver):
+class Revoke(revoke.RevokeDriverV8):

    @versionutils.deprecated(
        versionutils.deprecated.JUNO,
--- a/keystone/contrib/revoke/backends/sql.py
+++ b/keystone/contrib/revoke/backends/sql.py
@ -38,7 +38,7 @@ class RevocationEvent(sql.ModelBase, sql.ModelDictMixin):
    audit_chain_id = sql.Column(sql.String(32))


-class Revoke(revoke.Driver):
+class Revoke(revoke.RevokeDriverV8):
    def _flush_batch_size(self, dialect):
        batch_size = 0
        if dialect == 'ibm_db_sa':
--- a/keystone/contrib/revoke/core.py
+++ b/keystone/contrib/revoke/core.py
@ -232,7 +232,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class RevokeDriverV8(object):
    """Interface for recording and reporting revocation events."""

    @abc.abstractmethod
@ -257,3 +257,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(RevokeDriverV8)
--- a/keystone/credential/backends/sql.py
+++ b/keystone/credential/backends/sql.py
@ -29,7 +29,7 @@ class CredentialModel(sql.ModelBase, sql.DictBase):
    extra = sql.Column(sql.JsonBlob())


-class Credential(credential.Driver):
+class Credential(credential.CredentialDriverV8):

    # credential crud

--- a/keystone/credential/core.py
+++ b/keystone/credential/core.py
@ -51,7 +51,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class CredentialDriverV8(object):
    # credential crud

    @abc.abstractmethod
@ -140,3 +140,6 @@ class Driver(object):
                except exception.CredentialNotFound:
                    LOG.debug('Deletion of credential is not required: %s',
                              cr['id'])
+
+
+Driver = manager.create_legacy_driver(CredentialDriverV8)
--- a/keystone/endpoint_policy/core.py
+++ b/keystone/endpoint_policy/core.py
@ -264,7 +264,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class EndpointPolicyDriverV8(object):
    """Interface description for an Endpoint Policy driver."""

    @abc.abstractmethod
@ -431,3 +431,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(EndpointPolicyDriverV8)
--- a/keystone/identity/backends/ldap.py
+++ b/keystone/identity/backends/ldap.py
@ -32,7 +32,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Identity(identity.Driver):
+class Identity(identity.IdentityDriverV8):
    def __init__(self, conf=None):
        super(Identity, self).__init__()
        if conf is None:
--- a/keystone/identity/backends/sql.py
+++ b/keystone/identity/backends/sql.py
@ -70,7 +70,7 @@ class UserGroupMembership(sql.ModelBase, sql.DictBase):
                          primary_key=True)


-class Identity(identity.Driver):
+class Identity(identity.IdentityDriverV8):
    # NOTE(henry-nash): Override the __init__() method so as to take a
    # config parameter to enable sql to be used as a domain-specific driver.
    def __init__(self, conf=None):
--- a/keystone/identity/core.py
+++ b/keystone/identity/core.py
@ -1066,7 +1066,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class IdentityDriverV8(object):
    """Interface description for an Identity driver."""

    def _get_list_limit(self):
@ -1280,6 +1280,9 @@ class Driver(object):
    # end of identity


+Driver = manager.create_legacy_driver(IdentityDriverV8)
+
+
@dependency.provider('id_mapping_api')
 class MappingManager(manager.Manager):
    """Default pivot point for the ID Mapping backend."""
@ -1291,7 +1294,7 @@ class MappingManager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class MappingDriver(object):
+class MappingDriverV8(object):
    """Interface description for an ID Mapping driver."""

    @abc.abstractmethod
@ -1350,3 +1353,6 @@ class MappingDriver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+MappingDriver = manager.create_legacy_driver(MappingDriverV8)
--- a/keystone/identity/mapping_backends/sql.py
+++ b/keystone/identity/mapping_backends/sql.py
@ -36,7 +36,7 @@ class IDMapping(sql.ModelBase, sql.ModelDictMixin):


@dependency.requires('id_generator_api')
-class Mapping(identity.MappingDriver):
+class Mapping(identity.MappingDriverV8):

    def get_public_id(self, local_entity):
        # NOTE(henry-nash): Since the Public ID is regeneratable, rather
--- a/keystone/policy/backends/rules.py
+++ b/keystone/policy/backends/rules.py
@ -69,7 +69,7 @@ def enforce(credentials, action, target, do_raise=True):
    return _ENFORCER.enforce(action, target, credentials, **extra)


-class Policy(policy.Driver):
+class Policy(policy.PolicyDriverV8):
    def enforce(self, credentials, action, target):
        LOG.debug('enforce %(action)s: %(credentials)s', {
            'action': action,
--- a/keystone/policy/core.py
+++ b/keystone/policy/core.py
@ -82,7 +82,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class PolicyDriverV8(object):

    def _get_list_limit(self):
        return CONF.policy.list_limit or CONF.list_limit
@ -136,3 +136,6 @@ class Driver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(PolicyDriverV8)
--- a/keystone/resource/backends/ldap.py
+++ b/keystone/resource/backends/ldap.py
@ -31,7 +31,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Resource(resource.Driver):
+class Resource(resource.ResourceDriverV8):
    def __init__(self):
        super(Resource, self).__init__()
        self.LDAP_URL = CONF.ldap.url
--- a/keystone/resource/backends/sql.py
+++ b/keystone/resource/backends/sql.py
@ -24,7 +24,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Resource(keystone_resource.Driver):
+class Resource(keystone_resource.ResourceDriverV8):

    def default_assignment_driver(self):
        return 'sql'
--- a/keystone/resource/config_backends/sql.py
+++ b/keystone/resource/config_backends/sql.py
@ -42,7 +42,7 @@ class SensitiveConfig(sql.ModelBase, sql.ModelDictMixin):
        return d


-class DomainConfig(resource.DomainConfigDriver):
+class DomainConfig(resource.DomainConfigDriverV8):

    def choose_table(self, sensitive):
        if sensitive:
--- a/keystone/resource/core.py
+++ b/keystone/resource/core.py
@ -541,7 +541,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class ResourceDriverV8(object):

    def _get_list_limit(self):
        return CONF.resource.list_limit or CONF.list_limit
@ -796,6 +796,9 @@ class Driver(object):
            raise exception.DomainNotFound(domain_id=domain_id)


+Driver = manager.create_legacy_driver(ResourceDriverV8)
+
+
 MEMOIZE_CONFIG = cache.get_memoization_decorator(section='domain_config')


@ -1272,7 +1275,7 @@ class DomainConfigManager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class DomainConfigDriver(object):
+class DomainConfigDriverV8(object):
    """Interface description for a Domain Config driver."""

    @abc.abstractmethod
@ -1359,3 +1362,6 @@ class DomainConfigDriver(object):

        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+DomainConfigDriver = manager.create_legacy_driver(DomainConfigDriverV8)
--- a/keystone/token/persistence/backends/kvs.py
+++ b/keystone/token/persistence/backends/kvs.py
@ -33,7 +33,7 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


-class Token(token.persistence.Driver):
+class Token(token.persistence.TokenDriverV8):
    """KeyValueStore backend for tokens.

    This is the base implementation for any/all key-value-stores (e.g.
--- a/keystone/token/persistence/backends/sql.py
+++ b/keystone/token/persistence/backends/sql.py
@ -83,7 +83,7 @@ def _expiry_range_all(session, upper_bound_func):
    yield upper_bound_func()


-class Token(token.persistence.Driver):
+class Token(token.persistence.TokenDriverV8):
    # Public interface
    def get_token(self, token_id):
        if token_id is None:
--- a/keystone/token/persistence/core.py
+++ b/keystone/token/persistence/core.py
@ -230,7 +230,7 @@ class Manager(object):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class TokenDriverV8(object):
    """Interface description for a Token driver."""

    @abc.abstractmethod
@ -357,3 +357,6 @@ class Driver(object):
        """Archive or delete tokens that have expired.
        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(TokenDriverV8)
--- a/keystone/trust/backends/sql.py
+++ b/keystone/trust/backends/sql.py
@ -54,7 +54,7 @@ class TrustRole(sql.ModelBase):
    role_id = sql.Column(sql.String(64), primary_key=True, nullable=False)


-class Trust(trust.Driver):
+class Trust(trust.TrustDriverV8):
    @sql.handle_conflicts(conflict_type='trust')
    def create_trust(self, trust_id, trust, roles):
        with sql.transaction() as session:
--- a/keystone/trust/core.py
+++ b/keystone/trust/core.py
@ -204,7 +204,7 @@ class Manager(manager.Manager):


@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class TrustDriverV8(object):

    @abc.abstractmethod
    def create_trust(self, trust_id, trust, roles):
@ -251,3 +251,6 @@ class Driver(object):
                 keystone.exception.TrustNotFound
        """
        raise exception.NotImplemented()  # pragma: no cover
+
+
+Driver = manager.create_legacy_driver(TrustDriverV8)