Browse Source

Centralize config option: trust section

Centralize config option of trust section.
Replace oslo_conf cfg to magnum.conf.

Change-Id: Ie8e50f62bf41ccc1708b16745e5aaf841379b66b
Implements: blueprint centralize-config-magnum
changes/12/358412/6
Hieu LE 6 years ago
parent
commit
5abcdadb51
  1. 29
      magnum/common/keystone.py
  2. 2
      magnum/conf/__init__.py
  3. 54
      magnum/conf/trust.py
  4. 1
      magnum/drivers/common/template_def.py
  5. 1
      magnum/opts.py
  6. 7
      magnum/tests/conf_fixture.py
  7. 6
      magnum/tests/unit/common/test_clients.py
  8. 15
      magnum/tests/unit/common/test_keystone.py

29
magnum/common/keystone.py

@ -21,40 +21,16 @@ from oslo_config import cfg
from oslo_log import log as logging
from magnum.common import exception
import magnum.conf
from magnum.i18n import _
from magnum.i18n import _LE
from magnum.i18n import _LW
CONF = cfg.CONF
CONF = magnum.conf.CONF
CFG_GROUP = 'keystone_auth'
CFG_LEGACY_GROUP = 'keystone_authtoken'
LOG = logging.getLogger(__name__)
trust_opts = [
cfg.StrOpt('trustee_domain_id',
help=_('Id of the domain to create trustee for clusters')),
cfg.StrOpt('trustee_domain_name',
help=_('Name of the domain to create trustee for s')),
cfg.StrOpt('trustee_domain_admin_id',
help=_('Id of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_name',
help=_('Name of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_domain_id',
help=_('Id of the domain admin user\'s domain.'
' trustee_domain_id is used by default')),
cfg.StrOpt('trustee_domain_admin_domain_name',
help=_('Name of the domain admin user\'s domain.'
' trustee_domain_name is used by default')),
cfg.StrOpt('trustee_domain_admin_password', secret=True,
help=_('Password of trustee_domain_admin')),
cfg.ListOpt('roles',
default=[],
help=_('The roles which are delegated to the trustee '
'by the trustor'))
]
legacy_session_opts = {
'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)],
'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)],
@ -66,7 +42,6 @@ legacy_session_opts = {
keystone_auth_opts = (ka_loading.get_auth_common_conf_options() +
ka_loading.get_auth_plugin_conf_options('password'))
CONF.register_opts(trust_opts, group='trust')
# FIXME(pauloewerton): remove import of authtoken group and legacy options
# after deprecation period
CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token')

2
magnum/conf/__init__.py

@ -34,6 +34,7 @@ from magnum.conf import nova
from magnum.conf import paths
from magnum.conf import rpc
from magnum.conf import services
from magnum.conf import trust
from magnum.conf import utils
# from magnum.conf import x509
@ -58,5 +59,6 @@ nova.register_opts(CONF)
paths.register_opts(CONF)
rpc.register_opts(CONF)
services.register_opts(CONF)
trust.register_opts(CONF)
utils.register_opts(CONF)
# x509.register_opts(CONF)

54
magnum/conf/trust.py

@ -0,0 +1,54 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy
# of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo_config import cfg
from magnum.i18n import _
trust_group = cfg.OptGroup(name='trust',
title='Trustee options for the magnum services')
trust_opts = [
cfg.StrOpt('trustee_domain_id',
help=_('Id of the domain to create trustee for clusters')),
cfg.StrOpt('trustee_domain_name',
help=_('Name of the domain to create trustee for s')),
cfg.StrOpt('trustee_domain_admin_id',
help=_('Id of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_name',
help=_('Name of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_domain_id',
help=_('Id of the domain admin user\'s domain.'
' trustee_domain_id is used by default')),
cfg.StrOpt('trustee_domain_admin_domain_name',
help=_('Name of the domain admin user\'s domain.'
' trustee_domain_name is used by default')),
cfg.StrOpt('trustee_domain_admin_password', secret=True,
help=_('Password of trustee_domain_admin')),
cfg.ListOpt('roles',
default=[],
help=_('The roles which are delegated to the trustee '
'by the trustor'))
]
def register_opts(conf):
conf.register_group(trust_group)
conf.register_opts(trust_opts, group=trust_group)
def list_opts():
return {
trust_group: trust_opts
}

1
magnum/drivers/common/template_def.py

@ -44,7 +44,6 @@ docker_registry_opts = [
CONF = magnum.conf.CONF
CONF.register_opts(docker_registry_opts, group='docker_registry')
CONF.import_opt('trustee_domain_id', 'magnum.common.keystone', group='trust')
class ParameterMapping(object):

1
magnum/opts.py

@ -21,7 +21,6 @@ import magnum.drivers.common.template_def
def list_opts():
return [
('trust', magnum.common.keystone.trust_opts),
('x509', magnum.common.x509.config.x509_opts),
('keystone_auth', magnum.common.keystone.keystone_auth_opts),
('docker_registry',

7
magnum/tests/conf_fixture.py

@ -15,14 +15,11 @@
# under the License.
import fixtures
from oslo_config import cfg
from magnum.common import config
import magnum.conf
CONF = cfg.CONF
CONF.import_opt('host', 'magnum.common.service')
CONF.import_opt('connection', 'oslo_db.options', group='database')
CONF.import_opt('sqlite_synchronous', 'oslo_db.options', group='database')
CONF = magnum.conf.CONF
class ConfFixture(fixtures.Fixture):

6
magnum/tests/unit/common/test_clients.py

@ -32,12 +32,6 @@ class ClientsTest(base.BaseTestCase):
CONF.set_override('auth_uri', 'http://server.test:5000/v2.0',
group='keystone_authtoken')
CONF.import_opt('api_version', 'magnum.common.clients',
group='nova_client')
CONF.import_opt('api_version', 'magnum.common.clients',
group='heat_client')
CONF.import_opt('api_version', 'magnum.common.clients',
group='glance_client')
@mock.patch.object(clients.OpenStackClients, 'keystone')
def test_url_for(self, mock_keystone):

15
magnum/tests/unit/common/test_keystone.py

@ -11,21 +11,20 @@
# under the License.
import mock
from oslo_config import cfg
from oslo_config import fixture
cfg.CONF.import_group('keystone_authtoken',
'keystonemiddleware.auth_token')
from keystoneauth1 import exceptions as ka_exception
from keystoneauth1 import identity as ka_identity
import keystoneclient.exceptions as kc_exception
from magnum.common import exception
from magnum.common import keystone
import magnum.conf
from magnum.tests import base
from magnum.tests import utils
CONF = magnum.conf.CONF
@mock.patch('keystoneclient.v3.client.Client')
class KeystoneClientTest(base.TestCase):
@ -148,7 +147,7 @@ class KeystoneClientTest(base.TestCase):
self.ctx.roles = ['role1', 'role2']
ks_client = keystone.KeystoneClientV3(self.ctx)
cfg.CONF.set_override('roles', ['role3'], group='trust')
CONF.set_override('roles', ['role3'], group='trust')
ks_client.create_trust(trustee_user='888888')
mock_ks.return_value.trusts.create.assert_called_once_with(
@ -196,7 +195,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name(self, mock_ks):
key = 'region_name'
val = 'RegionOne'
cfg.CONF.set_override(key, val, 'cinder_client')
CONF.set_override(key, val, 'cinder_client')
mock_region = mock.MagicMock()
mock_region.id = 'RegionOne'
mock_ks.return_value.regions.list.return_value = [mock_region]
@ -207,7 +206,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name_not_found(self, mock_ks):
key = 'region_name'
val = 'region123'
cfg.CONF.set_override(key, val, 'cinder_client')
CONF.set_override(key, val, 'cinder_client')
ks_client = keystone.KeystoneClientV3(self.ctx)
self.assertRaises(exception.InvalidParameterValue,
ks_client.get_validate_region_name, val)
@ -215,7 +214,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name_is_None(self, mock_ks):
key = 'region_name'
val = None
cfg.CONF.set_override(key, val, 'cinder_client')
CONF.set_override(key, val, 'cinder_client')
ks_client = keystone.KeystoneClientV3(self.ctx)
self.assertRaises(exception.InvalidParameterValue,
ks_client.get_validate_region_name, val)

Loading…
Cancel
Save