Centralize config option: trust section

Centralize config option of trust section. Replace oslo_conf cfg to magnum.conf. Change-Id: Ie8e50f62bf41ccc1708b16745e5aaf841379b66b Implements: blueprint centralize-config-magnum
2016-08-22 13:10:54 +07:00 · 2016-08-22 13:10:54 +07:00 · 5abcdadb51
commit 5abcdadb51
parent 19d80981a7
8 changed files with 67 additions and 48 deletions
--- a/magnum/common/keystone.py
+++ b/magnum/common/keystone.py
@ -21,40 +21,16 @@ from oslo_config import cfg
 from oslo_log import log as logging

 from magnum.common import exception
+import magnum.conf
 from magnum.i18n import _
 from magnum.i18n import _LE
 from magnum.i18n import _LW

-CONF = cfg.CONF
+CONF = magnum.conf.CONF
 CFG_GROUP = 'keystone_auth'
 CFG_LEGACY_GROUP = 'keystone_authtoken'
 LOG = logging.getLogger(__name__)

-trust_opts = [
-    cfg.StrOpt('trustee_domain_id',
-               help=_('Id of the domain to create trustee for clusters')),
-    cfg.StrOpt('trustee_domain_name',
-               help=_('Name of the domain to create trustee for s')),
-    cfg.StrOpt('trustee_domain_admin_id',
-               help=_('Id of the admin with roles sufficient to manage users'
-                      ' in the trustee_domain')),
-    cfg.StrOpt('trustee_domain_admin_name',
-               help=_('Name of the admin with roles sufficient to manage users'
-                      ' in the trustee_domain')),
-    cfg.StrOpt('trustee_domain_admin_domain_id',
-               help=_('Id of the domain admin user\'s domain.'
-                      ' trustee_domain_id is used by default')),
-    cfg.StrOpt('trustee_domain_admin_domain_name',
-               help=_('Name of the domain admin user\'s domain.'
-                      ' trustee_domain_name is used by default')),
-    cfg.StrOpt('trustee_domain_admin_password', secret=True,
-               help=_('Password of trustee_domain_admin')),
-    cfg.ListOpt('roles',
-                default=[],
-                help=_('The roles which are delegated to the trustee '
-                       'by the trustor'))
-]
-
 legacy_session_opts = {
    'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)],
    'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)],
@ -66,7 +42,6 @@ legacy_session_opts = {
 keystone_auth_opts = (ka_loading.get_auth_common_conf_options() +
                      ka_loading.get_auth_plugin_conf_options('password'))

-CONF.register_opts(trust_opts, group='trust')
 # FIXME(pauloewerton): remove import of authtoken group and legacy options
 # after deprecation period
 CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token')
--- a/magnum/conf/init.py
+++ b/magnum/conf/init.py
@ -34,6 +34,7 @@ from magnum.conf import nova
 from magnum.conf import paths
 from magnum.conf import rpc
 from magnum.conf import services
+from magnum.conf import trust
 from magnum.conf import utils
 # from magnum.conf import x509

@ -58,5 +59,6 @@ nova.register_opts(CONF)
 paths.register_opts(CONF)
 rpc.register_opts(CONF)
 services.register_opts(CONF)
+trust.register_opts(CONF)
 utils.register_opts(CONF)
 # x509.register_opts(CONF)
--- a/magnum/conf/trust.py
+++ b/magnum/conf/trust.py
@ -0,0 +1,54 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may not
+# use this file except in compliance with the License. You may obtain a copy
+# of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from oslo_config import cfg
+
+from magnum.i18n import _
+
+trust_group = cfg.OptGroup(name='trust',
+                           title='Trustee options for the magnum services')
+
+trust_opts = [
+    cfg.StrOpt('trustee_domain_id',
+               help=_('Id of the domain to create trustee for clusters')),
+    cfg.StrOpt('trustee_domain_name',
+               help=_('Name of the domain to create trustee for s')),
+    cfg.StrOpt('trustee_domain_admin_id',
+               help=_('Id of the admin with roles sufficient to manage users'
+                      ' in the trustee_domain')),
+    cfg.StrOpt('trustee_domain_admin_name',
+               help=_('Name of the admin with roles sufficient to manage users'
+                      ' in the trustee_domain')),
+    cfg.StrOpt('trustee_domain_admin_domain_id',
+               help=_('Id of the domain admin user\'s domain.'
+                      ' trustee_domain_id is used by default')),
+    cfg.StrOpt('trustee_domain_admin_domain_name',
+               help=_('Name of the domain admin user\'s domain.'
+                      ' trustee_domain_name is used by default')),
+    cfg.StrOpt('trustee_domain_admin_password', secret=True,
+               help=_('Password of trustee_domain_admin')),
+    cfg.ListOpt('roles',
+                default=[],
+                help=_('The roles which are delegated to the trustee '
+                       'by the trustor'))
+]
+
+
+def register_opts(conf):
+    conf.register_group(trust_group)
+    conf.register_opts(trust_opts, group=trust_group)
+
+
+def list_opts():
+    return {
+        trust_group: trust_opts
+    }
--- a/magnum/drivers/common/template_def.py
+++ b/magnum/drivers/common/template_def.py
@ -44,7 +44,6 @@ docker_registry_opts = [

 CONF = magnum.conf.CONF
 CONF.register_opts(docker_registry_opts, group='docker_registry')
-CONF.import_opt('trustee_domain_id', 'magnum.common.keystone', group='trust')


 class ParameterMapping(object):
--- a/magnum/opts.py
+++ b/magnum/opts.py
@ -21,7 +21,6 @@ import magnum.drivers.common.template_def

 def list_opts():
    return [
-        ('trust', magnum.common.keystone.trust_opts),
        ('x509', magnum.common.x509.config.x509_opts),
        ('keystone_auth', magnum.common.keystone.keystone_auth_opts),
        ('docker_registry',
--- a/magnum/tests/conf_fixture.py
+++ b/magnum/tests/conf_fixture.py
@ -15,14 +15,11 @@
 #    under the License.

 import fixtures
-from oslo_config import cfg

 from magnum.common import config
+import magnum.conf

-CONF = cfg.CONF
-CONF.import_opt('host', 'magnum.common.service')
-CONF.import_opt('connection', 'oslo_db.options', group='database')
-CONF.import_opt('sqlite_synchronous', 'oslo_db.options', group='database')
+CONF = magnum.conf.CONF


 class ConfFixture(fixtures.Fixture):
--- a/magnum/tests/unit/common/test_clients.py
+++ b/magnum/tests/unit/common/test_clients.py
@ -32,12 +32,6 @@ class ClientsTest(base.BaseTestCase):

        CONF.set_override('auth_uri', 'http://server.test:5000/v2.0',
                          group='keystone_authtoken')
-        CONF.import_opt('api_version', 'magnum.common.clients',
-                        group='nova_client')
-        CONF.import_opt('api_version', 'magnum.common.clients',
-                        group='heat_client')
-        CONF.import_opt('api_version', 'magnum.common.clients',
-                        group='glance_client')

    @mock.patch.object(clients.OpenStackClients, 'keystone')
    def test_url_for(self, mock_keystone):
--- a/magnum/tests/unit/common/test_keystone.py
+++ b/magnum/tests/unit/common/test_keystone.py
@ -11,21 +11,20 @@
 # under the License.

 import mock
-from oslo_config import cfg
 from oslo_config import fixture

-cfg.CONF.import_group('keystone_authtoken',
-                      'keystonemiddleware.auth_token')
-
 from keystoneauth1 import exceptions as ka_exception
 from keystoneauth1 import identity as ka_identity
 import keystoneclient.exceptions as kc_exception

 from magnum.common import exception
 from magnum.common import keystone
+import magnum.conf
 from magnum.tests import base
 from magnum.tests import utils

+CONF = magnum.conf.CONF
+

@mock.patch('keystoneclient.v3.client.Client')
 class KeystoneClientTest(base.TestCase):
@ -148,7 +147,7 @@ class KeystoneClientTest(base.TestCase):
        self.ctx.roles = ['role1', 'role2']
        ks_client = keystone.KeystoneClientV3(self.ctx)

-        cfg.CONF.set_override('roles', ['role3'], group='trust')
+        CONF.set_override('roles', ['role3'], group='trust')
        ks_client.create_trust(trustee_user='888888')

        mock_ks.return_value.trusts.create.assert_called_once_with(
@ -196,7 +195,7 @@ class KeystoneClientTest(base.TestCase):
    def test_get_validate_region_name(self, mock_ks):
        key = 'region_name'
        val = 'RegionOne'
-        cfg.CONF.set_override(key, val, 'cinder_client')
+        CONF.set_override(key, val, 'cinder_client')
        mock_region = mock.MagicMock()
        mock_region.id = 'RegionOne'
        mock_ks.return_value.regions.list.return_value = [mock_region]
@ -207,7 +206,7 @@ class KeystoneClientTest(base.TestCase):
    def test_get_validate_region_name_not_found(self, mock_ks):
        key = 'region_name'
        val = 'region123'
-        cfg.CONF.set_override(key, val, 'cinder_client')
+        CONF.set_override(key, val, 'cinder_client')
        ks_client = keystone.KeystoneClientV3(self.ctx)
        self.assertRaises(exception.InvalidParameterValue,
                          ks_client.get_validate_region_name, val)
@ -215,7 +214,7 @@ class KeystoneClientTest(base.TestCase):
    def test_get_validate_region_name_is_None(self, mock_ks):
        key = 'region_name'
        val = None
-        cfg.CONF.set_override(key, val, 'cinder_client')
+        CONF.set_override(key, val, 'cinder_client')
        ks_client = keystone.KeystoneClientV3(self.ctx)
        self.assertRaises(exception.InvalidParameterValue,
                          ks_client.get_validate_region_name, val)