From 5abcdadb51e25d0e8754d03881fe44d26204bc31 Mon Sep 17 00:00:00 2001 From: Hieu LE Date: Mon, 22 Aug 2016 13:10:54 +0700 Subject: [PATCH] Centralize config option: trust section Centralize config option of trust section. Replace oslo_conf cfg to magnum.conf. Change-Id: Ie8e50f62bf41ccc1708b16745e5aaf841379b66b Implements: blueprint centralize-config-magnum --- magnum/common/keystone.py | 29 +----------- magnum/conf/__init__.py | 2 + magnum/conf/trust.py | 54 +++++++++++++++++++++++ magnum/drivers/common/template_def.py | 1 - magnum/opts.py | 1 - magnum/tests/conf_fixture.py | 7 +-- magnum/tests/unit/common/test_clients.py | 6 --- magnum/tests/unit/common/test_keystone.py | 15 +++---- 8 files changed, 67 insertions(+), 48 deletions(-) create mode 100644 magnum/conf/trust.py diff --git a/magnum/common/keystone.py b/magnum/common/keystone.py index 3e1dc202f7..f52cc01f1a 100644 --- a/magnum/common/keystone.py +++ b/magnum/common/keystone.py @@ -21,40 +21,16 @@ from oslo_config import cfg from oslo_log import log as logging from magnum.common import exception +import magnum.conf from magnum.i18n import _ from magnum.i18n import _LE from magnum.i18n import _LW -CONF = cfg.CONF +CONF = magnum.conf.CONF CFG_GROUP = 'keystone_auth' CFG_LEGACY_GROUP = 'keystone_authtoken' LOG = logging.getLogger(__name__) -trust_opts = [ - cfg.StrOpt('trustee_domain_id', - help=_('Id of the domain to create trustee for clusters')), - cfg.StrOpt('trustee_domain_name', - help=_('Name of the domain to create trustee for s')), - cfg.StrOpt('trustee_domain_admin_id', - help=_('Id of the admin with roles sufficient to manage users' - ' in the trustee_domain')), - cfg.StrOpt('trustee_domain_admin_name', - help=_('Name of the admin with roles sufficient to manage users' - ' in the trustee_domain')), - cfg.StrOpt('trustee_domain_admin_domain_id', - help=_('Id of the domain admin user\'s domain.' - ' trustee_domain_id is used by default')), - cfg.StrOpt('trustee_domain_admin_domain_name', - help=_('Name of the domain admin user\'s domain.' - ' trustee_domain_name is used by default')), - cfg.StrOpt('trustee_domain_admin_password', secret=True, - help=_('Password of trustee_domain_admin')), - cfg.ListOpt('roles', - default=[], - help=_('The roles which are delegated to the trustee ' - 'by the trustor')) -] - legacy_session_opts = { 'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)], 'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)], @@ -66,7 +42,6 @@ legacy_session_opts = { keystone_auth_opts = (ka_loading.get_auth_common_conf_options() + ka_loading.get_auth_plugin_conf_options('password')) -CONF.register_opts(trust_opts, group='trust') # FIXME(pauloewerton): remove import of authtoken group and legacy options # after deprecation period CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token') diff --git a/magnum/conf/__init__.py b/magnum/conf/__init__.py index bd92be8e62..e1f5dc3055 100644 --- a/magnum/conf/__init__.py +++ b/magnum/conf/__init__.py @@ -34,6 +34,7 @@ from magnum.conf import nova from magnum.conf import paths from magnum.conf import rpc from magnum.conf import services +from magnum.conf import trust from magnum.conf import utils # from magnum.conf import x509 @@ -58,5 +59,6 @@ nova.register_opts(CONF) paths.register_opts(CONF) rpc.register_opts(CONF) services.register_opts(CONF) +trust.register_opts(CONF) utils.register_opts(CONF) # x509.register_opts(CONF) diff --git a/magnum/conf/trust.py b/magnum/conf/trust.py new file mode 100644 index 0000000000..1a079e26c9 --- /dev/null +++ b/magnum/conf/trust.py @@ -0,0 +1,54 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may not +# use this file except in compliance with the License. You may obtain a copy +# of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from oslo_config import cfg + +from magnum.i18n import _ + +trust_group = cfg.OptGroup(name='trust', + title='Trustee options for the magnum services') + +trust_opts = [ + cfg.StrOpt('trustee_domain_id', + help=_('Id of the domain to create trustee for clusters')), + cfg.StrOpt('trustee_domain_name', + help=_('Name of the domain to create trustee for s')), + cfg.StrOpt('trustee_domain_admin_id', + help=_('Id of the admin with roles sufficient to manage users' + ' in the trustee_domain')), + cfg.StrOpt('trustee_domain_admin_name', + help=_('Name of the admin with roles sufficient to manage users' + ' in the trustee_domain')), + cfg.StrOpt('trustee_domain_admin_domain_id', + help=_('Id of the domain admin user\'s domain.' + ' trustee_domain_id is used by default')), + cfg.StrOpt('trustee_domain_admin_domain_name', + help=_('Name of the domain admin user\'s domain.' + ' trustee_domain_name is used by default')), + cfg.StrOpt('trustee_domain_admin_password', secret=True, + help=_('Password of trustee_domain_admin')), + cfg.ListOpt('roles', + default=[], + help=_('The roles which are delegated to the trustee ' + 'by the trustor')) +] + + +def register_opts(conf): + conf.register_group(trust_group) + conf.register_opts(trust_opts, group=trust_group) + + +def list_opts(): + return { + trust_group: trust_opts + } diff --git a/magnum/drivers/common/template_def.py b/magnum/drivers/common/template_def.py index ef351e80c3..c5c1357fc8 100644 --- a/magnum/drivers/common/template_def.py +++ b/magnum/drivers/common/template_def.py @@ -44,7 +44,6 @@ docker_registry_opts = [ CONF = magnum.conf.CONF CONF.register_opts(docker_registry_opts, group='docker_registry') -CONF.import_opt('trustee_domain_id', 'magnum.common.keystone', group='trust') class ParameterMapping(object): diff --git a/magnum/opts.py b/magnum/opts.py index 7b7f16c701..d0ca71963a 100644 --- a/magnum/opts.py +++ b/magnum/opts.py @@ -21,7 +21,6 @@ import magnum.drivers.common.template_def def list_opts(): return [ - ('trust', magnum.common.keystone.trust_opts), ('x509', magnum.common.x509.config.x509_opts), ('keystone_auth', magnum.common.keystone.keystone_auth_opts), ('docker_registry', diff --git a/magnum/tests/conf_fixture.py b/magnum/tests/conf_fixture.py index 1618caa4df..8e888fe1b0 100644 --- a/magnum/tests/conf_fixture.py +++ b/magnum/tests/conf_fixture.py @@ -15,14 +15,11 @@ # under the License. import fixtures -from oslo_config import cfg from magnum.common import config +import magnum.conf -CONF = cfg.CONF -CONF.import_opt('host', 'magnum.common.service') -CONF.import_opt('connection', 'oslo_db.options', group='database') -CONF.import_opt('sqlite_synchronous', 'oslo_db.options', group='database') +CONF = magnum.conf.CONF class ConfFixture(fixtures.Fixture): diff --git a/magnum/tests/unit/common/test_clients.py b/magnum/tests/unit/common/test_clients.py index 027fb33475..17b09b51df 100644 --- a/magnum/tests/unit/common/test_clients.py +++ b/magnum/tests/unit/common/test_clients.py @@ -32,12 +32,6 @@ class ClientsTest(base.BaseTestCase): CONF.set_override('auth_uri', 'http://server.test:5000/v2.0', group='keystone_authtoken') - CONF.import_opt('api_version', 'magnum.common.clients', - group='nova_client') - CONF.import_opt('api_version', 'magnum.common.clients', - group='heat_client') - CONF.import_opt('api_version', 'magnum.common.clients', - group='glance_client') @mock.patch.object(clients.OpenStackClients, 'keystone') def test_url_for(self, mock_keystone): diff --git a/magnum/tests/unit/common/test_keystone.py b/magnum/tests/unit/common/test_keystone.py index 7c6c3df607..e476cdf15f 100644 --- a/magnum/tests/unit/common/test_keystone.py +++ b/magnum/tests/unit/common/test_keystone.py @@ -11,21 +11,20 @@ # under the License. import mock -from oslo_config import cfg from oslo_config import fixture -cfg.CONF.import_group('keystone_authtoken', - 'keystonemiddleware.auth_token') - from keystoneauth1 import exceptions as ka_exception from keystoneauth1 import identity as ka_identity import keystoneclient.exceptions as kc_exception from magnum.common import exception from magnum.common import keystone +import magnum.conf from magnum.tests import base from magnum.tests import utils +CONF = magnum.conf.CONF + @mock.patch('keystoneclient.v3.client.Client') class KeystoneClientTest(base.TestCase): @@ -148,7 +147,7 @@ class KeystoneClientTest(base.TestCase): self.ctx.roles = ['role1', 'role2'] ks_client = keystone.KeystoneClientV3(self.ctx) - cfg.CONF.set_override('roles', ['role3'], group='trust') + CONF.set_override('roles', ['role3'], group='trust') ks_client.create_trust(trustee_user='888888') mock_ks.return_value.trusts.create.assert_called_once_with( @@ -196,7 +195,7 @@ class KeystoneClientTest(base.TestCase): def test_get_validate_region_name(self, mock_ks): key = 'region_name' val = 'RegionOne' - cfg.CONF.set_override(key, val, 'cinder_client') + CONF.set_override(key, val, 'cinder_client') mock_region = mock.MagicMock() mock_region.id = 'RegionOne' mock_ks.return_value.regions.list.return_value = [mock_region] @@ -207,7 +206,7 @@ class KeystoneClientTest(base.TestCase): def test_get_validate_region_name_not_found(self, mock_ks): key = 'region_name' val = 'region123' - cfg.CONF.set_override(key, val, 'cinder_client') + CONF.set_override(key, val, 'cinder_client') ks_client = keystone.KeystoneClientV3(self.ctx) self.assertRaises(exception.InvalidParameterValue, ks_client.get_validate_region_name, val) @@ -215,7 +214,7 @@ class KeystoneClientTest(base.TestCase): def test_get_validate_region_name_is_None(self, mock_ks): key = 'region_name' val = None - cfg.CONF.set_override(key, val, 'cinder_client') + CONF.set_override(key, val, 'cinder_client') ks_client = keystone.KeystoneClientV3(self.ctx) self.assertRaises(exception.InvalidParameterValue, ks_client.get_validate_region_name, val)