Centralize config option: trust section

Centralize config option of trust section.
Replace oslo_conf cfg to magnum.conf.

Change-Id: Ie8e50f62bf41ccc1708b16745e5aaf841379b66b
Implements: blueprint centralize-config-magnum
This commit is contained in:
Hieu LE 2016-08-22 13:10:54 +07:00
parent 19d80981a7
commit 5abcdadb51
8 changed files with 67 additions and 48 deletions

View File

@ -21,40 +21,16 @@ from oslo_config import cfg
from oslo_log import log as logging from oslo_log import log as logging
from magnum.common import exception from magnum.common import exception
import magnum.conf
from magnum.i18n import _ from magnum.i18n import _
from magnum.i18n import _LE from magnum.i18n import _LE
from magnum.i18n import _LW from magnum.i18n import _LW
CONF = cfg.CONF CONF = magnum.conf.CONF
CFG_GROUP = 'keystone_auth' CFG_GROUP = 'keystone_auth'
CFG_LEGACY_GROUP = 'keystone_authtoken' CFG_LEGACY_GROUP = 'keystone_authtoken'
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
trust_opts = [
cfg.StrOpt('trustee_domain_id',
help=_('Id of the domain to create trustee for clusters')),
cfg.StrOpt('trustee_domain_name',
help=_('Name of the domain to create trustee for s')),
cfg.StrOpt('trustee_domain_admin_id',
help=_('Id of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_name',
help=_('Name of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_domain_id',
help=_('Id of the domain admin user\'s domain.'
' trustee_domain_id is used by default')),
cfg.StrOpt('trustee_domain_admin_domain_name',
help=_('Name of the domain admin user\'s domain.'
' trustee_domain_name is used by default')),
cfg.StrOpt('trustee_domain_admin_password', secret=True,
help=_('Password of trustee_domain_admin')),
cfg.ListOpt('roles',
default=[],
help=_('The roles which are delegated to the trustee '
'by the trustor'))
]
legacy_session_opts = { legacy_session_opts = {
'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)], 'certfile': [cfg.DeprecatedOpt('certfile', CFG_LEGACY_GROUP)],
'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)], 'keyfile': [cfg.DeprecatedOpt('keyfile', CFG_LEGACY_GROUP)],
@ -66,7 +42,6 @@ legacy_session_opts = {
keystone_auth_opts = (ka_loading.get_auth_common_conf_options() + keystone_auth_opts = (ka_loading.get_auth_common_conf_options() +
ka_loading.get_auth_plugin_conf_options('password')) ka_loading.get_auth_plugin_conf_options('password'))
CONF.register_opts(trust_opts, group='trust')
# FIXME(pauloewerton): remove import of authtoken group and legacy options # FIXME(pauloewerton): remove import of authtoken group and legacy options
# after deprecation period # after deprecation period
CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token') CONF.import_group('keystone_authtoken', 'keystonemiddleware.auth_token')

View File

@ -34,6 +34,7 @@ from magnum.conf import nova
from magnum.conf import paths from magnum.conf import paths
from magnum.conf import rpc from magnum.conf import rpc
from magnum.conf import services from magnum.conf import services
from magnum.conf import trust
from magnum.conf import utils from magnum.conf import utils
# from magnum.conf import x509 # from magnum.conf import x509
@ -58,5 +59,6 @@ nova.register_opts(CONF)
paths.register_opts(CONF) paths.register_opts(CONF)
rpc.register_opts(CONF) rpc.register_opts(CONF)
services.register_opts(CONF) services.register_opts(CONF)
trust.register_opts(CONF)
utils.register_opts(CONF) utils.register_opts(CONF)
# x509.register_opts(CONF) # x509.register_opts(CONF)

54
magnum/conf/trust.py Normal file
View File

@ -0,0 +1,54 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy
# of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo_config import cfg
from magnum.i18n import _
trust_group = cfg.OptGroup(name='trust',
title='Trustee options for the magnum services')
trust_opts = [
cfg.StrOpt('trustee_domain_id',
help=_('Id of the domain to create trustee for clusters')),
cfg.StrOpt('trustee_domain_name',
help=_('Name of the domain to create trustee for s')),
cfg.StrOpt('trustee_domain_admin_id',
help=_('Id of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_name',
help=_('Name of the admin with roles sufficient to manage users'
' in the trustee_domain')),
cfg.StrOpt('trustee_domain_admin_domain_id',
help=_('Id of the domain admin user\'s domain.'
' trustee_domain_id is used by default')),
cfg.StrOpt('trustee_domain_admin_domain_name',
help=_('Name of the domain admin user\'s domain.'
' trustee_domain_name is used by default')),
cfg.StrOpt('trustee_domain_admin_password', secret=True,
help=_('Password of trustee_domain_admin')),
cfg.ListOpt('roles',
default=[],
help=_('The roles which are delegated to the trustee '
'by the trustor'))
]
def register_opts(conf):
conf.register_group(trust_group)
conf.register_opts(trust_opts, group=trust_group)
def list_opts():
return {
trust_group: trust_opts
}

View File

@ -44,7 +44,6 @@ docker_registry_opts = [
CONF = magnum.conf.CONF CONF = magnum.conf.CONF
CONF.register_opts(docker_registry_opts, group='docker_registry') CONF.register_opts(docker_registry_opts, group='docker_registry')
CONF.import_opt('trustee_domain_id', 'magnum.common.keystone', group='trust')
class ParameterMapping(object): class ParameterMapping(object):

View File

@ -21,7 +21,6 @@ import magnum.drivers.common.template_def
def list_opts(): def list_opts():
return [ return [
('trust', magnum.common.keystone.trust_opts),
('x509', magnum.common.x509.config.x509_opts), ('x509', magnum.common.x509.config.x509_opts),
('keystone_auth', magnum.common.keystone.keystone_auth_opts), ('keystone_auth', magnum.common.keystone.keystone_auth_opts),
('docker_registry', ('docker_registry',

View File

@ -15,14 +15,11 @@
# under the License. # under the License.
import fixtures import fixtures
from oslo_config import cfg
from magnum.common import config from magnum.common import config
import magnum.conf
CONF = cfg.CONF CONF = magnum.conf.CONF
CONF.import_opt('host', 'magnum.common.service')
CONF.import_opt('connection', 'oslo_db.options', group='database')
CONF.import_opt('sqlite_synchronous', 'oslo_db.options', group='database')
class ConfFixture(fixtures.Fixture): class ConfFixture(fixtures.Fixture):

View File

@ -32,12 +32,6 @@ class ClientsTest(base.BaseTestCase):
CONF.set_override('auth_uri', 'http://server.test:5000/v2.0', CONF.set_override('auth_uri', 'http://server.test:5000/v2.0',
group='keystone_authtoken') group='keystone_authtoken')
CONF.import_opt('api_version', 'magnum.common.clients',
group='nova_client')
CONF.import_opt('api_version', 'magnum.common.clients',
group='heat_client')
CONF.import_opt('api_version', 'magnum.common.clients',
group='glance_client')
@mock.patch.object(clients.OpenStackClients, 'keystone') @mock.patch.object(clients.OpenStackClients, 'keystone')
def test_url_for(self, mock_keystone): def test_url_for(self, mock_keystone):

View File

@ -11,21 +11,20 @@
# under the License. # under the License.
import mock import mock
from oslo_config import cfg
from oslo_config import fixture from oslo_config import fixture
cfg.CONF.import_group('keystone_authtoken',
'keystonemiddleware.auth_token')
from keystoneauth1 import exceptions as ka_exception from keystoneauth1 import exceptions as ka_exception
from keystoneauth1 import identity as ka_identity from keystoneauth1 import identity as ka_identity
import keystoneclient.exceptions as kc_exception import keystoneclient.exceptions as kc_exception
from magnum.common import exception from magnum.common import exception
from magnum.common import keystone from magnum.common import keystone
import magnum.conf
from magnum.tests import base from magnum.tests import base
from magnum.tests import utils from magnum.tests import utils
CONF = magnum.conf.CONF
@mock.patch('keystoneclient.v3.client.Client') @mock.patch('keystoneclient.v3.client.Client')
class KeystoneClientTest(base.TestCase): class KeystoneClientTest(base.TestCase):
@ -148,7 +147,7 @@ class KeystoneClientTest(base.TestCase):
self.ctx.roles = ['role1', 'role2'] self.ctx.roles = ['role1', 'role2']
ks_client = keystone.KeystoneClientV3(self.ctx) ks_client = keystone.KeystoneClientV3(self.ctx)
cfg.CONF.set_override('roles', ['role3'], group='trust') CONF.set_override('roles', ['role3'], group='trust')
ks_client.create_trust(trustee_user='888888') ks_client.create_trust(trustee_user='888888')
mock_ks.return_value.trusts.create.assert_called_once_with( mock_ks.return_value.trusts.create.assert_called_once_with(
@ -196,7 +195,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name(self, mock_ks): def test_get_validate_region_name(self, mock_ks):
key = 'region_name' key = 'region_name'
val = 'RegionOne' val = 'RegionOne'
cfg.CONF.set_override(key, val, 'cinder_client') CONF.set_override(key, val, 'cinder_client')
mock_region = mock.MagicMock() mock_region = mock.MagicMock()
mock_region.id = 'RegionOne' mock_region.id = 'RegionOne'
mock_ks.return_value.regions.list.return_value = [mock_region] mock_ks.return_value.regions.list.return_value = [mock_region]
@ -207,7 +206,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name_not_found(self, mock_ks): def test_get_validate_region_name_not_found(self, mock_ks):
key = 'region_name' key = 'region_name'
val = 'region123' val = 'region123'
cfg.CONF.set_override(key, val, 'cinder_client') CONF.set_override(key, val, 'cinder_client')
ks_client = keystone.KeystoneClientV3(self.ctx) ks_client = keystone.KeystoneClientV3(self.ctx)
self.assertRaises(exception.InvalidParameterValue, self.assertRaises(exception.InvalidParameterValue,
ks_client.get_validate_region_name, val) ks_client.get_validate_region_name, val)
@ -215,7 +214,7 @@ class KeystoneClientTest(base.TestCase):
def test_get_validate_region_name_is_None(self, mock_ks): def test_get_validate_region_name_is_None(self, mock_ks):
key = 'region_name' key = 'region_name'
val = None val = None
cfg.CONF.set_override(key, val, 'cinder_client') CONF.set_override(key, val, 'cinder_client')
ks_client = keystone.KeystoneClientV3(self.ctx) ks_client = keystone.KeystoneClientV3(self.ctx)
self.assertRaises(exception.InvalidParameterValue, self.assertRaises(exception.InvalidParameterValue,
ks_client.get_validate_region_name, val) ks_client.get_validate_region_name, val)