Adding "region and endpoint_type" parameters to barbican_acl.py

When requesting for a barbican client, this change lets you filter based on
region and endpoint_type.

Conflicts:
	etc/octavia.conf

Change-Id: Ib4b9b75027443177c039f60f99822b9b3d021b8a
This commit is contained in:
Aishwarya Thangappa 2016-01-23 02:27:46 -07:00
parent 25bcbc1cc1
commit c887461f61
4 changed files with 29 additions and 4 deletions

View File

@ -81,6 +81,12 @@
# cert_manager = barbican_cert_manager
# For Barbican authentication (if using any Barbican based cert class)
# barbican_auth = barbican_acl_auth
#
# Region in Identity service catalog to use for communication with the Barbican service.
# region_name =
#
# Endpoint type to use for communication with the Barbican service.
# endpoint_type = publicURL
[anchor]

View File

@ -17,6 +17,7 @@
Barbican ACL auth class for Barbican certificate handling
"""
from barbicanclient import client as barbican_client
from oslo_config import cfg
from oslo_log import log as logging
from oslo_utils import excutils
@ -27,6 +28,9 @@ from octavia.i18n import _LE
LOG = logging.getLogger(__name__)
CONF = cfg.CONF
CONF.import_group('certificates', 'octavia.common.config')
class BarbicanACLAuth(barbican_common.BarbicanAuth):
_barbican_client = None
@ -36,7 +40,9 @@ class BarbicanACLAuth(barbican_common.BarbicanAuth):
if not cls._barbican_client:
try:
cls._barbican_client = barbican_client.Client(
session=keystone.get_session()
session=keystone.get_session(),
region_name=CONF.certificates.region_name,
interface=CONF.certificates.endpoint_type
)
except Exception:
with excutils.save_and_reraise_exception():

View File

@ -284,7 +284,13 @@ certificate_opts = [
help='Name of the cert generator to use'),
cfg.StrOpt('barbican_auth',
default='barbican_acl_auth',
help='Name of the Barbican authentication method to use')
help='Name of the Barbican authentication method to use'),
cfg.StrOpt('region_name',
help='Region in Identity service catalog to use for '
'communication with the barbican service.'),
cfg.StrOpt('endpoint_type',
default='publicURL',
help='The endpoint_type to be used for barbican service.')
]
house_keeping_opts = [

View File

@ -14,19 +14,26 @@
from barbicanclient import client as barbican_client
import mock
from oslo_config import cfg
import octavia.certificates.common.auth.barbican_acl as barbican_acl
import octavia.certificates.manager.barbican as barbican_cert_mgr
from octavia.common import keystone
import octavia.tests.unit.base as base
CONF = cfg.CONF
CONF.import_group('certificates', 'octavia.common.config')
class TestBarbicanACLAuth(base.TestCase):
def setUp(self):
# Reset the client
keystone._SESSION = None
CONF.set_override(name='region_name', override=None,
group='certificates')
CONF.set_override(name='endpoint_type', override='publicURL',
group='certificates')
super(TestBarbicanACLAuth, self).setUp()
def test_get_barbican_client(self):
@ -51,4 +58,4 @@ class TestBarbicanACLAuth(base.TestCase):
def test_load_auth_driver(self):
bcm = barbican_cert_mgr.BarbicanCertManager()
self.assertTrue(isinstance(bcm.auth, barbican_acl.BarbicanACLAuth))
self.assertIsInstance(bcm.auth, barbican_acl.BarbicanACLAuth)