openstack/puppet-nova
Code Issues Proposed changes
Files
0ed626e1461fecc4f443fcd543a99ba945539b1f
puppet-nova/lib/puppet/provider/nova_service/openstack.rb
Takashi Kajinami 0ed626e146 Use system scope credentials in providers 
This change enforces usage of system scope credentials to manage
flavors, aggregates, and services, following the new policy rules for
SRBAC support in nova.

The logic to look up credential for the nova service user from
[keystone_authtoken] is left to keep backward compatibility but is
deprecated and will be removed.

Depends-on: https://review.opendev.org/806474
Depends-on: https://review.opendev.org/828025
Depends-on: https://review.opendev.org/828874
Change-Id: I71779f0f1459d64914589a94a440336386266306
2022-02-21 14:54:47 +00:00

67 lines
1.8 KiB
Ruby
Raw Blame History

require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/nova')
Puppet::Type.type(:nova_service).provide(
:openstack,
:parent => Puppet::Provider::Nova
) do
desc <<-EOT
Provider to manage nova host services
EOT
@credentials = Puppet::Provider::Openstack::CredentialsV3.new
mk_resource_methods
def self.instances
hosts = {}
system_request('compute service', 'list').collect do |host_svc|
hname = host_svc[:host]
if hosts[hname].nil?
hosts[hname] = Hash.new {|h,k| h[k]=[]}
hosts[hname][:ids] = []
hosts[hname][:service_name] = []
end
hosts[hname][:ids] << host_svc[:id]
hosts[hname][:service_name] << host_svc[:binary]
end
hosts.collect do |hname, host|
new(
:ensure => :present,
:name => hname,
:ids => host[:ids],
:service_name => host[:service_name]
)
end
end
def self.prefetch(resources)
instances_ = self.instances
resources.keys.each do |name|
if provider = instances_.find{ |instance| instance.name == name }
resources[name].provider = provider
end
end
end
def exists?
@property_hash[:ensure] == :present
end
def destroy
return unless @property_hash[:ids].kind_of?(Array)
svcname_id_map = @property_hash[:service_name].zip(@property_hash[:ids]) || {}
svcname_id_map.each do |service_name, id|
if (@resource[:service_name].empty? ||
(@resource[:service_name].include? service_name))
self.class.system_request('compute service', 'delete', id)
end
end
@property_hash.clear
end
def create
warning("Nova_service provider can only delete compute services because "\
"of openstackclient limitations.")
end
end
View Git Blame Copy Permalink