Enable endpoint filter parameters for the CLI
Currently the barbican client library can take parameters necessary for keystone to give a proper endpoint given certain options. these options could be 'service type', 'service name', 'region name', 'interface' and 'version'. These options, however, were not available from the CLI. So the user would be stuck with the default options; which are not really useful if you're trying to access the barbican instance from another region. This CR enables such options for the CLI also. Change-Id: I66f9ec4d1330297c11bad0336decef5465a80cc3
This commit is contained in:
parent
8cebffdffb
commit
d6ae7b064d
|
@ -121,6 +121,7 @@ class Barbican(app.App):
|
|||
|
||||
def create_client(self, args):
|
||||
created_client = None
|
||||
endpoint_filter_kwargs = self._get_endpoint_filter_kwargs(args)
|
||||
|
||||
api_version = args.os_identity_api_version
|
||||
if args.no_auth and args.os_auth_url:
|
||||
|
@ -138,7 +139,8 @@ class Barbican(app.App):
|
|||
created_client = client.Client(
|
||||
endpoint=args.endpoint,
|
||||
project_id=args.os_tenant_id or args.os_project_id,
|
||||
verify=not args.insecure
|
||||
verify=not args.insecure,
|
||||
**endpoint_filter_kwargs
|
||||
)
|
||||
# Token-based authentication
|
||||
elif args.os_auth_token:
|
||||
|
@ -153,7 +155,8 @@ class Barbican(app.App):
|
|||
)
|
||||
created_client = client.Client(
|
||||
session=session,
|
||||
endpoint=args.endpoint
|
||||
endpoint=args.endpoint,
|
||||
**endpoint_filter_kwargs
|
||||
)
|
||||
|
||||
# Password-based authentication
|
||||
|
@ -169,13 +172,23 @@ class Barbican(app.App):
|
|||
)
|
||||
created_client = client.Client(
|
||||
session=session,
|
||||
endpoint=args.endpoint
|
||||
endpoint=args.endpoint,
|
||||
**endpoint_filter_kwargs
|
||||
)
|
||||
else:
|
||||
raise Exception('ERROR: please specify authentication credentials')
|
||||
|
||||
return created_client
|
||||
|
||||
def _get_endpoint_filter_kwargs(self, args):
|
||||
endpoint_filter_keys = ('interface', 'service_type', 'service_name',
|
||||
'barbican_api_version', 'region_name')
|
||||
kwargs = dict((key, getattr(args, key)) for key in endpoint_filter_keys
|
||||
if getattr(args, key, None))
|
||||
if 'barbican_api_version' in kwargs:
|
||||
kwargs['version'] = kwargs.pop('barbican_api_version')
|
||||
return kwargs
|
||||
|
||||
def build_option_parser(self, description, version, argparse_kwargs=None):
|
||||
"""Introduces global arguments for the application.
|
||||
This is inherited from the framework.
|
||||
|
@ -252,6 +265,26 @@ class Barbican(app.App):
|
|||
metavar='<barbican-url>',
|
||||
default=client.env('BARBICAN_ENDPOINT'),
|
||||
help='Defaults to env[BARBICAN_ENDPOINT].')
|
||||
parser.add_argument('--interface',
|
||||
metavar='<barbican-interface>',
|
||||
default=client.env('BARBICAN_INTERFACE'),
|
||||
help='Defaults to env[BARBICAN_INTERFACE].')
|
||||
parser.add_argument('--service-type',
|
||||
metavar='<barbican-service-type>',
|
||||
default=client.env('BARBICAN_SERVICE_TYPE'),
|
||||
help='Defaults to env[BARBICAN_SERVICE_TYPE].')
|
||||
parser.add_argument('--service-name',
|
||||
metavar='<barbican-service-name>',
|
||||
default=client.env('BARBICAN_SERVICE_NAME'),
|
||||
help='Defaults to env[BARBICAN_SERVICE_NAME].')
|
||||
parser.add_argument('--region-name',
|
||||
metavar='<barbican-region-name>',
|
||||
default=client.env('BARBICAN_REGION_NAME'),
|
||||
help='Defaults to env[BARBICAN_REGION_NAME].')
|
||||
parser.add_argument('--barbican-api-version',
|
||||
metavar='<barbican-api-version>',
|
||||
default=client.env('BARBICAN_API_VERSION'),
|
||||
help='Defaults to env[BARBICAN_API_VERSION].')
|
||||
session.Session.register_cli_options(parser)
|
||||
return parser
|
||||
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
# limitations under the License.
|
||||
import six
|
||||
|
||||
from barbicanclient import client
|
||||
from barbicanclient import barbican as barb
|
||||
from barbicanclient.tests import keystone_client_fixtures
|
||||
from barbicanclient.tests import test_client
|
||||
|
@ -156,6 +157,39 @@ class WhenTestingBarbicanCLI(test_client.BaseEntityResource):
|
|||
response = barb.main(args)
|
||||
self.assertEqual(1, response)
|
||||
|
||||
def test_default_endpoint_filter_kwargs_set_correctly(self):
|
||||
auth_args = ('--no-auth --endpoint http://barbican_endpoint:9311/v1 '
|
||||
'--os-project-id project1')
|
||||
argv, remainder = self.parser.parse_known_args(auth_args.split())
|
||||
barbican_client = self.barbican.create_client(argv)
|
||||
httpclient = barbican_client.secrets._api
|
||||
|
||||
self.assertEqual(client._DEFAULT_SERVICE_INTERFACE,
|
||||
httpclient.interface)
|
||||
self.assertEqual(client._DEFAULT_SERVICE_TYPE, httpclient.service_type)
|
||||
self.assertEqual(client._DEFAULT_API_VERSION, httpclient.version)
|
||||
self.assertEqual(None, httpclient.service_name)
|
||||
|
||||
def test_endpoint_filter_kwargs_set_correctly(self):
|
||||
from testtools.content import text_content
|
||||
auth_args = ('--no-auth --endpoint http://barbican_endpoint:9311/v1 '
|
||||
'--os-project-id project1')
|
||||
endpoint_filter_args = ('--interface private '
|
||||
'--service-type custom-type '
|
||||
'--service-name Burrbican '
|
||||
'--region-name RegionTwo '
|
||||
'--barbican-api-version v2')
|
||||
args = auth_args + ' ' + endpoint_filter_args
|
||||
argv, remainder = self.parser.parse_known_args(args.split())
|
||||
barbican_client = self.barbican.create_client(argv)
|
||||
httpclient = barbican_client.secrets._api
|
||||
|
||||
self.assertEqual('private', httpclient.interface)
|
||||
self.assertEqual('custom-type', httpclient.service_type)
|
||||
self.assertEqual('Burrbican', httpclient.service_name)
|
||||
self.assertEqual('RegionTwo', httpclient.region_name)
|
||||
self.assertEqual('v2', httpclient.version)
|
||||
|
||||
|
||||
class TestBarbicanWithKeystonePasswordAuth(
|
||||
keystone_client_fixtures.KeystoneClientFixture):
|
||||
|
|
|
@ -20,6 +20,7 @@ from barbicanclient import client
|
|||
from barbicanclient import exceptions
|
||||
from keystoneclient.auth import identity
|
||||
from keystoneclient import session
|
||||
import keystoneclient.openstack.common.apiclient.exceptions as ks_exceptions
|
||||
|
||||
CONF = config.get_config()
|
||||
|
||||
|
@ -70,6 +71,14 @@ class WhenTestingClientConnectivity(BaseTestCase):
|
|||
self.assertRaises(exceptions.HTTPClientError, client.orders.list)
|
||||
self.assertRaises(exceptions.HTTPClientError, client.secrets.list)
|
||||
|
||||
def assert_client_cannot_get_endpoint(self, client):
|
||||
self.assertRaises(ks_exceptions.EndpointNotFound,
|
||||
client.containers.list)
|
||||
self.assertRaises(ks_exceptions.EndpointNotFound,
|
||||
client.orders.list)
|
||||
self.assertRaises(ks_exceptions.EndpointNotFound,
|
||||
client.secrets.list)
|
||||
|
||||
def test_can_access_server_if_endpoint_and_session_specified(self):
|
||||
barbicanclient = client.Client(
|
||||
endpoint=CONF.keymanager.url,
|
||||
|
@ -93,6 +102,71 @@ class WhenTestingClientConnectivity(BaseTestCase):
|
|||
|
||||
self.assert_client_can_contact_barbican(barbicanclient)
|
||||
|
||||
def test_client_can_access_server_if_endpoint_filters_specified(self):
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface=client._DEFAULT_SERVICE_INTERFACE,
|
||||
service_type=client._DEFAULT_SERVICE_TYPE,
|
||||
version=client._DEFAULT_API_VERSION,
|
||||
)
|
||||
|
||||
self.assert_client_can_contact_barbican(barbicanclient)
|
||||
|
||||
def test_client_cannot_access_server_if_endpoint_filter_wrong(self):
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface=client._DEFAULT_SERVICE_INTERFACE,
|
||||
service_type='wrong-service-type',
|
||||
version=client._DEFAULT_API_VERSION,
|
||||
)
|
||||
|
||||
self.assert_client_cannot_get_endpoint(barbicanclient)
|
||||
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface='wrong-interface',
|
||||
service_type=client._DEFAULT_SERVICE_TYPE,
|
||||
version=client._DEFAULT_API_VERSION,
|
||||
)
|
||||
|
||||
self.assert_client_cannot_get_endpoint(barbicanclient)
|
||||
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface=client._DEFAULT_SERVICE_INTERFACE,
|
||||
service_type=client._DEFAULT_SERVICE_TYPE,
|
||||
service_name='wrong-service-name',
|
||||
version=client._DEFAULT_API_VERSION,
|
||||
)
|
||||
|
||||
self.assert_client_cannot_get_endpoint(barbicanclient)
|
||||
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface=client._DEFAULT_SERVICE_INTERFACE,
|
||||
service_type=client._DEFAULT_SERVICE_TYPE,
|
||||
region_name='wrong-region-name',
|
||||
version=client._DEFAULT_API_VERSION,
|
||||
)
|
||||
|
||||
self.assert_client_cannot_get_endpoint(barbicanclient)
|
||||
|
||||
def test_client_cannot_access_server_if_nonexistent_version_specified(self):
|
||||
barbicanclient = client.Client(
|
||||
project_id=CONF.keymanager.project_id,
|
||||
auth=self.auth,
|
||||
interface=client._DEFAULT_SERVICE_INTERFACE,
|
||||
service_type=client._DEFAULT_SERVICE_TYPE,
|
||||
version='wrong-version',
|
||||
)
|
||||
|
||||
self.assertRaises(TypeError, barbicanclient.containers.list)
|
||||
|
||||
def test_client_cannot_access_server_if_nonexistent_version_specified(self):
|
||||
barbicanclient = client.Client(
|
||||
endpoint=CONF.keymanager.url,
|
||||
|
|
Loading…
Reference in New Issue