Only set X-Auth-User, X-Auth-Key on stack create/update.
All heat operations can be performed with only a token. User credentials are required for stack create/update as they are stored for later stack operations. This change prevents credentials unnecessarily being sent over the wire. Change-Id: I5ad18067c5db8ada9994d131e98f27af70a7ca06
This commit is contained in:
parent
9cba3dab02
commit
42592898c3
@ -133,10 +133,6 @@ class HTTPClient(object):
|
||||
kwargs['headers'].setdefault('X-Auth-Token', self.auth_token)
|
||||
if self.auth_url:
|
||||
kwargs['headers'].setdefault('X-Auth-Url', self.auth_url)
|
||||
if self.username:
|
||||
kwargs['headers'].setdefault('X-Auth-User', self.username)
|
||||
if self.password:
|
||||
kwargs['headers'].setdefault('X-Auth-Key', self.password)
|
||||
|
||||
self.log_curl_request(method, url, kwargs)
|
||||
conn = self.get_connection()
|
||||
@ -178,6 +174,12 @@ class HTTPClient(object):
|
||||
|
||||
return resp, body_str
|
||||
|
||||
def credentials_headers(self):
|
||||
return {
|
||||
'X-Auth-User': self.username,
|
||||
'X-Auth-Key': self.password
|
||||
}
|
||||
|
||||
def json_request(self, method, url, **kwargs):
|
||||
kwargs.setdefault('headers', {})
|
||||
kwargs['headers'].setdefault('Content-Type', 'application/json')
|
||||
|
@ -169,8 +169,7 @@ class HeatShell(object):
|
||||
parser.add_argument('-t', '--token-only',
|
||||
default=bool(False),
|
||||
action='store_true',
|
||||
help='Only send a token for auth, do not send'
|
||||
' username and password as well.')
|
||||
help='DEPRECATED! Has no effect')
|
||||
|
||||
return parser
|
||||
|
||||
@ -303,15 +302,13 @@ class HeatShell(object):
|
||||
'ca_file': args.ca_file,
|
||||
'cert_file': args.cert_file,
|
||||
'key_file': args.key_file,
|
||||
'username': args.os_username
|
||||
'username': args.os_username,
|
||||
'password': args.os_password
|
||||
}
|
||||
|
||||
if not endpoint:
|
||||
endpoint = self._get_endpoint(_ksclient, **kwargs)
|
||||
|
||||
if not args.token_only:
|
||||
kwargs['password'] = args.os_password
|
||||
|
||||
client = heatclient.Client(api_version, endpoint, **kwargs)
|
||||
|
||||
try:
|
||||
|
@ -265,7 +265,9 @@ class ShellTest(TestCase):
|
||||
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
|
||||
None)
|
||||
v1client.Client.json_request(
|
||||
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None))
|
||||
'POST', '/stacks', body=mox.IgnoreArg(),
|
||||
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
|
||||
).AndReturn((resp, None))
|
||||
fakes.script_heat_list()
|
||||
|
||||
self.m.ReplayAll()
|
||||
@ -297,7 +299,9 @@ class ShellTest(TestCase):
|
||||
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
|
||||
None)
|
||||
v1client.Client.json_request(
|
||||
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None))
|
||||
'POST', '/stacks', body=mox.IgnoreArg(),
|
||||
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
|
||||
).AndReturn((resp, None))
|
||||
fakes.script_heat_list()
|
||||
|
||||
self.m.ReplayAll()
|
||||
@ -334,7 +338,9 @@ class ShellTest(TestCase):
|
||||
{'location': 'http://no.where/v1/tenant_id/stacks/teststack2/2'},
|
||||
None)
|
||||
v1client.Client.json_request(
|
||||
'POST', '/stacks', body=mox.IgnoreArg()).AndReturn((resp, None))
|
||||
'POST', '/stacks', body=mox.IgnoreArg(),
|
||||
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
|
||||
).AndReturn((resp, None))
|
||||
|
||||
fakes.script_heat_list()
|
||||
|
||||
@ -365,7 +371,9 @@ class ShellTest(TestCase):
|
||||
'The request is accepted for processing.')
|
||||
v1client.Client.json_request(
|
||||
'PUT', '/stacks/teststack2/2',
|
||||
body=mox.IgnoreArg()).AndReturn((resp, None))
|
||||
body=mox.IgnoreArg(),
|
||||
headers={'X-Auth-Key': 'password', 'X-Auth-User': 'username'}
|
||||
).AndReturn((resp, None))
|
||||
fakes.script_heat_list()
|
||||
|
||||
self.m.ReplayAll()
|
||||
|
@ -82,13 +82,16 @@ class StackManager(base.Manager):
|
||||
|
||||
def create(self, **kwargs):
|
||||
"""Create a stack."""
|
||||
resp, body = self.api.json_request('POST', '/stacks', body=kwargs)
|
||||
headers = self.api.credentials_headers()
|
||||
resp, body = self.api.json_request('POST', '/stacks',
|
||||
body=kwargs, headers=headers)
|
||||
|
||||
def update(self, **kwargs):
|
||||
"""Update a stack."""
|
||||
stack_id = kwargs.pop('stack_id')
|
||||
headers = self.api.credentials_headers()
|
||||
resp, body = self.api.json_request('PUT', '/stacks/%s' % stack_id,
|
||||
body=kwargs)
|
||||
body=kwargs, headers=headers)
|
||||
|
||||
def delete(self, stack_id):
|
||||
"""Delete a stack."""
|
||||
|
Loading…
x
Reference in New Issue
Block a user