Restoration of the 'export_passwords' exclusion

The 'tripleoclient.export.export_passwords' function was intended export passwords selectively, if needed, based on provided rules. This patch restores that functionality. Furthermore, tests were adjusted to validate exports with and without filtering. Function level documentation was expanded with information about inputs and outputs. Per suggestion, the loop was adjusted to iterate over generated passwords rather than over `tripleo_common_constants.PASSWORD_PARAMETER_NAMES`. The existing import of tripleo_common.constants was removed, as there were no more references to it. Closes-Bug: #1933237 Signed-off-by: Jiri Podivin <jpodivin@redhat.com> Change-Id: I397caaf314dae17a48d4aeed55f1a5a8e4ae3d41 (cherry picked from commit cc2ac4a855)
2021-06-22 15:27:28 +02:00 · 2021-06-22 15:27:28 +02:00 · 095182c143
parent 750d68e992
commit 095182c143
2 changed files with 51 additions and 30 deletions
--- a/tripleoclient/export.py
+++ b/tripleoclient/export.py
@ -21,7 +21,6 @@ import yaml

 from osc_lib.i18n import _

-from tripleo_common import constants as tripleo_common_constants
 from tripleo_common.utils import plan as plan_utils
 from tripleoclient import constants
 from tripleoclient import utils as oooutils
@ -31,23 +30,35 @@ LOG = logging.getLogger(__name__ + ".utils")


 def export_passwords(heat, stack, excludes=True):
+    """For each password, check if it's excluded, then check if there's a user
+    defined value from parameter_defaults, and if not use the value from the
+    generated passwords.
+    :param heat: tht client
+    :type heat: Client
+    :param stack: stack name for password generator
+    :type stack: string
+    :param excludes: filter the passwords or not, defaults to `True`
+    :type excludes: bool
+    :returns: filtered password dictionary
+    :rtype: dict
+    """

-    # For each password, check if it's excluded, then check if there's a user
-    # defined value from parameter_defaults, and if not use the value from the
-    # generated passwords.
    def exclude_password(password):
        for pattern in constants.EXPORT_PASSWORD_EXCLUDE_PATTERNS:
-            return re.match(pattern, password, re.I)
+            if re.match(pattern, password, re.I):
+                return True

    generated_passwords = plan_utils.generate_passwords(
        heat=heat, container=stack)
-    for password in tripleo_common_constants.PASSWORD_PARAMETER_NAMES:
-        if exclude_password(password):
-            continue
-        if password not in generated_passwords:
-            LOG.warning("No password value found for %s", password)

-    return generated_passwords
+    filtered_passwords = generated_passwords.copy()
+
+    if excludes:
+        for password in generated_passwords:
+            if exclude_password(password):
+                filtered_passwords.pop(password, None)
+
+    return filtered_passwords


 def export_stack(heat, stack, should_filter=False,
--- a/tripleoclient/tests/test_export.py
+++ b/tripleoclient/tests/test_export.py
@ -197,21 +197,9 @@ class TestExport(TestCase):
                'config-download/overcloud/group_vars/overcloud.json'),
            'r')

+    @mock.patch('tripleoclient.export.LOG')
    @mock.patch('tripleo_common.utils.plan.generate_passwords')
-    def test_export_passwords(self, mock_gen_pass):
-        heat = mock.Mock()
-        mock_passwords = {
-            'AdminPassword': 'a_user',
-            'RpcPassword': 'B'}
-        mock_gen_pass.return_value = mock_passwords
-        data = export.export_passwords(heat, 'overcloud')
-
-        self.assertEqual(dict(AdminPassword='a_user',
-                              RpcPassword='B'),
-                         data)
-
-    @mock.patch('tripleo_common.utils.plan.generate_passwords')
-    def test_export_passwords_excludes(self, mock_gen_pass):
+    def test_export_passwords(self, mock_gen_pass, mock_log):
        heat = mock.Mock()
        mock_passwords = {
            'AdminPassword': 'A',
@ -219,14 +207,36 @@ class TestExport(TestCase):
            'CephClientKey': 'cephkey',
            'CephClusterFSID': 'cephkey',
            'CephRgwKey': 'cephkey'}
+
        mock_gen_pass.return_value = mock_passwords
+
+        expected_password_export = mock_passwords.copy()
+        data = export.export_passwords(heat, 'overcloud', False)
+
+        self.assertEqual(
+            expected_password_export,
+            data)
+
+    @mock.patch('tripleoclient.export.LOG')
+    @mock.patch('tripleo_common.utils.plan.generate_passwords')
+    def test_export_passwords_excludes(self, mock_gen_pass, mock_log):
+        heat = mock.Mock()
+        mock_passwords = {
+            'AdminPassword': 'A',
+            'RpcPassword': 'B',
+            'CephClientKey': 'cephkey',
+            'CephClusterFSID': 'cephkey',
+            'CephRgwKey': 'cephkey'}
+
+        mock_gen_pass.return_value = mock_passwords
+
+        expected_password_export = {
+            'AdminPassword': 'A',
+            'RpcPassword': 'B'}
+
        data = export.export_passwords(heat, 'overcloud')

-        mock_passwords.pop('CephClientKey')
-        mock_passwords.pop('CephClusterFSID')
-        mock_passwords.pop('CephRgwKey')
-
-        self.assertEqual(mock_passwords, data)
+        self.assertEqual(expected_password_export, data)

    def test_export_ceph_net_key(self):
        with mock.patch('builtins.open', self.mock_open_ceph_global):