Keystone credentials needs to be set with the overcloud password

While working on upgrade Mitaka to newton we hit this issue https://bugs.launchpad.net/tripleo/+bug/1626422 It appear that the keystone credentials needs to be generated and store with the overcloud password only once Change-Id: I15888f31c6b275ac785107bb95256296fd67487f Closes-Bug: #1626422
2016-09-22 16:54:45 +02:00 · 2016-09-22 16:54:45 +02:00 · 13620fc4ff
parent 8b0501c72c
commit 13620fc4ff
5 changed files with 37 additions and 14 deletions
--- a/tripleoclient/tests/test_utils.py
+++ b/tripleoclient/tests/test_utils.py
@ -33,8 +33,11 @@ class TestPasswordsUtil(TestCase):
                return_value="PASSWORD")
    @mock.patch("tripleoclient.utils.create_cephx_key",
                return_value="CEPHX_KEY")
-    def test_generate_passwords(self, create_cephx_key_mock,
-                                generate_password_mock, isfile_mock):
+    @mock.patch("tripleoclient.utils.create_keystone_credential",
+                return_value="PASSWORD")
+    def test_generate_passwords(self, create_keystone_creds_mock,
+                                create_cephx_key_mock, generate_password_mock,
+                                isfile_mock):

        mock_open = mock.mock_open()

@ -61,6 +64,8 @@ class TestPasswordsUtil(TestCase):
            mock.call('OVERCLOUD_HEAT_PASSWORD=PASSWORD\n'),
            mock.call('OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n'),
            mock.call('OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n'),
+            mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n'),
+            mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n'),
            mock.call('OVERCLOUD_MANILA_PASSWORD=PASSWORD\n'),
            mock.call('OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n'),
            mock.call('OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n'),
@ -76,6 +81,7 @@ class TestPasswordsUtil(TestCase):
        ]
        self.assertEqual(sorted(mock_open().write.mock_calls), mock_calls)
        self.assertEqual(generate_password_mock.call_count +
+                         create_keystone_creds_mock.call_count +
                         create_cephx_key_mock.call_count, len(mock_calls))

        self.assertEqual(len(passwords), len(mock_calls))
@ -93,8 +99,11 @@ class TestPasswordsUtil(TestCase):
                return_value="PASSWORD")
    @mock.patch("tripleoclient.utils.create_cephx_key",
                return_value="CEPHX_KEY")
-    def test_load_passwords(self, create_cephx_key_mock,
-                            generate_password_mock, isfile_mock):
+    @mock.patch("tripleoclient.utils.create_keystone_credential",
+                return_value="PASSWORD")
+    def test_load_passwords(self, create_keystone_creds_mock,
+                            create_cephx_key_mock, generate_password_mock,
+                            isfile_mock):
        PASSWORDS = [
            'OVERCLOUD_ADMIN_PASSWORD=PASSWORD\n',
            'OVERCLOUD_ADMIN_TOKEN=PASSWORD\n',
@ -114,6 +123,8 @@ class TestPasswordsUtil(TestCase):
            'OVERCLOUD_HEAT_PASSWORD=PASSWORD\n',
            'OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n',
            'OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n',
+            'OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n',
+            'OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n',
            'OVERCLOUD_MANILA_PASSWORD=PASSWORD\n',
            'OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n',
            'OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n',
--- a/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py
+++ b/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py
@ -176,8 +176,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
            'HypervisorNeutronPhysicalBridge': 'br-ex',
            'HypervisorNeutronPublicInterface': 'nic1',
            'IronicPassword': 'password',
-            'KeystoneCredential0': 'key',
-            'KeystoneCredential1': 'key',
+            'KeystoneCredential0': 'password',
+            'KeystoneCredential1': 'password',
            'ManilaPassword': 'password',
            'MistralPassword': 'password',
            'MysqlClustercheckPassword': 'password',
@ -349,8 +349,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
            'HypervisorNeutronPhysicalBridge': 'br-ex',
            'HypervisorNeutronPublicInterface': 'nic1',
            'IronicPassword': 'password',
-            'KeystoneCredential0': 'key',
-            'KeystoneCredential1': 'key',
+            'KeystoneCredential0': 'password',
+            'KeystoneCredential1': 'password',
            'ManilaPassword': 'password',
            'MistralPassword': 'password',
            'MysqlClustercheckPassword': 'password',
@ -1286,8 +1286,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud):
            'HypervisorNeutronPhysicalBridge': 'br-ex',
            'HypervisorNeutronPublicInterface': 'nic1',
            'IronicPassword': 'password',
-            'KeystoneCredential0': 'key',
-            'KeystoneCredential1': 'key',
+            'KeystoneCredential0': 'password',
+            'KeystoneCredential1': 'password',
            'ManilaPassword': 'password',
            'MistralPassword': 'password',
            'MysqlClustercheckPassword': 'password',
--- a/tripleoclient/tests/v1/utils.py
+++ b/tripleoclient/tests/v1/utils.py
@ -17,6 +17,7 @@ from tripleoclient import utils


 def generate_overcloud_passwords_mock():
-    passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES
+    passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES + \
+        utils._KEYSTONE_CREDENTIALS_NAME

    return dict((password, 'password') for password in passwords)
--- a/tripleoclient/utils.py
+++ b/tripleoclient/utils.py
@ -75,6 +75,11 @@ _CEPH_PASSWORD_NAMES = (
    "OVERCLOUD_CEPH_RGW_KEY"
 )

+_KEYSTONE_CREDENTIALS_NAME = (
+    "OVERCLOUD_KEYSTONE_CREDENTIALS_0",
+    "OVERCLOUD_KEYSTONE_CREDENTIALS_1"
+)
+

 def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords",
                                 create_password_file=False):
@ -108,6 +113,10 @@ def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords",
        if not passwords.get(name):
            passwords[name] = create_cephx_key()

+    for name in _KEYSTONE_CREDENTIALS_NAME:
+        if not passwords.get(name):
+            passwords[name] = create_keystone_credential()
+
    with open(output_file, 'w') as f:
        for name, password in passwords.items():
            f.write("{0}={1}\n".format(name, password))
--- a/tripleoclient/v1/overcloud_deploy.py
+++ b/tripleoclient/v1/overcloud_deploy.py
@ -112,6 +112,10 @@ class DeployOvercloud(command.Command):
        parameters['CephAdminKey'] = passwords['OVERCLOUD_CEPH_ADMIN_KEY']
        parameters['CephClientKey'] = passwords['OVERCLOUD_CEPH_CLIENT_KEY']
        parameters['CephRgwKey'] = passwords['OVERCLOUD_CEPH_RGW_KEY']
+        parameters['KeystoneCredential0'] = passwords[
+            'OVERCLOUD_KEYSTONE_CREDENTIALS_0']
+        parameters['KeystoneCredential1'] = passwords[
+            'OVERCLOUD_KEYSTONE_CREDENTIALS_1']

    def _update_parameters(self, args, network_client, stack):
        parameters = {}
@ -189,9 +193,7 @@ class DeployOvercloud(command.Command):

        if stack_is_new:
            parameters.update({
-                'CephClusterFSID': six.text_type(uuid.uuid1()),
-                'KeystoneCredential0': utils.create_keystone_credential(),
-                'KeystoneCredential1': utils.create_keystone_credential()})
+                'CephClusterFSID': six.text_type(uuid.uuid1())})

        return parameters