diff --git a/tripleoclient/tests/test_utils.py b/tripleoclient/tests/test_utils.py index f3af42c50..27eec8270 100644 --- a/tripleoclient/tests/test_utils.py +++ b/tripleoclient/tests/test_utils.py @@ -27,132 +27,6 @@ from tripleoclient.tests.v1.utils import ( from tripleoclient import utils -class TestPasswordsUtil(TestCase): - - @mock.patch("os.path.isfile", return_value=False) - @mock.patch("passlib.utils.generate_password", - return_value="PASSWORD") - @mock.patch("tripleoclient.utils.create_cephx_key", - return_value="CEPHX_KEY") - @mock.patch("tripleoclient.utils.create_keystone_credential", - return_value="PASSWORD") - def test_generate_passwords(self, create_keystone_creds_mock, - create_cephx_key_mock, generate_password_mock, - isfile_mock): - - mock_open = mock.mock_open() - - with mock.patch('six.moves.builtins.open', mock_open): - passwords = utils.generate_overcloud_passwords( - create_password_file=True) - mock_calls = [ - mock.call('NEUTRON_METADATA_PROXY_SHARED_SECRET=PASSWORD\n'), - mock.call('OVERCLOUD_ADMIN_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_ADMIN_TOKEN=PASSWORD\n'), - mock.call('OVERCLOUD_AODH_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_BARBICAN_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_CEILOMETER_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_CEILOMETER_SECRET=PASSWORD\n'), - mock.call('OVERCLOUD_CEPH_ADMIN_KEY=CEPHX_KEY\n'), - mock.call('OVERCLOUD_CEPH_CLIENT_KEY=CEPHX_KEY\n'), - mock.call('OVERCLOUD_CEPH_MON_KEY=CEPHX_KEY\n'), - mock.call('OVERCLOUD_CEPH_RGW_KEY=CEPHX_KEY\n'), - mock.call('OVERCLOUD_CINDER_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_DEMO_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_GLANCE_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_GNOCCHI_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_HAPROXY_STATS_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_HEAT_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n'), - mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n'), - mock.call('OVERCLOUD_MANILA_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_NEUTRON_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_NOVA_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_RABBITMQ_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_REDIS_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_SAHARA_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_SWIFT_HASH=PASSWORD\n'), - mock.call('OVERCLOUD_SWIFT_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_TROVE_PASSWORD=PASSWORD\n'), - mock.call('OVERCLOUD_ZAQAR_PASSWORD=PASSWORD\n'), - ] - self.assertEqual(sorted(mock_open().write.mock_calls), mock_calls) - self.assertEqual(generate_password_mock.call_count + - create_keystone_creds_mock.call_count + - create_cephx_key_mock.call_count, len(mock_calls)) - - self.assertEqual(len(passwords), len(mock_calls)) - - def test_generate_passwords_update(self): - - mock_open = mock.mock_open() - - with mock.patch('six.moves.builtins.open', mock_open): - with self.assertRaises(exceptions.PasswordFileNotFound): - utils.generate_overcloud_passwords() - - @mock.patch("os.path.isfile", return_value=True) - @mock.patch("passlib.utils.generate_password", - return_value="PASSWORD") - @mock.patch("tripleoclient.utils.create_cephx_key", - return_value="CEPHX_KEY") - @mock.patch("tripleoclient.utils.create_keystone_credential", - return_value="PASSWORD") - def test_load_passwords(self, create_keystone_creds_mock, - create_cephx_key_mock, generate_password_mock, - isfile_mock): - PASSWORDS = [ - 'OVERCLOUD_ADMIN_PASSWORD=PASSWORD\n', - 'OVERCLOUD_ADMIN_TOKEN=PASSWORD\n', - 'OVERCLOUD_AODH_PASSWORD=PASSWORD\n', - 'OVERCLOUD_BARBICAN_PASSWORD=PASSWORD\n', - 'OVERCLOUD_CEILOMETER_PASSWORD=PASSWORD\n', - 'OVERCLOUD_CEILOMETER_SECRET=PASSWORD\n', - 'OVERCLOUD_CEPH_ADMIN_KEY=CEPHX_KEY\n', - 'OVERCLOUD_CEPH_CLIENT_KEY=CEPHX_KEY\n', - 'OVERCLOUD_CEPH_MON_KEY=CEPHX_KEY\n', - 'OVERCLOUD_CEPH_RGW_KEY=CEPHX_KEY\n', - 'OVERCLOUD_CINDER_PASSWORD=PASSWORD\n', - 'OVERCLOUD_DEMO_PASSWORD=PASSWORD\n', - 'OVERCLOUD_GLANCE_PASSWORD=PASSWORD\n', - 'OVERCLOUD_GNOCCHI_PASSWORD=PASSWORD\n', - 'OVERCLOUD_HAPROXY_STATS_PASSWORD=PASSWORD\n', - 'OVERCLOUD_HEAT_PASSWORD=PASSWORD\n', - 'OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n', - 'OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n', - 'OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n', - 'OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n', - 'OVERCLOUD_MANILA_PASSWORD=PASSWORD\n', - 'OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n', - 'OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n', - 'OVERCLOUD_NEUTRON_PASSWORD=PASSWORD\n', - 'OVERCLOUD_NOVA_PASSWORD=PASSWORD\n', - 'OVERCLOUD_RABBITMQ_PASSWORD=PASSWORD\n', - 'OVERCLOUD_REDIS_PASSWORD=PASSWORD\n', - 'OVERCLOUD_SAHARA_PASSWORD=PASSWORD\n', - 'OVERCLOUD_SWIFT_HASH=PASSWORD\n', - 'OVERCLOUD_SWIFT_PASSWORD=PASSWORD\n', - 'OVERCLOUD_TROVE_PASSWORD=PASSWORD\n', - 'OVERCLOUD_ZAQAR_PASSWORD=PASSWORD\n', - 'NEUTRON_METADATA_PROXY_SHARED_SECRET=PASSWORD\n', - ] - mock_open = mock.mock_open(read_data=''.join(PASSWORDS)) - mock_open.return_value.__iter__ = lambda self: self - mock_open.return_value.__next__ = lambda self: self.readline() - - with mock.patch('six.moves.builtins.open', mock_open): - passwords = utils.generate_overcloud_passwords() - - generate_password_mock.assert_not_called() - self.assertEqual(len(passwords), len(PASSWORDS)) - for name in utils._PASSWORD_NAMES: - self.assertEqual('PASSWORD', passwords[name]) - - class TestCheckHypervisorUtil(TestCase): def test_check_hypervisor_stats(self): @@ -460,9 +334,11 @@ class TestCreateOvercloudRC(TestCase): tempdir = tempfile.mkdtemp() rcfile = os.path.join(tempdir, 'teststackrc') rcfile_v3 = os.path.join(tempdir, 'teststackrc.v3') + mock_clients = mock.Mock() try: - utils.create_overcloudrc(stack=stack, + utils.create_overcloudrc(clients=mock_clients, + stack=stack, no_proxy='127.0.0.1', config_directory=tempdir) rc = open(rcfile, 'rt').read() diff --git a/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py b/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py index 0ee439b1c..7a9a3faad 100644 --- a/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py +++ b/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py @@ -499,11 +499,9 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): mock_create_tempest_deployer_input.assert_called_with() - @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' - 'set_overcloud_passwords', autospec=True) @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' '_deploy_tripleo_heat_templates', autospec=True) - def test_missing_sat_url(self, mock_deploy_tht, mock_set_ov_passwords): + def test_missing_sat_url(self, mock_deploy_tht): arglist = ['--templates', '--rhel-reg', '--reg-method', 'satellite', '--reg-org', '123456789', @@ -635,8 +633,6 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): @mock.patch('tripleoclient.utils.create_tempest_deployer_input', autospec=True) - @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' - 'set_overcloud_passwords', autospec=True) @mock.patch('tripleoclient.utils.create_overcloudrc', autospec=True) @mock.patch('tripleoclient.utils.get_overcloud_endpoint', autospec=True) @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' @@ -645,7 +641,6 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): def test_rhel_reg_params_provided(self, mock_copytree, mock_deploy_tht, mock_oc_endpoint, mock_create_ocrc, - mock_set_oc_passwords, mock_create_tempest_deployer_input): arglist = ['--templates', '--rhel-reg', @@ -950,8 +945,6 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): @mock.patch('tripleoclient.utils.create_tempest_deployer_input', autospec=True) - @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' - 'set_overcloud_passwords', autospec=True) @mock.patch('tripleoclient.utils.create_overcloudrc', autospec=True) @mock.patch('tripleoclient.utils.get_overcloud_endpoint', autospec=True) @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' @@ -959,7 +952,6 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): def test_dry_run(self, mock_deploy_tht, mock_oc_endpoint, mock_create_ocrc, - mock_set_ov_passwords, mock_create_tempest_deployer_input): arglist = ['--templates', '--dry-run'] @@ -985,13 +977,10 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): @mock.patch('tripleoclient.utils.get_overcloud_endpoint', autospec=True) @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' '_heat_deploy', autospec=True) - @mock.patch('tripleoclient.v1.overcloud_deploy.DeployOvercloud.' - 'set_overcloud_passwords', autospec=True) @mock.patch('shutil.copytree', autospec=True) @mock.patch('tempfile.mkdtemp', autospec=True) @mock.patch('shutil.rmtree', autospec=True) def test_answers_file(self, mock_rmtree, mock_tmpdir, mock_copy, - mock_set_overcloud_passwords, mock_heat_deploy, mock_oc_endpoint, mock_create_ocrc, diff --git a/tripleoclient/tests/v1/utils.py b/tripleoclient/tests/v1/utils.py index 52810b6aa..2d37aec8b 100644 --- a/tripleoclient/tests/v1/utils.py +++ b/tripleoclient/tests/v1/utils.py @@ -13,11 +13,40 @@ # under the License. # -from tripleoclient import utils +_EXISTING_PASSWORDS = ( + 'MistralPassword', + 'BarbicanPassword', + 'AdminPassword', + 'CeilometerMeteringSecret', + 'ZaqarPassword', + 'NovaPassword', + 'IronicPassword', + 'RedisPassword', + 'SaharaPassword', + 'AdminToken', + 'CinderPassword', + 'GlancePassword', + 'RabbitPassword', + 'CephAdminKey', + 'HAProxyStatsPassword', + 'TrovePassword', + 'CeilometerPassword', + 'GnocchiPassword', + 'HeatStackDomainAdminPassword', + 'CephRgwKey', + 'AodhPassword', + 'ManilaPassword', + 'NeutronMetadataProxySharedSecret', + 'CephMonKey', + 'SwiftHashSuffix', + 'SnmpdReadonlyUserPassword', + 'SwiftPassword', + 'HeatPassword', + 'MysqlClustercheckPassword', + 'CephClientKey', + 'NeutronPassword', +) -def generate_overcloud_passwords_mock(): - passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES + \ - utils._KEYSTONE_CREDENTIALS_NAME - - return dict((password, 'password') for password in passwords) +def generate_overcloud_passwords_mock(*args): + return dict((password, 'password') for password in _EXISTING_PASSWORDS) diff --git a/tripleoclient/utils.py b/tripleoclient/utils.py index a3b85402f..6ae80aecc 100644 --- a/tripleoclient/utils.py +++ b/tripleoclient/utils.py @@ -21,13 +21,13 @@ import json import logging import os import os.path -import passlib.utils as passutils import six import socket import struct import subprocess import sys import time +import uuid import yaml from heatclient.common import event_utils @@ -37,91 +37,20 @@ from six.moves import configparser from six.moves import urllib from tripleoclient import exceptions - -_MIN_PASSWORD_SIZE = 25 -_PASSWORD_NAMES = ( - "OVERCLOUD_ADMIN_PASSWORD", - "OVERCLOUD_ADMIN_TOKEN", - "OVERCLOUD_AODH_PASSWORD", - "OVERCLOUD_BARBICAN_PASSWORD", - "OVERCLOUD_CEILOMETER_PASSWORD", - "OVERCLOUD_CEILOMETER_SECRET", - "OVERCLOUD_CINDER_PASSWORD", - "OVERCLOUD_DEMO_PASSWORD", - "OVERCLOUD_GLANCE_PASSWORD", - "OVERCLOUD_GNOCCHI_PASSWORD", - "OVERCLOUD_HAPROXY_STATS_PASSWORD", - "OVERCLOUD_HEAT_PASSWORD", - "OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD", - "OVERCLOUD_IRONIC_PASSWORD", - "OVERCLOUD_MANILA_PASSWORD", - "OVERCLOUD_MISTRAL_PASSWORD", - "OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD", - "OVERCLOUD_NEUTRON_PASSWORD", - "OVERCLOUD_NOVA_PASSWORD", - "OVERCLOUD_RABBITMQ_PASSWORD", - "OVERCLOUD_REDIS_PASSWORD", - "OVERCLOUD_SAHARA_PASSWORD", - "OVERCLOUD_SWIFT_HASH", - "OVERCLOUD_SWIFT_PASSWORD", - "OVERCLOUD_TROVE_PASSWORD", - "OVERCLOUD_ZAQAR_PASSWORD", - "NEUTRON_METADATA_PROXY_SHARED_SECRET" -) -_CEPH_PASSWORD_NAMES = ( - "OVERCLOUD_CEPH_MON_KEY", - "OVERCLOUD_CEPH_ADMIN_KEY", - "OVERCLOUD_CEPH_CLIENT_KEY", - "OVERCLOUD_CEPH_RGW_KEY" -) - -_KEYSTONE_CREDENTIALS_NAME = ( - "OVERCLOUD_KEYSTONE_CREDENTIALS_0", - "OVERCLOUD_KEYSTONE_CREDENTIALS_1" -) +from tripleoclient.workflows import parameters -def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords", - create_password_file=False): - """Create the passwords needed for the overcloud +def generate_overcloud_passwords(clients, plan_name): + """Retrieve passwords needed for the overcloud - This will create the set of passwords required by the overcloud, store - them in the output file path and return a dictionary of passwords. If the - file already exists the existing passwords will be returned instead, + This will retrieve the set of passwords required by the overcloud stored + in the deployment plan and accessible via a workflow. """ - - log = logging.getLogger(__name__ + ".generate_overcloud_passwords") - - log.debug("Using password file: {0}".format(os.path.abspath(output_file))) - - passwords = {} - if os.path.isfile(output_file): - with open(output_file) as f: - passwords = dict(line.split('=', 1) - for line in f.read().splitlines()) - elif not create_password_file: - raise exceptions.PasswordFileNotFound( - "The password file could not be found!") - - for name in _PASSWORD_NAMES: - if not passwords.get(name): - passwords[name] = passutils.generate_password( - size=_MIN_PASSWORD_SIZE) - - # CephX keys aren't random strings - for name in _CEPH_PASSWORD_NAMES: - if not passwords.get(name): - passwords[name] = create_cephx_key() - - for name in _KEYSTONE_CREDENTIALS_NAME: - if not passwords.get(name): - passwords[name] = create_keystone_credential() - - with open(output_file, 'w') as f: - for name, password in passwords.items(): - f.write("{0}={1}\n".format(name, password)) - - return passwords + workflow_input = { + "container": plan_name, + "queue_name": str(uuid.uuid4()), + } + return parameters.get_overcloud_passwords(clients, **workflow_input) def bracket_ipv6(address): @@ -151,7 +80,7 @@ def unbracket_ipv6(address): return address -def create_overcloudrc(stack, no_proxy, config_directory='.'): +def create_overcloudrc(clients, stack, no_proxy, config_directory='.'): """Given proxy settings and stack, create the overcloudrc stack: Heat stack containing the deployed overcloud @@ -176,7 +105,8 @@ def create_overcloudrc(stack, no_proxy, config_directory='.'): 'SSLContext object is not available"'), } rc_params.update({ - 'OS_PASSWORD': get_password('OVERCLOUD_ADMIN_PASSWORD'), + 'OS_PASSWORD': get_password(clients, stack.stack_name, + 'AdminPassword'), 'OS_AUTH_URL': overcloud_endpoint, }) @@ -502,14 +432,14 @@ def get_endpoint(key, stack): __password_cache = None -def get_password(pass_name): - """Retrieve a password by name, such as 'OVERCLOUD_ADMIN_PASSWORD'. +def get_password(clients, plan_name, pass_name): + """Retrieve a password by name, such as 'AdminPassword'. Raises KeyError if password does not exist. """ global __password_cache if __password_cache is None: - __password_cache = generate_overcloud_passwords() + __password_cache = generate_overcloud_passwords(clients, plan_name) return __password_cache[pass_name] diff --git a/tripleoclient/v1/overcloud_deploy.py b/tripleoclient/v1/overcloud_deploy.py index a2032bc14..6389c494a 100644 --- a/tripleoclient/v1/overcloud_deploy.py +++ b/tripleoclient/v1/overcloud_deploy.py @@ -55,78 +55,11 @@ class DeployOvercloud(command.Command): predeploy_errors = 0 predeploy_warnings = 0 - def set_overcloud_passwords(self, stack_is_new, parameters): - """Add passwords to the parameters dictionary - - :param parameters: A dictionary for the passwords to be added to - :type parameters: dict - """ - - undercloud_ceilometer_snmpd_password = utils.get_config_value( - "auth", "undercloud_ceilometer_snmpd_password") - if not undercloud_ceilometer_snmpd_password: - self.log.warning("Undercloud ceilometer SNMPd password missing!") - - passwords = utils.generate_overcloud_passwords( - create_password_file=stack_is_new) - - ceilometer_pass = passwords['OVERCLOUD_CEILOMETER_PASSWORD'] - ceilometer_secret = passwords['OVERCLOUD_CEILOMETER_SECRET'] - parameters['AdminPassword'] = passwords['OVERCLOUD_ADMIN_PASSWORD'] - parameters['AdminToken'] = passwords['OVERCLOUD_ADMIN_TOKEN'] - parameters['AodhPassword'] = passwords['OVERCLOUD_AODH_PASSWORD'] - parameters['BarbicanPassword'] = ( - passwords['OVERCLOUD_BARBICAN_PASSWORD']) - parameters['CeilometerPassword'] = ceilometer_pass - parameters['CeilometerMeteringSecret'] = ceilometer_secret - parameters['CinderPassword'] = passwords[ - 'OVERCLOUD_CINDER_PASSWORD'] - parameters['GlancePassword'] = passwords[ - 'OVERCLOUD_GLANCE_PASSWORD'] - parameters['GnocchiPassword'] = passwords['OVERCLOUD_GNOCCHI_PASSWORD'] - parameters['HAProxyStatsPassword'] = passwords[ - 'OVERCLOUD_HAPROXY_STATS_PASSWORD'] - parameters['HeatPassword'] = passwords['OVERCLOUD_HEAT_PASSWORD'] - parameters['HeatStackDomainAdminPassword'] = passwords[ - 'OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD'] - parameters['IronicPassword'] = passwords['OVERCLOUD_IRONIC_PASSWORD'] - parameters['MistralPassword'] = passwords['OVERCLOUD_MISTRAL_PASSWORD'] - parameters['MysqlClustercheckPassword'] = passwords[ - 'OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD'] - parameters['NeutronPassword'] = passwords[ - 'OVERCLOUD_NEUTRON_PASSWORD'] - parameters['NovaPassword'] = passwords['OVERCLOUD_NOVA_PASSWORD'] - parameters['RabbitPassword'] = passwords['OVERCLOUD_RABBITMQ_PASSWORD'] - parameters['RedisPassword'] = passwords['OVERCLOUD_REDIS_PASSWORD'] - parameters['SaharaPassword'] = ( - passwords['OVERCLOUD_SAHARA_PASSWORD']) - parameters['SwiftHashSuffix'] = passwords['OVERCLOUD_SWIFT_HASH'] - parameters['SwiftPassword'] = passwords['OVERCLOUD_SWIFT_PASSWORD'] - parameters['SnmpdReadonlyUserPassword'] = ( - undercloud_ceilometer_snmpd_password) - parameters['TrovePassword'] = ( - passwords['OVERCLOUD_TROVE_PASSWORD']) - parameters['ZaqarPassword'] = passwords['OVERCLOUD_ZAQAR_PASSWORD'] - parameters['ManilaPassword'] = passwords['OVERCLOUD_MANILA_PASSWORD'] - parameters['NeutronMetadataProxySharedSecret'] = ( - passwords['NEUTRON_METADATA_PROXY_SHARED_SECRET']) - parameters['CephMonKey'] = passwords['OVERCLOUD_CEPH_MON_KEY'] - parameters['CephAdminKey'] = passwords['OVERCLOUD_CEPH_ADMIN_KEY'] - parameters['CephClientKey'] = passwords['OVERCLOUD_CEPH_CLIENT_KEY'] - parameters['CephRgwKey'] = passwords['OVERCLOUD_CEPH_RGW_KEY'] - parameters['KeystoneCredential0'] = passwords[ - 'OVERCLOUD_KEYSTONE_CREDENTIALS_0'] - parameters['KeystoneCredential1'] = passwords[ - 'OVERCLOUD_KEYSTONE_CREDENTIALS_1'] - def _update_parameters(self, args, network_client, stack): parameters = {} stack_is_new = stack is None - self.log.debug("Generating overcloud passwords") - self.set_overcloud_passwords(stack_is_new, parameters) - timestamp = int(time.time()) parameters['DeployIdentifier'] = timestamp parameters['UpdateIdentifier'] = '' @@ -578,7 +511,7 @@ class DeployOvercloud(command.Command): keystone_client = clients.get_keystone_client( 'admin', - utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), + utils.get_password(stack.stack_name, 'AdminPassword'), 'admin', overcloud_endpoint) @@ -616,11 +549,13 @@ class DeployOvercloud(command.Command): admin_port = endpoint_map.get('KeystoneAdmin').get('port') internal_port = endpoint_map.get( 'KeystoneInternal').get('port') + + # TODO(rbrady): check usages of get_password keystone.initialize( keystone_admin_ip, - utils.get_password('OVERCLOUD_ADMIN_TOKEN'), + utils.get_password(stack.stack_name, 'AdminToken'), 'admin@example.com', - utils.get_password('OVERCLOUD_ADMIN_PASSWORD'), + utils.get_password(stack.stack_name, 'AdminPassword'), ssl=keystone_tls_host, public=overcloud_ip_or_fqdn, user=parsed_args.overcloud_ssh_user, @@ -670,8 +605,8 @@ class DeployOvercloud(command.Command): service_data = {} password_field = data.get('password_field') if password_field: - service_data['password'] = utils.get_password( - password_field) + service_data['password'] = utils.get_password(stack.stack_name, + password_field) # Set internal endpoint service_name_internal = self._format_endpoint_name(service, 'internal') @@ -1226,7 +1161,7 @@ class DeployOvercloud(command.Command): # Force fetching of attributes stack.get() - utils.create_overcloudrc(stack, parsed_args.no_proxy) + utils.create_overcloudrc(clients, stack, parsed_args.no_proxy) utils.create_tempest_deployer_input() # Run postconfig on create or force. Use force to makes sure endpoints diff --git a/tripleoclient/workflows/parameters.py b/tripleoclient/workflows/parameters.py index 518837982..5b9c0b9b0 100644 --- a/tripleoclient/workflows/parameters.py +++ b/tripleoclient/workflows/parameters.py @@ -21,3 +21,27 @@ def update_parameters(workflow_client, **input_): def reset_parameters(workflow_client, **input_): return base.call_action(workflow_client, 'tripleo.parameters.reset', **input_) + + +def get_overcloud_passwords(clients, **workflow_input): + """Retrieves overcloud passwords from a plan via a workflow + + :param clients: + :param workflow_input: + :return: + """ + + workflow_client = clients.workflow_engine + tripleoclients = clients.tripleoclient + queue_name = workflow_input['queue_name'] + + execution = base.start_workflow( + workflow_client, + 'tripleo.plan_management.v1.get_passwords', + workflow_input=workflow_input + ) + + with tripleoclients.messaging_websocket(queue_name) as ws: + message = ws.wait_for_message(execution.id) + assert message['status'] == "SUCCESS" + return message['message']