From 9307ac5a3a829a9c6b06503c8b713886e7397fdd Mon Sep 17 00:00:00 2001 From: Kevin Carter Date: Tue, 28 Jan 2020 18:15:44 -0600 Subject: [PATCH] Remove mistral workflow to return the ssh private key This change uses the local file system to return the ssh private key which is known to be stored in the working directory or in the users home folder. As the method searchs, it attempts to open the key file to ensure that the calling user has access to the key. In the event of a failure, the updated method will return None, which the calling methods expect. Story: 2007212 Task: 38437 Change-Id: I9c0ae96787e8f361e20b2fe4c77f4bf6e873022e Signed-off-by: Kevin Carter --- tripleoclient/constants.py | 1 + tripleoclient/utils.py | 17 +------- tripleoclient/v1/overcloud_external_update.py | 3 +- .../v1/overcloud_external_upgrade.py | 3 +- tripleoclient/v1/overcloud_ffwd_upgrade.py | 3 +- tripleoclient/v1/overcloud_update.py | 3 +- tripleoclient/v1/overcloud_upgrade.py | 3 +- tripleoclient/workflows/package_update.py | 40 +++++++++++-------- 8 files changed, 31 insertions(+), 42 deletions(-) diff --git a/tripleoclient/constants.py b/tripleoclient/constants.py index 1798e1a4b..213bb0b81 100644 --- a/tripleoclient/constants.py +++ b/tripleoclient/constants.py @@ -78,6 +78,7 @@ ENABLE_SSH_ADMIN_SSH_PORT_TIMEOUT = 300 ADDITIONAL_ARCHITECTURES = ['ppc64le'] DEFAULT_VALIDATIONS_BASEDIR = '/usr/share/openstack-tripleo-validations' +DEFAULT_WORK_DIR = '/var/lib/mistral' ANSIBLE_VALIDATION_DIR = \ '/usr/share/openstack-tripleo-validations/playbooks' diff --git a/tripleoclient/utils.py b/tripleoclient/utils.py index cd0a3cb5a..16a31f8ea 100644 --- a/tripleoclient/utils.py +++ b/tripleoclient/utils.py @@ -1447,28 +1447,13 @@ def run_update_ansible_action(log, clients, stack, nodes, inventory, inventory=inventory, workdir=workdir, ssh_user=ssh_user, - key=ssh_private_key(workdir, priv_key), + key=priv_key, module_path='/usr/share/ansible-modules', limit_hosts=nodes, tags=tags, skip_tags=skip_tags) -def ssh_private_key(workdir, key): - if not key: - return None - if (isinstance(key, six.string_types) and - os.path.exists(key)): - os.chmod(key, 0o600) - return key - - path = os.path.join(workdir, 'ssh_private_key') - with open(path, 'w') as ssh_key: - ssh_key.write(key) - os.chmod(path, 0o600) - return path - - def parse_extra_vars(extra_var_strings): """Parses extra variables like Ansible would. diff --git a/tripleoclient/v1/overcloud_external_update.py b/tripleoclient/v1/overcloud_external_update.py index 99968864c..7c0cc5d67 100644 --- a/tripleoclient/v1/overcloud_external_update.py +++ b/tripleoclient/v1/overcloud_external_update.py @@ -102,12 +102,11 @@ class ExternalUpdateRun(command.Command): stack = parsed_args.stack ansible_dir = None - key = None + key = package_update.get_key(stack=stack) # Disable mistral if parsed_args.no_workflow: ansible_dir = oooutils.download_ansible_playbooks(orchestration, stack) - key = package_update.get_key(clients) # Run ansible: inventory = oooutils.get_tripleo_ansible_inventory( diff --git a/tripleoclient/v1/overcloud_external_upgrade.py b/tripleoclient/v1/overcloud_external_upgrade.py index b073d8e49..32998b8aa 100644 --- a/tripleoclient/v1/overcloud_external_upgrade.py +++ b/tripleoclient/v1/overcloud_external_upgrade.py @@ -102,12 +102,11 @@ class ExternalUpgradeRun(command.Command): stack = parsed_args.stack ansible_dir = None - key = None + key = package_update.get_key(stack=stack) # Disable mistral if parsed_args.no_workflow: ansible_dir = oooutils.download_ansible_playbooks(orchestration, stack) - key = package_update.get_key(clients) # Run ansible: inventory = oooutils.get_tripleo_ansible_inventory( diff --git a/tripleoclient/v1/overcloud_ffwd_upgrade.py b/tripleoclient/v1/overcloud_ffwd_upgrade.py index fd0e3c126..966c89c05 100644 --- a/tripleoclient/v1/overcloud_ffwd_upgrade.py +++ b/tripleoclient/v1/overcloud_ffwd_upgrade.py @@ -159,12 +159,11 @@ class FFWDUpgradeRun(command.Command): stack = parsed_args.stack ansible_dir = None - key = None + key = package_update.get_key(stack=stack) # Disable mistral if parsed_args.no_workflow: ansible_dir = oooutils.download_ansible_playbooks(orchestration, stack) - key = package_update.get_key(clients) # Run ansible: inventory = oooutils.get_tripleo_ansible_inventory( diff --git a/tripleoclient/v1/overcloud_update.py b/tripleoclient/v1/overcloud_update.py index 3c26128ca..aa5b1bab3 100644 --- a/tripleoclient/v1/overcloud_update.py +++ b/tripleoclient/v1/overcloud_update.py @@ -147,12 +147,11 @@ class UpdateRun(command.Command): stack = parsed_args.stack ansible_dir = None - key = None + key = package_update.get_key(stack=stack) # Disable mistral if parsed_args.no_workflow: ansible_dir = oooutils.download_ansible_playbooks(orchestration, stack) - key = package_update.get_key(clients) # Run ansible: limit_hosts = parsed_args.limit diff --git a/tripleoclient/v1/overcloud_upgrade.py b/tripleoclient/v1/overcloud_upgrade.py index ff66ef765..fe0e19fe4 100644 --- a/tripleoclient/v1/overcloud_upgrade.py +++ b/tripleoclient/v1/overcloud_upgrade.py @@ -203,12 +203,11 @@ class UpgradeRun(command.Command): stack = parsed_args.stack ansible_dir = None - key = None + key = package_update.get_key(stack=stack) # Disable mistral if parsed_args.no_workflow: ansible_dir = oooutils.download_ansible_playbooks(orchestration, stack) - key = package_update.get_key(clients) # Run ansible: limit_hosts = parsed_args.limit diff --git a/tripleoclient/workflows/package_update.py b/tripleoclient/workflows/package_update.py index dd065ee36..4198d8da3 100644 --- a/tripleoclient/workflows/package_update.py +++ b/tripleoclient/workflows/package_update.py @@ -11,6 +11,7 @@ # under the License. from __future__ import print_function +import os import pprint import time @@ -20,6 +21,7 @@ from openstackclient import shell from tripleoclient import exceptions from tripleoclient import utils +from tripleoclient import constants from tripleoclient.workflows import base _WORKFLOW_TIMEOUT = 120 * 60 # 2h @@ -85,26 +87,32 @@ def get_config(clients, **workflow_input): raise RuntimeError('Minor update failed with: {}'.format(payload)) -def get_key(clients, **workflow_input): - workflow_client = clients.workflow_engine - tripleoclients = clients.tripleoclient +def get_key(stack): + """Returns the private key from the local file system. - with tripleoclients.messaging_websocket() as ws: - execution = base.start_workflow( - workflow_client, - 'tripleo.package_update.v1.get_key', - workflow_input=workflow_input - ) + Searches for and returns the stack private key. If the key is inaccessible + for any reason, the process will fall back to using the users key. If no + key is found, this method will return None. - for payload in base.wait_for_messages(workflow_client, ws, execution, - _WORKFLOW_TIMEOUT): - assert payload['status'] == "SUCCESS", pprint.pformat(payload) + :params stack: name of the stack to use + :type stack: String - if payload['status'] == 'SUCCESS': - print('Success') - return payload['message'] + :returns: String || None + """ + + stack_dir = os.path.join(constants.DEFAULT_WORK_DIR, stack) + stack_key_file = os.path.join(stack_dir, 'ssh_private_key') + user_dir = os.path.join(os.path.expanduser("~"), '.ssh') + user_key_file = os.path.join(user_dir, 'id_rsa_tripleo') + for key_file in [stack_key_file, user_key_file]: + try: + if os.path.exists(key_file): + with open(key_file): + return key_file + except IOError: + pass else: - raise RuntimeError('Get_key action failed with: {}'.format(payload)) + return def update_ansible(clients, **workflow_input):