From d2b81152664ae3128d7bcd87c14261499ec628e6 Mon Sep 17 00:00:00 2001 From: ramishra Date: Mon, 1 Feb 2021 10:05:18 +0530 Subject: [PATCH] Don't use swift plan when exporting passwords This changes to use the stack environment instead for passwords when using ``overcloud export`` or ``overcloud cell export``. Change-Id: Iae58a6415cc12e2035e0d3b62327e59e038d1b2c --- tripleoclient/export.py | 31 ++------- tripleoclient/tests/test_export.py | 64 ++++++------------- .../tests/v1/test_overcloud_export.py | 8 +-- tripleoclient/v1/overcloud_cell.py | 6 +- tripleoclient/v1/overcloud_export.py | 7 +- 5 files changed, 37 insertions(+), 79 deletions(-) diff --git a/tripleoclient/export.py b/tripleoclient/export.py index 7cb03fab4..0af8b9e4a 100644 --- a/tripleoclient/export.py +++ b/tripleoclient/export.py @@ -23,7 +23,7 @@ import yaml from osc_lib.i18n import _ from tripleo_common import constants as tripleo_common_constants -from tripleo_common.utils import swift as swiftutils +from tripleo_common.utils import plan as plan_utils from tripleoclient import constants from tripleoclient import utils as oooutils @@ -31,24 +31,7 @@ from tripleoclient import utils as oooutils LOG = logging.getLogger(__name__ + ".utils") -def export_passwords(swift, stack, excludes=True): - # Export the passwords from swift - obj = 'plan-environment.yaml' - container = stack - content = swiftutils.get_object_string( - swift, - container=container, - object_name=obj - ) - data = yaml.safe_load(content) - # The "passwords" key in plan-environment.yaml are generated passwords, - # they are not necessarily the actual password values used during the - # deployment. - generated_passwords = data["passwords"] - # parameter_defaults will contain any user defined password values - parameters = data["parameter_defaults"] - - passwords = {} +def export_passwords(heat, stack, excludes=True): # For each password, check if it's excluded, then check if there's a user # defined value from parameter_defaults, and if not use the value from the @@ -57,17 +40,15 @@ def export_passwords(swift, stack, excludes=True): for pattern in constants.EXPORT_PASSWORD_EXCLUDE_PATTERNS: return re.match(pattern, password, re.I) + generated_passwords = plan_utils.generate_passwords( + heat=heat, container=stack) for password in tripleo_common_constants.PASSWORD_PARAMETER_NAMES: if exclude_password(password): continue - if password in parameters: - passwords[password] = parameters[password] - elif password in generated_passwords: - passwords[password] = generated_passwords[password] - else: + if password not in generated_passwords: LOG.warning("No password value found for %s", password) - return passwords + return generated_passwords def export_stack(heat, stack, should_filter=False, diff --git a/tripleoclient/tests/test_export.py b/tripleoclient/tests/test_export.py index c148975bc..944facd82 100644 --- a/tripleoclient/tests/test_export.py +++ b/tripleoclient/tests/test_export.py @@ -14,11 +14,8 @@ # import os -from io import StringIO import mock -import six from unittest import TestCase -import yaml from tripleoclient import export @@ -127,55 +124,36 @@ class TestExport(TestCase): export.export_stack(heat, "control") mock_get_stack.assert_called_once_with(heat, 'control') - def test_export_passwords(self): - swift = mock.Mock() + @mock.patch('tripleo_common.utils.plan.generate_passwords') + def test_export_passwords(self, mock_gen_pass): + heat = mock.Mock() mock_passwords = { - 'parameter_defaults': { - 'AdminPassword': 'a_user' - }, - 'passwords': { - 'AdminPassword': 'A', - 'RpcPassword': 'B' - } - } - sio = StringIO() - sio.write(six.text_type(yaml.dump(mock_passwords))) - sio.seek(0) - swift.get_object.return_value = ("", sio) - data = export.export_passwords(swift, 'overcloud') - - swift.get_object.assert_called_once_with( - 'overcloud', 'plan-environment.yaml') + 'AdminPassword': 'a_user', + 'RpcPassword': 'B'} + mock_gen_pass.return_value = mock_passwords + data = export.export_passwords(heat, 'overcloud') self.assertEqual(dict(AdminPassword='a_user', RpcPassword='B'), data) - def test_export_passwords_excludes(self): - swift = mock.Mock() + @mock.patch('tripleo_common.utils.plan.generate_passwords') + def test_export_passwords_excludes(self, mock_gen_pass): + heat = mock.Mock() mock_passwords = { - 'parameter_defaults': { - 'CephClientKey': 'cephkey' - }, - 'passwords': { - 'AdminPassword': 'A', - 'RpcPassword': 'B', - 'CephClientKey': 'cephkey', - 'CephClusterFSID': 'cephkey', - 'CephRgwKey': 'cephkey' - } - } - sio = StringIO() - sio.write(six.text_type(yaml.dump(mock_passwords))) - sio.seek(0) - swift.get_object.return_value = ("", sio) - data = export.export_passwords(swift, 'overcloud') + 'AdminPassword': 'A', + 'RpcPassword': 'B', + 'CephClientKey': 'cephkey', + 'CephClusterFSID': 'cephkey', + 'CephRgwKey': 'cephkey'} + mock_gen_pass.return_value = mock_passwords + data = export.export_passwords(heat, 'overcloud') - mock_passwords['passwords'].pop('CephClientKey') - mock_passwords['passwords'].pop('CephClusterFSID') - mock_passwords['passwords'].pop('CephRgwKey') + mock_passwords.pop('CephClientKey') + mock_passwords.pop('CephClusterFSID') + mock_passwords.pop('CephRgwKey') - self.assertEqual(mock_passwords['passwords'], data) + self.assertEqual(mock_passwords, data) def test_export_storage_ips(self): with mock.patch('six.moves.builtins.open', self.mock_open_ceph_inv): diff --git a/tripleoclient/tests/v1/test_overcloud_export.py b/tripleoclient/tests/v1/test_overcloud_export.py index 7c5f03fac..645b2022f 100644 --- a/tripleoclient/tests/v1/test_overcloud_export.py +++ b/tripleoclient/tests/v1/test_overcloud_export.py @@ -49,7 +49,7 @@ class TestOvercloudExport(utils.TestCommand): with mock.patch('six.moves.builtins.open', self.mock_open): self.cmd.take_action(parsed_args) mock_export_passwords.assert_called_once_with( - self.app.client_manager.tripleoclient.object_store, + self.app.client_manager.orchestration, 'overcloud', True) path = os.path.join(os.environ.get('HOME'), 'config-download') @@ -79,7 +79,7 @@ class TestOvercloudExport(utils.TestCommand): with mock.patch('six.moves.builtins.open', self.mock_open): self.cmd.take_action(parsed_args) mock_export_passwords.assert_called_once_with( - self.app.client_manager.tripleoclient.object_store, + self.app.client_manager.orchestration, 'foo', True) path = os.path.join(os.environ.get('HOME'), 'config-download') @@ -105,7 +105,7 @@ class TestOvercloudExport(utils.TestCommand): with mock.patch('six.moves.builtins.open', self.mock_open): self.cmd.take_action(parsed_args) mock_export_passwords.assert_called_once_with( - self.app.client_manager.tripleoclient.object_store, + self.app.client_manager.orchestration, 'foo', True) mock_export_stack.assert_called_once_with( self.app.client_manager.orchestration, @@ -131,7 +131,7 @@ class TestOvercloudExport(utils.TestCommand): with mock.patch('six.moves.builtins.open', self.mock_open): self.cmd.take_action(parsed_args) mock_export_passwords.assert_called_once_with( - self.app.client_manager.tripleoclient.object_store, + self.app.client_manager.orchestration, 'foo', False) mock_export_stack.assert_called_once_with( self.app.client_manager.orchestration, diff --git a/tripleoclient/v1/overcloud_cell.py b/tripleoclient/v1/overcloud_cell.py index 5cb0cf318..685c81fb5 100644 --- a/tripleoclient/v1/overcloud_cell.py +++ b/tripleoclient/v1/overcloud_cell.py @@ -80,9 +80,9 @@ class ExportCell(command.Command): # prepare clients to access the environment clients = self.app.client_manager - swift_client = clients.tripleoclient.object_store + heat = clients.tripleoclient.orchestration - data = export.export_passwords(swift_client, control_plane_stack) + data = export.export_passwords(heat, control_plane_stack) stack_to_export = control_plane_stack should_filter = True @@ -98,7 +98,7 @@ class ExportCell(command.Command): config_download_dir = os.path.join(download_dir, stack_to_export) data.update(export.export_stack( - clients.orchestration, stack_to_export, should_filter, + heat, stack_to_export, should_filter, config_download_dir)) data = dict(parameter_defaults=data) diff --git a/tripleoclient/v1/overcloud_export.py b/tripleoclient/v1/overcloud_export.py index 0ffdac514..d0b8173d1 100644 --- a/tripleoclient/v1/overcloud_export.py +++ b/tripleoclient/v1/overcloud_export.py @@ -83,12 +83,11 @@ class ExportOvercloud(command.Command): # prepare clients to access the environment clients = self.app.client_manager - swift_client = clients.tripleoclient.object_store - - data = export.export_passwords(swift_client, stack, + heat = clients.orchestration + data = export.export_passwords(heat, stack, not parsed_args.no_password_excludes) data.update(export.export_stack( - clients.orchestration, stack, False, config_download_dir)) + heat, stack, False, config_download_dir)) # do not add extra host entries for VIPs for stacks deployed off that # exported data, since it already contains those entries data.update({'AddVipsToEtcHosts': False})