Don't use swift plan when exporting passwords

This changes to use the stack environment instead for
passwords when using ``overcloud export`` or
``overcloud cell export``.

Change-Id: Iae58a6415cc12e2035e0d3b62327e59e038d1b2c
This commit is contained in:
ramishra 2021-02-01 10:05:18 +05:30
parent 1603ed45db
commit d2b8115266
5 changed files with 37 additions and 79 deletions

View File

@ -23,7 +23,7 @@ import yaml
from osc_lib.i18n import _
from tripleo_common import constants as tripleo_common_constants
from tripleo_common.utils import swift as swiftutils
from tripleo_common.utils import plan as plan_utils
from tripleoclient import constants
from tripleoclient import utils as oooutils
@ -31,24 +31,7 @@ from tripleoclient import utils as oooutils
LOG = logging.getLogger(__name__ + ".utils")
def export_passwords(swift, stack, excludes=True):
# Export the passwords from swift
obj = 'plan-environment.yaml'
container = stack
content = swiftutils.get_object_string(
swift,
container=container,
object_name=obj
)
data = yaml.safe_load(content)
# The "passwords" key in plan-environment.yaml are generated passwords,
# they are not necessarily the actual password values used during the
# deployment.
generated_passwords = data["passwords"]
# parameter_defaults will contain any user defined password values
parameters = data["parameter_defaults"]
passwords = {}
def export_passwords(heat, stack, excludes=True):
# For each password, check if it's excluded, then check if there's a user
# defined value from parameter_defaults, and if not use the value from the
@ -57,17 +40,15 @@ def export_passwords(swift, stack, excludes=True):
for pattern in constants.EXPORT_PASSWORD_EXCLUDE_PATTERNS:
return re.match(pattern, password, re.I)
generated_passwords = plan_utils.generate_passwords(
heat=heat, container=stack)
for password in tripleo_common_constants.PASSWORD_PARAMETER_NAMES:
if exclude_password(password):
continue
if password in parameters:
passwords[password] = parameters[password]
elif password in generated_passwords:
passwords[password] = generated_passwords[password]
else:
if password not in generated_passwords:
LOG.warning("No password value found for %s", password)
return passwords
return generated_passwords
def export_stack(heat, stack, should_filter=False,

View File

@ -14,11 +14,8 @@
#
import os
from io import StringIO
import mock
import six
from unittest import TestCase
import yaml
from tripleoclient import export
@ -127,55 +124,36 @@ class TestExport(TestCase):
export.export_stack(heat, "control")
mock_get_stack.assert_called_once_with(heat, 'control')
def test_export_passwords(self):
swift = mock.Mock()
@mock.patch('tripleo_common.utils.plan.generate_passwords')
def test_export_passwords(self, mock_gen_pass):
heat = mock.Mock()
mock_passwords = {
'parameter_defaults': {
'AdminPassword': 'a_user'
},
'passwords': {
'AdminPassword': 'A',
'RpcPassword': 'B'
}
}
sio = StringIO()
sio.write(six.text_type(yaml.dump(mock_passwords)))
sio.seek(0)
swift.get_object.return_value = ("", sio)
data = export.export_passwords(swift, 'overcloud')
swift.get_object.assert_called_once_with(
'overcloud', 'plan-environment.yaml')
'AdminPassword': 'a_user',
'RpcPassword': 'B'}
mock_gen_pass.return_value = mock_passwords
data = export.export_passwords(heat, 'overcloud')
self.assertEqual(dict(AdminPassword='a_user',
RpcPassword='B'),
data)
def test_export_passwords_excludes(self):
swift = mock.Mock()
@mock.patch('tripleo_common.utils.plan.generate_passwords')
def test_export_passwords_excludes(self, mock_gen_pass):
heat = mock.Mock()
mock_passwords = {
'parameter_defaults': {
'CephClientKey': 'cephkey'
},
'passwords': {
'AdminPassword': 'A',
'RpcPassword': 'B',
'CephClientKey': 'cephkey',
'CephClusterFSID': 'cephkey',
'CephRgwKey': 'cephkey'
}
}
sio = StringIO()
sio.write(six.text_type(yaml.dump(mock_passwords)))
sio.seek(0)
swift.get_object.return_value = ("", sio)
data = export.export_passwords(swift, 'overcloud')
'AdminPassword': 'A',
'RpcPassword': 'B',
'CephClientKey': 'cephkey',
'CephClusterFSID': 'cephkey',
'CephRgwKey': 'cephkey'}
mock_gen_pass.return_value = mock_passwords
data = export.export_passwords(heat, 'overcloud')
mock_passwords['passwords'].pop('CephClientKey')
mock_passwords['passwords'].pop('CephClusterFSID')
mock_passwords['passwords'].pop('CephRgwKey')
mock_passwords.pop('CephClientKey')
mock_passwords.pop('CephClusterFSID')
mock_passwords.pop('CephRgwKey')
self.assertEqual(mock_passwords['passwords'], data)
self.assertEqual(mock_passwords, data)
def test_export_storage_ips(self):
with mock.patch('six.moves.builtins.open', self.mock_open_ceph_inv):

View File

@ -49,7 +49,7 @@ class TestOvercloudExport(utils.TestCommand):
with mock.patch('six.moves.builtins.open', self.mock_open):
self.cmd.take_action(parsed_args)
mock_export_passwords.assert_called_once_with(
self.app.client_manager.tripleoclient.object_store,
self.app.client_manager.orchestration,
'overcloud', True)
path = os.path.join(os.environ.get('HOME'),
'config-download')
@ -79,7 +79,7 @@ class TestOvercloudExport(utils.TestCommand):
with mock.patch('six.moves.builtins.open', self.mock_open):
self.cmd.take_action(parsed_args)
mock_export_passwords.assert_called_once_with(
self.app.client_manager.tripleoclient.object_store,
self.app.client_manager.orchestration,
'foo', True)
path = os.path.join(os.environ.get('HOME'),
'config-download')
@ -105,7 +105,7 @@ class TestOvercloudExport(utils.TestCommand):
with mock.patch('six.moves.builtins.open', self.mock_open):
self.cmd.take_action(parsed_args)
mock_export_passwords.assert_called_once_with(
self.app.client_manager.tripleoclient.object_store,
self.app.client_manager.orchestration,
'foo', True)
mock_export_stack.assert_called_once_with(
self.app.client_manager.orchestration,
@ -131,7 +131,7 @@ class TestOvercloudExport(utils.TestCommand):
with mock.patch('six.moves.builtins.open', self.mock_open):
self.cmd.take_action(parsed_args)
mock_export_passwords.assert_called_once_with(
self.app.client_manager.tripleoclient.object_store,
self.app.client_manager.orchestration,
'foo', False)
mock_export_stack.assert_called_once_with(
self.app.client_manager.orchestration,

View File

@ -80,9 +80,9 @@ class ExportCell(command.Command):
# prepare clients to access the environment
clients = self.app.client_manager
swift_client = clients.tripleoclient.object_store
heat = clients.tripleoclient.orchestration
data = export.export_passwords(swift_client, control_plane_stack)
data = export.export_passwords(heat, control_plane_stack)
stack_to_export = control_plane_stack
should_filter = True
@ -98,7 +98,7 @@ class ExportCell(command.Command):
config_download_dir = os.path.join(download_dir, stack_to_export)
data.update(export.export_stack(
clients.orchestration, stack_to_export, should_filter,
heat, stack_to_export, should_filter,
config_download_dir))
data = dict(parameter_defaults=data)

View File

@ -83,12 +83,11 @@ class ExportOvercloud(command.Command):
# prepare clients to access the environment
clients = self.app.client_manager
swift_client = clients.tripleoclient.object_store
data = export.export_passwords(swift_client, stack,
heat = clients.orchestration
data = export.export_passwords(heat, stack,
not parsed_args.no_password_excludes)
data.update(export.export_stack(
clients.orchestration, stack, False, config_download_dir))
heat, stack, False, config_download_dir))
# do not add extra host entries for VIPs for stacks deployed off that
# exported data, since it already contains those entries
data.update({'AddVipsToEtcHosts': False})