[stable-only] Fix legacy password handling

We pick some of heat legacy passwords (from heat resources),
while generating the passwords. However, if the plan has
been deleted from some reason and does not have the old
passwords as in the stack environment, this would result
in change of these passwords like RabbitCookie/PcsdPassword
and would lead to disruptions during deployment. This
patch fixes to only use them if they are not in the stack
environment.

This code has been removed from master after plan removal.

Closes-Bug: #1918566
Change-Id: I6b2f0ef916a950fe6f92ee4f8848bab92a7b1c85
(cherry picked from commit 6575dd1caf82b3ffcd24b7f4f4fecd70c512c01d)
This commit is contained in:
ramishra 2021-03-11 00:53:28 +05:30 committed by Rabi Mishra
parent 4e89e4bbc5
commit 0630a00e25
2 changed files with 6 additions and 2 deletions

View File

@ -284,9 +284,10 @@ class GeneratePasswordsAction(base.TripleOAction):
# We don't modify these to avoid changing defaults # We don't modify these to avoid changing defaults
for pw_res in constants.LEGACY_HEAT_PASSWORD_RESOURCE_NAMES: for pw_res in constants.LEGACY_HEAT_PASSWORD_RESOURCE_NAMES:
try: try:
res = heat.resources.get(self.container, pw_res)
param_defaults = stack_env.get('parameter_defaults', {}) param_defaults = stack_env.get('parameter_defaults', {})
param_defaults[pw_res] = res.attributes['value'] if pw_res not in param_defaults:
res = heat.resources.get(self.container, pw_res)
param_defaults[pw_res] = res.attributes['value']
except heat_exc.HTTPNotFound: except heat_exc.HTTPNotFound:
LOG.debug('Heat resouce not found: %s' % pw_res) LOG.debug('Heat resouce not found: %s' % pw_res)
pass pass

View File

@ -964,6 +964,7 @@ class GeneratePasswordsActionTest(base.TestCase):
existing_passwords = _EXISTING_PASSWORDS.copy() existing_passwords = _EXISTING_PASSWORDS.copy()
existing_passwords.pop("AdminPassword") existing_passwords.pop("AdminPassword")
existing_passwords.pop("PcsdPassword")
mock_ctx = mock.MagicMock() mock_ctx = mock.MagicMock()
swift = mock.MagicMock(url="http://test.com") swift = mock.MagicMock(url="http://test.com")
@ -982,6 +983,7 @@ class GeneratePasswordsActionTest(base.TestCase):
mock_orchestration.stacks.environment.return_value = { mock_orchestration.stacks.environment.return_value = {
'parameter_defaults': { 'parameter_defaults': {
'AdminPassword': 'ExistingPasswordInHeat', 'AdminPassword': 'ExistingPasswordInHeat',
'PcsdPassword': 'MyPassword',
} }
} }
mock_resource = mock.MagicMock() mock_resource = mock.MagicMock()
@ -998,6 +1000,7 @@ class GeneratePasswordsActionTest(base.TestCase):
result = action.run(mock_ctx) result = action.run(mock_ctx)
existing_passwords["AdminPassword"] = "ExistingPasswordInHeat" existing_passwords["AdminPassword"] = "ExistingPasswordInHeat"
existing_passwords["PcsdPassword"] = "MyPassword"
# ensure old passwords used and no new generation # ensure old passwords used and no new generation
self.assertEqual(existing_passwords, result) self.assertEqual(existing_passwords, result)
mock_cache.assert_called_once_with( mock_cache.assert_called_once_with(