Remove undercloud auth details from inventory
This also refactors to allow passing a cloud_name rather than a session object from the module. Change-Id: I38414673f804e228bef0341812a6cf313d92a111
This commit is contained in:
parent
1fa0990327
commit
8576785366
|
@ -28,7 +28,7 @@ import keystoneauth1
|
|||
import openstack
|
||||
|
||||
from tripleo_common import exception
|
||||
import tripleo_common.constants as constants
|
||||
from tripleo_common import constants
|
||||
|
||||
HOST_NETWORK = 'ctlplane'
|
||||
DEFAULT_DOMAIN = 'localdomain.'
|
||||
|
@ -253,19 +253,22 @@ class NeutronData(object):
|
|||
|
||||
|
||||
class TripleoInventory(object):
|
||||
def __init__(self, session=None, hclient=None,
|
||||
plan_name=None, auth_url=None, project_name=None,
|
||||
cacert=None, username=None, ansible_ssh_user=None,
|
||||
def __init__(self, cloud_name=None, session=None,
|
||||
hclient=None, plan_name=None,
|
||||
auth_url=None, project_name=None, cacert=None,
|
||||
username=None, ansible_ssh_user=None,
|
||||
host_network=None, ansible_python_interpreter=None,
|
||||
undercloud_connection=UNDERCLOUD_CONNECTION_LOCAL,
|
||||
undercloud_key_file=None, serial=1, work_dir=None):
|
||||
self.session = session
|
||||
|
||||
self.connection = None
|
||||
if cloud_name:
|
||||
self.connection = openstack.connect(cloud=cloud_name)
|
||||
elif session:
|
||||
self.connection = openstack.connection.Connection(session=session)
|
||||
|
||||
self.hclient = hclient
|
||||
self.host_network = host_network or HOST_NETWORK
|
||||
self.auth_url = auth_url
|
||||
self.cacert = cacert
|
||||
self.project_name = project_name
|
||||
self.username = username
|
||||
self.ansible_ssh_user = ansible_ssh_user
|
||||
self.undercloud_key_file = undercloud_key_file
|
||||
self.plan_name = plan_name
|
||||
|
@ -472,15 +475,14 @@ class TripleoInventory(object):
|
|||
self.ansible_python_interpreter)
|
||||
|
||||
def _get_neutron_data(self):
|
||||
if not self.session:
|
||||
if not self.connection:
|
||||
LOG.info("Session not set, neutron data will not be used to build "
|
||||
"the inventory.")
|
||||
return
|
||||
|
||||
try:
|
||||
conn = openstack.connection.Connection(session=self.session)
|
||||
tags_filter = ['tripleo_stack_name={}'.format(self.plan_name)]
|
||||
ports = list(conn.network.ports(tags=tags_filter))
|
||||
ports = list(self.connection.network.ports(tags=tags_filter))
|
||||
if not ports:
|
||||
return None
|
||||
|
||||
|
@ -496,7 +498,8 @@ class TripleoInventory(object):
|
|||
# tagged with the 'tripleo_stack_name'.
|
||||
# See bug: https://bugs.launchpad.net/tripleo/+bug/1928926
|
||||
found_ctlplane_port = False
|
||||
ctlplane_net = conn.network.find_network(self.host_network)
|
||||
ctlplane_net = self.connection.network.find_network(
|
||||
self.host_network)
|
||||
for p in ports:
|
||||
if p.network_id == ctlplane_net.id:
|
||||
found_ctlplane_port = True
|
||||
|
@ -504,11 +507,12 @@ class TripleoInventory(object):
|
|||
if not found_ctlplane_port:
|
||||
return None
|
||||
|
||||
networks = [conn.network.find_network(p.network_id)
|
||||
networks = [self.connection.network.find_network(p.network_id)
|
||||
for p in ports]
|
||||
subnets = []
|
||||
for net in networks:
|
||||
subnets.extend(conn.network.subnets(network_id=net.id))
|
||||
subnets.extend(self.connection.network.subnets(
|
||||
network_id=net.id))
|
||||
|
||||
data = NeutronData(networks, subnets, ports)
|
||||
except exception.MissingMandatoryNeutronResourceTag:
|
||||
|
@ -676,12 +680,6 @@ class TripleoInventory(object):
|
|||
_vars.setdefault('ansible_connection', self.undercloud_connection)
|
||||
# see https://github.com/ansible/ansible/issues/41808
|
||||
_vars.setdefault('ansible_remote_tmp', '/tmp/ansible-${USER}')
|
||||
_vars.setdefault('auth_url', self.auth_url)
|
||||
_vars.setdefault('project_name', self.project_name)
|
||||
_vars.setdefault('username', self.username)
|
||||
|
||||
if self.cacert:
|
||||
_vars['cacert'] = self.cacert
|
||||
|
||||
if self.ansible_python_interpreter:
|
||||
_vars.setdefault('ansible_python_interpreter',
|
||||
|
@ -780,9 +778,10 @@ class TripleoInventory(object):
|
|||
os.rename(inventory_file.name, inventory_file_path)
|
||||
|
||||
|
||||
def generate_tripleo_ansible_inventory(heat, auth_url,
|
||||
username,
|
||||
project_name,
|
||||
def generate_tripleo_ansible_inventory(heat=None,
|
||||
auth_url=None,
|
||||
username=None,
|
||||
project_name=None,
|
||||
cacert=None,
|
||||
plan='overcloud',
|
||||
work_dir=None,
|
||||
|
@ -790,7 +789,8 @@ def generate_tripleo_ansible_inventory(heat, auth_url,
|
|||
ansible_ssh_user='tripleo-admin',
|
||||
undercloud_key_file=None,
|
||||
ssh_network='ctlplane',
|
||||
session=None):
|
||||
session=None,
|
||||
cloud_name='undercloud'):
|
||||
if not work_dir:
|
||||
work_dir = os.path.join(os.path.expanduser('~'),
|
||||
'overcloud-deploy-{}'.format(plan))
|
||||
|
@ -800,12 +800,9 @@ def generate_tripleo_ansible_inventory(heat, auth_url,
|
|||
inventory_path = os.path.join(
|
||||
work_dir, 'tripleo-ansible-inventory.yaml')
|
||||
inv = TripleoInventory(
|
||||
session=session,
|
||||
cloud_name=cloud_name,
|
||||
hclient=heat,
|
||||
auth_url=auth_url,
|
||||
username=username,
|
||||
project_name=project_name,
|
||||
cacert=cacert,
|
||||
session=session,
|
||||
ansible_ssh_user=ansible_ssh_user,
|
||||
undercloud_key_file=undercloud_key_file,
|
||||
ansible_python_interpreter=ansible_python_interpreter,
|
||||
|
|
|
@ -146,7 +146,6 @@ class TestInventory(base.TestCase):
|
|||
]
|
||||
}
|
||||
self.plan_name = 'overcloud'
|
||||
|
||||
self.hclient = mock.MagicMock()
|
||||
self.hclient.stacks.environment.return_value = {
|
||||
'parameter_defaults': {
|
||||
|
@ -157,17 +156,18 @@ class TestInventory(base.TestCase):
|
|||
self.mock_stack = mock.MagicMock()
|
||||
self.mock_stack.outputs = self.outputs_data['outputs']
|
||||
self.hclient.stacks.get.return_value = self.mock_stack
|
||||
|
||||
self.outputs = StackOutputs(self.mock_stack)
|
||||
self.connection = mock.MagicMock()
|
||||
patcher = mock.patch('openstack.connect',
|
||||
return_value=self.connection)
|
||||
patcher.start()
|
||||
self.inventory = TripleoInventory(
|
||||
cloud_name='undercloud',
|
||||
hclient=self.hclient,
|
||||
plan_name=self.plan_name,
|
||||
auth_url='xyz://keystone.local',
|
||||
cacert='acacert',
|
||||
project_name='admin',
|
||||
username='admin',
|
||||
ansible_ssh_user='heat-admin')
|
||||
self.inventory.stack_outputs = self.outputs
|
||||
self.addCleanup(patcher.stop)
|
||||
|
||||
def test_get_roles_by_service(self):
|
||||
services = TripleoInventory.get_roles_by_service(MOCK_ENABLED_SERVICES)
|
||||
|
@ -205,8 +205,8 @@ class TestInventory(base.TestCase):
|
|||
self.assertEqual(expected, self.outputs['KeystoneURL'])
|
||||
# This should also support the get method
|
||||
self.assertEqual(expected, self.outputs.get('KeystoneURL'))
|
||||
self.assertTrue(self.hclient.called_once_with('overcloud',
|
||||
'KeystoneURL'))
|
||||
self.assertTrue(self.hclient.called_once_with(
|
||||
'overcloud', 'KeystoneURL'))
|
||||
|
||||
def test_no_ips(self):
|
||||
for output in self.outputs_data['outputs']:
|
||||
|
@ -290,12 +290,9 @@ class TestInventory(base.TestCase):
|
|||
'ansible_host': 'localhost',
|
||||
'ansible_python_interpreter': sys.executable,
|
||||
'ansible_remote_tmp': '/tmp/ansible-${USER}',
|
||||
'auth_url': 'xyz://keystone.local',
|
||||
'cacert': 'acacert',
|
||||
'overcloud_keystone_url': 'xyz://keystone',
|
||||
'overcloud_admin_password': 'theadminpw',
|
||||
'plan': 'overcloud',
|
||||
'project_name': 'admin',
|
||||
'undercloud_service_list': [
|
||||
'tripleo_nova_compute',
|
||||
'tripleo_heat_engine',
|
||||
|
@ -304,7 +301,6 @@ class TestInventory(base.TestCase):
|
|||
'tripleo_swift_object_server',
|
||||
'tripleo_mistral_engine'
|
||||
],
|
||||
'username': 'admin'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -336,22 +332,19 @@ class TestInventory(base.TestCase):
|
|||
'output_value': {'Undercloud': {'config_settings': 'foo1'}}}
|
||||
]
|
||||
}
|
||||
plan_name = 'undercloud'
|
||||
hclient = mock.MagicMock()
|
||||
hclient.stacks.environment.return_value = {'parameter_defaults': {
|
||||
'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}}
|
||||
|
||||
self.hclient.stacks.environment.return_value = {
|
||||
'parameter_defaults': {
|
||||
'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}}
|
||||
mock_stack = mock.MagicMock()
|
||||
mock_stack.outputs = outputs_data['outputs']
|
||||
hclient.stacks.get.return_value = mock_stack
|
||||
self.hclient.stacks.get.return_value = mock_stack
|
||||
|
||||
outputs = StackOutputs(mock_stack)
|
||||
inventory = TripleoInventory(
|
||||
hclient=hclient,
|
||||
plan_name=plan_name,
|
||||
auth_url='xyz://keystone.local',
|
||||
cacert='acacert',
|
||||
project_name='admin',
|
||||
username='admin',
|
||||
hclient=self.hclient,
|
||||
cloud_name='undercloud',
|
||||
plan_name='overcloud',
|
||||
ansible_ssh_user='heat-admin')
|
||||
inventory.stack_outputs = outputs
|
||||
expected = {
|
||||
|
@ -396,9 +389,6 @@ class TestInventory(base.TestCase):
|
|||
'ansible_host': 'localhost',
|
||||
'ansible_python_interpreter': sys.executable,
|
||||
'ansible_remote_tmp': '/tmp/ansible-${USER}',
|
||||
'auth_url': 'xyz://keystone.local',
|
||||
'cacert': 'acacert',
|
||||
'project_name': 'admin',
|
||||
'undercloud_service_list': [
|
||||
'tripleo_nova_compute',
|
||||
'tripleo_heat_engine',
|
||||
|
@ -407,7 +397,6 @@ class TestInventory(base.TestCase):
|
|||
'tripleo_swift_object_server',
|
||||
'tripleo_mistral_engine'
|
||||
],
|
||||
'username': 'admin'
|
||||
}
|
||||
},
|
||||
'_meta': {'hostvars': {}},
|
||||
|
@ -422,11 +411,8 @@ class TestInventory(base.TestCase):
|
|||
key_file = '/var/lib/mistral/.ssh/%s-key' % ansible_ssh_user
|
||||
self.inventory = TripleoInventory(
|
||||
hclient=self.hclient,
|
||||
cloud_name='undercloud',
|
||||
plan_name=self.plan_name,
|
||||
auth_url='xyz://keystone.local',
|
||||
project_name='admin',
|
||||
username='admin',
|
||||
cacert='acacert',
|
||||
ansible_ssh_user=ansible_ssh_user,
|
||||
undercloud_connection=undercloud_connection,
|
||||
undercloud_key_file=key_file,
|
||||
|
@ -548,12 +534,9 @@ class TestInventory(base.TestCase):
|
|||
'ansible_host': 'localhost',
|
||||
'ansible_python_interpreter': 'foo',
|
||||
'ansible_remote_tmp': '/tmp/ansible-${USER}',
|
||||
'auth_url': 'xyz://keystone.local',
|
||||
'cacert': 'acacert',
|
||||
'overcloud_keystone_url': 'xyz://keystone',
|
||||
'overcloud_admin_password': 'theadminpw',
|
||||
'plan': 'overcloud',
|
||||
'project_name': 'admin',
|
||||
'undercloud_service_list': [
|
||||
'tripleo_nova_compute',
|
||||
'tripleo_heat_engine',
|
||||
|
@ -561,7 +544,6 @@ class TestInventory(base.TestCase):
|
|||
'tripleo_swift_container_server',
|
||||
'tripleo_swift_object_server',
|
||||
'tripleo_mistral_engine'],
|
||||
'username': 'admin'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -594,12 +576,9 @@ class TestInventory(base.TestCase):
|
|||
sys.executable,
|
||||
'ansible_remote_tmp':
|
||||
'/tmp/ansible-${USER}',
|
||||
'auth_url': 'xyz://keystone.local',
|
||||
'cacert': 'acacert',
|
||||
'overcloud_admin_password': 'theadminpw',
|
||||
'overcloud_keystone_url': 'xyz://keystone',
|
||||
'plan': 'overcloud',
|
||||
'project_name': 'admin',
|
||||
'undercloud_service_list': [
|
||||
'tripleo_nova_compute',
|
||||
'tripleo_heat_engine',
|
||||
|
@ -607,7 +586,6 @@ class TestInventory(base.TestCase):
|
|||
'tripleo_swift_container_server',
|
||||
'tripleo_swift_object_server',
|
||||
'tripleo_mistral_engine'],
|
||||
'username': 'admin'
|
||||
}
|
||||
},
|
||||
'Controller': {
|
||||
|
@ -1003,20 +981,16 @@ class TestInventory(base.TestCase):
|
|||
'ansible_host': 'localhost',
|
||||
'ansible_python_interpreter': sys.executable,
|
||||
'ansible_remote_tmp': '/tmp/ansible-${USER}',
|
||||
'auth_url': 'xyz://keystone.local',
|
||||
'cacert': 'acacert',
|
||||
'overcloud_admin_password': 'theadminpw',
|
||||
'overcloud_keystone_url': 'xyz://keystone',
|
||||
'plan': 'overcloud',
|
||||
'project_name': 'admin',
|
||||
'undercloud_service_list': [
|
||||
'tripleo_nova_compute',
|
||||
'tripleo_heat_engine',
|
||||
'tripleo_ironic_conductor',
|
||||
'tripleo_swift_container_server',
|
||||
'tripleo_swift_object_server',
|
||||
'tripleo_mistral_engine'],
|
||||
'username': 'admin'}},
|
||||
'tripleo_mistral_engine']}},
|
||||
'Controller': {
|
||||
'hosts': {
|
||||
'c-0': {
|
||||
|
|
Loading…
Reference in New Issue