Remove undercloud auth details from inventory

This also refactors to allow passing a cloud_name
rather than a session object from the module.

Change-Id: I38414673f804e228bef0341812a6cf313d92a111
This commit is contained in:
ramishra 2021-06-17 17:01:59 +05:30
parent 1fa0990327
commit 8576785366
2 changed files with 45 additions and 74 deletions

View File

@ -28,7 +28,7 @@ import keystoneauth1
import openstack
from tripleo_common import exception
import tripleo_common.constants as constants
from tripleo_common import constants
HOST_NETWORK = 'ctlplane'
DEFAULT_DOMAIN = 'localdomain.'
@ -253,19 +253,22 @@ class NeutronData(object):
class TripleoInventory(object):
def __init__(self, session=None, hclient=None,
plan_name=None, auth_url=None, project_name=None,
cacert=None, username=None, ansible_ssh_user=None,
def __init__(self, cloud_name=None, session=None,
hclient=None, plan_name=None,
auth_url=None, project_name=None, cacert=None,
username=None, ansible_ssh_user=None,
host_network=None, ansible_python_interpreter=None,
undercloud_connection=UNDERCLOUD_CONNECTION_LOCAL,
undercloud_key_file=None, serial=1, work_dir=None):
self.session = session
self.connection = None
if cloud_name:
self.connection = openstack.connect(cloud=cloud_name)
elif session:
self.connection = openstack.connection.Connection(session=session)
self.hclient = hclient
self.host_network = host_network or HOST_NETWORK
self.auth_url = auth_url
self.cacert = cacert
self.project_name = project_name
self.username = username
self.ansible_ssh_user = ansible_ssh_user
self.undercloud_key_file = undercloud_key_file
self.plan_name = plan_name
@ -472,15 +475,14 @@ class TripleoInventory(object):
self.ansible_python_interpreter)
def _get_neutron_data(self):
if not self.session:
if not self.connection:
LOG.info("Session not set, neutron data will not be used to build "
"the inventory.")
return
try:
conn = openstack.connection.Connection(session=self.session)
tags_filter = ['tripleo_stack_name={}'.format(self.plan_name)]
ports = list(conn.network.ports(tags=tags_filter))
ports = list(self.connection.network.ports(tags=tags_filter))
if not ports:
return None
@ -496,7 +498,8 @@ class TripleoInventory(object):
# tagged with the 'tripleo_stack_name'.
# See bug: https://bugs.launchpad.net/tripleo/+bug/1928926
found_ctlplane_port = False
ctlplane_net = conn.network.find_network(self.host_network)
ctlplane_net = self.connection.network.find_network(
self.host_network)
for p in ports:
if p.network_id == ctlplane_net.id:
found_ctlplane_port = True
@ -504,11 +507,12 @@ class TripleoInventory(object):
if not found_ctlplane_port:
return None
networks = [conn.network.find_network(p.network_id)
networks = [self.connection.network.find_network(p.network_id)
for p in ports]
subnets = []
for net in networks:
subnets.extend(conn.network.subnets(network_id=net.id))
subnets.extend(self.connection.network.subnets(
network_id=net.id))
data = NeutronData(networks, subnets, ports)
except exception.MissingMandatoryNeutronResourceTag:
@ -676,12 +680,6 @@ class TripleoInventory(object):
_vars.setdefault('ansible_connection', self.undercloud_connection)
# see https://github.com/ansible/ansible/issues/41808
_vars.setdefault('ansible_remote_tmp', '/tmp/ansible-${USER}')
_vars.setdefault('auth_url', self.auth_url)
_vars.setdefault('project_name', self.project_name)
_vars.setdefault('username', self.username)
if self.cacert:
_vars['cacert'] = self.cacert
if self.ansible_python_interpreter:
_vars.setdefault('ansible_python_interpreter',
@ -780,9 +778,10 @@ class TripleoInventory(object):
os.rename(inventory_file.name, inventory_file_path)
def generate_tripleo_ansible_inventory(heat, auth_url,
username,
project_name,
def generate_tripleo_ansible_inventory(heat=None,
auth_url=None,
username=None,
project_name=None,
cacert=None,
plan='overcloud',
work_dir=None,
@ -790,7 +789,8 @@ def generate_tripleo_ansible_inventory(heat, auth_url,
ansible_ssh_user='tripleo-admin',
undercloud_key_file=None,
ssh_network='ctlplane',
session=None):
session=None,
cloud_name='undercloud'):
if not work_dir:
work_dir = os.path.join(os.path.expanduser('~'),
'overcloud-deploy-{}'.format(plan))
@ -800,12 +800,9 @@ def generate_tripleo_ansible_inventory(heat, auth_url,
inventory_path = os.path.join(
work_dir, 'tripleo-ansible-inventory.yaml')
inv = TripleoInventory(
session=session,
cloud_name=cloud_name,
hclient=heat,
auth_url=auth_url,
username=username,
project_name=project_name,
cacert=cacert,
session=session,
ansible_ssh_user=ansible_ssh_user,
undercloud_key_file=undercloud_key_file,
ansible_python_interpreter=ansible_python_interpreter,

View File

@ -146,7 +146,6 @@ class TestInventory(base.TestCase):
]
}
self.plan_name = 'overcloud'
self.hclient = mock.MagicMock()
self.hclient.stacks.environment.return_value = {
'parameter_defaults': {
@ -157,17 +156,18 @@ class TestInventory(base.TestCase):
self.mock_stack = mock.MagicMock()
self.mock_stack.outputs = self.outputs_data['outputs']
self.hclient.stacks.get.return_value = self.mock_stack
self.outputs = StackOutputs(self.mock_stack)
self.connection = mock.MagicMock()
patcher = mock.patch('openstack.connect',
return_value=self.connection)
patcher.start()
self.inventory = TripleoInventory(
cloud_name='undercloud',
hclient=self.hclient,
plan_name=self.plan_name,
auth_url='xyz://keystone.local',
cacert='acacert',
project_name='admin',
username='admin',
ansible_ssh_user='heat-admin')
self.inventory.stack_outputs = self.outputs
self.addCleanup(patcher.stop)
def test_get_roles_by_service(self):
services = TripleoInventory.get_roles_by_service(MOCK_ENABLED_SERVICES)
@ -205,8 +205,8 @@ class TestInventory(base.TestCase):
self.assertEqual(expected, self.outputs['KeystoneURL'])
# This should also support the get method
self.assertEqual(expected, self.outputs.get('KeystoneURL'))
self.assertTrue(self.hclient.called_once_with('overcloud',
'KeystoneURL'))
self.assertTrue(self.hclient.called_once_with(
'overcloud', 'KeystoneURL'))
def test_no_ips(self):
for output in self.outputs_data['outputs']:
@ -290,12 +290,9 @@ class TestInventory(base.TestCase):
'ansible_host': 'localhost',
'ansible_python_interpreter': sys.executable,
'ansible_remote_tmp': '/tmp/ansible-${USER}',
'auth_url': 'xyz://keystone.local',
'cacert': 'acacert',
'overcloud_keystone_url': 'xyz://keystone',
'overcloud_admin_password': 'theadminpw',
'plan': 'overcloud',
'project_name': 'admin',
'undercloud_service_list': [
'tripleo_nova_compute',
'tripleo_heat_engine',
@ -304,7 +301,6 @@ class TestInventory(base.TestCase):
'tripleo_swift_object_server',
'tripleo_mistral_engine'
],
'username': 'admin'
}
}
}
@ -336,22 +332,19 @@ class TestInventory(base.TestCase):
'output_value': {'Undercloud': {'config_settings': 'foo1'}}}
]
}
plan_name = 'undercloud'
hclient = mock.MagicMock()
hclient.stacks.environment.return_value = {'parameter_defaults': {
'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}}
self.hclient.stacks.environment.return_value = {
'parameter_defaults': {
'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}}
mock_stack = mock.MagicMock()
mock_stack.outputs = outputs_data['outputs']
hclient.stacks.get.return_value = mock_stack
self.hclient.stacks.get.return_value = mock_stack
outputs = StackOutputs(mock_stack)
inventory = TripleoInventory(
hclient=hclient,
plan_name=plan_name,
auth_url='xyz://keystone.local',
cacert='acacert',
project_name='admin',
username='admin',
hclient=self.hclient,
cloud_name='undercloud',
plan_name='overcloud',
ansible_ssh_user='heat-admin')
inventory.stack_outputs = outputs
expected = {
@ -396,9 +389,6 @@ class TestInventory(base.TestCase):
'ansible_host': 'localhost',
'ansible_python_interpreter': sys.executable,
'ansible_remote_tmp': '/tmp/ansible-${USER}',
'auth_url': 'xyz://keystone.local',
'cacert': 'acacert',
'project_name': 'admin',
'undercloud_service_list': [
'tripleo_nova_compute',
'tripleo_heat_engine',
@ -407,7 +397,6 @@ class TestInventory(base.TestCase):
'tripleo_swift_object_server',
'tripleo_mistral_engine'
],
'username': 'admin'
}
},
'_meta': {'hostvars': {}},
@ -422,11 +411,8 @@ class TestInventory(base.TestCase):
key_file = '/var/lib/mistral/.ssh/%s-key' % ansible_ssh_user
self.inventory = TripleoInventory(
hclient=self.hclient,
cloud_name='undercloud',
plan_name=self.plan_name,
auth_url='xyz://keystone.local',
project_name='admin',
username='admin',
cacert='acacert',
ansible_ssh_user=ansible_ssh_user,
undercloud_connection=undercloud_connection,
undercloud_key_file=key_file,
@ -548,12 +534,9 @@ class TestInventory(base.TestCase):
'ansible_host': 'localhost',
'ansible_python_interpreter': 'foo',
'ansible_remote_tmp': '/tmp/ansible-${USER}',
'auth_url': 'xyz://keystone.local',
'cacert': 'acacert',
'overcloud_keystone_url': 'xyz://keystone',
'overcloud_admin_password': 'theadminpw',
'plan': 'overcloud',
'project_name': 'admin',
'undercloud_service_list': [
'tripleo_nova_compute',
'tripleo_heat_engine',
@ -561,7 +544,6 @@ class TestInventory(base.TestCase):
'tripleo_swift_container_server',
'tripleo_swift_object_server',
'tripleo_mistral_engine'],
'username': 'admin'
}
}
}
@ -594,12 +576,9 @@ class TestInventory(base.TestCase):
sys.executable,
'ansible_remote_tmp':
'/tmp/ansible-${USER}',
'auth_url': 'xyz://keystone.local',
'cacert': 'acacert',
'overcloud_admin_password': 'theadminpw',
'overcloud_keystone_url': 'xyz://keystone',
'plan': 'overcloud',
'project_name': 'admin',
'undercloud_service_list': [
'tripleo_nova_compute',
'tripleo_heat_engine',
@ -607,7 +586,6 @@ class TestInventory(base.TestCase):
'tripleo_swift_container_server',
'tripleo_swift_object_server',
'tripleo_mistral_engine'],
'username': 'admin'
}
},
'Controller': {
@ -1003,20 +981,16 @@ class TestInventory(base.TestCase):
'ansible_host': 'localhost',
'ansible_python_interpreter': sys.executable,
'ansible_remote_tmp': '/tmp/ansible-${USER}',
'auth_url': 'xyz://keystone.local',
'cacert': 'acacert',
'overcloud_admin_password': 'theadminpw',
'overcloud_keystone_url': 'xyz://keystone',
'plan': 'overcloud',
'project_name': 'admin',
'undercloud_service_list': [
'tripleo_nova_compute',
'tripleo_heat_engine',
'tripleo_ironic_conductor',
'tripleo_swift_container_server',
'tripleo_swift_object_server',
'tripleo_mistral_engine'],
'username': 'admin'}},
'tripleo_mistral_engine']}},
'Controller': {
'hosts': {
'c-0': {