From 8576785366d6071f72cbfbd7eae02044306a6991 Mon Sep 17 00:00:00 2001 From: ramishra Date: Thu, 17 Jun 2021 17:01:59 +0530 Subject: [PATCH] Remove undercloud auth details from inventory This also refactors to allow passing a cloud_name rather than a session object from the module. Change-Id: I38414673f804e228bef0341812a6cf313d92a111 --- tripleo_common/inventory.py | 57 +++++++++++------------ tripleo_common/tests/test_inventory.py | 62 ++++++++------------------ 2 files changed, 45 insertions(+), 74 deletions(-) diff --git a/tripleo_common/inventory.py b/tripleo_common/inventory.py index 66c215484..f40f8fd1c 100644 --- a/tripleo_common/inventory.py +++ b/tripleo_common/inventory.py @@ -28,7 +28,7 @@ import keystoneauth1 import openstack from tripleo_common import exception -import tripleo_common.constants as constants +from tripleo_common import constants HOST_NETWORK = 'ctlplane' DEFAULT_DOMAIN = 'localdomain.' @@ -253,19 +253,22 @@ class NeutronData(object): class TripleoInventory(object): - def __init__(self, session=None, hclient=None, - plan_name=None, auth_url=None, project_name=None, - cacert=None, username=None, ansible_ssh_user=None, + def __init__(self, cloud_name=None, session=None, + hclient=None, plan_name=None, + auth_url=None, project_name=None, cacert=None, + username=None, ansible_ssh_user=None, host_network=None, ansible_python_interpreter=None, undercloud_connection=UNDERCLOUD_CONNECTION_LOCAL, undercloud_key_file=None, serial=1, work_dir=None): - self.session = session + + self.connection = None + if cloud_name: + self.connection = openstack.connect(cloud=cloud_name) + elif session: + self.connection = openstack.connection.Connection(session=session) + self.hclient = hclient self.host_network = host_network or HOST_NETWORK - self.auth_url = auth_url - self.cacert = cacert - self.project_name = project_name - self.username = username self.ansible_ssh_user = ansible_ssh_user self.undercloud_key_file = undercloud_key_file self.plan_name = plan_name @@ -472,15 +475,14 @@ class TripleoInventory(object): self.ansible_python_interpreter) def _get_neutron_data(self): - if not self.session: + if not self.connection: LOG.info("Session not set, neutron data will not be used to build " "the inventory.") return try: - conn = openstack.connection.Connection(session=self.session) tags_filter = ['tripleo_stack_name={}'.format(self.plan_name)] - ports = list(conn.network.ports(tags=tags_filter)) + ports = list(self.connection.network.ports(tags=tags_filter)) if not ports: return None @@ -496,7 +498,8 @@ class TripleoInventory(object): # tagged with the 'tripleo_stack_name'. # See bug: https://bugs.launchpad.net/tripleo/+bug/1928926 found_ctlplane_port = False - ctlplane_net = conn.network.find_network(self.host_network) + ctlplane_net = self.connection.network.find_network( + self.host_network) for p in ports: if p.network_id == ctlplane_net.id: found_ctlplane_port = True @@ -504,11 +507,12 @@ class TripleoInventory(object): if not found_ctlplane_port: return None - networks = [conn.network.find_network(p.network_id) + networks = [self.connection.network.find_network(p.network_id) for p in ports] subnets = [] for net in networks: - subnets.extend(conn.network.subnets(network_id=net.id)) + subnets.extend(self.connection.network.subnets( + network_id=net.id)) data = NeutronData(networks, subnets, ports) except exception.MissingMandatoryNeutronResourceTag: @@ -676,12 +680,6 @@ class TripleoInventory(object): _vars.setdefault('ansible_connection', self.undercloud_connection) # see https://github.com/ansible/ansible/issues/41808 _vars.setdefault('ansible_remote_tmp', '/tmp/ansible-${USER}') - _vars.setdefault('auth_url', self.auth_url) - _vars.setdefault('project_name', self.project_name) - _vars.setdefault('username', self.username) - - if self.cacert: - _vars['cacert'] = self.cacert if self.ansible_python_interpreter: _vars.setdefault('ansible_python_interpreter', @@ -780,9 +778,10 @@ class TripleoInventory(object): os.rename(inventory_file.name, inventory_file_path) -def generate_tripleo_ansible_inventory(heat, auth_url, - username, - project_name, +def generate_tripleo_ansible_inventory(heat=None, + auth_url=None, + username=None, + project_name=None, cacert=None, plan='overcloud', work_dir=None, @@ -790,7 +789,8 @@ def generate_tripleo_ansible_inventory(heat, auth_url, ansible_ssh_user='tripleo-admin', undercloud_key_file=None, ssh_network='ctlplane', - session=None): + session=None, + cloud_name='undercloud'): if not work_dir: work_dir = os.path.join(os.path.expanduser('~'), 'overcloud-deploy-{}'.format(plan)) @@ -800,12 +800,9 @@ def generate_tripleo_ansible_inventory(heat, auth_url, inventory_path = os.path.join( work_dir, 'tripleo-ansible-inventory.yaml') inv = TripleoInventory( - session=session, + cloud_name=cloud_name, hclient=heat, - auth_url=auth_url, - username=username, - project_name=project_name, - cacert=cacert, + session=session, ansible_ssh_user=ansible_ssh_user, undercloud_key_file=undercloud_key_file, ansible_python_interpreter=ansible_python_interpreter, diff --git a/tripleo_common/tests/test_inventory.py b/tripleo_common/tests/test_inventory.py index 7e8e6fe35..c5c59c2bd 100644 --- a/tripleo_common/tests/test_inventory.py +++ b/tripleo_common/tests/test_inventory.py @@ -146,7 +146,6 @@ class TestInventory(base.TestCase): ] } self.plan_name = 'overcloud' - self.hclient = mock.MagicMock() self.hclient.stacks.environment.return_value = { 'parameter_defaults': { @@ -157,17 +156,18 @@ class TestInventory(base.TestCase): self.mock_stack = mock.MagicMock() self.mock_stack.outputs = self.outputs_data['outputs'] self.hclient.stacks.get.return_value = self.mock_stack - self.outputs = StackOutputs(self.mock_stack) + self.connection = mock.MagicMock() + patcher = mock.patch('openstack.connect', + return_value=self.connection) + patcher.start() self.inventory = TripleoInventory( + cloud_name='undercloud', hclient=self.hclient, plan_name=self.plan_name, - auth_url='xyz://keystone.local', - cacert='acacert', - project_name='admin', - username='admin', ansible_ssh_user='heat-admin') self.inventory.stack_outputs = self.outputs + self.addCleanup(patcher.stop) def test_get_roles_by_service(self): services = TripleoInventory.get_roles_by_service(MOCK_ENABLED_SERVICES) @@ -205,8 +205,8 @@ class TestInventory(base.TestCase): self.assertEqual(expected, self.outputs['KeystoneURL']) # This should also support the get method self.assertEqual(expected, self.outputs.get('KeystoneURL')) - self.assertTrue(self.hclient.called_once_with('overcloud', - 'KeystoneURL')) + self.assertTrue(self.hclient.called_once_with( + 'overcloud', 'KeystoneURL')) def test_no_ips(self): for output in self.outputs_data['outputs']: @@ -290,12 +290,9 @@ class TestInventory(base.TestCase): 'ansible_host': 'localhost', 'ansible_python_interpreter': sys.executable, 'ansible_remote_tmp': '/tmp/ansible-${USER}', - 'auth_url': 'xyz://keystone.local', - 'cacert': 'acacert', 'overcloud_keystone_url': 'xyz://keystone', 'overcloud_admin_password': 'theadminpw', 'plan': 'overcloud', - 'project_name': 'admin', 'undercloud_service_list': [ 'tripleo_nova_compute', 'tripleo_heat_engine', @@ -304,7 +301,6 @@ class TestInventory(base.TestCase): 'tripleo_swift_object_server', 'tripleo_mistral_engine' ], - 'username': 'admin' } } } @@ -336,22 +332,19 @@ class TestInventory(base.TestCase): 'output_value': {'Undercloud': {'config_settings': 'foo1'}}} ] } - plan_name = 'undercloud' - hclient = mock.MagicMock() - hclient.stacks.environment.return_value = {'parameter_defaults': { - 'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}} + + self.hclient.stacks.environment.return_value = { + 'parameter_defaults': { + 'AdminPassword': 'theadminpw', 'ContainerCli': 'podman'}} mock_stack = mock.MagicMock() mock_stack.outputs = outputs_data['outputs'] - hclient.stacks.get.return_value = mock_stack + self.hclient.stacks.get.return_value = mock_stack outputs = StackOutputs(mock_stack) inventory = TripleoInventory( - hclient=hclient, - plan_name=plan_name, - auth_url='xyz://keystone.local', - cacert='acacert', - project_name='admin', - username='admin', + hclient=self.hclient, + cloud_name='undercloud', + plan_name='overcloud', ansible_ssh_user='heat-admin') inventory.stack_outputs = outputs expected = { @@ -396,9 +389,6 @@ class TestInventory(base.TestCase): 'ansible_host': 'localhost', 'ansible_python_interpreter': sys.executable, 'ansible_remote_tmp': '/tmp/ansible-${USER}', - 'auth_url': 'xyz://keystone.local', - 'cacert': 'acacert', - 'project_name': 'admin', 'undercloud_service_list': [ 'tripleo_nova_compute', 'tripleo_heat_engine', @@ -407,7 +397,6 @@ class TestInventory(base.TestCase): 'tripleo_swift_object_server', 'tripleo_mistral_engine' ], - 'username': 'admin' } }, '_meta': {'hostvars': {}}, @@ -422,11 +411,8 @@ class TestInventory(base.TestCase): key_file = '/var/lib/mistral/.ssh/%s-key' % ansible_ssh_user self.inventory = TripleoInventory( hclient=self.hclient, + cloud_name='undercloud', plan_name=self.plan_name, - auth_url='xyz://keystone.local', - project_name='admin', - username='admin', - cacert='acacert', ansible_ssh_user=ansible_ssh_user, undercloud_connection=undercloud_connection, undercloud_key_file=key_file, @@ -548,12 +534,9 @@ class TestInventory(base.TestCase): 'ansible_host': 'localhost', 'ansible_python_interpreter': 'foo', 'ansible_remote_tmp': '/tmp/ansible-${USER}', - 'auth_url': 'xyz://keystone.local', - 'cacert': 'acacert', 'overcloud_keystone_url': 'xyz://keystone', 'overcloud_admin_password': 'theadminpw', 'plan': 'overcloud', - 'project_name': 'admin', 'undercloud_service_list': [ 'tripleo_nova_compute', 'tripleo_heat_engine', @@ -561,7 +544,6 @@ class TestInventory(base.TestCase): 'tripleo_swift_container_server', 'tripleo_swift_object_server', 'tripleo_mistral_engine'], - 'username': 'admin' } } } @@ -594,12 +576,9 @@ class TestInventory(base.TestCase): sys.executable, 'ansible_remote_tmp': '/tmp/ansible-${USER}', - 'auth_url': 'xyz://keystone.local', - 'cacert': 'acacert', 'overcloud_admin_password': 'theadminpw', 'overcloud_keystone_url': 'xyz://keystone', 'plan': 'overcloud', - 'project_name': 'admin', 'undercloud_service_list': [ 'tripleo_nova_compute', 'tripleo_heat_engine', @@ -607,7 +586,6 @@ class TestInventory(base.TestCase): 'tripleo_swift_container_server', 'tripleo_swift_object_server', 'tripleo_mistral_engine'], - 'username': 'admin' } }, 'Controller': { @@ -1003,20 +981,16 @@ class TestInventory(base.TestCase): 'ansible_host': 'localhost', 'ansible_python_interpreter': sys.executable, 'ansible_remote_tmp': '/tmp/ansible-${USER}', - 'auth_url': 'xyz://keystone.local', - 'cacert': 'acacert', 'overcloud_admin_password': 'theadminpw', 'overcloud_keystone_url': 'xyz://keystone', 'plan': 'overcloud', - 'project_name': 'admin', 'undercloud_service_list': [ 'tripleo_nova_compute', 'tripleo_heat_engine', 'tripleo_ironic_conductor', 'tripleo_swift_container_server', 'tripleo_swift_object_server', - 'tripleo_mistral_engine'], - 'username': 'admin'}}, + 'tripleo_mistral_engine']}}, 'Controller': { 'hosts': { 'c-0': {