From 3ddf8dda8583a5e8e1a13ab857f9ef5373d6d0b6 Mon Sep 17 00:00:00 2001 From: Anton Studenov Date: Fri, 27 Jan 2017 14:02:57 +0300 Subject: [PATCH] Add password auth to devstack and tcpcloud * Fixed password auth in ansible executor Change-Id: I6f2f21b3c893dc42032dba537c21c8f4bd0521dc --- os_faults/ansible/executor.py | 8 ++--- os_faults/drivers/devstack.py | 4 +++ os_faults/drivers/tcpcloud.py | 13 ++++++- os_faults/tests/unit/ansible/test_executor.py | 28 ++++++++++----- os_faults/tests/unit/drivers/test_tcpcloud.py | 36 ++++++++++++++----- 5 files changed, 68 insertions(+), 21 deletions(-) diff --git a/os_faults/ansible/executor.py b/os_faults/ansible/executor.py index d890c02..5712a30 100644 --- a/os_faults/ansible/executor.py +++ b/os_faults/ansible/executor.py @@ -113,7 +113,7 @@ def add_module_paths(paths): Options = collections.namedtuple( 'Options', - ['connection', 'password', 'module_path', 'forks', + ['connection', 'module_path', 'forks', 'remote_user', 'private_key_file', 'ssh_common_args', 'ssh_extra_args', 'sftp_extra_args', 'scp_extra_args', 'become', 'become_method', @@ -134,8 +134,9 @@ class AnsibleRunner(object): % dict(key=private_key_file, user=jump_user or remote_user, host=jump_host, ssh_args=SSH_COMMON_ARGS)) + self.passwords = dict(conn_pass=password, become_pass=password) self.options = Options( - connection='smart', password=password, + connection='smart', module_path=os.pathsep.join(get_module_paths()), forks=forks, remote_user=remote_user, private_key_file=private_key_file, @@ -153,7 +154,6 @@ class AnsibleRunner(object): variable_manager=variable_manager, host_list=host_list) variable_manager.set_inventory(inventory_inst) - passwords = dict(vault_pass='secret') # create play play_inst = play.Play().load(play_source, @@ -171,7 +171,7 @@ class AnsibleRunner(object): variable_manager=variable_manager, loader=loader, options=self.options, - passwords=passwords, + passwords=self.passwords, stdout_callback=callback, ) tqm.run(play_inst) diff --git a/os_faults/drivers/devstack.py b/os_faults/drivers/devstack.py index 4c3a0e5..65cadaa 100644 --- a/os_faults/drivers/devstack.py +++ b/os_faults/drivers/devstack.py @@ -134,6 +134,7 @@ class DevStackManagement(cloud_management.CloudManagement, args: address: 192.168.1.10 username: ubuntu + password: ubuntu_pass private_key_file: ~/.ssh/id_rsa_devstack slaves: - 192.168.1.11 @@ -144,6 +145,7 @@ class DevStackManagement(cloud_management.CloudManagement, - **address** - ip address of any devstack node - **username** - username for all nodes + - **password** - password for all nodes (optional) - **private_key_file** - path to key file (optional) - **slaves** - list of ips for additional nodes (optional) - **iface** - network interface name to retrive mac address (optional) @@ -171,6 +173,7 @@ class DevStackManagement(cloud_management.CloudManagement, 'properties': { 'address': {'type': 'string'}, 'username': {'type': 'string'}, + 'password': {'type': 'string'}, 'private_key_file': {'type': 'string'}, 'slaves': { 'type': 'array', @@ -194,6 +197,7 @@ class DevStackManagement(cloud_management.CloudManagement, self.cloud_executor = executor.AnsibleRunner( remote_user=self.username, private_key_file=self.private_key_file, + password=cloud_management_params.get('password'), become=False) self.hosts = [self.address] diff --git a/os_faults/drivers/tcpcloud.py b/os_faults/drivers/tcpcloud.py index 35a830e..f25e8e7 100644 --- a/os_faults/drivers/tcpcloud.py +++ b/os_faults/drivers/tcpcloud.py @@ -218,8 +218,10 @@ class TCPCloudManagement(cloud_management.CloudManagement, args: address: 192.168.1.10 username: root - private_key_file: ~/.ssh/id_rsa_fuel + password: root_pass + private_key_file: ~/.ssh/id_rsa_tcpcloud slave_username: ubuntu + slave_password: ubuntu_pass master_sudo: False slave_sudo: True slave_name_regexp: ^(?!cfg|mon) @@ -230,13 +232,17 @@ class TCPCloudManagement(cloud_management.CloudManagement, - **address** - ip address of salt config node - **username** - username for salt config node + - **password** - password for salt config node (optional) - **private_key_file** - path to key file (optional) - **slave_username** - username for salt minions (optional) *username* will be used if *slave_username* not specified + - **slave_password** - password for salt minions (optional) *password* + will be used if *slave_password* not specified - **master_sudo** - Use sudo on salt config node (optional) - **slave_sudo** - Use sudi on salt minion nodes (optional) - **slave_name_regexp** - regexp for minion FQDNs (optional) - **slave_direct_ssh** - if *False* then salt master is used as ssh proxy + (optional) - **get_ips_cmd** - salt command to get IPs of minions (optional) """ @@ -278,8 +284,10 @@ class TCPCloudManagement(cloud_management.CloudManagement, 'properties': { 'address': {'type': 'string'}, 'username': {'type': 'string'}, + 'password': {'type': 'string'}, 'private_key_file': {'type': 'string'}, 'slave_username': {'type': 'string'}, + 'slave_password': {'type': 'string'}, 'master_sudo': {'type': 'boolean'}, 'slave_sudo': {'type': 'boolean'}, 'slave_name_regexp': {'type': 'string'}, @@ -305,13 +313,16 @@ class TCPCloudManagement(cloud_management.CloudManagement, self.get_ips_cmd = cloud_management_params.get( 'get_ips_cmd', 'pillar.get _param:single_address') + password = cloud_management_params.get('password') self.master_node_executor = executor.AnsibleRunner( remote_user=self.username, + password=password, private_key_file=self.private_key_file, become=cloud_management_params.get('master_sudo')) self.cloud_executor = executor.AnsibleRunner( remote_user=self.slave_username, + password=cloud_management_params.get('slave_password', password), private_key_file=self.private_key_file, jump_host=self.master_node_address if use_jump else None, jump_user=self.username if use_jump else None, diff --git a/os_faults/tests/unit/ansible/test_executor.py b/os_faults/tests/unit/ansible/test_executor.py index ea849ca..2615505 100644 --- a/os_faults/tests/unit/ansible/test_executor.py +++ b/os_faults/tests/unit/ansible/test_executor.py @@ -119,16 +119,25 @@ class AnsibleRunnerTestCase(test.TestCase): {}, dict(become=None, become_method='sudo', become_user='root', check=False, connection='smart', forks=100, - password=None, private_key_file=None, + private_key_file=None, remote_user='root', scp_extra_args=None, sftp_extra_args=None, ssh_common_args=executor.SSH_COMMON_ARGS, - ssh_extra_args=None, verbosity=100) + ssh_extra_args=None, verbosity=100), + dict(conn_pass=None, become_pass=None), + ), ( + dict(remote_user='root', password='foobar'), + dict(become=None, become_method='sudo', become_user='root', + check=False, connection='smart', forks=100, + private_key_file=None, + remote_user='root', scp_extra_args=None, sftp_extra_args=None, + ssh_common_args=executor.SSH_COMMON_ARGS, + ssh_extra_args=None, verbosity=100), + dict(conn_pass='foobar', become_pass='foobar'), ), ( dict(remote_user='root', jump_host='jhost.com', private_key_file='/path/my.key'), dict(become=None, become_method='sudo', become_user='root', check=False, connection='smart', forks=100, - password=None, private_key_file='/path/my.key', remote_user='root', scp_extra_args=None, sftp_extra_args=None, ssh_common_args=('-o UserKnownHostsFile=/dev/null ' @@ -139,13 +148,13 @@ class AnsibleRunnerTestCase(test.TestCase): '-o UserKnownHostsFile=/dev/null ' '-o StrictHostKeyChecking=no ' 'root@jhost.com"'), - ssh_extra_args=None, verbosity=100) + ssh_extra_args=None, verbosity=100), + dict(conn_pass=None, become_pass=None), ), ( dict(remote_user='root', jump_host='jhost.com', jump_user='juser', private_key_file='/path/my.key'), dict(become=None, become_method='sudo', become_user='root', check=False, connection='smart', forks=100, - password=None, private_key_file='/path/my.key', remote_user='root', scp_extra_args=None, sftp_extra_args=None, ssh_common_args=('-o UserKnownHostsFile=/dev/null ' @@ -156,15 +165,18 @@ class AnsibleRunnerTestCase(test.TestCase): '-o UserKnownHostsFile=/dev/null ' '-o StrictHostKeyChecking=no ' 'juser@jhost.com"'), - ssh_extra_args=None, verbosity=100) + ssh_extra_args=None, verbosity=100), + dict(conn_pass=None, become_pass=None), )) @ddt.unpack - def test___init__options(self, config, options_args, mock_options): - executor.AnsibleRunner(**config) + def test___init__options(self, config, options_args, passwords, + mock_options): + runner = executor.AnsibleRunner(**config) module_path = executor.resolve_relative_path( 'os_faults/ansible/modules') mock_options.assert_called_once_with(module_path=module_path, **options_args) + self.assertEqual(passwords, runner.passwords) @mock.patch.object(executor.task_queue_manager, 'TaskQueueManager') @mock.patch('ansible.playbook.play.Play.load') diff --git a/os_faults/tests/unit/drivers/test_tcpcloud.py b/os_faults/tests/unit/drivers/test_tcpcloud.py index 11627b6..f95e3dc 100644 --- a/os_faults/tests/unit/drivers/test_tcpcloud.py +++ b/os_faults/tests/unit/drivers/test_tcpcloud.py @@ -67,34 +67,54 @@ class TCPCloudManagementTestCase(test.TestCase): @mock.patch('os_faults.ansible.executor.AnsibleRunner', autospec=True) @ddt.data(( dict(address='tcp.local', username='root'), - (mock.call(become=None, private_key_file=None, remote_user='root'), + (mock.call(become=None, private_key_file=None, remote_user='root', + password=None), mock.call(become=None, jump_host='tcp.local', jump_user='root', - private_key_file=None, remote_user='root')) + private_key_file=None, remote_user='root', + password=None)) ), ( dict(address='tcp.local', username='ubuntu', slave_username='root', master_sudo=True, private_key_file='/path/id_rsa'), (mock.call(become=True, private_key_file='/path/id_rsa', - remote_user='ubuntu'), + remote_user='ubuntu', password=None), mock.call(become=None, jump_host='tcp.local', jump_user='ubuntu', - private_key_file='/path/id_rsa', remote_user='root')) + private_key_file='/path/id_rsa', remote_user='root', + password=None)) ), ( dict(address='tcp.local', username='ubuntu', slave_username='root', slave_sudo=True, private_key_file='/path/id_rsa'), (mock.call(become=None, private_key_file='/path/id_rsa', - remote_user='ubuntu'), + remote_user='ubuntu', password=None), mock.call(become=True, jump_host='tcp.local', jump_user='ubuntu', - private_key_file='/path/id_rsa', remote_user='root')) + private_key_file='/path/id_rsa', remote_user='root', + password=None)) ), ( dict(address='tcp.local', username='ubuntu', slave_username='root', slave_sudo=True, private_key_file='/path/id_rsa', slave_direct_ssh=True), (mock.call(become=None, private_key_file='/path/id_rsa', - remote_user='ubuntu'), + remote_user='ubuntu', password=None), mock.call(become=True, jump_host=None, jump_user=None, - private_key_file='/path/id_rsa', remote_user='root')) + private_key_file='/path/id_rsa', remote_user='root', + password=None)) + ), ( + dict(address='tcp.local', username='root', password='root_pass'), + (mock.call(become=None, private_key_file=None, remote_user='root', + password='root_pass'), + mock.call(become=None, jump_host='tcp.local', jump_user='root', + private_key_file=None, remote_user='root', + password='root_pass')) + ), ( + dict(address='tcp.local', username='root', + slave_password='slave_pass'), + (mock.call(become=None, private_key_file=None, remote_user='root', + password=None), + mock.call(become=None, jump_host='tcp.local', jump_user='root', + private_key_file=None, remote_user='root', + password='slave_pass')) )) @ddt.unpack def test_init(self, config, expected_runner_calls, mock_ansible_runner):