x/ospurge
Code Issues Proposed changes

Merge "Purge project even if it's disabled"

Browse Source
This commit is contained in:
Jenkins 2014-09-26 09:21:07 +00:00 committed by Gerrit Code Review
commit 1449bdb1bd
1 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
ospurge/ospurge.py
View File

@ -508,6 +508,7 @@ class KeystoneManager(object):
tenant_name=project, auth_url=auth_url, tenant_name=project, auth_url=auth_url,
insecure=insecure, **kwargs) insecure=insecure, **kwargs)
self.admin_role_id = None self.admin_role_id = None
self.tenant_info = None
def get_project_id(self, project_name_or_id=None): def get_project_id(self, project_name_or_id=None):
""" """
@ -520,7 +521,7 @@ class KeystoneManager(object):
return self.client.tenant_id return self.client.tenant_id
try: try:
self.client.tenants.get(project_name_or_id) self.tenant_info = self.client.tenants.get(project_name_or_id)
# If it doesn't raise an 404, project_name_or_id is # If it doesn't raise an 404, project_name_or_id is
# already the project's id # already the project's id
project_id = project_name_or_id project_id = project_name_or_id
@ -532,8 +533,19 @@ class KeystoneManager(object):
lambda x: x.name == project_name_or_id, tenants)[0].id lambda x: x.name == project_name_or_id, tenants)[0].id
except IndexError: except IndexError:
raise NoSuchProject(project_name_or_id) raise NoSuchProject(project_name_or_id)
if not self.tenant_info:
self.tenant_info = self.client.tenants.get(project_id)
return project_id return project_id
def enable_project(self, project_id):
logging.info("* Enabling project {}.".format(project_id))
self.tenant_info = self.client.tenants.update(project_id, enabled=True)
def disable_project(self, project_id):
logging.info("* Disabling project {}.".format(project_id))
self.tenant_info = self.client.tenants.update(project_id, enabled=False)
def get_admin_role_id(self): def get_admin_role_id(self):
if not self.admin_role_id: if not self.admin_role_id:
roles = self.client.roles.list() roles = self.client.roles.list()
@ -690,6 +702,7 @@ def main():
sys.exit(AUTHENTICATION_FAILED_ERROR_CODE) sys.exit(AUTHENTICATION_FAILED_ERROR_CODE)
remove_admin_role_after_purge = False remove_admin_role_after_purge = False
disable_project_after_purge = False
try: try:
cleanup_project_id = keystone_manager.get_project_id( cleanup_project_id = keystone_manager.get_project_id(
args.cleanup_project) args.cleanup_project)
@ -701,6 +714,14 @@ def main():
pass pass
else: else:
remove_admin_role_after_purge = True remove_admin_role_after_purge = True
# If the project was enabled before the purge, do not disable it after the purge
disable_project_after_purge = not keystone_manager.tenant_info.enabled
if disable_project_after_purge:
# The project is currently disabled so we need to enable it
# in order to delete resources of the project
keystone_manager.enable_project(cleanup_project_id)
except api_exceptions.Forbidden as exc: except api_exceptions.Forbidden as exc:
print("Not authorized: {}".format(str(exc))) print("Not authorized: {}".format(str(exc)))
sys.exit(NOT_AUTHORIZED) sys.exit(NOT_AUTHORIZED)
@ -725,7 +746,11 @@ def main():
if (not args.dry_run) and (not args.dont_delete_project) and (not args.own_project): if (not args.dry_run) and (not args.dont_delete_project) and (not args.own_project):
keystone_manager.delete_project(cleanup_project_id) keystone_manager.delete_project(cleanup_project_id)
else: else:
# Project is not deleted, we may want to remove ourself from the purged project # Project is not deleted, we may want to disable the project
# this must happen before we remove the admin role
if disable_project_after_purge:
keystone_manager.disable_project(cleanup_project_id)
# We may also want to remove ourself from the purged project
if remove_admin_role_after_purge: if remove_admin_role_after_purge:
keystone_manager.undo_become_project_admin(cleanup_project_id) keystone_manager.undo_become_project_admin(cleanup_project_id)
sys.exit(0) sys.exit(0)