From adec6c4e21c1fa1e71df11b398b60449a5fde564 Mon Sep 17 00:00:00 2001 From: "paul@openstack.org" <> Date: Wed, 14 Sep 2011 12:10:33 -0500 Subject: [PATCH 1/5] exporting auth to keystone (users, projects/tenants, roles, credentials) --- bin/nova-manage | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/bin/nova-manage b/bin/nova-manage index 089b2eea..5f0c5471 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -61,6 +61,7 @@ import math import netaddr from optparse import OptionParser import os +import StringIO import sys import time @@ -274,6 +275,50 @@ class ShellCommands(object): arguments: path""" exec(compile(open(path).read(), path, 'exec'), locals(), globals()) + @args('--filename', dest='filename', metavar='', help='Export path') + def export(self, filename): + """Export Nova users into a file that can be consumed by Keystone""" + def create_file(filename): + data = generate_file() + with open(filename, 'w') as f: + f.write(data.getvalue()) + + def tenants(data, am): + for project in am.get_projects(): + print >> data, ("tenant add '%s'" % + (project.name)) + for u in project.member_ids: + user = am.get_user(u) + print >> data, ("user add '%s' '%s' '%s'" % + (user.name, user.access, project.name)) + print >> data, ("credentials add 'EC2' '%s' '%s'" % + (user.access, user.secret)) + + def roles(data, am): + for role in am.get_roles(): + print >> data, ("role add '%s'" % (role)) + + def grant_roles(data, am): + roles = am.get_roles() + for project in am.get_projects(): + for u in project.member_ids: + user = am.get_user(u) + for role in roles: + if user.has_role(role): + print >> data, ("role grant '%s', '%s', '%s')," % + (user.name, role, project.name)) + print >> data, footer + + def generate_file(): + data = StringIO.StringIO() + am = manager.AuthManager() + tenants(data, am) + roles(data, am) + data.seek(0) + return data + + create_file(filename) + class RoleCommands(object): """Class for managing roles.""" From f6017c07ff27e403d94ed5a37d63a539cba0985a Mon Sep 17 00:00:00 2001 From: "paul@openstack.org" <> Date: Wed, 14 Sep 2011 13:20:16 -0500 Subject: [PATCH 2/5] minor changes to credentials for the correct format --- bin/nova-manage | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/bin/nova-manage b/bin/nova-manage index 5f0c5471..60799024 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -286,13 +286,13 @@ class ShellCommands(object): def tenants(data, am): for project in am.get_projects(): print >> data, ("tenant add '%s'" % - (project.name)) + (project.name)) for u in project.member_ids: user = am.get_user(u) print >> data, ("user add '%s' '%s' '%s'" % - (user.name, user.access, project.name)) - print >> data, ("credentials add 'EC2' '%s' '%s'" % - (user.access, user.secret)) + (user.name, user.access, project.name)) + print >> data, ("credentials add 'EC2' '%s:%s' '%s' '%s'" % + (user.access, project.id, user.secret, project.id)) def roles(data, am): for role in am.get_roles(): From a9d9f5d1f6486fe8370ac5e845a1b6bf6cee305c Mon Sep 17 00:00:00 2001 From: Josh Kearney Date: Thu, 15 Sep 2011 14:09:14 -0500 Subject: [PATCH 3/5] Added a unit test. --- nova/tests/test_virt_drivers.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nova/tests/test_virt_drivers.py b/nova/tests/test_virt_drivers.py index 440d3401..8e20e999 100644 --- a/nova/tests/test_virt_drivers.py +++ b/nova/tests/test_virt_drivers.py @@ -176,6 +176,10 @@ class _VirtDriverTestCase(test.TestCase): def test_poll_rescued_instances(self): self.connection.poll_rescued_instances(10) + @catch_notimplementederror + def test_poll_unconfirmed_resizes(self): + self.connection.poll_unconfirmed_resizes(10) + @catch_notimplementederror def test_migrate_disk_and_power_off(self): instance_ref = test_utils.get_test_instance() From 4dc2a091bd9d503aee8b89ea5cb4dfd8ece0f0ab Mon Sep 17 00:00:00 2001 From: "paul@openstack.org" <> Date: Fri, 16 Sep 2011 21:12:50 -0500 Subject: [PATCH 4/5] fixed grant user, added stdout support --- bin/nova-manage | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/bin/nova-manage b/bin/nova-manage index 60799024..4e930727 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -275,11 +275,13 @@ class ShellCommands(object): arguments: path""" exec(compile(open(path).read(), path, 'exec'), locals(), globals()) - @args('--filename', dest='filename', metavar='', help='Export path') + @args('--filename', dest='filename', metavar='', default=False, + help='Export file path') def export(self, filename): """Export Nova users into a file that can be consumed by Keystone""" + def create_file(filename): - data = generate_file() + data = generate_data() with open(filename, 'w') as f: f.write(data.getvalue()) @@ -303,21 +305,27 @@ class ShellCommands(object): for project in am.get_projects(): for u in project.member_ids: user = am.get_user(u) - for role in roles: - if user.has_role(role): - print >> data, ("role grant '%s', '%s', '%s')," % - (user.name, role, project.name)) - print >> data, footer + for role in db.user_get_roles_for_project(ctxt, u, + project.id): + print >> data, ("role grant '%s', '%s', '%s')," % + (user.name, role, project.name)) + print >> data - def generate_file(): + def generate_data(): data = StringIO.StringIO() am = manager.AuthManager() tenants(data, am) roles(data, am) + grant_roles(data, am) data.seek(0) return data - create_file(filename) + ctxt = context.get_admin_context() + if filename: + create_file(filename) + else: + data = generate_data() + print data.getvalue() class RoleCommands(object): From ccc25f83f4068a10a2edb28deb8c35a73ebadd13 Mon Sep 17 00:00:00 2001 From: Josh Kearney Date: Mon, 19 Sep 2011 11:58:20 -0500 Subject: [PATCH 5/5] Added unit test. --- nova/tests/test_db_api.py | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/nova/tests/test_db_api.py b/nova/tests/test_db_api.py index 60d7abd8..c99709ff 100644 --- a/nova/tests/test_db_api.py +++ b/nova/tests/test_db_api.py @@ -18,6 +18,8 @@ """Unit tests for the DB API""" +import datetime + from nova import test from nova import context from nova import db @@ -95,3 +97,26 @@ class DbApiTestCase(test.TestCase): self.assertEqual(result[0].id, inst2.id) self.assertEqual(result[1].id, inst1.id) self.assertTrue(result[1].deleted) + + def test_migration_get_all_unconfirmed(self): + ctxt = context.get_admin_context() + + # Ensure no migrations are returned. + results = db.migration_get_all_unconfirmed(ctxt, 10) + self.assertEqual(0, len(results)) + + # Ensure one migration older than 10 seconds is returned. + updated_at = datetime.datetime(2000, 01, 01, 12, 00, 00) + values = {"status": "FINISHED", "updated_at": updated_at} + migration = db.migration_create(ctxt, values) + results = db.migration_get_all_unconfirmed(ctxt, 10) + self.assertEqual(1, len(results)) + db.migration_update(ctxt, migration.id, {"status": "CONFIRMED"}) + + # Ensure the new migration is not returned. + updated_at = datetime.datetime.utcnow() + values = {"status": "FINISHED", "updated_at": updated_at} + migration = db.migration_create(ctxt, values) + results = db.migration_get_all_unconfirmed(ctxt, 10) + self.assertEqual(0, len(results)) + db.migration_update(ctxt, migration.id, {"status": "CONFIRMED"})