Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Key manager drivers support schema migration.
* Script to run migration swift-key-manager-sync. * KeyDriver interface extended by sync method. * Intergration with SQLAlchemy Migration for SQLDriver. Change-Id: I2c482e994668fcb55c6a3b11158ae3c65d43d33e
- Loading branch information
Showing
17 changed files
with
239 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
#!/usr/bin/env python | ||
# Copyright (c) 2010-2012 OpenStack, LLC. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
from optparse import OptionParser | ||
from paste.deploy import loadwsgi | ||
|
||
from swift.common.utils import parse_options | ||
from swift.common.key_manager import migration | ||
|
||
|
||
if __name__ == '__main__': | ||
parser = OptionParser("%prog PROXY_SERVER_CONFIG [options]") | ||
parser.add_option('-f', '--filter-section', default='key-manager', | ||
help='Key manager filter section.') | ||
conf_file, options = parse_options(parser=parser) | ||
migration.synchronize(conf_file, options['filter_section']) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# Copyright (c) 2010-2012 OpenStack, LLC. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
""" | ||
Implementation of a key management driver to store into SQL. | ||
""" | ||
from swift.common.key_manager.drivers.sql.driver import SQLDriver |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
This is a database migration repository. | ||
|
||
More information at | ||
http://code.google.com/p/sqlalchemy-migrate/ |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
#!/usr/bin/env python | ||
from migrate.versioning.shell import main | ||
|
||
if __name__ == '__main__': | ||
main(debug='False') |
25 changes: 25 additions & 0 deletions
25
swift/common/key_manager/drivers/sql/migrate_repo/migrate.cfg
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
[db_settings] | ||
# Used to identify which repository this database is versioned under. | ||
# You can use the name of your project. | ||
repository_id=swift-key-manager | ||
|
||
# The name of the database table used to track the schema version. | ||
# This name shouldn't already be used by your project. | ||
# If this is changed once a database is under version control, you'll need to | ||
# change the table name in each database too. | ||
version_table=migrate_version | ||
|
||
# When committing a change script, Migrate will attempt to generate the | ||
# sql for all supported databases; normally, if one of them fails - probably | ||
# because you don't have that database installed - it is ignored and the | ||
# commit continues, perhaps ending successfully. | ||
# Databases in this list MUST compile successfully during a commit, or the | ||
# entire commit will fail. List the databases your application will actually | ||
# be using to ensure your updates to that database work properly. | ||
# This must be a list; example: ['postgres','sqlite'] | ||
required_dbs=[] | ||
|
||
# When creating new change scripts, Migrate will stamp the new script with | ||
# a version number. By default this is latest_version + 1. You can set this | ||
# to 'true' to tell Migrate to use the UTC timestamp instead. | ||
use_timestamp_numbering=False |
31 changes: 31 additions & 0 deletions
31
swift/common/key_manager/drivers/sql/migrate_repo/versions/001_Initialize_tables.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
# Copyright (c) 2010-2012 OpenStack, LLC. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
from sqlalchemy import MetaData, Table, Column, String, Integer | ||
|
||
|
||
def upgrade(migrate_engine): | ||
meta = MetaData(bind=migrate_engine) | ||
table = Table('key_info', meta, | ||
Column('account', String(30)), | ||
Column('key_id', Integer, primary_key=True, | ||
autoincrement=True), | ||
Column('encryption_key', String(30))) | ||
table.create() | ||
|
||
|
||
def downgrade(migrate_engine): | ||
meta = MetaData(bind=migrate_engine) | ||
table = Table('key_info', meta, autoload=True) | ||
table.remove() |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
# Copyright (c) 2010-2012 OpenStack, LLC. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
""" | ||
Management the schema of key store. | ||
""" | ||
from paste.deploy import loadwsgi | ||
|
||
from swift.common.utils import create_instance | ||
from swift.common.key_manager.drivers.base import KeyDriver | ||
|
||
|
||
def migrate(conf, driver): | ||
""" | ||
Upgrading the schemes of the key store. | ||
:param conf: Application configuration. | ||
:param driver: Import path of a driver. | ||
""" | ||
key_manager = create_instance(driver, KeyDriver, conf) | ||
key_manager.sync() | ||
|
||
|
||
def synchronize(conf_file, filter_section): | ||
""" | ||
Process schema synchronization. | ||
:param conf_file: Filename of configuration path. | ||
:param filter_section: Name of key_management filter section. | ||
""" | ||
context = loadwsgi.loadcontext(loadwsgi.FILTER, "config:%s" % (conf_file,), | ||
name=filter_section) | ||
conf = context.config() | ||
driver = conf.get('crypto_keystore_driver') | ||
if driver: | ||
#NOTE(ikharin): The operation of data schema synchronization is | ||
# not required for the default driver if it's not | ||
# specified into configuration. | ||
migrate(conf, driver) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters