-
Notifications
You must be signed in to change notification settings - Fork 6
/
config.py
130 lines (108 loc) · 4.68 KB
/
config.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from keystoneauth1 import loading as ks_loading
from oslo_config import cfg
CONF = cfg.CONF
barbican_group = cfg.OptGroup(
name='barbican',
title='Barbican Options',
help="Barbican options for allowing Deckhand to communicate with "
"Barbican.")
barbican_opts = [
# TODO(felipemonteiro): Drop this option once Keystone endpoint lookup is
# implemented.
cfg.StrOpt(
'api_endpoint',
sample_default='http://barbican.example.org:9311/',
help='URL override for the Barbican API endpoint.'),
cfg.IntOpt(
'max_workers', default=10,
help='Maximum number of threads used to call secret storage service '
'concurrently.'),
# TODO(felipemonteiro): This is better off being removed because the same
# effect can be achieved through per-test gabbi fixtures that clean up
# the cache between tests.
cfg.BoolOpt('enable_cache', default=True,
help="Whether to enable Barbican secret caching. Useful "
"for testing to avoid cross-test caching conflicts."),
cfg.StrOpt(
'cache_timeout', default=3600,
help="How long (in seconds) Barbican secret reference/payload lookup "
"results should remain cached in memory.")
]
engine_group = cfg.OptGroup(
name='engine',
title='Engine Options',
help="Engine options for allowing behavior specific to Deckhand's engine "
"to be configured.")
engine_opts = [
# TODO(felipemonteiro): This is better off being removed because the same
# effect can be achieved through per-test gabbi fixtures that clean up
# the cache between tests.
cfg.BoolOpt('enable_cache', default=True,
help="Whether to enable the document rendering caching. Useful"
" for testing to avoid cross-test caching conflicts."),
cfg.IntOpt('cache_timeout', default=3600,
help="How long (in seconds) document rendering results should "
"remain cached in memory."),
]
jsonpath_group = cfg.OptGroup(
name='jsonpath',
title='JSONPath Options',
help="JSONPath options for allowing JSONPath logic to be configured.")
jsonpath_opts = [
cfg.IntOpt('cache_timeout', default=3600,
help="How long (in seconds) JSONPath lookup results should "
"remain cached in memory.")
]
default_opts = [
cfg.BoolOpt('profiler', default=False,
help="Enables profiling of API requests. Do NOT use in "
"production."),
cfg.BoolOpt('development_mode', default=False,
help="Enables development mode, which disables Keystone "
"authentication. Do NOT use in production."),
cfg.IntOpt('secret_create_attempts', default=2,
help="How many times Deckhand should attempt to create a "
"secret in Barbican before raising an exception.")
]
def register_opts(conf):
conf.register_group(barbican_group)
conf.register_opts(barbican_opts, group=barbican_group)
conf.register_opts(engine_opts, group=engine_group)
conf.register_opts(jsonpath_opts, group=jsonpath_group)
conf.register_opts(default_opts)
ks_loading.register_auth_conf_options(conf, group='keystone_authtoken')
ks_loading.register_auth_conf_options(conf, group=barbican_group.name)
ks_loading.register_session_conf_options(conf, group=barbican_group.name)
def list_opts():
opts = {
None: default_opts,
'keystone_authtoken': (
ks_loading.get_session_conf_options() +
ks_loading.get_auth_common_conf_options() +
ks_loading.get_auth_plugin_conf_options('password') +
ks_loading.get_auth_plugin_conf_options('v3password')
),
engine_group: engine_opts,
barbican_group: (
barbican_opts +
ks_loading.get_session_conf_options() +
ks_loading.get_auth_common_conf_options() +
ks_loading.get_auth_plugin_conf_options('v3password')
),
jsonpath_group: jsonpath_opts
}
return opts
register_opts(CONF)