Skip to content

Commit

Permalink
Merge "Insecure flag added to openstack context"
Browse files Browse the repository at this point in the history
  • Loading branch information
@openstack-gerrit
Jenkins authored and openstack-gerrit committed Jan 13, 2017
2 parents ce03aea + 600dd47 commit 1eff558
Show file tree
Hide file tree
Showing 3 changed files with 48 additions and 20 deletions.
54 changes: 37 additions & 17 deletions mistral/actions/openstack/actions.py
View file
Expand Up @@ -79,7 +79,8 @@ def _create_client(self):
auth_token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=keystone_endpoint.region,
auth_url=keystone_endpoint.url
auth_url=keystone_endpoint.url,
insecure=ctx.insecure
)

client.client.management_url = keystone_utils.format_url(
Expand Down Expand Up @@ -110,7 +111,8 @@ def _create_client(self):
return self._get_client_class()(
glance_endpoint.url,
region_name=glance_endpoint.region,
token=ctx.auth_token
token=ctx.auth_token,
insecure=ctx.insecure
)

@classmethod
Expand All @@ -137,6 +139,7 @@ def _create_client(self):
'auth_url': ctx.auth_uri,
'project_id': ctx.project_id,
'cacert': ctx.auth_cacert,
'insecure': ctx.insecure
}

# In case of trust-scoped token explicitly pass endpoint parameter.
Expand Down Expand Up @@ -188,7 +191,8 @@ def _create_client(self):
endpoint_url,
region_name=ceilometer_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name
username=ctx.user_name,
insecure=ctx.insecure
)

@classmethod
Expand Down Expand Up @@ -221,7 +225,8 @@ def _create_client(self):
endpoint_url,
region_name=heat_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name
username=ctx.user_name,
insecure=ctx.insecure
)

@classmethod
Expand All @@ -246,7 +251,8 @@ def _create_client(self):
endpoint_url=neutron_endpoint.url,
region_name=neutron_endpoint.region,
token=ctx.auth_token,
auth_url=ctx.auth_uri
auth_url=ctx.auth_uri,
insecure=ctx.insecure
)


Expand Down Expand Up @@ -278,7 +284,8 @@ def _create_client(self):
ctx.auth_token,
project_id=ctx.project_id,
auth_url=cinder_url,
region_name=cinder_endpoint.region
region_name=cinder_endpoint.region,
insecure=ctx.insecure
)

client.client.auth_token = ctx.auth_token
Expand Down Expand Up @@ -320,7 +327,8 @@ def _create_client(self):
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url
auth_url=auth_url,
insecure=ctx.insecure
)

@classmethod
Expand Down Expand Up @@ -353,7 +361,8 @@ def _create_client(self):
ctx.auth_token,
project_id=ctx.project_id,
auth_url=trove_url,
region_name=trove_endpoint.region
region_name=trove_endpoint.region,
insecure=ctx.insecure
)

client.client.auth_token = ctx.auth_token
Expand Down Expand Up @@ -383,7 +392,8 @@ def _create_client(self):
ironic_endpoint.url,
token=ctx.auth_token,
region_name=ironic_endpoint.region,
os_ironic_api_version=IRONIC_API_VERSION
os_ironic_api_version=IRONIC_API_VERSION,
insecure=ctx.insecure
)

@classmethod
Expand Down Expand Up @@ -432,6 +442,7 @@ def _create_client(self):
api_version=1,
inspector_url=inspector_endpoint.url,
auth_token=ctx.auth_token,
insecure=ctx.insecure
)


Expand All @@ -450,7 +461,8 @@ def _create_client(self):

kwargs = {
'preauthurl': swift_endpoint.url % {'tenant_id': ctx.project_id},
'preauthtoken': ctx.auth_token
'preauthtoken': ctx.auth_token,
'insecure': ctx.insecure
}

return self._get_client_class()(**kwargs)
Expand All @@ -475,6 +487,7 @@ def _create_client(self):
'os_auth_token': ctx.auth_token,
'os_auth_url': keystone_endpoint.url,
'os_project_id': ctx.project_id,
'insecure': ctx.insecure,
}
auth_opts = {'backend': 'keystone', 'options': opts}
conf = {'auth_opts': auth_opts}
Expand Down Expand Up @@ -576,7 +589,8 @@ def _create_client(self):
return self._get_client_class()(
project_id=ctx.project_id,
endpoint=barbican_endpoint.url,
auth=auth
auth=auth,
insecure=ctx.insecure
)

@classmethod
Expand Down Expand Up @@ -679,7 +693,8 @@ def _create_client(self):
tenant_id=ctx.project_id,
auth_url=ctx.auth_uri,
region_name=designate_endpoint.region,
service_type='dns'
service_type='dns',
insecure=ctx.insecure
)

client.client.auth_token = ctx.auth_token
Expand Down Expand Up @@ -712,7 +727,8 @@ def _create_client(self):
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url
auth_url=auth_url,
insecure=ctx.insecure
)

@classmethod
Expand All @@ -739,7 +755,8 @@ def _create_client(self):
token=ctx.auth_token,
tenant=ctx.project_id,
region_name=murano_endpoint.region,
auth_url=keystone_endpoint.url
auth_url=keystone_endpoint.url,
insecure=ctx.insecure
)

@classmethod
Expand All @@ -766,7 +783,8 @@ def _create_client(self):
token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=tacker_endpoint.region,
auth_url=keystone_endpoint.url
auth_url=keystone_endpoint.url,
insecure=ctx.insecure
)

@classmethod
Expand All @@ -793,7 +811,8 @@ def _create_client(self):
token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=senlin_endpoint.region,
auth_url=keystone_endpoint.url
auth_url=keystone_endpoint.url,
insecure=ctx.insecure
)

@classmethod
Expand Down Expand Up @@ -825,7 +844,8 @@ def _create_client(self):
endpoint_url,
region_name=aodh_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name
username=ctx.user_name,
insecure=ctx.insecure
)

@classmethod
Expand Down
5 changes: 5 additions & 0 deletions mistral/context.py
View file
Expand Up @@ -72,6 +72,7 @@ class MistralContext(BaseContext):
_elements = set([
"auth_uri",
"auth_cacert",
"insecure",
"user_id",
"project_id",
"auth_token",
Expand Down Expand Up @@ -111,6 +112,7 @@ def context_from_headers_and_env(headers, env):
params = _extract_auth_params_from_headers(headers)

auth_cacert = params['auth_cacert']
insecure = params['insecure']
auth_token = params['auth_token']
auth_uri = params['auth_uri']
project_id = params['project_id']
Expand All @@ -130,6 +132,7 @@ def context_from_headers_and_env(headers, env):
return MistralContext(
auth_uri=auth_uri,
auth_cacert=auth_cacert,
insecure=insecure,
user_id=user_id,
project_id=project_id,
auth_token=auth_token,
Expand All @@ -152,6 +155,7 @@ def _extract_auth_params_from_headers(headers):
params = {
# TODO(akovi): Target cert not handled yet
'auth_cacert': None,
'insecure': headers.get('X-Target-Insecure', False),
'auth_token': headers.get('X-Target-Auth-Token'),
'auth_uri': headers.get('X-Target-Auth-Uri'),
'project_id': headers.get('X-Target-Project-Id'),
Expand All @@ -174,6 +178,7 @@ def _extract_auth_params_from_headers(headers):
else:
params = {
'auth_cacert': CONF.keystone_authtoken.cafile,
'insecure': False,
'auth_token': headers.get('X-Auth-Token'),
'auth_uri': CONF.keystone_authtoken.auth_uri,
'project_id': headers.get('X-Project-Id'),
Expand Down
9 changes: 6 additions & 3 deletions mistral/tests/unit/actions/openstack/test_openstack_actions.py
View file
Expand Up @@ -57,7 +57,8 @@ def test_nova_action_config_endpoint(self, mock_novaclient,
auth_token=None,
is_admin=False,
# set year to 3016 in order for token to always be valid
expires_at='3016-07-13T18:34:22.000000Z'
expires_at='3016-07-13T18:34:22.000000Z',
insecure=False
)
ctx.set_ctx(test_ctx)

Expand Down Expand Up @@ -112,7 +113,8 @@ def test_nova_action_config_endpoint(self, mock_novaclient,
auth_token=test_ctx.auth_token,
tenant_id=test_ctx.project_id,
region_name=mock_ks_endpoint_v2().region,
auth_url=mock_ks_endpoint_v2().url
auth_url=mock_ks_endpoint_v2().url,
insecure=test_ctx.insecure
)

self.assertTrue(mock_novaclient.Client().servers.get.called)
Expand Down Expand Up @@ -144,7 +146,8 @@ def test_nova_action_config_endpoint(self, mock_novaclient,
auth_token=test_ctx.auth_token,
tenant_id=test_ctx.project_id,
region_name=mock_ks_endpoint_v2().region,
auth_url=mock_ks_endpoint_v2().url
auth_url=mock_ks_endpoint_v2().url,
insecure=test_ctx.insecure
)

self.assertTrue(mock_novaclient.Client().servers.get.called)
Expand Down

0 comments on commit 1eff558

Please sign in to comment.