class SetProjectQuotaAction(UpdateProjectQuotasAction):
""" Updates quota for a given project to a configured quota level """
required = []
serializer = serializers.SetProjectQuotaSerializer
config_group = UpdateProjectQuotasAction.config_group.extend(
children=[
fields.DictConfig(
"region_sizes",
help_text="Which quota size to use for which region.",
default={},
sample_default={"RegionOne": "small"},
),
]
)
def _get_email(self):
return None
def _validate(self):
# Make sure the project id is valid and can be used
self.action.valid = validate_steps(
[
self._validate_project_id,
]
)
self.action.save()
def _prepare(self):
# Nothing to validate yet
self.action.valid = True
self.action.save()
def _approve(self):
# Assumption: another action has placed the project_id into the cache.
self.project_id = self.action.task.cache.get("project_id", None)
self._validate()
if not self.valid or self.action.state == "completed":
return
# update quota for each openstack service
for region_name, region_size in self.config.region_sizes.items():
self._set_region_quota(region_name, region_size)
self.action.state = "completed"
self.action.save()
def _submit(self, token_data, keystone_user=None):
pass
def make_task_config(task_class):
config_group = groups.DynamicNameConfigGroup()
config_group.register_child_config(
fields.BoolConfig(
"allow_auto_approve",
help_text="Override if this task allows auto_approval. "
"Otherwise uses task default.",
default=task_class.allow_auto_approve,
))
config_group.register_child_config(
fields.ListConfig(
"additional_actions",
help_text="Additional actions to be run as part of the task "
"after default actions.",
default=task_class.additional_actions or [],
))
config_group.register_child_config(
fields.IntConfig(
"token_expiry",
help_text="Override for the task token expiry. "
"Otherwise uses task default.",
default=task_class.token_expiry,
))
config_group.register_child_config(
fields.DictConfig(
"actions",
help_text="Action config overrides over the action defaults. "
"See 'adjutant.workflow.action_defaults'.",
is_json=True,
default=task_class.action_config or {},
sample_default={
"SomeCustomAction": {
"some_action_setting": "<a-uuid-probably>"
}
},
))
config_group.register_child_config(
fields.DictConfig(
"emails",
help_text="Email config overrides for this task over task defaults."
"See 'adjutant.workflow.emails'.",
is_json=True,
default=task_class.email_config or {},
sample_default={
"initial": None,
"token": {
"subject": "Some custom subject",
},
},
))
config_group.register_child_config(
fields.DictConfig(
"notifications",
help_text=
"Notification config overrides for this task over task defaults."
"See 'adjutant.workflow.notifications'.",
is_json=True,
default=task_class.notification_config or {},
sample_default={
"standard_handlers": ["EmailNotification"],
"error_handlers": ["EmailNotification"],
"standard_handler_config": {
"EmailNotification": {
"emails": ["*****@*****.**"],
"reply": "*****@*****.**",
}
},
"error_handler_config": {
"EmailNotification": {
"emails": ["*****@*****.**"],
"reply": "*****@*****.**",
}
},
},
))
return config_group
class NewDefaultNetworkAction(BaseAction, ProjectMixin):
"""
This action will setup all required basic networking
resources so that a new user can launch instances
right away.
"""
required = [
"setup_network",
"project_id",
"region",
]
serializer = serializers.NewDefaultNetworkSerializer
config_group = groups.DynamicNameConfigGroup(
children=[
groups.ConfigGroup(
"region_defaults",
children=[
fields.StrConfig(
"network_name",
help_text="Name to be given to the default network.",
default="default_network",
),
fields.StrConfig(
"subnet_name",
help_text="Name to be given to the default subnet.",
default="default_subnet",
),
fields.StrConfig(
"router_name",
help_text="Name to be given to the default router.",
default="default_router",
),
fields.StrConfig(
"public_network",
help_text="ID of the public network.",
),
fields.StrConfig(
"subnet_cidr",
help_text="CIDR for the default subnet.",
),
fields.ListConfig(
"dns_nameservers",
help_text="DNS nameservers for the subnet.",
),
],
),
fields.DictConfig(
"regions",
help_text="Specific per region config for default network. "
"See 'region_defaults'.",
default={},
),
]
)
def __init__(self, *args, **kwargs):
super(NewDefaultNetworkAction, self).__init__(*args, **kwargs)
def _validate_region(self):
if not self.region:
self.add_note("ERROR: No region given.")
return False
id_manager = user_store.IdentityManager()
region = id_manager.get_region(self.region)
if not region:
self.add_note("ERROR: Region does not exist.")
return False
self.add_note("Region: %s exists." % self.region)
return True
def _validate(self):
self.action.valid = validate_steps(
[
self._validate_region,
self._validate_project_id,
self._validate_keystone_user_project_id,
]
)
self.action.save()
def _create_network(self):
neutron = openstack_clients.get_neutronclient(region=self.region)
try:
region_config = self.config.regions[self.region]
network_config = self.config.region_defaults.overlay(region_config)
except KeyError:
network_config = self.config.region_defaults
if not self.get_cache("network_id"):
try:
network_body = {
"network": {
"name": network_config.network_name,
"tenant_id": self.project_id,
"admin_state_up": True,
}
}
network = neutron.create_network(body=network_body)
except Exception as e:
self.add_note(
"Error: '%s' while creating network: %s"
% (e, network_config.network_name)
)
raise
self.set_cache("network_id", network["network"]["id"])
self.add_note(
"Network %s created for project %s"
% (network_config.network_name, self.project_id)
)
else:
self.add_note(
"Network %s already created for project %s"
% (network_config.network_name, self.project_id)
)
if not self.get_cache("subnet_id"):
try:
subnet_body = {
"subnet": {
"network_id": self.get_cache("network_id"),
"ip_version": 4,
"tenant_id": self.project_id,
"dns_nameservers": network_config.dns_nameservers,
"cidr": network_config.subnet_cidr,
}
}
subnet = neutron.create_subnet(body=subnet_body)
except Exception as e:
self.add_note("Error: '%s' while creating subnet" % e)
raise
self.set_cache("subnet_id", subnet["subnet"]["id"])
self.add_note("Subnet created for network %s" % network_config.network_name)
else:
self.add_note(
"Subnet already created for network %s" % network_config.network_name
)
if not self.get_cache("router_id"):
try:
router_body = {
"router": {
"name": network_config.router_name,
"external_gateway_info": {
"network_id": network_config.public_network
},
"tenant_id": self.project_id,
"admin_state_up": True,
}
}
router = neutron.create_router(body=router_body)
except Exception as e:
self.add_note(
"Error: '%s' while creating router: %s"
% (e, network_config.router_name)
)
raise
self.set_cache("router_id", router["router"]["id"])
self.add_note("Router created for project %s" % self.project_id)
else:
self.add_note("Router already created for project %s" % self.project_id)
if not self.get_cache("port_id"):
try:
interface_body = {"subnet_id": self.get_cache("subnet_id")}
interface = neutron.add_interface_router(
self.get_cache("router_id"), body=interface_body
)
except Exception as e:
self.add_note("Error: '%s' while attaching interface" % e)
raise
self.set_cache("port_id", interface["port_id"])
self.add_note("Interface added to router for subnet")
else:
self.add_note("Interface added to router for project %s" % self.project_id)
def _prepare(self):
# Note: Do we need to get this from cache? it is a required setting
# self.project_id = self.action.task.cache.get('project_id', None)
self._validate()
def _approve(self):
self._validate()
if self.setup_network and self.valid:
self._create_network()
def _submit(self, token_data, keystone_user=None):
pass
"EmailNotification",
],
))
_notifications_defaults_group.register_child_config(
fields.ListConfig(
"error_handlers",
help_text="Handlers to use for error notifications.",
required=True,
default=[
"EmailNotification",
],
))
_notifications_defaults_group.register_child_config(
fields.DictConfig(
"standard_handler_config",
help_text="Settings for standard notification handlers.",
default={},
is_json=True,
))
_notifications_defaults_group.register_child_config(
fields.DictConfig(
"error_handler_config",
help_text="Settings for error notification handlers.",
default={},
is_json=True,
))
_notifications_defaults_group.register_child_config(
fields.ListConfig(
"safe_errors",
help_text="Error types which are safe to acknowledge automatically.",
required=True,
default=["SMTPException"],
"trove": {
"instances": 20,
"volumes": 20,
"backups": 100,
},
},
}
config_group = groups.ConfigGroup("quota")
config_group.register_child_config(
fields.DictConfig(
"sizes",
help_text=
"A definition of the quota size groups that Adjutant should use.",
value_type=types.Dict(value_type=types.Dict()),
check_value_type=True,
is_json=True,
default=DEFAULT_QUOTA_SIZES,
))
config_group.register_child_config(
fields.ListConfig(
"sizes_ascending",
help_text="An ascending list of all the quota size names, "
"so that Adjutant knows their relative sizes/order.",
default=["small", "medium", "large"],
))
config_group.register_child_config(
fields.DictConfig(
"services",
help_text=
import os
import sys
import confspirator
from confspirator import groups as config_groups
from confspirator import fields as config_fields
import yaml
TESTING = sys.argv[1:2] == ['test']
SERVICES_CONFIG_LOCATION = '/etc/adjutant/services.yaml'
if os.environ.get('ADJUTANT_SERVICES_FILE'):
SERVICES_CONFIG_LOCATION = os.environ.get('ADJUTANT_SERVICES_FILE')
moc = config_groups.ConfigGroup("moc")
services = config_fields.DictConfig(
'services',
default={'openshift': {
'type': 'openshift',
'url': 'https://example.com'
}})
moc.register_child_config(services)
conf_dict = None
try:
with open(SERVICES_CONFIG_LOCATION, 'r') as f:
conf_dict = yaml.load(f, Loader=yaml.FullLoader)
except FileNotFoundError:
pass
MOC_CONF = confspirator.load(moc, {'moc': conf_dict})
default="HTTP_X_FORWARDED_PROTO",
))
config_group.register_child_config(
fields.StrConfig(
"secure_proxy_ssl_header_value",
help_text="The value representing a HTTP header/value combination "
"that signifies a request is secure.",
default="https",
))
config_group.register_child_config(
fields.DictConfig(
"databases",
help_text="Django databases config.",
default={
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": "db.sqlite3"
}
},
is_json=True,
unsafe_default=True,
))
config_group.register_child_config(
fields.DictConfig(
"logging",
help_text=
"A full override of the Django logging config for more customised logging.",
is_json=True,
))
config_group.register_child_config(
fields.StrConfig(
"log_file",
fields.DictConfig(
"role_mapping",
help_text="A mapping from held role to roles it is allowed to manage.",
value_type=types.List(),
check_value_type=True,
is_json=True,
default={
"admin": [
"project_admin",
"project_mod",
"heat_stack_owner",
"member",
],
"project_admin": [
"project_admin",
"project_mod",
"heat_stack_owner",
"member",
],
"project_mod": [
"project_mod",
"heat_stack_owner",
"member",
],
},
test_default={
"admin": ["project_admin", "project_mod", "member", "heat_stack_owner"],
"project_admin": [
"project_mod",
"member",
"heat_stack_owner",
"project_admin",
],
"project_mod": ["member", "heat_stack_owner", "project_mod"],
},
)
