def migrate_volume(context, volume_id): volume = context.src_cloud.cinder.volumes.get(volume_id) volume_id = volume.id tenant_id = volume._info["os-vol-tenant-attr:tenant_id"] tenant_retrieve = "tenant-{}-retrieve".format(tenant_id) try: users = context.src_cloud.keystone.tenants.list_users(tenant_id) except exceptions.keystone_excs.NotFound: LOG.info("No users in tenant %s, using %s", tenant_id, context.dst_cloud.keystone.auth_ref["user"]["name"]) user_id = None else: user = users.pop() if str(user.name) == "admin": user_id = None else: user_id = user.id user_retrieve = "user-{}-retrieve".format(user_id) resources = [] if tenant_retrieve not in context.store: tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id) if user_id and user_retrieve not in context.store: user_flow = user_tasks.migrate_user(context, user_id) resources.append(tenant_flow) volume_flow = volume_tasks.migrate_detached_volume(context, volume_id, user_id, tenant_id) return resources, volume_flow
def test_migrate_orphan_user(self, flow_mock, retrieve_user_mock, ensure_user_mock): flow_mock.return_value = self.flow flow = user.migrate_user( self.context, self.user_id, ) flow_mock.assert_called_once_with("migrate-user-%s" % self.user_id) self.assertEqual(retrieve_user_mock.call_count, 1) self.assertEqual( self.flow.add.call_args_list, [call(retrieve_user_mock()), call(ensure_user_mock())] ) self.assertEqual(self.context.store, {"user-%s-retrieve" % self.user_id: self.user_id})
def migrate_identity(context, tenant_id): flow = graph_flow.Flow("identity-{}".format(tenant_id)) tenant_retrieve = "tenant-{}-retrieve".format(tenant_id) if tenant_retrieve not in context.store: tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id) flow.add(tenant_flow) users_ids, roles_ids = set(), set() # XXX(akscram): Due to the bug #1308218 users duplication can be here. users = context.src_cloud.keystone.users.list(tenant_id) for user in users: user_retrieve = "user-{}-retrieve".format(user.id) if (user.id == context.src_cloud.keystone.auth_ref.user_id or user.id in users_ids or user_retrieve in context.store): continue user_tenant_id = getattr(user, "tenantId", None) user_flow = user_tasks.migrate_user(context, user.id, tenant_id=user_tenant_id) flow.add(user_flow) users_ids.add(user.id) user_roles = context.src_cloud.keystone.users.list_roles( user.id, tenant=tenant_id) for role in user_roles: # NOTE(akscram): Actually all roles which started with # underscore are hidden. if role.name.startswith("_"): continue roles_ids.add(role.id) user_role_ensure = "user-role-{}-{}-{}-ensure".format(user.id, role.id, tenant_id) if user_role_ensure in context.store: continue membership_flow = user_tasks.migrate_membership(context, user.id, role.id, tenant_id) flow.add(membership_flow) for role_id in roles_ids: role_retrieve = "role-{}-retrieve".format(role_id) if role_retrieve not in context.store: role_flow = role_tasks.migrate_role(context, role_id) flow.add(role_flow) return users_ids, flow
def migrate_server_identity(context, server_info): server_id = server_info["id"] flow = graph_flow.Flow("server-identity-{}".format(server_id)) tenant_id = server_info["tenant_id"] user_id = server_info["user_id"] tenant_retrieve = "tenant-{}-retrieve".format(tenant_id) user_retrieve = "user-{}-retrieve".format(user_id) if tenant_retrieve not in context.store: tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id) flow.add(tenant_flow) if user_retrieve not in context.store: user = context.src_cloud.keystone.users.get(user_id) user_tenant_id = getattr(user, "tenantId", None) user_flow = user_tasks.migrate_user(context, user_id, tenant_id=user_tenant_id) flow.add(user_flow) roles = context.src_cloud.keystone.users.list_roles(user_id, tenant=tenant_id) for role in roles: role_id = role.id role_retrieve = "role-{}-retrieve".format(role_id) if role_retrieve not in context.store: role_flow = role_tasks.migrate_role(context, role_id) flow.add(role_flow) if role.name.startswith("_"): continue user_role_ensure = "user-role-{}-{}-{}-ensure".format(user_id, role_id, tenant_id) if user_role_ensure in context.store: continue membership_flow = user_tasks.migrate_membership(context, user_id, role_id, tenant_id) flow.add(membership_flow) return flow