def test_load_auth_missing_options(self): # NOTE(pas-ha) 'password' auth_plugin is used, # so when we set the required auth_url to None, # MissingOption is raised self.config(auth_url=None, group=self.test_group) self.assertIsNone( ironic_auth.load_auth(self.cfg_fixture.conf, self.test_group))
def test_load_auth_missing_options(self): # NOTE(pas-ha) 'password' auth_plugin is used, # so when we set the required auth_url to None, # MissingOption is raised self.config(auth_url=None, group=self.test_group) self.assertIsNone(ironic_auth.load_auth( self.cfg_fixture.conf, self.test_group))
def _get_legacy_auth(): """Load auth from keystone_authtoken config section Used only to provide backward compatibility with old configs. """ conf = getattr(CONF, ironic_auth.LEGACY_SECTION) # NOTE(pas-ha) first try to load auth from legacy section # using the new keystoneauth options that might be already set there auth = ironic_auth.load_auth(CONF, ironic_auth.LEGACY_SECTION) if auth: return auth # NOTE(pas-ha) now we surely have legacy config section for auth # and with legacy options set in it, deal with it. legacy_loader = kaloading.get_plugin_loader('password') auth_params = { 'auth_url': conf.auth_uri, 'username': conf.admin_user, 'password': conf.admin_password, 'tenant_name': conf.admin_tenant_name } api_v3 = _is_apiv3(conf.auth_uri, conf.auth_version) if api_v3: # NOTE(pas-ha): mimic defaults of keystoneclient auth_params.update({ 'project_domain_id': 'default', 'user_domain_id': 'default', }) return legacy_loader.load_from_options(**auth_params)
def get_session(group): auth = ironic_auth.load_auth(CONF, group) or _get_legacy_auth() if not auth: msg = _("Failed to load auth from either [%(new)s] or [%(old)s] " "config sections.") raise exception.ConfigInvalid(message=msg, new=group, old=ironic_auth.LEGACY_SECTION) session = kaloading.load_session_from_conf_options( CONF, group, auth=auth) return session
def _check_auth_options(conf): missing = [] for section in SECTIONS_WITH_AUTH: if not auth.load_auth(conf, section): missing.append('[%s]' % section) if missing: link = "http://docs.openstack.org/releasenotes/ironic/newton.html" LOG.warning("Failed to load authentification credentials from " "%(missing)s config sections. " "The corresponding service users' credentials " "will be loaded from [%(old)s] config section, " "which is deprecated for this purpose. " "Please update the config file. " "For more info see %(link)s.", dict(missing=", ".join(missing), old=auth.LEGACY_SECTION, link=link))
def _check_auth_options(conf): missing = [] for section in SECTIONS_WITH_AUTH: if not auth.load_auth(conf, section): missing.append('[%s]' % section) if missing: link = "http://docs.openstack.org/releasenotes/ironic/newton.html" LOG.warning(_LW("Failed to load authentification credentials from " "%(missing)s config sections. " "The corresponding service users' credentials " "will be loaded from [%(old)s] config section, " "which is deprecated for this purpose. " "Please update the config file. " "For more info see %(link)s."), dict(missing=", ".join(missing), old=auth.LEGACY_SECTION, link=link))
def test_load_auth(self): auth = ironic_auth.load_auth(self.cfg_fixture.conf, self.test_group) # NOTE(pas-ha) 'password' auth_plugin is used self.assertIsInstance(auth, kaidentity.generic.password.Password) self.assertEqual('http://127.0.0.1:9898', auth.auth_url)
def test_load_auth(self): auth = ironic_auth.load_auth(self.cfg_fixture.conf, self.test_group) # NOTE(pas-ha) 'password' auth_plugin is used self.assertIsInstance(auth, kaidentity.generic.password.Password) self.assertEqual('http://127.0.0.1:9898', auth.auth_url)