def _get_client(self):
ctx = context.ctx()
LOG.debug("Cinder action security context: %s" % ctx)
cinder_endpoint = keystone_utils.get_endpoint_for_project(
service_type='volume'
)
cinder_url = keystone_utils.format_url(
cinder_endpoint.url,
{'tenant_id': ctx.project_id}
)
client = self._client_class(
ctx.user_name,
ctx.auth_token,
project_id=ctx.project_id,
auth_url=cinder_url,
region_name=cinder_endpoint.region
)
client.client.auth_token = ctx.auth_token
client.client.management_url = cinder_url
return client
def get_workflow_client(self, context):
mistral_endpoint = keystone_utils.get_endpoint_for_project('mistral')
mc = mistral_client.client(auth_token=context.auth_token,
mistral_url=mistral_endpoint.url)
return mc
def _get_client(self):
ctx = context.ctx()
LOG.debug("Cinder action security context: %s" % ctx)
cinder_endpoint = keystone_utils.get_endpoint_for_project(
service_type='volumev2'
)
cinder_url = keystone_utils.format_url(
cinder_endpoint.url,
{
'tenant_id': ctx.project_id,
'project_id': ctx.project_id
}
)
client = self._client_class(
ctx.user_name,
ctx.auth_token,
project_id=ctx.project_id,
auth_url=cinder_url,
region_name=cinder_endpoint.region
)
client.client.auth_token = ctx.auth_token
client.client.management_url = cinder_url
return client
def _create_client(self):
ctx = context.ctx()
LOG.debug("Trove action security context: %s" % ctx)
trove_endpoint = keystone_utils.get_endpoint_for_project(
service_type='database'
)
trove_url = keystone_utils.format_url(
trove_endpoint.url,
{'tenant_id': ctx.project_id}
)
client = self._get_client_class()(
ctx.user_name,
ctx.auth_token,
project_id=ctx.project_id,
auth_url=trove_url,
region_name=trove_endpoint.region
)
client.client.auth_token = ctx.auth_token
client.client.management_url = trove_url
return client
def _create_client(self):
ctx = context.ctx()
LOG.debug("Nova action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
nova_endpoint = keystone_utils.get_endpoint_for_project('nova')
client = novaclient.Client(
2,
username=None,
api_key=None,
endpoint_type=CONF.os_actions_endpoint_type,
service_type='compute',
auth_token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=keystone_endpoint.region,
auth_url=keystone_endpoint.url
)
client.client.management_url = keystone_utils.format_url(
nova_endpoint.url,
{'tenant_id': ctx.project_id}
)
return client
def get_image_client(self):
ctx = context.ctx()
glance_endpoint = keystone_utils.get_endpoint_for_project('glance')
return glanceclient.Client(glance_endpoint.url,
token=ctx.auth_token,
region_name=glance_endpoint.region)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Nova action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
nova_endpoint = keystone_utils.get_endpoint_for_project('nova')
client = self._client_class(
username=None,
api_key=None,
endpoint_type='publicURL',
service_type='compute',
auth_token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=keystone_endpoint.region,
auth_url=keystone_endpoint.url
)
client.client.management_url = keystone_utils.format_url(
nova_endpoint.url,
{'tenant_id': ctx.project_id}
)
return client
def _create_client(self):
ctx = context.ctx()
LOG.debug("Mistral action security context: %s" % ctx)
# Check for trust scope token. This may occur if the action is
# called from a workflow triggered by a Mistral cron trigger.
if ctx.is_trust_scoped:
auth_url = None
mistral_endpoint = keystone_utils.get_endpoint_for_project(
'mistral'
)
mistral_url = mistral_endpoint.url
else:
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth_url = keystone_endpoint.url
mistral_url = None
return self._get_client_class()(
mistral_url=mistral_url,
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Mistral action security context: %s" % ctx)
# Check for trust scope token. This may occur if the action is
# called from a workflow triggered by a Mistral cron trigger.
if ctx.is_trust_scoped:
auth_url = None
mistral_endpoint = keystone_utils.get_endpoint_for_project(
'mistral'
)
mistral_url = mistral_endpoint.url
else:
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth_url = keystone_endpoint.url
mistral_url = None
return self._client_class(
mistral_url=mistral_url,
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Designate action security context: %s" % ctx)
designate_endpoint = keystone_utils.get_endpoint_for_project(
service_type='dns'
)
designate_url = keystone_utils.format_url(
designate_endpoint.url,
{'tenant_id': ctx.project_id}
)
client = self._get_client_class()(
endpoint=designate_url,
tenant_id=ctx.project_id,
auth_url=ctx.auth_uri,
region_name=designate_endpoint.region,
service_type='dns'
)
client.client.auth_token = ctx.auth_token
client.client.management_url = designate_url
return client
def _get_client(self):
ctx = context.ctx()
LOG.debug("Trove action security context: %s" % ctx)
trove_endpoint = keystone_utils.get_endpoint_for_project(
service_type='database'
)
trove_url = keystone_utils.format_url(
trove_endpoint.url,
{'tenant_id': ctx.project_id}
)
client = self._get_client_class()(
ctx.user_name,
ctx.auth_token,
project_id=ctx.project_id,
auth_url=trove_url,
region_name=trove_endpoint.region
)
client.client.auth_token = ctx.auth_token
client.client.management_url = trove_url
return client
def _create_client(self):
ctx = context.ctx()
LOG.debug("Designate action security context: %s" % ctx)
designate_endpoint = keystone_utils.get_endpoint_for_project(
service_type='dns'
)
designate_url = keystone_utils.format_url(
designate_endpoint.url,
{'tenant_id': ctx.project_id}
)
client = self._get_client_class()(
endpoint=designate_url,
tenant_id=ctx.project_id,
auth_url=ctx.auth_uri,
region_name=designate_endpoint.region,
service_type='dns'
)
client.client.auth_token = ctx.auth_token
client.client.management_url = designate_url
return client
def _get_workflow_client(self):
ctx = context.ctx()
mistral_endpoint = keystone_utils.get_endpoint_for_project('mistral')
mc = mistral_client.client(auth_token=ctx.auth_token,
mistral_url=mistral_endpoint.url)
return mc
def get_compute_client(self, context):
keystone_endpoint = keystone_utils.get_endpoint_for_project('keystone')
nova_endpoint = keystone_utils.get_endpoint_for_project('nova')
client = nova_client(2,
username=None,
api_key=None,
service_type='compute',
auth_token=context.auth_token,
tenant_id=context.project_id,
region_name=keystone_endpoint.region,
auth_url=keystone_endpoint.url,
insecure=context.insecure)
client.client.management_url = keystone_utils.format_url(
nova_endpoint.url, {'tenant_id': context.project_id})
return client
def get_baremetal_introspection_client(self, context):
bmi_endpoint = keystone_utils.get_endpoint_for_project(
'ironic-inspector')
return ironic_inspector_client.ClientV1(
api_version='1.2',
inspector_url=bmi_endpoint.url,
region_name=bmi_endpoint.region,
auth_token=context.auth_token)
def _get_object_client(self):
ctx = context.ctx()
obj_ep = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': obj_ep.url % {'tenant_id': ctx.project_id},
'preauthtoken': ctx.auth_token
}
return swift_client.Connection(**kwargs)
def _create_client(self, context):
LOG.debug("Baremetal introspection action security context: %s",
context)
inspector_endpoint = keystone_utils.get_endpoint_for_project(
service_type='baremetal-introspection')
auth = Token(endpoint=inspector_endpoint.url, token=context.auth_token)
return self._get_client_class()(api_version=1,
session=ks_session.Session(auth))
def _create_client(self):
ctx = context.ctx()
LOG.debug("Glance action security context: %s" % ctx)
glance_endpoint = keystone_utils.get_endpoint_for_project('glance')
return self._get_client_class()(glance_endpoint.url,
region_name=glance_endpoint.region,
token=ctx.auth_token)
def get_orchestration_client(self, context):
heat_endpoint = keystone_utils.get_endpoint_for_project('heat')
endpoint_url = keystone_utils.format_url(
heat_endpoint.url, {'tenant_id': context.project_id})
return heatclient.Client(endpoint_url,
region_name=heat_endpoint.region,
token=context.auth_token,
username=context.user_name)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Ironic action security context: %s" % ctx)
ironic_endpoint = keystone_utils.get_endpoint_for_project('ironic')
return self._get_client_class()(ironic_endpoint.url,
token=ctx.auth_token,
region_name=ironic_endpoint.region)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Neutron action security context: %s" % ctx)
neutron_endpoint = keystone_utils.get_endpoint_for_project('neutron')
return self._get_client_class()(endpoint_url=neutron_endpoint.url,
region_name=neutron_endpoint.region,
token=ctx.auth_token,
auth_url=ctx.auth_uri)
def get_service_endpoint(self):
"""Get OpenStack service endpoint.
'service_name' and 'service_type' are defined in specific OpenStack
service action.
"""
endpoint = keystone_utils.get_endpoint_for_project(
service_name=self._service_name,
service_type=self._service_type,
region_name=self.action_region)
return endpoint
def _get_client(self):
ctx = context.ctx()
LOG.debug("Glance action security context: %s" % ctx)
glance_endpoint = keystone_utils.get_endpoint_for_project('glance')
return self._client_class(
glance_endpoint.url,
region_name=glance_endpoint.region,
token=ctx.auth_token
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Ironic action security context: %s" % ctx)
ironic_endpoint = keystone_utils.get_endpoint_for_project('ironic')
return self._client_class(
ironic_endpoint.url,
token=ctx.auth_token,
region_name=ironic_endpoint.region
)
def _get_object_client(self):
ctx = context.ctx()
obj_ep = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': obj_ep.url % {
'tenant_id': ctx.project_id
},
'preauthtoken': ctx.auth_token
}
return swift_client.Connection(**kwargs)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Murano action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
murano_endpoint = keystone_utils.get_endpoint_for_project('murano')
return self._get_client_class()(endpoint=murano_endpoint.url,
token=ctx.auth_token,
tenant=ctx.project_id,
region_name=murano_endpoint.region,
auth_url=keystone_endpoint.url)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Swift action security context: %s" % ctx)
swift_endpoint = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': swift_endpoint.url % {'tenant_id': ctx.project_id},
'preauthtoken': ctx.auth_token
}
return self._client_class(**kwargs)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Tacker action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
tacker_endpoint = keystone_utils.get_endpoint_for_project('tacker')
return self._get_client_class()(endpoint_url=tacker_endpoint.url,
token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=tacker_endpoint.region,
auth_url=keystone_endpoint.url)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Baremetal introspection action security context: %s" % ctx)
inspector_endpoint = keystone_utils.get_endpoint_for_project(
service_type='baremetal-introspection')
return self._get_client_class()(
api_version=1,
inspector_url=inspector_endpoint.url,
auth_token=ctx.auth_token,
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Neutron action security context: %s" % ctx)
neutron_endpoint = keystone_utils.get_endpoint_for_project('neutron')
return self._client_class(
endpoint_url=neutron_endpoint.url,
region_name=neutron_endpoint.region,
token=ctx.auth_token,
auth_url=CONF.keystone_authtoken.auth_uri
)
def _create_client(self, context):
LOG.debug("Magnum action security context: %s", context)
keystone_endpoint = keystone_utils.get_keystone_endpoint()
auth_url = keystone_endpoint.url
magnum_url = keystone_utils.get_endpoint_for_project('magnum').url
return self._get_client_class()(magnum_url=magnum_url,
auth_token=context.auth_token,
project_id=context.project_id,
auth_url=auth_url,
insecure=context.insecure)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Swift action security context: %s" % ctx)
swift_endpoint = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': swift_endpoint.url % {'tenant_id': ctx.project_id},
'preauthtoken': ctx.auth_token
}
return self._get_client_class()(**kwargs)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Magnum action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth_url = keystone_endpoint.url
magnum_url = keystone_utils.get_endpoint_for_project('magnum').url
return self._get_client_class()(magnum_url=magnum_url,
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url)
def get_object_client(self, context):
obj_ep = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': obj_ep.url % {
'tenant_id': context.project_id
},
'preauthtoken': context.auth_token,
'retries': 10,
'starting_backoff': 3,
'max_backoff': 120
}
return swift_client.Connection(**kwargs)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Gnocchi action security context: %s" % ctx)
gnocchi_endpoint = keystone_utils.get_endpoint_for_project('gnocchi')
endpoint_url = keystone_utils.format_url(gnocchi_endpoint.url,
{'tenant_id': ctx.project_id})
return self._get_client_class()(endpoint_url,
region_name=gnocchi_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Heat action security context: %s" % ctx)
heat_endpoint = keystone_utils.get_endpoint_for_project('heat')
endpoint_url = keystone_utils.format_url(heat_endpoint.url,
{'tenant_id': ctx.project_id})
return self._client_class(endpoint_url,
region_name=heat_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Baremetal introspection action security context: %s" % ctx)
inspector_endpoint = keystone_utils.get_endpoint_for_project(
service_type='baremetal-introspection'
)
return self._client_class(
api_version=1,
inspector_url=inspector_endpoint.url,
auth_token=ctx.auth_token,
)
def _create_client(self, context):
LOG.debug("Magnum action security context: %s", context)
keystone_endpoint = keystone_utils.get_keystone_endpoint()
auth_url = keystone_endpoint.url
magnum_url = keystone_utils.get_endpoint_for_project('magnum').url
return self._get_client_class()(
magnum_url=magnum_url,
auth_token=context.auth_token,
project_id=context.project_id,
auth_url=auth_url,
insecure=context.insecure
)
def _get_orchestration_client(self):
ctx = context.ctx()
heat_endpoint = keystone_utils.get_endpoint_for_project('heat')
endpoint_url = keystone_utils.format_url(
heat_endpoint.url,
{'tenant_id': ctx.project_id}
)
return heatclient.Client(
endpoint_url,
region_name=heat_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Murano action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
murano_endpoint = keystone_utils.get_endpoint_for_project('murano')
return self._client_class(
endpoint=murano_endpoint.url,
token=ctx.auth_token,
tenant=ctx.project_id,
region_name=murano_endpoint.region,
auth_url=keystone_endpoint.url
)
def _create_client(self, context):
LOG.debug(
"Baremetal introspection action security context: %s", context)
inspector_endpoint = keystone_utils.get_endpoint_for_project(
service_type='baremetal-introspection'
)
auth = Token(endpoint=inspector_endpoint.url,
token=context.auth_token)
return self._get_client_class()(
api_version=1,
session=ks_session.Session(auth)
)
def _create_client(self, context):
LOG.debug("Swift action security context: %s", context)
swift_endpoint = keystone_utils.get_endpoint_for_project('swift')
kwargs = {
'preauthurl': swift_endpoint.url % {
'tenant_id': context.project_id
},
'preauthtoken': context.auth_token,
'insecure': context.insecure
}
return self._get_client_class()(**kwargs)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Tacker action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
tacker_endpoint = keystone_utils.get_endpoint_for_project('tacker')
return self._get_client_class()(
endpoint_url=tacker_endpoint.url,
token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=tacker_endpoint.region,
auth_url=keystone_endpoint.url
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Magnum action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth_url = keystone_endpoint.url
magnum_url = keystone_utils.get_endpoint_for_project('magnum').url
return self._get_client_class()(
magnum_url=magnum_url,
auth_token=ctx.auth_token,
project_id=ctx.project_id,
user_id=ctx.user_id,
auth_url=auth_url
)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Barbican action security context: %s" % ctx)
barbican_endpoint = keystone_utils.get_endpoint_for_project('barbican')
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth = identity.v2.Token(auth_url=keystone_endpoint.url,
tenant_name=ctx.user_name,
token=ctx.auth_token,
tenant_id=ctx.project_id)
return self._get_client_class()(project_id=ctx.project_id,
endpoint=barbican_endpoint.url,
auth=auth)
def _create_client(self, context):
LOG.debug("Barbican action security context: %s", context)
barbican_endpoint = keystone_utils.get_endpoint_for_project('barbican')
keystone_endpoint = keystone_utils.get_keystone_endpoint()
auth = identity.v3.Token(auth_url=keystone_endpoint.url,
project_name=context.user_name,
token=context.auth_token,
project_id=context.project_id)
return self._get_client_class()(project_id=context.project_id,
endpoint=barbican_endpoint.url,
auth=auth,
insecure=context.insecure)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Ceilometer action security context: %s" % ctx)
ceilometer_endpoint = keystone_utils.get_endpoint_for_project(
'ceilometer')
endpoint_url = keystone_utils.format_url(ceilometer_endpoint.url,
{'tenant_id': ctx.project_id})
return self._get_client_class()(endpoint_url,
region_name=ceilometer_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name,
insecure=ctx.insecure)
def _create_client(self):
ctx = context.ctx()
LOG.debug("Senlin action security context: %s" % ctx)
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
senlin_endpoint = keystone_utils.get_endpoint_for_project('senlin')
return self._get_client_class()(endpoint_url=senlin_endpoint.url,
token=ctx.auth_token,
tenant_id=ctx.project_id,
region_name=senlin_endpoint.region,
auth_url=keystone_endpoint.url)
@classmethod
def _get_fake_client(cls):
return cls._get_client_class()("http://127.0.0.1:8778")
def _get_client(self):
ctx = context.ctx()
LOG.debug("Heat action security context: %s" % ctx)
heat_endpoint = keystone_utils.get_endpoint_for_project('heat')
endpoint_url = keystone_utils.format_url(
heat_endpoint.url,
{'tenant_id': ctx.project_id}
)
return self._client_class(
endpoint_url,
region_name=heat_endpoint.region,
token=ctx.auth_token,
username=ctx.user_name
)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Zaqar action security context: %s" % ctx)
zaqar_endpoint = keystone_utils.get_endpoint_for_project(
service_type='messaging')
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
opts = {
'os_auth_token': ctx.auth_token,
'os_auth_url': keystone_endpoint.url,
'os_project_id': ctx.project_id,
}
auth_opts = {'backend': 'keystone', 'options': opts}
conf = {'auth_opts': auth_opts}
return self._client_class(zaqar_endpoint.url, conf=conf)
def _get_client(self):
ctx = context.ctx()
LOG.debug("Barbican action security context: %s" % ctx)
barbican_endpoint = keystone_utils.get_endpoint_for_project('barbican')
keystone_endpoint = keystone_utils.get_keystone_endpoint_v2()
auth = identity.v2.Token(
auth_url=keystone_endpoint.url,
tenant_name=ctx.user_name,
token=ctx.auth_token,
tenant_id=ctx.project_id
)
return self._client_class(
project_id=ctx.project_id,
endpoint=barbican_endpoint.url,
auth=auth
)