def Client(version='1', **kwargs):
"""Factory function to create a new container service client."""
if version != '1':
raise ValueError(
"magnum only has one API version. Valid values for 'version'"
" are '1'")
return client.Client(**kwargs)
def magnumclient(request):
magnum_url = ""
service_type = 'container-infra'
try:
magnum_url = base.url_for(request, service_type)
except exceptions.ServiceCatalogException:
LOG.debug('No Container Infrastructure Management service is '
'configured.')
return None
LOG.debug('magnumclient connection created using the token "%s" and url'
'"%s"' % (request.user.token.id, magnum_url))
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
openstack_api_versions = getattr(settings, 'OPENSTACK_API_VERSIONS', {})
magnum_api_version = openstack_api_versions.get(service_type, 1.1)
c = magnum_client.Client(username=request.user.username,
project_id=request.user.tenant_id,
input_auth_token=request.user.token.id,
magnum_url=magnum_url,
insecure=insecure,
api_version=magnum_api_version,
cacert=cacert)
return c
def _create(self):
endpoint_type = self._get_client_option(CLIENT_NAME, 'endpoint_type')
endpoint = self.url_for(service_type=self.CONTAINER,
endpoint_type=endpoint_type)
args = {'magnum_url': endpoint, 'input_auth_token': self.auth_token}
client = magnum_client.Client(**args)
return client
def setUpClass(cls):
# Collecting of credentials:
#
# Support the existence of a functional_creds.conf for
# testing. This makes it possible to use a config file.
super(BaseMagnumClient, cls).setUpClass()
user = cliutils.env('OS_USERNAME')
passwd = cliutils.env('OS_PASSWORD')
tenant = cliutils.env('OS_TENANT_NAME')
tenant_id = cliutils.env('OS_TENANT_ID')
auth_url = cliutils.env('OS_AUTH_URL')
region_name = cliutils.env('OS_REGION_NAME')
magnum_url = cliutils.env('BYPASS_URL')
image_id = cliutils.env('IMAGE_ID')
nic_id = cliutils.env('NIC_ID')
flavor_id = cliutils.env('FLAVOR_ID')
master_flavor_id = cliutils.env('MASTER_FLAVOR_ID')
keypair_id = cliutils.env('KEYPAIR_ID')
dns_nameserver = cliutils.env('DNS_NAMESERVER')
copy_logs = cliutils.env('COPY_LOGS')
config = configparser.RawConfigParser()
if config.read('functional_creds.conf'):
# the OR pattern means the environment is preferred for
# override
user = user or config.get('admin', 'user')
passwd = passwd or config.get('admin', 'pass')
tenant = tenant or config.get('admin', 'tenant')
auth_url = auth_url or config.get('auth', 'auth_url')
magnum_url = magnum_url or config.get('auth', 'magnum_url')
image_id = image_id or config.get('magnum', 'image_id')
nic_id = nic_id or config.get('magnum', 'nic_id')
flavor_id = flavor_id or config.get('magnum', 'flavor_id')
master_flavor_id = master_flavor_id or config.get(
'magnum', 'master_flavor_id')
keypair_id = keypair_id or config.get('magnum', 'keypair_id')
dns_nameserver = dns_nameserver or config.get(
'magnum', 'dns_nameserver')
try:
copy_logs = copy_logs or config.get('magnum', 'copy_logs')
except configparser.NoOptionError:
pass
cls.image_id = image_id
cls.nic_id = nic_id
cls.flavor_id = flavor_id
cls.master_flavor_id = master_flavor_id
cls.keypair_id = keypair_id
cls.dns_nameserver = dns_nameserver
cls.copy_logs = str(copy_logs).lower() == 'true'
cls.cs = v1client.Client(username=user,
api_key=passwd,
project_id=tenant_id,
project_name=tenant,
auth_url=auth_url,
service_type='container',
region_name=region_name,
magnum_url=magnum_url)
def _create(self):
interface = self._get_client_option(CLIENT_NAME, 'endpoint_type')
args = {
'interface': interface,
'service_type': self.CONTAINER,
'session': self.context.keystone_session
}
client = magnum_client.Client(**args)
return client
def test_init_with_session(self, mock_load_service_type, mock_load_session,
mock_http_client):
session = mock.Mock()
client.Client(session=session)
mock_load_session.assert_not_called()
mock_load_service_type.assert_called_once_with(
session, **self._load_service_type_kwargs())
mock_http_client.assert_called_once_with(
**self._session_client_kwargs(session))
def test_init_with_session(self, mock_session, http_client):
session = mock.Mock()
client.Client(session=session)
mock_session.assert_not_called()
http_client.assert_called_once_with(interface='public',
region_name=None,
service_name=None,
service_type='container',
session=session)
def test_init_with_password(self,
mock_load_service_type,
mock_load_session,
mock_http_client):
self._test_init_with_secret(
lambda x: client.Client(password=x),
mock_load_service_type,
mock_load_session,
mock_http_client
)
def test_init_with_interface(self,
mock_load_service_type,
mock_load_session,
mock_http_client):
self._test_init_with_interface(
lambda x: client.Client(interface=x),
mock_load_service_type,
mock_load_session,
mock_http_client
)
def test_init_with_api_key(self,
mock_load_service_type,
mock_load_session,
mock_http_client):
self._test_init_with_secret(
lambda x: client.Client(api_key=x),
mock_load_service_type,
mock_load_session,
mock_http_client
)
def setUp(self):
super(TestMagnumClient, self).setUp()
self.cs = client.Client(username=cliutils.env('OS_USERNAME'),
api_key=cliutils.env('OS_PASSWORD'),
project_id=cliutils.env('OS_TENANT_ID'),
project_name=cliutils.env('OS_TENANT_NAME'),
auth_url=cliutils.env('OS_AUTH_URL'),
service_type='container',
region_name=cliutils.env('OS_REGION_NAME'),
magnum_url=cliutils.env('BYPASS_URL'))
def _create(self):
interface = self._get_client_option(CLIENT_NAME, 'endpoint_type')
args = {
'interface': interface,
'service_type': self.CONTAINER,
'session': self.context.keystone_session,
'connect_retries': cfg.CONF.client_retry_limit,
'region_name': self._get_region_name()
}
client = magnum_client.Client(**args)
return client
def test_init_with_endpoint_type(self,
mock_load_service_type,
mock_load_session,
mock_http_client):
self._test_init_with_interface(
lambda x: client.Client(interface='public',
endpoint_type=('%sURL' % x)),
mock_load_service_type,
mock_load_session,
mock_http_client
)
def _get_magnumclient(self):
if not self.magnum_client: # should not cache this forever
# magnumclient doesn't yet use v3 keystone auth
# because neutron and nova client doesn't
# and I shamelessly copied them
self.magnum_client = magnum_client_v1.Client(
session=self._get_keystone_session(OPENSTACK_CONFIG),
auth_url=self._get_auth_url(OPENSTACK_CONFIG),
endpoint_type='internalURL',
direct_use=False,
region_name=cfg.CONF[OPENSTACK_CONFIG].magnum_region_name)
return self.magnum_client
def test_init_with_legacy_service_type(self, mock_load_session,
mock_http_client):
session = mock.Mock()
mock_load_session.return_value = session
session.get_endpoint.side_effect = [
catalog.EndpointNotFound(),
mock.Mock()
]
client.Client(username='******', auth_url='authurl')
expected_kwargs = self._session_client_kwargs(session)
expected_kwargs['service_type'] = 'container'
mock_http_client.assert_called_once_with(**expected_kwargs)
def test_init_with_magnum_url_and_endpoint_override(
self, mock_session, http_client):
session = mock.Mock()
client.Client(session=session,
magnum_url='magnumurl',
endpoint_override='magnumurl_override')
mock_session.assert_not_called()
http_client.assert_called_once_with(interface='public',
region_name=None,
service_name=None,
service_type='container',
session=session,
endpoint_override='magnumurl')
def test_init_with_token_and_url(self, mock_session, mock_token,
http_client):
mock_auth_plugin = mock.Mock()
mock_token.return_value = mock_auth_plugin
session = mock.Mock()
mock_session.return_value = session
client.Client(input_auth_token='mytoken', magnum_url='http://myurl/')
mock_session.assert_called_once_with(auth=mock_auth_plugin)
http_client.assert_called_once_with(endpoint_override='http://myurl/',
interface='public',
region_name=None,
service_name=None,
service_type='container',
session=session)
def test_init_with_token(self, keystone_client, http_client):
mocked = mock.Mock()
mocked.service_catalog.url_for.return_value = 'http://myurl/'
keystone_client.return_value = mocked
client.Client(input_auth_token='mytoken', auth_url='authurl')
keystone_client.assert_called_once_with(token='mytoken',
username=None,
api_key=None,
project_name=None,
project_id=None,
auth_url='authurl')
http_client.assert_called_once_with('http://myurl/',
token='mytoken',
auth_ref=None)
def test_init_with_token(self, mock_session, mock_loader, http_client):
mock_plugin = mock.Mock()
mock_loader.return_value = mock_plugin
client.Client(input_auth_token='mytoken', auth_url='authurl')
mock_loader.assert_called_once_with('token')
mock_plugin.load_from_options.assert_called_once_with(
auth_url='authurl',
project_id=None,
project_name=None,
token='mytoken')
http_client.assert_called_once_with(interface='public',
region_name=None,
service_name=None,
service_type='container',
session=mock.ANY)
def magnumclient(request):
magnum_url = ""
try:
magnum_url = base.url_for(request, 'container')
except exceptions.ServiceCatalogException:
LOG.debug('No Containers service is configured.')
return None
LOG.debug('magnumclient connection created using the token "%s" and url'
'"%s"' % (request.user.token.id, magnum_url))
c = magnum_client.Client(username=request.user.username,
project_id=request.user.tenant_id,
input_auth_token=request.user.token.id,
magnum_url=magnum_url)
return c
def test_init_with_auth_token(
self,
mock_http_client,
):
expected_token = 'expected_password'
expected_magnum_url = 'expected_magnum_url'
expected_api_version = 'expected_api_version'
expected_kwargs = {'expected_key': 'expected_value'}
client.Client(auth_token=expected_token,
magnum_url=expected_magnum_url,
api_version=expected_api_version,
**expected_kwargs)
mock_http_client.assert_called_once_with(
expected_magnum_url,
token=expected_token,
api_version=expected_api_version,
**expected_kwargs)
def setUpClass(cls):
# Collecting of credentials:
#
# Support the existence of a functional_creds.conf for
# testing. This makes it possible to use a config file.
user = cliutils.env('OS_USERNAME')
passwd = cliutils.env('OS_PASSWORD')
tenant = cliutils.env('OS_TENANT_NAME')
tenant_id = cliutils.env('OS_TENANT_ID')
auth_url = cliutils.env('OS_AUTH_URL')
region_name = cliutils.env('OS_REGION_NAME')
magnum_url = cliutils.env('BYPASS_URL')
image_id = cliutils.env('IMAGE_ID')
nic_id = cliutils.env('NIC_ID')
flavor_id = cliutils.env('FLAVOR_ID')
keypair_id = cliutils.env('KEYPAIR_ID')
config = ConfigParser.RawConfigParser()
if config.read('functional_creds.conf'):
# the OR pattern means the environment is preferred for
# override
user = user or config.get('admin', 'user')
passwd = passwd or config.get('admin', 'pass')
tenant = tenant or config.get('admin', 'tenant')
auth_url = auth_url or config.get('auth', 'auth_url')
magnum_url = magnum_url or config.get('auth', 'magnum_url')
image_id = image_id or config.get('magnum', 'image_id')
nic_id = nic_id or config.get('magnum', 'nic_id')
flavor_id = flavor_id or config.get('magnum', 'flavor_id')
keypair_id = keypair_id or config.get('magnum', 'keypair_id')
cls.image_id = image_id
cls.nic_id = nic_id
cls.flavor_id = flavor_id
cls.keypair_id = keypair_id
cls.cs = v1client.Client(username=user,
api_key=passwd,
project_id=tenant_id,
project_name=tenant,
auth_url=auth_url,
service_type='container',
region_name=region_name,
magnum_url=magnum_url)
def test_init_with_user(self, mock_session, mock_loader, http_client):
mock_plugin = mock.Mock()
mock_loader.return_value = mock_plugin
client.Client(username='******', auth_url='authurl')
mock_loader.assert_called_once_with('password')
mock_plugin.load_from_options.assert_called_once_with(
auth_url='authurl',
username='******',
password=None,
project_domain_id=None,
project_domain_name=None,
user_domain_id=None,
user_domain_name=None,
project_id=None,
project_name=None)
http_client.assert_called_once_with(interface='public',
region_name=None,
service_name=None,
service_type='container',
session=mock.ANY)
def setUpClass(cls):
# Collecting of credentials:
#
# Support the existence of a functional_creds.conf for
# testing. This makes it possible to use a config file.
super(BaseMagnumClient, cls).setUpClass()
user = cliutils.env('OS_USERNAME')
passwd = cliutils.env('OS_PASSWORD')
project_name = cliutils.env('OS_PROJECT_NAME')
auth_url = cliutils.env('OS_AUTH_URL')
insecure = cliutils.env('INSECURE')
region_name = cliutils.env('OS_REGION_NAME')
magnum_url = cliutils.env('BYPASS_URL')
image_id = cliutils.env('IMAGE_ID')
nic_id = cliutils.env('NIC_ID')
flavor_id = cliutils.env('FLAVOR_ID')
master_flavor_id = cliutils.env('MASTER_FLAVOR_ID')
keypair_id = cliutils.env('KEYPAIR_ID')
dns_nameserver = cliutils.env('DNS_NAMESERVER')
copy_logs = cliutils.env('COPY_LOGS')
user_domain_id = cliutils.env('OS_USER_DOMAIN_ID')
project_domain_id = cliutils.env('OS_PROJECT_DOMAIN_ID')
config = configparser.RawConfigParser()
if config.read('functional_creds.conf'):
# the OR pattern means the environment is preferred for
# override
user = user or config.get('admin', 'user')
passwd = passwd or config.get('admin', 'pass')
project_name = project_name or config.get('admin', 'project_name')
auth_url = auth_url or config.get('auth', 'auth_url')
insecure = insecure or config.get('auth', 'insecure')
magnum_url = magnum_url or config.get('auth', 'magnum_url')
image_id = image_id or config.get('magnum', 'image_id')
nic_id = nic_id or config.get('magnum', 'nic_id')
flavor_id = flavor_id or config.get('magnum', 'flavor_id')
master_flavor_id = master_flavor_id or config.get(
'magnum', 'master_flavor_id')
keypair_id = keypair_id or config.get('magnum', 'keypair_id')
dns_nameserver = dns_nameserver or config.get(
'magnum', 'dns_nameserver')
user_domain_id = user_domain_id or config.get(
'admin', 'user_domain_id')
project_domain_id = project_domain_id or config.get(
'admin', 'project_domain_id')
try:
copy_logs = copy_logs or config.get('magnum', 'copy_logs')
except configparser.NoOptionError:
pass
cls.image_id = image_id
cls.nic_id = nic_id
cls.flavor_id = flavor_id
cls.master_flavor_id = master_flavor_id
cls.keypair_id = keypair_id
cls.dns_nameserver = dns_nameserver
cls.copy_logs = str(copy_logs).lower() == 'true'
# NOTE(clenimar): The recommended way to issue clients is by creating
# a keystoneauth Session. Using auth parameters (e.g. username and
# password) directly is deprecated.
_session = cls._get_auth_session(username=user,
password=passwd,
project_name=project_name,
project_domain_id=project_domain_id,
user_domain_id=user_domain_id,
auth_url=auth_url,
insecure=insecure)
cls.cs = v1client.Client(session=_session,
insecure=insecure,
service_type='container-infra',
region_name=region_name,
magnum_url=magnum_url,
api_version='latest')
cls.keystone = ksclient.Client(session=_session)
# Get heat endpoint from session
auth_ref = _session.auth.get_auth_ref(_session)
heat_endpoint = auth_ref.service_catalog.url_for(
service_type='orchestration')
cls.heat = heatclient.Client('1', session=_session,
auth=_session.auth,
endpoint=heat_endpoint)
def main(self, argv):
# Parse args once to find version and debug settings
parser = self.get_base_parser()
(options, args) = parser.parse_known_args(argv)
self.setup_debugging(options.debug)
# NOTE(dtroyer): Hackery to handle --endpoint_type due to argparse
# thinking usage-list --end is ambiguous; but it
# works fine with only --endpoint-type present
# Go figure.
if '--endpoint_type' in argv:
spot = argv.index('--endpoint_type')
argv[spot] = '--endpoint-type'
subcommand_parser = (self.get_subcommand_parser(
options.magnum_api_version))
self.parser = subcommand_parser
if options.help or not argv:
subcommand_parser.print_help()
return 0
args = subcommand_parser.parse_args(argv)
# Short-circuit and deal with help right away.
if args.func == self.do_help:
self.do_help(args)
return 0
elif args.func == self.do_bash_completion:
self.do_bash_completion(args)
return 0
(os_username, os_tenant_name, os_tenant_id, os_auth_url,
os_auth_system, endpoint_type, service_type,
bypass_url) = ((args.os_username, args.os_tenant_name,
args.os_tenant_id, args.os_auth_url,
args.os_auth_system, args.endpoint_type,
args.service_type, args.bypass_url))
if os_auth_system and os_auth_system != "keystone":
auth_plugin = auth.load_plugin(os_auth_system)
else:
auth_plugin = None
# Fetched and set later as needed
os_password = None
if not endpoint_type:
endpoint_type = DEFAULT_ENDPOINT_TYPE
if not service_type:
service_type = DEFAULT_SERVICE_TYPE
# NA - there is only one service this CLI accesses
# service_type = utils.get_service_type(args.func) or service_type
# FIXME(usrleon): Here should be restrict for project id same as
# for os_username or os_password but for compatibility it is not.
if not cliutils.isunauthenticated(args.func):
if auth_plugin:
auth_plugin.parse_opts(args)
if not auth_plugin or not auth_plugin.opts:
if not os_username:
raise exc.CommandError("You must provide a username "
"via either --os-username or "
"env[OS_USERNAME]")
if not os_tenant_name and not os_tenant_id:
raise exc.CommandError("You must provide a tenant name "
"or tenant id via --os-tenant-name, "
"--os-tenant-id, env[OS_TENANT_NAME] "
"or env[OS_TENANT_ID]")
if not os_auth_url:
if os_auth_system and os_auth_system != 'keystone':
os_auth_url = auth_plugin.get_auth_url()
if not os_auth_url:
raise exc.CommandError("You must provide an auth url "
"via either --os-auth-url or "
"env[OS_AUTH_URL] or specify an "
"auth_system which defines a "
"default url with --os-auth-system "
"or env[OS_AUTH_SYSTEM]")
# NOTE: The Magnum client authenticates when you create it. So instead of
# creating here and authenticating later, which is what the novaclient
# does, we just create the client later.
# Now check for the password/token of which pieces of the
# identifying keyring key can come from the underlying client
if not cliutils.isunauthenticated(args.func):
# NA - Client can't be used with SecretsHelper
if (auth_plugin and auth_plugin.opts
and "os_password" not in auth_plugin.opts):
use_pw = False
else:
use_pw = True
if use_pw:
# Auth using token must have failed or not happened
# at all, so now switch to password mode and save
# the token when its gotten... using our keyring
# saver
os_password = args.os_password
if not os_password:
raise exc.CommandError(
'Expecting a password provided via either '
'--os-password, env[OS_PASSWORD], or '
'prompted response')
self.cs = client.Client(username=os_username,
api_key=os_password,
project_id=os_tenant_id,
project_name=os_tenant_name,
auth_url=os_auth_url,
service_type=service_type,
region_name=args.os_region_name,
magnum_url=bypass_url)
args.func(self.cs, args)
def test_init_with_token_and_url(self, keystone_client, http_client):
client.Client(input_auth_token='mytoken', magnum_url='http://myurl/')
self.assertFalse(keystone_client.called)
http_client.assert_called_once_with('http://myurl/',
token='mytoken',
auth_ref=None)
def get_magnum_client(**kwargs):
return magnumclient.Client()
