def get_vsd_credentials():
from nuage_openstack_audit.vsdclient.vsdclient import VsdCredentials
user, password = Utils.get_env_var('OS_VSD_SERVER_AUTH',
'csproot:csproot').split(':')
return VsdCredentials(
vsd_server=Utils.get_env_var('OS_VSD_SERVER', required=True),
user=user,
password=password,
base_uri=Utils.get_env_var('OS_VSD_BASE_URI', '/nuage/api/v6'),
enterprise=Utils.get_env_var('OS_DEFAULT_NETPARTITION',
required=True))
def main():
try:
audit_report, _ = Main().run()
if not audit_report:
return 0 # no discrepancies found
except Exception as e:
if Main.developer_modus:
Utils.report_traceback(ERROR)
else:
ERROR.h0('ERROR: %s', e)
# set exit code to 1 on error or when discrepancies found
return 1
def init_logger(self, initiating_time):
from nuage_openstack_audit.utils.logger import get_logger
logger = get_logger()
logger.set_verbose(self.verbose)
logger.set_extreme_verbose(self.extreme_verbose)
env_set_level = Utils.get_env_var('OS_AUDIT_LOG_LEVEL', 'INFO').upper()
level = 'DEBUG' if self.debug else env_set_level
self.debug = level == 'DEBUG' # possibly correcting initial setting,
# based on env. log level setting
log_file = (self.expand_filename(
Utils.get_env_var('OS_AUDIT_LOG_DIR',
'.'), NUAGE_OPENSTACK_AUDIT_PREFIX +
initiating_time, '.log') if not self.no_log else None)
logger.init_logging(level, log_file)
if log_file:
USER.h0('Logfile created at %s', self.relative_filename(log_file))
if self.developer_modus:
WARN.report('Developer modus is on')
return logger
def should_have_vport(cls, port):
if cls.is_normal_port(port):
device_owner = port['device_owner']
device_owner_prefix = Utils.get_env_var('OS_DEVICE_OWNER_PREFIX')
return not (device_owner in AUTO_CREATE_PORT_OWNERS
or device_owner_prefix
and device_owner.startswith(device_owner_prefix))
elif cls.is_sriov_port(port):
# TODO(Tom) Add support for SRIOV ports
WARN.h3("Port {} is a SRIOV port. SRIOV audit is not supported. "
"Orphan policygroups or orphan policygroup-vport "
"associations may be wrongly reported!")
elif cls.is_bound_baremetal_port(port):
return True
else:
return False
def prep_report_name(initiating_time):
report_dir = Utils.get_env_var('OS_AUDIT_REPORT_DIR', '.')
fixed_report_file = Utils.get_env_var('OS_AUDIT_REPORT_FILE')
if not fixed_report_file:
fixed_report_file = NUAGE_OPENSTACK_AUDIT_PREFIX + initiating_time
return Main.expand_filename(report_dir, fixed_report_file, '.json')
def relative_filename(file_name):
pwd = Utils.get_env_var('PWD')
if pwd and file_name.startswith(pwd):
file_name = '.' + file_name[len(pwd):]
return file_name
def check_developer_modus():
if Utils.get_env_bool('OS_AUDIT_DEVELOPER_MODUS'):
DeveloperModus()
return True
else:
return False
def get_os_credentials():
from nuage_openstack_audit.osclient.osclient import OSCredentials
auth_url = Utils.get_env_var('OS_AUTH_URL', required=True)
username = Utils.get_env_var('OS_USERNAME', required=True)
project_name = Utils.get_env_var('OS_PROJECT_NAME',
Utils.get_env_var('OS_TENANT_NAME'))
if not project_name:
Utils.env_error('OS_PROJECT_NAME nor OS_TENANT_NAME '
'is defined. Please set either of both.')
password = Utils.get_env_var('OS_PASSWORD', required=True)
identity_api_version = float( # deal with version '2.0' e.g.
Utils.get_env_var('OS_IDENTITY_API_VERSION', 3))
# add support to specify certificate verification
# -- below is not a standard OS env setting -> documented in README --
verify_ca = Utils.get_env_bool('OS_VERIFY_CA', True)
# -- below is standard --
ca_cert = Utils.get_env_var('OS_CACERT')
# end of specify certificate verification
if identity_api_version == 3:
user_domain_id = Utils.get_env_var('OS_USER_DOMAIN_ID')
user_domain_name = Utils.get_env_var('OS_USER_DOMAIN_NAME')
if not user_domain_name and not user_domain_id:
Utils.env_error('OS_USER_DOMAIN_ID nor OS_USER_DOMAIN_NAME '
'is defined. Please set either of both.')
project_domain_id = Utils.get_env_var('OS_PROJECT_DOMAIN_ID')
project_domain_name = Utils.get_env_var('OS_PROJECT_DOMAIN_NAME')
if not project_domain_name and not project_domain_id:
Utils.env_error('OS_PROJECT_DOMAIN_ID nor '
'OS_PROJECT_DOMAIN_NAME '
'is defined. Please set either of both.')
else:
user_domain_id = user_domain_name = None
project_domain_id = project_domain_name = None
return OSCredentials(auth_url, username, password, project_name,
identity_api_version, verify_ca, ca_cert,
user_domain_id, user_domain_name,
project_domain_id, project_domain_name)
def get_cms_id():
return Utils.get_env_var('OS_CMS_ID', required=True)