def test_reject_expired_root_password(self):
with session.begin():
ConfigItem.by_name('root_password_validity').set(
90, user=User.by_user_name(data_setup.ADMIN_USER))
self.user.root_password = '******'
self.user.rootpw_changed = datetime.datetime.utcnow(
) - datetime.timedelta(days=99)
job_xml = '''
<job>
<whiteboard>job for user with expired password</whiteboard>
<recipeSet>
<recipe>
<distroRequires>
<distro_name op="=" value="BlueShoeLinux5-5" />
<distro_arch op="=" value="i386" />
</distroRequires>
<hostRequires/>
<task name="/distribution/check-install" />
<task name="/distribution/reservesys" />
</recipe>
</recipeSet>
</job>
'''
try:
self.server.jobs.upload(job_xml)
self.fail('should raise')
except xmlrpclib.Fault, e:
self.assert_('root password has expired' in e.faultString)
def test_reject_expired_root_password(self):
with session.begin():
ConfigItem.by_name('root_password_validity').set(90,
user=User.by_user_name(data_setup.ADMIN_USER))
self.user.root_password = '******'
self.user.rootpw_changed = datetime.datetime.utcnow() - datetime.timedelta(days=99)
job_xml = '''
<job>
<whiteboard>job for user with expired password</whiteboard>
<recipeSet>
<recipe>
<distroRequires>
<distro_name op="=" value="BlueShoeLinux5-5" />
<distro_arch op="=" value="i386" />
</distroRequires>
<hostRequires/>
<task name="/distribution/install" />
<task name="/distribution/reservesys" />
</recipe>
</recipeSet>
</job>
'''
try:
self.server.jobs.upload(job_xml)
self.fail('should raise')
except xmlrpclib.Fault, e:
self.assert_('root password has expired' in e.faultString)
def by_name(self, input, *args, **kw):
if 'anywhere' in kw:
search = ConfigItem.list_by_name(input, find_anywhere=True)
else:
search = ConfigItem.list_by_name(input)
keys = [elem.name for elem in search]
return dict(matches=keys)
def by_name(self, input, *args, **kw):
if 'anywhere' in kw:
search = ConfigItem.list_by_name(input, find_anywhere=True)
else:
search = ConfigItem.list_by_name(input)
keys = [elem.name for elem in search]
return dict(matches=keys)
def setup_openstack():
with session.begin():
data_setup.create_openstack_region()
session.flush()
# Use a distinctive guest name prefix to give us a greater chance of
# tracking instances back to the test run which created them.
admin_user = User.by_user_name(data_setup.ADMIN_USER)
guest_name_prefix = u'beaker-testsuite-%s-%s-' % (
datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S'),
socket.gethostname())
ConfigItem.by_name(u'guest_name_prefix').set(guest_name_prefix, user=admin_user)
ipxe_image.upload_image(_glance(), visibility=u'private')
def test_provision_expired_user_root_password(self):
system = self.usable_system
user = system.user
with session.begin():
user.root_password = '******'
user.rootpw_changed = datetime.datetime.utcnow() - datetime.timedelta(days=99)
ConfigItem.by_name('root_password_validity')\
.set(90, user=User.by_user_name(data_setup.ADMIN_USER))
self.server.auth.login_password(user.user_name, 'password')
try:
self.server.systems.provision(system.fqdn, self.distro_tree.id)
self.fail('should raise')
except xmlrpclib.Fault, e:
self.assert_('root password has expired' in e.faultString, e.faultString)
def edit(self, **kw):
if kw.get('id'):
item = ConfigItem.by_id(kw['id'])
form_values = dict(id=item.id,
numeric=item.numeric,
value=item.current_value())
else:
flash(_(u"Error: No item ID specified"))
raise redirect(".")
# Show all future values, and the previous five
config_values = item.values().filter(item.value_class.valid_from > datetime.utcnow()).order_by(item.value_class.valid_from.desc()).all() \
+ item.values().filter(item.value_class.valid_from <= datetime.utcnow()).order_by(item.value_class.valid_from.desc())[:5]
if item.readonly:
form = None
elif item.numeric:
form = self.int_form
else:
form = self.string_form
return dict(
title=item.name,
subtitle=item.description,
form=form,
action='./save',
options={},
value=form_values,
list=config_values,
grid=self.value_grid,
warn_msg=item.readonly and "This item is read-only",
)
def index(self, *args, **kw):
user = identity.current.user
# Show all future root passwords, and the previous five
rootpw = ConfigItem.by_name('root_password')
rootpw_values = rootpw.values().filter(rootpw.value_class.valid_from > datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc()).all()\
+ rootpw.values().filter(rootpw.value_class.valid_from <= datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc())[:5]
return dict(
title='User Prefs',
delete_link=self.delete_link,
prefs_form=self.prefs_form,
ssh_key_form=self.ssh_key_add_form,
widgets={},
ssh_keys=user.sshpubkeys,
value=user,
rootpw=rootpw.current_value(),
rootpw_grid=self.rootpw_grid,
rootpw_values=rootpw_values,
options=None,
#Hack, to insert static content for submission_delegate
remove_submission_delegate=self.remove_submission_delegate_link,
submission_delegates_grid=self.show_submission_delegates(user),
submission_delegate_form=self.submission_delegate_form)
def remove(self, **kw):
item = ConfigItem.by_id(kw['id'])
item.set(None, None, identity.current.user)
session.add(item)
session.flush()
flash(_(u"%s cleared") % item.description)
raise redirect(".")
def index(self, *args, **kw):
user = identity.current.user
# Show all future root passwords, and the previous five
rootpw = ConfigItem.by_name('root_password')
rootpw_values = rootpw.values().filter(rootpw.value_class.valid_from > datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc()).all()\
+ rootpw.values().filter(rootpw.value_class.valid_from <= datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc())[:5]
return dict(
title = 'User Prefs',
delete_link = self.delete_link,
prefs_form = self.prefs_form,
ssh_key_form = self.ssh_key_add_form,
widgets = {},
ssh_keys = user.sshpubkeys,
value = user,
rootpw = rootpw.current_value(),
rootpw_grid = self.rootpw_grid,
rootpw_values = rootpw_values,
options = None,
#Hack, to insert static content for submission_delegate
remove_submission_delegate = self.remove_submission_delegate_link,
submission_delegates_grid = self.show_submission_delegates(user),
submission_delegate_form = self.submission_delegate_form)
def remove(self, **kw):
item = ConfigItem.by_id(kw['id'])
item.set(None, None, identity.current.user)
session.add(item)
session.flush()
flash(_(u"%s cleared") % item.description)
raise redirect(".")
def edit(self,**kw):
if kw.get('id'):
item = ConfigItem.by_id(kw['id'])
form_values = dict(
id = item.id,
numeric = item.numeric,
value = item.current_value()
)
else:
flash(_(u"Error: No item ID specified"))
raise redirect(".")
# Show all future values, and the previous five
config_values = item.values().filter(item.value_class.valid_from > datetime.utcnow()).order_by(item.value_class.valid_from.desc()).all() \
+ item.values().filter(item.value_class.valid_from <= datetime.utcnow()).order_by(item.value_class.valid_from.desc())[:5]
if item.readonly:
form = None
elif item.numeric:
form = self.int_form
else:
form = self.string_form
return dict(
title = item.name,
subtitle = item.description,
form = form,
action = './save',
options = {},
value = form_values,
list = config_values,
grid = self.value_grid,
warn_msg = item.readonly and "This item is read-only",
)
def _create_subnet(self, network_id):
cidr = ConfigItem.by_name(u'guest_private_network').\
current_value('192.168.10.0/24')
subnet_info = {'name': self.name, 'network_id': network_id, 'cidr': cidr,
'ip_version': 4}
subnet = self.neutron.create_subnet({'subnet': subnet_info})
log.info('Created subnet %r', subnet)
return subnet['subnet']['id']
def _create_subnet(self, network_id):
cidr = ConfigItem.by_name(u'guest_private_network').\
current_value('192.168.10.0/24')
subnet_info = {'name': self.name, 'network_id': network_id, 'cidr': cidr,
'ip_version': 4}
subnet = self.neutron.create_subnet({'subnet': subnet_info})
log.info('Created subnet %r', subnet)
return subnet['subnet']['id']
def provision_virt_recipe(recipe_id):
log.debug('Attempting to provision dynamic virt guest for recipe %s', recipe_id)
session.begin()
try:
recipe = Recipe.by_id(recipe_id)
manager = dynamic_virt.VirtManager(recipe.recipeset.job.owner)
available_flavors = manager.available_flavors()
# We want them in order of smallest to largest, so that we can pick the
# smallest flavor that satisfies the recipe's requirements. Sorting by RAM
# is a decent approximation.
possible_flavors = XmlHost.from_string(recipe.host_requires)\
.filter_openstack_flavors(available_flavors, manager.lab_controller)
if not possible_flavors:
log.debug('No OpenStack flavors matched recipe %s, marking precluded',
recipe.id)
recipe.virt_status = RecipeVirtStatus.precluded
return
possible_flavors = sorted(possible_flavors, key=lambda flavor: flavor.ram)
flavor = possible_flavors[0]
vm_name = '%srecipe-%s' % (
ConfigItem.by_name(u'guest_name_prefix').current_value(u'beaker-'),
recipe.id)
# FIXME can we control use of virtio?
#virtio_possible = True
#if self.recipe.distro_tree.distro.osversion.osmajor.osmajor == "RedHatEnterpriseLinux3":
# virtio_possible = False
vm = manager.create_vm(vm_name, flavor)
vm.instance_created = datetime.utcnow()
try:
recipe.createRepo()
recipe.systems = []
recipe.watchdog = Watchdog()
recipe.resource = vm
recipe.recipeset.lab_controller = manager.lab_controller
recipe.virt_status = RecipeVirtStatus.succeeded
recipe.schedule()
log.info("recipe ID %s moved from Queued to Scheduled by provision_virt_recipe" % recipe.id)
recipe.waiting()
recipe.provision()
log.info("recipe ID %s moved from Scheduled to Waiting by provision_virt_recipe" % recipe.id)
except:
exc_type, exc_value, exc_tb = sys.exc_info()
try:
manager.destroy_vm(vm)
except Exception:
log.exception('Failed to clean up vm %s '
'during provision_virt_recipe, leaked!', vm.instance_id)
# suppress this exception so the original one is not masked
raise exc_type, exc_value, exc_tb
session.commit()
except Exception, e:
log.exception('Error in provision_virt_recipe(%s)', recipe_id)
session.rollback()
# As an added precaution, let's try and avoid this recipe in future
with session.begin():
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.failed
def provision_virt_recipe(recipe_id):
log.debug('Attempting to provision dynamic virt guest for recipe %s', recipe_id)
session.begin()
try:
recipe = Recipe.by_id(recipe_id)
manager = dynamic_virt.VirtManager(recipe.recipeset.job.owner)
available_flavors = manager.available_flavors()
# We want them in order of smallest to largest, so that we can pick the
# smallest flavor that satisfies the recipe's requirements. Sorting by RAM
# is a decent approximation.
possible_flavors = XmlHost.from_string(recipe.host_requires)\
.filter_openstack_flavors(available_flavors, manager.lab_controller)
if not possible_flavors:
log.debug('No OpenStack flavors matched recipe %s, marking precluded',
recipe.id)
recipe.virt_status = RecipeVirtStatus.precluded
return
possible_flavors = sorted(possible_flavors, key=lambda flavor: flavor.ram)
flavor = possible_flavors[0]
vm_name = '%srecipe-%s' % (
ConfigItem.by_name(u'guest_name_prefix').current_value(u'beaker-'),
recipe.id)
# FIXME can we control use of virtio?
#virtio_possible = True
#if self.recipe.distro_tree.distro.osversion.osmajor.osmajor == "RedHatEnterpriseLinux3":
# virtio_possible = False
vm = manager.create_vm(vm_name, flavor)
vm.instance_created = datetime.utcnow()
try:
recipe.createRepo()
recipe.clear_candidate_systems()
recipe.watchdog = Watchdog()
recipe.resource = vm
recipe.recipeset.lab_controller = manager.lab_controller
recipe.virt_status = RecipeVirtStatus.succeeded
recipe.schedule()
log.info("recipe ID %s moved from Queued to Scheduled by provision_virt_recipe" % recipe.id)
recipe.waiting()
recipe.provision()
log.info("recipe ID %s moved from Scheduled to Waiting by provision_virt_recipe" % recipe.id)
except:
exc_type, exc_value, exc_tb = sys.exc_info()
try:
manager.destroy_vm(vm)
except Exception:
log.exception('Failed to clean up vm %s '
'during provision_virt_recipe, leaked!', vm.instance_id)
# suppress this exception so the original one is not masked
raise exc_type, exc_value, exc_tb
session.commit()
except Exception, e:
log.exception('Error in provision_virt_recipe(%s)', recipe_id)
session.rollback()
# As an added precaution, let's try and avoid this recipe in future
with session.begin():
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.failed
def delete(self, **kw):
item = ConfigItem.by_id(kw['item'])
val = item.value_class.by_id(kw['id'])
if val.valid_from <= datetime.utcnow():
flash(_(u"Cannot remove past value of %s") % item.name)
raise redirect("/configuration/edit?id=%d" % item.id)
session.delete(val)
session.flush()
flash(_(u"Future value of %s cleared") % item.name)
raise redirect(".")
def test_provision_rejected_with_expired_root_password(self):
with session.begin():
user = data_setup.create_user(password=u'testing')
user.root_password = "******"
user.rootpw_changed = datetime.datetime.utcnow() - datetime.timedelta(days=35)
ConfigItem.by_name('root_password_validity').set(30,
user=User.by_user_name(data_setup.ADMIN_USER))
system = data_setup.create_system(status=SystemStatus.manual,
lab_controller=self.lc)
system.reserve_manually(service=u'testdata', user=user)
b = self.browser
login(b, user=user.user_name, password='******')
provision = self.go_to_provision_tab(system)
self.select_distro_tree(self.distro_tree)
provision.find_element_by_xpath('.//button[text()="Provision"]').click()
b.find_element_by_xpath(
'.//div[contains(@class, "modal")]//button[text()="OK"]').click()
self.assertIn('root password has expired',
provision.find_element_by_class_name('alert-error').text)
def delete(self, **kw):
item = ConfigItem.by_id(kw['item'])
val = item.value_class.by_id(kw['id'])
if val.valid_from <= datetime.utcnow():
flash(_(u"Cannot remove past value of %s") % item.name)
raise redirect("/configuration/edit?id=%d" % item.id)
session.delete(val)
session.flush()
flash(_(u"Future value of %s cleared") % item.name)
raise redirect(".")
def provision_virt_recipes(*args):
# We limit to labs where the tree is available by NFS because RHEV needs to
# use autofs to grab the images. See VirtManager.start_install.
recipes = MachineRecipe.query\
.join(Recipe.recipeset).join(RecipeSet.job)\
.filter(Job.dirty_version == Job.clean_version)\
.join(Recipe.distro_tree, DistroTree.lab_controller_assocs, LabController)\
.filter(Recipe.status == TaskStatus.queued)\
.filter(Recipe.virt_status == RecipeVirtStatus.possible)\
.filter(LabController.disabled == False)\
.filter(or_(RecipeSet.lab_controller == None,
RecipeSet.lab_controller_id == LabController.id))\
.filter(LabControllerDistroTree.url.like(u'nfs://%'))\
.order_by(RecipeSet.priority.desc(), Recipe.id.asc())
if not recipes.count():
return False
log.debug("Entering provision_virt_recipes")
for recipe_id, in recipes.values(Recipe.id.distinct()):
system_name = None
session.begin()
try:
system_name = u'%srecipe_%s' % (
ConfigItem.by_name(u'guest_name_prefix').current_value(u'beaker_'),
recipe_id)
provision_virt_recipe(system_name, recipe_id)
session.commit()
except needpropertyxml.NotVirtualisable:
session.rollback()
session.begin()
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.precluded
session.commit()
except VMCreationFailedException:
session.rollback()
session.begin()
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.skipped
session.commit()
except Exception, e: # This will get ovirt RequestErrors from recipe.provision()
log.exception('Error in provision_virt_recipe(%s)', recipe_id)
session.rollback()
try:
# Don't leak the vm if it was created
if system_name:
with dynamic_virt.VirtManager() as manager:
manager.destroy_vm(system_name)
# As an added precaution, let's try and avoid this recipe in future
session.begin()
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.failed
session.commit()
except Exception:
log.exception('Exception in exception handler :-(')
finally:
def test_provision_rejected_with_expired_root_password(self):
sel = self.selenium
system = self.system
user = system.user
user.root_password = "******"
user.rootpw_changed = datetime.datetime.utcnow() - datetime.timedelta(days=35)
ConfigItem.by_name('root_password_validity').set(30,
user=User.by_user_name(data_setup.ADMIN_USER))
session.flush()
sel.open("")
sel.type("simplesearch", "%s" % system.fqdn)
sel.submit('simpleform')
sel.wait_for_page_to_load("30000")
sel.click("link=%s" % system.fqdn)
sel.wait_for_page_to_load("30000")
sel.click("link=Provision")
sel.select("provision_prov_install", "index=0")
sel.submit('name=provision')
sel.wait_for_page_to_load("30000")
self.assert_("root password has expired" in sel.get_text('css=.flash'))
def test_provision_rejected_with_expired_root_password(self):
with session.begin():
user = data_setup.create_user(password=u'testing')
user.root_password = "******"
user.rootpw_changed = datetime.datetime.utcnow(
) - datetime.timedelta(days=35)
ConfigItem.by_name('root_password_validity').set(
30, user=User.by_user_name(data_setup.ADMIN_USER))
system = data_setup.create_system(status=SystemStatus.manual,
lab_controller=self.lc)
system.reserve_manually(service=u'testdata', user=user)
b = self.browser
login(b, user=user.user_name, password='******')
provision = self.go_to_provision_tab(system)
self.select_distro_tree(self.distro_tree)
provision.find_element_by_xpath(
'.//button[text()="Provision"]').click()
b.find_element_by_xpath(
'.//div[contains(@class, "modal")]//button[text()="OK"]').click()
self.assertIn('root password has expired',
provision.find_element_by_class_name('alert-error').text)
def prefs():
user = identity.current.user
attributes = user_full_json(user)
# Show all future root passwords, and the previous five
rootpw = ConfigItem.by_name('root_password')
rootpw_values = rootpw.values().filter(rootpw.value_class.valid_from > datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc()).all()\
+ rootpw.values().filter(rootpw.value_class.valid_from <= datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc())[:5]
return render_tg_template('bkr.server.templates.prefs', {
'user': user,
'attributes': attributes,
'default_root_password': rootpw.current_value(),
'default_root_passwords': rootpw_values,
})
def prefs():
user = identity.current.user
attributes = user_full_json(user)
# Show all future root passwords, and the previous five
rootpw = ConfigItem.by_name('root_password')
rootpw_values = rootpw.values().filter(rootpw.value_class.valid_from > datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc()).all()\
+ rootpw.values().filter(rootpw.value_class.valid_from <= datetime.utcnow())\
.order_by(rootpw.value_class.valid_from.desc())[:5]
return render_tg_template('bkr.server.templates.prefs', {
'user': user,
'attributes': attributes,
'default_root_password': rootpw.current_value(),
'default_root_passwords': rootpw_values,
})
def save(self, **kw):
if 'id' in kw and kw['id']:
item = ConfigItem.by_id(kw['id'])
else:
flash(_(u"Error: No item ID"))
raise redirect(".")
if kw['valid_from']:
try:
valid_from = datetime.strptime(kw['valid_from'], '%Y-%m-%d %H:%M')
except ValueError:
flash(_(u"Invalid date and time specification, use: YYYY-MM-DD HH:MM"))
raise redirect("/configuration/edit?id=%d" % item.id)
else:
valid_from = None
try:
item.set(kw['value'], valid_from, identity.current.user)
except Exception, msg:
flash(_(u"Failed to save setting: %s" % msg))
raise redirect("/configuration/edit?id=%d" % item.id)
def save(self, **kw):
if 'id' in kw and kw['id']:
item = ConfigItem.by_id(kw['id'])
else:
flash(_(u"Error: No item ID"))
raise redirect(".")
if kw['valid_from']:
try:
valid_from = datetime.strptime(kw['valid_from'], '%Y-%m-%d %H:%M')
except ValueError:
flash(_(u"Invalid date and time specification, use: YYYY-MM-DD HH:MM"))
raise redirect("/configuration/edit?id=%d" % item.id)
else:
valid_from = None
try:
item.set(kw['value'], valid_from, identity.current.user)
except Exception, msg:
flash(_(u"Failed to save setting: %s" % msg))
raise redirect("/configuration/edit?id=%d" % item.id)
def provision_virt_recipe(recipe_id):
log.debug('Attempting to provision dynamic virt guest for recipe %s',
recipe_id)
session.begin()
try:
recipe = Recipe.by_id(recipe_id)
job_owner = recipe.recipeset.job.owner
manager = dynamic_virt.VirtManager(job_owner)
available_flavors = manager.available_flavors()
# We want them in order of smallest to largest, so that we can pick the
# smallest flavor that satisfies the recipe's requirements. Sorting by RAM
# is a decent approximation.
possible_flavors = XmlHost.from_string(recipe.host_requires)\
.filter_openstack_flavors(available_flavors, manager.lab_controller)
if not possible_flavors:
log.info(
'No OpenStack flavors matched recipe %s, marking precluded',
recipe.id)
recipe.virt_status = RecipeVirtStatus.precluded
return
# cheapest flavor has the smallest disk and ram
# id guarantees consistency of our results
flavor = min(possible_flavors,
key=lambda flavor: (flavor.ram, flavor.disk, flavor.id))
vm_name = '%srecipe-%s' % (ConfigItem.by_name(
u'guest_name_prefix').current_value(u'beaker-'), recipe.id)
log.debug('Creating VM named %s as flavor %s', vm_name, flavor)
vm = manager.create_vm(vm_name, flavor)
vm.instance_created = datetime.utcnow()
try:
recipe.createRepo()
recipe.clear_candidate_systems()
recipe.watchdog = Watchdog()
recipe.resource = vm
recipe.recipeset.lab_controller = manager.lab_controller
recipe.virt_status = RecipeVirtStatus.succeeded
recipe.schedule()
log.info(
"recipe ID %s moved from Queued to Scheduled by provision_virt_recipe",
recipe.id)
recipe.waiting()
recipe.provision()
log.info(
"recipe ID %s moved from Scheduled to Waiting by provision_virt_recipe",
recipe.id)
except:
exc_type, exc_value, exc_tb = sys.exc_info()
try:
manager.destroy_vm(vm)
except Exception:
log.exception(
'Failed to clean up VM %s during provision_virt_recipe, leaked!',
vm.instance_id)
# suppress this exception so the original one is not masked
raise exc_type, exc_value, exc_tb
session.commit()
except Exception as e:
log.exception('Error in provision_virt_recipe(%s)', recipe_id)
session.rollback()
# As an added precaution, let's try and avoid this recipe in future
with session.begin():
recipe = Recipe.by_id(recipe_id)
recipe.virt_status = RecipeVirtStatus.failed
finally:
session.close()
def populate_db(user_name=None, password=None, user_display_name=None,
user_email_address=None):
logger.info('Populating tables with pre-defined values if necessary')
session.begin()
try:
admin = Group.by_name(u'admin')
except InvalidRequestError:
admin = Group(group_name=u'admin', display_name=u'Admin')
session.add(admin)
try:
lab_controller = Group.by_name(u'lab_controller')
except InvalidRequestError:
lab_controller = Group(group_name=u'lab_controller',
display_name=u'Lab Controller')
session.add(lab_controller)
# Setup User account
if user_name:
user = User.lazy_create(user_name=user_name.decode('utf8'))
if password:
user.password = password.decode('utf8')
if user_display_name:
user.display_name = user_display_name.decode('utf8')
if user_email_address:
user.email_address = user_email_address.decode('utf8')
# Ensure the user is in the 'admin' group as an owner.
# Flush for lazy_create.
session.flush()
user_group_assoc = UserGroup.lazy_create(
user_id=user.user_id, group_id=admin.group_id)
user_group_assoc.is_owner = True
# Create distro_expire perm if not present
try:
_ = Permission.by_name(u'distro_expire')
except NoResultFound:
distro_expire_perm = Permission(u'distro_expire')
session.add(distro_expire_perm)
# Create proxy_auth perm if not present
try:
_ = Permission.by_name(u'proxy_auth')
except NoResultFound:
proxy_auth_perm = Permission(u'proxy_auth')
session.add(proxy_auth_perm)
# Create tag_distro perm if not present
try:
_ = Permission.by_name(u'tag_distro')
except NoResultFound:
tag_distro_perm = Permission(u'tag_distro')
admin.permissions.append(tag_distro_perm)
# Create stop_task perm if not present
try:
_ = Permission.by_name(u'stop_task')
except NoResultFound:
stop_task_perm = Permission(u'stop_task')
lab_controller.permissions.append(stop_task_perm)
admin.permissions.append(stop_task_perm)
# Create secret_visible perm if not present
try:
_ = Permission.by_name(u'secret_visible')
except NoResultFound:
secret_visible_perm = Permission(u'secret_visible')
lab_controller.permissions.append(secret_visible_perm)
admin.permissions.append(secret_visible_perm)
# Create change_prio perm if not present
try:
_ = Permission.by_name(u'change_prio')
except NoResultFound:
change_prio_perm = Permission(u'change_prio')
session.add(change_prio_perm)
# Setup Hypervisors Table
if Hypervisor.query.count() == 0:
for h in [u'KVM', u'Xen', u'HyperV', u'VMWare']:
session.add(Hypervisor(hypervisor=h))
# Setup kernel_type Table
if KernelType.query.count() == 0:
for type in [u'default', u'highbank', u'imx', u'omap', u'tegra']:
session.add(KernelType(kernel_type=type, uboot=False))
for type in [u'mvebu']:
session.add(KernelType(kernel_type=type, uboot=True))
# Setup base Architectures
if Arch.query.count() == 0:
for arch in [u'i386', u'x86_64', u'ia64', u'ppc', u'ppc64', u'ppc64le',
u's390', u's390x', u'armhfp', u'aarch64', u'arm']:
session.add(Arch(arch))
# Setup base power types
if PowerType.query.count() == 0:
for power_type in [u'apc_snmp', u'apc_snmp_then_etherwake',
u'bladecenter', u'bladepap', u'drac', u'ether_wake', u'hyper-v',
u'ilo', u'integrity', u'ipmilan', u'ipmitool', u'lpar', u'rsa',
u'virsh', u'wti']:
session.add(PowerType(power_type))
# Setup key types
if Key.query.count() == 0:
session.add(Key(u'DISKSPACE', True))
session.add(Key(u'COMMENT'))
session.add(Key(u'CPUFAMILY', True))
session.add(Key(u'CPUFLAGS'))
session.add(Key(u'CPUMODEL'))
session.add(Key(u'CPUMODELNUMBER', True))
session.add(Key(u'CPUSPEED', True))
session.add(Key(u'CPUVENDOR'))
session.add(Key(u'DISK', True))
session.add(Key(u'FORMFACTOR'))
session.add(Key(u'HVM'))
session.add(Key(u'MEMORY', True))
session.add(Key(u'MODEL'))
session.add(Key(u'MODULE'))
session.add(Key(u'NETWORK'))
session.add(Key(u'NR_DISKS', True))
session.add(Key(u'NR_ETH', True))
session.add(Key(u'NR_IB', True))
session.add(Key(u'PCIID'))
session.add(Key(u'PROCESSORS', True))
session.add(Key(u'RTCERT'))
session.add(Key(u'SCRATCH'))
session.add(Key(u'STORAGE'))
session.add(Key(u'USBID'))
session.add(Key(u'VENDOR'))
session.add(Key(u'XENCERT'))
session.add(Key(u'NETBOOT_METHOD'))
if RetentionTag.query.count() == 0:
session.add(RetentionTag(tag=u'scratch', is_default=1, expire_in_days=30))
session.add(RetentionTag(tag=u'60days', needs_product=False, expire_in_days=60))
session.add(RetentionTag(tag=u'120days', needs_product=False, expire_in_days=120))
session.add(RetentionTag(tag=u'active', needs_product=True))
session.add(RetentionTag(tag=u'audit', needs_product=True))
config_items = [
# name, description, numeric
(u'root_password', u'Plaintext root password for provisioned systems', False),
(u'root_password_validity', u"Maximum number of days a user's root password is valid for",
True),
(u'guest_name_prefix', u'Prefix for names of dynamic guests in OpenStack', False),
(u'guest_private_network', u'Network address in CIDR format for private networks'
' of dynamic guests in OpenStack.', False),
]
for name, description, numeric in config_items:
ConfigItem.lazy_create(name=name, description=description, numeric=numeric)
if ConfigItem.by_name(u'root_password').current_value() is None:
ConfigItem.by_name(u'root_password').set(u'beaker', user=admin.users[0])
if ConfigItem.by_name(u'guest_private_network').current_value() is None:
ConfigItem.by_name(u'guest_private_network').set(u'192.168.10.0/24',
user=admin.users[0])
session.commit()
session.close()
logger.info('Pre-defined values populated')
def populate_db(user_name=None, password=None, user_display_name=None,
user_email_address=None):
session.begin()
try:
admin = Group.by_name(u'admin')
except InvalidRequestError:
admin = Group(group_name=u'admin',display_name=u'Admin')
session.add(admin)
try:
lab_controller = Group.by_name(u'lab_controller')
except InvalidRequestError:
lab_controller = Group(group_name=u'lab_controller',
display_name=u'Lab Controller')
session.add(lab_controller)
#Setup User account
if user_name:
user = User.lazy_create(user_name=user_name.decode('utf8'))
if password:
user.password = password.decode('utf8')
if user_display_name:
user.display_name = user_display_name.decode('utf8')
if user_email_address:
user.email_address = user_email_address.decode('utf8')
# Ensure the user is in the 'admin' group as an owner.
# Flush for lazy_create.
session.flush()
user_group_assoc = UserGroup.lazy_create(
user_id=user.user_id, group_id=admin.group_id)
user_group_assoc.is_owner = True
# Create distro_expire perm if not present
try:
distro_expire_perm = Permission.by_name(u'distro_expire')
except NoResultFound:
distro_expire_perm = Permission(u'distro_expire')
session.add(distro_expire_perm)
# Create proxy_auth perm if not present
try:
proxy_auth_perm = Permission.by_name(u'proxy_auth')
except NoResultFound:
proxy_auth_perm = Permission(u'proxy_auth')
session.add(proxy_auth_perm)
# Create tag_distro perm if not present
try:
tag_distro_perm = Permission.by_name(u'tag_distro')
except NoResultFound:
tag_distro_perm = Permission(u'tag_distro')
admin.permissions.append(tag_distro_perm)
# Create stop_task perm if not present
try:
stop_task_perm = Permission.by_name(u'stop_task')
except NoResultFound:
stop_task_perm = Permission(u'stop_task')
lab_controller.permissions.append(stop_task_perm)
admin.permissions.append(stop_task_perm)
# Create secret_visible perm if not present
try:
secret_visible_perm = Permission.by_name(u'secret_visible')
except NoResultFound:
secret_visible_perm = Permission(u'secret_visible')
lab_controller.permissions.append(secret_visible_perm)
admin.permissions.append(secret_visible_perm)
#Setup Hypervisors Table
if Hypervisor.query.count() == 0:
for h in [u'KVM', u'Xen', u'HyperV', u'VMWare']:
session.add(Hypervisor(hypervisor=h))
#Setup kernel_type Table
if KernelType.query.count() == 0:
for type in [u'default', u'highbank', u'imx', u'omap', u'tegra']:
session.add(KernelType(kernel_type=type, uboot=False))
for type in [u'mvebu']:
session.add(KernelType(kernel_type=type, uboot=True))
#Setup base Architectures
if Arch.query.count() == 0:
for arch in [u'i386', u'x86_64', u'ia64', u'ppc', u'ppc64', u'ppc64le',
u's390', u's390x', u'armhfp', u'aarch64', u'arm']:
session.add(Arch(arch))
#Setup base power types
if PowerType.query.count() == 0:
for power_type in [u'apc_snmp', u'apc_snmp_then_etherwake',
u'bladecenter', u'bladepap', u'drac', u'ether_wake', u'hyper-v',
u'ilo', u'integrity', u'ipmilan', u'ipmitool', u'lpar', u'rsa',
u'virsh', u'wti']:
session.add(PowerType(power_type))
#Setup key types
if Key.query.count() == 0:
session.add(Key(u'DISKSPACE',True))
session.add(Key(u'COMMENT'))
session.add(Key(u'CPUFAMILY',True))
session.add(Key(u'CPUFLAGS'))
session.add(Key(u'CPUMODEL'))
session.add(Key(u'CPUMODELNUMBER', True))
session.add(Key(u'CPUSPEED',True))
session.add(Key(u'CPUVENDOR'))
session.add(Key(u'DISK',True))
session.add(Key(u'FORMFACTOR'))
session.add(Key(u'HVM'))
session.add(Key(u'MEMORY',True))
session.add(Key(u'MODEL'))
session.add(Key(u'MODULE'))
session.add(Key(u'NETWORK'))
session.add(Key(u'NR_DISKS',True))
session.add(Key(u'NR_ETH',True))
session.add(Key(u'NR_IB',True))
session.add(Key(u'PCIID'))
session.add(Key(u'PROCESSORS',True))
session.add(Key(u'RTCERT'))
session.add(Key(u'SCRATCH'))
session.add(Key(u'STORAGE'))
session.add(Key(u'USBID'))
session.add(Key(u'VENDOR'))
session.add(Key(u'XENCERT'))
session.add(Key(u'NETBOOT_METHOD'))
#Setup ack/nak reposnses
if Response.query.count() == 0:
session.add(Response(response=u'ack'))
session.add(Response(response=u'nak'))
if RetentionTag.query.count() == 0:
session.add(RetentionTag(tag=u'scratch', is_default=1, expire_in_days=30))
session.add(RetentionTag(tag=u'60days', needs_product=False, expire_in_days=60))
session.add(RetentionTag(tag=u'120days', needs_product=False, expire_in_days=120))
session.add(RetentionTag(tag=u'active', needs_product=True))
session.add(RetentionTag(tag=u'audit', needs_product=True))
config_items = [
# name, description, numeric
(u'root_password', u'Plaintext root password for provisioned systems', False),
(u'root_password_validity', u"Maximum number of days a user's root password is valid for", True),
(u'guest_name_prefix', u'Prefix for names of dynamic guests in OpenStack', False),
]
for name, description, numeric in config_items:
ConfigItem.lazy_create(name=name, description=description, numeric=numeric)
if ConfigItem.by_name(u'root_password').current_value() is None:
ConfigItem.by_name(u'root_password').set(u'beaker', user=admin.users[0])
session.commit()
session.close()
