def _config_reset_cmd():
"""config_reset command
args for config_reset command
- none
"""
kolla_etc = get_kolla_etc()
kolla_home = get_kolla_ansible_home()
kollacli_etc = get_kolla_cli_etc()
group_vars_path = os.path.join(kolla_home, 'ansible/group_vars')
host_vars_path = os.path.join(kolla_home, 'ansible/host_vars')
globals_path = os.path.join(group_vars_path, '__GLOBAL__')
inventory_path = os.path.join(kollacli_etc, 'ansible/inventory.json')
# truncate global property and inventory files
with open(globals_path, 'w') as globals_file:
globals_file.truncate()
with open(inventory_path, 'w') as inventory_file:
inventory_file.truncate()
# clear all passwords
clear_all_passwords()
# nuke all files under the kolla etc base, skipping everything
# in the kolla-cli directory and the globals.yml and passwords.yml files
for dir_path, dir_names, file_names in os.walk(kolla_etc, topdown=False):
if 'kolla-cli' not in dir_path:
for dir_name in dir_names:
if dir_name != 'kolla-cli':
os.rmdir(os.path.join(dir_path, dir_name))
for file_name in file_names:
if file_name == 'passwords.yml' or file_name == 'globals.yml':
continue
os.remove(os.path.join(dir_path, file_name))
# nuke all property files under the kolla-ansible base other than
# all.yml and the global property file which we truncate above
for dir_path, _, file_names in os.walk(group_vars_path):
for file_name in file_names:
if (file_name != '__GLOBAL__' and
file_name != 'all.yml'):
os.remove(os.path.join(dir_path, file_name))
for dir_path, _, file_names in os.walk(host_vars_path):
for file_name in file_names:
os.remove(os.path.join(dir_path, file_name))
def precheck(self, hostnames=[], servicenames=[]):
'''run check playbooks on a set of hosts'''
# check that password file has no empty password values
empty_keys = get_empty_password_values()
if empty_keys:
raise InvalidConfiguration(
u._('password check failed. There are empty password values '
'in {etc}passwords.yml. '
'Please run kolla-cli password init or '
'kolla-cli password set(key) to correct them. '
'\nEmpty passwords: '
'{keys}').format(etc=get_kolla_etc(), keys=empty_keys))
# define 'hosts' to be all, but inventory filtering will subset
# that down to the hosts in playbook.hosts.
self.playbook.hosts = hostnames
self.playbook.services = servicenames
self.playbook.extra_vars = 'kolla_action=precheck'
self.playbook.print_output = True
job = self.playbook.run()
return job
def test_password_set_clear(self):
# test list
msg = self.run_cli_cmd('password list')
key = 'database_password'
value = '-'
ok = self._password_value_exists(key, value, msg)
self.assertTrue(
ok, 'list failed. Password (%s/%s) not in output: %s' %
(key, value, msg))
# test setting empty password
self.run_cli_cmd('password set %s --insecure' % key)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, '-', msg)
self.assertTrue(
ok, 'set empty password failed. Password ' +
'(%s/-) not in output: %s' % (key, msg))
# test setting None password
CLIENT.password_set(key, None)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, '-', msg)
self.assertTrue(
ok, 'set None password failed. Password ' +
'(%s/-) not in output: %s' % (key, msg))
# test clear
key = 'database_password'
value = '-'
self.run_cli_cmd('password clear %s' % key)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, value, msg)
self.assertTrue(
ok, 'clear password failed. Password ' +
'(%s/%s) not in output: %s' % (key, value, msg))
# test setting an ssh key
key = 'nova_ssh_key'
CLIENT.password_set_sshkey(key, PRIVATE_KEY, PUBLIC_KEY)
keynames = CLIENT.password_get_names()
self.assertIn(key, keynames, 'ssh key not in passwords')
# test modify non-ssh password
key = 'database_password'
value = '-'
self.run_cli_cmd('password set %s --insecure %s' % (key, value))
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, value, msg)
self.assertTrue(
ok, 'set modify password failed. Password ' +
'(%s/%s) not in output: %s' % (key, value, msg))
# test to make sure that saves / loads aren't doing something
# bad to the password file size
CLIENT.password_clear(key)
# snapshot file size with key cleared
password_file_path = os.path.join(get_kolla_etc(), 'passwords.yml')
size_start = os.path.getsize(password_file_path)
# set and clear password
CLIENT.password_set(key, value)
CLIENT.password_clear(key)
size_end = os.path.getsize(password_file_path)
self.assertEqual(
size_start, size_end, 'password file size changed ' +
'during set/clear (%s/%s)' % (size_start, size_end))
# make sure to end the test with the password init, as some other
# non-password related tests require that all passwords in the file
# be populated
CLIENT.password_init()
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
import sys
from kolla_cli.common import utils
kolla_ansible_source_base = '../kolla-ansible'
kolla_ansible_home_target = utils.get_kolla_ansible_home()
kolla_ansible_etc_target = utils.get_kolla_etc()
ansible = 'ansible'
kolla = 'kolla'
kolla_cli = 'kolla-cli'
tools = 'tools'
def setup_ansible_etc():
# if the kolla-cli directory for the inventory doesn't exist
# already then make it. this will also create the directory the
# globals and password file goes into
cli_etc_dir = os.path.join(kolla_ansible_etc_target,
kolla_cli, ansible)
if not os.path.exists(cli_etc_dir):
make_cli_etc_dir_cmd = ('mkdir -p %s' % cli_etc_dir)
_command_exec(make_cli_etc_dir_cmd)
def _get_password_path(self):
kolla_etc = get_kolla_etc()
return ('-e @' + os.path.join(kolla_etc, 'passwords.yml '))
def _get_cmd_prefix():
actions_path = utils.get_kolla_actions_path()
pwd_file_path = os.path.join(utils.get_kolla_etc(), PWDS_FILENAME)
prefix = ('%s password -p %s ' % (actions_path, pwd_file_path))
return prefix
def test_password_set_clear(self):
# This test should leave the passwords.yml file unchanged
# after the test completes.
pwds_path = os.path.join(get_kolla_etc(), 'passwords.yml')
size_start = os.path.getsize(pwds_path)
# test list
msg = self.run_cli_cmd('password list')
key = 'database_password'
value = '-'
ok = self._password_value_exists(key, value, msg)
self.assertTrue(ok, 'list failed. Password (%s/%s) not in output: %s'
% (key, value, msg))
# test append
key = 'TeStKeY'
value = '-'
self.run_cli_cmd('password set %s --insecure %s' % (key, value))
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, value, msg)
self.assertTrue(ok, 'set new password failed. Password ' +
'(%s/%s) not in output: %s'
% (key, value, msg))
# test modify existing
key = 'TeStKeY'
value = '-'
self.run_cli_cmd('password set %s --insecure %s' % (key, value))
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, value, msg)
self.assertTrue(ok, 'set modify password failed. Password ' +
'(%s/%s) not in output: %s' %
(key, value, msg))
# test setting empty password
self.run_cli_cmd('password set %s --insecure' % key)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, '-', msg)
self.assertTrue(ok, 'set empty password failed. Password ' +
'(%s/-) not in output: %s' %
(key, msg))
# test setting None password
CLIENT.password_set(key, None)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, '-', msg)
self.assertTrue(ok, 'set None password failed. Password ' +
'(%s/-) not in output: %s' %
(key, msg))
# test clear
key = 'TeStKeY'
value = '-'
self.run_cli_cmd('password clear %s' % key)
msg = self.run_cli_cmd('password list')
ok = self._password_value_exists(key, value, msg)
self.assertFalse(ok, 'clear password failed. Password ' +
'(%s/%s) not in output: %s' %
(key, value, msg))
# test setting/clearing an ssh key
key = 'TeStKeY'
CLIENT.password_set_sshkey(key, PRIVATE_KEY, PUBLIC_KEY)
keynames = CLIENT.password_get_names()
self.assertIn(key, keynames, 'ssh key not in passwords')
CLIENT.password_clear(key)
keynames = CLIENT.password_get_names()
self.assertNotIn(key, keynames, 'ssh key not cleared from passwords')
# check that passwords.yml file size didn't change
size_end = os.path.getsize(pwds_path)
self.assertEqual(size_start, size_end, 'passwords.yml size changed ' +
'from %s to %s' % (size_start, size_end))
# check that password init does not throw an exception
self.run_cli_cmd('password init')
def _run_deploy_rules(playbook):
properties = AnsibleProperties()
inventory = Inventory.load()
# check that password file has no empty password values
empty_keys = get_empty_password_values()
if empty_keys:
raise InvalidConfiguration(
u._('Deploy failed. There are empty password values '
'in {etc}passwords.yml. '
'Please run kolla-cli password init or '
'kolla-cli password set(key) to correct them. '
'\nEmpty passwords: '
'{keys}').format(etc=get_kolla_etc(), keys=empty_keys))
# cannot have both groups and hosts
if playbook.hosts and playbook.groups:
raise InvalidArgument(
u._('Hosts and Groups arguments cannot '
'both be present at the same time.'))
# verify that all services exists
if playbook.services:
for service in playbook.services:
valid_service = inventory.get_service(service)
if not valid_service:
raise NotInInventory(u._('Service'), service)
# check that every group with enabled services
# has hosts associated to it
group_services = inventory.get_group_services()
failed_groups = []
failed_services = []
if group_services:
for (groupname, servicenames) in group_services.items():
group = inventory.get_group(groupname)
hosts = group.get_hostnames()
group_needs_host = False
if not hosts:
for servicename in servicenames:
if _is_service_enabled(servicename, inventory, properties):
group_needs_host = True
failed_services.append(servicename)
if group_needs_host:
failed_groups.append(groupname)
if len(failed_groups) > 0:
raise InvalidConfiguration(
u._('Deploy failed. '
'Groups: {groups} with enabled '
'services : {services} '
'have no associated hosts').format(
groups=failed_groups, services=failed_services))
# check that ring files are in /etc/kolla/config/swift if
# swift is enabled
expected_files = ['account.ring.gz', 'container.ring.gz', 'object.ring.gz']
is_swift_enabled = _is_service_enabled('swift', inventory, properties)
if is_swift_enabled:
path_pre = os.path.join(get_kolla_etc(), 'config', 'swift')
for expected_file in expected_files:
path = os.path.join(path_pre, expected_file)
if not os.path.isfile(path):
msg = u._('Deploy failed. '
'Swift is enabled but ring buffers have '
'not yet been set up. Please see the '
'documentation for swift configuration '
'instructions.')
raise InvalidConfiguration(msg)
