def setUpClass(cls):
auth = v3.Password(user_domain_name='Default',
username=cfg.common.user,
password=cfg.common.password,
project_domain_name='Default',
project_name=cfg.common.tenant,
auth_url=cfg.common.keystone_url)
session = ks_session.Session(auth=auth)
cls.keystone_client = ks_client.Client(session=session)
cls.auth_ref = auth.get_auth_ref(session)
cls.service_catalog = cls.auth_ref.service_catalog
if utils.glare_enabled():
glare_endpoint = "http://127.0.0.1:9494"
artifacts_client = glare_client.Client(
endpoint=glare_endpoint,
token=cls.auth_ref.auth_token,
insecure=False,
key_file=None,
ca_file=None,
cert_file=None,
type_name="murano",
type_version=1)
else:
artifacts_client = None
cls.murano_client = mclient.Client(
artifacts_client=artifacts_client,
endpoint_override=cfg.common.murano_url,
session=session)
cls.url_prefix = urlparse.urlparse(cfg.common.horizon_url).path or ''
if cls.url_prefix.endswith('/'):
cls.url_prefix = cls.url_prefix[:-1]
def _get_glare_client(self):
glare_settings = CONF.glare
session = auth_utils.get_client_session(self._execution_session)
token = session.auth.get_token(session)
if self._last_glare_token != token:
self._last_glare_token = token
self._glare_client = None
if self._glare_client is None:
url = glare_settings.url
if not url:
url = session.get_endpoint(
service_type='artifact',
interface=glare_settings.endpoint_type,
region_name=CONF.home_region)
self._glare_client = glare_client.Client(
endpoint=url,
token=token,
insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file or None,
type_name='murano',
type_version=1)
return self._glare_client
def artifactclient(request):
endpoint = _get_glare_endpoint(request)
insecure = getattr(settings, 'GLARE_API_INSECURE', False)
token_id = request.user.token.id
return art_client.Client(endpoint=endpoint, token=token_id,
insecure=insecure, type_name='murano',
type_version=1)
def make_client(instance):
"""Returns an application-catalog service client"""
application_catalog_client = utils.get_client_class(
API_NAME,
instance._api_version[API_NAME],
API_VERSIONS)
LOG.debug("Instantiating application-catalog client: {0}".format(
application_catalog_client))
kwargs = {
'session': instance.session,
'service_type': 'application-catalog',
'region_name': instance._region_name
}
murano_packages_service = \
instance.get_configuration().get('murano_packages_service')
if murano_packages_service == 'glare':
glare_endpoint = instance.get_configuration().get('glare_url')
if not glare_endpoint:
try:
# no glare_endpoint and we requested to store packages in glare
# check keystone catalog
glare_endpoint = instance.get_endpoint_for_service_type(
'artifact',
region_name=instance._region_name,
interface=instance._interface
)
except Exception:
raise exc.CommandError(
"You set murano-packages-service to {}"
" but there is not 'artifact' endpoint in keystone"
" Either register one or specify endpoint "
" via either --glare-url or env[GLARE_API]".format(
murano_packages_service))
artifacts_client = art_client.Client(
endpoint=glare_endpoint,
type_name='murano',
type_version=1,
token=instance.auth_ref.auth_token)
kwargs['artifacts_client'] = artifacts_client
murano_endpoint = instance.get_configuration().get('murano_url')
if not murano_endpoint:
murano_endpoint = instance.get_endpoint_for_service_type(
'application-catalog',
region_name=instance._region_name,
interface=instance._interface
)
client = application_catalog_client(murano_endpoint, **kwargs)
return client
def murano_client(cls):
murano_url = cls.get_murano_url()
if CONF.murano.packages_service == "glare":
glare_endpoint = "http://127.0.0.1:9494"
artifacts_client = glare_client.Client(
endpoint=glare_endpoint,
token=cls.keystone_client().auth_token,
insecure=False, key_file=None, ca_file=None, cert_file=None,
type_name="murano", type_version=1)
else:
artifacts_client = None
return mclient.Client('1',
artifacts_client=artifacts_client,
endpoint=murano_url,
token=cls.keystone_client().auth_token)
def _get_glare_client(self, request):
glare_settings = CONF.glare
token = request.context.auth_token
url = glare_settings.url
if not url:
url = self._get_glare_url(request)
client = glare_client.Client(endpoint=url,
token=token,
insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file
or None,
type_name='murano',
type_version=1)
return client
def _get_glareclient(token_id, req):
glare_settings = CONF.glare
url = glare_settings.url or req.endpoints.get('glare')
if not url:
LOG.error('No glare url is specified and no "artifact" '
'service is registered in keystone.')
return glare_client.Client(endpoint=url,
token=token_id,
insecure=glare_settings.insecure,
key_file=glare_settings.key_file or None,
ca_file=glare_settings.ca_file or None,
cert_file=glare_settings.cert_file or None,
type_name='murano',
type_version=1)
def _get_glare_client(self, request):
glare_settings = CONF.glare
token = request.context.auth_token
url = glare_settings.url
if not url:
url = self._get_glare_url(request)
# TODO(gyurco): use auth_utils.get_session_client_parameters
client = glare_client.Client(endpoint=url,
token=token,
insecure=glare_settings.insecure,
key_file=glare_settings.keyfile or None,
ca_file=glare_settings.cafile or None,
cert_file=glare_settings.certfile or None,
type_name='murano',
type_version=1)
return client
def factory(keystone_client, auth_token):
glance_settings = CONF.glance
glance_url = (glance_settings.url
or keystone_client.service_catalog.url_for(
service_type='image',
endpoint_type=glance_settings.endpoint_type))
return art_client.Client(endpoint=glance_url,
token=auth_token,
insecure=glance_settings.insecure,
key_file=glance_settings.key_file or None,
cacert=glance_settings.cacert or None,
cert_file=(glance_settings.cert_file
or None),
type_name='murano',
type_version=1)
def factory(keystone_client, auth_token):
murano_settings = CONF.murano
murano_url = \
murano_settings.url or keystone_client.service_catalog.url_for(
service_type='application_catalog',
endpoint_type=murano_settings.endpoint_type)
if CONF.packages_opts.packages_service == 'glance':
glance_settings = CONF.glance
glance_url = (glance_settings.url
or keystone_client.service_catalog.url_for(
service_type='image',
endpoint_type=glance_settings.endpoint_type))
arts = art_client.Client(endpoint=glance_url,
token=auth_token,
insecure=glance_settings.insecure,
key_file=glance_settings.key_file
or None,
ca_file=glance_settings.ca_file
or None,
cert_file=glance_settings.cert_file
or None,
type_name='murano',
type_version=1)
else:
arts = None
return muranoclient.Client(endpoint=murano_url,
key_file=murano_settings.key_file
or None,
ca_file=murano_settings.cacert or None,
cert_file=murano_settings.cert_file
or None,
insecure=murano_settings.insecure,
auth_url=keystone_client.auth_url,
token=auth_token,
artifacts_client=arts)
def main(self, argv):
# Parse args once to find version
parser = self.get_base_parser(argv)
(options, args) = parser.parse_known_args(argv)
self._setup_logging(options.debug)
# build available subcommands based on version
api_version = options.murano_api_version
subcommand_parser = self.get_subcommand_parser(api_version, argv)
self.parser = subcommand_parser
keystone_session = None
keystone_auth = None
# Handle top-level --help/-h before attempting to parse
# a command off the command line.
if (not args and options.help) or not argv:
self.do_help(options)
return 0
# Parse args again and call whatever callback was selected.
args = subcommand_parser.parse_args(argv)
# Short-circuit and deal with help command right away.
if args.func == self.do_help:
self.do_help(args)
return 0
elif args.func == self.do_bash_completion:
self.do_bash_completion(args)
return 0
if not args.os_username and not args.os_auth_token:
raise exc.CommandError("You must provide a username via"
" either --os-username or env[OS_USERNAME]"
" or a token via --os-auth-token or"
" env[OS_AUTH_TOKEN]")
if args.murano_packages_service == 'glance':
args.murano_packages_service = 'glare'
if args.os_no_client_auth:
if not args.murano_url:
raise exc.CommandError(
"If you specify --os-no-client-auth"
" you must also specify a Murano API URL"
" via either --murano-url or env[MURANO_URL]")
if (not args.glare_url
and args.murano_packages_service == 'glare'):
raise exc.CommandError(
"If you specify --os-no-client-auth and"
" set murano-packages-service to 'glare'"
" you must also specify a glare API URL"
" via either --glare-url or env[GLARE_API]")
if (not any([args.os_tenant_id, args.os_project_id])
and args.murano_packages_service == 'glare'):
# TODO(kzaitsev): see if we can use project's name here
# NOTE(kzaitsev): glare v0.1 needs project_id to operate
# correctly
raise exc.CommandError(
"If you specify --os-no-client-auth and"
" set murano-packages-service to 'glare'"
" you must also specify your project's id"
" via either --os-project-id or env[OS_PROJECT_ID] or"
" --os-tenant-id or env[OS_TENANT_ID]")
else:
# Tenant name or ID is needed to make keystoneclient retrieve a
# service catalog, it's not required if os_no_client_auth is
# specified, neither is the auth URL.
if not any([
args.os_tenant_name, args.os_tenant_id, args.os_project_id,
args.os_project_name
]):
raise exc.CommandError("You must provide a project name or"
" project id via --os-project-name,"
" --os-project-id, env[OS_PROJECT_ID]"
" or env[OS_PROJECT_NAME]. You may"
" use os-project and os-tenant"
" interchangeably.")
if not args.os_auth_url:
raise exc.CommandError("You must provide an auth url via"
" either --os-auth-url or via"
" env[OS_AUTH_URL]")
endpoint_type = args.os_endpoint_type or 'publicURL'
endpoint = args.murano_url
glance_endpoint = args.glance_url
if args.os_no_client_auth:
# Authenticate through murano, don't use session
kwargs = {
'username': args.os_username,
'password': args.os_password,
'auth_token': args.os_auth_token,
'auth_url': args.os_auth_url,
'token': args.os_auth_token,
'insecure': args.insecure,
'timeout': args.api_timeout,
'tenant': args.os_project_id or args.os_tenant_id,
}
glance_kwargs = kwargs.copy()
if args.os_region_name:
kwargs['region_name'] = args.os_region_name
glance_kwargs['region_name'] = args.os_region_name
else:
# Create a keystone session and keystone auth
keystone_session = ksession.Session.load_from_cli_options(args)
args.os_project_name = args.os_project_name or args.os_tenant_name
args.os_project_id = args.os_project_id or args.os_tenant_id
# make args compatible with DefaultCLI/AuthCLI
args.os_token = args.os_auth_token
args.os_endpoint = ''
# avoid password prompt if no password given
args.os_password = args.os_password or '<no password>'
(v2_auth_url, v3_auth_url) = self._discover_auth_versions(
keystone_session, args.os_auth_url)
if v3_auth_url:
if (not args.os_user_domain_id
and not args.os_user_domain_name):
args.os_user_domain_name = 'default'
if (not args.os_project_domain_id
and not args.os_project_domain_name):
args.os_project_domain_name = 'default'
keystone_auth = AuthCLI.load_from_argparse_arguments(args)
service_type = args.os_service_type or 'application-catalog'
if not endpoint:
endpoint = keystone_auth.get_endpoint(
keystone_session,
service_type=service_type,
interface=endpoint_type,
region_name=args.os_region_name)
kwargs = {
'session': keystone_session,
'auth': keystone_auth,
'service_type': service_type,
'region_name': args.os_region_name,
}
glance_kwargs = kwargs.copy()
# glance doesn't need endpoint_type
kwargs['endpoint_type'] = endpoint_type
kwargs['tenant'] = keystone_auth.get_project_id(keystone_session)
if args.api_timeout:
kwargs['timeout'] = args.api_timeout
if not glance_endpoint:
try:
glance_endpoint = keystone_auth.get_endpoint(
keystone_session,
service_type='image',
interface=endpoint_type,
region_name=args.os_region_name)
except Exception:
pass
glance_client = None
if glance_endpoint:
try:
# TODO(starodubcevna): switch back to glance APIv2 when it will
# be ready for use.
glance_client = glanceclient.Client('1', glance_endpoint,
**glance_kwargs)
except Exception:
pass
if glance_client:
kwargs['glance_client'] = glance_client
else:
logger.warning("Could not initialize glance client. "
"Image creation will be unavailable.")
kwargs['glance_client'] = None
if args.murano_packages_service == 'glare':
glare_endpoint = args.glare_url
if not glare_endpoint:
# no glare_endpoint and we requested to store packages in glare
# let's check keystone
try:
glare_endpoint = keystone_auth.get_endpoint(
keystone_session,
service_type='artifact',
interface=endpoint_type,
region_name=args.os_region_name)
except Exception:
raise exc.CommandError(
"You set murano-packages-service to {}"
" but there is not 'artifact' endpoint in keystone"
" Either register one or specify endpoint "
" via either --glare-url or env[GLARE_API]".format(
args.murano_packages_service))
auth_token = \
args.os_auth_token or keystone_auth.get_token(keystone_session)
artifacts_client = art_client.Client(endpoint=glare_endpoint,
type_name='murano',
type_version=1,
token=auth_token,
insecure=args.insecure)
kwargs['artifacts_client'] = artifacts_client
client = murano_client.Client(api_version, endpoint, **kwargs)
args.func(client, args)
def main(self, argv):
# Parse args once to find version
parser = self.get_base_parser()
(options, args) = parser.parse_known_args(argv)
self._setup_logging(options.debug)
# build available subcommands based on version
api_version = options.murano_api_version
subcommand_parser = self.get_subcommand_parser(api_version)
self.parser = subcommand_parser
keystone_session = None
keystone_auth = None
# Handle top-level --help/-h before attempting to parse
# a command off the command line.
if (not args and options.help) or not argv:
self.do_help(options)
return 0
# Parse args again and call whatever callback was selected.
args = subcommand_parser.parse_args(argv)
# Short-circuit and deal with help command right away.
if args.func == self.do_help:
self.do_help(args)
return 0
elif args.func == self.do_bash_completion:
self.do_bash_completion(args)
return 0
if not args.os_username and not args.os_auth_token:
raise exc.CommandError("You must provide a username via"
" either --os-username or env[OS_USERNAME]"
" or a token via --os-auth-token or"
" env[OS_AUTH_TOKEN]")
if args.os_no_client_auth:
if not args.murano_url:
raise exc.CommandError(
"If you specify --os-no-client-auth"
" you must also specify a Murano API URL"
" via either --murano-url or env[MURANO_URL]")
if (not args.glance_url and
args.murano_packages_service == 'glance'):
raise exc.CommandError(
"If you specify --os-no-client-auth and"
" set murano-packages-service to 'glance'"
" you must also specify a Glance API URL"
" via either --glance-url or env[GLANCE_URL]")
else:
# Tenant name or ID is needed to make keystoneclient retrieve a
# service catalog, it's not required if os_no_client_auth is
# specified, neither is the auth URL.
if not any([args.os_tenant_name, args.os_tenant_id,
args.os_project_id, args.os_project_name]):
raise exc.CommandError("You must provide a project name or"
" project id via --os-project-name,"
" --os-project-id, env[OS_PROJECT_ID]"
" or env[OS_PROJECT_NAME]. You may"
" use os-project and os-tenant"
" interchangeably.")
if not args.os_auth_url:
raise exc.CommandError("You must provide an auth url via"
" either --os-auth-url or via"
" env[OS_AUTH_URL]")
endpoint = args.murano_url
glance_endpoint = args.glance_url
if args.os_no_client_auth:
# Authenticate through murano, don't use session
kwargs = {
'username': args.os_username,
'password': args.os_password,
'auth_token': args.os_auth_token,
'auth_url': args.os_auth_url,
'token': args.os_auth_token,
'insecure': args.insecure,
'timeout': args.api_timeout
}
glance_kwargs = kwargs.copy()
if args.os_region_name:
kwargs['region_name'] = args.os_region_name
glance_kwargs['region_name'] = args.os_region_name
else:
# Create a keystone session and keystone auth
keystone_session = ksession.Session.load_from_cli_options(args)
project_id = args.os_project_id or args.os_tenant_id
project_name = args.os_project_name or args.os_tenant_name
keystone_auth = self._get_keystone_auth(
keystone_session,
args.os_auth_url,
username=args.os_username,
user_id=args.os_user_id,
user_domain_id=args.os_user_domain_id,
user_domain_name=args.os_user_domain_name,
password=args.os_password,
auth_token=args.os_auth_token,
project_id=project_id,
project_name=project_name,
project_domain_id=args.os_project_domain_id,
project_domain_name=args.os_project_domain_name)
endpoint_type = args.os_endpoint_type or 'publicURL'
service_type = args.os_service_type or 'application-catalog'
if not endpoint:
endpoint = keystone_auth.get_endpoint(
keystone_session,
service_type=service_type,
region_name=args.os_region_name)
kwargs = {
'session': keystone_session,
'auth': keystone_auth,
'service_type': service_type,
'endpoint_type': endpoint_type,
'region_name': args.os_region_name,
}
glance_kwargs = kwargs.copy()
del glance_kwargs['endpoint_type']
if args.api_timeout:
kwargs['timeout'] = args.api_timeout
if not glance_endpoint:
try:
glance_endpoint = keystone_auth.get_endpoint(
keystone_session,
service_type='image',
region_name=args.os_region_name)
except Exception:
pass
glance_client = None
if glance_endpoint:
try:
glance_client = glanceclient.Client(
'2', glance_endpoint, **glance_kwargs)
except Exception:
pass
if glance_client:
kwargs['glance_client'] = glance_client
else:
logger.warning("Could not initialise glance client. "
"Image creation will be unavailable.")
kwargs['glance_client'] = None
if args.murano_packages_service == 'glance':
artifacts_client = art_client.Client(endpoint=glance_endpoint,
type_name='murano',
type_version=1,
username=args.os_username,
password=args.os_password,
token=args.os_auth_token,
insecure=args.insecure)
kwargs['artifacts_client'] = artifacts_client
client = murano_client.Client(api_version, endpoint, **kwargs)
args.func(client, args)
