def setUpClass(cls): auth = v3.Password(user_domain_name='Default', username=cfg.common.user, password=cfg.common.password, project_domain_name='Default', project_name=cfg.common.tenant, auth_url=cfg.common.keystone_url) session = ks_session.Session(auth=auth) cls.keystone_client = ks_client.Client(session=session) cls.auth_ref = auth.get_auth_ref(session) cls.service_catalog = cls.auth_ref.service_catalog if utils.glare_enabled(): glare_endpoint = "http://127.0.0.1:9494" artifacts_client = glare_client.Client( endpoint=glare_endpoint, token=cls.auth_ref.auth_token, insecure=False, key_file=None, ca_file=None, cert_file=None, type_name="murano", type_version=1) else: artifacts_client = None cls.murano_client = mclient.Client( artifacts_client=artifacts_client, endpoint_override=cfg.common.murano_url, session=session) cls.url_prefix = urlparse.urlparse(cfg.common.horizon_url).path or '' if cls.url_prefix.endswith('/'): cls.url_prefix = cls.url_prefix[:-1]
def _get_glare_client(self): glare_settings = CONF.glare session = auth_utils.get_client_session(self._execution_session) token = session.auth.get_token(session) if self._last_glare_token != token: self._last_glare_token = token self._glare_client = None if self._glare_client is None: url = glare_settings.url if not url: url = session.get_endpoint( service_type='artifact', interface=glare_settings.endpoint_type, region_name=CONF.home_region) self._glare_client = glare_client.Client( endpoint=url, token=token, insecure=glare_settings.insecure, key_file=glare_settings.key_file or None, ca_file=glare_settings.ca_file or None, cert_file=glare_settings.cert_file or None, type_name='murano', type_version=1) return self._glare_client
def artifactclient(request): endpoint = _get_glare_endpoint(request) insecure = getattr(settings, 'GLARE_API_INSECURE', False) token_id = request.user.token.id return art_client.Client(endpoint=endpoint, token=token_id, insecure=insecure, type_name='murano', type_version=1)
def make_client(instance): """Returns an application-catalog service client""" application_catalog_client = utils.get_client_class( API_NAME, instance._api_version[API_NAME], API_VERSIONS) LOG.debug("Instantiating application-catalog client: {0}".format( application_catalog_client)) kwargs = { 'session': instance.session, 'service_type': 'application-catalog', 'region_name': instance._region_name } murano_packages_service = \ instance.get_configuration().get('murano_packages_service') if murano_packages_service == 'glare': glare_endpoint = instance.get_configuration().get('glare_url') if not glare_endpoint: try: # no glare_endpoint and we requested to store packages in glare # check keystone catalog glare_endpoint = instance.get_endpoint_for_service_type( 'artifact', region_name=instance._region_name, interface=instance._interface ) except Exception: raise exc.CommandError( "You set murano-packages-service to {}" " but there is not 'artifact' endpoint in keystone" " Either register one or specify endpoint " " via either --glare-url or env[GLARE_API]".format( murano_packages_service)) artifacts_client = art_client.Client( endpoint=glare_endpoint, type_name='murano', type_version=1, token=instance.auth_ref.auth_token) kwargs['artifacts_client'] = artifacts_client murano_endpoint = instance.get_configuration().get('murano_url') if not murano_endpoint: murano_endpoint = instance.get_endpoint_for_service_type( 'application-catalog', region_name=instance._region_name, interface=instance._interface ) client = application_catalog_client(murano_endpoint, **kwargs) return client
def murano_client(cls): murano_url = cls.get_murano_url() if CONF.murano.packages_service == "glare": glare_endpoint = "http://127.0.0.1:9494" artifacts_client = glare_client.Client( endpoint=glare_endpoint, token=cls.keystone_client().auth_token, insecure=False, key_file=None, ca_file=None, cert_file=None, type_name="murano", type_version=1) else: artifacts_client = None return mclient.Client('1', artifacts_client=artifacts_client, endpoint=murano_url, token=cls.keystone_client().auth_token)
def _get_glare_client(self, request): glare_settings = CONF.glare token = request.context.auth_token url = glare_settings.url if not url: url = self._get_glare_url(request) client = glare_client.Client(endpoint=url, token=token, insecure=glare_settings.insecure, key_file=glare_settings.key_file or None, ca_file=glare_settings.ca_file or None, cert_file=glare_settings.cert_file or None, type_name='murano', type_version=1) return client
def _get_glareclient(token_id, req): glare_settings = CONF.glare url = glare_settings.url or req.endpoints.get('glare') if not url: LOG.error('No glare url is specified and no "artifact" ' 'service is registered in keystone.') return glare_client.Client(endpoint=url, token=token_id, insecure=glare_settings.insecure, key_file=glare_settings.key_file or None, ca_file=glare_settings.ca_file or None, cert_file=glare_settings.cert_file or None, type_name='murano', type_version=1)
def _get_glare_client(self, request): glare_settings = CONF.glare token = request.context.auth_token url = glare_settings.url if not url: url = self._get_glare_url(request) # TODO(gyurco): use auth_utils.get_session_client_parameters client = glare_client.Client(endpoint=url, token=token, insecure=glare_settings.insecure, key_file=glare_settings.keyfile or None, ca_file=glare_settings.cafile or None, cert_file=glare_settings.certfile or None, type_name='murano', type_version=1) return client
def factory(keystone_client, auth_token): glance_settings = CONF.glance glance_url = (glance_settings.url or keystone_client.service_catalog.url_for( service_type='image', endpoint_type=glance_settings.endpoint_type)) return art_client.Client(endpoint=glance_url, token=auth_token, insecure=glance_settings.insecure, key_file=glance_settings.key_file or None, cacert=glance_settings.cacert or None, cert_file=(glance_settings.cert_file or None), type_name='murano', type_version=1)
def factory(keystone_client, auth_token): murano_settings = CONF.murano murano_url = \ murano_settings.url or keystone_client.service_catalog.url_for( service_type='application_catalog', endpoint_type=murano_settings.endpoint_type) if CONF.packages_opts.packages_service == 'glance': glance_settings = CONF.glance glance_url = (glance_settings.url or keystone_client.service_catalog.url_for( service_type='image', endpoint_type=glance_settings.endpoint_type)) arts = art_client.Client(endpoint=glance_url, token=auth_token, insecure=glance_settings.insecure, key_file=glance_settings.key_file or None, ca_file=glance_settings.ca_file or None, cert_file=glance_settings.cert_file or None, type_name='murano', type_version=1) else: arts = None return muranoclient.Client(endpoint=murano_url, key_file=murano_settings.key_file or None, ca_file=murano_settings.cacert or None, cert_file=murano_settings.cert_file or None, insecure=murano_settings.insecure, auth_url=keystone_client.auth_url, token=auth_token, artifacts_client=arts)
def main(self, argv): # Parse args once to find version parser = self.get_base_parser(argv) (options, args) = parser.parse_known_args(argv) self._setup_logging(options.debug) # build available subcommands based on version api_version = options.murano_api_version subcommand_parser = self.get_subcommand_parser(api_version, argv) self.parser = subcommand_parser keystone_session = None keystone_auth = None # Handle top-level --help/-h before attempting to parse # a command off the command line. if (not args and options.help) or not argv: self.do_help(options) return 0 # Parse args again and call whatever callback was selected. args = subcommand_parser.parse_args(argv) # Short-circuit and deal with help command right away. if args.func == self.do_help: self.do_help(args) return 0 elif args.func == self.do_bash_completion: self.do_bash_completion(args) return 0 if not args.os_username and not args.os_auth_token: raise exc.CommandError("You must provide a username via" " either --os-username or env[OS_USERNAME]" " or a token via --os-auth-token or" " env[OS_AUTH_TOKEN]") if args.murano_packages_service == 'glance': args.murano_packages_service = 'glare' if args.os_no_client_auth: if not args.murano_url: raise exc.CommandError( "If you specify --os-no-client-auth" " you must also specify a Murano API URL" " via either --murano-url or env[MURANO_URL]") if (not args.glare_url and args.murano_packages_service == 'glare'): raise exc.CommandError( "If you specify --os-no-client-auth and" " set murano-packages-service to 'glare'" " you must also specify a glare API URL" " via either --glare-url or env[GLARE_API]") if (not any([args.os_tenant_id, args.os_project_id]) and args.murano_packages_service == 'glare'): # TODO(kzaitsev): see if we can use project's name here # NOTE(kzaitsev): glare v0.1 needs project_id to operate # correctly raise exc.CommandError( "If you specify --os-no-client-auth and" " set murano-packages-service to 'glare'" " you must also specify your project's id" " via either --os-project-id or env[OS_PROJECT_ID] or" " --os-tenant-id or env[OS_TENANT_ID]") else: # Tenant name or ID is needed to make keystoneclient retrieve a # service catalog, it's not required if os_no_client_auth is # specified, neither is the auth URL. if not any([ args.os_tenant_name, args.os_tenant_id, args.os_project_id, args.os_project_name ]): raise exc.CommandError("You must provide a project name or" " project id via --os-project-name," " --os-project-id, env[OS_PROJECT_ID]" " or env[OS_PROJECT_NAME]. You may" " use os-project and os-tenant" " interchangeably.") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or via" " env[OS_AUTH_URL]") endpoint_type = args.os_endpoint_type or 'publicURL' endpoint = args.murano_url glance_endpoint = args.glance_url if args.os_no_client_auth: # Authenticate through murano, don't use session kwargs = { 'username': args.os_username, 'password': args.os_password, 'auth_token': args.os_auth_token, 'auth_url': args.os_auth_url, 'token': args.os_auth_token, 'insecure': args.insecure, 'timeout': args.api_timeout, 'tenant': args.os_project_id or args.os_tenant_id, } glance_kwargs = kwargs.copy() if args.os_region_name: kwargs['region_name'] = args.os_region_name glance_kwargs['region_name'] = args.os_region_name else: # Create a keystone session and keystone auth keystone_session = ksession.Session.load_from_cli_options(args) args.os_project_name = args.os_project_name or args.os_tenant_name args.os_project_id = args.os_project_id or args.os_tenant_id # make args compatible with DefaultCLI/AuthCLI args.os_token = args.os_auth_token args.os_endpoint = '' # avoid password prompt if no password given args.os_password = args.os_password or '<no password>' (v2_auth_url, v3_auth_url) = self._discover_auth_versions( keystone_session, args.os_auth_url) if v3_auth_url: if (not args.os_user_domain_id and not args.os_user_domain_name): args.os_user_domain_name = 'default' if (not args.os_project_domain_id and not args.os_project_domain_name): args.os_project_domain_name = 'default' keystone_auth = AuthCLI.load_from_argparse_arguments(args) service_type = args.os_service_type or 'application-catalog' if not endpoint: endpoint = keystone_auth.get_endpoint( keystone_session, service_type=service_type, interface=endpoint_type, region_name=args.os_region_name) kwargs = { 'session': keystone_session, 'auth': keystone_auth, 'service_type': service_type, 'region_name': args.os_region_name, } glance_kwargs = kwargs.copy() # glance doesn't need endpoint_type kwargs['endpoint_type'] = endpoint_type kwargs['tenant'] = keystone_auth.get_project_id(keystone_session) if args.api_timeout: kwargs['timeout'] = args.api_timeout if not glance_endpoint: try: glance_endpoint = keystone_auth.get_endpoint( keystone_session, service_type='image', interface=endpoint_type, region_name=args.os_region_name) except Exception: pass glance_client = None if glance_endpoint: try: # TODO(starodubcevna): switch back to glance APIv2 when it will # be ready for use. glance_client = glanceclient.Client('1', glance_endpoint, **glance_kwargs) except Exception: pass if glance_client: kwargs['glance_client'] = glance_client else: logger.warning("Could not initialize glance client. " "Image creation will be unavailable.") kwargs['glance_client'] = None if args.murano_packages_service == 'glare': glare_endpoint = args.glare_url if not glare_endpoint: # no glare_endpoint and we requested to store packages in glare # let's check keystone try: glare_endpoint = keystone_auth.get_endpoint( keystone_session, service_type='artifact', interface=endpoint_type, region_name=args.os_region_name) except Exception: raise exc.CommandError( "You set murano-packages-service to {}" " but there is not 'artifact' endpoint in keystone" " Either register one or specify endpoint " " via either --glare-url or env[GLARE_API]".format( args.murano_packages_service)) auth_token = \ args.os_auth_token or keystone_auth.get_token(keystone_session) artifacts_client = art_client.Client(endpoint=glare_endpoint, type_name='murano', type_version=1, token=auth_token, insecure=args.insecure) kwargs['artifacts_client'] = artifacts_client client = murano_client.Client(api_version, endpoint, **kwargs) args.func(client, args)
def main(self, argv): # Parse args once to find version parser = self.get_base_parser() (options, args) = parser.parse_known_args(argv) self._setup_logging(options.debug) # build available subcommands based on version api_version = options.murano_api_version subcommand_parser = self.get_subcommand_parser(api_version) self.parser = subcommand_parser keystone_session = None keystone_auth = None # Handle top-level --help/-h before attempting to parse # a command off the command line. if (not args and options.help) or not argv: self.do_help(options) return 0 # Parse args again and call whatever callback was selected. args = subcommand_parser.parse_args(argv) # Short-circuit and deal with help command right away. if args.func == self.do_help: self.do_help(args) return 0 elif args.func == self.do_bash_completion: self.do_bash_completion(args) return 0 if not args.os_username and not args.os_auth_token: raise exc.CommandError("You must provide a username via" " either --os-username or env[OS_USERNAME]" " or a token via --os-auth-token or" " env[OS_AUTH_TOKEN]") if args.os_no_client_auth: if not args.murano_url: raise exc.CommandError( "If you specify --os-no-client-auth" " you must also specify a Murano API URL" " via either --murano-url or env[MURANO_URL]") if (not args.glance_url and args.murano_packages_service == 'glance'): raise exc.CommandError( "If you specify --os-no-client-auth and" " set murano-packages-service to 'glance'" " you must also specify a Glance API URL" " via either --glance-url or env[GLANCE_URL]") else: # Tenant name or ID is needed to make keystoneclient retrieve a # service catalog, it's not required if os_no_client_auth is # specified, neither is the auth URL. if not any([args.os_tenant_name, args.os_tenant_id, args.os_project_id, args.os_project_name]): raise exc.CommandError("You must provide a project name or" " project id via --os-project-name," " --os-project-id, env[OS_PROJECT_ID]" " or env[OS_PROJECT_NAME]. You may" " use os-project and os-tenant" " interchangeably.") if not args.os_auth_url: raise exc.CommandError("You must provide an auth url via" " either --os-auth-url or via" " env[OS_AUTH_URL]") endpoint = args.murano_url glance_endpoint = args.glance_url if args.os_no_client_auth: # Authenticate through murano, don't use session kwargs = { 'username': args.os_username, 'password': args.os_password, 'auth_token': args.os_auth_token, 'auth_url': args.os_auth_url, 'token': args.os_auth_token, 'insecure': args.insecure, 'timeout': args.api_timeout } glance_kwargs = kwargs.copy() if args.os_region_name: kwargs['region_name'] = args.os_region_name glance_kwargs['region_name'] = args.os_region_name else: # Create a keystone session and keystone auth keystone_session = ksession.Session.load_from_cli_options(args) project_id = args.os_project_id or args.os_tenant_id project_name = args.os_project_name or args.os_tenant_name keystone_auth = self._get_keystone_auth( keystone_session, args.os_auth_url, username=args.os_username, user_id=args.os_user_id, user_domain_id=args.os_user_domain_id, user_domain_name=args.os_user_domain_name, password=args.os_password, auth_token=args.os_auth_token, project_id=project_id, project_name=project_name, project_domain_id=args.os_project_domain_id, project_domain_name=args.os_project_domain_name) endpoint_type = args.os_endpoint_type or 'publicURL' service_type = args.os_service_type or 'application-catalog' if not endpoint: endpoint = keystone_auth.get_endpoint( keystone_session, service_type=service_type, region_name=args.os_region_name) kwargs = { 'session': keystone_session, 'auth': keystone_auth, 'service_type': service_type, 'endpoint_type': endpoint_type, 'region_name': args.os_region_name, } glance_kwargs = kwargs.copy() del glance_kwargs['endpoint_type'] if args.api_timeout: kwargs['timeout'] = args.api_timeout if not glance_endpoint: try: glance_endpoint = keystone_auth.get_endpoint( keystone_session, service_type='image', region_name=args.os_region_name) except Exception: pass glance_client = None if glance_endpoint: try: glance_client = glanceclient.Client( '2', glance_endpoint, **glance_kwargs) except Exception: pass if glance_client: kwargs['glance_client'] = glance_client else: logger.warning("Could not initialise glance client. " "Image creation will be unavailable.") kwargs['glance_client'] = None if args.murano_packages_service == 'glance': artifacts_client = art_client.Client(endpoint=glance_endpoint, type_name='murano', type_version=1, username=args.os_username, password=args.os_password, token=args.os_auth_token, insecure=args.insecure) kwargs['artifacts_client'] = artifacts_client client = murano_client.Client(api_version, endpoint, **kwargs) args.func(client, args)