]> review.fuel-infra Code Review - openstack-build/heat-build.git/commitdiff
Code Review / openstack-build / heat-build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 84ec72a)
Allow nova operations with only auth_token
authorSteve Baker <sbaker@redhat.com>
Tue, 2 Apr 2013 01:57:51 +0000 (14:57 +1300)
committerSteve Baker <sbaker@redhat.com>
Tue, 2 Apr 2013 03:05:48 +0000 (16:05 +1300)
This uses the same technique as Horizon for auth_token operations.

Specifically, the nova endpoint is found directly from keystone
and the auth_token and management_url are set on novaclient
after it has been created.

Note that the explicit call to authenticate() is not required
and actually breaks the auth_token case.

Tested by launching a stack with and without the --token-only flag

Also tested using Horizon, which is auth_token only

Part of blueprint auth-token-only

Change-Id: Ic11a838b96a4b5130cb2ac9d685e8a97c9d0a0ad

heat/engine/clients.py patch | blob | history

diff --git a/heat/engine/clients.py b/heat/engine/clients.py
index 4673f4abac4697670d1a9c62d5f24432c475b042..dd9560c208d81840a7c2d99e2bc84a9a86322d08 100644 (file)
--- a/heat/engine/clients.py
+++ b/heat/engine/clients.py
@@ -89,11 +89,8 @@ class OpenStackClients(object):
             args['username'] = con.username
             args['api_key'] = con.password
         elif con.auth_token is not None:
-            args['username'] = con.service_user
-            args['api_key'] = con.service_password
-            args['project_id'] = con.service_tenant
-            args['proxy_token'] = con.auth_token
-            args['proxy_tenant_id'] = con.tenant_id
+            args['username'] = None
+            args['api_key'] = None
         else:
             logger.error("Nova connection failed, no password or auth_token!")
             return None
@@ -104,15 +101,17 @@ class OpenStackClients(object):
             # ref https://bugs.launchpad.net/python-novaclient/+bug/1020238
             # TODO(shardy): May be able to remove when the bug above is fixed
             client = novaclient.Client(1.1, no_cache=True, **args)
-            client.authenticate()
             self._nova[service_type] = client
         except TypeError:
             # for compatibility with essex, which doesn't have no_cache=True
             # TODO(shardy): remove when we no longer support essex
             client = novaclient.Client(1.1, **args)
-            client.authenticate()
             self._nova[service_type] = client
 
+        if con.password is None and con.auth_token is not None:
+            management_url = self.url_for(service_type=service_type)
+            client.client.auth_token = con.auth_token
+            client.client.management_url = management_url
         return client
 
     def swift(self):