From: Tomas Sedovic Date: Mon, 26 Mar 2012 13:50:46 +0000 (+0200) Subject: Consistently use Keystone auth from environment X-Git-Tag: 2014.1~2155 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=072cc84d4996d8219a0f1df99492134d462e0e5c;p=openstack-build%2Fheat-build.git Consistently use Keystone auth from environment Fixes #33 All mentions of non-keystone auth environment variables were removed. Acessing the proper Keystone ENV was localized into parse_options. We can now consistently use the `options` object instead of writing `options.username or getenv['OS_USERNAME']` all over the place. --- diff --git a/bin/heat b/bin/heat index 6c90ee8a..894085d0 100755 --- a/bin/heat +++ b/bin/heat @@ -65,7 +65,8 @@ def catch_error(action): return SUCCESS if ret is None else ret except exception.NotAuthorized: print "Not authorized to make this request. Check "\ - "your credentials (OS_AUTH_USER, OS_AUTH_KEY, ...)." + "your credentials (OS_USERNAME, OS_PASSWORD, "\ + "OS_TENANT_NAME, OS_AUTH_URL and OS_AUTH_STRATEGY)." return FAILURE except exception.ClientConfigurationError: raise @@ -278,11 +279,11 @@ def jeos_create(options, arguments): print 'Registering JEOS image with OpenStack Glance.' - creds = dict(username=os.getenv('OS_USERNAME'), - password=os.getenv('OS_PASSWORD'), - tenant=os.getenv('OS_TENANT_NAME'), - auth_url=os.getenv('OS_AUTH_URL'), - strategy=os.getenv('OS_AUTH_STRATEGY', 'noauth')) + creds = dict(username=options.username, + password=options.password, + tenant=options.tenant, + auth_url=options.auth_url, + strategy=options.auth_strategy) client = glance_client.Client(host="0.0.0.0", port=9292, use_ssl=False, auth_tok=None, creds=creds) @@ -297,7 +298,7 @@ def jeos_create(options, arguments): 'disk_format': 'qcow2', 'min_disk': 0, 'min_ram': 0, - 'owner': os.getenv('OS_USERNAME'), + 'owner': options.username, 'container_format': 'bare'} images = client.get_images(**parameters) @@ -340,6 +341,7 @@ def get_client(options): port=options.port, username=options.username, password=options.password, + tenant=options.tenant, auth_url=options.auth_url, auth_strategy=options.auth_strategy, auth_token=options.auth_token, @@ -387,6 +389,9 @@ def create_options(parser): parser.add_option('-K', '--password', dest="password", metavar="PASSWORD", default=None, help="Password used to acquire an authentication token") + parser.add_option('-T', '--tenant', dest="tenant", + metavar="TENANT", default=None, + help="Tenant name used for Keystone authentication") parser.add_option('-R', '--region', dest="region", metavar="REGION", default=None, help="Region name. When using keystone authentication " @@ -409,6 +414,12 @@ def create_options(parser): parser.add_option('-P', '--parameters', metavar="parameters", default=None, help="Parameter values used to create the stack.") +def credentials_from_env(): + return dict(username=os.getenv('OS_USERNAME'), + password=os.getenv('OS_PASSWORD'), + tenant=os.getenv('OS_TENANT_NAME'), + auth_url=os.getenv('OS_AUTH_URL'), + auth_strategy=os.getenv('OS_AUTH_STRATEGY')) def parse_options(parser, cli_args): """ @@ -421,11 +432,19 @@ def parse_options(parser, cli_args): cli_args.append('-h') # Show options in usage output... (options, args) = parser.parse_args(cli_args) + env_opts = credentials_from_env() + for option, env_val in env_opts.items(): + if not getattr(options, option): + setattr(options, option, env_val) + if options.url is not None: u = urlparse(options.url) options.port = u.port options.host = u.hostname + if not options.auth_strategy: + options.auth_strategy = 'noauth' + options.use_ssl = (options.url is not None and u.scheme == 'https') # HACK(sirp): Make the parser available to the print_help method diff --git a/heat/client.py b/heat/client.py index d0cd6dc1..1d75337c 100644 --- a/heat/client.py +++ b/heat/client.py @@ -102,22 +102,17 @@ def get_client(host, port=None, username=None, defaults. """ - if auth_url or os.getenv('OS_AUTH_URL'): + if auth_url: force_strategy = 'keystone' else: force_strategy = None - creds = dict(username=username or - os.getenv('OS_AUTH_USER', os.getenv('OS_USERNAME')), - password=password or - os.getenv('OS_AUTH_KEY', os.getenv('OS_PASSWORD')), - tenant=tenant or - os.getenv('OS_AUTH_TENANT', - os.getenv('OS_TENANT_NAME')), - auth_url=auth_url or os.getenv('OS_AUTH_URL'), - strategy=force_strategy or auth_strategy or - os.getenv('OS_AUTH_STRATEGY', 'noauth'), - region=region or os.getenv('OS_REGION_NAME'), + creds = dict(username=username, + password=password, + tenant=tenant, + auth_url=auth_url, + strategy=force_strategy or auth_strategy, + region=region, ) if creds['strategy'] == 'keystone' and not creds['auth_url']: @@ -133,7 +128,6 @@ def get_client(host, port=None, username=None, return client(host=host, port=port, use_ssl=use_ssl, - auth_tok=auth_token or - os.getenv('OS_TOKEN'), + auth_tok=auth_token, creds=creds, insecure=insecure)