From: Steve Baker <sbaker@redhat.com>
Date: Tue, 2 Apr 2013 01:57:51 +0000 (+1300)
Subject: Allow nova operations with only auth_token
X-Git-Tag: 2014.1~732^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=8234fb0d0e7d4a1398c983e3c018575b4f35e43a;p=openstack-build%2Fheat-build.git

Allow nova operations with only auth_token

This uses the same technique as Horizon for auth_token operations.

Specifically, the nova endpoint is found directly from keystone
and the auth_token and management_url are set on novaclient
after it has been created.

Note that the explicit call to authenticate() is not required
and actually breaks the auth_token case.

Tested by launching a stack with and without the --token-only flag

Also tested using Horizon, which is auth_token only

Part of blueprint auth-token-only

Change-Id: Ic11a838b96a4b5130cb2ac9d685e8a97c9d0a0ad
---

diff --git a/heat/engine/clients.py b/heat/engine/clients.py
index 4673f4ab..dd9560c2 100644
--- a/heat/engine/clients.py
+++ b/heat/engine/clients.py
@@ -89,11 +89,8 @@ class OpenStackClients(object):
             args['username'] = con.username
             args['api_key'] = con.password
         elif con.auth_token is not None:
-            args['username'] = con.service_user
-            args['api_key'] = con.service_password
-            args['project_id'] = con.service_tenant
-            args['proxy_token'] = con.auth_token
-            args['proxy_tenant_id'] = con.tenant_id
+            args['username'] = None
+            args['api_key'] = None
         else:
             logger.error("Nova connection failed, no password or auth_token!")
             return None
@@ -104,15 +101,17 @@ class OpenStackClients(object):
             # ref https://bugs.launchpad.net/python-novaclient/+bug/1020238
             # TODO(shardy): May be able to remove when the bug above is fixed
             client = novaclient.Client(1.1, no_cache=True, **args)
-            client.authenticate()
             self._nova[service_type] = client
         except TypeError:
             # for compatibility with essex, which doesn't have no_cache=True
             # TODO(shardy): remove when we no longer support essex
             client = novaclient.Client(1.1, **args)
-            client.authenticate()
             self._nova[service_type] = client
 
+        if con.password is None and con.auth_token is not None:
+            management_url = self.url_for(service_type=service_type)
+            client.client.auth_token = con.auth_token
+            client.client.management_url = management_url
         return client
 
     def swift(self):