From: Steven Hardy Date: Fri, 22 Feb 2013 11:00:44 +0000 (+0000) Subject: heat loadbalancer : make LB nested template create credentials X-Git-Tag: 2014.1~868^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=a756566e4917cd31429c71dcde286a6d7ba4fe1a;p=openstack-build%2Fheat-build.git heat loadbalancer : make LB nested template create credentials Create User/AccessKey resources correctly in the LB nested template so we can create a cfn-credentials file which will allow cfn-hup to access the CFN API fixes bug 1131663 Change-Id: I11b6640dbc5689de8f6103f4c1e841f42acbba54 --- diff --git a/heat/engine/resources/loadbalancer.py b/heat/engine/resources/loadbalancer.py index 5c7267c4..0bdaa505 100644 --- a/heat/engine/resources/loadbalancer.py +++ b/heat/engine/resources/loadbalancer.py @@ -45,6 +45,15 @@ lb_template = ''' "ComparisonOperator": "GreaterThanThreshold" } }, + "CfnLBUser" : { + "Type" : "AWS::IAM::User" + }, + "CfnLBAccessKey" : { + "Type" : "AWS::IAM::AccessKey", + "Properties" : { + "UserName" : {"Ref": "CfnLBUser"} + } + }, "LB_instance": { "Type": "AWS::EC2::Instance", "Metadata": { @@ -65,6 +74,16 @@ lb_template = ''' } }, "files": { + "/etc/cfn/cfn-credentials" : { + "content" : { "Fn::Join" : ["", [ + "AWSAccessKeyId=", { "Ref" : "CfnLBAccessKey" }, "\\n", + "AWSSecretKey=", {"Fn::GetAtt": ["CfnLBAccessKey", + "SecretAccessKey"]}, "\\n" + ]]}, + "mode" : "000400", + "owner" : "root", + "group" : "root" + }, "/etc/cfn/cfn-hup.conf" : { "content" : { "Fn::Join" : ["", [ "[main]\\n", @@ -130,7 +149,6 @@ lb_template = ''' { "Ref": "AWS::StackName" }, " -r LB_instance ", " --region ", { "Ref": "AWS::Region" }, "\\n", - "touch /etc/cfn/cfn-credentials\\n", "# install cfn-hup crontab\\n", "crontab /tmp/cfn-hup-crontab.txt\\n" ]]}} diff --git a/heat/tests/test_loadbalancer.py b/heat/tests/test_loadbalancer.py index d15cd507..33a76b85 100644 --- a/heat/tests/test_loadbalancer.py +++ b/heat/tests/test_loadbalancer.py @@ -26,10 +26,12 @@ from heat.common import context from heat.common import template_format from heat.engine import parser from heat.engine.resources import instance +from heat.engine.resources import user from heat.engine.resources import loadbalancer as lb from heat.engine.resource import Metadata from heat.engine.resources import stack from heat.tests.v1_1 import fakes +from heat.tests import fakes as test_fakes def create_context(mocks, user='lb_test_user', @@ -52,6 +54,8 @@ class LoadBalancerTest(unittest.TestCase): self.m.StubOutWithMock(instance.Instance, 'nova') self.m.StubOutWithMock(self.fc.servers, 'create') self.m.StubOutWithMock(Metadata, '__set__') + self.fkc = test_fakes.FakeKeystoneClient( + username='test_stack.CfnLBUser') def tearDown(self): self.m.UnsetStubs() @@ -84,6 +88,11 @@ class LoadBalancerTest(unittest.TestCase): return resource def test_loadbalancer(self): + self.m.StubOutWithMock(user.User, 'keystone') + user.User.keystone().MultipleTimes().AndReturn(self.fkc) + self.m.StubOutWithMock(user.AccessKey, 'keystone') + user.AccessKey.keystone().MultipleTimes().AndReturn(self.fkc) + lb.LoadBalancer.nova().AndReturn(self.fc) instance.Instance.nova().MultipleTimes().AndReturn(self.fc) self.fc.servers.create(