Ian Main [Fri, 22 Jun 2012 15:48:23 +0000 (08:48 -0700)]
Factor out authenticate method for engine.
This patch factors out an authenticate() function for use by both
the heat service authentication and the resource authentication.
This fixes the AWS auth method for creating resources - issue #153.
Change-Id: I134e993263ae6ba4890f56bfbe6a6a3205b7f921 Signed-off-by: Ian Main <imain@redhat.com>
Ian Main [Fri, 22 Jun 2012 16:55:17 +0000 (09:55 -0700)]
Fix metadata startup.
A previous change to wsgi init caused the metadata to break. This
makes the 4th argument to init optional allowing other wsgi apps to
continue to work as normal.
Change-Id: Ib0e7042f656a9319013dba4e30c7ffa35cb85f92 Signed-off-by: Ian Main <imain@redhat.com>
Steven Dake [Thu, 21 Jun 2012 22:05:00 +0000 (15:05 -0700)]
Remove service name from nova() def
The service_name field is not unique between distros or versions of
openstack, but is used to select endpoints for communication with nova
and volume services. The nova client will sort out the correct operation
based upon the service_type field.
The service_name field should probably just be removed from the API
definition upstream.
Tested on F16 & Devstack U12.
Change-Id: I36409dba9d9ec2b453a027fc1e2e78f7c8ace2a2 Signed-off-by: Steven Dake <sdake@redhat.com>
Steven Hardy [Thu, 21 Jun 2012 09:52:25 +0000 (10:52 +0100)]
heat API : Add support for ContentType=JSON query parameter
From reading the boto code, and looking at real AWS API responses
it would appear there is an (undocumented?) AWS query parameter
which switches response format from XML (default) to JSON
ref #125
Change-Id: I7c8b0f5701be5ff8bd0a3b135e42cf0e46e39ded Signed-off-by: Steven Hardy <shardy@redhat.com>
Tomas Sedovic [Tue, 19 Jun 2012 12:54:27 +0000 (14:54 +0200)]
Make the describe-resource API calls user-aware
Fixes #143
The stack retrieval DB calls were already fixed in previous commits but
there was still one query (resource_get_by_physical_resource_id) that
would return any resource, not just the ones owned the user.
Angus Salkeld [Wed, 20 Jun 2012 11:24:44 +0000 (21:24 +1000)]
Make the saving cfn-signaling more reliable
1) The metadata saved in manager.py was not always showing up
in the db (from wait_condition.py)
2) Reuse a little method in parser.py to retrieve the parsed_template
db entry (and store the parsed_template_id).
Steven Hardy [Mon, 18 Jun 2012 10:30:50 +0000 (11:30 +0100)]
heat api/engine : Reworked approach to aligning with AWS date format
Modifies heat internal default date-string representation to match AWS spec
Note heat.common.utils.strtime default format loses sub-second precision
Avoids having to regex mangle datetime string format
ref #125
Change-Id: I1347e82b1c3ccac5eac7c85858cf8009723547c2 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Hardy [Sat, 16 Jun 2012 07:39:10 +0000 (08:39 +0100)]
heat API : Align time format with AWS spec
- Reformat ListStacks/DescribeStacks responses to align time format with AWS spec
- Remove duplicate member tags in DescribeStacks (now handled by XMLResponseSerializer)
ref #125
Change-Id: Ib001acba591dba52f3f56052427d2b298d781ea0 Signed-off-by: Steven Hardy <shardy@redhat.com>
Zane Bitter [Sun, 17 Jun 2012 14:05:57 +0000 (16:05 +0200)]
Move parsing of parameters out of template parser
The format of the params received by the manager is a property of the Heat
API protocol, not of the template, so it makes sense not to have the parser
extracting the template parameter data from them. This simplifies the
implementation of #123 (Nested Stacks).
Zane Bitter [Sun, 17 Jun 2012 14:05:57 +0000 (16:05 +0200)]
Get stacks from the DB by either name or id
This code was previously misleading, as it appeared to get stacks by id,
but actually got them by name. This patch adds a separate API, so
get_stack() gets the stack by id and get_stack_by_name() gets it by name.
Zane Bitter [Fri, 15 Jun 2012 14:19:08 +0000 (16:19 +0200)]
Fix latest DB migration script
Unfortunately, as long as the user_creds_id column is not nullable the
script will still fail if there is data in the database. However with this
patch it is at least left in a recoverable state. Also, downgrades now
work.
Zane Bitter [Tue, 12 Jun 2012 14:23:35 +0000 (16:23 +0200)]
Raise NotFound exceptions from database
Raise a specific exception (NotFound) if something is not found in the
database. Then we can match on this exception, rather than searching the
error message (which effectively makes the text of error messages part of
the API).
Zane Bitter [Tue, 5 Jun 2012 07:46:10 +0000 (09:46 +0200)]
Tidy up Resource creation and deletion
Most of this code is common between resources, so put it in the parent
Resource class and have subclasses provide handle_create()/handle_delete()
methods for all their extra needs.
Ian Main [Fri, 15 Jun 2012 00:46:12 +0000 (17:46 -0700)]
Add a user creds database table and associate stacks with username.
This patch takes the credentials passed in from the context and allows
you to store them in the database in the 'user_creds' table for later
use with HA operations. It also adds a 'username' to the stack table
for direct comparison and user validation to support per-user stacks.
Steven Hardy [Wed, 13 Jun 2012 14:45:46 +0000 (15:45 +0100)]
heat API : return response body as XML not JSON
AWS API returns response as XML, this implements a new response serializer which
turns dicts returned from the engine into AWS style XML responses. Ref #125.
Updated following review comment.
Change-Id: I8170ed814be0b5cea98761a2723e12be216374a3 Signed-off-by: Steven Hardy <shardy@redhat.com>
Ian Main [Tue, 12 Jun 2012 23:37:26 +0000 (16:37 -0700)]
Pass Full Credentials to Engine
In order to support HA operations, eg restarting an instance, we
need to have full credentials in the engine. This patch passes
in the credential information into the engine and uses it to validate
the the user. A future patch will have this information stored in
database and associated with each stack. It also assigns the username
in the case of EC2 style authentication allowing us to support
per-user stacks with EC2 auth.
Change-Id: I4b92f83d4d10a2bfebd4ddedc8a4f53b3e1217fe Signed-off-by: Ian Main <imain@redhat.com>
Zane Bitter [Tue, 5 Jun 2012 10:07:37 +0000 (12:07 +0200)]
Fix parsing of metadata
I broke metadata in bece6593f00f8e096f045982673f85c67863b932 by no longer
updating the parsed template in the database. We need to resolve references
runtime data before storing the parsed template, because the metadata code
uses this directly.
Zane Bitter [Fri, 1 Jun 2012 08:50:15 +0000 (10:50 +0200)]
Refactor template resolution
Resolve functions in templates by making a copy of the data rather than
modifying the original. This means that e.g. a resource resolving functions
in its own template data does not result in changes to the data held by the
Stack.
This patch also refactors all of the template resolution methods to operate
using a common parsing algorithm to move through the tree.
Finally, the resources have been worked to load data as it is needed,
rather than requiring external code to put them into the correct state
before using them.
Zane Bitter [Thu, 31 May 2012 09:17:30 +0000 (11:17 +0200)]
Don't use sys.exc_value
sys.exc_value has been deprecated since Python 1.5, and is not thread-safe.
The replacement is sys.exc_info(), but in this case we don't need even that
since we have the exception in question available.
Zane Bitter [Thu, 31 May 2012 09:17:30 +0000 (11:17 +0200)]
Get list properties working again
The CloudFormation documentation is very confusing on this point.
'CommaDelimitedList' is one of the data types that are valid for a
Parameter (the others are 'String' and 'Number'). A CommaDelimitedList
parameter takes the form of a string where the list members are delimted by
commas:
"item1,item2,item3"
However the documentation also uses the phrase "Comma Delimited List" to
refer to the type of some Resource Properties that are, in fact, simply
lists:
[ "item1" , "item2" , "item3" ]
...as if there were *another* way to represent lists. (Note that the
items here need not be strings, and in fact are usually objects of some
variety.)
So we need a different data type to represent the latter. (This patch
changes the name from 'TupleList' to just 'List', since the actual Python
sequence type is just an implementation detail.) In future, we should
probably also verify that only the 3 valid Parameter types are used, and
perhaps that list Properties contain only objects of the correct type.
Code Review / openstack-build / heat-build.git / log