Merge "Add config option for Barbican endpoint type"
Zuul authored 5 years ago
Gerrit Code Review committed 5 years ago
69 | 69 | default=True, |
70 | 70 | help='Specifies if insecure TLS (https) requests. If False, ' |
71 | 71 | 'the server\'s certificate will not be validated'), |
72 | cfg.StrOpt('barbican_endpoint_type', | |
73 | default='public', | |
74 | choices=['public', 'internal', 'admin'], | |
75 | help='Specifies the type of endpoint. Allowed values are: ' | |
76 | 'public, private, and admin'), | |
77 | ||
72 | 78 | ] |
73 | 79 | |
74 | 80 | BARBICAN_OPT_GROUP = 'barbican' |
182 | 188 | raise exception.Forbidden(reason=msg) |
183 | 189 | |
184 | 190 | def _get_barbican_endpoint(self, auth, sess): |
185 | if self.conf.barbican.barbican_endpoint: | |
186 | return self.conf.barbican.barbican_endpoint | |
191 | barbican = self.conf.barbican | |
192 | if barbican.barbican_endpoint: | |
193 | return barbican.barbican_endpoint | |
187 | 194 | else: |
188 | 195 | service_parameters = {'service_type': 'key-manager', |
189 | 196 | 'service_name': 'barbican', |
190 | 'interface': 'public'} | |
197 | 'interface': barbican.barbican_endpoint_type} | |
191 | 198 | return auth.get_endpoint(sess, **service_parameters) |
192 | 199 | |
193 | 200 | def _create_base_url(self, auth, sess, endpoint): |
39 | 39 | barbican_api_version=None, auth_endpoint=None, |
40 | 40 | retry_delay=None, number_of_retries=None, verify_ssl=None, |
41 | 41 | api_class=None, vault_root_token_id=None, vault_url=None, |
42 | vault_ssl_ca_crt_file=None, vault_use_ssl=None): | |
42 | vault_ssl_ca_crt_file=None, vault_use_ssl=None, | |
43 | barbican_endpoint_type=None): | |
43 | 44 | """Set defaults for configuration values. |
44 | 45 | |
45 | 46 | Overrides the default options values. |
55 | 56 | :param vault_url: Use this for the url for vault. |
56 | 57 | :param vault_use_ssl: Use this to force vault driver to use ssl. |
57 | 58 | :param vault_ssl_ca_crt_file: Use this for the CA file for vault. |
59 | :param barbican_endpoint_type: Use this to specify the type of URL. | |
60 | : Valid values are: public, internal or admin. | |
58 | 61 | """ |
59 | 62 | conf.register_opts(km.key_manager_opts, group='key_manager') |
60 | 63 | if bkm: |
85 | 88 | group=bkm.BARBICAN_OPT_GROUP) |
86 | 89 | if verify_ssl is not None: |
87 | 90 | conf.set_default('verify_ssl', verify_ssl, |
91 | group=bkm.BARBICAN_OPT_GROUP) | |
92 | if barbican_endpoint_type is not None: | |
93 | conf.set_default('barbican_endpoint_type', barbican_endpoint_type, | |
88 | 94 | group=bkm.BARBICAN_OPT_GROUP) |
89 | 95 | |
90 | 96 | if vkm is not None: |
65 | 65 | options.set_defaults(conf, verify_ssl=True) |
66 | 66 | self.assertEqual(verify_ssl, |
67 | 67 | conf.get(bkm.BARBICAN_OPT_GROUP).verify_ssl) |
68 | ||
69 | barbican_endpoint_type = 'internal' | |
70 | options.set_defaults(conf, barbican_endpoint_type='internal') | |
71 | result_type = conf.get(bkm.BARBICAN_OPT_GROUP).barbican_endpoint_type | |
72 | self.assertEqual(barbican_endpoint_type, result_type) |