Package list python-castellan / 6336a59
Merge "Add config option for Barbican endpoint type" Zuul authored 3 years ago Gerrit Code Review committed 3 years ago
3 changed file(s) with 22 addition(s) and 4 deletion(s). Raw diff Collapse all Expand all
6969 default=True,
7070 help='Specifies if insecure TLS (https) requests. If False, '
7171 'the server\'s certificate will not be validated'),
72 cfg.StrOpt('barbican_endpoint_type',
73 default='public',
74 choices=['public', 'internal', 'admin'],
75 help='Specifies the type of endpoint. Allowed values are: '
76 'public, private, and admin'),
77
7278 ]
7379
7480 BARBICAN_OPT_GROUP = 'barbican'
182188 raise exception.Forbidden(reason=msg)
183189
184190 def _get_barbican_endpoint(self, auth, sess):
185 if self.conf.barbican.barbican_endpoint:
186 return self.conf.barbican.barbican_endpoint
191 barbican = self.conf.barbican
192 if barbican.barbican_endpoint:
193 return barbican.barbican_endpoint
187194 else:
188195 service_parameters = {'service_type': 'key-manager',
189196 'service_name': 'barbican',
190 'interface': 'public'}
197 'interface': barbican.barbican_endpoint_type}
191198 return auth.get_endpoint(sess, **service_parameters)
192199
193200 def _create_base_url(self, auth, sess, endpoint):
3939 barbican_api_version=None, auth_endpoint=None,
4040 retry_delay=None, number_of_retries=None, verify_ssl=None,
4141 api_class=None, vault_root_token_id=None, vault_url=None,
42 vault_ssl_ca_crt_file=None, vault_use_ssl=None):
42 vault_ssl_ca_crt_file=None, vault_use_ssl=None,
43 barbican_endpoint_type=None):
4344 """Set defaults for configuration values.
4445
4546 Overrides the default options values.
5556 :param vault_url: Use this for the url for vault.
5657 :param vault_use_ssl: Use this to force vault driver to use ssl.
5758 :param vault_ssl_ca_crt_file: Use this for the CA file for vault.
59 :param barbican_endpoint_type: Use this to specify the type of URL.
60 : Valid values are: public, internal or admin.
5861 """
5962 conf.register_opts(km.key_manager_opts, group='key_manager')
6063 if bkm:
8588 group=bkm.BARBICAN_OPT_GROUP)
8689 if verify_ssl is not None:
8790 conf.set_default('verify_ssl', verify_ssl,
91 group=bkm.BARBICAN_OPT_GROUP)
92 if barbican_endpoint_type is not None:
93 conf.set_default('barbican_endpoint_type', barbican_endpoint_type,
8894 group=bkm.BARBICAN_OPT_GROUP)
8995
9096 if vkm is not None:
6565 options.set_defaults(conf, verify_ssl=True)
6666 self.assertEqual(verify_ssl,
6767 conf.get(bkm.BARBICAN_OPT_GROUP).verify_ssl)
68
69 barbican_endpoint_type = 'internal'
70 options.set_defaults(conf, barbican_endpoint_type='internal')
71 result_type = conf.get(bkm.BARBICAN_OPT_GROUP).barbican_endpoint_type
72 self.assertEqual(barbican_endpoint_type, result_type)