Package list python-castellan / 8c48341
Allow specifying region of barbican endpoint This change introduces a new option to define the region to which the Barbican endpoint belongs. This is required if the deployment has multiple regions and a single Keystone instance stores multiple Barbican endpoints for different regions. This change also ensures that the same interface and region are used in endpoint detection and api version detection. Change-Id: If2c0055d45922937e259a8f22f5879c9faa41e35 Takashi Kajinami authored 1 year, 5 months ago Stephen Finucane committed 1 year, 4 months ago
3 changed file(s) with 147 addition(s) and 6 deletion(s). Raw diff Collapse all Expand all
7676 choices=['public', 'internal', 'admin'],
7777 help='Specifies the type of endpoint. Allowed values are: '
7878 'public, private, and admin'),
79 cfg.StrOpt('barbican_region_name',
80 default=None,
81 help='Specifies the region of the chosen endpoint.'),
7982
8083 ]
8184
193196 elif getattr(auth, 'service_catalog', None):
194197 endpoint_data = auth.service_catalog.endpoint_data_for(
195198 service_type='key-manager',
196 interface=barbican.barbican_endpoint_type)
199 interface=barbican.barbican_endpoint_type,
200 region_name=barbican.barbican_region_name)
197201 return endpoint_data.url
198202 else:
199203 service_parameters = {'service_type': 'key-manager',
200 'interface': barbican.barbican_endpoint_type}
204 'interface': barbican.barbican_endpoint_type,
205 'region_name': barbican.barbican_region_name}
201206 return auth.get_endpoint(sess, **service_parameters)
202207
203208 def _create_base_url(self, auth, sess, endpoint):
209 barbican = self.conf.barbican
204210 api_version = None
205 if self.conf.barbican.barbican_api_version:
206 api_version = self.conf.barbican.barbican_api_version
211 if barbican.barbican_api_version:
212 api_version = barbican.barbican_api_version
207213 elif getattr(auth, 'service_catalog', None):
208214 endpoint_data = auth.service_catalog.endpoint_data_for(
209 service_type='key-manager')
215 service_type='key-manager',
216 interface=barbican.barbican_endpoint_type,
217 region_name=barbican.barbican_region_name)
210218 api_version = endpoint_data.api_version
211219 elif getattr(auth, 'get_discovery', None):
212220 discovery = auth.get_discovery(sess, url=endpoint)
7575 self.key_mgr._barbican_client = self.mock_barbican
7676 self.key_mgr._current_context = self.ctxt
7777
78 def test_barbican_endpoint(self):
79 endpoint_data = mock.Mock()
80 endpoint_data.url = 'http://localhost:9311'
81
82 auth = mock.Mock(spec=['service_catalog'])
83 auth.service_catalog.endpoint_data_for.return_value = endpoint_data
84
85 endpoint = self.key_mgr._get_barbican_endpoint(auth, mock.Mock())
86 self.assertEqual(endpoint, 'http://localhost:9311')
87 auth.service_catalog.endpoint_data_for.assert_called_once_with(
88 service_type='key-manager', interface='public',
89 region_name=None)
90
91 def test_barbican_endpoint_with_endpoint_type(self):
92 self.key_mgr.conf.barbican.barbican_endpoint_type = 'internal'
93
94 endpoint_data = mock.Mock()
95 endpoint_data.url = 'http://localhost:9311'
96
97 auth = mock.Mock(spec=['service_catalog'])
98 auth.service_catalog.endpoint_data_for.return_value = endpoint_data
99
100 endpoint = self.key_mgr._get_barbican_endpoint(auth, mock.Mock())
101 self.assertEqual(endpoint, 'http://localhost:9311')
102 auth.service_catalog.endpoint_data_for.assert_called_once_with(
103 service_type='key-manager', interface='internal',
104 region_name=None)
105
106 def test_barbican_endpoint_with_region_name(self):
107 self.key_mgr.conf.barbican.barbican_region_name = 'regionOne'
108
109 endpoint_data = mock.Mock()
110 endpoint_data.url = 'http://localhost:9311'
111
112 auth = mock.Mock(spec=['service_catalog'])
113 auth.service_catalog.endpoint_data_for.return_value = endpoint_data
114
115 endpoint = self.key_mgr._get_barbican_endpoint(auth, mock.Mock())
116 self.assertEqual(endpoint, 'http://localhost:9311')
117 auth.service_catalog.endpoint_data_for.assert_called_once_with(
118 service_type='key-manager', interface='public',
119 region_name='regionOne')
120
121 def test_barbican_endpoint_from_config(self):
122 self.key_mgr.conf.barbican.barbican_endpoint = 'http://localhost:9311'
123
124 endpoint = self.key_mgr._get_barbican_endpoint(
125 mock.Mock(), mock.Mock())
126 self.assertEqual(endpoint, 'http://localhost:9311')
127
128 def test_barbican_endpoint_by_get_endpoint(self):
129 auth = mock.Mock(spec=['get_endppint'])
130 sess = mock.Mock()
131 auth.get_endpoint = mock.Mock(return_value='http://localhost:9311')
132
133 endpoint = self.key_mgr._get_barbican_endpoint(auth, sess)
134 self.assertEqual(endpoint, 'http://localhost:9311')
135 auth.get_endpoint.assert_called_once_with(
136 sess, service_type='key-manager', interface='public',
137 region_name=None)
138
139 def test_barbican_endpoint_by_get_endpoint_with_endpoint_type(self):
140 self.key_mgr.conf.barbican.barbican_endpoint_type = 'internal'
141
142 auth = mock.Mock(spec=['get_endppint'])
143 sess = mock.Mock()
144 auth.get_endpoint = mock.Mock(return_value='http://localhost:9311')
145
146 endpoint = self.key_mgr._get_barbican_endpoint(auth, sess)
147 self.assertEqual(endpoint, 'http://localhost:9311')
148 auth.get_endpoint.assert_called_once_with(
149 sess, service_type='key-manager', interface='internal',
150 region_name=None)
151
152 def test_barbican_endpoint_by_get_endpoint_with_region_name(self):
153 self.key_mgr.conf.barbican.barbican_region_name = 'regionOne'
154
155 auth = mock.Mock(spec=['get_endppint'])
156 sess = mock.Mock()
157 auth.get_endpoint = mock.Mock(return_value='http://localhost:9311')
158
159 endpoint = self.key_mgr._get_barbican_endpoint(auth, sess)
160 self.assertEqual(endpoint, 'http://localhost:9311')
161 auth.get_endpoint.assert_called_once_with(
162 sess, service_type='key-manager', interface='public',
163 region_name='regionOne')
164
78165 def test_base_url_old_version(self):
79166 version = "v1"
80167 self.key_mgr.conf.barbican.barbican_api_version = version
107194 endpoint)
108195 self.assertEqual(endpoint + "/" + endpoint_data.api_version, base_url)
109196 auth.service_catalog.endpoint_data_for.assert_called_once_with(
110 service_type='key-manager')
197 service_type='key-manager', interface='public',
198 region_name=None)
199
200 def test_base_url_service_catalog_with_endpoint_type(self):
201 self.key_mgr.conf.barbican.barbican_endpoint_type = 'internal'
202
203 endpoint_data = mock.Mock()
204 endpoint_data.api_version = 'v321'
205
206 auth = mock.Mock(spec=['service_catalog'])
207 auth.service_catalog.endpoint_data_for.return_value = endpoint_data
208
209 endpoint = "http://localhost/key_manager"
210
211 base_url = self.key_mgr._create_base_url(auth,
212 mock.Mock(),
213 endpoint)
214 self.assertEqual(endpoint + "/" + endpoint_data.api_version, base_url)
215 auth.service_catalog.endpoint_data_for.assert_called_once_with(
216 service_type='key-manager', interface='internal',
217 region_name=None)
218
219 def test_base_url_service_catalog_with_region_name(self):
220 self.key_mgr.conf.barbican.barbican_region_name = 'regionOne'
221
222 endpoint_data = mock.Mock()
223 endpoint_data.api_version = 'v321'
224
225 auth = mock.Mock(spec=['service_catalog'])
226 auth.service_catalog.endpoint_data_for.return_value = endpoint_data
227
228 endpoint = "http://localhost/key_manager"
229
230 base_url = self.key_mgr._create_base_url(auth,
231 mock.Mock(),
232 endpoint)
233 self.assertEqual(endpoint + "/" + endpoint_data.api_version, base_url)
234 auth.service_catalog.endpoint_data_for.assert_called_once_with(
235 service_type='key-manager', interface='public',
236 region_name='regionOne')
111237
112238 def test_base_url_raise_exception(self):
113239 auth = mock.Mock(spec=['get_discovery'])
0 ---
1 features:
2 - |
3 The new ``[barbican] barbican_region_name`` option has been added.
4 This parameter is used to determine the proper Barbican endpoint in
5 the multi-region deployment which has a different Barbican endpoint in
6 each region.