Handle SSL and Keystone v3

When using SSL and Keystone v3 the charm was hardcoding v2.0 in the URL. This change adapts based on what is passed from keystone. Change-Id: Ib08730e6480b1b1706c450075ac2f7312e3e5f59 Closes-Bug: #1691875
2017-05-31 15:48:42 -07:00 · 2017-05-31 15:48:42 -07:00 · 41943502b3
commit 41943502b3
parent 3bdf41cc76
3 changed files with 13 additions and 6 deletions
--- a/hooks/charmhelpers/contrib/openstack/keystone.py
+++ b/hooks/charmhelpers/contrib/openstack/keystone.py
@ -29,7 +29,7 @@ def get_api_suffix(api_version):
    @returns the api suffix formatted according to the given api
    version
    """
-    return 'v2.0' if api_version in (2, "2.0") else 'v3'
+    return 'v2.0' if api_version in (2, "2", "2.0") else 'v3'


 def format_endpoint(schema, addr, port, api_version):
--- a/hooks/utils.py
+++ b/hooks/utils.py
@ -43,6 +43,9 @@ from charmhelpers.contrib.openstack.utils import (
    pause_unit,
    resume_unit,
 )
+from charmhelpers.contrib.openstack.keystone import (
+    format_endpoint,
+)
 from charmhelpers.contrib.hahelpers.cluster import get_hacluster_config
 from charmhelpers.core.host import (
    cmp_pkgrevno,
@ -435,7 +438,7 @@ def setup_keystone_certs(unit=None, rid=None):
        mkdir(certs_path)

    rdata = relation_get(unit=unit, rid=rid)
-    required = ['admin_token', 'auth_host', 'auth_port']
+    required = ['admin_token', 'auth_host', 'auth_port', 'api_version']
    settings = {key: rdata.get(key) for key in required}
    if not all(settings.values()):
        log("Missing relation settings ({}) - deferring cert setup".format(
@ -447,9 +450,10 @@ def setup_keystone_certs(unit=None, rid=None):
    if is_ipv6(settings.get('auth_host')):
        settings['auth_host'] = format_ipv6_addr(settings.get('auth_host'))

-    auth_endpoint = "{}://{}:{}/v2.0".format(auth_protocol,
-                                             settings['auth_host'],
-                                             settings['auth_port'])
+    auth_endpoint = format_endpoint(auth_protocol,
+                                    settings['auth_host'],
+                                    settings['auth_port'],
+                                    settings['api_version'])

    try:
        get_ks_ca_cert(settings['admin_token'], auth_endpoint, certs_path)
--- a/unit_tests/test_ceph_radosgw_utils.py
+++ b/unit_tests/test_ceph_radosgw_utils.py
@ -28,6 +28,7 @@ from test_utils import CharmTestCase
 TO_PATCH = [
    'application_version_set',
    'get_upstream_version',
+    'format_endpoint',
 ]


@ -103,9 +104,11 @@ class CephRadosGWUtilTests(CharmTestCase):
        auth_port = 80
        admin_token = '666'
        auth_url = 'http://%s:%s/v2.0' % (auth_host, auth_port)
+        self.format_endpoint.return_value = auth_url
        mock_relation_get.return_value = {'auth_host': auth_host,
                                          'auth_port': auth_port,
-                                          'admin_token': admin_token}
+                                          'admin_token': admin_token,
+                                          'api_version': '2'}
        utils.setup_keystone_certs()
        mock_get_ks_signing_cert.assert_has_calls([call(admin_token, auth_url,
                                                        '/var/lib/ceph/nss')])