openstack/devstack
Code Issues Proposed changes

Blueprint cli-auth

Browse Source 
* Add proper test for swift in client-env.sh
* Remove all VERIFY variables; nothing beyond the 4 OS_ vars is set now
* Update exercises for Keystone 2.0 auth
* swift understands Keystone 2.0 auth now, don't download custom binary
* cleanup uploaded bundle in bundle.sh

Change-Id: I99c818d81534bbf93c0e142513acb80e5fe613ea
This commit is contained in:
Dean Troyer 2012-02-01 18:01:01 -06:00
parent dd9809305e
commit 80756ea71a
5 changed files with 18 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
exercises/bundle.sh
View File

@ -46,3 +46,6 @@ if ! timeout $REGISTER_TIMEOUT sh -c "while euca-describe-images | grep '$AMI' |
echo "Image $AMI not available within $REGISTER_TIMEOUT seconds"
exit 1
fi
# Clean up
euca-deregister $AMI

46
exercises/client-env.sh
View File

@ -52,18 +52,13 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
if [[ "$SKIP_EXERCISES" =~ "key" ]] ; then
STATUS_KEYSTONE="Skipped"
else
if [[ -n "$VERIFY" ]]; then
# Save original environment
xOS_AUTH_URL=$OS_AUTH_URL
xOS_TENANT_NAME=$OS_TENANT_NAME
xOS_USERNAME=$OS_USERNAME
xOS_PASSWORD=$OS_PASSWORD
# keystone can't handle a trailing '/'
export OS_AUTH_URL=${OS_AUTH_URL%/}
# does any non-admin request work?
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
fi
# We need to run the keystone test as admin since there doesn't
# seem to be anything to test the cli vars that runs as a user
# tenant-list should do that, it isn't implemented (yet)
xOS_TENANT_NAME=$OS_TENANT_NAME
xOS_USERNAME=$OS_USERNAME
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
echo -e "\nTest Keystone"
if keystone service-list; then
@ -72,13 +67,9 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
STATUS_KEYSTONE="Failed"
RETURN=1
fi
if [[ -n "$VERIFY" ]]; then
# Save original environment
OS_AUTH_URL=$xOS_AUTH_URL
OS_TENANT_NAME=$xOS_TENANT_NAME
OS_USERNAME=$xOS_USERNAME
OS_PASSWORD=$xOS_PASSWORD
fi
OS_TENANT_NAME=$xOS_TENANT_NAME
OS_USERNAME=$xOS_USERNAME
fi
fi
@ -89,12 +80,6 @@ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
if [[ "$SKIP_EXERCISES" =~ "n-api" ]] ; then
STATUS_NOVA="Skipped"
else
if [[ -n "$VERIFY" ]]; then
# Known novaclient breakage:
# NOVA_VERSION must be set or nova silently fails
export NOVA_VERSION=2
fi
echo -e "\nTest Nova"
if nova flavor-list; then
STATUS_NOVA="Succeeded"
@ -112,14 +97,6 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then
if [[ "$SKIP_EXERCISES" =~ "g-api" ]] ; then
STATUS_GLANCE="Skipped"
else
if [[ -n "$VERIFY" ]]; then
# Known glance client differage:
export OS_AUTH_TENANT=$OS_TENANT_NAME
export OS_AUTH_USER=$OS_USERNAME
export OS_AUTH_KEY=$OS_PASSWORD
export OS_AUTH_STRATEGY=keystone
fi
echo -e "\nTest Glance"
if glance index; then
STATUS_GLANCE="Succeeded"
@ -138,8 +115,7 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
STATUS_SWIFT="Skipped"
else
echo -e "\nTest Swift"
# FIXME(dtroyer): implement swift test
if true; then
if swift stat; then
STATUS_SWIFT="Succeeded"
else
STATUS_SWIFT="Failed"

13
exercises/floating_ips.sh
View File

@ -48,15 +48,6 @@ DEFAULT_FLOATING_POOL=${DEFAULT_FLOATING_POOL:-nova}
# Additional floating IP pool and range
TEST_FLOATING_POOL=${TEST_FLOATING_POOL:-test}
# Get a token for clients that don't support service catalog
# ==========================================================
# manually create a token by querying keystone (sending JSON data). Keystone
# returns a token and catalog of endpoints. We use python to parse the token
# and save it.
TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
# Launching a server
# ==================
@ -70,10 +61,10 @@ nova list
nova image-list
# But we recommend using glance directly
glance -f -A $TOKEN -H $GLANCE_HOST index
glance -f index
# Grab the id of the image to launch
IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
# Security Groups
# ---------------

13
exercises/volumes.sh
View File

@ -34,15 +34,6 @@ DEFAULT_INSTANCE_TYPE=${DEFAULT_INSTANCE_TYPE:-m1.tiny}
# Boot this image, use first AMi image if unset
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
# Get a token for clients that don't support service catalog
# ==========================================================
# manually create a token by querying keystone (sending JSON data). Keystone
# returns a token and catalog of endpoints. We use python to parse the token
# and save it.
TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
# Launching a server
# ==================
@ -56,10 +47,10 @@ nova list
nova image-list
# But we recommend using glance directly
glance -f -A $TOKEN -H $GLANCE_HOST index
glance -f index
# Grab the id of the image to launch
IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
# determinine instance type
# -------------------------

6
stack.sh
View File

@ -981,12 +981,6 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
# We install the memcache server as this is will be used by the
# middleware to cache the tokens auths for a long this is needed.
apt_get install memcached
# We need a special version of bin/swift which understand the
# OpenStack api 2.0, we download it until this is getting
# integrated in swift.
sudo https_proxy=$https_proxy curl -s -o/usr/local/bin/swift \
'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e'
else
swift_auth_server=tempauth
fi