Merge "Use entry points for config generation"

etc/heat/heat.conf.sample

@@ -1,13 +1,13 @@
 [DEFAULT]
 
 #
-# Options defined in heat.api.middleware.ssl
+# Options defined in heat.common.config
 #
 
-# The HTTP Header that will be used to determine which the
-# original request protocol scheme was, even if it was removed
-# by an SSL terminator proxy. (string value)
-#secure_proxy_ssl_header=X-Forwarded-Proto
+# Name of the engine node. This can be an opaque identifier.
+# It is not necessarily a hostname, FQDN, or IP address.
+# (string value)
+#host=heat
 
 
 #
@@ -74,10 +74,10 @@
 # notification module. (string value)
 #onready=<None>
 
-# Name of the engine node. This can be an opaque identifier.
-# It is not necessarily a hostname, FQDN, or IP address.
-# (string value)
-#host=heat
+
+#
+# Options defined in heat.common.config
+#
 
 # Seconds between running periodic tasks. (integer value)
 #periodic_interval=60
@@ -125,6 +125,29 @@
 # value)
 #max_nested_stack_depth=3
 
+# Number of heat-engine processes to fork and run. (integer
+# value)
+#num_engine_workers=1
+
+
+#
+# Options defined in heat.common.wsgi
+#
+
+# Maximum raw byte size of JSON request body. Should be larger
+# than max_template_size. (integer value)
+#max_json_body_size=1048576
+
+
+#
+# Options defined in heat.api.middleware.ssl
+#
+
+# The HTTP Header that will be used to determine which the
+# original request protocol scheme was, even if it was removed
+# by an SSL terminator proxy. (string value)
+#secure_proxy_ssl_header=X-Forwarded-Proto
+
 
 #
 # Options defined in heat.common.crypt
@@ -144,15 +167,6 @@
 #keystone_backend=heat.common.heat_keystoneclient.KeystoneClientV3
 
 
-#
-# Options defined in heat.common.wsgi
-#
-
-# Maximum raw byte size of JSON request body. Should be larger
-# than max_template_size. (integer value)
-#max_json_body_size=1048576
-
-
 #
 # Options defined in heat.engine.clients
 #
@@ -190,7 +204,7 @@
 # Options defined in heat.openstack.common.lockutils
 #
 
-# Whether to disable inter-process locks (boolean value)
+# Enables or disables inter-process locks. (boolean value)
 #disable_process_locking=false
 
 # Directory to use for lock files. (string value)
@@ -209,47 +223,48 @@
 # of default WARNING level). (boolean value)
 #verbose=false
 
-# Log output to standard error (boolean value)
+# Log output to standard error. (boolean value)
 #use_stderr=true
 
-# format string to use for log messages with context (string
+# Format string to use for log messages with context. (string
 # value)
 #logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
 
-# format string to use for log messages without context
+# Format string to use for log messages without context.
 # (string value)
 #logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s
 
-# data to append to log format when level is DEBUG (string
+# Data to append to log format when level is DEBUG. (string
 # value)
 #logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d
 
-# prefix each line of exception output with this format
+# Prefix each line of exception output with this format.
 # (string value)
 #logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s
 
-# list of logger=LEVEL pairs (list value)
-#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,iso8601=WARN
+# List of logger=LEVEL pairs. (list value)
+#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN
 
-# publish error events (boolean value)
+# Enables or disables publication of error events. (boolean
+# value)
 #publish_errors=false
 
-# make deprecations fatal (boolean value)
+# Enables or disables fatal status of deprecations. (boolean
+# value)
 #fatal_deprecations=false
 
-# If an instance is passed with the log message, format it
-# like this (string value)
+# The format for an instance that is passed with the log
+# message.  (string value)
 #instance_format="[instance: %(uuid)s] "
 
-# If an instance UUID is passed with the log message, format
-# it like this (string value)
+# The format for an instance UUID that is passed with the log
+# message.  (string value)
 #instance_uuid_format="[instance: %(uuid)s] "
 
-# The name of logging configuration file. It does not disable
-# existing loggers, but just appends specified logging
-# configuration to any other existing logging options. Please
-# see the Python logging module documentation for details on
-# logging configuration files. (string value)
+# The name of a logging configuration file. This file is
+# appended to any existing logging configuration files. For
+# details about logging configuration files, see the Python
+# logging module documentation. (string value)
 # Deprecated group/name - [DEFAULT]/log_config
 #log_config_append=<None>
 
@@ -261,7 +276,7 @@
 #log_format=<None>
 
 # Format string for %%(asctime)s in log records. Default:
-# %(default)s (string value)
+# %(default)s . (string value)
 #log_date_format=%Y-%m-%d %H:%M:%S
 
 # (Optional) Name of log file to output to. If no default is
@@ -270,14 +285,23 @@
 #log_file=<None>
 
 # (Optional) The base directory used for relative --log-file
-# paths (string value)
+# paths. (string value)
 # Deprecated group/name - [DEFAULT]/logdir
 #log_dir=<None>
 
-# Use syslog for logging. (boolean value)
+# Use syslog for logging. Existing syslog format is DEPRECATED
+# during I, and will chang in J to honor RFC5424. (boolean
+# value)
 #use_syslog=false
 
-# syslog facility to receive log lines (string value)
+# (Optional) Enables or disables syslog rfc5424 format for
+# logging. If enabled, prefixes the MSG part of the syslog
+# message with APP-NAME (RFC5424). The format without the APP-
+# NAME is deprecated in I, and will be removed in J. (boolean
+# value)
+#use_syslog_rfc_format=false
+
+# Syslog facility to receive log lines. (string value)
 #syslog_log_facility=LOG_USER
 
 
@@ -318,11 +342,11 @@
 # Options defined in heat.openstack.common.policy
 #
 
-# JSON file containing policy (string value)
+# The JSON file that defines policies. (string value)
 #policy_file=policy.json
 
-# Rule enforced when requested rule is not found (string
-# value)
+# Default rule. Enforced when a requested rule is not found.
+# (string value)
 #policy_default_rule=default
 
 
@@ -376,9 +400,9 @@
 # Options defined in heat.openstack.common.rpc.impl_kombu
 #
 
-# SSL version to use (valid only if SSL enabled). valid values
-# are TLSv1, SSLv23 and SSLv3. SSLv2 may be available on some
-# distributions (string value)
+# If SSL is enabled, the SSL version to use. Valid values are
+# TLSv1, SSLv23 and SSLv3. SSLv2 might be available on some
+# distributions. (string value)
 #kombu_ssl_version=
 
 # SSL key file (valid only if SSL enabled) (string value)
@@ -402,33 +426,32 @@
 # RabbitMQ HA cluster host:port pairs (list value)
 #rabbit_hosts=$rabbit_host:$rabbit_port
 
-# connect over SSL for RabbitMQ (boolean value)
+# Connect over SSL for RabbitMQ (boolean value)
 #rabbit_use_ssl=false
 
-# the RabbitMQ userid (string value)
+# The RabbitMQ userid (string value)
 #rabbit_userid=guest
 
-# the RabbitMQ password (string value)
+# The RabbitMQ password (string value)
 #rabbit_password=guest
 
-# the RabbitMQ virtual host (string value)
+# The RabbitMQ virtual host (string value)
 #rabbit_virtual_host=/
 
-# how frequently to retry connecting with RabbitMQ (integer
+# How frequently to retry connecting with RabbitMQ (integer
 # value)
 #rabbit_retry_interval=1
 
-# how long to backoff for between retries when connecting to
+# How long to backoff for between retries when connecting to
 # RabbitMQ (integer value)
 #rabbit_retry_backoff=2
 
-# maximum retries with trying to connect to RabbitMQ (the
-# default of 0 implies an infinite retry count) (integer
-# value)
+# Maximum number of RabbitMQ connection retries. Default is 0
+# (infinite retry count) (integer value)
 #rabbit_max_retries=0
 
-# use H/A queues in RabbitMQ (x-ha-policy: all).You need to
-# wipe RabbitMQ database when changing this option. (boolean
+# Use HA queues in RabbitMQ (x-ha-policy: all). If you change
+# this option, you must wipe the RabbitMQ database. (boolean
 # value)
 #rabbit_ha_queues=false
 
@@ -613,6 +636,33 @@
 #insecure=false
 
 
+[clients_glance]
+
+#
+# Options defined in heat.common.config
+#
+
+# Type of endpoint in Identity service catalog to use for
+# communication with the OpenStack service. (string value)
+#endpoint_type=publicURL
+
+# Optional CA cert file to use in SSL connections. (string
+# value)
+#ca_file=<None>
+
+# Optional PEM-formatted certificate chain file. (string
+# value)
+#cert_file=<None>
+
+# Optional PEM-formatted file that contains the private key.
+# (string value)
+#key_file=<None>
+
+# If set, then the server's certificate will not be verified.
+# (boolean value)
+#insecure=false
+
+
 [clients_heat]
 
 #
@@ -639,6 +689,11 @@
 # (boolean value)
 #insecure=false
 
+
+#
+# Options defined in heat.common.config
+#
+
 # Optional heat url in format like
 # http://0.0.0.0:8004/v1/%(tenant_id)s. (string value)
 #url=<None>
@@ -698,33 +753,6 @@
 #insecure=false
 
 
-[clients_glance]
-
-#
-# Options defined in heat.common.config
-#
-
-# Type of endpoint in Identity service catalog to use for
-# communication with the OpenStack service. (string value)
-#endpoint_type=publicURL
-
-# Optional CA cert file to use in SSL connections. (string
-# value)
-#ca_file=<None>
-
-# Optional PEM-formatted certificate chain file. (string
-# value)
-#cert_file=<None>
-
-# Optional PEM-formatted file that contains the private key.
-# (string value)
-#key_file=<None>
-
-# If set, then the server's certificate will not be verified.
-# (boolean value)
-#insecure=false
-
-
 [clients_nova]
 
 #
@@ -1037,24 +1065,30 @@
 # Options defined in keystoneclient.middleware.auth_token
 #
 
-# Prefix to prepend at the beginning of the path (string
-# value)
+# Prefix to prepend at the beginning of the path. Deprecated,
+# use identity_uri. (string value)
 #auth_admin_prefix=
 
-# Host providing the admin Identity API endpoint (string
-# value)
+# Host providing the admin Identity API endpoint. Deprecated,
+# use identity_uri. (string value)
 #auth_host=127.0.0.1
 
-# Port of the admin Identity API endpoint (integer value)
+# Port of the admin Identity API endpoint. Deprecated, use
+# identity_uri. (integer value)
 #auth_port=35357
 
-# Protocol of the admin Identity API endpoint(http or https)
-# (string value)
+# Protocol of the admin Identity API endpoint (http or https).
+# Deprecated, use identity_uri. (string value)
 #auth_protocol=https
 
 # Complete public Identity API endpoint (string value)
 #auth_uri=<None>
 
+# Complete admin Identity API endpoint. This should specify
+# the unversioned root endpoint e.g. https://localhost:35357/
+# (string value)
+#identity_uri=<None>
+
 # API version of the admin Identity API endpoint (string
 # value)
 #auth_version=<None>
@@ -1072,9 +1106,12 @@
 # with Identity API Server. (integer value)
 #http_request_max_retries=3
 
-# Single shared secret with the Keystone configuration used
-# for bootstrapping a Keystone installation, or otherwise
-# bypassing the normal authentication process. (string value)
+# This option is deprecated and may be removed in a future
+# release. Single shared secret with the Keystone
+# configuration used for bootstrapping a Keystone
+# installation, or otherwise bypassing the normal
+# authentication process. This option should not be used, use
+# `admin_user` and `admin_password` instead. (string value)
 #admin_token=<None>
 
 # Keystone account username (string value)
@@ -1126,7 +1163,7 @@
 # number of revocation events combined with a low cache
 # duration may significantly reduce performance. (integer
 # value)
-#revocation_cache_time=300
+#revocation_cache_time=10
 
 # (optional) if defined, indicate whether token data should be
 # authenticated or authenticated and encrypted. Acceptable
@@ -1159,6 +1196,23 @@
 # value)
 #enforce_token_bind=permissive
 
+# If true, the revocation list will be checked for cached
+# tokens. This requires that PKI tokens are configured on the
+# Keystone server. (boolean value)
+#check_revocations_for_cached=false
+
+# Hash algorithms to use for hashing PKI tokens. This may be a
+# single algorithm or multiple. The algorithms are those
+# supported by Python standard hashlib.new(). The hashes will
+# be tried in the order given, so put the preferred one first
+# for performance. The result of the first hash will be stored
+# in the cache. This will typically be set to multiple values
+# only while migrating from a less secure algorithm to a more
+# secure one. Once all the old tokens are expired this option
+# should be set to a single value for better performance.
+# (list value)
+#hash_algorithms=md5
+
 
 [matchmaker_redis]
 
@@ -1223,22 +1277,3 @@
 #topics=notifications
 
 
-[ssl]
-
-#
-# Options defined in heat.openstack.common.sslutils
-#
-
-# CA certificate file to use to verify connecting clients
-# (string value)
-#ca_file=<None>
-
-# Certificate file to use when starting the server securely
-# (string value)
-#cert_file=<None>
-
-# Private key file to use when starting the server securely
-# (string value)
-#key_file=<None>
-
-

heat/common/config.py

@@ -14,7 +14,6 @@
 """
 Routines for configuring Heat
 """
-import copy
 import logging as sys_logging
 import os
 
@@ -173,23 +172,10 @@ clients_opts = [
                 help=_("If set, then the server's certificate will not "
                        "be verified."))]
 
-
-def register_clients_opts():
-    cfg.CONF.register_opts(clients_opts, group='clients')
-    for client in ('nova', 'swift', 'neutron', 'cinder',
-                   'ceilometer', 'keystone', 'heat', 'glance', 'trove'):
-        client_specific_group = 'clients_' + client
-        # register opts copy and put it to globals in order to
-        # generate_sample.sh to work
-        opts_copy = copy.deepcopy(clients_opts)
-        if client == 'heat':
-            opts_copy.append(
-                cfg.StrOpt('url',
-                           help=_('Optional heat url in format like'
-                                  ' http://0.0.0.0:8004/v1/%(tenant_id)s.')))
-        globals()[client_specific_group + '_opts'] = opts_copy
-        cfg.CONF.register_opts(opts_copy, group=client_specific_group)
-
+heat_client_opts = [
+    cfg.StrOpt('url',
+               help=_('Optional heat url in format like'
+                      ' http://0.0.0.0:8004/v1/%(tenant_id)s.'))]
 
 revision_group = cfg.OptGroup('revision')
 revision_opts = [
@@ -200,17 +186,33 @@ revision_opts = [
                       'separately, you can move this section to a different '
                       'file and add it as another config option.'))]
 
-cfg.CONF.register_opts(engine_opts)
-cfg.CONF.register_opts(service_opts)
-cfg.CONF.register_opts(rpc_opts)
-rpc.set_defaults(control_exchange='heat')
+
+def list_opts():
+    yield None, rpc_opts
+    yield None, engine_opts
+    yield None, service_opts
+    yield paste_deploy_group.name, paste_deploy_opts
+    yield auth_password_group.name, auth_password_opts
+    yield revision_group.name, revision_opts
+    yield 'clients', clients_opts
+
+    for client in ('nova', 'swift', 'neutron', 'cinder',
+                   'ceilometer', 'keystone', 'heat', 'glance', 'trove'):
+        client_specific_group = 'clients_' + client
+        yield client_specific_group, clients_opts
+
+    yield 'clients_heat', heat_client_opts
+
+
 cfg.CONF.register_group(paste_deploy_group)
-cfg.CONF.register_opts(paste_deploy_opts, group=paste_deploy_group)
 cfg.CONF.register_group(auth_password_group)
-cfg.CONF.register_opts(auth_password_opts, group=auth_password_group)
 cfg.CONF.register_group(revision_group)
-cfg.CONF.register_opts(revision_opts, group=revision_group)
-register_clients_opts()
+
+for group, opts in list_opts():
+    cfg.CONF.register_opts(opts, group=group)
+
+rpc.set_defaults(control_exchange='heat')
+
 
 # A bit of history:
 # This was added initially by jianingy, then it got added

heat/common/wsgi.py

@@ -161,6 +161,13 @@ json_size_opt = cfg.IntOpt('max_json_body_size',
 cfg.CONF.register_opt(json_size_opt)
 
 
+def list_opts():
+    yield None, [json_size_opt]
+    yield 'heat_api', api_opts
+    yield 'heat_api_cfn', api_cfn_opts
+    yield 'heat_api_cloudwatch', api_cw_opts
+
+
 class WritableLogger(object):
     """A thin wrapper that responds to `write` and logs."""
 

setup.cfg

@@ -32,6 +32,11 @@ scripts =
     bin/heat-keystone-setup-domain
     bin/heat-manage
 
+[entry_points]
+oslo.config.opts =
+    heat.common.config = heat.common.config:list_opts
+    heat.common.wsgi = heat.common.wsgi:list_opts
+
 [global]
 setup-hooks =
     pbr.hooks.setup_hook

tools/config/oslo.config.generator.rc

@@ -1 +1,3 @@
 export HEAT_CONFIG_GENERATOR_EXTRA_MODULES=keystoneclient.middleware.auth_token
+export HEAT_CONFIG_GENERATOR_EXTRA_LIBRARIES="heat.common.config heat.common.wsgi"
+export HEAT_CONFIG_GENERATOR_EXCLUDED_FILES="heat/common/config.py heat/common/wsgi.py heat/openstack/common/sslutils.py"

tox.ini

@@ -17,8 +17,7 @@ whitelist_externals = bash
 [testenv:pep8]
 commands =
     flake8 heat bin/heat-api bin/heat-api-cfn bin/heat-api-cloudwatch bin/heat-engine bin/heat-manage contrib
-    # disable check_uptodate until a resolution is found to bug #1288586
-    #{toxinidir}/tools/config/check_uptodate.sh
+    {toxinidir}/tools/config/check_uptodate.sh
     {toxinidir}/tools/requirements_style_check.sh requirements.txt test-requirements.txt
     # Check that .po and .pot files are valid:
     bash -c "find heat -type f -regex '.*\.pot?' -print0|xargs -0 -n 1 msgfmt --check-format -o /dev/null"