Pass session directly to swiftclient

since v3.2.0 swiftclient supports instantiating the API client from keystonauth session, and we already require this version as minimal in ironic. This patch removes existing workarounds in SwiftAPI code which were there only to accomodate for absence of session handling in swiftclient, and now the keystoneauth session built from the [swift] config section is used directly to instantiate the swift API client. Change-Id: I52f1386df45ebe0a43b11fe1583e012dfa3af532 Related-Bug: #1518938
2017-02-07 10:49:22 +00:00 · 2017-02-07 10:49:22 +00:00 · 5b10a82bf6
commit 5b10a82bf6
parent 77bcccf98c
2 changed files with 3 additions and 32 deletions
--- a/ironic/common/swift.py
+++ b/ironic/common/swift.py
@ -14,7 +14,6 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.

-import six
 from six.moves import http_client
 from six.moves.urllib import parse
 from swiftclient import client as swift_client
@ -24,7 +23,6 @@ from swiftclient import utils as swift_utils
 from ironic.common import exception
 from ironic.common.i18n import _
 from ironic.common import keystone
-from ironic.conf import CONF


 _SWIFT_SESSION = None
@ -41,26 +39,8 @@ class SwiftAPI(object):
    """API for communicating with Swift."""

    def __init__(self):
-        # TODO(pas-ha): swiftclient does not support keystone sessions ATM.
-        # Must be reworked when LP bug #1518938 is fixed.
        session = _get_swift_session()
-        params = {
-            'retries': CONF.swift.swift_max_retries,
-            'preauthurl': keystone.get_service_url(
-                session,
-                service_type='object-store'),
-            'preauthtoken': keystone.get_admin_auth_token(session)
-        }
-        # NOTE(pas-ha):session.verify is for HTTPS urls and can be
-        # - False (do not verify)
-        # - True (verify but try to locate system CA certificates)
-        # - Path (verify using specific CA certificate)
-        verify = session.verify
-        params['insecure'] = not verify
-        if verify and isinstance(verify, six.string_types):
-            params['cacert'] = verify
-
-        self.connection = swift_client.Connection(**params)
+        self.connection = swift_client.Connection(session=session)

    def create_object(self, container, obj, filename,
                      object_headers=None):
--- a/ironic/tests/unit/common/test_swift.py
+++ b/ironic/tests/unit/common/test_swift.py
@ -39,18 +39,9 @@ class SwiftTestCase(base.TestCase):
        self.swift_exception = swift_exception.ClientException('', '')

    def test___init__(self, connection_mock, keystone_mock):
-        sess = mock.Mock()
-        sess.get_endpoint.return_value = 'http://swift:8080'
-        sess.get_token.return_value = 'fake_token'
-        sess.verify = '/path/to/ca/file'
-        keystone_mock.return_value = sess
        swift.SwiftAPI()
-        params = {'retries': 2,
-                  'preauthurl': 'http://swift:8080',
-                  'preauthtoken': 'fake_token',
-                  'insecure': False,
-                  'cacert': '/path/to/ca/file'}
-        connection_mock.assert_called_once_with(**params)
+        connection_mock.assert_called_once_with(
+            session=keystone_mock.return_value)

    @mock.patch.object(__builtin__, 'open', autospec=True)
    def test_create_object(self, open_mock, connection_mock, keystone_mock):