diff options
| author |   Shankaranarayanan Puzhavakath Narayanan <snarayanan@research.att.com> | 2018-10-11 00:46:39 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2018-10-11 00:46:39 +0000 |
| commit | ef0843f7f384fb89e4143db0fa0dd18cce80f71a (patch) | |
| tree | b6c87b77ebf198c30020b8a476be84e2f6f154ea /conductor | |
| parent | c71c5c80acd038acde86b05462c11b61379b2ed2 (diff) | |
| parent | ef59fbb68ef593ae2fe6e351e30e544688637044 (diff) | |
Merge "Retrieve secrets using Secret Management Service"
Diffstat (limited to 'conductor')
| -rw-r--r-- | conductor/conductor/common/sms.py | 29 | ||||
| -rw-r--r-- | conductor/conductor/service.py | 3 | ||||
| -rw-r--r-- | conductor/conductor/tests/unit/test_sms.py | 16 | ||||
| -rw-r--r-- | conductor/requirements.txt | 2 |
4 files changed, 32 insertions, 18 deletions
diff --git a/conductor/conductor/common/sms.py b/conductor/conductor/common/sms.py index 43b9522..ace2e68 100644 --- a/conductor/conductor/common/sms.py +++ b/conductor/conductor/common/sms.py @@ -23,6 +23,12 @@ from onapsmsclient import Client from oslo_config import cfg from oslo_log import log +import conductor.data.plugins.inventory_provider.aai +import conductor.api.controllers.v1.plans +import conductor.common.music.api +import conductor.data.plugins.service_controller.sdnc + + LOG = log.getLogger(__name__) @@ -43,8 +49,7 @@ AAF_SMS_OPTS = [ 'is not verified by the client.'), cfg.StrOpt('secret_domain', default='has', - help='Domain UUID - A unique UUID generated when the domain' - 'for HAS is created by administrator during deployment') + help='Domain Name for HAS') ] CONF.register_opts(AAF_SMS_OPTS, group='aaf_sms') @@ -52,8 +57,6 @@ config_spec = { "preload_secrets": "../preload_secrets.yaml" } -secret_cache = {} - def preload_secrets(): """ This is intended to load the secrets required for testing Application @@ -67,8 +70,8 @@ def preload_secrets(): timeout = config.aaf_sms_timeout cacert = config.aaf_ca_certs sms_client = Client(url=sms_url, timeout=timeout, cacert=cacert) - domain = sms_client.createDomain(domain) - config.secret_domain = domain # uuid + domain_uuid = sms_client.createDomain(domain) + LOG.debug("Created domain {} with uuid {}".format(domain, domain_uuid)) secrets = preload_config.get("secrets") for secret in secrets: sms_client.storeSecret(domain, secret.get('name'), @@ -93,6 +96,20 @@ def retrieve_secrets(): return secret_dict +def load_secrets(): + config = CONF + secret_dict = retrieve_secrets() + config.aai.username = secret_dict['aai']['username'] + config.aai.password = secret_dict['aai']['password'] + config.conductor_api.username = secret_dict['conductor_api']['username'] + config.conductor_api.password = secret_dict['conductor_api']['password'] + config.music_api.aafuser = secret_dict['music_api']['aafuser'] + config.music_api.aafpass = secret_dict['music_api']['aafpass'] + config.music_api.aafns = secret_dict['music_api']['aafns'] + config.sdnc.username = secret_dict['sdnc']['username'] + config.sdnc.password = secret_dict['sdnc']['password'] + + def delete_secrets(): """ This is intended to delete the secrets for a clean initialization for testing Application. Actual deployment will have a preload script. diff --git a/conductor/conductor/service.py b/conductor/conductor/service.py index df5bffc..982123c 100644 --- a/conductor/conductor/service.py +++ b/conductor/conductor/service.py @@ -20,6 +20,7 @@ import sys # from keystoneauth1 import loading as ka_loading +from conductor.common import sms from oslo_config import cfg import oslo_i18n from oslo_log import log @@ -107,4 +108,6 @@ def prepare_service(argv=None, config_files=None): if argv: gmr.TextGuruMeditation.setup_autorun(version) messaging.setup() + # TODO(Dileep): Uncomment once Helm charts to preload secrets available + # sms.load_secrets() return conf diff --git a/conductor/conductor/tests/unit/test_sms.py b/conductor/conductor/tests/unit/test_sms.py index b04111e..77c06b8 100644 --- a/conductor/conductor/tests/unit/test_sms.py +++ b/conductor/conductor/tests/unit/test_sms.py @@ -35,10 +35,7 @@ class TestSMS(unittest.TestCase): @requests_mock.mock() def test_sms(self, mock_sms): - ''' NOTE: preload_secret generate the uuid for the domain - Create Domain API is called during the deployment using a - preload script. So the application oly knows the domain_uuid. - All sub-sequent SMS API calls needs the uuid. + ''' NOTE: preload_secret during the deployment using a preload script. For test purposes we need to do preload ourselves''' sms_url = self.config.aaf_sms_url @@ -53,7 +50,8 @@ class TestSMS(unittest.TestCase): # Mock requests for preload_secret cd_url = self.base_domain_url.format(sms_url) domain_uuid1 = str(uuid4()) - s_url = self.secret_url.format(sms_url, domain_uuid1) + domain_name = self.config.secret_domain + s_url = self.secret_url.format(sms_url, domain_name) mock_sms.post(cd_url, status_code=200, json={'uuid': domain_uuid1}) mock_sms.post(s_url, status_code=200) # Initialize Secrets from SMS @@ -61,13 +59,9 @@ class TestSMS(unittest.TestCase): # Part 2: Retrieve Secret Test # Mock requests for retrieve_secrets - # IMPORTANT: Read the config again as the preload_secrets has - # updated the config with uuid - domain_uuid2 = self.config.secret_domain - self.assertEqual(domain_uuid1, domain_uuid2) - d_url = self.domain_url.format(sms_url, domain_uuid2) - s_url = self.secret_url.format(sms_url, domain_uuid2) + d_url = self.domain_url.format(sms_url, domain_name) + s_url = self.secret_url.format(sms_url, domain_name) # Retrieve Secrets from SMS and load to secret cache # Use the secret_cache instead of config files diff --git a/conductor/requirements.txt b/conductor/requirements.txt index 52ed4ed..d6d413d 100644 --- a/conductor/requirements.txt +++ b/conductor/requirements.txt @@ -23,6 +23,6 @@ requests[security]!=2.9.0,>=2.8.1 # Apache-2.0 six>=1.9.0 # MIT, also required by futurist stevedore>=1.9.0 # Apache-2.0, also required by oslo.config WebOb>=1.2.3 # MIT -onapsmsclient>=0.0.3 +onapsmsclient>=0.0.4 Flask>=0.11.1 prometheus-client>=0.3.1
\ No newline at end of file |