Add Service Token support
As documented in [1] service tokens are useful to prevent issues with long running services or with requests that take a long time to finish where the user token can expire in the middle of an operation. [1] https://docs.openstack.org/cinder/latest/configuration/block-storage/service-token.html Depends-On: I15682c66d252d506e8f1c9b8de818bc19b1af973 Change-Id: I4d906132876a3efe4bd1154ad2c58a3bc635febe
This commit is contained in:
Liam Young
parent
afa675b1b7
commit
25fafd2c84
@ -97,7 +97,7 @@ LIBAPI = 0
|
||||
|
||||
# Increment this PATCH version before using `charmcraft publish-lib` or reset
|
||||
# to 0 if you are raising the major API version
|
||||
LIBPATCH = 2
|
||||
LIBPATCH = 3
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@ -296,6 +296,11 @@ class IdentityCredentialsRequires(Object):
|
||||
"""Return the region for the public auth url."""
|
||||
return self.get_remote_app_data('public-endpoint')
|
||||
|
||||
@property
|
||||
def admin_role(self) -> str:
|
||||
"""Return the admin_role."""
|
||||
return self.get_remote_app_data('admin-role')
|
||||
|
||||
def request_credentials(self) -> None:
|
||||
"""Request credentials from the IdentityCredentials server."""
|
||||
if self.model.unit.is_leader():
|
||||
@ -422,7 +427,8 @@ class IdentityCredentialsProvides(Object):
|
||||
user_domain_id: str,
|
||||
project_domain_name: str,
|
||||
project_domain_id: str,
|
||||
region: str):
|
||||
region: str,
|
||||
admin_role: str):
|
||||
logging.debug("Setting identity_credentials connection information.")
|
||||
_identity_credentials_rel = None
|
||||
for relation in self.framework.model.relations[relation_name]:
|
||||
@ -449,3 +455,4 @@ class IdentityCredentialsProvides(Object):
|
||||
app_data["region"] = region
|
||||
app_data["internal-endpoint"] = self.charm.internal_endpoint
|
||||
app_data["public-endpoint"] = self.charm.public_endpoint
|
||||
app_data["admin-role"] = admin_role
|
||||
|
||||
@ -190,11 +190,14 @@ class HypervisorOperatorCharm(sunbeam_charm.OSBaseOperatorCharm):
|
||||
"compute.spice-proxy-address": config("ip-address") or local_ip,
|
||||
"compute.virt-type": "kvm",
|
||||
"credentials.ovn-metadata-proxy-shared-secret": self.metadata_secret(),
|
||||
"identity.admin-role": contexts.identity_credentials.admin_role,
|
||||
"identity.auth-url": contexts.identity_credentials.public_endpoint,
|
||||
"identity.password": contexts.identity_credentials.password,
|
||||
"identity.project-domain-id": contexts.identity_credentials.project_domain_id,
|
||||
"identity.project-domain-name": contexts.identity_credentials.project_domain_name,
|
||||
"identity.project-name": contexts.identity_credentials.project_name,
|
||||
"identity.region-name": contexts.identity_credentials.region,
|
||||
"identity.user-domain-id": contexts.identity_credentials.user_domain_id,
|
||||
"identity.user-domain-name": contexts.identity_credentials.user_domain_name,
|
||||
"identity.username": contexts.identity_credentials.username,
|
||||
"logging.debug": json.dumps(config("debug")),
|
||||
|
||||
@ -102,11 +102,14 @@ class TestCharm(test_utils.CharmTestCase):
|
||||
"compute.spice-proxy-address": "10.0.0.10",
|
||||
"compute.virt-type": "kvm",
|
||||
"credentials.ovn-metadata-proxy-shared-secret": metadata,
|
||||
"identity.admin-role": None,
|
||||
"identity.auth-url": "http://10.20.21.11:80/openstack-keystone",
|
||||
"identity.password": "user-password",
|
||||
"identity.project-domain-id": "pdomain-id",
|
||||
"identity.project-domain-name": "pdomain_-ame",
|
||||
"identity.project-name": "user-project",
|
||||
"identity.region-name": "region12",
|
||||
"identity.user-domain-id": "udomain-id",
|
||||
"identity.user-domain-name": "udomain-name",
|
||||
"identity.username": "username",
|
||||
"logging.debug": "false",
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user