3rdparty/modules/keystone/lib/puppet/provider/keystone.rb

   1 require 'puppet/util/inifile'
   2 require 'puppet/provider/openstack'
   3 require 'puppet/provider/openstack/auth'
   4 require 'puppet/provider/openstack/credentials'
   5
   6 class Puppet::Provider::Keystone < Puppet::Provider::Openstack
   7
   8   extend Puppet::Provider::Openstack::Auth
   9
  10   INI_FILENAME = '/etc/keystone/keystone.conf'
  11
  12   def self.get_endpoint
  13     endpoint = nil
  14     if ENV['OS_AUTH_URL']
  15       endpoint = ENV['OS_AUTH_URL']
  16     else
  17       endpoint = get_os_vars_from_rcfile(rc_filename)['OS_AUTH_URL']
  18       unless endpoint
  19         # This is from legacy but seems wrong, we want auth_url not url!
  20         endpoint = get_admin_endpoint
  21       end
  22     end
  23     unless endpoint
  24       raise(Puppet::Error::OpenstackAuthInputError, 'Could not find auth url to check user password.')
  25     end
  26     endpoint
  27   end
  28
  29   def self.admin_endpoint
  30     @admin_endpoint ||= get_admin_endpoint
  31   end
  32
  33   def self.admin_token
  34     @admin_token ||= get_admin_token
  35   end
  36
  37   def self.get_admin_token
  38     if keystone_file and keystone_file['DEFAULT'] and keystone_file['DEFAULT']['admin_token']
  39       return "#{keystone_file['DEFAULT']['admin_token'].strip}"
  40     else
  41       return nil
  42     end
  43   end
  44
  45   def self.get_admin_endpoint
  46     if keystone_file
  47       if keystone_file['DEFAULT']
  48         if keystone_file['DEFAULT']['admin_endpoint']
  49           auth_url = keystone_file['DEFAULT']['admin_endpoint'].strip.chomp('/')
  50           return "#{auth_url}/v#{@credentials.version}/"
  51         end
  52
  53         if keystone_file['DEFAULT']['admin_port']
  54           admin_port = keystone_file['DEFAULT']['admin_port'].strip
  55         else
  56           admin_port = '35357'
  57         end
  58
  59         if keystone_file['DEFAULT']['admin_bind_host']
  60           host = keystone_file['DEFAULT']['admin_bind_host'].strip
  61           if host == "0.0.0.0"
  62             host = "127.0.0.1"
  63           elsif host == '::0'
  64             host = '[::1]'
  65           end
  66         else
  67           host = "127.0.0.1"
  68         end
  69       end
  70
  71       if keystone_file['ssl'] && keystone_file['ssl']['enable'] && keystone_file['ssl']['enable'].strip.downcase == 'true'
  72         protocol = 'https'
  73       else
  74         protocol = 'http'
  75       end
  76     end
  77
  78     "#{protocol}://#{host}:#{admin_port}/v#{@credentials.version}/"
  79   end
  80
  81   def self.request(service, action, properties=nil)
  82     super
  83     rescue Puppet::Error::OpenstackAuthInputError => error
  84       request_by_service_token(service, action, error, properties)
  85   end
  86
  87   def self.request_by_service_token(service, action, error, properties=nil)
  88     properties ||= []
  89     @credentials.token = get_admin_token
  90     @credentials.url   = get_admin_endpoint
  91     raise error unless @credentials.service_token_set?
  92     Puppet::Provider::Openstack.request(service, action, properties, @credentials)
  93   end
  94
  95   def self.ini_filename
  96     INI_FILENAME
  97   end
  98
  99   def self.keystone_file
 100     return @keystone_file if @keystone_file
 101     if File.exists?(ini_filename)
 102       @keystone_file = Puppet::Util::IniConfig::File.new
 103       @keystone_file.read(ini_filename)
 104       @keystone_file
 105     end
 106   end
 107
 108   # Helper functions to use on the pre-validated enabled field
 109   def bool_to_sym(bool)
 110     bool == true ? :true : :false
 111   end
 112
 113   def sym_to_bool(sym)
 114     sym == :true ? true : false
 115   end
 116 end