nfvbench/credentials.py

   1 # Copyright 2016 Cisco Systems, Inc.  All rights reserved.
   2 #
   3 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
   4 #    not use this file except in compliance with the License. You may obtain
   5 #    a copy of the License at
   6 #
   7 #         http://www.apache.org/licenses/LICENSE-2.0
   8 #
   9 #    Unless required by applicable law or agreed to in writing, software
  10 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  11 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  12 #    License for the specific language governing permissions and limitations
  13 #    under the License.
  14 #
  15
  16 import os
  17 import re
  18
  19 # Module for credentials in Openstack
  20 import getpass
  21 from keystoneauth1.identity import v2
  22 from keystoneauth1.identity import v3
  23 from keystoneauth1 import session
  24 from log import LOG
  25
  26
  27 class Credentials(object):
  28
  29     def get_session(self):
  30         dct = {
  31             'username': self.rc_username,
  32             'password': self.rc_password,
  33             'auth_url': self.rc_auth_url
  34         }
  35         auth = None
  36
  37         if self.rc_identity_api_version == 3:
  38             dct.update({
  39                 'project_name': self.rc_project_name,
  40                 'project_domain_name': self.rc_project_domain_name,
  41                 'user_domain_name': self.rc_user_domain_name
  42             })
  43             auth = v3.Password(**dct)
  44         else:
  45             dct.update({
  46                 'tenant_name': self.rc_tenant_name
  47             })
  48             auth = v2.Password(**dct)
  49         return session.Session(auth=auth, verify=self.rc_cacert)
  50
  51     def __parse_openrc(self, file):
  52         export_re = re.compile('export OS_([A-Z_]*)="?(.*)')
  53         for line in file:
  54             line = line.strip()
  55             mstr = export_re.match(line)
  56             if mstr:
  57                 # get rif of posible trailing double quote
  58                 # the first one was removed by the re
  59                 name = mstr.group(1)
  60                 value = mstr.group(2)
  61                 if value.endswith('"'):
  62                     value = value[:-1]
  63                 # get rid of password assignment
  64                 # echo "Please enter your OpenStack Password: "
  65                 # read -sr OS_PASSWORD_INPUT
  66                 # export OS_PASSWORD=$OS_PASSWORD_INPUT
  67                 if value.startswith('$'):
  68                     continue
  69                 # Check if api version is provided
  70                 # Default is keystone v2
  71                 if name == 'IDENTITY_API_VERSION':
  72                     self.rc_identity_api_version = int(value)
  73
  74                 # now match against wanted variable names
  75                 elif name == 'USERNAME':
  76                     self.rc_username = value
  77                 elif name == 'AUTH_URL':
  78                     self.rc_auth_url = value
  79                 elif name == 'TENANT_NAME':
  80                     self.rc_tenant_name = value
  81                 elif name == "CACERT":
  82                     self.rc_cacert = value
  83                 elif name == "REGION_NAME":
  84                     self.rc_region_name = value
  85                 elif name == "PASSWORD":
  86                     self.rc_password = value
  87                 elif name == "USER_DOMAIN_NAME":
  88                     self.rc_user_domain_name = value
  89                 elif name == "PROJECT_NAME":
  90                     self.rc_project_name = value
  91                 elif name == "PROJECT_DOMAIN_NAME":
  92                     self.rc_project_domain_name = value
  93
  94     #
  95     # Read a openrc file and take care of the password
  96     # The 2 args are passed from the command line and can be None
  97     #
  98     def __init__(self, openrc_file, pwd=None, no_env=False):
  99         self.rc_password = None
 100         self.rc_username = None
 101         self.rc_tenant_name = None
 102         self.rc_auth_url = None
 103         self.rc_cacert = None
 104         self.rc_region_name = None
 105         self.rc_user_domain_name = None
 106         self.rc_project_domain_name = None
 107         self.rc_project_name = None
 108         self.rc_identity_api_version = 2
 109         success = True
 110
 111         if openrc_file:
 112             if isinstance(openrc_file, str):
 113                 if os.path.exists(openrc_file):
 114                     self.__parse_openrc(open(openrc_file))
 115                 else:
 116                     LOG.error('Error: rc file does not exist %s', openrc_file)
 117                     success = False
 118             else:
 119                 self.__parse_openrc(openrc_file)
 120         elif not no_env:
 121             # no openrc file passed - we assume the variables have been
 122             # sourced by the calling shell
 123             # just check that they are present
 124             if 'OS_IDENTITY_API_VERSION' in os.environ:
 125                 self.rc_identity_api_version = int(os.environ['OS_IDENTITY_API_VERSION'])
 126
 127             if self.rc_identity_api_version == 2:
 128                 for varname in ['OS_USERNAME', 'OS_AUTH_URL', 'OS_TENANT_NAME']:
 129                     if varname not in os.environ:
 130                         LOG.warning('%s is missing', varname)
 131                         success = False
 132                 if success:
 133                     self.rc_username = os.environ['OS_USERNAME']
 134                     self.rc_auth_url = os.environ['OS_AUTH_URL']
 135                     self.rc_tenant_name = os.environ['OS_TENANT_NAME']
 136                 if 'OS_REGION_NAME' in os.environ:
 137                     self.rc_region_name = os.environ['OS_REGION_NAME']
 138             elif self.rc_identity_api_version == 3:
 139                 for varname in ['OS_USERNAME', 'OS_AUTH_URL', 'OS_PROJECT_NAME',
 140                                 'OS_PROJECT_DOMAIN_NAME', 'OS_USER_DOMAIN_NAME']:
 141                     if varname not in os.environ:
 142                         LOG.warning('%s is missing', varname)
 143                         success = False
 144                 if success:
 145                     self.rc_username = os.environ['OS_USERNAME']
 146                     self.rc_auth_url = os.environ['OS_AUTH_URL']
 147                     self.rc_project_name = os.environ['OS_PROJECT_NAME']
 148                     self.rc_project_domain_id = os.environ['OS_PROJECT_DOMAIN_NAME']
 149                     self.rc_user_domain_id = os.environ['OS_USER_DOMAIN_NAME']
 150             if 'OS_CACERT' in os.environ:
 151                 self.rc_cacert = os.environ['OS_CACERT']
 152
 153
 154         # always override with CLI argument if provided
 155         if pwd:
 156             self.rc_password = pwd
 157         # if password not know, check from env variable
 158         elif self.rc_auth_url and not self.rc_password and success:
 159             if 'OS_PASSWORD' in os.environ and not no_env:
 160                 self.rc_password = os.environ['OS_PASSWORD']
 161             else:
 162                 # interactively ask for password
 163                 self.rc_password = getpass.getpass(
 164                     'Please enter your OpenStack Password: ')
 165         if not self.rc_password:
 166             self.rc_password = ""