aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4
diff options
context:
space:
mode:
authorThomas Duval <thomas.duval@orange.com>2017-11-22 11:26:41 +0100
committerThomas Duval <thomas.duval@orange.com>2017-11-22 11:26:41 +0100
commitdcf2ce1b8cd039b3a13e7c70ef94ce968ffc4de0 (patch)
tree5bf8e2a2071525c28f76b99a0e1eec8945528a66 /moonv4
parentcb739df188d2c7c465a3d4fbc857c6417e2a3073 (diff)
Add waiting code for Keystone, re-add the ability to connect a PDP to the "admin" Keystone project and fix some bugs
Change-Id: Ic3afdb1306a72bd09f9071e96aabfae602153e94
Diffstat (limited to 'moonv4')
-rw-r--r--moonv4/templates/moonforming/Dockerfile4
-rw-r--r--moonv4/templates/moonforming/populate_default_values.py18
-rw-r--r--moonv4/templates/moonforming/run.sh19
-rw-r--r--moonv4/templates/moonforming/utils/pdp.py10
-rw-r--r--moonv4/templates/moonforming/utils/policies.py5
5 files changed, 38 insertions, 18 deletions
diff --git a/moonv4/templates/moonforming/Dockerfile b/moonv4/templates/moonforming/Dockerfile
index 3410a5f4..87a067f9 100644
--- a/moonv4/templates/moonforming/Dockerfile
+++ b/moonv4/templates/moonforming/Dockerfile
@@ -2,7 +2,9 @@ FROM python:3
WORKDIR /usr/src/app
RUN pip install --no-cache-dir --upgrade requests pyyaml moon_utilities moon_db
+ENV POPULATE_ARGS "-v"
+
ADD . /root
WORKDIR /root
-CMD ["sh", "/root/run.sh" ] \ No newline at end of file
+CMD sh /root/run.sh ${POPULATE_ARGS} \ No newline at end of file
diff --git a/moonv4/templates/moonforming/populate_default_values.py b/moonv4/templates/moonforming/populate_default_values.py
index 10b66201..fa099458 100644
--- a/moonv4/templates/moonforming/populate_default_values.py
+++ b/moonv4/templates/moonforming/populate_default_values.py
@@ -32,7 +32,7 @@ requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.WARNING)
requests_log.propagate = True
-logger = logging.getLogger(__name__)
+logger = logging.getLogger("moonforming")
if args.filename:
print("Loading: {}".format(args.filename[0]))
@@ -204,13 +204,13 @@ def create_policy(model_id, meta_rule_list):
def create_pdp(policy_id=None):
logger.info("Creating PDP {}".format(scenario.pdp_name))
- # projects = get_keystone_projects()
- # project_id = args.keystone_pid
- # if not project_id:
- # for _project in projects['projects']:
- # if _project['name'] == "admin":
- # project_id = _project['id']
- # assert project_id
+ projects = get_keystone_projects()
+ project_id = args.keystone_pid
+ if not project_id:
+ for _project in projects['projects']:
+ if _project['name'] == "admin":
+ project_id = _project['id']
+ assert project_id
pdps = check_pdp()["pdps"]
for pdp_id, pdp_value in pdps.items():
if scenario.pdp_name == pdp_value["name"]:
@@ -218,7 +218,7 @@ def create_pdp(policy_id=None):
logger.debug("Found existing PDP named {} (will add policy {})".format(scenario.pdp_name, policy_id))
return pdp_id
_pdp_id = add_pdp(name=scenario.pdp_name, policy_id=policy_id)
- # map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
+ map_to_keystone(pdp_id=_pdp_id, keystone_project_id=project_id)
return _pdp_id
if __name__ == "__main__":
diff --git a/moonv4/templates/moonforming/run.sh b/moonv4/templates/moonforming/run.sh
index e3c052c5..71543f9e 100644
--- a/moonv4/templates/moonforming/run.sh
+++ b/moonv4/templates/moonforming/run.sh
@@ -1,12 +1,14 @@
#!/usr/bin/env bash
+populate_args=$*
+
echo "Waiting for Consul (http://consul:8500)"
while ! python -c "import requests; req = requests.get('http://consul:8500')" 2>/dev/null ; do
sleep 5 ;
echo "."
done
-echo "Manager (http://consul:8500) is up."
+echo "Consul (http://consul:8500) is up."
python3 /root/conf2consul.py /etc/moon/moon.conf
@@ -16,10 +18,18 @@ while ! python -c "import socket, sys; s = socket.socket(socket.AF_INET, socket.
echo "."
done
-echo "Manager (http://db:3306) is up."
+echo "Database (http://db:3306) is up."
moon_db_manager upgrade
+echo "Waiting for Keystone (http://keystone:5000)"
+while ! python -c "import requests; req = requests.get('http://keystone:5000')" 2>/dev/null ; do
+ sleep 5 ;
+ echo "."
+done
+
+echo "Keystone (http://keystone:5000) is up."
+
echo "Waiting for Manager (http://manager:8082)"
while ! python -c "import requests; req = requests.get('http://manager:8082')" 2>/dev/null ; do
sleep 5 ;
@@ -29,5 +39,6 @@ done
echo "Manager (http://manager:8082) is up."
cd /root
-python3 populate_default_values.py -v /root/conf/rbac.py
-python3 populate_default_values.py -v /root/conf/mls.py
+
+python3 populate_default_values.py $populate_args /root/conf/rbac.py
+python3 populate_default_values.py $populate_args /root/conf/mls.py
diff --git a/moonv4/templates/moonforming/utils/pdp.py b/moonv4/templates/moonforming/utils/pdp.py
index 676b216b..f3c6df37 100644
--- a/moonv4/templates/moonforming/utils/pdp.py
+++ b/moonv4/templates/moonforming/utils/pdp.py
@@ -1,7 +1,9 @@
+import logging
import requests
import utils.config
config = utils.config.get_config_data()
+logger = logging.getLogger("moonforming.utils.policies")
URL = "http://{}:{}".format(
config['components']['manager']['hostname'],
@@ -46,8 +48,8 @@ def get_keystone_projects():
}
req = requests.post("{}/auth/tokens".format(KEYSTONE_SERVER), json=data_auth, headers=HEADERS)
- print("{}/auth/tokens".format(KEYSTONE_SERVER))
- print(req.text)
+ logger.debug("{}/auth/tokens".format(KEYSTONE_SERVER))
+ logger.debug(req.text)
assert req.status_code in (200, 201)
TOKEN = req.headers['X-Subject-Token']
HEADERS['X-Auth-Token'] = TOKEN
@@ -97,8 +99,8 @@ def add_pdp(name="test_pdp", policy_id=None):
if policy_id:
pdp_template['security_pipeline'].append(policy_id)
req = requests.post(URL + "/pdp", json=pdp_template, headers=HEADERS)
- print(req.status_code)
- print(req)
+ logger.debug(req.status_code)
+ logger.debug(req)
assert req.status_code == 200
result = req.json()
assert type(result) is dict
diff --git a/moonv4/templates/moonforming/utils/policies.py b/moonv4/templates/moonforming/utils/policies.py
index df7f5f57..bd08291a 100644
--- a/moonv4/templates/moonforming/utils/policies.py
+++ b/moonv4/templates/moonforming/utils/policies.py
@@ -1,7 +1,9 @@
+import logging
import requests
import utils.config
config = utils.config.get_config_data()
+logger = logging.getLogger("moonforming.utils.policies")
URL = "http://{}:{}".format(config['components']['manager']['hostname'], config['components']['manager']['port'])
URL = URL + "{}"
@@ -108,10 +110,13 @@ def delete_policy(policy_id):
def add_subject(policy_id=None, name="test_subject"):
subject_template['name'] = name
if policy_id:
+ logger.debug(URL.format("/policies/{}/subjects".format(policy_id)))
req = requests.post(URL.format("/policies/{}/subjects".format(policy_id)),
json=subject_template, headers=HEADERS)
else:
+ logger.debug(URL.format("/subjects"))
req = requests.post(URL.format("/subjects"), json=subject_template, headers=HEADERS)
+ logger.debug(req.text)
assert req.status_code == 200
result = req.json()
assert "subjects" in result