From b7cf76d39eab9d292b8d58db4b0934557cad4509 Mon Sep 17 00:00:00 2001 From: RHE Date: Thu, 28 Dec 2017 15:19:05 +0100 Subject: moonv4.3 review Change-Id: I0d137df21136292b58194def44ac5b32183368fc Signed-off-by: RHE --- moon_manager/Dockerfile | 6 +- moon_manager/README.md | 8 ++ moon_manager/README.rst | 9 -- moon_manager/moon_manager/api/containers.py | 178 ---------------------------- moon_manager/moon_manager/api/generic.py | 15 ++- moon_manager/moon_manager/api/meta_rules.py | 10 +- moon_manager/moon_manager/http_server.py | 29 ++--- moon_manager/moon_manager/server.py | 8 +- moon_manager/requirements.txt | 1 - moon_manager/setup.py | 2 +- 10 files changed, 43 insertions(+), 223 deletions(-) create mode 100644 moon_manager/README.md delete mode 100644 moon_manager/README.rst delete mode 100644 moon_manager/moon_manager/api/containers.py (limited to 'moon_manager') diff --git a/moon_manager/Dockerfile b/moon_manager/Dockerfile index 873e3aa2..b5eb4e02 100644 --- a/moon_manager/Dockerfile +++ b/moon_manager/Dockerfile @@ -1,12 +1,8 @@ -FROM ubuntu:latest - -RUN apt update && apt install python3.5 python3-pip -y -RUN pip3 install pip --upgrade +FROM python:3 ADD . /root WORKDIR /root/ RUN pip3 install -r requirements.txt -#RUN pip3 install /root/dist/* --upgrade RUN pip3 install . CMD ["python3", "-m", "moon_manager"] \ No newline at end of file diff --git a/moon_manager/README.md b/moon_manager/README.md new file mode 100644 index 00000000..c74ccc28 --- /dev/null +++ b/moon_manager/README.md @@ -0,0 +1,8 @@ +# moon_manager + +This package contains the core module for the Moon project +It is designed to provide authorization features to all OpenStack components. + +For any other information, refer to the parent project: + + https://git.opnfv.org/moon diff --git a/moon_manager/README.rst b/moon_manager/README.rst deleted file mode 100644 index ded4e99a..00000000 --- a/moon_manager/README.rst +++ /dev/null @@ -1,9 +0,0 @@ -Core module for the Moon project -================================ - -This package contains the core module for the Moon project -It is designed to provide authorization features to all OpenStack components. - -For any other information, refer to the parent project: - - https://git.opnfv.org/moon diff --git a/moon_manager/moon_manager/api/containers.py b/moon_manager/moon_manager/api/containers.py deleted file mode 100644 index 6dc50ea5..00000000 --- a/moon_manager/moon_manager/api/containers.py +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors -# This software is distributed under the terms and conditions of the 'Apache-2.0' -# license which can be found in the file 'LICENSE' in this package distribution -# or at 'http://www.apache.org/licenses/LICENSE-2.0'. -""" -PDP are Policy Decision Point. - -""" - -import copy -from docker import Client -from flask import request -from flask_restful import Resource -from oslo_log import log as logging -from python_moonutilities.security_functions import check_auth -from python_moonutilities import configuration - -docker_conf = configuration.get_configuration("docker")['docker'] -docker = Client(base_url=docker_conf['url']) - -__version__ = "0.1.0" - -LOG = logging.getLogger("moon.manager.api." + __name__) - - -class Container(Resource): - """ - Endpoint for container requests - """ - - __urls__ = ( - "/containers", - "/containers/", - "/containers/", - "/containers//", - ) - - def __init__(self): - self.containers = {} - self.update() - - def update(self): - for _container in docker.containers(): - if _container['Id'] not in self.containers: - self.containers[_container['Id']] = { - "name": _container["Names"], - "port": _container["Ports"], - } - - @check_auth - def get(self, uuid=None, user_id=None): - """Retrieve all containers - - :param uuid: uuid of the container - :param user_id: user ID who do the request - :return: { - "containers": { - "da0fd80fc1dc146e1b...a2e07d240cde09f0a": { - "name": [ - "/wrapper" - ], - "port": [ - { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - } - ] - }, - } - } - :internal_api: get_containers - """ - # try: - # data = [{"name": item["Names"], "port": item["Ports"], } for item in docker.containers()] - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - return {"containers": self.containers} - - @check_auth - def post(self, uuid=None, user_id=None): - """Add a new container. - - :param uuid: uuid of the pdp (not used here) - :param user_id: user ID who do the request - :request body: { - "id": "id of the new container", - "name": "name of the new container", - "hostname": "hostname of the new container", - "port": { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - }, - "keystone_project_id": "keystone_project_id1", - "pdp_id": "PDP UUID", - "container_name": "wukongsun/moon_authz:v4.1" - } - :return: { - "containers": { - "da0fd80fc1dc146e1b...a2e07d240cde09f0a": { - "name": [ - "/wrapper" - ], - "port": [ - { - "PrivatePort": 8080, - "Type": "tcp", - "IP": "0.0.0.0", - "PublicPort": 8080 - } - ] - }, - } - } - :internal_api: add_container - """ - try: - self.update() - self.containers[request.json.get('id')] = copy.deepcopy(request.json) - LOG.info("Added a new container {}".format(request.json.get('name'))) - except Exception as e: - LOG.error(e, exc_info=True) - return {"result": False, - "error": str(e)}, 500 - return {"containers": self.containers} - - @check_auth - def delete(self, uuid=None, user_id=None): - """Delete a pdp - - :param uuid: uuid of the pdp to delete - :param user_id: user ID who do the request - :return: { - "result": "True or False", - "message": "optional message" - } - :internal_api: delete_pdp - """ - # try: - # data = PDPManager.delete_pdp(user_id=user_id, pdp_id=uuid) - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - # return {"result": True} - raise NotImplementedError - - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a pdp - - :param uuid: uuid of the pdp to update - :param user_id: user ID who do the request - :return: { - "pdp_id1": { - "name": "...", - "security_pipeline": [...], - "keystone_project_id": "keystone_project_id1", - "description": "...", - } - } - :internal_api: update_pdp - """ - # try: - # data = PDPManager.update_pdp(user_id=user_id, pdp_id=uuid, value=request.json) - # add_container(uuid=uuid, pipeline=data[uuid]['security_pipeline']) - # except Exception as e: - # LOG.error(e, exc_info=True) - # return {"result": False, - # "error": str(e)} - # return {"pdps": data} - raise NotImplementedError - diff --git a/moon_manager/moon_manager/api/generic.py b/moon_manager/moon_manager/api/generic.py index bd7dcdac..f46bfd35 100644 --- a/moon_manager/moon_manager/api/generic.py +++ b/moon_manager/moon_manager/api/generic.py @@ -21,7 +21,11 @@ class Status(Resource): Endpoint for status requests """ - __urls__ = ("/status", "/status/", "/status/") + __urls__ = ( + "/status", + "/status/", + "/status/" + ) def get(self, component_id=None): """Retrieve status of all components @@ -43,7 +47,11 @@ class Logs(Resource): Endpoint for logs requests """ - __urls__ = ("/logs", "/logs/", "/logs/") + __urls__ = ( + "/logs", + "/logs/", + "/logs/" + ) def get(self, component_id=None): """Get logs from the Moon platform @@ -83,7 +91,8 @@ class API(Resource): "/api/", "/api/", "/api//", - "/api//") + "/api//" + ) @check_auth def get(self, group_id="", endpoint_id="", user_id=""): diff --git a/moon_manager/moon_manager/api/meta_rules.py b/moon_manager/moon_manager/api/meta_rules.py index ceba0ffb..21552dd7 100644 --- a/moon_manager/moon_manager/api/meta_rules.py +++ b/moon_manager/moon_manager/api/meta_rules.py @@ -23,10 +23,12 @@ class MetaRules(Resource): Endpoint for meta rules requests """ - __urls__ = ("/meta_rules", - "/meta_rules/", - "/meta_rules/", - "/meta_rules//") + __urls__ = ( + "/meta_rules", + "/meta_rules/", + "/meta_rules/", + "/meta_rules//" + ) @check_auth def get(self, meta_rule_id=None, user_id=None): diff --git a/moon_manager/moon_manager/http_server.py b/moon_manager/moon_manager/http_server.py index 584e71a2..6aa2cd44 100644 --- a/moon_manager/moon_manager/http_server.py +++ b/moon_manager/moon_manager/http_server.py @@ -20,12 +20,20 @@ from moon_manager.api.perimeter import Subjects, Objects, Actions from moon_manager.api.data import SubjectData, ObjectData, ActionData from moon_manager.api.assignments import SubjectAssignments, ObjectAssignments, ActionAssignments from moon_manager.api.rules import Rules -# from moon_manager.api.containers import Container from python_moonutilities import configuration, exceptions from python_moondb.core import PDPManager -LOG = logging.getLogger("moon.manager.http") +LOG = logging.getLogger("moon.manager.http_server") + +__API__ = ( + Status, Logs, API, + MetaRules, SubjectCategories, ObjectCategories, ActionCategories, + Subjects, Objects, Actions, Rules, + SubjectAssignments, ObjectAssignments, ActionAssignments, + SubjectData, ObjectData, ActionData, + Models, Policies, PDP + ) class Server: @@ -71,16 +79,6 @@ class Server: def run(self): raise NotImplementedError() -__API__ = ( - Status, Logs, API, - MetaRules, SubjectCategories, ObjectCategories, ActionCategories, - Subjects, Objects, Actions, - SubjectAssignments, ObjectAssignments, ActionAssignments, - SubjectData, ObjectData, ActionData, - Rules, #Container, - Models, Policies, PDP - ) - class Root(Resource): """ @@ -113,7 +111,7 @@ class HTTPServer(Server): conf = configuration.get_configuration("components/manager") self.manager_hostname = conf["components/manager"].get("hostname", "manager") self.manager_port = conf["components/manager"].get("port", 80) - #Todo : specify only few urls instead of * + # TODO : specify only few urls instead of * CORS(self.app) self.api = Api(self.app) self.__set_route() @@ -133,8 +131,8 @@ class HTTPServer(Server): def __set_route(self): self.api.add_resource(Root, '/') - for api in __API__: - self.api.add_resource(api, *api.__urls__) + for _api in __API__: + self.api.add_resource(_api, *_api.__urls__) @staticmethod def __check_if_db_is_up(): @@ -154,4 +152,3 @@ class HTTPServer(Server): def run(self): self.__check_if_db_is_up() self.app.run(debug=True, host=self._host, port=self._port) # nosec - diff --git a/moon_manager/moon_manager/server.py b/moon_manager/moon_manager/server.py index bcc52cb3..f4c01611 100644 --- a/moon_manager/moon_manager/server.py +++ b/moon_manager/moon_manager/server.py @@ -3,18 +3,15 @@ # license which can be found in the file 'LICENSE' in this package distribution # or at 'http://www.apache.org/licenses/LICENSE-2.0'. -import os from oslo_config import cfg from oslo_log import log as logging from python_moonutilities import configuration, exceptions from moon_manager.http_server import HTTPServer -LOG = logging.getLogger("moon.manager") +LOG = logging.getLogger("moon.manager.server") CONF = cfg.CONF DOMAIN = "moon_manager" -__CWD__ = os.path.dirname(os.path.abspath(__file__)) - def main(): configuration.init_logging() @@ -29,8 +26,7 @@ def main(): port = 80 configuration.add_component(uuid="manager", name=hostname, port=port, bind=bind) LOG.info("Starting server with IP {} on port {} bind to {}".format(hostname, port, bind)) - server = HTTPServer(host=bind, port=port) - return server + return HTTPServer(host=bind, port=port) if __name__ == '__main__': diff --git a/moon_manager/requirements.txt b/moon_manager/requirements.txt index 15ba715b..e2dd5c96 100644 --- a/moon_manager/requirements.txt +++ b/moon_manager/requirements.txt @@ -3,4 +3,3 @@ flask_restful flask_cors python_moonutilities python_moondb -docker-py diff --git a/moon_manager/setup.py b/moon_manager/setup.py index a6fc5fc7..bd8a70f0 100644 --- a/moon_manager/setup.py +++ b/moon_manager/setup.py @@ -21,7 +21,7 @@ setup( description="", - long_description=open('README.rst').read(), + long_description=open('README.md').read(), # install_requires= , -- cgit 1.2.3-korg