1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
# Copyright 2016 Brocade Communications Systems Inc
# All Rights Reserved.
#
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from urllib import parse as urlparse
from tackerclient.common import exceptions
def args2body_vim(config_param, vim):
"""Create additional args to vim body
:param vim: vim request object
:return: vim body with args populated
"""
vim_type = ['openstack', 'kubernetes']
cert_verify_type = ['True', 'False']
if 'type' in config_param:
vim['type'] = config_param.pop('type', '')
if not vim['type'] in vim_type:
raise exceptions.TackerClientException(
message='Supported VIM types: openstack, kubernetes',
status_code=400)
else:
vim['type'] = 'openstack'
if vim['type'] == 'openstack':
vim['vim_project'] = {
'name': config_param.pop('project_name', ''),
'project_domain_name':
config_param.pop('project_domain_name', '')}
if not vim['vim_project']['name']:
raise exceptions.TackerClientException(
message='Project name must be specified',
status_code=404)
cert_verify = config_param.pop('cert_verify', 'True')
if cert_verify not in cert_verify_type:
raise exceptions.TackerClientException(
message='Supported cert_verify types: True, False',
status_code=400)
vim['auth_cred'] = {'username': config_param.pop('username', ''),
'password': config_param.pop('password', ''),
'user_domain_name':
config_param.pop('user_domain_name', ''),
'cert_verify': cert_verify}
elif vim['type'] == 'kubernetes':
vim['vim_project'] = {
'name': config_param.pop('project_name', '')}
if not vim['vim_project']['name']:
raise exceptions.TackerClientException(
message='Project name must be specified in Kubernetes VIM,'
'it is namespace in Kubernetes environment',
status_code=404)
if 'oidc_token_url' in config_param:
if ('username' not in config_param or
'password' not in config_param or
'client_id' not in config_param):
# the username, password, client_id are required.
# client_secret is not required when client type is public.
raise exceptions.TackerClientException(
message='oidc_token_url must be specified with username,'
' password, client_id, client_secret(optional).',
status_code=404)
vim['auth_cred'] = {
'oidc_token_url': config_param.pop('oidc_token_url'),
'username': config_param.pop('username'),
'password': config_param.pop('password'),
'client_id': config_param.pop('client_id')}
if 'client_secret' in config_param:
vim['auth_cred']['client_secret'] = config_param.pop(
'client_secret')
elif ('username' in config_param) and ('password' in config_param):
vim['auth_cred'] = {
'username': config_param.pop('username', ''),
'password': config_param.pop('password', '')}
elif 'bearer_token' in config_param:
vim['auth_cred'] = {
'bearer_token': config_param.pop('bearer_token', '')}
else:
raise exceptions.TackerClientException(
message='username and password or bearer_token must be'
'provided',
status_code=404)
ssl_ca_cert = config_param.pop('ssl_ca_cert', '')
if ssl_ca_cert:
vim['auth_cred']['ssl_ca_cert'] = ssl_ca_cert
if 'extra' in config_param:
vim['extra'] = config_param.pop('extra')
def validate_auth_url(url):
url_parts = urlparse.urlparse(url)
if not url_parts.scheme or not url_parts.netloc:
raise exceptions.TackerClientException(message='Invalid auth URL')
return url_parts
|
