Requirement: add admin_user/admin_password conf file

Description: Customer require a way to read admin/admin password from given path/file --admin-user and --admin-password command is not secret since it would be displayed.The expected change to contrail-logs, contrail-stats, contrail-flow. Solution: Add a new command --admin-conf-file and follow these rules: (1) giving the highest priority to --admin/--admin-password only when they are specified in the command line. (2) if --admin/--admin-password are not specified and --conf-file is specified, read the file specified by --conf-file. (3) if any of --admin/--admin-password/--conf-file are not specified, read the default conf file. (4) if any options are not specified and the credential cannot be read from the default conf file, use default user and password. Closes-Bug: 1658821 Change-Id: If9d7c2640fafd085395e950e69825eaedeb49347
Juniper · Feb 20, 2017 · 803d6f8 · 803d6f8
1 parent 5390a8c
commit 803d6f8
Show file tree

Hide file tree

Showing 3 changed files with 110 additions and 20 deletions.
diff --git a/src/opserver/flow.py b/src/opserver/flow.py
@@ -11,6 +11,7 @@
 #
 
 import sys
+import ConfigParser
 import argparse
 import json
 import datetime
@@ -70,6 +71,7 @@ def __init__(self):
     def run(self):
         if self.parse_args() != 0:
             return
+
         result = self.query()
         self.display(result)
 
@@ -98,10 +100,40 @@ def parse_args(self):
             'start_time': 'now-10m',
             'end_time': 'now',
             'direction' : 'ingress',
+            'admin_user': 'admin',
+            'admin_password': 'contrail123',
+            'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
         }
 
+        conf_parser = argparse.ArgumentParser(add_help=False)
+        conf_parser.add_argument("--admin-user", help="Name of admin user")
+        conf_parser.add_argument("--admin-password", help="Password of admin user")
+        conf_parser.add_argument("--conf-file", help="Configuration file")
+        args, remaining_argv = conf_parser.parse_known_args();
+
+        configfile = defaults['conf_file']
+        if args.conf_file:
+            configfile = args.conf_file
+
+        config = ConfigParser.SafeConfigParser()
+        config.read(configfile)
+        if 'KEYSTONE' in config.sections():
+            if args.admin_user == None:
+                args.admin_user = config.get('KEYSTONE', 'admin_user')
+            if args.admin_password == None:
+                args.admin_password = config.get('KEYSTONE','admin_password')
+
+        if args.admin_user == None:
+            args.admin_user = defaults['admin_user']
+        if args.admin_password == None:
+            args.admin_password = defaults['admin_password']
+
         parser = argparse.ArgumentParser(
-            formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+                  # Inherit options from config_parser
+                  parents=[conf_parser],
+                  # print script description with -h/--help
+                  description=__doc__,
+                  formatter_class=argparse.ArgumentDefaultsHelpFormatter)
         parser.set_defaults(**defaults)
         parser.add_argument("--analytics-api-ip",
             help="IP address of Analytics API Server")
@@ -139,12 +171,10 @@ def parse_args(self):
             help="Show vmi uuid information")
         parser.add_argument(
             "--verbose", action="store_true", help="Show internal information")        
-        parser.add_argument(
-            "--admin-user", help="Name of admin user", default="admin")
-        parser.add_argument(
-            "--admin-password", help="Password of admin user",
-            default="contrail123")
-        self._args = parser.parse_args()
+        self._args = parser.parse_args(remaining_argv)
+
+        self._args.admin_user = args.admin_user
+        self._args.admin_password = args.admin_password
 
         try:
             self._start_time, self._end_time = \

diff --git a/src/opserver/log.py b/src/opserver/log.py
@@ -11,6 +11,7 @@
 #
 
 import sys
+import ConfigParser
 import argparse
 import json
 import datetime
@@ -45,6 +46,7 @@ def run(self):
         try:
             if self.parse_args() != 0:
                 return
+
             if self._args.tail:
                 start_time = UTCTimestampUsec() - 10*pow(10,6)
                 while True:
@@ -112,10 +114,40 @@ def parse_args(self):
         defaults = {
             'analytics_api_ip': '127.0.0.1',
             'analytics_api_port': '8181',
+            'admin_user': 'admin',
+            'admin_password': 'contrail123',
+            'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
         }
 
+        conf_parser = argparse.ArgumentParser(add_help=False)
+        conf_parser.add_argument("--admin-user", help="Name of admin user")
+        conf_parser.add_argument("--admin-password", help="Password of admin user")
+        conf_parser.add_argument("--conf-file", help="Configuration file")
+        args, remaining_argv = conf_parser.parse_known_args();
+
+        configfile = defaults['conf_file']
+        if args.conf_file:
+            configfile = args.conf_file
+
+        config = ConfigParser.SafeConfigParser()
+        config.read(configfile)
+        if 'KEYSTONE' in config.sections():
+            if args.admin_user == None:
+                args.admin_user = config.get('KEYSTONE', 'admin_user')
+            if args.admin_password == None:
+                args.admin_password = config.get('KEYSTONE','admin_password')
+
+        if args.admin_user == None:
+            args.admin_user = defaults['admin_user']
+        if args.admin_password == None:
+            args.admin_password = defaults['admin_password']
+
         parser = argparse.ArgumentParser(
-            formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+                  # Inherit options from config_parser
+                  parents=[conf_parser],
+                  # print script description with -h/--help
+                  description=__doc__,
+                  formatter_class=argparse.ArgumentDefaultsHelpFormatter)
         parser.set_defaults(**defaults)
         parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
         parser.add_argument("--analytics-api-port", help="Port of Analytics API Server")
@@ -164,10 +196,9 @@ def parse_args(self):
         parser.add_argument("--output-file", "-o", help="redirect output to file")
         parser.add_argument("--json", help="Dump output as json", action="store_true")
         parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS)
-        parser.add_argument("--admin-user", help="Name of admin user", default="admin")
-        parser.add_argument("--admin-password", help="Password of admin user",
-            default="contrail123")
-        self._args = parser.parse_args()
+        self._args = parser.parse_args(remaining_argv)
+        self._args.admin_user = args.admin_user
+        self._args.admin_password = args.admin_password
         return 0
     # end parse_args
 

diff --git a/src/opserver/stats.py b/src/opserver/stats.py
@@ -11,6 +11,7 @@
 #
 
 import sys
+import ConfigParser
 import argparse
 import json
 import datetime
@@ -76,11 +77,41 @@ def parse_args(self):
             'end_time': 'now',
             'select' : [],
             'where' : ['Source=*'],
-            'sort': []
+            'sort': [],
+            'admin_user': 'admin',
+            'admin_password': 'contrail123',
+            'conf_file': '/etc/contrail/contrail-keystone-auth.conf',
         }
 
+        conf_parser = argparse.ArgumentParser(add_help=False)
+        conf_parser.add_argument("--admin-user", help="Name of admin user")
+        conf_parser.add_argument("--admin-password", help="Password of admin user")
+        conf_parser.add_argument("--conf-file", help="Configuration file")
+        args, remaining_argv = conf_parser.parse_known_args();
+
+        configfile = defaults['conf_file']
+        if args.conf_file:
+            configfile = args.conf_file
+
+        config = ConfigParser.SafeConfigParser()
+        config.read(configfile)
+        if 'KEYSTONE' in config.sections():
+            if args.admin_user == None:
+                args.admin_user = config.get('KEYSTONE', 'admin_user')
+            if args.admin_password == None:
+                args.admin_password = config.get('KEYSTONE','admin_password')
+
+        if args.admin_user == None:
+            args.admin_user = defaults['admin_user']
+        if args.admin_password == None:
+            args.admin_password = defaults['admin_password']
+
         parser = argparse.ArgumentParser(
-            formatter_class=argparse.ArgumentDefaultsHelpFormatter)
+                  # Inherit options from config_parser
+                  parents=[conf_parser],
+                  # print script description with -h/--help
+                  description=__doc__,
+                  formatter_class=argparse.ArgumentDefaultsHelpFormatter)
         parser.set_defaults(**defaults)
         parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server")
         parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server")
@@ -99,12 +130,10 @@ def parse_args(self):
             "--where", help="List of Where Terms to be ANDed", nargs='+')
         parser.add_argument(
             "--sort", help="List of Sort Terms", nargs='+')
-        parser.add_argument(
-            "--admin-user", help="Name of admin user", default="admin")
-        parser.add_argument(
-            "--admin-password", help="Password of admin user",
-            default="contrail123")
-        self._args = parser.parse_args()
+        self._args = parser.parse_args(remaining_argv)
+
+        self._args.admin_user = args.admin_user
+        self._args.admin_password = args.admin_password
 
         if self._args.table is None and self._args.dtable is None:
             return -1