From 803d6f8b93caa5ef5db877cf601bde04e755ef3d Mon Sep 17 00:00:00 2001 From: zcui Date: Thu, 9 Feb 2017 10:10:59 -0800 Subject: [PATCH] Requirement: add admin_user/admin_password conf file Description: Customer require a way to read admin/admin password from given path/file --admin-user and --admin-password command is not secret since it would be displayed.The expected change to contrail-logs, contrail-stats, contrail-flow. Solution: Add a new command --admin-conf-file and follow these rules: (1) giving the highest priority to --admin/--admin-password only when they are specified in the command line. (2) if --admin/--admin-password are not specified and --conf-file is specified, read the file specified by --conf-file. (3) if any of --admin/--admin-password/--conf-file are not specified, read the default conf file. (4) if any options are not specified and the credential cannot be read from the default conf file, use default user and password. Closes-Bug: 1658821 Change-Id: If9d7c2640fafd085395e950e69825eaedeb49347 --- src/opserver/flow.py | 44 +++++++++++++++++++++++++++++++++++------- src/opserver/log.py | 41 ++++++++++++++++++++++++++++++++++----- src/opserver/stats.py | 45 +++++++++++++++++++++++++++++++++++-------- 3 files changed, 110 insertions(+), 20 deletions(-) diff --git a/src/opserver/flow.py b/src/opserver/flow.py index dc948d526cf..71c5946ca43 100755 --- a/src/opserver/flow.py +++ b/src/opserver/flow.py @@ -11,6 +11,7 @@ # import sys +import ConfigParser import argparse import json import datetime @@ -70,6 +71,7 @@ def __init__(self): def run(self): if self.parse_args() != 0: return + result = self.query() self.display(result) @@ -98,10 +100,40 @@ def parse_args(self): 'start_time': 'now-10m', 'end_time': 'now', 'direction' : 'ingress', + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', } + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.set_defaults(**defaults) parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") @@ -139,12 +171,10 @@ def parse_args(self): help="Show vmi uuid information") parser.add_argument( "--verbose", action="store_true", help="Show internal information") - parser.add_argument( - "--admin-user", help="Name of admin user", default="admin") - parser.add_argument( - "--admin-password", help="Password of admin user", - default="contrail123") - self._args = parser.parse_args() + self._args = parser.parse_args(remaining_argv) + + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password try: self._start_time, self._end_time = \ diff --git a/src/opserver/log.py b/src/opserver/log.py index ce8bcd20bf3..2e95127b2dd 100755 --- a/src/opserver/log.py +++ b/src/opserver/log.py @@ -11,6 +11,7 @@ # import sys +import ConfigParser import argparse import json import datetime @@ -45,6 +46,7 @@ def run(self): try: if self.parse_args() != 0: return + if self._args.tail: start_time = UTCTimestampUsec() - 10*pow(10,6) while True: @@ -112,10 +114,40 @@ def parse_args(self): defaults = { 'analytics_api_ip': '127.0.0.1', 'analytics_api_port': '8181', + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', } + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.set_defaults(**defaults) parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") parser.add_argument("--analytics-api-port", help="Port of Analytics API Server") @@ -164,10 +196,9 @@ def parse_args(self): parser.add_argument("--output-file", "-o", help="redirect output to file") parser.add_argument("--json", help="Dump output as json", action="store_true") parser.add_argument("--all", action="store_true", help=argparse.SUPPRESS) - parser.add_argument("--admin-user", help="Name of admin user", default="admin") - parser.add_argument("--admin-password", help="Password of admin user", - default="contrail123") - self._args = parser.parse_args() + self._args = parser.parse_args(remaining_argv) + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password return 0 # end parse_args diff --git a/src/opserver/stats.py b/src/opserver/stats.py index 35ec980a877..d21f90c5c4f 100755 --- a/src/opserver/stats.py +++ b/src/opserver/stats.py @@ -11,6 +11,7 @@ # import sys +import ConfigParser import argparse import json import datetime @@ -76,11 +77,41 @@ def parse_args(self): 'end_time': 'now', 'select' : [], 'where' : ['Source=*'], - 'sort': [] + 'sort': [], + 'admin_user': 'admin', + 'admin_password': 'contrail123', + 'conf_file': '/etc/contrail/contrail-keystone-auth.conf', } + conf_parser = argparse.ArgumentParser(add_help=False) + conf_parser.add_argument("--admin-user", help="Name of admin user") + conf_parser.add_argument("--admin-password", help="Password of admin user") + conf_parser.add_argument("--conf-file", help="Configuration file") + args, remaining_argv = conf_parser.parse_known_args(); + + configfile = defaults['conf_file'] + if args.conf_file: + configfile = args.conf_file + + config = ConfigParser.SafeConfigParser() + config.read(configfile) + if 'KEYSTONE' in config.sections(): + if args.admin_user == None: + args.admin_user = config.get('KEYSTONE', 'admin_user') + if args.admin_password == None: + args.admin_password = config.get('KEYSTONE','admin_password') + + if args.admin_user == None: + args.admin_user = defaults['admin_user'] + if args.admin_password == None: + args.admin_password = defaults['admin_password'] + parser = argparse.ArgumentParser( - formatter_class=argparse.ArgumentDefaultsHelpFormatter) + # Inherit options from config_parser + parents=[conf_parser], + # print script description with -h/--help + description=__doc__, + formatter_class=argparse.ArgumentDefaultsHelpFormatter) parser.set_defaults(**defaults) parser.add_argument("--analytics-api-ip", help="IP address of Analytics API Server") parser.add_argument("--analytics-api-port", help="Port of Analytcis API Server") @@ -99,12 +130,10 @@ def parse_args(self): "--where", help="List of Where Terms to be ANDed", nargs='+') parser.add_argument( "--sort", help="List of Sort Terms", nargs='+') - parser.add_argument( - "--admin-user", help="Name of admin user", default="admin") - parser.add_argument( - "--admin-password", help="Password of admin user", - default="contrail123") - self._args = parser.parse_args() + self._args = parser.parse_args(remaining_argv) + + self._args.admin_user = args.admin_user + self._args.admin_password = args.admin_password if self._args.table is None and self._args.dtable is None: return -1