| Scott Baker | 62c7eaf | 2018-05-22 15:59:26 -0700 | [diff] [blame] | 1 | |
| 2 | # Copyright 2017-present Open Networking Foundation |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | |
| 16 | |
| 17 | from synchronizers.new_base.ansible_helper import * |
| 18 | from synchronizers.new_base.modelaccessor import TrustDomain |
| 19 | from newopenstacksyncstep import NewOpenStackSyncStep |
| 20 | |
| 21 | from xosconfig import Config |
| 22 | from multistructlog import create_logger |
| 23 | |
| 24 | log = create_logger(Config().get('logging')) |
| 25 | |
| 26 | class SyncTrustDomain(NewOpenStackSyncStep): |
| 27 | provides=[TrustDomain] |
| 28 | requested_interval=0 |
| 29 | observes=TrustDomain |
| 30 | |
| 31 | def fetch_pending(self, deleted): |
| 32 | """ Figure out which TrustDomains are interesting to the OpenStack synchronizer. It's necessary to filter as |
| 33 | we're synchronizing a core model, and we only want to synchronize trust domains that will exist within |
| 34 | OpenStack. |
| 35 | """ |
| 36 | objs = super(SyncTrustDomain, self).fetch_pending(deleted) |
| 37 | for obj in objs[:]: |
| 38 | # If the TrustDomain isn't part of the OpenStack service, then it's someone else's trust domain |
| 39 | if "OpenStackService" not in obj.owner.leaf_model.class_names: |
| 40 | objs.remove(obj) |
| 41 | return objs |
| 42 | |
| 43 | def sync_record(self, trust_domain): |
| 44 | service = trust_domain.owner.leaf_model |
| 45 | conn = self.connect_openstack_admin(service) |
| 46 | |
| 47 | os_domain = conn.identity.find_domain(trust_domain.name) |
| 48 | if (os_domain): |
| 49 | log.info("Trust Domain already exists in openstack", trust_domain=trust_domain) |
| 50 | else: |
| 51 | log.info("Creating Trust Domain", trust_domain=trust_domain) |
| 52 | os_domain = conn.identity.create_domain(name=trust_domain.name) |
| 53 | |
| 54 | if os_domain.id != trust_domain.backend_handle: |
| 55 | trust_domain.backend_handle = os_domain.id |
| 56 | trust_domain.save(update_fields=["backend_handle"]) |
| 57 | |
| 58 | def delete_record(self, trust_domain): |
| 59 | service = trust_domain.owner.leaf_model |
| 60 | conn = self.connect_openstack_admin(service) |
| 61 | |
| 62 | os_domain = conn.identity.find_domain(trust_domain.name) |
| 63 | if (not os_domain): |
| 64 | log.info("Trust Domain already does not exist in openstack", trust_domain=trust_domain) |
| 65 | else: |
| 66 | if os_domain.is_enabled: |
| 67 | log.info("Disabling Trust Domain", trust_domain=trust_domain, os_id=os_domain.id) |
| 68 | os_domain=conn.identity.update_domain(os_domain.id, enabled=False) |
| 69 | log.info("Deleting Trust Domain", trust_domain=trust_domain, os_id=os_domain.id) |
| 70 | conn.identity.delete_domain(os_domain.id) |