From c496750d93ab525a42f05f7c38c717e4cdefaa9f Mon Sep 17 00:00:00 2001 From: Joshua Hesketh Date: Thu, 15 May 2014 06:39:14 -0700 Subject: Provide swift credentials without requiring a connection To generate the hmac details for the swift FormPost middleware you do not need to actually connect to swift if you know the URL key and storage path. Change the configuration to reflect this and only connect if required. Change-Id: Iad5008ca2707ef5310b172fe3b6844e51bee2372 --- doc/source/zuul.rst | 27 ++++++++++++++++++++------- zuul/lib/swift.py | 26 ++++++++++++++++---------- 2 files changed, 36 insertions(+), 17 deletions(-) diff --git a/doc/source/zuul.rst b/doc/source/zuul.rst index ef6259c4e..fec719878 100644 --- a/doc/source/zuul.rst +++ b/doc/source/zuul.rst @@ -185,9 +185,27 @@ To send (optional) swift upload instructions this section must be present. Multiple destinations can be defined in the :ref:`jobs` section of the layout. -**authurl** - The (keystone) Auth URL for swift +**X-Account-Meta-Temp-Url-Key** (optional) + This is the key used to sign the HMAC message. If you do not set a + key Zuul will generate one automatically. + +**Send-Temp-Url-Key** (optional) + Zuul can send the X-Account-Meta-Temp-Url-Key to swift for you if + you have set up the appropriate credentials in ``authurl`` below. + This isn't necessary if you know and have set your + X-Account-Meta-Temp-Url-Key. + ``default: true`` + +**X-Storage-Url** (optional) + The storage URL is the destination to upload files into. If you do + not set this the ``authurl`` credentials are used to fetch the url + from swift. + +**authurl** (optional) + The (keystone) Auth URL for swift. ``For example, https://identity.api.rackspacecloud.com/v2.0/`` + This is required if you have Send-Temp-Url-Key set to ``True`` or + if you have not supplied the X-Storage-Url. Any of the `swiftclient connection parameters`_ can also be defined here by the same name. Including the os_options by their key name ( @@ -195,11 +213,6 @@ here by the same name. Including the os_options by their key name ( .. _swiftclient connection parameters: http://docs.openstack.org/developer/python-swiftclient/swiftclient.html#module-swiftclient.client -**X-Account-Meta-Temp-Url-Key** (optional) - This is the key used to sign the HMAC message. zuul will send the - key to swift for you so you only need to define it here. If you do - not set a key zuul will generate one automatically. - **region_name** (optional) The region name holding the swift container ``For example, SYD`` diff --git a/zuul/lib/swift.py b/zuul/lib/swift.py index 2cbd05e86..c5d540c77 100644 --- a/zuul/lib/swift.py +++ b/zuul/lib/swift.py @@ -39,16 +39,29 @@ class Swift(object): ) self.storage_url = '' + if self.config.has_option('swift', 'X-Storage-Url'): + self.storage_url = self.config.get('swift', 'X-Storage-Url') try: - self.connect() + if self.config.has_section('swift'): + if (not self.config.has_option('swift', 'Send-Temp-Url-Key') + or self.config.getboolean('swift', 'Send-Temp-Url-Key')): + self.connect() + + # Tell swift of our key + headers = {} + headers['X-Account-Meta-Temp-Url-Key'] = self.secure_key + self.connection.post_account(headers) + + if not self.config.has_option('swift', 'X-Storage-Url'): + self.connect() + self.storage_url = self.connection.get_auth()[0] except Exception as e: self.log.warning("Unable to set up swift. Signed storage URL is " "likely to be wrong. %s" % e) def connect(self): - if self.config.has_section('swift'): - # required + if not self.connection: authurl = self.config.get('swift', 'authurl') user = (self.config.get('swift', 'user') @@ -105,13 +118,6 @@ class Swift(object): auth_version=auth_version, cacert=cacert, insecure=insecure, ssl_compression=ssl_compression) - # Tell swift of our key - headers = {} - headers['X-Account-Meta-Temp-Url-Key'] = self.secure_key - self.connection.post_account(headers) - - self.storage_url, self.auth_token = self.connection.get_auth() - def generate_form_post_middleware_params(self, destination_prefix='', **kwargs): """Generate the FormPost middleware params for the given settings""" -- cgit v1.2.1