Skip to content

Commit

Permalink
Replicate auth initialization for FS and OS
Browse files Browse the repository at this point in the history 
Signed-off-by: Ondrej Vasko <[email protected]>
  • Loading branch information
@Lirt
Lirt committed Apr 6, 2024
1 parent c7b264f commit eaa366c
Show file tree
Hide file tree
Showing 9 changed files with 205 additions and 57 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ Recommended way of using this plugin with restic is to use authentication with e

```bash
# test and build code
go test -v ./...
go test -v -count 1 ./...
go mod tidy
go build

Expand Down
8 changes: 4 additions & 4 deletions docs/installation-using-cli.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ spec:
cloud: ""
# optional Region:
# in case multiple regions exist in a single cloud, select which region
# will be used for backups.
# will be used for cinder volume backups.
region: ""
# optional snapshot method:
# * "snapshot" is a default cinder snapshot method
Expand Down Expand Up @@ -98,12 +98,12 @@ spec:
provider: community.openstack.org/openstack-manila
config:
# optional Cloud:
# in case clouds.yaml is used as authentication method, cloud allows
# user to select which cloud from the clouds.yaml to use for volume backups
# in case clouds.yaml is used as authentication method, cloud allows user
# to select which cloud from the clouds.yaml to use for manila share backups
cloud: ""
# optional Region:
# in case multiple regions exist in a single cloud, select which region
# will be used for backups.
# will be used for manila share backups.
region: ""
# optional snapshot method:
# * "snapshot" is a default manila snapshot method
Expand Down
6 changes: 3 additions & 3 deletions docs/installation-using-helm.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,12 +70,12 @@ configuration:
provider: community.openstack.org/openstack-manila
config:
# optional Cloud:
# in case clouds.yaml is used as authentication method, cloud allows
# user to select which cloud from the clouds.yaml to use for volume backups
# in case clouds.yaml is used as authentication method, cloud allows user
# to select which cloud from the clouds.yaml to use for manila share backups
cloud: ""
# optional Region:
# in case multiple regions exist in a single cloud, select which region
# will be used for backups.
# will be used for manila share backups.
region: ""
# optional snapshot method:
# * "snapshot" is a default manila snapshot method
Expand Down
32 changes: 10 additions & 22 deletions src/cinder/block_store_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ const tokenResp = `{
"url": "http://localhost:35357"
}
],
"id": "854d03ceed4611ee82b09cb6d0fbac9d",
"type": "identity",
"id": "854d03ceed4611ee82b09cb6d0fbac9d",
"type": "identity",
"name": "keystone"
},
{
Expand Down Expand Up @@ -106,10 +106,10 @@ const tokenResp = `{
"project": {
"domain": {
"id": "8789d1",
"name": "example.com"
"name": "domain"
},
"id": "263fa9",
"name": "project-y"
"id": "04982538-f42b-11ee-a412-9cb6d0fbac9d",
"name": "project"
},
"roles": [
{
Expand All @@ -121,25 +121,13 @@ const tokenResp = `{
"name": "member"
}
],
"service_providers": [
{
"auth_url":"https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
"id": "sp1",
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
},
{
"auth_url":"https://other.example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
"id": "sp2",
"sp_url": "https://other.example.com:5000/Shibboleth.sso/SAML2/ECP"
}
],
"user": {
"domain": {
"id": "8789d1",
"name": "example.com"
"name": "domain"
},
"id": "0ca8f6",
"name": "Jane",
"id": "cf78e694-f42a-11ee-bfcc-9cb6d0fbac9d",
"name": "user",
"password_expires_at": "2026-11-06T15:32:17.000000"
}
}
Expand All @@ -148,9 +136,9 @@ const tokenResp = `{
// TestInit performs standard block store initialization
// which includes creation of auth client, authentication and
// creation of block storage client.
// In this test we use simple clouds.yaml and don't override
// In this test we use simple clouds.yaml and not override
// any option.
func TestInit(t *testing.T) {
func TestSimpleBlockStorageInit(t *testing.T) {
// Basic structs
log := logrus.New()
config := map[string]string{
Expand Down
2 changes: 1 addition & 1 deletion src/cinder/clouds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
clouds:
myCloud:
auth:
user_domain_name: users
user_domain_name: domain
auth_url: http://127.0.0.1:32498/v3
username: user
password: pass
Expand Down
2 changes: 1 addition & 1 deletion src/manila/clouds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ clouds:
myCloud:
auth:
user_domain_name: users
auth_url: http://127.0.0.1:32498/v3
auth_url: http://127.0.0.1:32499/v3
username: user
password: pass
project_name: project
Expand Down
38 changes: 13 additions & 25 deletions src/manila/fs_store_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,8 @@ const tokenResp = `{
"url": "http://localhost:35357"
}
],
"id": "854d03ceed4611ee82b09cb6d0fbac9d",
"type": "identity",
"id": "854d03ceed4611ee82b09cb6d0fbac9d",
"type": "identity",
"name": "keystone"
},
{
Expand Down Expand Up @@ -106,10 +106,10 @@ const tokenResp = `{
"project": {
"domain": {
"id": "8789d1",
"name": "example.com"
"name": "domain"
},
"id": "263fa9",
"name": "project-y"
"id": "04982538-f42b-11ee-a412-9cb6d0fbac9d",
"name": "project"
},
"roles": [
{
Expand All @@ -121,36 +121,24 @@ const tokenResp = `{
"name": "member"
}
],
"service_providers": [
{
"auth_url":"https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
"id": "sp1",
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
},
{
"auth_url":"https://other.example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
"id": "sp2",
"sp_url": "https://other.example.com:5000/Shibboleth.sso/SAML2/ECP"
}
],
"user": {
"domain": {
"id": "8789d1",
"name": "example.com"
"name": "domain"
},
"id": "0ca8f6",
"name": "Jane",
"id": "cf78e694-f42a-11ee-bfcc-9cb6d0fbac9d",
"name": "user",
"password_expires_at": "2026-11-06T15:32:17.000000"
}
}
}`

// TestInit performs standard block store initialization
// TestInit performs standard file share store initialization
// which includes creation of auth client, authentication and
// creation of block storage client.
// In this test we use simple clouds.yaml and don't override
// creation of shared filesystem client.
// In this test we use simple clouds.yaml and not override
// any option.
func TestInit(t *testing.T) {
func TestSimpleSharedFilesystemInit(t *testing.T) {
// Basic structs
log := logrus.New()
config := map[string]string{
Expand All @@ -161,7 +149,7 @@ func TestInit(t *testing.T) {
// Create fake provider client for authentication,
// prepare handler for authentication and redirect
// provider endpoint to fake client.
th.SetupPersistentPortHTTP(t, 32498)
th.SetupPersistentPortHTTP(t, 32499)
defer th.TeardownHTTP()
fakeClient.ServiceClient()
fs.provider = fakeClient.ServiceClient().ProviderClient
Expand Down
12 changes: 12 additions & 0 deletions src/swift/clouds.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# This file is only to perform unit test with clouds.yaml for which the path cannot be changed
clouds:
myCloud:
auth:
user_domain_name: users
auth_url: http://127.0.0.1:32500/v3
username: user
password: pass
project_name: project
project_domain_name: domain
# region_name: myRegion
identity_api_version: 3
160 changes: 160 additions & 0 deletions src/swift/object_store_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,166 @@ import (
"github.com/stretchr/testify/assert"
)

const ID = "0123456789"
const tokenResp = `{
"token": {
"audit_ids": ["VcxU2JYqT8OzfUVvrjEITQ", "qNUTIJntTzO1-XUk5STybw"],
"catalog": [
{
"endpoints": [
{
"id": "796186fced4611ee9e2c9cb6d0fbac9d",
"interface": "public",
"region": "RegionOne",
"url": "http://localhost:5000"
},
{
"id": "7c2bb2cced4611ee90c09cb6d0fbac9d",
"interface": "internal",
"region": "RegionOne",
"url": "http://localhost:5000"
},
{
"id": "8080e7b6ed4611ee88be9cb6d0fbac9d",
"interface": "admin",
"region": "RegionOne",
"url": "http://localhost:35357"
}
],
"id": "854d03ceed4611ee82b09cb6d0fbac9d",
"type": "identity",
"name": "keystone"
},
{
"endpoints": [
{
"id": "5fb3e04cc47345079bcccfa5a78d4de6",
"interface": "internal",
"region_id": "myRegion",
"url": "http://localhost/v3/955f0136ed4611ee9f489cb6d0fbac9d",
"region": "myRegion"
},
{
"id": "d48c520ef7b941c692100f24a1437864",
"interface": "public",
"region_id": "myRegion",
"url": "https://localhost/v3/955f0136ed4611ee9f489cb6d0fbac9d",
"region": "myRegion"
},
{
"id": "da15876d31f24af3afc3a69cb918c45f",
"interface": "admin",
"region_id": "myRegion",
"url": "https://localhost/v3/955f0136ed4611ee9f489cb6d0fbac9d",
"region": "myRegion"
}
],
"id": "439e9f0d9d224b88a9b01774a9948e5e",
"type": "object-store",
"name": "swift"
},
{
"endpoints": [
{
"id": "2bed9ab4ed4111eeb4229cb6d0fbac9d",
"interface": "internal",
"region_id": "secondRegion",
"url": "http://localhost2/v3/4c30519aed4111eeab909cb6d0fbac9d",
"region": "secondRegion"
},
{
"id": "3bd7f8caed4111eeb77a9cb6d0fbac9d",
"interface": "public",
"region_id": "secondRegion",
"url": "https://localhost2/v3/4c30519aed4111eeab909cb6d0fbac9d",
"region": "secondRegion"
},
{
"id": "46474c98ed4111eeb2839cb6d0fbac9d",
"interface": "admin",
"region_id": "secondRegion",
"url": "https://localhost2/v3/4c30519aed4111eeab909cb6d0fbac9d",
"region": "secondRegion"
}
],
"id": "4c30519aed4111eeab909cb6d0fbac9d",
"type": "object-store",
"name": "swift"
}
],
"expires_at": "2025-02-27T18:30:59.999999Z",
"is_domain": false,
"issued_at": "2025-02-27T16:30:59.999999Z",
"methods": [
"password"
],
"project": {
"domain": {
"id": "8789d1",
"name": "domain"
},
"id": "04982538-f42b-11ee-a412-9cb6d0fbac9d",
"name": "project"
},
"roles": [
{
"id": "86e72a",
"name": "admin"
},
{
"id": "e4f392",
"name": "member"
}
],
"user": {
"domain": {
"id": "8789d1",
"name": "domain"
},
"id": "cf78e694-f42a-11ee-bfcc-9cb6d0fbac9d",
"name": "user",
"password_expires_at": "2026-11-06T15:32:17.000000"
}
}
}`

// TestInit performs standard object store initialization
// which includes creation of auth client, authentication and
// creation of object storage client.
// In this test we use simple clouds.yaml and not override
// any options.
func TestSimpleObjectStorageInit(t *testing.T) {
// Basic structs
log := logrus.New()
config := map[string]string{
"cloud": "myCloud",
}
os := NewObjectStore(log)

// Create fake provider client for authentication,
// prepare handler for authentication and redirect
// provider endpoint to fake client.
th.SetupPersistentPortHTTP(t, 32500)
defer th.TeardownHTTP()
fakeClient.ServiceClient()
os.provider = fakeClient.ServiceClient().ProviderClient
os.provider.IdentityEndpoint = th.Endpoint()

th.Mux.HandleFunc("/v3/auth/tokens",
func(w http.ResponseWriter, r *http.Request) {
w.Header().Add("X-Subject-Token", ID)

w.WriteHeader(http.StatusCreated)
fmt.Fprint(w, tokenResp)
},
)

// Try to Init block storage. This involves authentication.
if err := os.Init(config); err != nil {
t.Error(err)
}
}

func handleGetObject(t *testing.T, container, object string, data []byte) {
th.Mux.HandleFunc(fmt.Sprintf("/%s/%s", container, object),
func(w http.ResponseWriter, r *http.Request) {
Expand Down

0 comments on commit eaa366c

Please sign in to comment.