Remove credentials for glance S3 testing.

Some glance "unit" tests connect to a remote S3 account, but this is
not in the spirit of proper unit testing and it's unclear whether
the tests are even run any longer. Also, it would be best not to
have credentials for remote services sitting on Jenkins unit test
slaves as they're accessible to any other tests and could be
trivially exposed.

Change-Id: I2cf76f9a77efc08598e803d3413bb719e84bfe6a
Reviewed-on: https://review.openstack.org/25921
Reviewed-by: Clark Boylan <clark.boylan@gmail.com>
Reviewed-by: James E. Blair <corvus@inaugust.com>
Reviewed-by: Monty Taylor <mordred@inaugust.com>
Reviewed-by: Mark Washenberger <mark.washenberger@markwash.net>
Approved: Jeremy Stanley <fungi@yuggoth.org>
Reviewed-by: Jeremy Stanley <fungi@yuggoth.org>
Tested-by: Jenkins
This commit is contained in:
Jeremy Stanley 2013-04-02 17:18:59 +00:00 committed by Jenkins
parent 87ccf71b58
commit 35ccdfc175
3 changed files with 12 additions and 97 deletions

View File

@ -290,10 +290,9 @@ node /^quantal.*\.slave\.openstack\.org$/ {
certname => 'quantal.slave.openstack.org', certname => 'quantal.slave.openstack.org',
sysadmins => hiera('sysadmins'), sysadmins => hiera('sysadmins'),
} }
class { 'openstack_project::glancetest': file { '/home/jenkins/.config/glance':
s3_store_access_key => hiera('s3_store_access_key'), ensure => absent,
s3_store_secret_key => hiera('s3_store_secret_key'), recurse => true,
s3_store_bucket => hiera('s3_store_bucket'),
} }
include jenkins::cgroups include jenkins::cgroups
include ulimit include ulimit
@ -311,10 +310,9 @@ node /^precise.*\.slave\.openstack\.org$/ {
certname => 'precise.slave.openstack.org', certname => 'precise.slave.openstack.org',
sysadmins => hiera('sysadmins'), sysadmins => hiera('sysadmins'),
} }
class { 'openstack_project::glancetest': file { '/home/jenkins/.config/glance':
s3_store_access_key => hiera('s3_store_access_key'), ensure => absent,
s3_store_secret_key => hiera('s3_store_secret_key'), recurse => true,
s3_store_bucket => hiera('s3_store_bucket'),
} }
include jenkins::cgroups include jenkins::cgroups
include ulimit include ulimit
@ -332,10 +330,9 @@ node /^oneiric.*\.slave\.openstack\.org$/ {
certname => 'oneiric.slave.openstack.org', certname => 'oneiric.slave.openstack.org',
sysadmins => hiera('sysadmins'), sysadmins => hiera('sysadmins'),
} }
class { 'openstack_project::glancetest': file { '/home/jenkins/.config/glance':
s3_store_access_key => hiera('s3_store_access_key'), ensure => absent,
s3_store_secret_key => hiera('s3_store_secret_key'), recurse => true,
s3_store_bucket => hiera('s3_store_bucket'),
} }
include jenkins::cgroups include jenkins::cgroups
include ulimit include ulimit
@ -354,10 +351,9 @@ node /^rhel6.*\.slave\.openstack\.org$/ {
certname => 'rhel6.slave.openstack.org', certname => 'rhel6.slave.openstack.org',
sysadmins => hiera('sysadmins'), sysadmins => hiera('sysadmins'),
} }
class { 'openstack_project::glancetest': file { '/home/jenkins/.config/glance':
s3_store_access_key => hiera('s3_store_access_key'), ensure => absent,
s3_store_secret_key => hiera('s3_store_secret_key'), recurse => true,
s3_store_bucket => hiera('s3_store_bucket'),
} }
include jenkins::cgroups include jenkins::cgroups
include ulimit include ulimit

View File

@ -1,32 +0,0 @@
# == Class: openstack_project::glancetest
#
class openstack_project::glancetest(
$s3_store_access_key = '',
$s3_store_secret_key = '',
$s3_store_bucket = '',
$s3_store_host = 's3.amazonaws.com',
) {
file { 'jenkinsglanceconfigdir':
ensure => directory,
name => '/home/jenkins/.config/glance',
owner => 'jenkins',
group => 'jenkins',
mode => '0700',
require => Class['::jenkins::jenkinsuser'],
}
file { 'glances3conf':
ensure => present,
name => '/home/jenkins/.config/glance/s3.conf',
owner => 'jenkins',
group => 'jenkins',
mode => '0400',
require => File['jenkinsglanceconfigdir'],
content => template('openstack_project/glance_s3.conf.erb'),
}
file { '/home/jenkins/.config/glance/swift.conf':
ensure => absent,
}
}

View File

@ -1,49 +0,0 @@
[DEFAULT]
# Which backend store should Glance use by default is not specified
# in a request to add a new image to Glance? Default: 'file'
# Available choices are 'file', 'swift', and 's3'
default_store = s3
# ============ S3 Store Options =============================
# Address where the S3 authentication service lives
s3_store_host = <%= s3_store_host %>
# User to authenticate against the S3 authentication service
s3_store_access_key = <%= s3_store_access_key %>
# Auth key for the user authenticating against the
# S3 authentication service
s3_store_secret_key = <%= s3_store_secret_key %>
# Container within the account that the account should use
# for storing images in S3. Note that S3 has a flat namespace,
# so you need a unique bucket name for your glance images. An
# easy way to do this is append your AWS access key to "glance".
# S3 buckets in AWS *must* be lowercased, so remember to lowercase
# your AWS access key if you use it in your bucket name below!
s3_store_bucket = <%= s3_store_bucket %>
# Do we create the bucket if it does not exist?
s3_store_create_bucket_on_put = True
[pipeline:glance-api]
pipeline = versionnegotiation context apiv1app
[pipeline:versions]
pipeline = versionsapp
[app:versionsapp]
paste.app_factory = glance.api.versions:app_factory
[app:apiv1app]
paste.app_factory = glance.api.v1:app_factory
[filter:versionnegotiation]
paste.filter_factory = glance.api.middleware.version_negotiation:filter_factory
[filter:imagecache]
paste.filter_factory = glance.api.middleware.image_cache:filter_factory
[filter:context]
paste.filter_factory = glance.common.context:filter_factory