Add special handling for keystone_authtoken group

The keystone_authtoken options are created (not just registered) dynamically at runtime because of a need to not have a dependency on oslo.config in that library. As a result, there is no sane way to validate those options. This change adds a list of known problematic groups that we should ignore missing opts from. It also adds an info level log message that we are ignoring them so users know we can't confirm or deny the correctness of that piece of config. Change-Id: Ic2b36fe8be872d298a106c3f64905a5b935ced61
2019-03-27 15:55:02 +00:00 · 2019-03-27 15:55:02 +00:00 · 0c734acf17
commit 0c734acf17
parent c30d9c0a08
2 changed files with 33 additions and 15 deletions
--- a/doc/source/cli/validator.rst
+++ b/doc/source/cli/validator.rst
@ -28,15 +28,17 @@ location of the sample config generator configuration file, while
 ``--input-file`` should point at the location of the configuration file to be
 validated.

-Here's an example of using the validator on Nova as installed by Devstack::
+Here's an example of using the validator on Nova as installed by Devstack (with
+the option [foo]/bar added to demonstrate a failure)::

    $ oslo-config-validator --config-file /opt/stack/nova/etc/nova/nova-config-generator.conf --input-file /etc/nova/nova.conf
-    ERROR:root:keystone_authtoken/user_domain_name not found
-    ERROR:root:keystone_authtoken/password not found
-    ERROR:root:keystone_authtoken/project_domain_name not found
-    ERROR:root:keystone_authtoken/project_name not found
-    ERROR:root:keystone_authtoken/username not found
-    ERROR:root:keystone_authtoken/auth_url not found
+    ERROR:root:foo/bar not found
+    INFO:root:Ignoring missing option "project_domain_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "project_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "user_domain_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "password" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "username" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "auth_url" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.

 Machine-Readable Sample Config
 ------------------------------
@ -52,15 +54,17 @@ This file is then passed to the validator with ``--opt-data``, along with the
 config file to validated in ``--input-file`` as above.

 Here's an example of using the validator on Nova as installed by Devstack, with
-a sample config file ``config-data.yaml`` created by the config generator::
+a sample config file ``config-data.yaml`` created by the config generator (with
+the option [foo]/bar added to demonstrate a failure)::

    $ oslo-config-validator --opt-data config-data.yaml --input-file /etc/nova/nova.conf
-    ERROR:root:keystone_authtoken/username not found
-    ERROR:root:keystone_authtoken/project_domain_name not found
-    ERROR:root:keystone_authtoken/user_domain_name not found
-    ERROR:root:keystone_authtoken/project_name not found
-    ERROR:root:keystone_authtoken/password not found
-    ERROR:root:keystone_authtoken/auth_url not found
+    ERROR:root:foo/bar not found
+    INFO:root:Ignoring missing option "project_domain_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "project_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "user_domain_name" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "password" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "username" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.
+    INFO:root:Ignoring missing option "auth_url" from group "keystone_authtoken" because the group is known to have incomplete sample config data and thus cannot be validated properly.

 Handling Dynamic Groups
 -----------------------
@ -70,3 +74,7 @@ configuration. This is problematic for the validator because these groups won't
 be present in the sample config data. The ``--exclude-group`` option for the
 validator can be used to ignore such groups and allow the other options in a
 config file to be validated normally.
+
+.. note:: The ``keystone_authtoken`` group is always ignored because of the
+          unusual way the options from that library are generated. The sample
+          configuration data is known to be incomplete as a result.
--- a/oslo_config/validator.py
+++ b/oslo_config/validator.py
@ -57,6 +57,9 @@ _validator_opts = [
 ]


+KNOWN_BAD_GROUPS = ['keystone_authtoken']
+
+
 def _register_cli_opts(conf):
    """Register the formatter's CLI options with a ConfigOpts instance.

@ -109,6 +112,13 @@ def _validate(conf):
                logging.warn('Deprecated opt %s/%s found', section, option)
                warnings = True
            elif not _validate_opt(section, option, opt_data):
+                if section in KNOWN_BAD_GROUPS:
+                    logging.info('Ignoring missing option "%s" from group '
+                                 '"%s" because the group is known to have '
+                                 'incomplete sample config data and thus '
+                                 'cannot be validated properly.',
+                                 option, section)
+                    continue
                logging.error('%s/%s not found', section, option)
                errors = True
    if errors or (warnings and conf.fatal_warnings):
@ -119,7 +129,7 @@ def _validate(conf):
 def main():
    """The main function of oslo-config-validator."""
    version = pkg_resources.get_distribution('oslo.config').version
-    logging.basicConfig(level=logging.WARN)
+    logging.basicConfig(level=logging.INFO)
    conf = cfg.ConfigOpts()
    _register_cli_opts(conf)
    try: