← Back to branch summary

~bcsaller/charms/trusty/cloudfoundry/progressbar

« back to all changes in this revision

Viewing changes to cloudfoundry/contexts.py

  • Committer: Benjamin Saller
  • Date: 2014-11-07 21:10:56 UTC
  • mfrom: (145.1.13 trunk)
  • Revision ID: benjamin.saller@canonical.com-20141107211056-zu7scr425xyv042x
merge mega

Show diffs side-by-side

added added

removed removed

Lines of Context:
cloudfoundry/contexts.py
32
32
        return list(units)
33
33
 
34
34
    def get_first(self, key=None):
 
35
        if not self.get(self.name, []):
 
36
            return None if key is not None else {}
35
37
        data = self[self.name][0]
36
38
        return data[key] if key is not None else data
37
39
 
144
146
 
145
147
    def erb_mapping(self):
146
148
        data = self[self.name][0]
 
149
        creds = CloudFoundryCredentials()
 
150
        users = []
 
151
        if creds.is_ready():
 
152
            users.append(
 
153
                '%s|%s|scim.write,scim.read,openid,cloud_controller.admin' % (
 
154
                    creds.get_first('admin-user'),
 
155
                    creds.get_first('admin-password')
 
156
                )
 
157
            )
 
158
        orch = OrchestratorRelation()
 
159
        sru = None
 
160
        if orch.is_ready():
 
161
            sru = 'http://servicesmgmt.{}/auth/cloudfoundry/callback'.format(
 
162
                orch.get_first('domain'))
147
163
        return {
148
164
            'uaa.login.client_secret': data['login_client_secret'],
149
165
            'uaa.admin.client_secret': data['admin_client_secret'],
152
168
            'uaa.port': data['port'],
153
169
            'uaa.require_https': False,  # FIXME: Add SSL as an option; requires cert
154
170
            'uaa.no_ssl': True,
155
 
            'uaa.scim.users': [
156
 
                'admin|admin|scim.write,scim.read,openid,cloud_controller.admin',  # FIXME: Don't hard-code
157
 
            ],
 
171
            'uaa.scim.users': users,
158
172
            'uaa.clients': {
159
173
                'cc_service_broker_client': {
160
174
                    'secret': data['service_broker_client_secret'],
167
181
                    'authorized-grant-types': 'authorization_code,client_credentials,password,implicit',
168
182
                    'autoapprove': True,
169
183
                    'override': True,
170
 
                    'redirect-uri': 'http://servicesmgmt.10.244.0.34.xip.io/auth/cloudfoundry/callback',
 
184
                    'redirect-uri': sru,
171
185
                    'scope': 'openid,cloud_controller.read,cloud_controller.write',
172
186
                    'secret': data['servicesmgmt_client_secret'],
173
187
                },
429
443
    """
430
444
    name = "credentials"
431
445
    interface = "cloudfoundry-credentials"
 
446
    required_keys = ['admin-user', 'admin-password']
 
447
 
 
448
    def get_admin_password(self):
 
449
        config = hookenv.config()
 
450
        if config['admin_password']:
 
451
            return config['admin_password']
 
452
        else:
 
453
            secret_context = StoredContext('cf-secrets.yml', {
 
454
                'admin_password': host.pwgen(20),
 
455
            })
 
456
            return secret_context['admin_password']
432
457
 
433
458
    def provide_data(self):
434
 
        # TODO: this must come from generated or a UAA related identity
435
 
        # provider
436
459
        return {
437
460
            'admin-user': 'admin',
438
 
            'admin-password': 'admin'
 
461
            'admin-password': self.get_admin_password(),
439
462
        }
440
463
 
441
464