incubator-deltacloud-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mfoj...@redhat.com
Subject [PATCH core] Instance credentials managment (rev 2)
Date Fri, 30 Jul 2010 12:28:15 GMT
---
 server/deltacloud.rb                               |    1 +
 server/lib/deltacloud/base_driver/base_driver.rb   |   10 ++++
 server/lib/deltacloud/base_driver/features.rb      |    7 +++
 server/lib/deltacloud/drivers/ec2/ec2_driver.rb    |   48 ++++++++++++++++++
 .../lib/deltacloud/drivers/gogrid/gogrid_driver.rb |   25 +++++++++-
 .../lib/deltacloud/helpers/application_helper.rb   |    6 ++
 .../lib/deltacloud/models/instance_credential.rb   |   27 ++++++++++
 server/server.rb                                   |   52 +++++++++++++++++++-
 server/views/instance_credentials/index.html.haml  |   26 ++++++++++
 server/views/instance_credentials/index.xml.haml   |    4 ++
 server/views/instance_credentials/new.html.haml    |    8 +++
 server/views/instance_credentials/show.html.haml   |   22 ++++++++
 server/views/instance_credentials/show.xml.haml    |   22 ++++++++
 13 files changed, 256 insertions(+), 2 deletions(-)
 create mode 100644 server/lib/deltacloud/models/instance_credential.rb
 create mode 100644 server/views/instance_credentials/index.html.haml
 create mode 100644 server/views/instance_credentials/index.xml.haml
 create mode 100644 server/views/instance_credentials/new.html.haml
 create mode 100644 server/views/instance_credentials/show.html.haml
 create mode 100644 server/views/instance_credentials/show.xml.haml

diff --git a/server/deltacloud.rb b/server/deltacloud.rb
index 039b95f..a90ab15 100644
--- a/server/deltacloud.rb
+++ b/server/deltacloud.rb
@@ -9,6 +9,7 @@ require 'deltacloud/models/base_model'
 require 'deltacloud/models/realm'
 require 'deltacloud/models/image'
 require 'deltacloud/models/instance'
+require 'deltacloud/models/instance_credential'
 require 'deltacloud/models/instance_profile'
 require 'deltacloud/models/storage_snapshot'
 require 'deltacloud/models/storage_volume'
diff --git a/server/lib/deltacloud/base_driver/base_driver.rb b/server/lib/deltacloud/base_driver/base_driver.rb
index e4b5a7b..a7da90d 100644
--- a/server/lib/deltacloud/base_driver/base_driver.rb
+++ b/server/lib/deltacloud/base_driver/base_driver.rb
@@ -31,6 +31,16 @@ module Deltacloud
     end
   end
 
+  class BackendFeatureUnsupported < StandardError
+    attr_reader :code, :cause, :details
+    def initialize(code, cause, message, details)
+      super(message)
+      @code = code
+      @cause = cause
+      @details = details
+    end
+  end
+
   class BaseDriver
 
     def self.define_hardware_profile(name,&block)
diff --git a/server/lib/deltacloud/base_driver/features.rb b/server/lib/deltacloud/base_driver/features.rb
index 8ad354a..3ed4085 100644
--- a/server/lib/deltacloud/base_driver/features.rb
+++ b/server/lib/deltacloud/base_driver/features.rb
@@ -120,6 +120,13 @@ module Deltacloud
     #
     # Declaration of optional features
     #
+    declare_feature :images,  :owner_id do
+      description "Filter images using owner id"
+      operation :index do
+        param :owner_id,  :string,  :optional,  nil,  "Owner ID"
+      end
+    end
+
     declare_feature :instances, :user_name do
       description "Accept a user-defined name on instance creation"
       operation :create do
diff --git a/server/lib/deltacloud/drivers/ec2/ec2_driver.rb b/server/lib/deltacloud/drivers/ec2/ec2_driver.rb
index 890caa7..ca06f13 100644
--- a/server/lib/deltacloud/drivers/ec2/ec2_driver.rb
+++ b/server/lib/deltacloud/drivers/ec2/ec2_driver.rb
@@ -35,8 +35,13 @@ module Deltacloud
     module EC2
 class EC2Driver < Deltacloud::BaseDriver
 
+  def supported_collections
+    DEFAULT_COLLECTIONS + [ :instance_credentials ]
+  end
+
   feature :instances, :user_data
   feature :instances, :authentication_key
+  feature :images, :owner_id
 
   define_hardware_profile('m1.small') do
     cpu                1
@@ -270,6 +275,39 @@ class EC2Driver < Deltacloud::BaseDriver
     snapshots
   end
 
+  def instance_credential(credentials, opts=nil)
+    instance_credentials(credentials, opts).first
+  end
+
+  def instance_credentials(credentials, opts=nil)
+    ec2 = new_client( credentials )
+    opts[:key_name] = opts[:id] if opts and opts[:id]
+    keypairs = ec2.describe_keypairs(opts || {})
+    result = []
+    safely do
+      keypairs.keySet.item.each do |keypair|
+        result << convert_instance_credential(keypair)
+      end
+    end
+    result
+  end
+
+  def create_instance_credential(credentials, opts={})
+    instance_credential = InstanceCredential.new
+    ec2 = new_client( credentials )
+    safely do
+      instance_credential = convert_instance_credential(ec2.create_keypair(opts))
+    end
+    return instance_credential
+  end
+
+  def destroy_instance_credential(credentials, opts={})
+    safely do
+      ec2 = new_client( credentials )
+      ec2.delete_keypair(opts)
+    end
+  end
+
   private
 
   def new_client(credentials)
@@ -281,6 +319,16 @@ class EC2Driver < Deltacloud::BaseDriver
     AWS::EC2::Base.new(opts)
   end
 
+  def convert_instance_credential(instance_credential)
+    key=InstanceCredential.new({
+      :id => instance_credential['keyName'],
+      :fingerprint => instance_credential['keyFingerprint'],
+      :credential_type => :key
+    })
+    key.pem_rsa_key = instance_credential['keyMaterial'] if instance_credential['keyMaterial']
+    return key
+  end
+
   def convert_image(ec2_image)
     Image.new( {
       :id=>ec2_image['imageId'],
diff --git a/server/lib/deltacloud/drivers/gogrid/gogrid_driver.rb b/server/lib/deltacloud/drivers/gogrid/gogrid_driver.rb
index e8d21ca..ccc671b 100644
--- a/server/lib/deltacloud/drivers/gogrid/gogrid_driver.rb
+++ b/server/lib/deltacloud/drivers/gogrid/gogrid_driver.rb
@@ -44,7 +44,8 @@ class GogridDriver < Deltacloud::BaseDriver
   end
 
   def supported_collections
-    DEFAULT_COLLECTIONS.reject { |c| [ :storage_volumes, :storage_snapshots ].include?(c)
}
+    DEFAULT_COLLECTIONS.reject! { |c| [ :storage_volumes, :storage_snapshots ].include?(c)
}
+    DEFAULT_COLLECTIONS + [ :instance_credentials ]
   end
 
   def images(credentials, opts=nil)
@@ -175,6 +176,19 @@ class GogridDriver < Deltacloud::BaseDriver
     end
   end
 
+  def instance_credential(credentials, opts=nil)
+    instance_credentials(credentials, opts).first
+  end
+
+  def instance_credentials(credentials, opts=nil)
+    gogrid = new_client( credentials )
+    creds = []
+    gogrid.request('support/password/list')['list'].each do |password|
+      creds << convert_instance_credential(password)
+    end
+    return creds
+  end
+
   define_instance_states do
     start.to( :pending )         .automatically
     pending.to( :running )       .automatically
@@ -206,6 +220,15 @@ class GogridDriver < Deltacloud::BaseDriver
     return login_data
   end
 
+  def convert_instance_credential(password)
+    InstanceCredential.new({
+      :id => password['id'],
+      :username => password['username'],
+      :password => password['password'],
+      :credential_type => :password
+    })
+  end
+
   def convert_image(gg_image, owner_id=nil)
     Image.new( {
       :id=>gg_image['id'],
diff --git a/server/lib/deltacloud/helpers/application_helper.rb b/server/lib/deltacloud/helpers/application_helper.rb
index 94396d2..72ffc3f 100644
--- a/server/lib/deltacloud/helpers/application_helper.rb
+++ b/server/lib/deltacloud/helpers/application_helper.rb
@@ -106,4 +106,10 @@ module ApplicationHelper
     end
   end
 
+  def cdata(&block)
+    text = capture_haml(&block)
+    text.gsub!("\n", "\n ")
+    "<![CDATA[\n #{text}\n]]>"
+  end
+
 end
diff --git a/server/lib/deltacloud/models/instance_credential.rb b/server/lib/deltacloud/models/instance_credential.rb
new file mode 100644
index 0000000..bb0f5ed
--- /dev/null
+++ b/server/lib/deltacloud/models/instance_credential.rb
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2009  Red Hat, Inc.
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.  The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License.  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+class InstanceCredential < BaseModel
+
+  attr_accessor :credential_type
+  attr_accessor :fingerprint
+  attr_accessor :username
+  attr_accessor :password
+  attr_accessor :pem_rsa_key
+
+end
diff --git a/server/server.rb b/server/server.rb
index 2516d3e..0d2edce 100644
--- a/server/server.rb
+++ b/server/server.rb
@@ -100,7 +100,6 @@ END
     "owner_id" and "architecture" parameter
 END
     param :id,            :string
-    param :owner_id,      :string
     param :architecture,  :string,  :optional
     control { filter_all(:images) }
   end
@@ -300,3 +299,54 @@ collection :storage_volumes do
     control { show(:storage_volume) }
   end
 end
+
+get '/api/instance_credentials/new' do
+  respond_to do |format|
+    format.html { haml :"instance_credentials/new" }
+  end
+end
+
+collection :instance_credentials do
+  description "Instance authentication credentials"
+
+  operation :index do
+    description "List all available credentials which could be used for instance authentication"
+    control { filter_all :instance_credentials }
+  end
+
+  operation :show do
+    description "Show details about given instance credential"
+    param :id,  :string,  :required
+    control { show :instance_credential }
+  end
+
+  operation :create do
+    description "Create a new instance credential if backend supports this"
+    param :name,  :string,  :required
+    control do
+      unless driver.respond_to?(:create_instance_credential)
+        raise Deltacloud::BackendFeatureUnsupported.new('501',
+          'Creating instance credentials is not supported in backend')
+      end
+      @instance_credential = driver.create_instance_credential(credentials, { :key_name =>
params[:name] })
+      respond_to do |format|
+        format.html { haml :"instance_credentials/show" }
+        format.xml { haml :"instance_credentials/show" }
+      end
+    end
+  end
+
+  operation :destroy do
+    description "Destroy given instance credential if backend supports this"
+    param :id,  :string,  :required
+    control do
+      unless driver.respond_to?(:destroy_instance_credential)
+        raise Deltacloud::BackendFeatureUnsupported.new('501',
+          'Creating instance credentials is not supported in backend')
+      end
+      driver.destroy_instance_credential(credentials, { :key_name => params[:id]})
+      redirect(instance_credentials_url)
+    end
+  end
+
+end
diff --git a/server/views/instance_credentials/index.html.haml b/server/views/instance_credentials/index.html.haml
new file mode 100644
index 0000000..43345ab
--- /dev/null
+++ b/server/views/instance_credentials/index.html.haml
@@ -0,0 +1,26 @@
+%h1 Instance Credentials
+
+%table.display
+  %thead
+    %tr
+      %th ID
+      %th Credentials details
+      %th Actions
+  %tbody
+    - @elements.each do |instance_credential|
+      %tr
+        %td
+          = link_to instance_credential.id, instance_credential_url( instance_credential.id
)
+        %td
+          - if instance_credential.credential_type.eql?(:key)
+            = instance_credential.fingerprint
+          - if instance_credential.credential_type.eql?(:password)
+            = "#{instance_credential.username} - #{instance_credential.password}"
+        %td
+          - if driver.respond_to?(:destroy_instance_credential)
+            =link_to 'Destroy', destroy_instance_credential_url(instance_credential.id),
:class => 'delete'
+  %tfoot
+    - if driver.respond_to?(:create_instance_credential)
+      %tr
+        %td{:colspan => 3, :style => "text-align:right;"}
+          =link_to 'Create &raquo;', "#{url_for('/api/instance_credentials/new')}", :class
=> 'button'
diff --git a/server/views/instance_credentials/index.xml.haml b/server/views/instance_credentials/index.xml.haml
new file mode 100644
index 0000000..9293d64
--- /dev/null
+++ b/server/views/instance_credentials/index.xml.haml
@@ -0,0 +1,4 @@
+!!!XML
+%instance_credentials
+  - @elements.each do |c|
+    = haml :'instance_credentials/show', :locals => { :@instance_credential => c, :partial
=> true }
diff --git a/server/views/instance_credentials/new.html.haml b/server/views/instance_credentials/new.html.haml
new file mode 100644
index 0000000..ad16c19
--- /dev/null
+++ b/server/views/instance_credentials/new.html.haml
@@ -0,0 +1,8 @@
+%h1 New Keypair
+
+%form{ :action => '/api/instance_credentials', :method => :post }
+  %p
+    %label
+      Name:
+    %input{ :name => 'name', :size => 30 }/
+    %input{ :type => :submit, :name => "commit", :value => "create" }/
diff --git a/server/views/instance_credentials/show.html.haml b/server/views/instance_credentials/show.html.haml
new file mode 100644
index 0000000..d82f13f
--- /dev/null
+++ b/server/views/instance_credentials/show.html.haml
@@ -0,0 +1,22 @@
+%h1
+  = @instance_credential.id
+
+%dl
+  - if @instance_credential.credential_type.eql?(:key)
+    %di
+      %dt Fingerprint
+      %dd
+        = @instance_credential.fingerprint
+      - if @instance_credential.pem_rsa_key
+        %dt PEM key
+        %dd
+          %pre
+            = @instance_credential.pem_rsa_key
+  - if @instance_credential.credential_type.eql?(:password)
+    %di
+      %dt Username
+      %dd
+        = @instance_credential.username
+      %dt Password
+      %dd
+        = @instance_credential.password
diff --git a/server/views/instance_credentials/show.xml.haml b/server/views/instance_credentials/show.xml.haml
new file mode 100644
index 0000000..fde3daa
--- /dev/null
+++ b/server/views/instance_credentials/show.xml.haml
@@ -0,0 +1,22 @@
+- unless defined?(partial)
+  !!! XML
+%instance_credential{ :href => instance_credential_url(@instance_credential.id), :id =>
@instance_credential.id }
+  %actions
+    - if @instance_credential.respond_to?(:destroy_instance_credential)
+    %link{ :rel => "destroy", :method => "delete", :href => destroy_instance_credential_url(@instance_credential.id)}
+  %credential_type<
+    =@instance_credential.credential_type.to_s
+  - if @instance_credential.credential_type.eql?(:key)
+    %fingerprint<
+      =@instance_credential.fingerprint
+    - unless @instance_credential.pem_rsa_key.nil?
+      %pem<
+        =cdata do
+          =@instance_credential.pem_rsa_key
+  - if @instance_credential.credential_type.eql?(:password)
+    %username<
+      =cdata do
+        =@instance_credential.username
+    %password<
+      =cdata do
+        =@instance_credential.password
-- 
1.7.2


Mime
View raw message