Cross Reference: /solaris-userland/components/openstack/keystone/files/keystone-upgrade

	keystone-upgrade revision 5403
1N/A#!/usr/bin/python2.7
1N/A
1N/A# Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
1N/A#
1N/A#    Licensed under the Apache License, Version 2.0 (the "License"); you may
1N/A#    not use this file except in compliance with the License. You may obtain
1N/A#    a copy of the License at
1N/A#
1N/A#         http://www.apache.org/licenses/LICENSE-2.0
1N/A#
1N/A#    Unless required by applicable law or agreed to in writing, software
1N/A#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
1N/A#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
1N/A#    License for the specific language governing permissions and limitations
1N/A#    under the License.
1N/A
1N/Aimport glob
1N/Aimport os
1N/Afrom subprocess import check_call, Popen, PIPE
1N/Aimport sys
1N/Aimport traceback
1N/A
1N/Aimport iniparse
1N/Aimport smf_include
1N/Aimport sqlalchemy
1N/A
1N/Afrom openstack_common import alter_mysql_tables, create_backups, modify_conf
1N/A
1N/A
1N/AKEYSTONE_CONF_MAPPINGS = {
1N/A    # Deprecated group/name
1N/A    ('DEFAULT', 'admin_bind_host'): ('eventlet_server', 'admin_bind_host'),
1N/A    ('DEFAULT', 'admin_workers'): ('eventlet_server', 'admin_workers'),
1N/A    ('DEFAULT', 'admin_port'): ('eventlet_server', 'admin_port'),
1N/A    ('DEFAULT', 'tcp_keepidle'): ('eventlet_server', 'tcp_keepidle'),
1N/A    ('ssl', 'cert_required'): ('eventlet_server_ssl', 'cert_required'),
1N/A    ('DEFAULT', 'public_port'): ('eventlet_server', 'public_port'),
1N/A    ('DEFAULT', 'public_bind_host'): ('eventlet_server', 'public_bind_host'),
1N/A    ('DEFAULT', 'tcp_keepalive'): ('eventlet_server', 'tcp_keepalive'),
1N/A    ('DEFAULT', 'public_workers'): ('eventlet_server', 'public_workers'),
1N/A    ('ssl', 'keyfile'): ('eventlet_server_ssl', 'keyfile'),
1N/A    ('ssl', 'ca_certs'): ('eventlet_server_ssl', 'ca_certs'),
1N/A    ('ssl', 'enable'): ('eventlet_server_ssl', 'enable'),
1N/A    ('ssl', 'certfile'): ('eventlet_server_ssl', 'certfile'),
1N/A    ('DEFAULT', 'max_request_body_size'):
1N/A        ('oslo_middleware', 'max_request_body_size'),
1N/A    ('assignment', 'list_limit'): ('resource', 'list_limit'),
1N/A    ('assignment', 'caching'): ('resource', 'caching'),
1N/A    ('assignment', 'cache_time'): ('resource', 'cache_time'),
1N/A    ('token', 'revocation_cache_time'): ('revoke', 'cache_time'),
1N/A    ('DEFAULT', 'log-format'): (None, None),
1N/A    ('DEFAULT', 'use-syslog'): (None, None),
1N/A}
1N/A
1N/AKEYSTONE_CONF_EXCEPTIONS = [
1N/A    ('eventlet_server', 'public_workers'),
1N/A    ('eventlet_server', 'admin_workers'),
1N/A    ('database', 'connection'),
1N/A]
1N/A
1N/A
1N/Adef start():
1N/A    # pull out the current version of config/upgrade-id
1N/A    p = Popen(['/usr/bin/svcprop', '-p', 'config/upgrade-id',
1N/A               os.environ['SMF_FMRI']], stdout=PIPE, stderr=PIPE)
1N/A    curr_ver, _err = p.communicate()
1N/A    curr_ver = curr_ver.strip()
1N/A
1N/A    # extract the openstack-upgrade-id from the pkg
1N/A    p = Popen(['/usr/bin/pkg', 'contents', '-H', '-t', 'set', '-o', 'value',
1N/A               '-a', 'name=openstack.upgrade-id',
1N/A               'pkg:/cloud/openstack/keystone'], stdout=PIPE, stderr=PIPE)
1N/A    pkg_ver, _err = p.communicate()
1N/A    pkg_ver = pkg_ver.strip()
1N/A
1N/A    if curr_ver == pkg_ver:
1N/A        # No need to upgrade
1N/A        sys.exit(smf_include.SMF_EXIT_OK)
1N/A
1N/A    # look for any .new files
1N/A    if glob.glob('/etc/keystone/*.new'):
1N/A        # the versions are different, so perform an upgrade
1N/A        # modify the configuration files
1N/A
1N/A        # backup all the old configuration files
1N/A        create_backups('/etc/keystone')
1N/A
1N/A        modify_conf('/etc/keystone/keystone.conf', KEYSTONE_CONF_MAPPINGS,
1N/A                    KEYSTONE_CONF_EXCEPTIONS)
1N/A        modify_conf('/etc/keystone/keystone-paste.ini')
1N/A        modify_conf('/etc/keystone/logging.conf')
1N/A
1N/A    config = iniparse.RawConfigParser()
1N/A    config.read('/etc/keystone/keystone.conf')
1N/A    # In certain cases the database section does not exist and the
1N/A    # default database chosen is sqlite.
1N/A    if config.has_section('database'):
1N/A        db_connection = config.get('database', 'connection')
1N/A
1N/A        if db_connection.startswith('mysql'):
1N/A            engine = sqlalchemy.create_engine(db_connection)
1N/A            if engine.url.username != '%SERVICE_USER%':
1N/A                alter_mysql_tables(engine)
1N/A                print "altered character set to utf8 in keystone tables"
1N/A
1N/A    # update the current version
1N/A    check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'setprop',
1N/A               'config/upgrade-id', '=', pkg_ver])
1N/A    check_call(['/usr/sbin/svccfg', '-s', os.environ['SMF_FMRI'], 'refresh'])
1N/A
1N/A    sys.exit(smf_include.SMF_EXIT_OK)
1N/A
1N/A
1N/Aif __name__ == '__main__':
1N/A    os.putenv('LC_ALL', 'C')
1N/A    try:
1N/A        smf_include.smf_main()
1N/A    except RuntimeError:
1N/A        sys.exit(smf_include.SMF_EXIT_ERR_FATAL)
1N/A    except Exception as err:
        print 'Unknown error:  %s' % err
        print
        traceback.print_exc(file=sys.stdout)
        sys.exit(smf_include.SMF_EXIT_ERR_FATAL)