galaxyproject · almahmoud · Jun 17, 2022 · Jun 21, 2022 · Jun 21, 2022 · Jun 21, 2022
diff --git a/django-cloudlaunch/cloudlaunch/backend_plugins/cloudman2/cloudman2_app.py b/django-cloudlaunch/cloudlaunch/backend_plugins/cloudman2/cloudman2_app.py
@@ -337,7 +337,7 @@ def delete_iam():
 GCP_CLOUD_CONF = \
     "[Global]\n"
 
-OPENSTACK_CLOUD_CONF = \
+OPENSTACK_CLOUD_CONF_USER = \
     "[Global]\n" \
     "username=\"$os_username\"\n" \
     "password=\"$os_password\"\n" \
@@ -349,6 +349,16 @@ def delete_iam():
     "ignore-volume-az=$os_ignore_volume_az\n"
 
 
+OPENSTACK_CLOUD_CONF_APP_CRED = \
+    "[Global]\n" \
+    "application-credential-id=\"$os_app_cred_id\"\n" \
+    "application-credential-secret=\"$os_app_cred_secret\"\n" \
+    "auth-url=$os_auth_url\n" \
+    "region=$os_region\n" \
+    "[BlockStorage]\n" \
+    "ignore-volume-az=$os_ignore_volume_az\n"
+
+
 class CloudMan2AnsibleAppConfigurer(AnsibleAppConfigurer):
     """Add CloudMan2 specific vars to playbook."""
 
@@ -391,26 +401,41 @@ def _gen_cloud_conf(self, provider_id, cloud_config):
             conf_template = GCP_CLOUD_CONF
             values = {}
         elif provider_id == "openstack":
-            # http://henriquetruta.github.io/openstack-cloud-provider/
-            conf_template = OPENSTACK_CLOUD_CONF
+            os_user = creds.get('os_username')
+            os_pass = creds.get('os_password')
             os_ignore_az = self._os_ignore_az(
                 zone.get('zone_id'),
                 zone.get('region', {}).get('cloudbridge_settings'))
-            if creds.get('os_user_domain_id'):
-                domain_entry = f"domain-id={creds.get('os_user_domain_id')}"
-            else:
-                domain_entry = f"domain-name={creds.get('os_user_domain_name')}"
-
             values = {
-                'os_username': creds.get('os_username'),
-                'os_password': creds.get('os_password'),
-                'domain_entry': domain_entry,
-                'os_tenant_name': creds.get('os_project_name'),
                 'os_auth_url': zone.get('cloud', {}).get('auth_url'),
                 'os_region': zone.get('region', {}).get('name'),
                 # https://github.com/kubernetes/kubernetes/issues/53488
                 'os_ignore_volume_az': os_ignore_az
             }
+
+            if os_user and os_pass:
+                # http://henriquetruta.github.io/openstack-cloud-provider/
+                conf_template = OPENSTACK_CLOUD_CONF_USER
+                if creds.get('os_user_domain_id'):
+                    domain_entry = f"domain-id={creds.get('os_user_domain_id')}"
+                else:
+                    domain_entry = f"domain-name={creds.get('os_user_domain_name')}"
+
+                values.update({
+                    'os_username': os_user,
+                    'os_password': os_pass,
+                    'domain_entry': domain_entry,
+                    'os_tenant_name': creds.get('os_project_name'),
+                })
+            else:
+                # Assuming app credentials if no user and pass set
+                conf_template = OPENSTACK_CLOUD_CONF_APP_CRED
+                values.update({
+                    # https://github.com/kubernetes/cloud-provider-openstack/blob/master/manifests/controller-manager/cloud-config
+                    'os_app_cred_id': creds.get('os_application_credential_id'),
+                    'os_app_cred_secret': creds.get('os_application_credential_secret'),
+                })
+
         return string.Template(conf_template).substitute(values)
 
     def _get_kube_cloud_settings(self, provider_config, cloud_config):

diff --git a/django-cloudlaunch/cloudlaunch/backend_plugins/cloudman2_app.py b/django-cloudlaunch/cloudlaunch/backend_plugins/cloudman2_app.py
@@ -336,7 +336,7 @@ def delete_iam():
 GCP_CLOUD_CONF = \
     "[Global]\n"
 
-OPENSTACK_CLOUD_CONF = \
+OPENSTACK_CLOUD_CONF_USER = \
     "[Global]\n" \
     "username=\"$os_username\"\n" \
     "password=\"$os_password\"\n" \
@@ -348,6 +348,15 @@ def delete_iam():
     "ignore-volume-az=$os_ignore_volume_az\n"
 
 
+OPENSTACK_CLOUD_CONF_APP_CRED = \
+    "[Global]\n" \
+    "application-credential-id=\"$os_app_cred_id\"\n" \
+    "application-credential-secret=\"$os_app_cred_secret\"\n" \
+    "auth-url=$os_auth_url\n" \
+    "region=$os_region\n" \
+    "[BlockStorage]\n" \
+    "ignore-volume-az=$os_ignore_volume_az\n"
+
 class CloudMan2AnsibleAppConfigurer(AnsibleAppConfigurer):
     """Add CloudMan2 specific vars to playbook."""
 
@@ -390,26 +399,44 @@ def _gen_cloud_conf(self, provider_id, cloud_config):
             conf_template = GCP_CLOUD_CONF
             values = {}
         elif provider_id == "openstack":
-            # http://henriquetruta.github.io/openstack-cloud-provider/
-            conf_template = OPENSTACK_CLOUD_CONF
-            os_ignore_az = self._os_ignore_az(
-                zone.get('zone_id'),
-                zone.get('region', {}).get('cloudbridge_settings'))
-            if creds.get('os_user_domain_id'):
-                domain_entry = f"domain-id={creds.get('os_user_domain_id')}"
+            os_user = creds.get('os_username')
+            os_pass = creds.get('os_password')
+            if os_user and os_pass:
+                # http://henriquetruta.github.io/openstack-cloud-provider/
+                conf_template = OPENSTACK_CLOUD_CONF_USER
+                os_ignore_az = self._os_ignore_az(
+                    zone.get('zone_id'),
+                    zone.get('region', {}).get('cloudbridge_settings'))
+                if creds.get('os_user_domain_id'):
+                    domain_entry = f"domain-id={creds.get('os_user_domain_id')}"
+                else:
+                    domain_entry = f"domain-name={creds.get('os_user_domain_name')}"
+
+                values = {
+                    'os_username': os_user,
+                    'os_password': os_pass,
+                    'domain_entry': domain_entry,
+                    'os_tenant_name': creds.get('os_project_name'),
+                    'os_auth_url': zone.get('cloud', {}).get('auth_url'),
+                    'os_region': zone.get('region', {}).get('name'),
+                    # https://github.com/kubernetes/kubernetes/issues/53488
+                    'os_ignore_volume_az': os_ignore_az
+                }
             else:
-                domain_entry = f"domain-name={creds.get('os_user_domain_name')}"
+                # Assuming app credentials if no user and pass set
+                conf_template = OPENSTACK_CLOUD_CONF_APP_CRED
+                os_ignore_az = self._os_ignore_az(
+                    zone.get('zone_id'),
+                    zone.get('region', {}).get('cloudbridge_settings'))
+                values = {
+                    # https://github.com/kubernetes/cloud-provider-openstack/blob/master/manifests/controller-manager/cloud-config
+                    'os_app_cred_id': creds.get('os_application_credential_id'),
+                    'os_app_cred_secret': creds.get('os_application_credential_secret'),
+                    'os_auth_url': zone.get('cloud', {}).get('auth_url'),
+                    'os_region': zone.get('region', {}).get('name'),
+                    'os_ignore_volume_az': os_ignore_az
+                }
 
-            values = {
-                'os_username': creds.get('os_username'),
-                'os_password': creds.get('os_password'),
-                'domain_entry': domain_entry,
-                'os_tenant_name': creds.get('os_project_name'),
-                'os_auth_url': zone.get('cloud', {}).get('auth_url'),
-                'os_region': zone.get('region', {}).get('name'),
-                # https://github.com/kubernetes/kubernetes/issues/53488
-                'os_ignore_volume_az': os_ignore_az
-            }
         return string.Template(conf_template).substitute(values)
 
     def _get_kube_cloud_settings(self, provider_config, cloud_config):

diff --git a/requirements.txt b/requirements.txt
@@ -2,6 +2,6 @@
 git+https://github.com/encode/django-rest-framework
 # install edge till this is released: https://github.com/celery/django-celery-results/issues/157
 git+https://github.com/celery/django-celery-results
-git+https://github.com/CloudVE/cloudbridge#egg=cloudbridge
-git+https://github.com/CloudVE/djcloudbridge#egg=djcloudbridge
+git+https://github.com/CloudVE/cloudbridge@os_app_creds_support#egg=cloudbridge[full]
+git+https://github.com/almahmoud/djcloudbridge@os_app_creds
 -e ".[prod]"
diff --git a/setup.py b/setup.py
@@ -43,7 +43,7 @@ def get_version(*file_paths):
 history = open('HISTORY.rst').read().replace('.. :changelog:', '')
 
 REQS_BASE = [
-    'Django>=3.0',
+    'Django<4.0',
     # ======== Celery =========
     'celery>=5.0',
     # celery results backend which uses the django DB
@@ -63,8 +63,8 @@ def get_version(*file_paths):
     # Provides REST API schema
     'coreapi>=2.2.3',
     # ======== CloudBridge =========
-    'cloudbridge',
-    'djcloudbridge',
+    'cloudbridge@git+https://github.com/CloudVE/cloudbridge@os_app_creds_support',
+    'djcloudbridge@git+https://github.com/almahmoud/djcloudbridge@os_app_creds',
     # ======== Django =========
     # Provides better inheritance support for django models
     'django-model-utils',