Deprecate public-bucket-url

provider/openstack/provider.go

 // Copyright 2012, 2013 Canonical Ltd.
 // Licensed under the AGPLv3, see LICENCE file for details.
 
 // Stub provider for OpenStack, using goose will be implemented here
 
 package openstack
 
 import (
         "errors"
         "fmt"
@@ skipping 55 matching lines @@
 ## https://juju.ubuntu.com/docs/config-openstack.html
 openstack:
   type: openstack
   # Specifies whether the use of a floating IP address is required to give the nodes
   # a public IP address. Some installations assign public IP addresses by default without
   # requiring a floating IP address.
   # use-floating-ip: false
   admin-secret: {{rand}}
   # Globally unique swift bucket name
   control-bucket: juju-{{rand}}
+  # If set, tools-url specifies from where tools are fetched.
+  # tools-url:  https://you-tools-url
   # Usually set via the env variable OS_AUTH_URL, but can be specified here
   # auth-url: https://yourkeystoneurl:443/v2.0/
   # override if your workstation is running a different series to which you are deploying
   # default-series: precise
   # The following are used for userpass authentication (the default)
   auth-mode: userpass
   # Usually set via the env variable OS_USERNAME, but can be specified here
   # username: <your username>
   # Usually set via the env variable OS_PASSWORD, but can be specified here
   # password: <secret>
   # Usually set via the env variable OS_TENANT_NAME, but can be specified here
   # tenant-name: <your tenant name>
   # Usually set via the env variable OS_REGION_NAME, but can be specified here
   # region: <your region>
 
 ## https://juju.ubuntu.com/docs/config-hpcloud.html
 hpcloud:
   type: openstack
   # Specifies whether the use of a floating IP address is required to give the nodes
   # a public IP address. Some installations assign public IP addresses by default without
   # requiring a floating IP address.
   use-floating-ip: false
   admin-secret: {{rand}}
   # Globally unique swift bucket name
   control-bucket: juju-{{rand}}
   # Not required if env variable OS_AUTH_URL is set
   auth-url: https://yourkeystoneurl:35357/v2.0/
-  # URL denoting a public container holding the juju tools.
-  public-bucket-url: https://region-a.geo-1.objects.hpcloudsvc.com/v1/60502529753910
+  # URL denoting a location holding the juju tools.
+  tools-url: https://region-a.geo-1.objects.hpcloudsvc.com:443/v1/60502529753910/juju-dist/tools
   # override if your workstation is running a different series to which you are deploying
   # default-series: precise
   # The following are used for userpass authentication (the default)
   auth-mode: userpass
   # Usually set via the env variable OS_USERNAME, but can be specified here
   # username: <your username>
   # Usually set via the env variable OS_PASSWORD, but can be specified here
   # password: <secret>
   # Usually set via the env variable OS_TENANT_NAME, but can be specified here
   # tenant-name: <your tenant name>
@@ skipping 100 matching lines @@
         }
         if err != nil {
                 return nil, fmt.Errorf("cannot get %q: %v", uri, err)
         }
         return
 }
 
 type environ struct {
         name string
 
-        ecfgMutex             sync.Mutex
-        publicStorageMutex    sync.Mutex
-        imageBaseMutex        sync.Mutex
-        toolsBaseMutex        sync.Mutex
-        ecfgUnlocked          *environConfig
-        client                client.AuthenticatingClient
-        novaUnlocked          *nova.Client
-        storageUnlocked       storage.Storage
-        publicStorageUnlocked storage.StorageReader // optional.
+        ecfgMutex       sync.Mutex
+        imageBaseMutex  sync.Mutex
+        toolsBaseMutex  sync.Mutex
+        ecfgUnlocked    *environConfig
+        client          client.AuthenticatingClient
+        novaUnlocked    *nova.Client
+        storageUnlocked storage.Storage
         // An ordered list of sources in which to find the simplestreams index files used to
         // look up image ids.
         imageSources []simplestreams.DataSource
         // An ordered list of paths in which to find the simplestreams index files used to
         // look up tools ids.
         toolsSources []simplestreams.DataSource
 }
 
 var _ environs.Environ = (*environ)(nil)
 var _ imagemetadata.SupportsCustomSources = (*environ)(nil)
@@ skipping 169 matching lines @@
         return e.name
 }
 
 func (e *environ) Storage() storage.Storage {
         e.ecfgMutex.Lock()
         stor := e.storageUnlocked
         e.ecfgMutex.Unlock()
         return stor
 }
 
-// publicBucketURL gets the public bucket URL, either from env or keystone catalog.
-func (e *environ) publicBucketURL() string {
-        ecfg := e.ecfg()
-        publicBucketURL := ecfg.publicBucketURL()
-        if publicBucketURL == "" {
-                // No public bucket in env, so authenticate and look in keystone catalog.
-                if !e.client.IsAuthenticated() {
-                        e.client.Authenticate()
-                }
-                var err error
-                publicBucketURL, err = e.client.MakeServiceURL("juju-tools", nil)
-                if err != nil {
-                        return ""
-                }
-        }
-        return publicBucketURL
-}
-
 func (e *environ) PublicStorage() storage.StorageReader {
-        e.publicStorageMutex.Lock()
-        defer e.publicStorageMutex.Unlock()
-        ecfg := e.ecfg()
-        // If public storage has already been determined, return that instance.
-        publicStorage := e.publicStorageUnlocked
-        if publicStorage == nil && ecfg.publicBucket() == "" {
-                // If there is no public bucket name, then there can be no public storage.
-                e.publicStorageUnlocked = environs.EmptyStorage
-                publicStorage = e.publicStorageUnlocked
-        }
-        if publicStorage != nil {
-                return publicStorage
-        }
-        // If there is a public bucket URL defined, set up a public storage client referencing that URL,
-        // otherwise create a new public bucket using the user's credentials on the authenticated client.
-        publicBucketURL := e.publicBucketURL()
-        if publicBucketURL == "" {
-                e.publicStorageUnlocked = &openstackstorage{
-                        containerName: ecfg.publicBucket(),
-                        // this is possibly just a hack - if the ACL is swift.Private,
-                        // the machine won't be able to get the tools (401 error)
-                        containerACL: swift.PublicRead,
-                        swift:        swift.New(e.client)}
-        } else {
-                pc := client.NewPublicClient(publicBucketURL, nil)
-                e.publicStorageUnlocked = &openstackstorage{
-                        containerName: ecfg.publicBucket(),
-                        containerACL:  swift.PublicRead,
-                        swift:         swift.New(pc)}
-        }
-        publicStorage = e.publicStorageUnlocked
-        return publicStorage
+        // No public storage required. Tools are fetched from tools-url.
+        return environs.EmptyStorage
 }
 
 func (e *environ) Bootstrap(cons constraints.Value, possibleTools tools.List, machineID string) error {
         // The client's authentication may have been reset when finding tools if the agent-version
         // attribute was updated so we need to re-authenticate. This will be a no-op if already authenticated.
         // An authenticated client is needed for the URL() call below.
         err := e.client.Authenticate()
         if err != nil {
                 return err
         }
@@ skipping 50 matching lines @@
         // create new control storage instance, existing instances continue
         // to reference their existing configuration.
         // public storage instance creation is deferred until needed since authenticated
         // access to the identity service is required so that any juju-tools endpoint can be used.
         e.storageUnlocked = &openstackstorage{
                 containerName: ecfg.controlBucket(),
                 // this is possibly just a hack - if the ACL is swift.Private,
                 // the machine won't be able to get the tools (401 error)
                 containerACL: swift.PublicRead,
                 swift:        swift.New(e.client)}
-        e.publicStorageUnlocked = nil
         return nil
 }
 
 // GetImageSources returns a list of sources which are used to search for simplestreams image metadata.
 func (e *environ) GetImageSources() ([]simplestreams.DataSource, error) {
         e.imageBaseMutex.Lock()
         defer e.imageBaseMutex.Unlock()
 
         if e.imageSources != nil {
                 return e.imageSources, nil
         }
         if !e.client.IsAuthenticated() {
                 err := e.client.Authenticate()
                 if err != nil {
                         return nil, err
                 }
         }
         // Add the simplestreams source off the control bucket.
         e.imageSources = append(e.imageSources, storage.NewStorageSimpleStreamsDataSource(e.Storage(), ""))
-        // Add the simplestreams source off the public bucket.
-        e.imageSources = append(e.imageSources, storage.NewStorageSimpleStreamsDataSource(e.PublicStorage(), ""))
         // Add the simplestreams base URL from keystone if it is defined.
         productStreamsURL, err := e.client.MakeServiceURL("product-streams", nil)
         if err == nil {
                 e.imageSources = append(e.imageSources, simplestreams.NewURLDataSource(productStreamsURL))
         }
         return e.imageSources, nil
 }
 
 // GetToolsSources returns a list of sources which are used to search for simplestreams tools metadata.
 func (e *environ) GetToolsSources() ([]simplestreams.DataSource, error) {
@@ skipping 542 matching lines @@
         }, nil
 }
 
 // Region is specified in the HasRegion interface.
 func (e *environ) Region() (simplestreams.CloudSpec, error) {
         return simplestreams.CloudSpec{
                 Region:   e.ecfg().region(),
                 Endpoint: e.ecfg().authURL(),
         }, nil
 }