diff --git a/src/spaceone/identity/conf/global_conf.py b/src/spaceone/identity/conf/global_conf.py index 3b7c28f2..ff78391c 100644 --- a/src/spaceone/identity/conf/global_conf.py +++ b/src/spaceone/identity/conf/global_conf.py @@ -79,6 +79,7 @@ "WorkspaceUser.create": ["password"], "Token.issue": ["credentials"], "Token.grant": ["token"], + "Job.sync_service_accounts": ["secret_data"], } } } diff --git a/src/spaceone/identity/service/job_service.py b/src/spaceone/identity/service/job_service.py index 4cd330e1..8c4a31c4 100644 --- a/src/spaceone/identity/service/job_service.py +++ b/src/spaceone/identity/service/job_service.py @@ -1,7 +1,7 @@ import logging import random from datetime import datetime, timedelta -from typing import Union, List +from typing import Union, List, Tuple from spaceone.core.service import * from spaceone.core.service.utils import * @@ -65,7 +65,7 @@ def create_jobs_by_trusted_account(self, params): current_hour = params.get("current_hour", datetime.utcnow().hour) for trusted_account_vo in self._get_all_schedule_enabled_trusted_accounts( - current_hour + current_hour ): try: self.created_service_account_job(trusted_account_vo, {}) @@ -327,7 +327,7 @@ def sync_service_accounts(self, params: dict) -> None: ) def created_service_account_job( - self, trusted_account_vo: TrustedAccount, job_options: dict + self, trusted_account_vo: TrustedAccount, job_options: dict ) -> Union[Job, dict]: resource_group = trusted_account_vo.resource_group provider = trusted_account_vo.provider @@ -431,10 +431,10 @@ def _get_trusted_secret_data(self, trusted_secret_id: str, domain_id: str) -> di return secret_data def _check_duplicate_job( - self, - domain_id: str, - trusted_account_id: str, - this_job_vo: Job, + self, + domain_id: str, + trusted_account_id: str, + this_job_vo: Job, ) -> bool: query = { "filter": [ @@ -458,7 +458,7 @@ def _check_duplicate_job( return False def _is_job_failed( - self, job_id: str, domain_id: str, workspace_id: str = None + self, job_id: str, domain_id: str, workspace_id: str = None ) -> bool: job_vo: Job = self.job_mgr.get_job(domain_id, job_id, workspace_id) @@ -468,10 +468,10 @@ def _is_job_failed( return False def _close_job( - self, - job_id: str, - domain_id: str, - workspace_id: str = None, + self, + job_id: str, + domain_id: str, + workspace_id: str = None, ): job_vo: Job = self.job_mgr.get_job(domain_id, job_id, workspace_id) if job_vo.status == "IN_PROGRESS": @@ -480,16 +480,18 @@ def _close_job( self.job_mgr.update_job_by_vo({"finished_at": datetime.utcnow()}, job_vo) def _create_workspace( - self, domain_id: str, trusted_account_id: str, location_info: dict + self, domain_id: str, trusted_account_id: str, location_info: dict ) -> Workspace: name = location_info.get("name") reference_id = location_info.get("resource_id") + + name, tags = self._check_duplicated_workspace_name(name, domain_id) workspace_vos = self.workspace_mgr.filter_workspaces( domain_id=domain_id, reference_id=reference_id, is_managed=True ) _LOGGER.debug( - f"[_create_workspace] {name} 'domain_id': {domain_id}, 'reference_id': {reference_id}, 'is_managed' :True count: {len(workspace_vos)}" + f"[_create_workspace] {name} 'domain_id': {domain_id}, 'reference_id': {reference_id} 'tags': {tags}, 'is_managed' :True count: {len(workspace_vos)}" ) params = {"trusted_account_id": trusted_account_id} @@ -506,7 +508,7 @@ def _create_workspace( { "name": name, "is_managed": True, - "tags": self._set_workspace_theme(), + "tags": self._set_workspace_theme(tags), "reference_id": reference_id, "domain_id": domain_id, "last_synced_at": datetime.utcnow(), @@ -516,12 +518,12 @@ def _create_workspace( return workspace_vo def _create_project_group( - self, - domain_id: str, - workspace_id: str, - trusted_account_id: str, - location_info: dict, - parent_group_id: str = None, + self, + domain_id: str, + workspace_id: str, + trusted_account_id: str, + location_info: dict, + parent_group_id: str = None, ) -> ProjectGroup: name = location_info["name"] reference_id = location_info["resource_id"] @@ -569,14 +571,14 @@ def _create_project_group( return project_group_vo def _create_project( - self, - result: dict, - domain_id: str, - workspace_id: str, - trusted_account_id: str, - project_group_id: str = None, - sync_options: dict = None, - project_type: str = "PRIVATE", + self, + result: dict, + domain_id: str, + workspace_id: str, + trusted_account_id: str, + project_group_id: str = None, + sync_options: dict = None, + project_type: str = "PRIVATE", ) -> Project: name = result["name"] reference_id = result["resource_id"] @@ -612,13 +614,13 @@ def _create_project( return project_vo def _create_service_account( - self, - result: dict, - project_vo: Project, - trusted_account_id: str, - trusted_secret_id: str, - provider: str, - sync_options: dict = None, + self, + result: dict, + project_vo: Project, + trusted_account_id: str, + trusted_secret_id: str, + provider: str, + sync_options: dict = None, ) -> Union[ServiceAccount, None]: domain_id = project_vo.domain_id workspace_id = project_vo.workspace_id @@ -703,6 +705,22 @@ def _create_service_account( ) return service_account_vo + # todo : temporary function need policy about duplicated workspace name + def _check_duplicated_workspace_name( + self, name: str, domain_id: str, tags: dict = None + ) -> Tuple[str, dict]: + workspace_vos = self.workspace_mgr.filter_workspaces( + domain_id=domain_id, name=name + ) + + if tags is None: + tags = {} + + if workspace_vos: + tags.update({"origin_name": name}) + name = f"{name} ({len(workspace_vos) + 1})" + return name, tags + @staticmethod def _get_location(result: dict, resource_group: str, sync_options: dict) -> list: location = []