Determine project name from oslo_config or local config

For services such as Swift, which may not be utilizing oslo_config, we need
to be able to determine the project name from local config. If project name
is specified in both local config and oslo_config, the one in local config will
be used instead.

In case project is undetermined (i.e. not set), we use taxonomy.UNKNOWN
as an indicator so operators can take corrective actions.

Change-Id: Ia95cbc9974d0c39c6b77d966cffdef2885350d77
Closes-Bug: 1583690

keystonemiddleware/audit.py

@@ -55,6 +55,7 @@ from keystonemiddleware.i18n import _LE, _LI
 
 
 _LOG = None
+AUDIT_MIDDLEWARE_GROUP = 'audit_middleware_notifications'
 
 _AUDIT_OPTS = [
     cfg.StrOpt('driver',
@@ -75,7 +76,8 @@ _AUDIT_OPTS = [
                     'notification. If not specified, we fall back to the same '
                     'configuration used for RPC.'),
 ]
-cfg.CONF.register_opts(_AUDIT_OPTS, group="audit_middleware_notifications")
+CONF = cfg.CONF
+CONF.register_opts(_AUDIT_OPTS, group=AUDIT_MIDDLEWARE_GROUP)
 
 
 def _log_and_ignore_error(fn):
@@ -342,6 +344,37 @@ class AuditMiddleware(object):
     http://docs.openstack.org/developer/keystonemiddleware/audit.html
     """
 
+    def _conf_get(self, name, group=AUDIT_MIDDLEWARE_GROUP):
+        # try config from paste-deploy first
+        if name in self._conf:
+            return self._conf[name]
+        else:
+            return CONF[group][name]
+
+    def _determine_project(self):
+        """Determine a project name from all available config sources.
+
+        The sources are checked in the following order:
+
+          1. The paste-deploy config for audit middleware
+          2. The audit_middleware_notifications in the project's config
+          3. The oslo.config CONF.project property
+
+        """
+        try:
+            return self._conf_get('project')
+        except cfg.NoSuchOptError:
+            try:
+                # CONF.project will exist only if the service uses
+                # oslo.config. It will only be set when the project
+                # calls CONF(...) and when not set oslo.config oddly
+                # raises a NoSuchOptError exception.
+                return CONF.project
+            except cfg.NoSuchOptError:
+                # Unable to determine the project so set it to something
+                # that is obvious so operators can mitigate.
+                return taxonomy.UNKNOWN
+
     @staticmethod
     def _get_aliases(proj):
         aliases = {}
@@ -361,12 +394,13 @@ class AuditMiddleware(object):
         self._application = app
         global _LOG
         _LOG = logging.getLogger(conf.get('log_name', __name__))
+        self._conf = conf
         self._service_name = conf.get('service_name')
         self._ignore_req_list = [x.upper().strip() for x in
                                  conf.get('ignore_req_list', '').split(',')]
         self._cadf_audit = OpenStackAuditApi(conf.get('audit_map_file'))
 
-        transport_aliases = self._get_aliases(cfg.CONF.project)
+        transport_aliases = self._get_aliases(self._determine_project())
         if messaging:
             transport = oslo_messaging.get_transport(
                 cfg.CONF,

keystonemiddleware/tests/unit/test_audit_middleware.py

@@ -17,6 +17,7 @@ import uuid
 
 import mock
 from oslo_config import cfg
+from pycadf import cadftaxonomy as taxonomy
 from testtools import matchers
 import webob
 
@@ -40,6 +41,8 @@ class FakeFailingApp(object):
 
 
 class BaseAuditMiddlewareTest(utils.BaseTestCase):
+    PROJECT_NAME = 'keystonemiddleware'
+
     def setUp(self):
         super(BaseAuditMiddlewareTest, self).setUp()
         self.fd, self.audit_map = tempfile.mkstemp()
@@ -57,7 +60,7 @@ class BaseAuditMiddlewareTest(utils.BaseTestCase):
             f.write("[service_endpoints]\n")
             f.write("compute = service/compute")
 
-        cfg.CONF([], project='keystonemiddleware')
+        cfg.CONF([], project=self.PROJECT_NAME)
 
         self.middleware = audit.AuditMiddleware(
             FakeApp(), audit_map_file=self.audit_map,
@@ -257,6 +260,25 @@ class AuditMiddlewareTest(BaseAuditMiddlewareTest):
             self.assertNotEqual(req.environ['cadf_event'].id,
                                 notify.call_args_list[0][0][2]['id'])
 
+    def test_project_name_from_oslo_config(self):
+        self.assertEqual(self.PROJECT_NAME,
+                         self.middleware._determine_project())
+
+    def test_project_name_from_local_config(self):
+        project_name = uuid.uuid4().hex
+        self.middleware = audit.AuditMiddleware(
+            FakeApp(), audit_map_file=self.audit_map,
+            service_name='pycadf', project=project_name)
+        self.assertEqual(project_name, self.middleware._determine_project())
+
+    def test_project_undetermined(self):
+        self.middleware = audit.AuditMiddleware(
+            FakeApp(), audit_map_file=self.audit_map,
+            service_name='pycadf')
+        del cfg.CONF.project
+        self.assertEqual(taxonomy.UNKNOWN,
+                         self.middleware._determine_project())
+
 
 def _get_transport(conf, aliases=None, url=None):
     transport = mock.MagicMock()

releasenotes/notes/bug-1583690-da67472d7afff0bf.yaml

@@ -0,0 +1,11 @@
+---
+features:
+  - >
+    [`bug 1583690 <https://bugs.launchpad.net/keystonemiddleware/+bug/1583690>`_]
+    For services such as Swift, which may not be utilizing oslo_config, we need
+    to be able to determine the project name from local config. If project
+    name is specified in both local config and oslo_config, the one in local
+    config will be used instead.
+
+    In case project is undetermined (i.e. not set), we use taxonomy.UNKNOWN as
+    an indicator so operators can take corrective actions.