From: dave kormann <dk3239@att.com>
Date: Thu, 27 Jun 2019 16:21:10 +0000 (-0400)
Subject: FIX: Allow configuration of IPMI privilege level
X-Git-Url: https://gerrit.akraino.org/r/gitweb?p=ta%2Fconfig-manager.git;a=commitdiff_plain;h=c3bc257650a437d095bb85e7320d2e9405391a30

FIX: Allow configuration of IPMI privilege level

This change adds a priv_level argument to the hwmgmt specification.
The value of this parameter will be used as the requested privilege
level on IPMI requests.  Without this parameter, IPMI requests will
fail if the hwmgmt.user does not have ADMINISTRATOR privilege.  To
preserve the original semantics, the default value for the parameter
is ADMINISTRATOR.

signed-off-by: dave kormann <davek@research.att.com>
Change-Id: I8adf8d32510801914f4e8438190c52f5e9524209
---

diff --git a/cmdatahandlers/src/cmdatahandlers/hosts/config.py b/cmdatahandlers/src/cmdatahandlers/hosts/config.py
index 65b188b..a9a445e 100644
--- a/cmdatahandlers/src/cmdatahandlers/hosts/config.py
+++ b/cmdatahandlers/src/cmdatahandlers/hosts/config.py
@@ -82,6 +82,28 @@ class Config(config.Config):
             cidr = netconf.get_network_cidr(hwmgmtnet, domain)
             utils.validate_ip_in_network(ip, cidr)
 
+    def get_hwmgmt_priv_level(self, hostname):
+        """get the hwmgmt IPMI privilege level.  Defaults to ADMINISTRATOR
+
+           Arguments:
+
+           hostname: The name of the node
+
+           Return:
+
+           The prvilege level, or ADMINISTRATOR if unspecified
+
+           Raise:
+
+           ConfigError in-case of an error
+        """
+        self._validate_hostname(hostname)
+
+        if 'hwmgmt' not in self.config[self.ROOT][hostname]:
+            raise configerror.ConfigError('No hwmgmt info defined for host')
+
+        return self.config[self.ROOT][hostname]['hwmgmt'].get('priv_level', 'ADMINISTRATOR')
+
     def _validate_service_profiles(self, hostname):
         node_profiles = self.get_service_profiles(hostname)
         utils.validate_list_items_unique(node_profiles)
diff --git a/userconfigtemplate/user_config.yaml b/userconfigtemplate/user_config.yaml
index 6f8ce3a..fff4488 100644
--- a/userconfigtemplate/user_config.yaml
+++ b/userconfigtemplate/user_config.yaml
@@ -29,7 +29,7 @@
 ###        - Minor changes in template (e.g. new optional attributes or
 ###          changes in possible values, value ranges or default values)
 ###        - Backwards compatible
-version: 2.0.2
+version: 2.0.3
 
 ### Cloud name can consist of lower case letters, digits and dash (-).
 ### Name must start and end with a letter or a digit.
@@ -562,7 +562,10 @@ hosts:
             address: <VALUE>
             user: <VALUE>
             password: <VALUE>
-
+            # Optional: the IPMI privilege level to request.
+            # Typical values include 'USER', 'OPERATOR', 'ADMINISTRATOR'
+            # default is 'ADMINISTRATOR' if unspecified.
+            # priv_level: <VALUE>
         ### Optional parameter needed for virtual deployment to identify the
         ### nodes the mac address for the provisioning interface
         #mgmt_mac: [<VALUE1>, <VALUE2>, ...]