Merge "Add six as requirement"
diff --git a/barbican_tempest_plugin/tests/scenario/test_image_signing.py b/barbican_tempest_plugin/tests/scenario/test_image_signing.py
index d641f28..794d33e 100644
--- a/barbican_tempest_plugin/tests/scenario/test_image_signing.py
+++ b/barbican_tempest_plugin/tests/scenario/test_image_signing.py
@@ -13,6 +13,7 @@
# under the License.
from oslo_log import log as logging
+from tempest.api.compute import base as compute_base
from tempest.common import utils
from tempest import config
from tempest import exceptions
@@ -81,3 +82,51 @@
"Signature verification for the image failed",
self.create_server,
image_id=img_uuid)
+
+
+class ImageSigningSnapshotTest(barbican_manager.BarbicanScenarioTest,
+ compute_base.BaseV2ComputeTest):
+
+ @classmethod
+ def setup_clients(cls):
+ super(ImageSigningSnapshotTest, cls).setup_clients()
+ cls.client = cls.servers_client
+
+ @decorators.idempotent_id('f0603dfd-8b2c-44e2-8b0f-d65c87aab257')
+ @utils.services('compute', 'image')
+ def test_signed_image_upload_boot_snapshot(self):
+ """Test that Glance can snapshot an instance using a signed image.
+
+ Verify that a snapshot can be taken of an instance booted from a signed
+ image and that the resulting snapshot image has had all image signature
+ properties dropped from the original image.
+
+ The test follows these steps:
+ * Create an asymmetric keypair
+ * Sign an image file with the private key
+ * Create a certificate with the public key
+ * Store the certificate in Barbican
+ * Store the signed image in Glance
+ * Boot the signed image
+ * Confirm the instance changes state to Active
+ * Snapshot the running instance
+ * Uploading the snapshot and confirm the state moves to ACTIVE
+ """
+ img_uuid = self.sign_and_upload_image()
+ instance = self.create_server(name='signed_img_server_to_snapshot',
+ image_id=img_uuid,
+ wait_until='ACTIVE')
+
+ # Snapshot the instance, wait until the snapshot is active
+ image = self.create_image_from_server(instance['id'],
+ wait_until='ACTIVE')
+
+ # Ensure all img_signature image props have been dropped
+ signature_props = ['img_signature_hash_method',
+ 'img_signature',
+ 'img_signature_key_type',
+ 'img_signature_certificate_uuid']
+ img_meta = self.compute_images_client.list_image_metadata(image['id'])
+ self.assertFalse(any(x in img_meta for x in signature_props))
+
+ self.servers_client.delete_server(instance['id'])
diff --git a/requirements.txt b/requirements.txt
index 93f0007..761711f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,6 +6,6 @@
six>=1.10.0 # MIT
tempest>=17.1.0 # Apache-2.0
-cryptography!=2.0,>=1.9 # BSD/Apache-2.0
+cryptography>=2.1 # BSD/Apache-2.0
-oslo.config>=5.1.0 # Apache-2.0
+oslo.config>=5.2.0 # Apache-2.0
diff --git a/test-requirements.txt b/test-requirements.txt
index a89f7d2..b858041 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -5,7 +5,7 @@
hacking<0.13,>=0.12.0 # Apache-2.0
python-subunit>=1.0.0 # Apache-2.0/BSD
-sphinx!=1.6.6,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
oslosphinx>=4.7.0 # Apache-2.0
oslotest>=3.2.0 # Apache-2.0
testrepository>=0.0.18 # Apache-2.0/BSD