Merge "Set test_basic_traffic as smoke test"
diff --git a/octavia_tempest_plugin/contrib/test_server/README.rst b/octavia_tempest_plugin/contrib/test_server/README.rst
index da719b7..ba959f9 100644
--- a/octavia_tempest_plugin/contrib/test_server/README.rst
+++ b/octavia_tempest_plugin/contrib/test_server/README.rst
@@ -2,8 +2,8 @@
Amphorae test server
====================
-test_server is a static application that simulates an HTTP and a UDP server.
-
+test_server.bin is a static application that simulates HTTP, HTTPS, and UDP
+servers. This server can properly handle concurrent requests.
Building
--------
@@ -12,15 +12,55 @@
Install dependencies for Ubuntu/Debian:
+::
+
sudo apt-get install -y golang
Install dependencies for Centos (use golang 1.10 from go-toolset-7) and launch
a shell into the new environment:
+::
+
sudo yum install -y centos-release-scl
sudo yum install -y go-toolset-7-golang-bin glibc-static openssl-static zlib-static
scl enable go-toolset-7 bash
Build the binary:
+::
+
CGO_ENABLED=0 GOOS=linux go build -a -ldflags '-s -w -extldflags -static' -o test_server.bin test_server.go
+
+
+Usage
+-----
+
+The usage string can be output from the command by running:
+
+::
+
+ ./test_server.bin --help
+
+Example output:
+
+::
+
+ Usage of ./test_server.bin:
+ -cert string
+ Server side PEM format certificate.
+ -client_ca string
+ Client side PEM format CA certificate.
+ -https_port int
+ HTTPS port to listen on, -1 is disabled. (default -1)
+ -id string
+ Server ID (default "1")
+ -key string
+ Server side PEM format key.
+ -port int
+ Port to listen on (default 8080)
+
+If -https_port is not specified, the server will not accept HTTPS requests.
+When --https_port is specified, -cert and -key are required parameters.
+If -https_port is specified, the -client_ca parameter is optional. When
+-client_ca is specified, it will configure the HTTPS port to require a valid
+client certificate to connect.
diff --git a/octavia_tempest_plugin/contrib/test_server/test_server.bin b/octavia_tempest_plugin/contrib/test_server/test_server.bin
index e3cc7ba..75ec2f2 100755
--- a/octavia_tempest_plugin/contrib/test_server/test_server.bin
+++ b/octavia_tempest_plugin/contrib/test_server/test_server.bin
Binary files differ
diff --git a/octavia_tempest_plugin/contrib/test_server/test_server.go b/octavia_tempest_plugin/contrib/test_server/test_server.go
index 8139580..f8bc1e0 100644
--- a/octavia_tempest_plugin/contrib/test_server/test_server.go
+++ b/octavia_tempest_plugin/contrib/test_server/test_server.go
@@ -1,11 +1,17 @@
package main
import (
+ "crypto/rand"
+ "crypto/tls"
+ "crypto/x509"
"flag"
"fmt"
"io"
+ "io/ioutil"
+ "log"
"net"
"net/http"
+ "os"
"sync"
"time"
)
@@ -83,13 +89,23 @@
fmt.Fprintf(w, "max_conn=%d\ntotal_conn=%d\n", max_conn, total_conn)
}
+func https_wrapper(base_handler func(http.ResponseWriter,
+ *http.Request)) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+ w.Header().Add("Strict-Transport-Security",
+ "max-age=66012000; includeSubDomains")
+ base_handler(w, r)
+ })
+}
+
func reset_handler(w http.ResponseWriter, r *http.Request) {
http.SetCookie(w, &sess_cookie)
scoreboard.reset()
fmt.Fprintf(w, "reset\n")
}
-func http_serve(port int, id string) {
+func http_setup(id string) {
sess_cookie.Name = "JSESSIONID"
sess_cookie.Value = id
@@ -97,8 +113,65 @@
http.HandleFunc("/slow", slow_handler)
http.HandleFunc("/stats", stats_handler)
http.HandleFunc("/reset", reset_handler)
+}
+
+func http_serve(port int, id string) {
portStr := fmt.Sprintf(":%d", port)
- http.ListenAndServe(portStr, nil)
+ log.Fatal(http.ListenAndServe(portStr, nil))
+}
+
+func https_serve(port int, id string, cert tls.Certificate,
+ certpool *x509.CertPool, server_cert_pem string,
+ server_key_pem string) {
+ mux := http.NewServeMux()
+ mux.Handle("/", https_wrapper(root_handler))
+ mux.Handle("/slow", https_wrapper(slow_handler))
+ mux.Handle("/stats", https_wrapper(stats_handler))
+ mux.Handle("/reset", https_wrapper(reset_handler))
+
+ var tls_config *tls.Config
+ if certpool != nil {
+ tls_config = &tls.Config{
+ Certificates: []tls.Certificate{cert},
+ ClientAuth: tls.RequireAndVerifyClientCert,
+ ClientCAs: certpool,
+ MinVersion: tls.VersionTLS12,
+ CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384,
+ tls.CurveP256},
+ PreferServerCipherSuites: true,
+ CipherSuites: []uint16{
+ tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+ tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+ },
+ }
+ } else {
+ tls_config = &tls.Config{
+ Certificates: []tls.Certificate{cert},
+ ClientAuth: tls.NoClientCert,
+ MinVersion: tls.VersionTLS12,
+ CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384,
+ tls.CurveP256},
+ PreferServerCipherSuites: true,
+ CipherSuites: []uint16{
+ tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+ tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+ },
+ }
+ }
+ tls_config.Rand = rand.Reader
+ portStr := fmt.Sprintf(":%d", port)
+ srv := &http.Server{
+ Addr: portStr,
+ Handler: mux,
+ TLSConfig: tls_config,
+ TLSNextProto: make(map[string]func(*http.Server, *tls.Conn,
+ http.Handler), 0),
+ }
+ log.Fatal(srv.ListenAndServeTLS(server_cert_pem, server_key_pem))
}
func udp_serve(port int, id string) {
@@ -129,11 +202,44 @@
func main() {
portPtr := flag.Int("port", 8080, "Port to listen on")
idPtr := flag.String("id", "1", "Server ID")
+ https_portPtr := flag.Int("https_port", -1,
+ "HTTPS port to listen on, -1 is disabled.")
+ server_cert_pem := flag.String("cert", "",
+ "Server side PEM format certificate.")
+ server_key := flag.String("key", "", "Server side PEM format key.")
+ client_ca_cert_pem := flag.String("client_ca", "",
+ "Client side PEM format CA certificate.")
flag.Parse()
resp = fmt.Sprintf("%s", *idPtr)
+ http_setup(*idPtr)
+
+ if *https_portPtr > -1 {
+ cert, err := tls.LoadX509KeyPair(*server_cert_pem, *server_key)
+ if err != nil {
+ fmt.Println("Error load server certificate and key.\n")
+ os.Exit(1)
+ }
+ certpool := x509.NewCertPool()
+ if *client_ca_cert_pem != "" {
+ ca_pem, err := ioutil.ReadFile(*client_ca_cert_pem)
+ if err != nil {
+ fmt.Println("Error load client side CA cert.\n")
+ os.Exit(1)
+ }
+ if !certpool.AppendCertsFromPEM(ca_pem) {
+ fmt.Println("Can't parse client side certificate authority")
+ os.Exit(1)
+ }
+ } else {
+ certpool = nil
+ }
+ go https_serve(*https_portPtr, *idPtr, cert, certpool,
+ *server_cert_pem, *server_key)
+ }
+
go http_serve(*portPtr, *idPtr)
udp_serve(*portPtr, *idPtr)
}
diff --git a/octavia_tempest_plugin/hacking/__init__.py b/octavia_tempest_plugin/hacking/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/octavia_tempest_plugin/hacking/__init__.py
diff --git a/octavia_tempest_plugin/hacking/checks.py b/octavia_tempest_plugin/hacking/checks.py
new file mode 100644
index 0000000..eec7476
--- /dev/null
+++ b/octavia_tempest_plugin/hacking/checks.py
@@ -0,0 +1,277 @@
+# Copyright (c) 2014 OpenStack Foundation.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+
+"""
+Guidelines for writing new hacking checks
+
+ - Use only for Octavia specific tests. OpenStack general tests
+ should be submitted to the common 'hacking' module.
+ - Pick numbers in the range O3xx. Find the current test with
+ the highest allocated number and then pick the next value.
+ - Keep the test method code in the source file ordered based
+ on the O3xx value.
+ - List the new rule in the top level HACKING.rst file
+ - Add test cases for each new rule to
+ octavia/tests/unit/test_hacking.py
+
+"""
+
+import re
+
+from hacking import core
+
+
+_all_log_levels = {'critical', 'error', 'exception', 'info', 'warning'}
+_all_hints = {'_LC', '_LE', '_LI', '_', '_LW'}
+
+_log_translation_hint = re.compile(
+ r".*LOG\.(%(levels)s)\(\s*(%(hints)s)\(" % {
+ 'levels': '|'.join(_all_log_levels),
+ 'hints': '|'.join(_all_hints),
+ })
+
+assert_trueinst_re = re.compile(
+ r"(.)*assertTrue\(isinstance\((\w|\.|\'|\"|\[|\])+, "
+ r"(\w|\.|\'|\"|\[|\])+\)\)")
+assert_equal_in_end_with_true_or_false_re = re.compile(
+ r"assertEqual\((\w|[][.'\"])+ in (\w|[][.'\", ])+, (True|False)\)")
+assert_equal_in_start_with_true_or_false_re = re.compile(
+ r"assertEqual\((True|False), (\w|[][.'\"])+ in (\w|[][.'\", ])+\)")
+assert_equal_with_true_re = re.compile(
+ r"assertEqual\(True,")
+assert_equal_with_false_re = re.compile(
+ r"assertEqual\(False,")
+mutable_default_args = re.compile(r"^\s*def .+\((.+=\{\}|.+=\[\])")
+assert_equal_end_with_none_re = re.compile(r"(.)*assertEqual\(.+, None\)")
+assert_equal_start_with_none_re = re.compile(r".*assertEqual\(None, .+\)")
+assert_not_equal_end_with_none_re = re.compile(
+ r"(.)*assertNotEqual\(.+, None\)")
+assert_not_equal_start_with_none_re = re.compile(
+ r"(.)*assertNotEqual\(None, .+\)")
+revert_must_have_kwargs_re = re.compile(
+ r'[ ]*def revert\(.+,[ ](?!\*\*kwargs)\w+\):')
+untranslated_exception_re = re.compile(r"raise (?:\w*)\((.*)\)")
+no_eventlet_re = re.compile(r'(import|from)\s+[(]?eventlet')
+no_line_continuation_backslash_re = re.compile(r'.*(\\)\n')
+no_logging_re = re.compile(r'(import|from)\s+[(]?logging')
+import_mock_re = re.compile(r"\bimport[\s]+mock\b")
+import_from_mock_re = re.compile(r"\bfrom[\s]+mock[\s]+import\b")
+
+
+def _translation_checks_not_enforced(filename):
+ # Do not do these validations on tests
+ return any(pat in filename for pat in ["/tests/", "rally-jobs/plugins/"])
+
+
+@core.flake8ext
+def assert_true_instance(logical_line):
+ """Check for assertTrue(isinstance(a, b)) sentences
+
+ O316
+ """
+ if assert_trueinst_re.match(logical_line):
+ yield (0, "O316: assertTrue(isinstance(a, b)) sentences not allowed. "
+ "Use assertIsInstance instead.")
+
+
+@core.flake8ext
+def assert_equal_or_not_none(logical_line):
+ """Check for assertEqual(A, None) or assertEqual(None, A) sentences,
+
+ assertNotEqual(A, None) or assertNotEqual(None, A) sentences
+
+ O318
+ """
+ msg = ("O318: assertEqual/assertNotEqual(A, None) or "
+ "assertEqual/assertNotEqual(None, A) sentences not allowed")
+ res = (assert_equal_start_with_none_re.match(logical_line) or
+ assert_equal_end_with_none_re.match(logical_line) or
+ assert_not_equal_start_with_none_re.match(logical_line) or
+ assert_not_equal_end_with_none_re.match(logical_line))
+ if res:
+ yield (0, msg)
+
+
+@core.flake8ext
+def assert_equal_true_or_false(logical_line):
+ """Check for assertEqual(True, A) or assertEqual(False, A) sentences
+
+ O323
+ """
+ res = (assert_equal_with_true_re.search(logical_line) or
+ assert_equal_with_false_re.search(logical_line))
+ if res:
+ yield (0, "O323: assertEqual(True, A) or assertEqual(False, A) "
+ "sentences not allowed")
+
+
+@core.flake8ext
+def no_mutable_default_args(logical_line):
+ msg = "O324: Method's default argument shouldn't be mutable!"
+ if mutable_default_args.match(logical_line):
+ yield (0, msg)
+
+
+@core.flake8ext
+def assert_equal_in(logical_line):
+ """Check for assertEqual(A in B, True), assertEqual(True, A in B),
+
+ assertEqual(A in B, False) or assertEqual(False, A in B) sentences
+
+ O338
+ """
+ res = (assert_equal_in_start_with_true_or_false_re.search(logical_line) or
+ assert_equal_in_end_with_true_or_false_re.search(logical_line))
+ if res:
+ yield (0, "O338: Use assertIn/NotIn(A, B) rather than "
+ "assertEqual(A in B, True/False) when checking collection "
+ "contents.")
+
+
+@core.flake8ext
+def no_log_warn(logical_line):
+ """Disallow 'LOG.warn('
+
+ O339
+ """
+ if logical_line.startswith('LOG.warn('):
+ yield(0, "O339:Use LOG.warning() rather than LOG.warn()")
+
+
+@core.flake8ext
+def no_translate_logs(logical_line, filename):
+ """O341 - Don't translate logs.
+
+ Check for 'LOG.*(_(' and 'LOG.*(_Lx('
+
+ Translators don't provide translations for log messages, and operators
+ asked not to translate them.
+
+ * This check assumes that 'LOG' is a logger.
+
+ :param logical_line: The logical line to check.
+ :param filename: The file name where the logical line exists.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if _translation_checks_not_enforced(filename):
+ return
+
+ msg = "O341: Log messages should not be translated!"
+ match = _log_translation_hint.match(logical_line)
+ if match:
+ yield (logical_line.index(match.group()), msg)
+
+
+@core.flake8ext
+def check_raised_localized_exceptions(logical_line, filename):
+ """O342 - Untranslated exception message.
+
+ :param logical_line: The logical line to check.
+ :param filename: The file name where the logical line exists.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if _translation_checks_not_enforced(filename):
+ return
+
+ logical_line = logical_line.strip()
+ raised_search = untranslated_exception_re.match(logical_line)
+ if raised_search:
+ exception_msg = raised_search.groups()[0]
+ if exception_msg.startswith("\"") or exception_msg.startswith("\'"):
+ msg = "O342: Untranslated exception message."
+ yield (logical_line.index(exception_msg), msg)
+
+
+@core.flake8ext
+def check_no_eventlet_imports(logical_line):
+ """O345 - Usage of Python eventlet module not allowed.
+
+ :param logical_line: The logical line to check.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if no_eventlet_re.match(logical_line):
+ msg = 'O345 Usage of Python eventlet module not allowed'
+ yield logical_line.index('eventlet'), msg
+
+
+@core.flake8ext
+def check_line_continuation_no_backslash(logical_line, tokens):
+ """O346 - Don't use backslashes for line continuation.
+
+ :param logical_line: The logical line to check. Not actually used.
+ :param tokens: List of tokens to check.
+ :returns: None if the tokens don't contain any issues, otherwise a tuple
+ is yielded that contains the offending index in the logical
+ line and a message describe the check validation failure.
+ """
+ backslash = None
+ for token_type, text, start, end, orig_line in tokens:
+ m = no_line_continuation_backslash_re.match(orig_line)
+ if m:
+ backslash = (start[0], m.start(1))
+ break
+
+ if backslash is not None:
+ msg = 'O346 Backslash line continuations not allowed'
+ yield backslash, msg
+
+
+@core.flake8ext
+def revert_must_have_kwargs(logical_line):
+ """O347 - Taskflow revert methods must have \\*\\*kwargs.
+
+ :param logical_line: The logical line to check.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if revert_must_have_kwargs_re.match(logical_line):
+ msg = 'O347 Taskflow revert methods must have **kwargs'
+ yield 0, msg
+
+
+@core.flake8ext
+def check_no_logging_imports(logical_line):
+ """O348 - Usage of Python logging module not allowed.
+
+ :param logical_line: The logical line to check.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if no_logging_re.match(logical_line):
+ msg = 'O348 Usage of Python logging module not allowed, use oslo_log'
+ yield logical_line.index('logging'), msg
+
+
+@core.flake8ext
+def check_no_import_mock(logical_line):
+ """O349 - Test code must not import mock library.
+
+ :param logical_line: The logical line to check.
+ :returns: None if the logical line passes the check, otherwise a tuple
+ is yielded that contains the offending index in logical line
+ and a message describe the check validation failure.
+ """
+ if (import_mock_re.match(logical_line) or
+ import_from_mock_re.match(logical_line)):
+ msg = 'O349 Test code must not import mock library, use unittest.mock'
+ yield 0, msg
diff --git a/octavia_tempest_plugin/services/load_balancer/v2/__init__.py b/octavia_tempest_plugin/services/load_balancer/v2/__init__.py
index d31d6cf..04cb473 100644
--- a/octavia_tempest_plugin/services/load_balancer/v2/__init__.py
+++ b/octavia_tempest_plugin/services/load_balancer/v2/__init__.py
@@ -12,7 +12,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-from octavia_tempest_plugin.services.load_balancer.v2.loadbalancer_client \
- import LoadbalancerClient
+from .loadbalancer_client import LoadbalancerClient
__all__ = ['LoadbalancerClient']
diff --git a/octavia_tempest_plugin/tests/api/v2/test_l7rule.py b/octavia_tempest_plugin/tests/api/v2/test_l7rule.py
index aaad8a0..9a73034 100644
--- a/octavia_tempest_plugin/tests/api/v2/test_l7rule.py
+++ b/octavia_tempest_plugin/tests/api/v2/test_l7rule.py
@@ -573,7 +573,7 @@
l7rule_check = self.mem_l7rule_client.show_l7rule(
l7rule[const.ID], l7policy_id=self.l7policy_id)
self.assertEqual(const.ACTIVE, l7rule_check[const.PROVISIONING_STATUS])
- self.assertEqual(False, l7rule_check[const.ADMIN_STATE_UP])
+ self.assertFalse(l7rule_check[const.ADMIN_STATE_UP])
# Test that a user, without the load balancer member role, cannot
# update this l7rule
@@ -588,7 +588,7 @@
l7rule_check = self.mem_l7rule_client.show_l7rule(
l7rule[const.ID], l7policy_id=self.l7policy_id)
self.assertEqual(const.ACTIVE, l7rule_check[const.PROVISIONING_STATUS])
- self.assertEqual(False, l7rule_check[const.ADMIN_STATE_UP])
+ self.assertFalse(l7rule_check[const.ADMIN_STATE_UP])
l7rule_update_kwargs = {
const.L7POLICY_ID: self.l7policy_id,
diff --git a/octavia_tempest_plugin/tests/barbican_scenario/v2/test_tls_barbican.py b/octavia_tempest_plugin/tests/barbican_scenario/v2/test_tls_barbican.py
index 84bfc20..a753a5c 100644
--- a/octavia_tempest_plugin/tests/barbican_scenario/v2/test_tls_barbican.py
+++ b/octavia_tempest_plugin/tests/barbican_scenario/v2/test_tls_barbican.py
@@ -749,8 +749,8 @@
CONF.load_balancer.build_timeout)
# Test that no client certificate fails to connect
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*certificate required.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get,
'https://{0}:{1}'.format(self.lb_vip_address, LISTENER1_TCP_PORT),
timeout=12, verify=False)
@@ -764,8 +764,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*revoked.*", requests.get,
+ self.assertRaises(
+ requests.exceptions.SSLError, requests.get,
'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER1_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -836,8 +836,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*revoked.*", requests.get,
+ self.assertRaises(
+ requests.exceptions.SSLError, requests.get,
'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER1_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -954,15 +954,15 @@
CONF.load_balancer.build_timeout)
# Test that no client certificate fails to connect to listener1
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*certificate required.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get,
'https://{0}:{1}'.format(self.lb_vip_address, LISTENER1_TCP_PORT),
timeout=12, verify=False)
# Test that no client certificate fails to connect to listener2
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*certificate required.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get,
'https://{0}:{1}'.format(self.lb_vip_address, LISTENER2_TCP_PORT),
timeout=12, verify=False)
@@ -976,8 +976,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*revoked.*", requests.get,
+ self.assertRaises(
+ requests.exceptions.SSLError, requests.get,
'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER1_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -992,8 +992,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*revoked.*", requests.get,
+ self.assertRaises(
+ requests.exceptions.SSLError, requests.get,
'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER2_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -1040,8 +1040,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*decrypt error.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get, 'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER2_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -1056,8 +1056,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*decrypt error.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get, 'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER1_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -1072,8 +1072,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*decrypt error.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get, 'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER2_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
@@ -1088,8 +1088,8 @@
serialization.Encoding.PEM,
serialization.PrivateFormat.TraditionalOpenSSL,
serialization.NoEncryption()))
- self.assertRaisesRegex(
- requests.exceptions.SSLError, ".*decrypt error.*",
+ self.assertRaises(
+ requests.exceptions.SSLError,
requests.get, 'https://{0}:{1}'.format(self.lb_vip_address,
LISTENER1_TCP_PORT),
timeout=12, verify=False, cert=(cert_file.name,
diff --git a/octavia_tempest_plugin/tests/scenario/v2/test_pool.py b/octavia_tempest_plugin/tests/scenario/v2/test_pool.py
index 5e0622c..720e80a 100644
--- a/octavia_tempest_plugin/tests/scenario/v2/test_pool.py
+++ b/octavia_tempest_plugin/tests/scenario/v2/test_pool.py
@@ -167,8 +167,8 @@
}
if self.lb_feature_enabled.pool_algorithms_enabled:
- pool_update_kwargs[const.LB_ALGORITHM] = \
- const.LB_ALGORITHM_LEAST_CONNECTIONS
+ pool_update_kwargs[const.LB_ALGORITHM] = (
+ const.LB_ALGORITHM_LEAST_CONNECTIONS)
if self.protocol == const.HTTP and (
self.lb_feature_enabled.session_persistence_enabled):
diff --git a/setup.cfg b/setup.cfg
index 3e5d216..d7d3196 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -19,6 +19,7 @@
Programming Language :: Python :: 3
Programming Language :: Python :: 3.6
Programming Language :: Python :: 3.7
+ Programming Language :: Python :: 3.8
[global]
setup-hooks =
diff --git a/test-requirements.txt b/test-requirements.txt
index 354a020..2125ea0 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,7 +2,7 @@
# of appearance. Changing the order has an impact on the overall integration
# process, which may cause wedges in the gate later.
-hacking>=3.0,<3.1.0;python_version>='3.5' # Apache-2.0
+hacking>=3.0.1,<3.1.0;python_version>='3.5' # Apache-2.0
coverage!=4.4,>=4.0 # Apache-2.0
python-subunit>=1.0.0 # Apache-2.0/BSD
diff --git a/tox.ini b/tox.ini
index 4a61222..a419c62 100644
--- a/tox.ini
+++ b/tox.ini
@@ -43,6 +43,7 @@
deps =
-c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/requirements.txt
+ -r{toxinidir}/test-requirements.txt
-r{toxinidir}/doc/requirements.txt
whitelist_externals = rm
commands =
@@ -85,6 +86,24 @@
# [H904]: Delay string interpolations at logging calls
enable-extensions=H106,H203,H204,H205,H904
+[flake8:local-plugins]
+extension =
+ O316 = checks:assert_true_instance
+ O318 = checks:assert_equal_or_not_none
+ O323 = checks:assert_equal_true_or_false
+ O324 = checks:no_mutable_default_args
+ O338 = checks:assert_equal_in
+ O339 = checks:no_log_warn
+ O341 = checks:no_translate_logs
+ O342 = checks:check_raised_localized_exceptions
+ O345 = checks:check_no_eventlet_imports
+ O346 = checks:check_line_continuation_no_backslash
+ O347 = checks:revert_must_have_kwargs
+ O348 = checks:check_no_logging_imports
+ O349 = checks:check_no_import_mock
+paths =
+ ./octavia_tempest_plugin/hacking
+
[testenv:genconfig]
basepython = python3
whitelist_externals = mkdir
diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml
index 38b2d04..239eb49 100644
--- a/zuul.d/jobs.yaml
+++ b/zuul.d/jobs.yaml
@@ -1,10 +1,40 @@
- nodeset:
+ name: octavia-single-node-ubuntu-bionic
+ nodes:
+ - name: controller
+ label: nested-virt-ubuntu-bionic
+ groups:
+ - name: tempest
+ nodes:
+ - controller
+
+- nodeset:
+ name: octavia-single-node-centos-7
+ nodes:
+ - name: controller
+ label: nested-virt-centos-7
+ groups:
+ - name: tempest
+ nodes:
+ - controller
+
+- nodeset:
+ name: octavia-single-node-centos-8
+ nodes:
+ - name: controller
+ label: nested-virt-centos-8
+ groups:
+ - name: tempest
+ nodes:
+ - controller
+
+- nodeset:
name: octavia-two-node
nodes:
- name: controller
- label: ubuntu-bionic
+ label: nested-virt-ubuntu-bionic
- name: controller2
- label: ubuntu-bionic
+ label: nested-virt-ubuntu-bionic
groups:
- name: controller
nodes:
@@ -142,6 +172,7 @@
- job:
name: octavia-dsvm-live-base
parent: octavia-dsvm-base
+ nodeset: octavia-single-node-ubuntu-bionic
timeout: 9000
required-projects:
- openstack/diskimage-builder
@@ -176,6 +207,7 @@
- job:
name: octavia-dsvm-live-base-ipv6-only
parent: octavia-dsvm-base-ipv6-only
+ nodeset: octavia-single-node-ubuntu-bionic
timeout: 9000
required-projects:
- openstack/diskimage-builder
@@ -309,6 +341,7 @@
g-api: true
g-reg: true
key: true
+ memory_tracker: false
mysql: true
n-api: true
n-api-meta: true
@@ -324,7 +357,6 @@
o-cw: true
o-hm: true
o-hk: true
- peakmem_tracker: true
placement-api: true
q-agt: true
q-dhcp: true
@@ -530,7 +562,7 @@
- job:
name: octavia-v2-dsvm-py2-scenario-centos-7
parent: octavia-v2-dsvm-py2-scenario
- nodeset: devstack-single-node-centos-7
+ nodeset: octavia-single-node-centos-7
vars:
devstack_localrc:
OCTAVIA_AMP_BASE_OS: centos
@@ -540,6 +572,7 @@
- job:
name: octavia-v2-dsvm-scenario-centos-8
parent: octavia-v2-dsvm-scenario
+ nodeset: octavia-single-node-centos-8
vars:
devstack_localrc:
OCTAVIA_AMP_BASE_OS: centos
@@ -605,11 +638,13 @@
- job:
name: octavia-v2-dsvm-tls-barbican-stable-rocky
parent: octavia-v2-dsvm-tls-barbican
+ nodeset: openstack-single-node-xenial
override-checkout: stable/rocky
- job:
name: octavia-v2-dsvm-tls-barbican-stable-queens
parent: octavia-v2-dsvm-tls-barbican
+ nodeset: openstack-single-node-xenial
override-checkout: stable/queens
- job:
@@ -707,6 +742,7 @@
- job:
name: octavia-v2-dsvm-scenario-centos-7
parent: octavia-v2-dsvm-py2-scenario-centos-7
+ nodeset: octavia-single-node-centos-7
- job:
name: octavia-v2-act-stdby-iptables-dsvm-scenario
@@ -748,7 +784,7 @@
- job:
name: octavia-v2-act-stdby-iptables-dsvm-py2-scenario-centos-7
parent: octavia-v2-act-stdby-iptables-dsvm-py2-scenario
- nodeset: devstack-single-node-centos-7
+ nodeset: octavia-single-node-centos-7
vars:
devstack_localrc:
USE_PYTHON3: False