Add server tests for nova.
The following RBAC test cases are added:
Change-Id: I99489adaa009bb19f7faaac31d25af4b6fef9a18
Partially-Implements: blueprint initial-tests-nova
diff --git a/patrole_tempest_plugin/tests/api/compute/ b/patrole_tempest_plugin/tests/api/compute/
index 66676d1..e5a53c9 100644
--- a/patrole_tempest_plugin/tests/api/compute/
+++ b/patrole_tempest_plugin/tests/api/compute/
@@ -16,8 +16,10 @@
from oslo_log import log
from tempest.common import waiters
+from tempest import config
from tempest.lib.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest.lib import decorators
from tempest.lib import exceptions
@@ -25,6 +27,7 @@
from patrole_tempest_plugin import rbac_rule_validation
from patrole_tempest_plugin.tests.api.compute import rbac_base as base
+CONF = config.CONF
LOG = log.getLogger(__name__)
@@ -34,6 +37,73 @@
def setup_clients(cls):
super(ComputeServersRbacTest, cls).setup_clients()
cls.client = cls.servers_client
+ cls.networks_client = cls.os.networks_client
+ cls.subnets_client = cls.os.subnets_client
+ @classmethod
+ def resource_setup(cls):
+ super(ComputeServersRbacTest, cls).resource_setup()
+ # Create a volume
+ volume_name = data_utils.rand_name(cls.__name__ + '-volume')
+ name_field = 'name'
+ if not CONF.volume_feature_enabled.api_v2:
+ name_field = 'display_name'
+ params = {name_field: volume_name,
+ 'imageRef': CONF.compute.image_ref,
+ 'size': CONF.volume.volume_size}
+ volume = cls.volumes_client.create_volume(**params)['volume']
+ waiters.wait_for_volume_resource_status(cls.volumes_client,
+ volume['id'], 'available')
+ cls.volumes.append(volume)
+ cls.volume_id = volume['id']
+ def _create_network_resources(self):
+ # Create network
+ network_name = data_utils.rand_name(
+ self.__class__.__name__ + '-network')
+ network = self.networks_client.create_network(
+ **{'name': network_name})['network']
+ # Create subnet for the network
+ subnet_name = data_utils.rand_name(self.__class__.__name__ + '-subnet')
+ subnet = self.subnets_client.create_subnet(
+ name=subnet_name,
+ network_id=network['id'],
+ ip_version=4)['subnet']
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.networks_client.delete_network, network['id'])
+ self.addCleanup(test_utils.call_and_ignore_notfound_exc,
+ self.subnets_client.delete_subnet, subnet['id'])
+ return network
+ def _create_test_server_with_volume(self, volume_id):
+ # Create a server with the volume created earlier
+ server_name = data_utils.rand_name(self.__class__.__name__ + "-server")
+ bd_map_v2 = [{'uuid': volume_id,
+ 'source_type': 'volume',
+ 'destination_type': 'volume',
+ 'boot_index': 0,
+ 'delete_on_termination': True}]
+ device_mapping = {'block_device_mapping_v2': bd_map_v2}
+ # Since the server is booted from volume, the imageRef does not need
+ # to be specified.
+ server = self.client.create_server(name=server_name,
+ imageRef='',
+ flavorRef=CONF.compute.flavor_ref,
+ **device_mapping)['server']
+ waiters.wait_for_server_status(self.client, server['id'], 'ACTIVE')
+ self.servers.append(server)
+ return server
@@ -45,6 +115,51 @@
+ rule="os_compute_api:servers:create:forced_host")
+ @decorators.idempotent_id('0ae3c401-52ab-41bc-ab96-c598a65d9ae5')
+ def test_create_server_forced_host(self):
+ # Retrieve 'nova' zone host information from availiability_zone_list
+ zones = self.availability_zone_client.list_availability_zones(
+ detail=True)['availabilityZoneInfo']
+ hosts = [zone['hosts'] for zone in zones if zone['zoneName'] == 'nova']
+ # We just need any host out of the hosts list to build the
+ # availability_zone attribute. So, picking the first one is fine.
+ # The first key of the dictionary specifies the host name.
+ host = hosts[0].keys()[0]
+ availability_zone = 'nova:' + host
+ self.rbac_utils.switch_role(self, switchToRbacRole=True)
+ self.create_test_server(wait_until='ACTIVE',
+ availability_zone=availability_zone)
+ @rbac_rule_validation.action(
+ service="nova",
+ rule="os_compute_api:servers:create:attach_volume")
+ @decorators.idempotent_id('eeddac5e-15aa-454f-838d-db608aae4dd8')
+ def test_create_server_attach_volume(self):
+ self.rbac_utils.switch_role(self, switchToRbacRole=True)
+ self._create_test_server_with_volume(self.volume_id)
+ @rbac_rule_validation.action(
+ service="nova",
+ rule="os_compute_api:servers:create:attach_network")
+ @decorators.idempotent_id('b44cd4ff-50a4-42ce-ada3-724e213cd540')
+ def test_create_server_attach_network(self):
+ network = self._create_network_resources()
+ network_id = {'uuid': network['id']}
+ self.rbac_utils.switch_role(self, switchToRbacRole=True)
+ server = self.create_test_server(wait_until='ACTIVE',
+ networks=[network_id])
+ # The network resources created is for this test case only. We will
+ # clean them up after this test case. In order to do that,
+ # we need to clean up the server first.
+ self.addCleanup(waiters.wait_for_server_termination,
+ self.client, server['id'])
+ self.addCleanup(self.client.delete_server, server['id'])
+ @rbac_rule_validation.action(
+ service="nova",
def test_delete_server(self):