Merge "Prepare token clients for migration to tempest-lib"
diff --git a/tempest/api/identity/admin/v3/test_default_project_id.py b/tempest/api/identity/admin/v3/test_default_project_id.py
index ae4951d..f74b30d 100644
--- a/tempest/api/identity/admin/v3/test_default_project_id.py
+++ b/tempest/api/identity/admin/v3/test_default_project_id.py
@@ -15,6 +15,7 @@
from tempest import clients
from tempest.common.utils import data_utils
from tempest import config
+from tempest import manager
from tempest import test
CONF = config.CONF
@@ -75,8 +76,7 @@
creds = auth.KeystoneV3Credentials(username=user_name,
password=user_name,
domain_name=dom_name)
- auth_provider = auth.KeystoneV3AuthProvider(creds,
- CONF.identity.uri_v3)
+ auth_provider = manager.get_auth_provider(creds)
creds = auth_provider.fill_credentials()
admin_client = clients.Manager(credentials=creds)
diff --git a/tempest/auth.py b/tempest/auth.py
index 7b00f2a..5e76a88 100644
--- a/tempest/auth.py
+++ b/tempest/auth.py
@@ -186,8 +186,13 @@
token_expiry_threshold = datetime.timedelta(seconds=60)
- def __init__(self, credentials, auth_url):
+ def __init__(self, credentials, auth_url,
+ disable_ssl_certificate_validation=None,
+ ca_certs=None, trace_requests=None):
super(KeystoneAuthProvider, self).__init__(credentials)
+ self.dsvm = disable_ssl_certificate_validation
+ self.ca_certs = ca_certs
+ self.trace_requests = trace_requests
self.auth_client = self._auth_client(auth_url)
def _decorate_request(self, filters, method, url, headers=None, body=None,
@@ -237,7 +242,9 @@
EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ'
def _auth_client(self, auth_url):
- return json_id.TokenClientJSON(auth_url)
+ return json_id.TokenClientJSON(
+ auth_url, disable_ssl_certificate_validation=self.dsvm,
+ ca_certs=self.ca_certs, trace_requests=self.trace_requests)
def _auth_params(self):
return dict(
@@ -315,7 +322,9 @@
EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
def _auth_client(self, auth_url):
- return json_v3id.V3TokenClientJSON(auth_url)
+ return json_v3id.V3TokenClientJSON(
+ auth_url, disable_ssl_certificate_validation=self.dsvm,
+ ca_certs=self.ca_certs, trace_requests=self.trace_requests)
def _auth_params(self):
return dict(
diff --git a/tempest/clients.py b/tempest/clients.py
index fa3f65e..7a41f32 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -320,9 +320,12 @@
self.region_client = RegionClientJSON(self.auth_provider, **params)
self.credentials_client = CredentialsClientJSON(self.auth_provider,
**params)
- self.token_client = TokenClientJSON(CONF.identity.uri)
+ # Token clients do not use the catalog. They only need default_params.
+ self.token_client = TokenClientJSON(CONF.identity.uri,
+ **self.default_params)
if CONF.identity_feature_enabled.api_v3:
- self.token_v3_client = V3TokenClientJSON(CONF.identity.uri_v3)
+ self.token_v3_client = V3TokenClientJSON(CONF.identity.uri_v3,
+ **self.default_params)
def _set_volume_clients(self):
params = {
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index b06968e..aff4087 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -176,7 +176,14 @@
username=user,
password=pw,
tenant_name=tenant)
- _auth = tempest.auth.KeystoneV2AuthProvider(_creds, CONF.identity.uri)
+ auth_provider_params = {
+ 'disable_ssl_certificate_validation':
+ CONF.identity.disable_ssl_certificate_validation,
+ 'ca_certs': CONF.identity.ca_certificates_file,
+ 'trace_requests': CONF.debug.trace_requests
+ }
+ _auth = tempest.auth.KeystoneV2AuthProvider(
+ _creds, CONF.identity.uri, **auth_provider_params)
self.identity = identity_client.IdentityClientJSON(
_auth,
CONF.identity.catalog_type,
diff --git a/tempest/manager.py b/tempest/manager.py
index 50f7e6e..a256f25 100644
--- a/tempest/manager.py
+++ b/tempest/manager.py
@@ -47,21 +47,28 @@
if not self.credentials.is_valid():
raise exceptions.InvalidCredentials()
# Creates an auth provider for the credentials
- self.auth_provider = self.get_auth_provider(self.credentials)
+ self.auth_provider = get_auth_provider(self.credentials)
# FIXME(andreaf) unused
self.client_attr_names = []
- @classmethod
- def get_auth_provider_class(cls, credentials):
- if isinstance(credentials, auth.KeystoneV3Credentials):
- return auth.KeystoneV3AuthProvider, CONF.identity.uri_v3
- else:
- return auth.KeystoneV2AuthProvider, CONF.identity.uri
- def get_auth_provider(self, credentials):
- if credentials is None:
- raise exceptions.InvalidCredentials(
- 'Credentials must be specified')
- auth_provider_class, auth_url = self.get_auth_provider_class(
- credentials)
- return auth_provider_class(credentials, auth_url)
+def get_auth_provider_class(credentials):
+ if isinstance(credentials, auth.KeystoneV3Credentials):
+ return auth.KeystoneV3AuthProvider, CONF.identity.uri_v3
+ else:
+ return auth.KeystoneV2AuthProvider, CONF.identity.uri
+
+
+def get_auth_provider(credentials):
+ default_params = {
+ 'disable_ssl_certificate_validation':
+ CONF.identity.disable_ssl_certificate_validation,
+ 'ca_certs': CONF.identity.ca_certificates_file,
+ 'trace_requests': CONF.debug.trace_requests
+ }
+ if credentials is None:
+ raise exceptions.InvalidCredentials(
+ 'Credentials must be specified')
+ auth_provider_class, auth_url = get_auth_provider_class(
+ credentials)
+ return auth_provider_class(credentials, auth_url, **default_params)
diff --git a/tempest/services/identity/json/token_client.py b/tempest/services/identity/json/token_client.py
index b28dabb..e61ac84 100644
--- a/tempest/services/identity/json/token_client.py
+++ b/tempest/services/identity/json/token_client.py
@@ -13,16 +13,21 @@
# under the License.
import json
+from tempest_lib.common import rest_client
from tempest_lib import exceptions as lib_exc
from tempest.common import service_client
from tempest import exceptions
-class TokenClientJSON(service_client.ServiceClient):
+class TokenClientJSON(rest_client.RestClient):
- def __init__(self, auth_url):
- super(TokenClientJSON, self).__init__(None, None, None)
+ def __init__(self, auth_url, disable_ssl_certificate_validation=None,
+ ca_certs=None, trace_requests=None):
+ dscv = disable_ssl_certificate_validation
+ super(TokenClientJSON, self).__init__(
+ None, None, None, disable_ssl_certificate_validation=dscv,
+ ca_certs=ca_certs, trace_requests=trace_requests)
# Normalize URI to ensure /tokens is in it.
if 'tokens' not in auth_url:
diff --git a/tempest/services/identity/v3/json/token_client.py b/tempest/services/identity/v3/json/token_client.py
index 582897a..b0824a7 100644
--- a/tempest/services/identity/v3/json/token_client.py
+++ b/tempest/services/identity/v3/json/token_client.py
@@ -13,16 +13,21 @@
# under the License.
import json
+from tempest_lib.common import rest_client
from tempest_lib import exceptions as lib_exc
from tempest.common import service_client
from tempest import exceptions
-class V3TokenClientJSON(service_client.ServiceClient):
+class V3TokenClientJSON(rest_client.RestClient):
- def __init__(self, auth_url):
- super(V3TokenClientJSON, self).__init__(None, None, None)
+ def __init__(self, auth_url, disable_ssl_certificate_validation=None,
+ ca_certs=None, trace_requests=None):
+ dscv = disable_ssl_certificate_validation
+ super(V3TokenClientJSON, self).__init__(
+ None, None, None, disable_ssl_certificate_validation=dscv,
+ ca_certs=ca_certs, trace_requests=trace_requests)
if not auth_url:
raise exceptions.InvalidConfiguration('you must specify a v3 uri '
'if using the v3 identity '