Merge "Add tempest test to live/cold migrate Windows OS's" into mcp/caracal
diff --git a/tempest/api/volume/admin/test_volume_retype.py b/tempest/api/volume/admin/test_volume_retype.py
index 586111c..c17e01c 100644
--- a/tempest/api/volume/admin/test_volume_retype.py
+++ b/tempest/api/volume/admin/test_volume_retype.py
@@ -63,7 +63,7 @@
src_vol = self.create_volume(volume_type=self.src_vol_type['name'],
snapshot_id=snapshot['id'])
- if not CONF.volume_feature_enabled.snapshot_locked_by_volume:
+ if not CONF.volume_feature_enabled.volume_locked_by_snapshot:
# Delete the snapshot
self.snapshots_client.delete_snapshot(snapshot['id'])
self.snapshots_client.wait_for_resource_deletion(snapshot['id'])
diff --git a/tempest/config.py b/tempest/config.py
index b41ec84..01e65f9 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -1133,10 +1133,11 @@
cfg.ListOpt('supported_crypto_providers',
default=['luks'],
help='A list of enabled cryptoproviders for volumes'),
- cfg.BoolOpt('snapshot_locked_by_volume',
+ cfg.BoolOpt('volume_locked_by_snapshot',
default=False,
- help='Whether snapshot can be deleted, i.e. there is no '
- 'volume dependent on (created from) it'),
+ help='Whether the volume is locked by snapshot, i.e. '
+ 'can remove volume only when no dependent '
+ 'snapshot exist.'),
]
diff --git a/tempest/lib/common/preprov_creds.py b/tempest/lib/common/preprov_creds.py
index 8bb41d1..cdc66bf 100644
--- a/tempest/lib/common/preprov_creds.py
+++ b/tempest/lib/common/preprov_creds.py
@@ -114,7 +114,7 @@
object_storage_operator_role=None,
object_storage_reseller_admin_role=None):
hash_dict = {'roles': {}, 'creds': {}, 'networks': {},
- 'scoped_roles': {}}
+ 'scoped_roles': {}, 'projects': {}}
# Loop over the accounts read from the yaml file
for account in accounts:
@@ -180,6 +180,7 @@
'Unknown resource type %s, ignoring this field',
resource
)
+ hash_dict = cls._append_project(account, temp_hash_key, hash_dict)
return hash_dict
def is_multi_user(self):
@@ -246,6 +247,7 @@
hashes = temp_list
else:
hashes = self.hash_dict['creds'].keys()
+ hashes = self._exclude_used_projects(hashes)
# NOTE(mtreinish): admin is a special case because of the increased
# privilege set which could potentially cause issues on tests where
# that is not expected. So unless the admin role isn't specified do
@@ -272,7 +274,8 @@
free_hash = self._get_free_hash(useable_hashes)
clean_creds = self._sanitize_creds(
self.hash_dict['creds'][free_hash])
- LOG.info('%s allocated creds:\n%s', self.name, clean_creds)
+ LOG.info('%s allocated creds for roles %s in scope %s:\n%s',
+ self.name, roles, scope, clean_creds)
return self._wrap_creds_with_network(free_hash)
@lockutils.synchronized('test_accounts_io', external=True)
@@ -310,12 +313,10 @@
# TODO(gmann): Remove this method in favor of get_project_member_creds()
# after the deprecation phase.
def get_primary_creds(self):
- if self._creds.get('primary'):
- return self._creds.get('primary')
- # NOTE(pas-ha) use the same call as get_project_member_creds
- net_creds = self._get_creds(['member'], scope='project')
- self._creds['primary'] = net_creds
- return net_creds
+ # NOTE(pas-ha) force os_primary and os_project_member
+ # to be exactly the same creds, otherwise they may be from
+ # different projects and fail some RBAC tests
+ return self.get_project_member_creds()
# TODO(gmann): Replace this method with more appropriate name.
# like get_project_alt_member_creds()
@@ -479,3 +480,16 @@
for attr in domain_fields.intersection(set(creds_dict.keys())):
creds_dict.pop(attr)
return creds_dict
+
+ @classmethod
+ def _append_project(cls, account, account_hash, hash_dict):
+ key_to_add = account.get('project_name') or account.get('tenant_name')
+ hash_dict['projects'].setdefault(key_to_add, [])
+ hash_dict['projects'][key_to_add].append(account_hash)
+ return hash_dict
+
+ def _exclude_used_projects(self, hashes):
+ excluded_accounts = []
+ for project in [cred.tenant_name for cred in self._creds.values()]:
+ excluded_accounts.extend(self.hash_dict['projects'][project])
+ return hashes - set(excluded_accounts)