Merge "Update configuration options ssh-auth-strategy"
diff --git a/tempest/api/compute/admin/test_quotas.py b/tempest/api/compute/admin/test_quotas.py
index fa1c666..2907e26 100644
--- a/tempest/api/compute/admin/test_quotas.py
+++ b/tempest/api/compute/admin/test_quotas.py
@@ -111,7 +111,7 @@
# Verify that GET shows the updated quota set of user
user_name = data_utils.rand_name('cpu_quota_user')
- password = data_utils.rand_name('password')
+ password = data_utils.rand_password()
email = user_name + '@testmail.tm'
user = self.identity_utils.create_user(username=user_name,
password=password,
diff --git a/tempest/api/compute/admin/test_servers.py b/tempest/api/compute/admin/test_servers.py
index b038c6b..fd6f105 100644
--- a/tempest/api/compute/admin/test_servers.py
+++ b/tempest/api/compute/admin/test_servers.py
@@ -130,7 +130,7 @@
@test.idempotent_id('ee8ae470-db70-474d-b752-690b7892cab1')
def test_reset_state_server(self):
# Reset server's state to 'error'
- self.client.reset_state(self.s1_id)
+ self.client.reset_state(self.s1_id, state='error')
# Verify server's state
server = self.client.show_server(self.s1_id)['server']
diff --git a/tempest/api/compute/admin/test_servers_negative.py b/tempest/api/compute/admin/test_servers_negative.py
index 7c5e8d0..055dc1b 100644
--- a/tempest/api/compute/admin/test_servers_negative.py
+++ b/tempest/api/compute/admin/test_servers_negative.py
@@ -123,7 +123,7 @@
@test.idempotent_id('e741298b-8df2-46f0-81cb-8f814ff2504c')
def test_reset_state_server_nonexistent_server(self):
self.assertRaises(lib_exc.NotFound,
- self.client.reset_state, '999')
+ self.client.reset_state, '999', state='error')
@test.attr(type=['negative'])
@test.idempotent_id('e84e2234-60d2-42fa-8b30-e2d3049724ac')
diff --git a/tempest/api/compute/security_groups/test_security_groups.py b/tempest/api/compute/security_groups/test_security_groups.py
index ee840be..81a02be 100644
--- a/tempest/api/compute/security_groups/test_security_groups.py
+++ b/tempest/api/compute/security_groups/test_security_groups.py
@@ -109,7 +109,7 @@
sg['id'])
# Reboot and add the other security group
- self.servers_client.reboot_server(server_id, 'HARD')
+ self.servers_client.reboot_server(server_id, type='HARD')
waiters.wait_for_server_status(self.servers_client, server_id,
'ACTIVE')
self.servers_client.add_security_group(server_id, name=sg2['name'])
diff --git a/tempest/api/compute/servers/test_instance_actions.py b/tempest/api/compute/servers/test_instance_actions.py
index 814aec7..1367629 100644
--- a/tempest/api/compute/servers/test_instance_actions.py
+++ b/tempest/api/compute/servers/test_instance_actions.py
@@ -35,7 +35,7 @@
@test.idempotent_id('77ca5cc5-9990-45e0-ab98-1de8fead201a')
def test_list_instance_actions(self):
# List actions of the provided server
- self.client.reboot_server(self.server_id, 'HARD')
+ self.client.reboot_server(self.server_id, type='HARD')
waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
body = (self.client.list_instance_actions(self.server_id)
diff --git a/tempest/api/compute/servers/test_server_actions.py b/tempest/api/compute/servers/test_server_actions.py
index 45cdeaf..71dfd96 100644
--- a/tempest/api/compute/servers/test_server_actions.py
+++ b/tempest/api/compute/servers/test_server_actions.py
@@ -104,7 +104,7 @@
self.validation_resources['keypair']['private_key'])
boot_time = linux_client.get_boot_time()
- self.client.reboot_server(self.server_id, reboot_type)
+ self.client.reboot_server(self.server_id, type=reboot_type)
waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
if CONF.validation.run_validation:
@@ -356,7 +356,7 @@
def _get_output(self):
output = self.client.get_console_output(
- self.server_id, 10)['output']
+ self.server_id, length=10)['output']
self.assertTrue(output, "Console output was empty.")
lines = len(output.split('\n'))
self.assertEqual(lines, 10)
@@ -373,7 +373,7 @@
# log file is truncated and we cannot get any console log through
# "console-log" API.
# The detail is https://bugs.launchpad.net/nova/+bug/1251920
- self.client.reboot_server(self.server_id, 'HARD')
+ self.client.reboot_server(self.server_id, type='HARD')
waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
self.wait_for(self._get_output)
@@ -384,8 +384,7 @@
server = self.create_test_server(wait_until='ACTIVE')
def _check_full_length_console_log():
- output = self.client.get_console_output(server['id'],
- None)['output']
+ output = self.client.get_console_output(server['id'])['output']
self.assertTrue(output, "Console output was empty.")
lines = len(output.split('\n'))
@@ -499,7 +498,7 @@
console_types = ['novnc', 'xvpvnc']
for console_type in console_types:
body = self.client.get_vnc_console(self.server_id,
- console_type)['console']
+ type=console_type)['console']
self.assertEqual(console_type, body['type'])
self.assertNotEqual('', body['url'])
self._validate_url(body['url'])
diff --git a/tempest/api/compute/servers/test_server_personality.py b/tempest/api/compute/servers/test_server_personality.py
index 77af509..58d26d3 100644
--- a/tempest/api/compute/servers/test_server_personality.py
+++ b/tempest/api/compute/servers/test_server_personality.py
@@ -17,6 +17,8 @@
from tempest_lib import exceptions as lib_exc
from tempest.api.compute import base
+from tempest.common.utils.linux import remote_client
+from tempest.common import waiters
from tempest import config
from tempest import test
@@ -26,6 +28,16 @@
class ServerPersonalityTestJSON(base.BaseV2ComputeTest):
@classmethod
+ def setup_credentials(cls):
+ cls.prepare_instance_network()
+ super(ServerPersonalityTestJSON, cls).setup_credentials()
+
+ @classmethod
+ def resource_setup(cls):
+ cls.set_validation_resources()
+ super(ServerPersonalityTestJSON, cls).resource_setup()
+
+ @classmethod
def skip_checks(cls):
super(ServerPersonalityTestJSON, cls).skip_checks()
if not CONF.compute_feature_enabled.personality:
@@ -40,18 +52,34 @@
@test.idempotent_id('3cfe87fd-115b-4a02-b942-7dc36a337fdf')
def test_create_server_with_personality(self):
file_contents = 'This is a test file.'
- personality = [{'path': '/test.txt',
+ file_path = '/test.txt'
+ personality = [{'path': file_path,
'contents': base64.b64encode(file_contents)}]
- self.create_test_server(personality=personality)
+ server = self.create_test_server(personality=personality,
+ wait_until='ACTIVE',
+ validatable=True)
+ if CONF.validation.run_validation:
+ linux_client = remote_client.RemoteClient(
+ self.get_server_ip(server),
+ self.ssh_user, server['adminPass'],
+ self.validation_resources['keypair']['private_key'])
+ self.assertEqual(file_contents,
+ linux_client.exec_command(
+ 'sudo cat %s' % file_path))
@test.idempotent_id('128966d8-71fc-443c-8cab-08e24114ecc9')
def test_rebuild_server_with_personality(self):
- server_id = self.rebuild_server(None)
+ server = self.create_test_server(wait_until='ACTIVE', validatable=True)
+ server_id = server['id']
file_contents = 'Test server rebuild.'
personality = [{'path': 'rebuild.txt',
'contents': base64.b64encode(file_contents)}]
- self.client.rebuild_server(server_id, self.image_ref_alt,
- personality=personality)
+ rebuilt_server = self.client.rebuild_server(server_id,
+ self.image_ref_alt,
+ personality=personality)
+ waiters.wait_for_server_status(self.client, server_id, 'ACTIVE')
+ self.assertEqual(self.image_ref_alt,
+ rebuilt_server['server']['image']['id'])
@test.idempotent_id('176cd8c9-b9e8-48ee-a480-180beab292bf')
def test_personality_files_exceed_limit(self):
@@ -83,9 +111,20 @@
raise self.skipException("No limit for personality files")
person = []
for i in range(0, int(max_file_limit)):
- path = 'etc/test' + str(i) + '.txt'
+ path = '/etc/test' + str(i) + '.txt'
person.append({
'path': path,
'contents': base64.b64encode(file_contents),
})
- self.create_test_server(personality=person)
+ server = self.create_test_server(personality=person,
+ wait_until='ACTIVE',
+ validatable=True)
+ if CONF.validation.run_validation:
+ linux_client = remote_client.RemoteClient(
+ self.get_server_ip(server),
+ self.ssh_user, server['adminPass'],
+ self.validation_resources['keypair']['private_key'])
+ for i in person:
+ self.assertEqual(base64.b64decode(i['contents']),
+ linux_client.exec_command(
+ 'sudo cat %s' % i['path']))
diff --git a/tempest/api/compute/servers/test_server_rescue.py b/tempest/api/compute/servers/test_server_rescue.py
index 1552848..2296980 100644
--- a/tempest/api/compute/servers/test_server_rescue.py
+++ b/tempest/api/compute/servers/test_server_rescue.py
@@ -121,4 +121,4 @@
# Delete Security group
self.servers_client.remove_security_group(self.server_id,
- self.sg_name)
+ name=self.sg_name)
diff --git a/tempest/api/compute/servers/test_server_rescue_negative.py b/tempest/api/compute/servers/test_server_rescue_negative.py
index f8567cf..65ad2f5 100644
--- a/tempest/api/compute/servers/test_server_rescue_negative.py
+++ b/tempest/api/compute/servers/test_server_rescue_negative.py
@@ -101,7 +101,7 @@
@test.idempotent_id('db22b618-f157-4566-a317-1b6d467a8094')
def test_rescued_vm_reboot(self):
self.assertRaises(lib_exc.Conflict, self.servers_client.reboot_server,
- self.rescue_id, 'HARD')
+ self.rescue_id, type='HARD')
@test.attr(type=['negative'])
@test.idempotent_id('6dfc0a55-3a77-4564-a144-1587b7971dde')
diff --git a/tempest/api/compute/servers/test_servers_negative.py b/tempest/api/compute/servers/test_servers_negative.py
index a5e9afd..ed8484e 100644
--- a/tempest/api/compute/servers/test_servers_negative.py
+++ b/tempest/api/compute/servers/test_servers_negative.py
@@ -152,7 +152,7 @@
# Reboot a non existent server
nonexistent_server = data_utils.rand_uuid()
self.assertRaises(lib_exc.NotFound, self.client.reboot_server,
- nonexistent_server, 'SOFT')
+ nonexistent_server, type='SOFT')
@test.idempotent_id('d1417e7f-a509-41b5-a102-d5eed8613369')
@testtools.skipUnless(CONF.compute_feature_enabled.pause,
@@ -188,7 +188,7 @@
waiters.wait_for_server_termination(self.client, server['id'])
self.assertRaises(lib_exc.NotFound, self.client.reboot_server,
- server['id'], 'SOFT')
+ server['id'], type='SOFT')
@test.attr(type=['negative'])
@test.idempotent_id('d86141a7-906e-4731-b187-d64a2ea61422')
@@ -430,7 +430,7 @@
nonexistent_server = data_utils.rand_uuid()
self.assertRaises(lib_exc.NotFound,
self.client.get_console_output,
- nonexistent_server, 10)
+ nonexistent_server, length=10)
@test.attr(type=['negative'])
@test.idempotent_id('6f47992b-5144-4250-9f8b-f00aa33950f3')
diff --git a/tempest/api/compute/test_authorization.py b/tempest/api/compute/test_authorization.py
index 1a1cc1c..e363fc4 100644
--- a/tempest/api/compute/test_authorization.py
+++ b/tempest/api/compute/test_authorization.py
@@ -157,7 +157,7 @@
def test_reboot_server_for_alt_account_fails(self):
# A reboot request for another user's server should fail
self.assertRaises(lib_exc.NotFound, self.alt_client.reboot_server,
- self.server['id'], 'HARD')
+ self.server['id'], type='HARD')
@test.idempotent_id('8a0bce51-cd00-480b-88ba-dbc7d8408a37')
def test_rebuild_server_for_alt_account_fails(self):
@@ -444,4 +444,4 @@
# A Get Console Output for another user's server should fail
self.assertRaises(lib_exc.NotFound,
self.alt_client.get_console_output,
- self.server['id'], 10)
+ self.server['id'], length=10)
diff --git a/tempest/api/identity/admin/v2/test_roles.py b/tempest/api/identity/admin/v2/test_roles.py
index 8702db7..e547bdd 100644
--- a/tempest/api/identity/admin/v2/test_roles.py
+++ b/tempest/api/identity/admin/v2/test_roles.py
@@ -27,7 +27,7 @@
super(RolesTestJSON, cls).resource_setup()
for _ in moves.xrange(5):
role_name = data_utils.rand_name(name='role')
- role = cls.client.create_role(role_name)['role']
+ role = cls.roles_client.create_role(role_name)['role']
cls.data.roles.append(role)
def _get_role_params(self):
@@ -48,7 +48,7 @@
@test.idempotent_id('75d9593f-50b7-4fcf-bd64-e3fb4a278e23')
def test_list_roles(self):
"""Return a list of all roles."""
- body = self.client.list_roles()['roles']
+ body = self.roles_client.list_roles()['roles']
found = [role for role in body if role in self.data.roles]
self.assertTrue(any(found))
self.assertEqual(len(found), len(self.data.roles))
@@ -57,16 +57,16 @@
def test_role_create_delete(self):
"""Role should be created, verified, and deleted."""
role_name = data_utils.rand_name(name='role-test')
- body = self.client.create_role(role_name)['role']
+ body = self.roles_client.create_role(role_name)['role']
self.assertEqual(role_name, body['name'])
- body = self.client.list_roles()['roles']
+ body = self.roles_client.list_roles()['roles']
found = [role for role in body if role['name'] == role_name]
self.assertTrue(any(found))
- body = self.client.delete_role(found[0]['id'])
+ body = self.roles_client.delete_role(found[0]['id'])
- body = self.client.list_roles()['roles']
+ body = self.roles_client.list_roles()['roles']
found = [role for role in body if role['name'] == role_name]
self.assertFalse(any(found))
@@ -76,7 +76,7 @@
self.data.setup_test_role()
role_id = self.data.role['id']
role_name = self.data.role['name']
- body = self.client.show_role(role_id)['role']
+ body = self.roles_client.show_role(role_id)['role']
self.assertEqual(role_id, body['id'])
self.assertEqual(role_name, body['name'])
@@ -84,24 +84,28 @@
def test_assign_user_role(self):
"""Assign a role to a user on a tenant."""
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'], user['id'], role['id'])
- roles = self.client.list_user_roles(tenant['id'], user['id'])['roles']
+ self.roles_client.assign_user_role(tenant['id'], user['id'],
+ role['id'])
+ roles = self.roles_client.list_user_roles(tenant['id'],
+ user['id'])['roles']
self.assert_role_in_role_list(role, roles)
@test.idempotent_id('f0b9292c-d3ba-4082-aa6c-440489beef69')
def test_remove_user_role(self):
"""Remove a role assigned to a user on a tenant."""
(user, tenant, role) = self._get_role_params()
- user_role = self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])['role']
- self.client.delete_user_role(tenant['id'], user['id'],
- user_role['id'])
+ user_role = self.roles_client.assign_user_role(tenant['id'],
+ user['id'],
+ role['id'])['role']
+ self.roles_client.delete_user_role(tenant['id'], user['id'],
+ user_role['id'])
@test.idempotent_id('262e1e3e-ed71-4edd-a0e5-d64e83d66d05')
def test_list_user_roles(self):
"""List roles assigned to a user on tenant."""
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'], user['id'], role['id'])
- roles = self.client.list_user_roles(tenant['id'], user['id'])['roles']
+ self.roles_client.assign_user_role(tenant['id'], user['id'],
+ role['id'])
+ roles = self.roles_client.list_user_roles(tenant['id'],
+ user['id'])['roles']
self.assert_role_in_role_list(role, roles)
diff --git a/tempest/api/identity/admin/v2/test_roles_negative.py b/tempest/api/identity/admin/v2/test_roles_negative.py
index 45c95df..a57163d 100644
--- a/tempest/api/identity/admin/v2/test_roles_negative.py
+++ b/tempest/api/identity/admin/v2/test_roles_negative.py
@@ -37,7 +37,7 @@
def test_list_roles_by_unauthorized_user(self):
# Non-administrator user should not be able to list roles
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.list_roles)
+ self.non_admin_roles_client.list_roles)
@test.attr(type=['negative'])
@test.idempotent_id('11a3c7da-df6c-40c2-abc2-badd682edf9f')
@@ -45,14 +45,15 @@
# Request to list roles without a valid token should fail
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
- self.assertRaises(lib_exc.Unauthorized, self.client.list_roles)
+ self.assertRaises(lib_exc.Unauthorized, self.roles_client.list_roles)
self.client.auth_provider.clear_auth()
@test.attr(type=['negative'])
@test.idempotent_id('c0b89e56-accc-4c73-85f8-9c0f866104c1')
def test_role_create_blank_name(self):
# Should not be able to create a role with a blank name
- self.assertRaises(lib_exc.BadRequest, self.client.create_role, '')
+ self.assertRaises(lib_exc.BadRequest, self.roles_client.create_role,
+ '')
@test.attr(type=['negative'])
@test.idempotent_id('585c8998-a8a4-4641-a5dd-abef7a8ced00')
@@ -60,7 +61,7 @@
# Non-administrator user should not be able to create role
role_name = data_utils.rand_name(name='role')
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.create_role, role_name)
+ self.non_admin_roles_client.create_role, role_name)
@test.attr(type=['negative'])
@test.idempotent_id('a7edd17a-e34a-4aab-8bb7-fa6f498645b8')
@@ -70,7 +71,7 @@
self.client.delete_token(token)
role_name = data_utils.rand_name(name='role')
self.assertRaises(lib_exc.Unauthorized,
- self.client.create_role, role_name)
+ self.roles_client.create_role, role_name)
self.client.auth_provider.clear_auth()
@test.attr(type=['negative'])
@@ -78,10 +79,10 @@
def test_role_create_duplicate(self):
# Role names should be unique
role_name = data_utils.rand_name(name='role-dup')
- body = self.client.create_role(role_name)['role']
+ body = self.roles_client.create_role(role_name)['role']
role1_id = body.get('id')
- self.addCleanup(self.client.delete_role, role1_id)
- self.assertRaises(lib_exc.Conflict, self.client.create_role,
+ self.addCleanup(self.roles_client.delete_role, role1_id)
+ self.assertRaises(lib_exc.Conflict, self.roles_client.create_role,
role_name)
@test.attr(type=['negative'])
@@ -89,24 +90,24 @@
def test_delete_role_by_unauthorized_user(self):
# Non-administrator user should not be able to delete role
role_name = data_utils.rand_name(name='role')
- body = self.client.create_role(role_name)['role']
+ body = self.roles_client.create_role(role_name)['role']
self.data.roles.append(body)
role_id = body.get('id')
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.delete_role, role_id)
+ self.non_admin_roles_client.delete_role, role_id)
@test.attr(type=['negative'])
@test.idempotent_id('44b60b20-70de-4dac-beaf-a3fc2650a16b')
def test_delete_role_request_without_token(self):
# Request to delete role without a valid token should fail
role_name = data_utils.rand_name(name='role')
- body = self.client.create_role(role_name)['role']
+ body = self.roles_client.create_role(role_name)['role']
self.data.roles.append(body)
role_id = body.get('id')
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(lib_exc.Unauthorized,
- self.client.delete_role,
+ self.roles_client.delete_role,
role_id)
self.client.auth_provider.clear_auth()
@@ -115,7 +116,7 @@
def test_delete_role_non_existent(self):
# Attempt to delete a non existent role should fail
non_existent_role = str(uuid.uuid4().hex)
- self.assertRaises(lib_exc.NotFound, self.client.delete_role,
+ self.assertRaises(lib_exc.NotFound, self.roles_client.delete_role,
non_existent_role)
@test.attr(type=['negative'])
@@ -125,7 +126,7 @@
# assign a role to user
(user, tenant, role) = self._get_role_params()
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.assign_user_role,
+ self.non_admin_roles_client.assign_user_role,
tenant['id'], user['id'], role['id'])
@test.attr(type=['negative'])
@@ -136,7 +137,7 @@
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(lib_exc.Unauthorized,
- self.client.assign_user_role, tenant['id'],
+ self.roles_client.assign_user_role, tenant['id'],
user['id'], role['id'])
self.client.auth_provider.clear_auth()
@@ -146,7 +147,7 @@
# Attempt to assign a non existent role to user should fail
(user, tenant, role) = self._get_role_params()
non_existent_role = str(uuid.uuid4().hex)
- self.assertRaises(lib_exc.NotFound, self.client.assign_user_role,
+ self.assertRaises(lib_exc.NotFound, self.roles_client.assign_user_role,
tenant['id'], user['id'], non_existent_role)
@test.attr(type=['negative'])
@@ -155,7 +156,7 @@
# Attempt to assign a role on a non existent tenant should fail
(user, tenant, role) = self._get_role_params()
non_existent_tenant = str(uuid.uuid4().hex)
- self.assertRaises(lib_exc.NotFound, self.client.assign_user_role,
+ self.assertRaises(lib_exc.NotFound, self.roles_client.assign_user_role,
non_existent_tenant, user['id'], role['id'])
@test.attr(type=['negative'])
@@ -163,8 +164,9 @@
def test_assign_duplicate_user_role(self):
# Duplicate user role should not get assigned
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'], user['id'], role['id'])
- self.assertRaises(lib_exc.Conflict, self.client.assign_user_role,
+ self.roles_client.assign_user_role(tenant['id'], user['id'],
+ role['id'])
+ self.assertRaises(lib_exc.Conflict, self.roles_client.assign_user_role,
tenant['id'], user['id'], role['id'])
@test.attr(type=['negative'])
@@ -173,11 +175,11 @@
# Non-administrator user should not be authorized to
# remove a user's role
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant['id'],
+ user['id'],
+ role['id'])
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.delete_user_role,
+ self.non_admin_roles_client.delete_user_role,
tenant['id'], user['id'], role['id'])
@test.attr(type=['negative'])
@@ -185,13 +187,13 @@
def test_remove_user_role_request_without_token(self):
# Request to remove a user's role without a valid token
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant['id'],
+ user['id'],
+ role['id'])
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
self.assertRaises(lib_exc.Unauthorized,
- self.client.delete_user_role, tenant['id'],
+ self.roles_client.delete_user_role, tenant['id'],
user['id'], role['id'])
self.client.auth_provider.clear_auth()
@@ -200,11 +202,11 @@
def test_remove_user_role_non_existent_role(self):
# Attempt to delete a non existent role from a user should fail
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant['id'],
+ user['id'],
+ role['id'])
non_existent_role = str(uuid.uuid4().hex)
- self.assertRaises(lib_exc.NotFound, self.client.delete_user_role,
+ self.assertRaises(lib_exc.NotFound, self.roles_client.delete_user_role,
tenant['id'], user['id'], non_existent_role)
@test.attr(type=['negative'])
@@ -212,11 +214,11 @@
def test_remove_user_role_non_existent_tenant(self):
# Attempt to remove a role from a non existent tenant should fail
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant['id'],
+ user['id'],
+ role['id'])
non_existent_tenant = str(uuid.uuid4().hex)
- self.assertRaises(lib_exc.NotFound, self.client.delete_user_role,
+ self.assertRaises(lib_exc.NotFound, self.roles_client.delete_user_role,
non_existent_tenant, user['id'], role['id'])
@test.attr(type=['negative'])
@@ -225,10 +227,11 @@
# Non-administrator user should not be authorized to list
# a user's roles
(user, tenant, role) = self._get_role_params()
- self.client.assign_user_role(tenant['id'], user['id'], role['id'])
+ self.roles_client.assign_user_role(tenant['id'], user['id'],
+ role['id'])
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.list_user_roles, tenant['id'],
- user['id'])
+ self.non_admin_roles_client.list_user_roles,
+ tenant['id'], user['id'])
@test.attr(type=['negative'])
@test.idempotent_id('682adfb2-fd5f-4b0a-a9ca-322e9bebb907')
@@ -239,7 +242,7 @@
self.client.delete_token(token)
try:
self.assertRaises(lib_exc.Unauthorized,
- self.client.list_user_roles, tenant['id'],
+ self.roles_client.list_user_roles, tenant['id'],
user['id'])
finally:
self.client.auth_provider.clear_auth()
diff --git a/tempest/api/identity/admin/v2/test_tokens.py b/tempest/api/identity/admin/v2/test_tokens.py
index cb9250b..e752b02 100644
--- a/tempest/api/identity/admin/v2/test_tokens.py
+++ b/tempest/api/identity/admin/v2/test_tokens.py
@@ -24,7 +24,7 @@
def test_create_get_delete_token(self):
# get a token by username and password
user_name = data_utils.rand_name(name='user')
- user_password = data_utils.rand_name(name='pass')
+ user_password = data_utils.rand_password()
# first:create a tenant
tenant_name = data_utils.rand_name(name='tenant')
tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
@@ -59,7 +59,7 @@
# Create a user.
user_name = data_utils.rand_name(name='user')
- user_password = data_utils.rand_name(name='pass')
+ user_password = data_utils.rand_password()
tenant_id = None # No default tenant so will get unscoped token.
email = ''
user = self.client.create_user(user_name, user_password,
@@ -77,15 +77,15 @@
# Create a role
role_name = data_utils.rand_name(name='role')
- role = self.client.create_role(role_name)['role']
+ role = self.roles_client.create_role(role_name)['role']
self.data.roles.append(role)
# Grant the user the role on the tenants.
- self.client.assign_user_role(tenant1['id'], user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant1['id'], user['id'],
+ role['id'])
- self.client.assign_user_role(tenant2['id'], user['id'],
- role['id'])
+ self.roles_client.assign_user_role(tenant2['id'], user['id'],
+ role['id'])
# Get an unscoped token.
body = self.token_client.auth(user_name, user_password)
diff --git a/tempest/api/identity/admin/v2/test_users.py b/tempest/api/identity/admin/v2/test_users.py
index 13d6137..2e9714e 100644
--- a/tempest/api/identity/admin/v2/test_users.py
+++ b/tempest/api/identity/admin/v2/test_users.py
@@ -26,7 +26,7 @@
def resource_setup(cls):
super(UsersTestJSON, cls).resource_setup()
cls.alt_user = data_utils.rand_name('test_user')
- cls.alt_password = data_utils.rand_name('pass')
+ cls.alt_password = data_utils.rand_password()
cls.alt_email = cls.alt_user + '@testmail.tm'
@test.attr(type='smoke')
@@ -132,15 +132,16 @@
self.data.setup_test_tenant()
user_ids = list()
fetched_user_ids = list()
+ password1 = data_utils.rand_password()
alt_tenant_user1 = data_utils.rand_name('tenant_user1')
- user1 = self.client.create_user(alt_tenant_user1, 'password1',
+ user1 = self.client.create_user(alt_tenant_user1, password1,
self.data.tenant['id'],
'user1@123')['user']
user_ids.append(user1['id'])
self.data.users.append(user1)
-
+ password2 = data_utils.rand_password()
alt_tenant_user2 = data_utils.rand_name('tenant_user2')
- user2 = self.client.create_user(alt_tenant_user2, 'password2',
+ user2 = self.client.create_user(alt_tenant_user2, password2,
self.data.tenant['id'],
'user2@123')['user']
user_ids.append(user2['id'])
@@ -169,18 +170,19 @@
user_ids = list()
fetched_user_ids = list()
user_ids.append(user['id'])
- role = self.client.assign_user_role(tenant['id'], user['id'],
- role['id'])['role']
+ role = self.roles_client.assign_user_role(tenant['id'], user['id'],
+ role['id'])['role']
alt_user2 = data_utils.rand_name('second_user')
- second_user = self.client.create_user(alt_user2, 'password1',
+ alt_password2 = data_utils.rand_password()
+ second_user = self.client.create_user(alt_user2, alt_password2,
self.data.tenant['id'],
'user2@123')['user']
user_ids.append(second_user['id'])
self.data.users.append(second_user)
- role = self.client.assign_user_role(tenant['id'],
- second_user['id'],
- role['id'])['role']
+ role = self.roles_client.assign_user_role(tenant['id'],
+ second_user['id'],
+ role['id'])['role']
# List of users with roles for the respective tenant ID
body = (self.tenants_client.list_tenant_users(self.data.tenant['id'])
['users'])
@@ -198,7 +200,7 @@
# Test case to check if updating of user password is successful.
self.data.setup_test_user()
# Updating the user with new password
- new_pass = data_utils.rand_name('pass')
+ new_pass = data_utils.rand_password()
update_user = self.client.update_user_password(
self.data.user['id'], new_pass)['user']
self.assertEqual(update_user['id'], self.data.user['id'])
diff --git a/tempest/api/identity/admin/v2/test_users_negative.py b/tempest/api/identity/admin/v2/test_users_negative.py
index 0c7afe8..8fa5a36 100644
--- a/tempest/api/identity/admin/v2/test_users_negative.py
+++ b/tempest/api/identity/admin/v2/test_users_negative.py
@@ -28,7 +28,7 @@
def resource_setup(cls):
super(UsersNegativeTestJSON, cls).resource_setup()
cls.alt_user = data_utils.rand_name('test_user')
- cls.alt_password = data_utils.rand_name('pass')
+ cls.alt_password = data_utils.rand_password()
cls.alt_email = cls.alt_user + '@testmail.tm'
@test.attr(type=['negative'])
diff --git a/tempest/api/identity/admin/v3/test_credentials.py b/tempest/api/identity/admin/v3/test_credentials.py
index 5e1c3cc..b81bff7 100644
--- a/tempest/api/identity/admin/v3/test_credentials.py
+++ b/tempest/api/identity/admin/v3/test_credentials.py
@@ -29,7 +29,7 @@
u_name = data_utils.rand_name('user')
u_desc = '%s description' % u_name
u_email = '%s@testmail.tm' % u_name
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
for i in range(2):
cls.project = cls.client.create_project(
data_utils.rand_name('project'),
diff --git a/tempest/api/identity/admin/v3/test_groups.py b/tempest/api/identity/admin/v3/test_groups.py
index 260ea54..e022023 100644
--- a/tempest/api/identity/admin/v3/test_groups.py
+++ b/tempest/api/identity/admin/v3/test_groups.py
@@ -67,7 +67,8 @@
users = []
for i in range(3):
name = data_utils.rand_name('User')
- user = self.client.create_user(name)['user']
+ password = data_utils.rand_password()
+ user = self.client.create_user(name, password)['user']
users.append(user)
self.addCleanup(self.client.delete_user, user['id'])
self.groups_client.add_group_user(group['id'], user['id'])
diff --git a/tempest/api/identity/admin/v3/test_list_users.py b/tempest/api/identity/admin/v3/test_list_users.py
index b7f37d4..ca91ce5 100644
--- a/tempest/api/identity/admin/v3/test_list_users.py
+++ b/tempest/api/identity/admin/v3/test_list_users.py
@@ -34,7 +34,7 @@
def resource_setup(cls):
super(UsersV3TestJSON, cls).resource_setup()
alt_user = data_utils.rand_name('test_user')
- alt_password = data_utils.rand_name('pass')
+ alt_password = data_utils.rand_password()
cls.alt_email = alt_user + '@testmail.tm'
cls.data.setup_test_domain()
# Create user with Domain
diff --git a/tempest/api/identity/admin/v3/test_projects.py b/tempest/api/identity/admin/v3/test_projects.py
index d39fd5f..af9497c 100644
--- a/tempest/api/identity/admin/v3/test_projects.py
+++ b/tempest/api/identity/admin/v3/test_projects.py
@@ -161,7 +161,7 @@
u_name = data_utils.rand_name('user')
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, project_id=project['id'])['user']
diff --git a/tempest/api/identity/admin/v3/test_roles.py b/tempest/api/identity/admin/v3/test_roles.py
index 3be2643..f194d9c 100644
--- a/tempest/api/identity/admin/v3/test_roles.py
+++ b/tempest/api/identity/admin/v3/test_roles.py
@@ -31,7 +31,7 @@
u_name = data_utils.rand_name('user')
u_desc = '%s description' % u_name
u_email = '%s@testmail.tm' % u_name
- cls.u_password = data_utils.rand_name('pass')
+ cls.u_password = data_utils.rand_password()
cls.domain = cls.client.create_domain(
data_utils.rand_name('domain'),
description=data_utils.rand_name('domain-desc'))['domain']
diff --git a/tempest/api/identity/admin/v3/test_tokens.py b/tempest/api/identity/admin/v3/test_tokens.py
index 7d33d4a..f5b20d5 100644
--- a/tempest/api/identity/admin/v3/test_tokens.py
+++ b/tempest/api/identity/admin/v3/test_tokens.py
@@ -29,7 +29,7 @@
u_name = data_utils.rand_name('user')
u_desc = '%s-description' % u_name
u_email = '%s@testmail.tm' % u_name
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email)['user']
@@ -60,7 +60,7 @@
# Create a user.
user_name = data_utils.rand_name(name='user')
- user_password = data_utils.rand_name(name='pass')
+ user_password = data_utils.rand_password()
user = self.client.create_user(user_name,
password=user_password)['user']
self.addCleanup(self.client.delete_user, user['id'])
diff --git a/tempest/api/identity/admin/v3/test_trusts.py b/tempest/api/identity/admin/v3/test_trusts.py
index cc13918..bf7ad71 100644
--- a/tempest/api/identity/admin/v3/test_trusts.py
+++ b/tempest/api/identity/admin/v3/test_trusts.py
@@ -55,7 +55,7 @@
self.trustor_username = data_utils.rand_name('user')
u_desc = self.trustor_username + 'description'
u_email = self.trustor_username + '@testmail.xx'
- self.trustor_password = data_utils.rand_name('pass')
+ self.trustor_password = data_utils.rand_password()
user = self.client.create_user(
self.trustor_username,
description=u_desc,
diff --git a/tempest/api/identity/admin/v3/test_users.py b/tempest/api/identity/admin/v3/test_users.py
index e8d4a36..6dbd443 100644
--- a/tempest/api/identity/admin/v3/test_users.py
+++ b/tempest/api/identity/admin/v3/test_users.py
@@ -29,7 +29,7 @@
u_name = data_utils.rand_name('user')
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, enabled=False)['user']
@@ -69,13 +69,13 @@
def test_update_user_password(self):
# Creating User to check password updation
u_name = data_utils.rand_name('user')
- original_password = data_utils.rand_name('pass')
+ original_password = data_utils.rand_password()
user = self.client.create_user(
u_name, password=original_password)['user']
# Delete the User at the end all test methods
self.addCleanup(self.client.delete_user, user['id'])
# Update user with new password
- new_password = data_utils.rand_name('pass1')
+ new_password = data_utils.rand_password()
self.client.update_user_password(user['id'], password=new_password,
original_password=original_password)
# TODO(lbragstad): Sleeping after the response status has been checked
@@ -109,7 +109,7 @@
u_name = data_utils.rand_name('user')
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
user_body = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, enabled=False, project_id=u_project['id'])['user']
diff --git a/tempest/api/identity/admin/v3/test_users_negative.py b/tempest/api/identity/admin/v3/test_users_negative.py
index d40a5b9..4c80bda 100644
--- a/tempest/api/identity/admin/v3/test_users_negative.py
+++ b/tempest/api/identity/admin/v3/test_users_negative.py
@@ -28,7 +28,7 @@
# Attempt to create a user in a non-existent domain should fail
u_name = data_utils.rand_name('user')
u_email = u_name + '@testmail.tm'
- u_password = data_utils.rand_name('pass')
+ u_password = data_utils.rand_password()
self.assertRaises(lib_exc.NotFound, self.client.create_user,
u_name, u_password,
email=u_email,
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index 03a0391..1a4c8bb 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -56,7 +56,7 @@
@classmethod
def get_role_by_name(cls, name):
- roles = cls.client.list_roles()['roles']
+ roles = cls.roles_client.list_roles()['roles']
role = [r for r in roles if r['name'] == name]
if len(role) > 0:
return role[0]
@@ -76,6 +76,7 @@
cls.non_admin_client = cls.os.identity_public_client
cls.non_admin_token_client = cls.os.token_client
cls.non_admin_tenants_client = cls.os.tenants_public_client
+ cls.non_admin_roles_client = cls.os.roles_public_client
@classmethod
def resource_setup(cls):
@@ -98,11 +99,14 @@
cls.token_client = cls.os_adm.token_client
cls.tenants_client = cls.os_adm.tenants_client
cls.non_admin_tenants_client = cls.os.tenants_client
+ cls.roles_client = cls.os_adm.roles_client
+ cls.non_admin_roles_client = cls.os.roles_client
@classmethod
def resource_setup(cls):
super(BaseIdentityV2AdminTest, cls).resource_setup()
- cls.data = DataGenerator(cls.client, cls.tenants_client)
+ cls.data = DataGenerator(cls.client, cls.tenants_client,
+ cls.roles_client)
@classmethod
def resource_cleanup(cls):
@@ -187,10 +191,11 @@
class DataGenerator(object):
- def __init__(self, client, tenants_client=None):
+ def __init__(self, client, tenants_client=None, roles_client=None):
self.client = client
# TODO(dmellado) split Datagenerator for v2 and v3
self.tenants_client = tenants_client
+ self.roles_client = roles_client
self.users = []
self.tenants = []
self.roles = []
@@ -212,7 +217,7 @@
"""Set up a test user."""
self.setup_test_tenant()
self.test_user = data_utils.rand_name('test_user')
- self.test_password = data_utils.rand_name('pass')
+ self.test_password = data_utils.rand_password()
self.test_email = self.test_user + '@testmail.tm'
self.user = self.client.create_user(self.test_user,
self.test_password,
@@ -232,14 +237,14 @@
def setup_test_role(self):
"""Set up a test role."""
self.test_role = data_utils.rand_name('role')
- self.role = self.client.create_role(self.test_role)['role']
+ self.role = self.roles_client.create_role(self.test_role)['role']
self.roles.append(self.role)
def setup_test_v3_user(self):
"""Set up a test v3 user."""
self.setup_test_project()
self.test_user = data_utils.rand_name('test_user')
- self.test_password = data_utils.rand_name('pass')
+ self.test_password = data_utils.rand_password()
self.test_email = self.test_user + '@testmail.tm'
self.v3_user = self.client.create_user(
self.test_user,
@@ -294,7 +299,7 @@
for tenant in self.tenants:
self._try_wrapper(self.tenants_client.delete_tenant, tenant)
for role in self.roles:
- self._try_wrapper(self.client.delete_role, role)
+ self._try_wrapper(self.roles_client.delete_role, role)
for v3_user in self.v3_users:
self._try_wrapper(self.client.delete_user, v3_user)
for v3_project in self.projects:
diff --git a/tempest/api/network/admin/test_negative_quotas.py b/tempest/api/network/admin/test_negative_quotas.py
index 5c4c421..47da08c 100644
--- a/tempest/api/network/admin/test_negative_quotas.py
+++ b/tempest/api/network/admin/test_negative_quotas.py
@@ -29,6 +29,7 @@
quota_driver = neutron.db.quota_db.DbQuotaDriver
"""
+ force_tenant_isolation = True
@classmethod
def skip_checks(cls):
@@ -45,9 +46,9 @@
@test.idempotent_id('644f4e1b-1bf9-4af0-9fd8-eb56ac0f51cf')
def test_network_quota_exceeding(self):
# Set the network quota to two
- self.admin_client.update_quotas(self.networks_client.tenant_id,
- network=2)
- self.addCleanup(self.admin_client.reset_quotas,
+ self.admin_quotas_client.update_quotas(self.networks_client.tenant_id,
+ network=2)
+ self.addCleanup(self.admin_quotas_client.reset_quotas,
self.networks_client.tenant_id)
# Create two networks
diff --git a/tempest/api/network/admin/test_quotas.py b/tempest/api/network/admin/test_quotas.py
index 4a25206..45d35cf 100644
--- a/tempest/api/network/admin/test_quotas.py
+++ b/tempest/api/network/admin/test_quotas.py
@@ -57,14 +57,14 @@
self.addCleanup(self.identity_utils.delete_project, project_id)
# Change quotas for tenant
- quota_set = self.admin_client.update_quotas(project_id,
- **new_quotas)['quota']
- self.addCleanup(self.admin_client.reset_quotas, project_id)
+ quota_set = self.admin_quotas_client.update_quotas(
+ project_id, **new_quotas)['quota']
+ self.addCleanup(self.admin_quotas_client.reset_quotas, project_id)
for key, value in six.iteritems(new_quotas):
self.assertEqual(value, quota_set[key])
# Confirm our tenant is listed among tenants with non default quotas
- non_default_quotas = self.admin_client.list_quotas()
+ non_default_quotas = self.admin_quotas_client.list_quotas()
found = False
for qs in non_default_quotas['quotas']:
if qs['tenant_id'] == project_id:
@@ -72,14 +72,14 @@
self.assertTrue(found)
# Confirm from API quotas were changed as requested for tenant
- quota_set = self.admin_client.show_quotas(project_id)
+ quota_set = self.admin_quotas_client.show_quotas(project_id)
quota_set = quota_set['quota']
for key, value in six.iteritems(new_quotas):
self.assertEqual(value, quota_set[key])
# Reset quotas to default and confirm
- self.admin_client.reset_quotas(project_id)
- non_default_quotas = self.admin_client.list_quotas()
+ self.admin_quotas_client.reset_quotas(project_id)
+ non_default_quotas = self.admin_quotas_client.list_quotas()
for q in non_default_quotas['quotas']:
self.assertNotEqual(project_id, q['tenant_id'])
diff --git a/tempest/api/network/base.py b/tempest/api/network/base.py
index c5a3dff..f1fd3e9 100644
--- a/tempest/api/network/base.py
+++ b/tempest/api/network/base.py
@@ -74,6 +74,7 @@
cls.networks_client = cls.os.networks_client
cls.subnets_client = cls.os.subnets_client
cls.ports_client = cls.os.ports_client
+ cls.quotas_client = cls.os.network_quotas_client
cls.floating_ips_client = cls.os.floating_ips_client
@classmethod
@@ -274,6 +275,7 @@
cls.admin_networks_client = cls.os_adm.networks_client
cls.admin_subnets_client = cls.os_adm.subnets_client
cls.admin_ports_client = cls.os_adm.ports_client
+ cls.admin_quotas_client = cls.os_adm.network_quotas_client
cls.admin_floating_ips_client = cls.os_adm.floating_ips_client
cls.admin_metering_labels_client = cls.os_adm.metering_labels_client
cls.admin_metering_label_rules_client = (
diff --git a/tempest/api/orchestration/stacks/test_neutron_resources.py b/tempest/api/orchestration/stacks/test_neutron_resources.py
index a614c76..8466e11 100644
--- a/tempest/api/orchestration/stacks/test_neutron_resources.py
+++ b/tempest/api/orchestration/stacks/test_neutron_resources.py
@@ -89,7 +89,7 @@
server_id = body['physical_resource_id']
LOG.debug('Console output for %s', server_id)
output = cls.servers_client.get_console_output(
- server_id, None)['output']
+ server_id)['output']
LOG.debug(output)
raise e
diff --git a/tempest/clients.py b/tempest/clients.py
index f40e0ea..a837ce1 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -89,6 +89,8 @@
DatabaseVersionsClient
from tempest.services.identity.v2.json.identity_client import \
IdentityClient
+from tempest.services.identity.v2.json.roles_client import \
+ RolesClient
from tempest.services.identity.v2.json.tenants_client import \
TenantsClient
from tempest.services.identity.v3.json.credentials_client import \
@@ -116,6 +118,8 @@
from tempest.services.network.json.network_client import NetworkClient
from tempest.services.network.json.networks_client import NetworksClient
from tempest.services.network.json.ports_client import PortsClient
+from tempest.services.network.json.quotas_client import QuotasClient \
+ as NetworkQuotasClient
from tempest.services.network.json.subnets_client import SubnetsClient
from tempest.services.object_storage.account_client import AccountClient
from tempest.services.object_storage.container_client import ContainerClient
@@ -231,6 +235,14 @@
build_interval=CONF.network.build_interval,
build_timeout=CONF.network.build_timeout,
**self.default_params)
+ self.network_quotas_client = NetworkQuotasClient(
+ self.auth_provider,
+ CONF.network.catalog_type,
+ CONF.network.region or CONF.identity.region,
+ endpoint_type=CONF.network.endpoint_type,
+ build_interval=CONF.network.build_interval,
+ build_timeout=CONF.network.build_timeout,
+ **self.default_params)
self.floating_ips_client = FloatingIPsClient(
self.auth_provider,
CONF.network.catalog_type,
@@ -427,6 +439,8 @@
**params_v2_admin)
self.tenants_client = TenantsClient(self.auth_provider,
**params_v2_admin)
+ self.roles_client = RolesClient(self.auth_provider,
+ **params_v2_admin)
params_v2_public = params.copy()
params_v2_public['endpoint_type'] = (
CONF.identity.v2_public_endpoint_type)
@@ -435,6 +449,8 @@
**params_v2_public)
self.tenants_public_client = TenantsClient(self.auth_provider,
**params_v2_public)
+ self.roles_public_client = RolesClient(self.auth_provider,
+ **params_v2_public)
params_v3 = params.copy()
params_v3['endpoint_type'] = CONF.identity.v3_endpoint_type
# Clients below use the endpoint type of Keystone API v3
diff --git a/tempest/cmd/account_generator.py b/tempest/cmd/account_generator.py
index 64c9b00..297a066 100755
--- a/tempest/cmd/account_generator.py
+++ b/tempest/cmd/account_generator.py
@@ -93,6 +93,7 @@
from tempest import config
from tempest import exceptions as exc
from tempest.services.identity.v2.json import identity_client
+from tempest.services.identity.v2.json import roles_client
from tempest.services.identity.v2.json import tenants_client
from tempest.services.network.json import network_client
from tempest.services.network.json import networks_client
@@ -146,6 +147,13 @@
endpoint_type='adminURL',
**params
)
+ roles_admin = roles_client.RolesClient(
+ _auth,
+ CONF.identity.catalog_type,
+ CONF.identity.region,
+ endpoint_type='adminURL',
+ **params
+ )
network_admin = None
networks_admin = None
subnets_admin = None
@@ -171,14 +179,14 @@
CONF.network.region or CONF.identity.region,
endpoint_type='adminURL',
**params)
- return (identity_admin, tenants_admin, neutron_iso_networks, network_admin,
- networks_admin, subnets_admin)
+ return (identity_admin, tenants_admin, roles_admin, neutron_iso_networks,
+ network_admin, networks_admin, subnets_admin)
def create_resources(opts, resources):
- (identity_admin, tenants_admin, neutron_iso_networks,
+ (identity_admin, tenants_admin, roles_admin, neutron_iso_networks,
network_admin, networks_admin, subnets_admin) = get_admin_clients(opts)
- roles = identity_admin.list_roles()['roles']
+ roles = roles_admin.list_roles()['roles']
for u in resources['users']:
u['role_ids'] = []
for r in u.get('roles', ()):
@@ -240,7 +248,7 @@
continue
for r in u['role_ids']:
try:
- identity_admin.assign_user_role(tenant['id'], user['id'], r)
+ roles_admin.assign_user_role(tenant['id'], user['id'], r)
except tempest_lib.exceptions.Conflict:
# don't care if it's already assigned
pass
diff --git a/tempest/cmd/cleanup.py b/tempest/cmd/cleanup.py
index 1c8ddcb..3c32d48 100644
--- a/tempest/cmd/cleanup.py
+++ b/tempest/cmd/cleanup.py
@@ -177,6 +177,7 @@
def _init_admin_ids(self):
id_cl = self.admin_mgr.identity_client
+ rl_cl = self.admin_mgr.roles_client
tenant = identity.get_tenant_by_name(id_cl,
CONF.auth.admin_tenant_name)
@@ -186,7 +187,7 @@
CONF.auth.admin_username)
self.admin_id = user['id']
- roles = id_cl.list_roles()['roles']
+ roles = rl_cl.list_roles()['roles']
for role in roles:
if role['name'] == CONF.identity.admin_role:
self.admin_role_id = role['id']
@@ -221,8 +222,9 @@
def _add_admin(self, tenant_id):
id_cl = self.admin_mgr.identity_client
+ rl_cl = self.admin_mgr.roles_client
needs_role = True
- roles = id_cl.list_user_roles(tenant_id, self.admin_id)['roles']
+ roles = rl_cl.list_user_roles(tenant_id, self.admin_id)['roles']
for role in roles:
if role['id'] == self.admin_role_id:
needs_role = False
diff --git a/tempest/cmd/cleanup_service.py b/tempest/cmd/cleanup_service.py
index b5b78c6..032b8b4 100644
--- a/tempest/cmd/cleanup_service.py
+++ b/tempest/cmd/cleanup_service.py
@@ -857,10 +857,13 @@
class RoleService(IdentityService):
+ def __init__(self, manager, **kwargs):
+ super(RoleService, self).__init__(kwargs)
+ self.client = manager.roles_client
+
def list(self):
- client = self.client
try:
- roles = client.list_roles()['roles']
+ roles = self.client.list_roles()['roles']
# reconcile roles with saved state and never list admin role
if not self.is_save_state:
roles = [role for role in roles if
@@ -874,11 +877,10 @@
return []
def delete(self):
- client = self.client
roles = self.list()
for role in roles:
try:
- client.delete_role(role['id'])
+ self.client.delete_role(role['id'])
except Exception:
LOG.exception("Delete Role exception.")
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index 991ceca..cdd0044 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -128,6 +128,7 @@
from tempest.services.compute.json import security_group_rules_client
from tempest.services.compute.json import servers_client
from tempest.services.identity.v2.json import identity_client
+from tempest.services.identity.v2.json import roles_client
from tempest.services.identity.v2.json import tenants_client
from tempest.services.image.v2.json import images_client
from tempest.services.network.json import network_client
@@ -206,6 +207,12 @@
CONF.identity.region,
endpoint_type='adminURL',
**default_params_with_timeout_values)
+ self.roles = roles_client.RolesClient(
+ _auth,
+ CONF.identity.catalog_type,
+ CONF.identity.region,
+ endpoint_type='adminURL',
+ **default_params_with_timeout_values)
self.servers = servers_client.ServersClient(_auth,
**compute_params)
self.flavors = flavors_client.FlavorsClient(_auth,
@@ -339,11 +346,11 @@
def _assign_swift_role(user, swift_role):
admin = keystone_admin()
- roles = admin.identity.list_roles()
+ roles = admin.roles.list_roles()
role = next(r for r in roles if r['name'] == swift_role)
LOG.debug(USERS[user])
try:
- admin.identity.assign_user_role(
+ admin.roles.assign_user_role(
USERS[user]['tenant_id'],
USERS[user]['id'],
role['id'])
diff --git a/tempest/common/cred_client.py b/tempest/common/cred_client.py
index 94515dc..a33732e 100644
--- a/tempest/common/cred_client.py
+++ b/tempest/common/cred_client.py
@@ -31,12 +31,14 @@
admin credentials used for generating credentials.
"""
- def __init__(self, identity_client, projects_client=None):
+ def __init__(self, identity_client, projects_client=None,
+ roles_client=None):
# The client implies version and credentials
self.identity_client = identity_client
# this is temporary until the v3 project client is
# separated, then projects_client will become mandatory
self.projects_client = projects_client or identity_client
+ self.roles_client = roles_client or identity_client
def create_user(self, username, password, project, email):
user = self.identity_client.create_user(
@@ -59,7 +61,7 @@
def create_user_role(self, role_name):
if not self._check_role_exists(role_name):
- self.identity_client.create_role(role_name)
+ self.roles_client.create_role(role_name)
def assign_user_role(self, user, project, role_name):
role = self._check_role_exists(role_name)
@@ -67,8 +69,8 @@
msg = 'No "%s" role found' % role_name
raise lib_exc.NotFound(msg)
try:
- self.identity_client.assign_user_role(project['id'], user['id'],
- role['id'])
+ self.roles_client.assign_user_role(project['id'], user['id'],
+ role['id'])
except lib_exc.Conflict:
LOG.debug("Role %s already assigned on project %s for user %s" % (
role['id'], project['id'], user['id']))
@@ -88,14 +90,16 @@
self.identity_client.delete_user(user_id)
def _list_roles(self):
- roles = self.identity_client.list_roles()['roles']
+ roles = self.roles_client.list_roles()['roles']
return roles
class V2CredsClient(CredsClient):
- def __init__(self, identity_client, projects_client):
- super(V2CredsClient, self).__init__(identity_client, projects_client)
+ def __init__(self, identity_client, projects_client, roles_client):
+ super(V2CredsClient, self).__init__(identity_client,
+ projects_client,
+ roles_client)
def create_project(self, name, description):
tenant = self.projects_client.create_tenant(
@@ -160,8 +164,9 @@
def get_creds_client(identity_client,
projects_client=None,
+ roles_client=None,
project_domain_name=None):
if isinstance(identity_client, v2_identity.IdentityClient):
- return V2CredsClient(identity_client, projects_client)
+ return V2CredsClient(identity_client, projects_client, roles_client)
else:
return V3CredsClient(identity_client, project_domain_name)
diff --git a/tempest/common/credentials_factory.py b/tempest/common/credentials_factory.py
index 95dcafc..5d290d4 100644
--- a/tempest/common/credentials_factory.py
+++ b/tempest/common/credentials_factory.py
@@ -11,8 +11,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-import os
-
from oslo_concurrency import lockutils
from oslo_log import log as logging
from tempest_lib import auth
@@ -170,8 +168,7 @@
admin_creds=admin_creds,
**_get_dynamic_provider_params())
else:
- if (CONF.auth.test_accounts_file and
- os.path.isfile(CONF.auth.test_accounts_file)):
+ if CONF.auth.test_accounts_file:
# Most params are not relevant for pre-created accounts
return preprov_creds.PreProvisionedCredentialProvider(
name=name, identity_version=identity_version,
@@ -193,8 +190,7 @@
if CONF.auth.use_dynamic_credentials:
return is_admin
# Check whether test accounts file has the admin specified or not
- elif (CONF.auth.test_accounts_file and
- os.path.isfile(CONF.auth.test_accounts_file)):
+ elif CONF.auth.test_accounts_file:
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
identity_version=identity_version, name='check_admin',
**_get_preprov_provider_params())
@@ -219,8 +215,7 @@
if CONF.auth.use_dynamic_credentials:
return True
# Check whether test accounts file has the admin specified or not
- if (CONF.auth.test_accounts_file and
- os.path.isfile(CONF.auth.test_accounts_file)):
+ if CONF.auth.test_accounts_file:
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
identity_version=identity_version, name='check_alt',
**_get_preprov_provider_params())
diff --git a/tempest/common/dynamic_creds.py b/tempest/common/dynamic_creds.py
index 813d94f..c52aa41 100644
--- a/tempest/common/dynamic_creds.py
+++ b/tempest/common/dynamic_creds.py
@@ -58,6 +58,7 @@
self.ports = []
self.default_admin_creds = admin_creds
(self.identity_admin_client, self.tenants_admin_client,
+ self.roles_admin_client,
self.network_admin_client,
self.networks_admin_client,
self.subnets_admin_client,
@@ -72,6 +73,7 @@
self.creds_client = cred_client.get_creds_client(
self.identity_admin_client,
self.tenants_admin_client,
+ self.roles_admin_client,
self.creds_domain_name)
def _get_admin_clients(self):
@@ -83,10 +85,11 @@
"""
os = clients.Manager(self.default_admin_creds)
if self.identity_version == 'v2':
- return (os.identity_client, os.tenants_client, os.network_client,
- os.networks_client, os.subnets_client, os.ports_client)
+ return (os.identity_client, os.tenants_client, os.roles_client,
+ os.network_client, os.networks_client, os.subnets_client,
+ os.ports_client)
else:
- return (os.identity_v3_client, None, os.network_client,
+ return (os.identity_v3_client, None, None, os.network_client,
os.networks_client, os.subnets_client, os.ports_client)
def _create_creds(self, suffix="", admin=False, roles=None):
diff --git a/tempest/common/preprov_creds.py b/tempest/common/preprov_creds.py
index 74cc3f0..34af31e 100644
--- a/tempest/common/preprov_creds.py
+++ b/tempest/common/preprov_creds.py
@@ -31,8 +31,13 @@
def read_accounts_yaml(path):
- with open(path, 'r') as yaml_file:
- accounts = yaml.load(yaml_file)
+ try:
+ with open(path, 'r') as yaml_file:
+ accounts = yaml.load(yaml_file)
+ except IOError:
+ raise exceptions.InvalidConfiguration(
+ 'The path for the test accounts file: %s '
+ 'could not be found' % path)
return accounts
@@ -74,7 +79,7 @@
identity_version=identity_version, name=name,
admin_role=admin_role, credentials_domain=credentials_domain)
self.test_accounts_file = test_accounts_file
- if test_accounts_file and os.path.isfile(test_accounts_file):
+ if test_accounts_file:
accounts = read_accounts_yaml(self.test_accounts_file)
self.use_default_creds = False
else:
diff --git a/tempest/config.py b/tempest/config.py
index 0da502c..ac2f2a0 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -1393,6 +1393,7 @@
_CONF.set_default('alt_domain_name',
self.auth.default_credentials_domain_name,
group='identity')
+ logging.tempest_set_log_file('tempest.log')
def __init__(self, parse_conf=True, config_path=None):
"""Initialize a configuration from a conf directory and conf file."""
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index 501374f..c2159c3 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -457,7 +457,7 @@
servers = servers['servers']
for server in servers:
console_output = self.servers_client.get_console_output(
- server['id'], length=None)['output']
+ server['id'])['output']
LOG.debug('Console output for %s\nbody=\n%s',
server['id'], console_output)
@@ -812,8 +812,9 @@
def _get_server_port_id_and_ip4(self, server, ip_addr=None):
ports = self._list_ports(device_id=server['id'], status='ACTIVE',
fixed_ip=ip_addr)
- # it might happen here that this port has more then one ip address
- # as in case of dual stack- when this port is created on 2 subnets
+ # A port can have more then one IP address in some cases.
+ # If the network is dual-stack (IPv4 + IPv6), this port is associated
+ # with 2 subnets
port_map = [(p["id"], fxip["ip_address"])
for p in ports
for fxip in p["fixed_ips"]
diff --git a/tempest/scenario/test_minimum_basic.py b/tempest/scenario/test_minimum_basic.py
index 585b19d..2ef3cee 100644
--- a/tempest/scenario/test_minimum_basic.py
+++ b/tempest/scenario/test_minimum_basic.py
@@ -84,7 +84,7 @@
self.assertEqual(volume, got_volume)
def nova_reboot(self, server):
- self.servers_client.reboot_server(server['id'], 'SOFT')
+ self.servers_client.reboot_server(server['id'], type='SOFT')
self._wait_for_server_status(server, 'ACTIVE')
def check_partitions(self):
@@ -97,7 +97,7 @@
self.servers_client.add_security_group(server['id'],
name=secgroup['name'])
self.addCleanup(self.servers_client.remove_security_group,
- server['id'], secgroup['name'])
+ server['id'], name=secgroup['name'])
def wait_for_secgroup_add():
body = (self.servers_client.show_server(server['id'])
diff --git a/tempest/scenario/test_network_advanced_server_ops.py b/tempest/scenario/test_network_advanced_server_ops.py
index 5a991de..d6dd6f3 100644
--- a/tempest/scenario/test_network_advanced_server_ops.py
+++ b/tempest/scenario/test_network_advanced_server_ops.py
@@ -112,7 +112,7 @@
@test.services('compute', 'network')
def test_server_connectivity_reboot(self):
server, keypair, floating_ip = self._setup_network_and_servers()
- self.servers_client.reboot_server(server['id'], reboot_type='SOFT')
+ self.servers_client.reboot_server(server['id'], type='SOFT')
self._wait_server_status_and_check_network_connectivity(
server, keypair, floating_ip)
diff --git a/tempest/scenario/test_network_basic_ops.py b/tempest/scenario/test_network_basic_ops.py
index a238a56..a304081 100644
--- a/tempest/scenario/test_network_basic_ops.py
+++ b/tempest/scenario/test_network_basic_ops.py
@@ -757,7 +757,7 @@
# Create server
self._setup_network_and_servers()
- self.check_public_network_connectivity(should_connect=False)
+ self.check_public_network_connectivity(should_connect=True)
self._create_new_network()
self._hotplug_server()
fip, server = self.floating_ip_tuple
diff --git a/tempest/services/compute/json/servers_client.py b/tempest/services/compute/json/servers_client.py
index 80b3094..c20295b 100644
--- a/tempest/services/compute/json/servers_client.py
+++ b/tempest/services/compute/json/servers_client.py
@@ -187,12 +187,19 @@
resp, body)
return service_client.ResponseBody(resp, body)
- def reboot_server(self, server_id, reboot_type):
- """Reboots a server."""
- return self.action(server_id, 'reboot', type=reboot_type)
+ def reboot_server(self, server_id, **kwargs):
+ """Reboot a server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#reboot
+ """
+ return self.action(server_id, 'reboot', **kwargs)
def rebuild_server(self, server_id, image_ref, **kwargs):
- """Rebuilds a server with a new image.
+ """Rebuild a server with a new image.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#rebuild
Most parameters except the following are passed to the API without
any changes.
@@ -209,7 +216,10 @@
rebuild_schema, **kwargs)
def resize_server(self, server_id, flavor_ref, **kwargs):
- """Changes the flavor of a server.
+ """Change the flavor of a server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#resize
Most parameters except the following are passed to the API without
any changes.
@@ -231,7 +241,11 @@
**kwargs)
def revert_resize_server(self, server_id, **kwargs):
- """Reverts a server back to its original flavor."""
+ """Revert a server back to its original flavor.
+
+ Available params: see http://developer.openstack.org/
+ api-ref-compute-v2.1.html#revertResize
+ """
return self.action(server_id, 'revertResize', **kwargs)
def list_server_metadata(self, server_id):
@@ -332,63 +346,121 @@
# LP: https://bugs.launchpad.net/openstack-api-site/+bug/1524199
return self.action(server_id, 'addSecurityGroup', **kwargs)
- def remove_security_group(self, server_id, name):
- """Removes a security group from the server."""
- return self.action(server_id, 'removeSecurityGroup', name=name)
+ def remove_security_group(self, server_id, **kwargs):
+ """Remove a security group from the server.
+
+ Available params: TODO
+ """
+ # TODO(oomichi): The api-site doesn't contain this API description.
+ # So the above should be changed to the api-site link after
+ # adding the description on the api-site.
+ # LP: https://bugs.launchpad.net/openstack-api-site/+bug/1524199
+ return self.action(server_id, 'removeSecurityGroup', **kwargs)
def live_migrate_server(self, server_id, **kwargs):
- """This should be called with administrator privileges ."""
+ """This should be called with administrator privileges.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#migrateLive
+ """
return self.action(server_id, 'os-migrateLive', **kwargs)
def migrate_server(self, server_id, **kwargs):
- """Migrates a server to a new host."""
+ """Migrate a server to a new host.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#migrate
+ """
return self.action(server_id, 'migrate', **kwargs)
def lock_server(self, server_id, **kwargs):
- """Locks the given server."""
+ """Lock the given server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#lock
+ """
return self.action(server_id, 'lock', **kwargs)
def unlock_server(self, server_id, **kwargs):
- """UNlocks the given server."""
+ """UNlock the given server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#unlock
+ """
return self.action(server_id, 'unlock', **kwargs)
def suspend_server(self, server_id, **kwargs):
- """Suspends the provided server."""
+ """Suspend the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#suspend
+ """
return self.action(server_id, 'suspend', **kwargs)
def resume_server(self, server_id, **kwargs):
- """Un-suspends the provided server."""
+ """Un-suspend the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#resume
+ """
return self.action(server_id, 'resume', **kwargs)
def pause_server(self, server_id, **kwargs):
- """Pauses the provided server."""
+ """Pause the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#pause
+ """
return self.action(server_id, 'pause', **kwargs)
def unpause_server(self, server_id, **kwargs):
- """Un-pauses the provided server."""
+ """Un-pause the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#unpause
+ """
return self.action(server_id, 'unpause', **kwargs)
- def reset_state(self, server_id, state='error'):
- """Resets the state of a server to active/error."""
- return self.action(server_id, 'os-resetState', state=state)
+ def reset_state(self, server_id, **kwargs):
+ """Reset the state of a server to active/error.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#resetState
+ """
+ return self.action(server_id, 'os-resetState', **kwargs)
def shelve_server(self, server_id, **kwargs):
- """Shelves the provided server."""
+ """Shelve the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#shelve
+ """
return self.action(server_id, 'shelve', **kwargs)
def unshelve_server(self, server_id, **kwargs):
- """Un-shelves the provided server."""
+ """Un-shelve the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#unshelve
+ """
return self.action(server_id, 'unshelve', **kwargs)
def shelve_offload_server(self, server_id, **kwargs):
- """Shelve-offload the provided server."""
+ """Shelve-offload the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#shelveOffload
+ """
return self.action(server_id, 'shelveOffload', **kwargs)
- def get_console_output(self, server_id, length):
- kwargs = {'length': length} if length else {}
+ def get_console_output(self, server_id, **kwargs):
+ """Get console output.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#getConsoleOutput
+ """
return self.action(server_id, 'os-getConsoleOutput',
- schema.get_console_output,
- **kwargs)
+ schema.get_console_output, **kwargs)
def list_virtual_interfaces(self, server_id):
"""List the virtual interfaces used in an instance."""
@@ -399,10 +471,12 @@
return service_client.ResponseBody(resp, body)
def rescue_server(self, server_id, **kwargs):
- """Rescue the provided server."""
- return self.action(server_id, 'rescue',
- schema.rescue_server,
- **kwargs)
+ """Rescue the provided server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#rescue
+ """
+ return self.action(server_id, 'rescue', schema.rescue_server, **kwargs)
def unrescue_server(self, server_id):
"""Unrescue the provided server."""
@@ -430,26 +504,45 @@
return service_client.ResponseBody(resp, body)
def force_delete_server(self, server_id, **kwargs):
- """Force delete a server."""
+ """Force delete a server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#forceDelete
+ """
return self.action(server_id, 'forceDelete', **kwargs)
def restore_soft_deleted_server(self, server_id, **kwargs):
- """Restore a soft-deleted server."""
+ """Restore a soft-deleted server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#restore
+ """
return self.action(server_id, 'restore', **kwargs)
def reset_network(self, server_id, **kwargs):
- """Resets the Network of a server"""
+ """Reset the Network of a server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#resetNetwork
+ """
return self.action(server_id, 'resetNetwork', **kwargs)
def inject_network_info(self, server_id, **kwargs):
- """Inject the Network Info into server"""
+ """Inject the Network Info into server.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#injectNetworkInfo
+ """
return self.action(server_id, 'injectNetworkInfo', **kwargs)
- def get_vnc_console(self, server_id, console_type):
- """Get URL of VNC console."""
+ def get_vnc_console(self, server_id, **kwargs):
+ """Get URL of VNC console.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#getVNCConsole
+ """
return self.action(server_id, "os-getVNCConsole",
- schema.get_vnc_console,
- type=console_type)
+ schema.get_vnc_console, **kwargs)
def add_fixed_ip(self, server_id, **kwargs):
"""Add a fixed IP to server instance.
@@ -460,5 +553,9 @@
return self.action(server_id, 'addFixedIp', **kwargs)
def remove_fixed_ip(self, server_id, **kwargs):
- """Remove input fixed IP from input server instance."""
+ """Remove input fixed IP from input server instance.
+
+ Available params: http://developer.openstack.org/
+ api-ref-compute-v2.1.html#removeFixedIp
+ """
return self.action(server_id, 'removeFixedIp', **kwargs)
diff --git a/tempest/services/identity/v2/json/identity_client.py b/tempest/services/identity/v2/json/identity_client.py
index f80e22d..54596be 100644
--- a/tempest/services/identity/v2/json/identity_client.py
+++ b/tempest/services/identity/v2/json/identity_client.py
@@ -26,60 +26,6 @@
body = json.loads(body)
return service_client.ResponseBody(resp, body)
- def create_role(self, name):
- """Create a role."""
- post_body = {
- 'name': name,
- }
- post_body = json.dumps({'role': post_body})
- resp, body = self.post('OS-KSADM/roles', post_body)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
- def show_role(self, role_id):
- """Get a role by its id."""
- resp, body = self.get('OS-KSADM/roles/%s' % role_id)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
- def delete_role(self, role_id):
- """Delete a role."""
- resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
- self.expected_success(204, resp.status)
- return resp, body
-
- def list_user_roles(self, tenant_id, user_id):
- """Returns a list of roles assigned to a user for a tenant."""
- url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
- resp, body = self.get(url)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
- def assign_user_role(self, tenant_id, user_id, role_id):
- """Add roles to a user on a tenant."""
- resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
- (tenant_id, user_id, role_id), "")
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
- def delete_user_role(self, tenant_id, user_id, role_id):
- """Removes a role assignment for a user on a tenant."""
- resp, body = self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
- (tenant_id, user_id, role_id))
- self.expected_success(204, resp.status)
- return service_client.ResponseBody(resp, body)
-
- def list_roles(self):
- """Returns roles."""
- resp, body = self.get('OS-KSADM/roles')
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
def create_user(self, name, password, tenant_id, email, **kwargs):
"""Create a user."""
post_body = {
diff --git a/tempest/services/identity/v2/json/roles_client.py b/tempest/services/identity/v2/json/roles_client.py
new file mode 100644
index 0000000..de8f9cb
--- /dev/null
+++ b/tempest/services/identity/v2/json/roles_client.py
@@ -0,0 +1,73 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_serialization import jsonutils as json
+
+from tempest.common import service_client
+
+
+class RolesClient(service_client.ServiceClient):
+ api_version = "v2.0"
+
+ def create_role(self, name):
+ """Create a role."""
+ post_body = {
+ 'name': name,
+ }
+ post_body = json.dumps({'role': post_body})
+ resp, body = self.post('OS-KSADM/roles', post_body)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def show_role(self, role_id):
+ """Get a role by its id."""
+ resp, body = self.get('OS-KSADM/roles/%s' % role_id)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def delete_role(self, role_id):
+ """Delete a role."""
+ resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
+ self.expected_success(204, resp.status)
+ return resp, body
+
+ def list_user_roles(self, tenant_id, user_id):
+ """Returns a list of roles assigned to a user for a tenant."""
+ url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
+ resp, body = self.get(url)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def assign_user_role(self, tenant_id, user_id, role_id):
+ """Add roles to a user on a tenant."""
+ resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
+ (tenant_id, user_id, role_id), "")
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def delete_user_role(self, tenant_id, user_id, role_id):
+ """Removes a role assignment for a user on a tenant."""
+ resp, body = self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
+ (tenant_id, user_id, role_id))
+ self.expected_success(204, resp.status)
+ return service_client.ResponseBody(resp, body)
+
+ def list_roles(self):
+ """Returns roles."""
+ resp, body = self.get('OS-KSADM/roles')
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
diff --git a/tempest/services/network/json/network_client.py b/tempest/services/network/json/network_client.py
index 08316be..459891f 100644
--- a/tempest/services/network/json/network_client.py
+++ b/tempest/services/network/json/network_client.py
@@ -157,23 +157,6 @@
message = '(%s) %s' % (caller, message)
raise exceptions.TimeoutException(message)
- def update_quotas(self, tenant_id, **kwargs):
- put_body = {'quota': kwargs}
- uri = '/quotas/%s' % tenant_id
- return self.update_resource(uri, put_body)
-
- def reset_quotas(self, tenant_id):
- uri = '/quotas/%s' % tenant_id
- return self.delete_resource(uri)
-
- def show_quotas(self, tenant_id, **fields):
- uri = '/quotas/%s' % tenant_id
- return self.show_resource(uri, **fields)
-
- def list_quotas(self, **filters):
- uri = '/quotas'
- return self.list_resources(uri, **filters)
-
def create_router(self, name, admin_state_up=True, **kwargs):
post_body = {'router': kwargs}
post_body['router']['name'] = name
diff --git a/tempest/services/network/json/quotas_client.py b/tempest/services/network/json/quotas_client.py
new file mode 100644
index 0000000..9b65a54
--- /dev/null
+++ b/tempest/services/network/json/quotas_client.py
@@ -0,0 +1,35 @@
+# Copyright 2015 NEC Corporation. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.services.network.json import base
+
+
+class QuotasClient(base.BaseNetworkClient):
+
+ def update_quotas(self, tenant_id, **kwargs):
+ put_body = {'quota': kwargs}
+ uri = '/quotas/%s' % tenant_id
+ return self.update_resource(uri, put_body)
+
+ def reset_quotas(self, tenant_id):
+ uri = '/quotas/%s' % tenant_id
+ return self.delete_resource(uri)
+
+ def show_quotas(self, tenant_id, **fields):
+ uri = '/quotas/%s' % tenant_id
+ return self.show_resource(uri, **fields)
+
+ def list_quotas(self, **filters):
+ uri = '/quotas'
+ return self.list_resources(uri, **filters)
diff --git a/tempest/stress/driver.py b/tempest/stress/driver.py
index cac848b..a550d71 100644
--- a/tempest/stress/driver.py
+++ b/tempest/stress/driver.py
@@ -147,11 +147,13 @@
if CONF.identity.auth_version == 'v2':
identity_client = admin_manager.identity_client
projects_client = admin_manager.tenants_client
+ roles_client = admin_manager.roles_client
else:
identity_client = admin_manager.identity_v3_client
projects_client = None
+ roles_client = None
credentials_client = cred_client.get_creds_client(
- identity_client, projects_client)
+ identity_client, projects_client, roles_client)
project = credentials_client.create_project(
name=tenant_name, description=tenant_name)
user = credentials_client.create_user(username, password,
diff --git a/tempest/test.py b/tempest/test.py
index 8e961f4..407df3b 100644
--- a/tempest/test.py
+++ b/tempest/test.py
@@ -437,9 +437,11 @@
if CONF.identity.auth_version == 'v2':
client = self.os_admin.identity_client
project_client = self.os_admin.tenants_client
+ roles_client = self.os_admin.roles_client
else:
client = self.os_admin.identity_v3_client
project_client = None
+ roles_client = None
try:
domain = client.auth_provider.credentials.project_domain_name
@@ -447,6 +449,7 @@
domain = 'Default'
return cred_client.get_creds_client(client, project_client,
+ roles_client,
project_domain_name=domain)
@classmethod
diff --git a/tempest/tests/common/test_dynamic_creds.py b/tempest/tests/common/test_dynamic_creds.py
index 10acd14..d520985 100644
--- a/tempest/tests/common/test_dynamic_creds.py
+++ b/tempest/tests/common/test_dynamic_creds.py
@@ -24,6 +24,8 @@
from tempest import exceptions
from tempest.services.identity.v2.json import identity_client as \
json_iden_client
+from tempest.services.identity.v2.json import roles_client as \
+ json_roles_client
from tempest.services.identity.v2.json import tenants_client as \
json_tenants_client
from tempest.services.network.json import network_client as json_network_client
@@ -84,7 +86,7 @@
def _mock_list_roles(self, id, name):
roles_fix = self.useFixture(mockpatch.PatchObject(
- json_iden_client.IdentityClient,
+ json_roles_client.RolesClient,
'list_roles',
return_value=(service_client.ResponseBody
(200,
@@ -95,7 +97,7 @@
def _mock_list_2_roles(self):
roles_fix = self.useFixture(mockpatch.PatchObject(
- json_iden_client.IdentityClient,
+ json_roles_client.RolesClient,
'list_roles',
return_value=(service_client.ResponseBody
(200,
@@ -106,7 +108,7 @@
def _mock_assign_user_role(self):
tenant_fix = self.useFixture(mockpatch.PatchObject(
- json_iden_client.IdentityClient,
+ json_roles_client.RolesClient,
'assign_user_role',
return_value=(service_client.ResponseBody
(200, {}))))
@@ -114,7 +116,7 @@
def _mock_list_role(self):
roles_fix = self.useFixture(mockpatch.PatchObject(
- json_iden_client.IdentityClient,
+ json_roles_client.RolesClient,
'list_roles',
return_value=(service_client.ResponseBody
(200, {'roles': [{'id': '1',
@@ -178,11 +180,11 @@
self._mock_user_create('1234', 'fake_admin_user')
self._mock_tenant_create('1234', 'fake_admin_tenant')
- user_mock = mock.patch.object(json_iden_client.IdentityClient,
+ user_mock = mock.patch.object(json_roles_client.RolesClient,
'assign_user_role')
user_mock.start()
self.addCleanup(user_mock.stop)
- with mock.patch.object(json_iden_client.IdentityClient,
+ with mock.patch.object(json_roles_client.RolesClient,
'assign_user_role') as user_mock:
admin_creds = creds.get_admin_creds()
user_mock.assert_has_calls([
@@ -201,11 +203,11 @@
self._mock_user_create('1234', 'fake_role_user')
self._mock_tenant_create('1234', 'fake_role_tenant')
- user_mock = mock.patch.object(json_iden_client.IdentityClient,
+ user_mock = mock.patch.object(json_roles_client.RolesClient,
'assign_user_role')
user_mock.start()
self.addCleanup(user_mock.stop)
- with mock.patch.object(json_iden_client.IdentityClient,
+ with mock.patch.object(json_roles_client.RolesClient,
'assign_user_role') as user_mock:
role_creds = creds.get_creds_by_roles(
roles=['role1', 'role2'])
diff --git a/tempest/tests/services/compute/test_servers_client.py b/tempest/tests/services/compute/test_servers_client.py
index 95b81c1..1fd0740 100644
--- a/tempest/tests/services/compute/test_servers_client.py
+++ b/tempest/tests/services/compute/test_servers_client.py
@@ -363,7 +363,7 @@
{},
status=202,
server_id=self.server_id,
- reboot_type='fake-reboot-type'
+ type='fake-reboot-type'
)
def test_rebuild_server_with_str_body(self):
@@ -995,5 +995,5 @@
'tempest.common.service_client.ServiceClient.post',
{'console': self.FAKE_VNC_CONSOLE},
server_id=self.server_id,
- console_type='fake-console-type'
+ type='fake-console-type'
)