Merge "Add missing tempest client for "QoS Limit Bandwidth" APIs + testing"
diff --git a/releasenotes/notes/deprecate-and-enable-identity-application_credentials-1d4eaef4c3c9dcba.yaml b/releasenotes/notes/deprecate-and-enable-identity-application_credentials-1d4eaef4c3c9dcba.yaml
new file mode 100644
index 0000000..4b31ff8
--- /dev/null
+++ b/releasenotes/notes/deprecate-and-enable-identity-application_credentials-1d4eaef4c3c9dcba.yaml
@@ -0,0 +1,17 @@
+---
+upgrade:
+ - |
+ Application credentials are supported by Keystone since Queens.
+ As Tempest currently supports only much newer OpenStack versions
+ (Ussuri or later), the configuration option which enables
+ application credentials testing
+ (``CONF.identity-feature-enabled.application_credentials``)
+ is now enabled by default.
+deprecations:
+ - |
+ Application credentials are supported by Keystone since Queens.
+ As Tempest currently supports only much newer OpenStack versions
+ (Ussuri or later), the configuration option which enables
+ application credentials testing
+ (``CONF.identity-feature-enabled.application_credentials``)
+ is now deprecated.
diff --git a/releasenotes/notes/deprecate-and-enable-identity-project-tags-23b87518888e563a.yaml b/releasenotes/notes/deprecate-and-enable-identity-project-tags-23b87518888e563a.yaml
new file mode 100644
index 0000000..be2df6b
--- /dev/null
+++ b/releasenotes/notes/deprecate-and-enable-identity-project-tags-23b87518888e563a.yaml
@@ -0,0 +1,17 @@
+---
+upgrade:
+ - |
+ Project tags are supported by Keystone since Queens.
+ As Tempest currently supports only much newer OpenStack versions
+ (Ussuri or later), the configuration option which enables
+ project tags testing
+ (``CONF.identity-feature-enabled.project_tags``)
+ is now enabled by default.
+deprecations:
+ - |
+ Project tags are supported by Keystone since Queens.
+ As Tempest currently supports only much newer OpenStack versions
+ (Ussuri or later), the configuration option which enables
+ project tags testing
+ (``CONF.identity-feature-enabled.project_tags``)
+ is now deprecated.
diff --git a/releasenotes/notes/limits-client-d656f16a3d3e84fc.yaml b/releasenotes/notes/limits-client-d656f16a3d3e84fc.yaml
new file mode 100644
index 0000000..311eca3
--- /dev/null
+++ b/releasenotes/notes/limits-client-d656f16a3d3e84fc.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - |
+ Add a new client for keystone's unified limits API to create and update limits.
diff --git a/releasenotes/notes/loggable-resource-client-5977d46a7ea52199.yaml b/releasenotes/notes/loggable-resource-client-5977d46a7ea52199.yaml
new file mode 100644
index 0000000..ac83eaf
--- /dev/null
+++ b/releasenotes/notes/loggable-resource-client-5977d46a7ea52199.yaml
@@ -0,0 +1,5 @@
+---
+features:
+ - |
+ Lists neutron's Loggable resources API service clients are available in
+ ``tempest/lib/services/network/loggable_resource_client.py`` module.
\ No newline at end of file
diff --git a/roles/run-tempest-26/tasks/main.yaml b/roles/run-tempest-26/tasks/main.yaml
index b197856..f846006 100644
--- a/roles/run-tempest-26/tasks/main.yaml
+++ b/roles/run-tempest-26/tasks/main.yaml
@@ -29,7 +29,7 @@
set_fact:
# TOX_CONSTRAINTS_FILE is new name, UPPER_CONSTRAINTS_FILE is old one, best to set both
tempest_tox_environment: "{{ tempest_tox_environment | combine({'UPPER_CONSTRAINTS_FILE': stable_constraints_file}) | combine({'TOX_CONSTRAINTS_FILE': stable_constraints_file}) }}"
- when: target_branch in ["stable/ocata", "stable/pike", "stable/queens", "stable/rocky"]
+ when: target_branch in ["stable/ocata", "stable/pike", "stable/queens", "stable/rocky", "stable/stein"]
- name: Use Configured upper-constraints for non-master Tempest
set_fact:
diff --git a/tempest/api/compute/base.py b/tempest/api/compute/base.py
index bee4716..922a14c 100644
--- a/tempest/api/compute/base.py
+++ b/tempest/api/compute/base.py
@@ -454,6 +454,12 @@
server = self.servers_client.show_server(server_id)['server']
self.assert_flavor_equal(new_flavor_id, server['flavor'])
+ def reboot_server(self, server_id, type):
+ """Reboot a server and wait for it to be ACTIVE."""
+ self.servers_client.reboot_server(server_id, type=type)
+ waiters.wait_for_server_status(
+ self.servers_client, server_id, 'ACTIVE')
+
@classmethod
def delete_volume(cls, volume_id):
"""Deletes the given volume and waits for it to be gone."""
@@ -570,24 +576,33 @@
attachment = self.servers_client.attach_volume(
server['id'], **attach_kwargs)['volumeAttachment']
- # On teardown detach the volume and for multiattach volumes wait for
- # the attachment to be removed. For non-multiattach volumes wait for
- # the state of the volume to change to available. This is so we don't
- # error out when trying to delete the volume during teardown.
- if volume['multiattach']:
- att = waiters.wait_for_volume_attachment_create(
- self.volumes_client, volume['id'], server['id'])
- self.addCleanup(waiters.wait_for_volume_attachment_remove,
- self.volumes_client, volume['id'],
- att['attachment_id'])
- else:
- self.addCleanup(waiters.wait_for_volume_resource_status,
- self.volumes_client, volume['id'], 'available')
- waiters.wait_for_volume_resource_status(self.volumes_client,
- volume['id'], 'in-use')
- # Ignore 404s on detach in case the server is deleted or the volume
- # is already detached.
+
+ # NOTE(lyarwood): During attach we initially wait for the volume
+ # attachment and then check the volume state.
+ waiters.wait_for_volume_attachment_create(
+ self.volumes_client, volume['id'], server['id'])
+ # TODO(lyarwood): Remove the following volume status checks and move to
+ # attachment status checks across all volumes now with the 3.27
+ # microversion somehow.
+ if not volume['multiattach']:
+ waiters.wait_for_volume_resource_status(
+ self.volumes_client, volume['id'], 'in-use')
+
+ # NOTE(lyarwood): On teardown (LIFO) initially wait for the volume
+ # attachment in Nova to be removed. While this technically happens last
+ # we want this to be the first waiter as if it fails we can then dump
+ # the contents of the console log. The final check of the volume state
+ # should be a no-op by this point and is just added for completeness
+ # when detaching non-multiattach volumes.
+ if not volume['multiattach']:
+ self.addCleanup(
+ waiters.wait_for_volume_resource_status, self.volumes_client,
+ volume['id'], 'available')
+ self.addCleanup(
+ waiters.wait_for_volume_attachment_remove_from_server,
+ self.servers_client, server['id'], volume['id'])
self.addCleanup(self._detach_volume, server, volume)
+
return attachment
def create_volume_snapshot(self, volume_id, name=None, description=None,
diff --git a/tempest/api/compute/security_groups/test_security_groups.py b/tempest/api/compute/security_groups/test_security_groups.py
index 671a779..a1f3514 100644
--- a/tempest/api/compute/security_groups/test_security_groups.py
+++ b/tempest/api/compute/security_groups/test_security_groups.py
@@ -109,9 +109,7 @@
sg['id'])
# Reboot and add the other security group
- self.servers_client.reboot_server(server_id, type='HARD')
- waiters.wait_for_server_status(self.servers_client, server_id,
- 'ACTIVE')
+ self.reboot_server(server_id, type='HARD')
self.servers_client.add_security_group(server_id, name=sg2['name'])
# Check that we are not able to delete the other security
diff --git a/tempest/api/compute/servers/test_create_server.py b/tempest/api/compute/servers/test_create_server.py
index 48f32a8..c9aec62 100644
--- a/tempest/api/compute/servers/test_create_server.py
+++ b/tempest/api/compute/servers/test_create_server.py
@@ -180,3 +180,56 @@
if not utils.get_service_list()['volume']:
msg = "Volume service not enabled."
raise cls.skipException(msg)
+
+
+class ServersTestFqdnHostnames(base.BaseV2ComputeTest):
+ """Test creating server with FQDN hostname and verifying atrributes
+
+ Starting Wallaby release, Nova sanitizes freeform characters in
+ server hostname with dashes. This test verifies the same.
+ """
+
+ @classmethod
+ def setup_credentials(cls):
+ cls.prepare_instance_network()
+ super(ServersTestFqdnHostnames, cls).setup_credentials()
+
+ @classmethod
+ def setup_clients(cls):
+ super(ServersTestFqdnHostnames, cls).setup_clients()
+ cls.client = cls.servers_client
+
+ @decorators.idempotent_id('622066d2-39fc-4c09-9eeb-35903c114a0a')
+ @testtools.skipUnless(
+ CONF.compute_feature_enabled.hostname_fqdn_sanitization,
+ 'FQDN hostname sanitization is not supported.')
+ @testtools.skipUnless(CONF.validation.run_validation,
+ 'Instance validation tests are disabled.')
+ def test_create_server_with_fqdn_name(self):
+ """Test to create an instance with FQDN type name scheme"""
+ validation_resources = self.get_class_validation_resources(
+ self.os_primary)
+ self.server_name = 'guest-instance-1.domain.com'
+ self.password = data_utils.rand_password()
+ self.accessIPv4 = '2.2.2.2'
+ test_server = self.create_test_server(
+ validatable=True,
+ validation_resources=validation_resources,
+ wait_until='ACTIVE',
+ adminPass=self.password,
+ name=self.server_name,
+ accessIPv4=self.accessIPv4)
+
+ """Verify the hostname within the instance is sanitized
+
+ Freeform characters in the hostname are replaced with dashes
+ """
+ linux_client = remote_client.RemoteClient(
+ self.get_server_ip(test_server, validation_resources),
+ self.ssh_user,
+ self.password,
+ validation_resources['keypair']['private_key'],
+ server=test_server,
+ servers_client=self.client)
+ hostname = linux_client.exec_command("hostname").rstrip()
+ self.assertEqual('guest-instance-1-domain-com', hostname)
diff --git a/tempest/api/compute/servers/test_instance_actions.py b/tempest/api/compute/servers/test_instance_actions.py
index 5ab592a..028da68 100644
--- a/tempest/api/compute/servers/test_instance_actions.py
+++ b/tempest/api/compute/servers/test_instance_actions.py
@@ -37,9 +37,7 @@
@decorators.idempotent_id('77ca5cc5-9990-45e0-ab98-1de8fead201a')
def test_list_instance_actions(self):
"""Test listing actions of the provided server"""
- self.client.reboot_server(self.server['id'], type='HARD')
- waiters.wait_for_server_status(self.client,
- self.server['id'], 'ACTIVE')
+ self.reboot_server(self.server['id'], type='HARD')
body = (self.client.list_instance_actions(self.server['id'])
['instanceActions'])
diff --git a/tempest/api/compute/servers/test_server_actions.py b/tempest/api/compute/servers/test_server_actions.py
index deb21c7..152e7e8 100644
--- a/tempest/api/compute/servers/test_server_actions.py
+++ b/tempest/api/compute/servers/test_server_actions.py
@@ -136,8 +136,7 @@
# in a server
linux_client.exec_command("sync")
- self.client.reboot_server(self.server_id, type=reboot_type)
- waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
+ self.reboot_server(self.server_id, type=reboot_type)
if CONF.validation.run_validation:
# Log in and verify the boot time has changed
@@ -607,8 +606,7 @@
# log file is truncated and we cannot get any console log through
# "console-log" API.
# The detail is https://bugs.launchpad.net/nova/+bug/1251920
- self.client.reboot_server(self.server_id, type='HARD')
- waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
+ self.reboot_server(self.server_id, type='HARD')
self.wait_for(self._get_output)
@decorators.idempotent_id('89104062-69d8-4b19-a71b-f47b7af093d7')
diff --git a/tempest/api/identity/v3/test_users.py b/tempest/api/identity/v3/test_users.py
index 6425ea9..dc6dd4a 100644
--- a/tempest/api/identity/v3/test_users.py
+++ b/tempest/api/identity/v3/test_users.py
@@ -77,6 +77,8 @@
time.sleep(1)
self.non_admin_users_client.auth_provider.set_auth()
+ @testtools.skipUnless(CONF.identity_feature_enabled.security_compliance,
+ 'Security compliance not available.')
@decorators.idempotent_id('ad71bd23-12ad-426b-bb8b-195d2b635f27')
@testtools.skipIf(CONF.identity_feature_enabled.immutable_user_source,
'Skipped because environment has an '
diff --git a/tempest/api/network/admin/test_negative_quotas.py b/tempest/api/network/admin/test_negative_quotas.py
index 614dfcf..1ce9f47 100644
--- a/tempest/api/network/admin/test_negative_quotas.py
+++ b/tempest/api/network/admin/test_negative_quotas.py
@@ -53,7 +53,8 @@
def tearDown(self):
super(QuotasNegativeTest, self).tearDown()
- self.credentials_provider.cleanup_default_secgroup(self.project['id'])
+ self.credentials_provider.cleanup_default_secgroup(
+ self.os_admin.security_groups_client, self.project['id'])
@decorators.attr(type=['negative'])
@decorators.idempotent_id('644f4e1b-1bf9-4af0-9fd8-eb56ac0f51cf')
diff --git a/tempest/api/network/base.py b/tempest/api/network/base.py
index 260ba74..47a8590 100644
--- a/tempest/api/network/base.py
+++ b/tempest/api/network/base.py
@@ -85,6 +85,7 @@
cls.service_providers_client = cls.os_primary.service_providers_client
cls.tags_client = cls.os_primary.tags_client
cls.log_resource_client = cls.os_primary.log_resource_client
+ cls.loggable_resource_client = cls.os_primary.loggable_resource_client
@classmethod
def resource_setup(cls):
diff --git a/tempest/api/object_storage/test_container_acl.py b/tempest/api/object_storage/test_container_acl.py
index c8731fe..0259373 100644
--- a/tempest/api/object_storage/test_container_acl.py
+++ b/tempest/api/object_storage/test_container_acl.py
@@ -31,9 +31,10 @@
super(ObjectTestACLs, self).setUp()
self.container_name = self.create_container()
- def tearDown(self):
- self.delete_containers()
- super(ObjectTestACLs, self).tearDown()
+ @classmethod
+ def resource_cleanup(cls):
+ cls.delete_containers()
+ super(ObjectTestACLs, cls).resource_cleanup()
@decorators.idempotent_id('a3270f3f-7640-4944-8448-c7ea783ea5b6')
def test_read_object_with_rights(self):
diff --git a/tempest/api/object_storage/test_container_acl_negative.py b/tempest/api/object_storage/test_container_acl_negative.py
index 73d7f27..85e6ddb 100644
--- a/tempest/api/object_storage/test_container_acl_negative.py
+++ b/tempest/api/object_storage/test_container_acl_negative.py
@@ -42,9 +42,10 @@
self.container_name = data_utils.rand_name(name='TestContainer')
self.container_client.update_container(self.container_name)
- def tearDown(self):
- self.delete_containers([self.container_name])
- super(ObjectACLsNegativeTest, self).tearDown()
+ @classmethod
+ def resource_cleanup(cls):
+ cls.delete_containers()
+ super(ObjectACLsNegativeTest, cls).resource_cleanup()
@decorators.attr(type=['negative'])
@decorators.idempotent_id('af587587-0c24-4e15-9822-8352ce711013')
diff --git a/tempest/api/object_storage/test_container_quotas.py b/tempest/api/object_storage/test_container_quotas.py
index fcd9a7c..7977a7a 100644
--- a/tempest/api/object_storage/test_container_quotas.py
+++ b/tempest/api/object_storage/test_container_quotas.py
@@ -44,10 +44,10 @@
self.container_client.create_update_or_delete_container_metadata(
self.container_name, create_update_metadata=metadata)
- def tearDown(self):
- """Cleans the container of any object after each test."""
- self.delete_containers()
- super(ContainerQuotasTest, self).tearDown()
+ @classmethod
+ def resource_cleanup(cls):
+ cls.delete_containers()
+ super(ContainerQuotasTest, cls).resource_cleanup()
@decorators.idempotent_id('9a0fb034-86af-4df0-86fa-f8bd7db21ae0')
@utils.requires_ext(extension='container_quotas', service='object')
diff --git a/tempest/api/object_storage/test_container_services.py b/tempest/api/object_storage/test_container_services.py
index 7ad6f6f..085b8ab 100644
--- a/tempest/api/object_storage/test_container_services.py
+++ b/tempest/api/object_storage/test_container_services.py
@@ -21,9 +21,10 @@
class ContainerTest(base.BaseObjectTest):
"""Test containers"""
- def tearDown(self):
- self.delete_containers()
- super(ContainerTest, self).tearDown()
+ @classmethod
+ def resource_cleanup(cls):
+ cls.delete_containers()
+ super(ContainerTest, cls).resource_cleanup()
@decorators.attr(type='smoke')
@decorators.idempotent_id('92139d73-7819-4db1-85f8-3f2f22a8d91f')
diff --git a/tempest/api/volume/admin/test_volume_types_negative.py b/tempest/api/volume/admin/test_volume_types_negative.py
index 174cf9e..42d3bdf 100644
--- a/tempest/api/volume/admin/test_volume_types_negative.py
+++ b/tempest/api/volume/admin/test_volume_types_negative.py
@@ -54,3 +54,18 @@
volume_type = self.create_volume_type(**params)
self.assertRaises(lib_exc.NotFound,
self.create_volume, volume_type=volume_type['id'])
+
+ @decorators.attr(type=['negative'])
+ @decorators.idempotent_id('a5924b5f-b6c1-49ba-994c-b4af55d26e52')
+ def test_create_volume_type_encryption_nonexistent_type_id(self):
+ """Test create encryption with nonexistent type id will fail"""
+ create_kwargs = {
+ 'type_id': data_utils.rand_uuid(),
+ 'provider': 'LuksEncryptor',
+ 'key_size': 256,
+ 'cipher': 'aes-xts-plain64',
+ 'control_location': 'front-end'
+ }
+ self.assertRaises(
+ lib_exc.NotFound,
+ self.create_encryption_type, **create_kwargs)
diff --git a/tempest/clients.py b/tempest/clients.py
index ebf2540..51bd204 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -74,6 +74,7 @@
self.segments_client = self.network.SegmentsClient()
self.trunks_client = self.network.TrunksClient()
self.log_resource_client = self.network.LogResourceClient()
+ self.loggable_resource_client = self.network.LoggableResourceClient()
def _set_image_clients(self):
if CONF.service_available.glance:
@@ -222,6 +223,8 @@
self.identity_v3.ApplicationCredentialsClient(**params_v3)
self.access_rules_client = \
self.identity_v3.AccessRulesClient(**params_v3)
+ self.identity_limits_client = \
+ self.identity_v3.LimitsClient(**params_v3)
# Token clients do not use the catalog. They only need default_params.
# They read auth_url, so they should only be set if the corresponding
diff --git a/tempest/common/utils/linux/remote_client.py b/tempest/common/utils/linux/remote_client.py
index b68a879..5d6e129 100644
--- a/tempest/common/utils/linux/remote_client.py
+++ b/tempest/common/utils/linux/remote_client.py
@@ -108,7 +108,7 @@
LOG.debug('(get_nic_name_by_ip) Command result: %s', nic)
return nic.strip().strip(":").split('@')[0].lower()
- def get_dns_servers(self):
+ def _get_dns_servers(self):
cmd = 'cat /etc/resolv.conf'
resolve_file = self.exec_command(cmd).strip().split('\n')
entries = (l.split() for l in resolve_file)
@@ -116,6 +116,19 @@
if len(l) and l[0] == 'nameserver']
return dns_servers
+ def get_dns_servers(self, timeout=5):
+ start_time = int(time.time())
+ dns_servers = []
+ while True:
+ dns_servers = self._get_dns_servers()
+ if dns_servers:
+ break
+ LOG.debug("DNS Servers list empty.")
+ if int(time.time()) - start_time >= timeout:
+ LOG.debug("DNS Servers list empty after %s.", timeout)
+ break
+ return dns_servers
+
def _renew_lease_udhcpc(self, fixed_ip=None):
"""Renews DHCP lease via udhcpc client. """
file_path = '/var/run/udhcpc.'
diff --git a/tempest/common/waiters.py b/tempest/common/waiters.py
index 3750b11..f6a4555 100644
--- a/tempest/common/waiters.py
+++ b/tempest/common/waiters.py
@@ -356,23 +356,36 @@
This waiter checks the compute API if the volume attachment is removed.
"""
start = int(time.time())
- volumes = client.list_volume_attachments(server_id)['volumeAttachments']
+
+ try:
+ volumes = client.list_volume_attachments(
+ server_id)['volumeAttachments']
+ except lib_exc.NotFound:
+ # Ignore 404s on detach in case the server is deleted or the volume
+ # is already detached.
+ return
while any(volume for volume in volumes if volume['volumeId'] == volume_id):
time.sleep(client.build_interval)
timed_out = int(time.time()) - start >= client.build_timeout
if timed_out:
+ console_output = client.get_console_output(server_id)['output']
+ LOG.debug('Console output for %s\nbody=\n%s',
+ server_id, console_output)
message = ('Volume %s failed to detach from server %s within '
'the required time (%s s) from the compute API '
'perspective' %
(volume_id, server_id, client.build_timeout))
raise lib_exc.TimeoutException(message)
-
- volumes = client.list_volume_attachments(server_id)[
- 'volumeAttachments']
-
- return volumes
+ try:
+ volumes = client.list_volume_attachments(
+ server_id)['volumeAttachments']
+ except lib_exc.NotFound:
+ # Ignore 404s on detach in case the server is deleted or the volume
+ # is already detached.
+ return
+ return
def wait_for_volume_migration(client, volume_id, new_host):
diff --git a/tempest/config.py b/tempest/config.py
index 6715a00..662a249 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -259,14 +259,18 @@
help='Does the environment have the security compliance '
'settings enabled?'),
cfg.BoolOpt('project_tags',
- default=False,
- help='Is the project tags identity v3 API available?'),
- # Application credentials is a default feature in Queens. This config
- # option can removed once Pike is EOL.
+ default=True,
+ help='Is the project tags identity v3 API available?',
+ deprecated_for_removal=True,
+ deprecated_reason='Project tags API is a default feature '
+ 'since Queens'),
cfg.BoolOpt('application_credentials',
- default=False,
+ default=True,
help='Does the environment have application credentials '
- 'enabled?'),
+ 'enabled?',
+ deprecated_for_removal=True,
+ deprecated_reason='Application credentials is a default '
+ 'feature since Queens'),
# Access rules for application credentials is a default feature in Train.
# This config option can removed once Stein is EOL.
cfg.BoolOpt('access_rules',
@@ -437,6 +441,15 @@
cfg.BoolOpt('disk_config',
default=True,
help="If false, skip disk config tests"),
+ # TODO(pkesav): Make it True by default once wallaby
+ # is oldest supported stable for Tempest.
+ cfg.BoolOpt('hostname_fqdn_sanitization',
+ default=False,
+ help="If false, skip fqdn instance sanitization tests. "
+ "Nova started sanitizing the instance name by replacing "
+ "the '.' with '-' to comply with fqdn hostname. Nova "
+ "changed that in Wallaby cycle, if your cloud is older "
+ "than wallaby then you can keep/make it False."),
cfg.ListOpt('api_extensions',
default=['all'],
help='A list of enabled compute extensions with a special '
diff --git a/tempest/lib/common/cred_provider.py b/tempest/lib/common/cred_provider.py
index 069172a..2da206f 100644
--- a/tempest/lib/common/cred_provider.py
+++ b/tempest/lib/common/cred_provider.py
@@ -13,11 +13,13 @@
# limitations under the License.
import abc
-
+from oslo_log import log as logging
from tempest.lib import auth
from tempest.lib import exceptions
+LOG = logging.getLogger(__name__)
+
class CredentialProvider(object, metaclass=abc.ABCMeta):
def __init__(self, identity_version, name=None,
@@ -125,6 +127,18 @@
def is_role_available(self, role):
return
+ def cleanup_default_secgroup(self, security_group_client, tenant):
+ resp_body = security_group_client.list_security_groups(
+ tenant_id=tenant,
+ name="default")
+ secgroups_to_delete = resp_body['security_groups']
+ for secgroup in secgroups_to_delete:
+ try:
+ security_group_client.delete_security_group(secgroup['id'])
+ except exceptions.NotFound:
+ LOG.warning('Security group %s, id %s not found for clean-up',
+ secgroup['name'], secgroup['id'])
+
class TestResources(object):
"""Readonly Credentials, with network resources added."""
diff --git a/tempest/lib/common/dynamic_creds.py b/tempest/lib/common/dynamic_creds.py
index 32dea44..be8c0e8 100644
--- a/tempest/lib/common/dynamic_creds.py
+++ b/tempest/lib/common/dynamic_creds.py
@@ -254,8 +254,8 @@
user, role, domain)
elif scope == 'system':
self.creds_client.assign_user_role_on_system(user, role)
- LOG.info("Roles assigned to the user %s are: %s",
- user['id'], roles_to_assign)
+ LOG.info("Dynamic test user %s is created with scope %s and roles: %s",
+ user['id'], scope, roles_to_assign)
creds = self.creds_client.get_credentials(**cred_params)
return cred_provider.TestResources(creds)
@@ -518,18 +518,6 @@
LOG.warning('network with name: %s not found for delete',
network_name)
- def cleanup_default_secgroup(self, tenant):
- nsg_client = self.security_groups_admin_client
- resp_body = nsg_client.list_security_groups(tenant_id=tenant,
- name="default")
- secgroups_to_delete = resp_body['security_groups']
- for secgroup in secgroups_to_delete:
- try:
- nsg_client.delete_security_group(secgroup['id'])
- except lib_exc.NotFound:
- LOG.warning('Security group %s, id %s not found for clean-up',
- secgroup['name'], secgroup['id'])
-
def _clear_isolated_net_resources(self):
client = self.routers_admin_client
for cred in self._creds:
@@ -578,7 +566,8 @@
# ensure tenant deletion without big changes.
try:
if self.neutron_available:
- self.cleanup_default_secgroup(creds.tenant_id)
+ self.cleanup_default_secgroup(
+ self.security_groups_admin_client, creds.tenant_id)
except lib_exc.NotFound:
LOG.warning("failed to cleanup tenant %s's secgroup",
creds.tenant_name)
diff --git a/tempest/lib/common/rest_client.py b/tempest/lib/common/rest_client.py
index 573d64e..3f735f5 100644
--- a/tempest/lib/common/rest_client.py
+++ b/tempest/lib/common/rest_client.py
@@ -14,7 +14,7 @@
# License for the specific language governing permissions and limitations
# under the License.
-import collections
+from collections import abc
import email.utils
import re
import time
@@ -884,7 +884,7 @@
resp=resp)
def is_absolute_limit(self, resp, resp_body):
- if (not isinstance(resp_body, collections.Mapping) or
+ if (not isinstance(resp_body, abc.Mapping) or
'retry-after' not in resp):
return True
return 'exceed' in resp_body.get('message', 'blabla')
diff --git a/tempest/lib/services/identity/v3/__init__.py b/tempest/lib/services/identity/v3/__init__.py
index 86fa991..af09fb1 100644
--- a/tempest/lib/services/identity/v3/__init__.py
+++ b/tempest/lib/services/identity/v3/__init__.py
@@ -32,6 +32,7 @@
from tempest.lib.services.identity.v3.identity_client import IdentityClient
from tempest.lib.services.identity.v3.inherited_roles_client import \
InheritedRolesClient
+from tempest.lib.services.identity.v3.limits_client import LimitsClient
from tempest.lib.services.identity.v3.oauth_consumers_client import \
OAUTHConsumerClient
from tempest.lib.services.identity.v3.oauth_token_client import \
@@ -55,7 +56,8 @@
'DomainConfigurationClient', 'EndPointGroupsClient',
'EndPointsClient', 'EndPointsFilterClient',
'GroupsClient', 'IdentityClient', 'InheritedRolesClient',
- 'OAUTHConsumerClient', 'OAUTHTokenClient', 'PoliciesClient',
- 'ProjectsClient', 'ProjectTagsClient', 'RegionsClient',
- 'RoleAssignmentsClient', 'RolesClient', 'ServicesClient',
- 'V3TokenClient', 'TrustsClient', 'UsersClient', 'VersionsClient']
+ 'LimitsClient', 'OAUTHConsumerClient', 'OAUTHTokenClient',
+ 'PoliciesClient', 'ProjectsClient', 'ProjectTagsClient',
+ 'RegionsClient', 'RoleAssignmentsClient', 'RolesClient',
+ 'ServicesClient', 'V3TokenClient', 'TrustsClient', 'UsersClient',
+ 'VersionsClient']
diff --git a/tempest/lib/services/identity/v3/limits_client.py b/tempest/lib/services/identity/v3/limits_client.py
new file mode 100644
index 0000000..26d04bc
--- /dev/null
+++ b/tempest/lib/services/identity/v3/limits_client.py
@@ -0,0 +1,57 @@
+# Copyright 2021 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from oslo_serialization import jsonutils as json
+
+from tempest.lib.common import rest_client
+
+
+class LimitsClient(rest_client.RestClient):
+ api_version = "v3"
+
+ def get_registered_limits(self):
+ """Lists all registered limits."""
+ resp, body = self.get('registered_limits')
+ self.expected_success(200, resp.status)
+ return rest_client.ResponseBody(resp, json.loads(body))
+
+ def create_limit(self, region_id, service_id, project_id, resource_name,
+ default_limit, description=None, domain_id=None):
+ """Creates a limit in keystone."""
+ limit = {
+ 'service_id': service_id,
+ 'project_id': project_id,
+ 'resource_name': resource_name,
+ 'resource_limit': default_limit,
+ 'region_id': region_id,
+ 'description': description or '%s limit for %s' % (
+ resource_name, project_id),
+ }
+ if domain_id:
+ limit['domain_id'] = domain_id
+ post_body = json.dumps({'limits': [limit]})
+ resp, body = self.post('limits', post_body)
+ self.expected_success(201, resp.status)
+ return rest_client.ResponseBody(resp, json.loads(body))
+
+ def update_limit(self, limit_id, resource_limit, description=None):
+ """Updates a limit in keystone by id."""
+
+ limit = {'resource_limit': resource_limit}
+ if description:
+ limit['description'] = description
+ patch_body = json.dumps({'limit': limit})
+ resp, body = self.patch('limits/%s' % limit_id, patch_body)
+ self.expected_success(200, resp.status)
+ return rest_client.ResponseBody(resp, json.loads(body))
diff --git a/tempest/lib/services/network/__init__.py b/tempest/lib/services/network/__init__.py
index fc85140..d553373 100644
--- a/tempest/lib/services/network/__init__.py
+++ b/tempest/lib/services/network/__init__.py
@@ -16,6 +16,8 @@
from tempest.lib.services.network.extensions_client import ExtensionsClient
from tempest.lib.services.network.floating_ips_client import FloatingIPsClient
from tempest.lib.services.network.log_resource_client import LogResourceClient
+from tempest.lib.services.network.loggable_resource_client import \
+ LoggableResourceClient
from tempest.lib.services.network.metering_label_rules_client import \
MeteringLabelRulesClient
from tempest.lib.services.network.metering_labels_client import \
@@ -46,4 +48,5 @@
'QosClient', 'QosMinimumBandwidthRulesClient', 'QuotasClient',
'RoutersClient', 'SecurityGroupRulesClient', 'SecurityGroupsClient',
'SegmentsClient', 'ServiceProvidersClient', 'SubnetpoolsClient',
- 'SubnetsClient', 'TagsClient', 'TrunksClient', 'LogResourceClient']
+ 'SubnetsClient', 'TagsClient', 'TrunksClient', 'LogResourceClient',
+ 'LoggableResourceClient']
diff --git a/tempest/lib/services/network/loggable_resource_client.py b/tempest/lib/services/network/loggable_resource_client.py
new file mode 100644
index 0000000..774046f
--- /dev/null
+++ b/tempest/lib/services/network/loggable_resource_client.py
@@ -0,0 +1,29 @@
+# Copyright 2021 Red Hat, Inc.
+# All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.lib.services.network import base
+
+
+class LoggableResourceClient(base.BaseNetworkClient):
+
+ def list_loggable_resources(self, **filters):
+ """List Loggable resources.
+
+ For a full list of available parameters, please refer to the official
+ API reference:
+ https://docs.openstack.org/api-ref/network/v2/index.html#list-loggable-resources
+ """
+ uri = '/log/loggable-resources'
+ return self.list_resources(uri, **filters)
diff --git a/tempest/lib/services/object_storage/object_client.py b/tempest/lib/services/object_storage/object_client.py
index bb82975..65e8227 100644
--- a/tempest/lib/services/object_storage/object_client.py
+++ b/tempest/lib/services/object_storage/object_client.py
@@ -28,6 +28,8 @@
self.get_object(container, object_name)
except exceptions.NotFound:
return True
+ except exceptions.Conflict:
+ return False
return False
def create_object(self, container, object_name, data,
diff --git a/tempest/scenario/test_unified_limits.py b/tempest/scenario/test_unified_limits.py
new file mode 100644
index 0000000..22256b4
--- /dev/null
+++ b/tempest/scenario/test_unified_limits.py
@@ -0,0 +1,435 @@
+# Copyright 2021 Red Hat, Inc.
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import io
+
+from oslo_utils import units
+from tempest.common import utils
+from tempest.common import waiters
+from tempest import config
+from tempest.lib.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
+from tempest.lib import decorators
+from tempest.lib import exceptions as lib_exc
+from tempest.scenario import manager
+
+CONF = config.CONF
+
+
+class ImageQuotaTest(manager.ScenarioTest):
+ credentials = ['primary', 'system_admin']
+
+ @classmethod
+ def resource_setup(cls):
+ super(ImageQuotaTest, cls).resource_setup()
+
+ # Figure out and record the glance service id
+ services = cls.os_system_admin.identity_services_v3_client.\
+ list_services()
+ glance_services = [x for x in services['services']
+ if x['name'] == 'glance']
+ cls.glance_service_id = glance_services[0]['id']
+
+ # Pre-create all the quota limits and record their IDs so we can
+ # update them in-place without needing to know which ones have been
+ # created and in which order.
+ cls.limit_ids = {}
+
+ try:
+ cls.limit_ids['image_size_total'] = cls._create_limit(
+ 'image_size_total', 10)
+ cls.limit_ids['image_stage_total'] = cls._create_limit(
+ 'image_stage_total', 10)
+ cls.limit_ids['image_count_total'] = cls._create_limit(
+ 'image_count_total', 10)
+ cls.limit_ids['image_count_uploading'] = cls._create_limit(
+ 'image_count_uploading', 10)
+ except lib_exc.Forbidden:
+ # If we fail to set limits, it means they are not
+ # registered, and thus we will skip these tests once we
+ # have our os_system_admin client and run
+ # check_quotas_enabled().
+ pass
+
+ def setUp(self):
+ super(ImageQuotaTest, self).setUp()
+ self.created_images = []
+
+ def create_image(self, data=None, **kwargs):
+ """Wrapper that returns a test image."""
+
+ if 'name' not in kwargs:
+ name = data_utils.rand_name(self.__name__ + "-image")
+ kwargs['name'] = name
+
+ params = dict(kwargs)
+ if data:
+ # NOTE: On glance v1 API, the data should be passed on
+ # a header. Then here handles the data separately.
+ params['data'] = data
+
+ image = self.image_client.create_image(**params)
+ # Image objects returned by the v1 client have the image
+ # data inside a dict that is keyed against 'image'.
+ if 'image' in image:
+ image = image['image']
+ self.created_images.append(image['id'])
+ self.addCleanup(
+ self.image_client.wait_for_resource_deletion,
+ image['id'])
+ self.addCleanup(
+ test_utils.call_and_ignore_notfound_exc,
+ self.image_client.delete_image, image['id'])
+ return image
+
+ def check_quotas_enabled(self):
+ # Check to see if we should even be running these tests. Use
+ # the presence of a registered limit that we recognize as an
+ # indication. This will be set up by the operator (or
+ # devstack) if glance is configured to use/honor the unified
+ # limits. If one is set, they must all be set, because glance
+ # has a single all-or-nothing flag for whether or not to use
+ # keystone limits. If anything, checking only one helps to
+ # assert the assumption that, if enabled, they must all be at
+ # least registered for proper operation.
+ registered_limits = self.os_system_admin.identity_limits_client.\
+ get_registered_limits()['registered_limits']
+ if 'image_count_total' not in [x['resource_name']
+ for x in registered_limits]:
+ raise self.skipException('Target system is not configured with '
+ 'glance unified limits')
+
+ @classmethod
+ def _create_limit(cls, name, value):
+ return cls.os_system_admin.identity_limits_client.create_limit(
+ CONF.identity.region, cls.glance_service_id,
+ cls.image_client.tenant_id, name, value)['limits'][0]['id']
+
+ def _update_limit(self, name, value):
+ self.os_system_admin.identity_limits_client.update_limit(
+ self.limit_ids[name], value)
+
+ def _cleanup_images(self):
+ while self.created_images:
+ image_id = self.created_images.pop()
+ try:
+ self.image_client.delete_image(image_id)
+ except lib_exc.NotFound:
+ pass
+
+ @decorators.idempotent_id('9b74fe24-183b-41e6-bf42-84c2958a7be8')
+ @utils.services('image', 'identity')
+ def test_image_count_quota(self):
+ self.check_quotas_enabled()
+
+ # Set a quota on the number of images for our tenant to one.
+ self._update_limit('image_count_total', 1)
+
+ # Create one image
+ image = self.create_image(name='first',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+
+ # Second image would put us over quota, so expect failure.
+ self.assertRaises(lib_exc.OverLimit,
+ self.create_image,
+ name='second',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+
+ # Update our limit to two.
+ self._update_limit('image_count_total', 2)
+
+ # Now the same create should succeed.
+ self.create_image(name='second',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+
+ # Third image would put us over quota, so expect failure.
+ self.assertRaises(lib_exc.OverLimit,
+ self.create_image,
+ name='third',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+
+ # Delete the first image to put us under quota.
+ self.image_client.delete_image(image['id'])
+
+ # Now the same create should succeed.
+ self.create_image(name='third',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+
+ # Delete all the images we created before the next test runs,
+ # so that it starts with full quota.
+ self._cleanup_images()
+
+ @decorators.idempotent_id('b103788b-5329-4aa9-8b0d-97f8733460db')
+ @utils.services('image', 'identity')
+ def test_image_count_uploading_quota(self):
+ if not CONF.image_feature_enabled.import_image:
+ skip_msg = (
+ "%s skipped as image import is not available" % __name__)
+ raise self.skipException(skip_msg)
+
+ self.check_quotas_enabled()
+
+ # Set a quota on the number of images we can have in uploading state.
+ self._update_limit('image_stage_total', 10)
+ self._update_limit('image_size_total', 10)
+ self._update_limit('image_count_total', 10)
+ self._update_limit('image_count_uploading', 1)
+
+ file_content = data_utils.random_bytes(1 * units.Mi)
+
+ # Create and stage an image
+ image1 = self.create_image(name='first',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.stage_image_file(image1['id'],
+ io.BytesIO(file_content))
+
+ # Check that we can not stage another
+ image2 = self.create_image(name='second',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.stage_image_file,
+ image2['id'], io.BytesIO(file_content))
+
+ # ... nor upload directly
+ image3 = self.create_image(name='third',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.store_image_file,
+ image3['id'],
+ io.BytesIO(file_content))
+
+ # Update our quota to make room
+ self._update_limit('image_count_uploading', 2)
+
+ # Now our upload should work
+ self.image_client.store_image_file(image3['id'],
+ io.BytesIO(file_content))
+
+ # ...and because that is no longer in uploading state, we should be
+ # able to stage our second image from above.
+ self.image_client.stage_image_file(image2['id'],
+ io.BytesIO(file_content))
+
+ # Finish our import of image2
+ self.image_client.image_import(image2['id'], method='glance-direct')
+ waiters.wait_for_image_imported_to_stores(self.image_client,
+ image2['id'])
+
+ # Set our quota back to one
+ self._update_limit('image_count_uploading', 1)
+
+ # Since image1 is still staged, we should not be able to upload
+ # an image.
+ image4 = self.create_image(name='fourth',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.store_image_file,
+ image4['id'],
+ io.BytesIO(file_content))
+
+ # Finish our import of image1 to make space in our uploading quota.
+ self.image_client.image_import(image1['id'], method='glance-direct')
+ waiters.wait_for_image_imported_to_stores(self.image_client,
+ image1['id'])
+
+ # Make sure that freed up the one upload quota to complete our upload
+ self.image_client.store_image_file(image4['id'],
+ io.BytesIO(file_content))
+
+ # Delete all the images we created before the next test runs,
+ # so that it starts with full quota.
+ self._cleanup_images()
+
+ @decorators.idempotent_id('05e8d064-c39a-4801-8c6a-465df375ec5b')
+ @utils.services('image', 'identity')
+ def test_image_size_quota(self):
+ self.check_quotas_enabled()
+
+ # Set a quota on the image size for our tenant to 1MiB, and allow ten
+ # images.
+ self._update_limit('image_size_total', 1)
+ self._update_limit('image_count_total', 10)
+ self._update_limit('image_count_uploading', 10)
+
+ file_content = data_utils.random_bytes(1 * units.Mi)
+
+ # Create and upload a 1MiB image.
+ image1 = self.create_image(name='first',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.store_image_file(image1['id'],
+ io.BytesIO(file_content))
+
+ # Create and upload a second 1MiB image. This succeeds, but
+ # after completion, we are over quota. Despite us being at
+ # quota above, the initial quota check for the second
+ # operation has no idea what the image size will be, and thus
+ # uses delta=0. This will succeed because we're not
+ # technically over-quota and have not asked for any more (this
+ # is oslo.limit behavior). After the second operation,
+ # however, we will be over-quota regardless of the delta and
+ # subsequent attempts will fail. Because glance goes not
+ # require an image size to be declared before upload, this is
+ # really the best it can do without an API change.
+ image2 = self.create_image(name='second',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.store_image_file(image2['id'],
+ io.BytesIO(file_content))
+
+ # Create and attempt to upload a third 1MiB image. This should fail to
+ # upload (but not create) because we are over quota.
+ image3 = self.create_image(name='third',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.store_image_file,
+ image3['id'], io.BytesIO(file_content))
+
+ # Increase our size quota to 2MiB.
+ self._update_limit('image_size_total', 2)
+
+ # Now the upload of the already-created image is allowed, but
+ # after completion, we are over quota again.
+ self.image_client.store_image_file(image3['id'],
+ io.BytesIO(file_content))
+
+ # Create and attempt to upload a fourth 1MiB image. This should
+ # fail to upload (but not create) because we are over quota.
+ image4 = self.create_image(name='fourth',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.store_image_file,
+ image4['id'], io.BytesIO(file_content))
+
+ # Delete our first image to make space in our existing 2MiB quota.
+ self.image_client.delete_image(image1['id'])
+
+ # Now the upload of the already-created image is allowed.
+ self.image_client.store_image_file(image4['id'],
+ io.BytesIO(file_content))
+
+ # Delete all the images we created before the next test runs,
+ # so that it starts with full quota.
+ self._cleanup_images()
+
+ @decorators.idempotent_id('fc76b8d9-aae5-46fb-9285-099e37f311f7')
+ @utils.services('image', 'identity')
+ def test_image_stage_quota(self):
+ if not CONF.image_feature_enabled.import_image:
+ skip_msg = (
+ "%s skipped as image import is not available" % __name__)
+ raise self.skipException(skip_msg)
+
+ self.check_quotas_enabled()
+
+ # Create a staging quota of 1MiB, allow 10MiB of active
+ # images, and a total of ten images.
+ self._update_limit('image_stage_total', 1)
+ self._update_limit('image_size_total', 10)
+ self._update_limit('image_count_total', 10)
+ self._update_limit('image_count_uploading', 10)
+
+ file_content = data_utils.random_bytes(1 * units.Mi)
+
+ # Create and stage a 1MiB image.
+ image1 = self.create_image(name='first',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.stage_image_file(image1['id'],
+ io.BytesIO(file_content))
+
+ # Create and stage a second 1MiB image. This succeeds, but
+ # after completion, we are over quota.
+ image2 = self.create_image(name='second',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.stage_image_file(image2['id'],
+ io.BytesIO(file_content))
+
+ # Create and attempt to stage a third 1MiB image. This should fail to
+ # stage (but not create) because we are over quota.
+ image3 = self.create_image(name='third',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.stage_image_file,
+ image3['id'], io.BytesIO(file_content))
+
+ # Make sure that even though we are over our stage quota, we
+ # can still create and upload an image the regular way.
+ image_upload = self.create_image(name='uploaded',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.image_client.store_image_file(image_upload['id'],
+ io.BytesIO(file_content))
+
+ # Increase our stage quota to two MiB.
+ self._update_limit('image_stage_total', 2)
+
+ # Now the upload of the already-created image is allowed, but
+ # after completion, we are over quota again.
+ self.image_client.stage_image_file(image3['id'],
+ io.BytesIO(file_content))
+
+ # Create and attempt to stage a fourth 1MiB image. This should
+ # fail to stage (but not create) because we are over quota.
+ image4 = self.create_image(name='fourth',
+ container_format='bare',
+ disk_format='raw',
+ visibility='private')
+ self.assertRaises(lib_exc.OverLimit,
+ self.image_client.stage_image_file,
+ image4['id'], io.BytesIO(file_content))
+
+ # Finish our import of image1 to make space in our stage quota.
+ self.image_client.image_import(image1['id'], method='glance-direct')
+ waiters.wait_for_image_imported_to_stores(self.image_client,
+ image1['id'])
+
+ # Now the upload of the already-created image is allowed.
+ self.image_client.stage_image_file(image4['id'],
+ io.BytesIO(file_content))
+
+ # Delete all the images we created before the next test runs,
+ # so that it starts with full quota.
+ self._cleanup_images()
diff --git a/tempest/tests/common/test_waiters.py b/tempest/tests/common/test_waiters.py
index f801243..5cdbfbf 100755
--- a/tempest/tests/common/test_waiters.py
+++ b/tempest/tests/common/test_waiters.py
@@ -453,11 +453,14 @@
"volumeAttachments": [{"volumeId": uuids.volume_id}]}
mock_list_volume_attachments = mock.Mock(
side_effect=[volume_attached, volume_attached])
+ mock_get_console_output = mock.Mock(
+ return_value={'output': 'output'})
mock_client = mock.Mock(
spec=servers_client.ServersClient,
build_interval=1,
build_timeout=1,
- list_volume_attachments=mock_list_volume_attachments)
+ list_volume_attachments=mock_list_volume_attachments,
+ get_console_output=mock_get_console_output)
self.patch(
'time.time',
side_effect=[0., 0.5, mock_client.build_timeout + 1.])
@@ -473,3 +476,22 @@
mock_list_volume_attachments.assert_has_calls([
mock.call(uuids.server_id),
mock.call(uuids.server_id)])
+
+ # Assert that we fetch console output
+ mock_get_console_output.assert_called_once_with(uuids.server_id)
+
+ def test_wait_for_volume_attachment_remove_from_server_not_found(self):
+ mock_list_volume_attachments = mock.Mock(
+ side_effect=lib_exc.NotFound)
+ mock_client = mock.Mock(
+ spec=servers_client.ServersClient,
+ list_volume_attachments=mock_list_volume_attachments)
+
+ # Assert that nothing is raised when lib_exc_NotFound is raised
+ # by the client call to list_volume_attachments
+ waiters.wait_for_volume_attachment_remove_from_server(
+ mock_client, mock.sentinel.server_id, mock.sentinel.volume_id)
+
+ # Assert that list_volume_attachments was actually called
+ mock_list_volume_attachments.assert_called_once_with(
+ mock.sentinel.server_id)
diff --git a/tempest/tests/lib/cmd/test_check_uuid.py b/tempest/tests/lib/cmd/test_check_uuid.py
index a621a75..403de38 100644
--- a/tempest/tests/lib/cmd/test_check_uuid.py
+++ b/tempest/tests/lib/cmd/test_check_uuid.py
@@ -29,12 +29,13 @@
" pass"
def create_tests_file(self, directory):
- with open(directory + "/__init__.py", "w"):
- pass
+ init_file = open(directory + "/__init__.py", "w")
+ init_file.close()
tests_file = directory + "/tests.py"
with open(tests_file, "w") as fake_file:
fake_file.write(TestCLInterface.CODE)
+ fake_file.close()
return tests_file
diff --git a/tempest/tests/lib/services/identity/v3/test_limit_client.py b/tempest/tests/lib/services/identity/v3/test_limit_client.py
new file mode 100644
index 0000000..07ec6cd
--- /dev/null
+++ b/tempest/tests/lib/services/identity/v3/test_limit_client.py
@@ -0,0 +1,82 @@
+# Copyright 2021 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from tempest.lib.services.identity.v3 import limits_client
+from tempest.tests.lib import fake_auth_provider
+from tempest.tests.lib.services import base
+
+
+class TestLimitsClient(base.BaseServiceTest):
+ def setUp(self):
+ super(TestLimitsClient, self).setUp()
+ self.client = limits_client.LimitsClient(
+ fake_auth_provider.FakeAuthProvider(),
+ 'identity', 'regionOne')
+
+ def test_get_registered_limits(self):
+ fake_result = {'foo': 'bar'}
+ self.check_service_client_function(
+ self.client.get_registered_limits,
+ 'tempest.lib.common.rest_client.RestClient.get',
+ fake_result,
+ False,
+ status=200)
+
+ def test_create_limit(self):
+ fake_result = {'foo': 'bar'}
+ self.check_service_client_function(
+ self.client.create_limit,
+ 'tempest.lib.common.rest_client.RestClient.post',
+ fake_result,
+ False,
+ region_id='regionOne', service_id='image',
+ project_id='project', resource_name='widgets',
+ default_limit=10,
+ description='Spacely Widgets',
+ status=201)
+
+ def test_create_limit_with_domain(self):
+ fake_result = {'foo': 'bar'}
+ self.check_service_client_function(
+ self.client.create_limit,
+ 'tempest.lib.common.rest_client.RestClient.post',
+ fake_result,
+ False,
+ region_id='regionOne', service_id='image',
+ project_id='project', resource_name='widgets',
+ default_limit=10,
+ domain_id='foo',
+ description='Spacely Widgets',
+ status=201)
+
+ def test_update_limit(self):
+ fake_result = {'foo': 'bar'}
+ self.check_service_client_function(
+ self.client.update_limit,
+ 'tempest.lib.common.rest_client.RestClient.patch',
+ fake_result,
+ False,
+ limit_id='123', resource_limit=20,
+ status=200)
+
+ def test_update_limit_with_description(self):
+ fake_result = {'foo': 'bar'}
+ self.check_service_client_function(
+ self.client.update_limit,
+ 'tempest.lib.common.rest_client.RestClient.patch',
+ fake_result,
+ False,
+ limit_id='123', resource_limit=20,
+ description='new description',
+ status=200)
diff --git a/tempest/tests/lib/services/network/test_loggable_resource_client.py b/tempest/tests/lib/services/network/test_loggable_resource_client.py
new file mode 100644
index 0000000..232775b
--- /dev/null
+++ b/tempest/tests/lib/services/network/test_loggable_resource_client.py
@@ -0,0 +1,53 @@
+# Copyright 2021 Red Hat, Inc.
+# All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.lib.services.network import loggable_resource_client
+from tempest.tests.lib import fake_auth_provider
+from tempest.tests.lib.services import base
+
+
+class TestLoggableResourceClient(base.BaseServiceTest):
+
+ FAKE_LOGS = {
+ "loggable_resources": [
+ {
+ "type": "security_group"
+ },
+ {
+ "type": "none"
+ }
+ ]
+ }
+
+ def setUp(self):
+ super(TestLoggableResourceClient, self).setUp()
+ fake_auth = fake_auth_provider.FakeAuthProvider()
+ self.loggable_resource_client = \
+ loggable_resource_client.LoggableResourceClient(
+ fake_auth, "network", "regionOne")
+
+ def _test_list_loggable_resources(self, bytes_body=False):
+ self.check_service_client_function(
+ self.loggable_resource_client.list_loggable_resources,
+ "tempest.lib.common.rest_client.RestClient.get",
+ self.FAKE_LOGS,
+ bytes_body,
+ 200)
+
+ def test_list_loggable_resources_with_str_body(self):
+ self._test_list_loggable_resources()
+
+ def test_list_loggable_resources_with_bytes_body(self):
+ self._test_list_loggable_resources(bytes_body=True)
diff --git a/tools/generate-tempest-plugins-list.py b/tools/generate-tempest-plugins-list.py
index 1b5b369..eef5886 100644
--- a/tools/generate-tempest-plugins-list.py
+++ b/tools/generate-tempest-plugins-list.py
@@ -35,28 +35,36 @@
# TODO(masayukig): Some of these can be removed from NON_ACTIVE_LIST in the
# future when the patches are merged.
NON_ACTIVE_LIST = [
- 'x/gce-api', # It looks gce-api doesn't support python3 yet.
+ 'x/gce-api', # It looks gce-api doesn't support python3 yet
+ # https://bugs.launchpad.net/gce-api/+bug/1931094
'x/glare', # To avoid sanity-job failure
- 'x/group-based-policy', # It looks this doesn't support python3 yet.
- 'x/intel-nfv-ci-tests', # https://review.opendev.org/#/c/634640/
+ 'x/group-based-policy',
+ # https://bugs.launchpad.net/group-based-policy/+bug/1931091
+ 'x/intel-nfv-ci-tests', # To avoid sanity-job failure
'openstack/networking-generic-switch',
+ # This is not a real tempest plugin,
# https://review.opendev.org/#/c/634846/
- 'x/networking-l2gw-tempest-plugin',
- # https://review.opendev.org/#/c/635093/
- 'openstack/networking-midonet', # https://review.opendev.org/#/c/635096/
- 'x/networking-plumgrid', # https://review.opendev.org/#/c/635096/
+ 'x/networking-plumgrid', # No longer contains tempest tests
'x/networking-spp', # https://review.opendev.org/#/c/635098/
+ # networking-spp is missing neutron-tempest-plugin as a dep plus
+ # test-requirements.txt is nested in a openstack dir and sanity script
+ # doesn't count with such scenario yet
'openstack/neutron-dynamic-routing',
+ # As tests have been migrated to neutron-tempest-plugin:
# https://review.opendev.org/#/c/637718/
- 'openstack/neutron-vpnaas', # https://review.opendev.org/#/c/637719/
- 'x/tap-as-a-service', # To avoid sanity-job failure
- 'x/valet', # https://review.opendev.org/#/c/638339/
- 'x/kingbird', # https://bugs.launchpad.net/kingbird/+bug/1869722
- # vmware-nsx is excluded since https://review.opendev.org/#/c/736952
- 'x/vmware-nsx-tempest-plugin',
+ 'openstack/neutron-vpnaas',
+ # As tests have been migrated to neutron-tempest-plugin:
+ # https://review.opendev.org/c/openstack/neutron-vpnaas/+/695834
+ 'x/valet', # valet is unmaintained now
+ # https://review.opendev.org/c/x/valet/+/638339
+ 'x/kingbird', # kingbird is unmaintained now
+ # https://bugs.launchpad.net/kingbird/+bug/1869722
+ 'x/mogan',
# mogan is unmaintained now, remove from the list when this is merged:
# https://review.opendev.org/c/x/mogan/+/767718
- 'x/mogan',
+ 'x/vmware-nsx-tempest-plugin'
+ # Failing since 2021-08-27
+ # https://zuul.opendev.org/t/openstack/build/45f6c8d3c62d4387a70b7b471ec687c8
]
url = 'https://review.opendev.org/projects/'
diff --git a/tox.ini b/tox.ini
index 87a2850..cd32174 100644
--- a/tox.ini
+++ b/tox.ini
@@ -11,7 +11,7 @@
VIRTUAL_ENV={envdir}
OS_TEST_PATH=./tempest/test_discover
deps =
- -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/requirements.txt
[testenv]
@@ -28,7 +28,7 @@
install_command = pip install {opts} {packages}
allowlist_externals = *
deps =
- -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
commands =
@@ -263,7 +263,7 @@
[testenv:venv]
deps =
- -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/requirements.txt
-r{toxinidir}/doc/requirements.txt
commands = {posargs}
@@ -278,7 +278,7 @@
[testenv:docs]
deps =
- -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/doc/requirements.txt
commands =
sphinx-apidoc -f -o doc/source/tests/compute tempest/api/compute
@@ -363,7 +363,7 @@
[testenv:releasenotes]
deps =
- -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/doc/requirements.txt
commands =
rm -rf releasenotes/build
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index c876579..7a3afc2 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -64,11 +64,11 @@
irrelevant-files: *tempest-irrelevant-files
- devstack-plugin-ceph-tempest-py3:
irrelevant-files: *tempest-irrelevant-files
- - neutron-grenade-multinode:
+ - neutron-ovs-grenade-multinode:
irrelevant-files: *tempest-irrelevant-files
- grenade:
irrelevant-files: *tempest-irrelevant-files
- - neutron-tempest-dvr:
+ - neutron-ovs-tempest-dvr:
voting: false
irrelevant-files: *tempest-irrelevant-files
- interop-tempest-consistency:
@@ -85,7 +85,7 @@
jobs:
- tempest-slow-py3:
irrelevant-files: *tempest-irrelevant-files
- - neutron-grenade-multinode:
+ - neutron-ovs-grenade-multinode:
irrelevant-files: *tempest-irrelevant-files
- tempest-full-py3:
irrelevant-files: *tempest-irrelevant-files
@@ -102,7 +102,7 @@
irrelevant-files: *tempest-irrelevant-files
- tempest-all:
irrelevant-files: *tempest-irrelevant-files
- - neutron-tempest-dvr-ha-multinode-full:
+ - neutron-ovs-tempest-dvr-ha-multinode-full:
irrelevant-files: *tempest-irrelevant-files
- nova-tempest-v2-api:
irrelevant-files: *tempest-irrelevant-files