Remove CredentialProvider deps to CONF
CredentialProvider uses CONF to get identity_version.
Identity version is always passed in anyways, so removing the CONF
dependency and making identity_version a mandatory parameter,
so that the class is ready for migration to tempest-lib
Partially implements: bp tempest-library
Change-Id: Ia960bf0b293e23537b3aaa8114bdbf7a46db62b1
diff --git a/tempest/common/cred_provider.py b/tempest/common/cred_provider.py
index 1221fc7..eb4c4a8 100644
--- a/tempest/common/cred_provider.py
+++ b/tempest/common/cred_provider.py
@@ -98,19 +98,17 @@
@six.add_metaclass(abc.ABCMeta)
class CredentialProvider(object):
- def __init__(self, identity_version=None, name=None,
+ def __init__(self, identity_version, name=None,
network_resources=None):
"""A CredentialProvider supplies credentials to test classes.
- :param identity_version: If specified it will return credentials of the
- corresponding identity version, otherwise it
- uses auth_version from configuration
+ :param identity_version: Identity version of the credentials provided
:param name: Name of the calling test. Included in provisioned
credentials when credentials are provisioned on the fly
:param network_resources: Network resources required for the
credentials
"""
self.name = name or "test_creds"
- self.identity_version = identity_version or CONF.identity.auth_version
+ self.identity_version = identity_version
if not auth.is_identity_version_supported(self.identity_version):
raise exceptions.InvalidIdentityVersion(
identity_version=self.identity_version)
diff --git a/tempest/common/credentials.py b/tempest/common/credentials.py
index 28e95e9..1b2eca7 100644
--- a/tempest/common/credentials.py
+++ b/tempest/common/credentials.py
@@ -32,6 +32,7 @@
# dynamic credentials. A new account will be produced only for that test.
# In case admin credentials are not available for the account creation,
# the test should be skipped else it would fail.
+ identity_version = identity_version or CONF.identity.auth_version
if CONF.auth.use_dynamic_credentials or force_tenant_isolation:
return dynamic_creds.DynamicCredentialProvider(
name=name,
@@ -50,8 +51,10 @@
# We want a helper function here to check and see if admin credentials
# are available so we can do a single call from skip_checks if admin
-# creds area vailable.
-def is_admin_available():
+# creds area available.
+# This depends on identity_version as there may be admin credentials
+# available for v2 but not for v3.
+def is_admin_available(identity_version):
is_admin = True
# If dynamic credentials is enabled admin will be available
if CONF.auth.use_dynamic_credentials:
@@ -60,13 +63,14 @@
elif (CONF.auth.test_accounts_file and
os.path.isfile(CONF.auth.test_accounts_file)):
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
- name='check_admin')
+ identity_version=identity_version, name='check_admin')
if not check_accounts.admin_available():
is_admin = False
else:
try:
- cred_provider.get_configured_credentials('identity_admin',
- fill_in=False)
+ cred_provider.get_configured_credentials(
+ 'identity_admin', fill_in=False,
+ identity_version=identity_version)
except exceptions.InvalidConfiguration:
is_admin = False
return is_admin
@@ -74,19 +78,21 @@
# We want a helper function here to check and see if alt credentials
# are available so we can do a single call from skip_checks if alt
-# creds area vailable.
-def is_alt_available():
- # If dynamic credentials is enabled admin will be available
+# creds area available.
+# This depends on identity_version as there may be alt credentials
+# available for v2 but not for v3.
+def is_alt_available(identity_version):
+ # If dynamic credentials is enabled alt will be available
if CONF.auth.use_dynamic_credentials:
return True
# Check whether test accounts file has the admin specified or not
if (CONF.auth.test_accounts_file and
os.path.isfile(CONF.auth.test_accounts_file)):
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
- name='check_alt')
+ identity_version=identity_version, name='check_alt')
else:
check_accounts = preprov_creds.NonLockingCredentialProvider(
- name='check_alt')
+ identity_version=identity_version, name='check_alt')
try:
if not check_accounts.is_multi_user():
return False
diff --git a/tempest/common/dynamic_creds.py b/tempest/common/dynamic_creds.py
index 8ff189a..d9cfac8 100644
--- a/tempest/common/dynamic_creds.py
+++ b/tempest/common/dynamic_creds.py
@@ -30,7 +30,7 @@
class DynamicCredentialProvider(cred_provider.CredentialProvider):
- def __init__(self, identity_version=None, name=None,
+ def __init__(self, identity_version, name=None,
network_resources=None):
super(DynamicCredentialProvider, self).__init__(
identity_version, name, network_resources)
diff --git a/tempest/common/preprov_creds.py b/tempest/common/preprov_creds.py
index 3781b0c..48eae25 100644
--- a/tempest/common/preprov_creds.py
+++ b/tempest/common/preprov_creds.py
@@ -39,7 +39,7 @@
class PreProvisionedCredentialProvider(cred_provider.CredentialProvider):
- def __init__(self, identity_version=None, name=None):
+ def __init__(self, identity_version, name=None):
super(PreProvisionedCredentialProvider, self).__init__(
identity_version=identity_version, name=name)
if (CONF.auth.test_accounts_file and
diff --git a/tempest/test.py b/tempest/test.py
index 490ee82..b8ba5f4 100644
--- a/tempest/test.py
+++ b/tempest/test.py
@@ -323,10 +323,13 @@
If one is really needed it may be implemented either in the
resource_setup or at test level.
"""
- if 'admin' in cls.credentials and not credentials.is_admin_available():
+ identity_version = cls.get_identity_version()
+ if 'admin' in cls.credentials and not credentials.is_admin_available(
+ identity_version=identity_version):
msg = "Missing Identity Admin API credentials in configuration."
raise cls.skipException(msg)
- if 'alt' in cls.credentials and not credentials.is_alt_available():
+ if 'alt' in cls.credentials and not credentials.is_alt_available(
+ identity_version=identity_version):
msg = "Missing a 2nd set of API credentials in configuration."
raise cls.skipException(msg)
if hasattr(cls, 'identity_version'):
@@ -454,6 +457,12 @@
return cred_client.get_creds_client(client, domain)
@classmethod
+ def get_identity_version(cls):
+ """Returns the identity version used by the test class"""
+ identity_version = getattr(cls, 'identity_version', None)
+ return identity_version or CONF.identity.auth_version
+
+ @classmethod
def _get_credentials_provider(cls):
"""Returns a credentials provider
@@ -464,13 +473,11 @@
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
- identity_version = getattr(cls, 'identity_version', None)
- identity_version = identity_version or CONF.identity.auth_version
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls.network_resources,
force_tenant_isolation=force_tenant_isolation,
- identity_version=identity_version)
+ identity_version=cls.get_identity_version())
return cls._creds_provider
@classmethod
@@ -597,7 +604,8 @@
# for their servers, so using an admin network client to validate
# the network name
if (not CONF.service_available.neutron and
- credentials.is_admin_available()):
+ credentials.is_admin_available(
+ identity_version=cls.get_identity_version())):
admin_creds = cred_provider.get_admin_creds()
admin_manager = clients.Manager(admin_creds)
networks_client = admin_manager.compute_networks_client
@@ -747,7 +755,8 @@
"mechanism")
if "admin_client" in description and description["admin_client"]:
- if not credentials.is_admin_available():
+ if not credentials.is_admin_available(
+ identity_version=self.get_identity_version()):
msg = ("Missing Identity Admin API credentials in"
"configuration.")
raise self.skipException(msg)
diff --git a/tempest/tests/common/test_admin_available.py b/tempest/tests/common/test_admin_available.py
index 8490c4d..709ca6f 100644
--- a/tempest/tests/common/test_admin_available.py
+++ b/tempest/tests/common/test_admin_available.py
@@ -23,6 +23,8 @@
class TestAdminAvailable(base.TestCase):
+ identity_version = 'v2'
+
def setUp(self):
super(TestAdminAvailable, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@@ -60,16 +62,18 @@
self.useFixture(mockpatch.Patch('os.path.isfile',
return_value=False))
if admin_creds:
- (u, t, p) = ('u', 't', 'p')
+ (u, t, p, d) = ('u', 't', 'p', 'd')
else:
- (u, t, p) = (None, None, None)
+ (u, t, p, d) = (None, None, None, None)
cfg.CONF.set_default('admin_username', u, group='auth')
cfg.CONF.set_default('admin_tenant_name', t, group='auth')
cfg.CONF.set_default('admin_password', p, group='auth')
+ cfg.CONF.set_default('admin_domain_name', d, group='auth')
expected = admin_creds is not None or tenant_isolation
- observed = credentials.is_admin_available()
+ observed = credentials.is_admin_available(
+ identity_version=self.identity_version)
self.assertEqual(expected, observed)
# Tenant isolation implies admin so only one test case for True
@@ -102,3 +106,8 @@
self.run_test(tenant_isolation=False,
use_accounts_file=False,
admin_creds='role')
+
+
+class TestAdminAvailableV3(TestAdminAvailable):
+
+ identity_version = 'v3'
diff --git a/tempest/tests/common/test_preprov_creds.py b/tempest/tests/common/test_preprov_creds.py
index cb7240b..e813b2e 100644
--- a/tempest/tests/common/test_preprov_creds.py
+++ b/tempest/tests/common/test_preprov_creds.py
@@ -36,6 +36,9 @@
class TestPreProvisionedCredentials(base.TestCase):
+ fixed_params = {'name': 'test class',
+ 'identity_version': 'v2'}
+
def setUp(self):
super(TestPreProvisionedCredentials, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@@ -89,7 +92,7 @@
self.stubs.Set(token_client.TokenClient, 'raw_request',
fake_identity._fake_v2_response)
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
@@ -99,7 +102,7 @@
def test_get_hash_dict(self):
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
hash_dict = test_account_class.get_hash_dict(self.test_accounts)
hash_list = self._get_hash_list(self.test_accounts)
for hash in hash_list:
@@ -113,7 +116,7 @@
create=True):
test_account_class = (
preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name'))
+ **self.fixed_params))
res = test_account_class._create_hash_file('12345')
self.assertFalse(res, "_create_hash_file should return False if the "
"pseudo-lock file already exists")
@@ -125,7 +128,7 @@
create=True):
test_account_class = (
preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name'))
+ **self.fixed_params))
res = test_account_class._create_hash_file('12345')
self.assertTrue(res, "_create_hash_file should return True if the "
"pseudo-lock doesn't already exist")
@@ -138,7 +141,7 @@
mkdir_mock = self.useFixture(mockpatch.Patch('os.mkdir'))
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=False))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
with mock.patch('six.moves.builtins.open', mock.mock_open(),
create=True) as open_mock:
test_account_class._get_free_hash(hash_list)
@@ -157,7 +160,7 @@
# Emulate all lcoks in list are in use
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
with mock.patch('six.moves.builtins.open', mock.mock_open(),
create=True):
self.assertRaises(exceptions.InvalidConfiguration,
@@ -169,7 +172,7 @@
self.useFixture(mockpatch.Patch('os.path.isdir', return_value=True))
hash_list = self._get_hash_list(self.test_accounts)
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
def _fake_is_file(path):
# Fake isfile() to return that the path exists unless a specific
@@ -195,7 +198,7 @@
# Pretend the lock dir is empty
self.useFixture(mockpatch.Patch('os.listdir', return_value=[]))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
@@ -216,7 +219,7 @@
self.useFixture(mockpatch.Patch('os.listdir', return_value=[
hash_list[1], hash_list[4]]))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
@@ -228,7 +231,7 @@
def test_is_multi_user(self):
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
self.assertTrue(test_accounts_class.is_multi_user())
def test_is_not_multi_user(self):
@@ -237,7 +240,7 @@
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
self.assertFalse(test_accounts_class.is_multi_user())
def test__get_creds_by_roles_one_role(self):
@@ -245,7 +248,7 @@
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
hashes = test_accounts_class.hash_dict['roles']['role4']
temp_hash = hashes[0]
get_free_hash_mock = self.useFixture(mockpatch.PatchObject(
@@ -263,7 +266,7 @@
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
hashes = test_accounts_class.hash_dict['roles']['role4']
hashes2 = test_accounts_class.hash_dict['roles']['role2']
hashes = list(set(hashes) & set(hashes2))
@@ -283,7 +286,7 @@
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
hashes = list(test_accounts_class.hash_dict['creds'].keys())
admin_hashes = test_accounts_class.hash_dict['roles'][
cfg.CONF.identity.admin_role]
@@ -310,7 +313,7 @@
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
with mock.patch('tempest.services.compute.json.networks_client.'
'NetworksClient.list_networks',
return_value={'networks': [{'name': 'network-2',
@@ -328,6 +331,9 @@
class TestNotLockingAccount(base.TestCase):
+ fixed_params = {'name': 'test class',
+ 'identity_version': 'v2'}
+
def setUp(self):
super(TestNotLockingAccount, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@@ -349,7 +355,7 @@
def test_get_creds_roles_nonlocking_invalid(self):
test_accounts_class = preprov_creds.NonLockingCredentialProvider(
- 'v2', 'test_name')
+ **self.fixed_params)
self.assertRaises(exceptions.InvalidConfiguration,
test_accounts_class.get_creds_by_roles,
['fake_role'])
diff --git a/tempest/tests/test_dynamic_creds.py b/tempest/tests/test_dynamic_creds.py
index 92ed526..08b2ab6 100644
--- a/tempest/tests/test_dynamic_creds.py
+++ b/tempest/tests/test_dynamic_creds.py
@@ -32,6 +32,9 @@
class TestDynamicCredentialProvider(base.TestCase):
+ fixed_params = {'name': 'test class',
+ 'identity_version': 'v2'}
+
def setUp(self):
super(TestDynamicCredentialProvider, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@@ -44,7 +47,7 @@
self._mock_list_ec2_credentials('fake_user_id', 'fake_tenant_id')
def test_tempest_client(self):
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self.assertTrue(isinstance(creds.identity_admin_client,
json_iden_client.IdentityClient))
self.assertTrue(isinstance(creds.network_admin_client,
@@ -142,7 +145,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_primary_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_tenant_create('1234', 'fake_prim_tenant')
@@ -157,7 +160,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_admin_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_list_roles('1234', 'admin')
self._mock_user_create('1234', 'fake_admin_user')
self._mock_tenant_create('1234', 'fake_admin_tenant')
@@ -180,7 +183,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_role_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- creds = dynamic_creds.DynamicCredentialProvider('v2', 'test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_list_2_roles()
self._mock_user_create('1234', 'fake_role_user')
self._mock_tenant_create('1234', 'fake_role_tenant')
@@ -209,7 +212,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_all_cred_cleanup(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_tenant_create('1234', 'fake_prim_tenant')
@@ -249,7 +252,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_alt_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_alt_user')
@@ -264,7 +267,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_no_network_creation_with_config_set(self, MockRestClient):
cfg.CONF.set_default('create_isolated_networks', False, group='auth')
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@@ -292,7 +295,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_creation(self, MockRestClient):
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@@ -323,7 +326,7 @@
"description": args['name'],
"security_group_rules": [],
"id": "sg-%s" % args['tenant_id']}]}
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
# Create primary tenant and network
self._mock_assign_user_role()
self._mock_list_role()
@@ -431,7 +434,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_alt_creation(self, MockRestClient):
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_alt_user')
@@ -456,7 +459,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_admin_creation(self, MockRestClient):
- creds = dynamic_creds.DynamicCredentialProvider(name='test class')
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_user_create('1234', 'fake_admin_user')
self._mock_tenant_create('1234', 'fake_admin_tenant')
@@ -488,7 +491,8 @@
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
- name='test class', network_resources=net_dict)
+ network_resources=net_dict,
+ **self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@@ -523,7 +527,8 @@
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
- name='test class', network_resources=net_dict)
+ network_resources=net_dict,
+ **self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@@ -540,7 +545,8 @@
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
- name='test class', network_resources=net_dict)
+ network_resources=net_dict,
+ **self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@@ -557,7 +563,8 @@
'dhcp': True,
}
creds = dynamic_creds.DynamicCredentialProvider(
- name='test class', network_resources=net_dict)
+ network_resources=net_dict,
+ **self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')