Fix clean up for test_access_rules tests
In the test_access_rules tests [1], the app credentials were
created within setUp which means they were created per each test
while they weren't properly cleaned up after the tests. That led
to having those creds left behind which caused the assert issue
in the LP 1996624
This patch moves the app creds creation to the resource_setup so
that it's a class level resource and thus not created per each
test case separately. The test which tests deleting access rule
will create its own app cred together with a new access rule and
intead of asserting on number of found access rules it will check
existence of the access rule which was created in the test. That
will help us avoid any race conditions.
[1] https://opendev.org/openstack/tempest/src/commit/b2fefaf0b56ce96f6116f89faf79458ef4f9c7f3/tempest/api/identity/v3/test_access_rules.py#L51
Related-Bug: #1996624
Change-Id: Ibdb40910e53b3b1d5f481d101dfcf1b8e04dc63f
diff --git a/tempest/api/identity/v3/test_access_rules.py b/tempest/api/identity/v3/test_access_rules.py
index 608eb59..64a6959 100644
--- a/tempest/api/identity/v3/test_access_rules.py
+++ b/tempest/api/identity/v3/test_access_rules.py
@@ -17,6 +17,7 @@
from tempest.api.identity import base
from tempest import config
from tempest.lib.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest.lib import decorators
from tempest.lib import exceptions as lib_exc
@@ -37,10 +38,6 @@
super(AccessRulesV3Test, cls).resource_setup()
cls.user_id = cls.os_primary.credentials.user_id
cls.project_id = cls.os_primary.credentials.project_id
-
- def setUp(self):
- super(AccessRulesV3Test, self).setUp()
- ac = self.non_admin_app_creds_client
access_rules = [
{
"path": "/v2.1/servers/*/ips",
@@ -48,11 +45,15 @@
"service": "compute"
}
]
- self.app_cred = ac.create_application_credential(
- self.user_id,
+ cls.ac = cls.non_admin_app_creds_client
+ cls.app_cred = cls.ac.create_application_credential(
+ cls.user_id,
name=data_utils.rand_name('application_credential'),
access_rules=access_rules
)['application_credential']
+ cls.addClassResourceCleanup(
+ cls.ac.delete_application_credential,
+ cls.user_id, cls.app_cred['id'])
@decorators.idempotent_id('2354c498-5119-4ba5-9f0d-44f16f78fb0e')
def test_list_access_rules(self):
@@ -67,18 +68,33 @@
@decorators.idempotent_id('278757e9-e193-4bf8-adf2-0b0a229a17d0')
def test_delete_access_rule(self):
- access_rule_id = self.app_cred['access_rules'][0]['id']
- app_cred_id = self.app_cred['id']
+ access_rules = [
+ {
+ "path": "/v2.1/servers/*/ips",
+ "method": "GET",
+ "service": "monitoring"
+ }
+ ]
+ app_cred = self.ac.create_application_credential(
+ self.user_id,
+ name=data_utils.rand_name('application_credential'),
+ access_rules=access_rules
+ )['application_credential']
+ self.addCleanup(
+ test_utils.call_and_ignore_notfound_exc,
+ self.ac.delete_application_credential,
+ self.user_id, app_cred['id'])
+ access_rule_id = app_cred['access_rules'][0]['id']
self.assertRaises(
lib_exc.Forbidden,
self.non_admin_access_rules_client.delete_access_rule,
self.user_id,
access_rule_id)
- self.non_admin_app_creds_client.delete_application_credential(
- self.user_id, app_cred_id)
+ self.ac.delete_application_credential(
+ self.user_id, app_cred['id'])
ar = self.non_admin_access_rules_client.list_access_rules(self.user_id)
- self.assertEqual(1, len(ar['access_rules']))
+ self.assertIn(access_rule_id, [x['id'] for x in ar['access_rules']])
self.non_admin_access_rules_client.delete_access_rule(
self.user_id, access_rule_id)
ar = self.non_admin_access_rules_client.list_access_rules(self.user_id)
- self.assertEqual(0, len(ar['access_rules']))
+ self.assertNotIn(access_rule_id, [x['id'] for x in ar['access_rules']])