Move isolated credential code to BaseTestCase
This commit takes the isolated credential code from BaseComputeTest
and moves it up to it's super class: BaseTestCase. This allows the
isolated credential code to be reused by all the test classes. All
existing(only compute and volume) isolated credential methods in
the base classes are then update to use the common methods.
Change-Id: Ifae7bb74a4aa8f853fbd87ad80a63a9dcfc3b9d1
diff --git a/tempest/api/compute/base.py b/tempest/api/compute/base.py
index a38dcd1..8ba074e 100644
--- a/tempest/api/compute/base.py
+++ b/tempest/api/compute/base.py
@@ -22,7 +22,6 @@
from tempest.common import log as logging
from tempest.common.utils.data_utils import parse_image_id
from tempest.common.utils.data_utils import rand_name
-from tempest import exceptions
import tempest.test
@@ -82,101 +81,6 @@
cls.servers_client_v3_auth = os.servers_client_v3_auth
@classmethod
- def _get_identity_admin_client(cls):
- """
- Returns an instance of the Identity Admin API client
- """
- os = clients.AdminManager(interface=cls._interface)
- admin_client = os.identity_client
- return admin_client
-
- @classmethod
- def _get_client_args(cls):
-
- return (
- cls.config,
- cls.config.identity.admin_username,
- cls.config.identity.admin_password,
- cls.config.identity.uri
- )
-
- @classmethod
- def _get_isolated_creds(cls, admin=False):
- """
- Creates a new set of user/tenant/password credentials for a
- **regular** user of the Compute API so that a test case can
- operate in an isolated tenant container.
- """
- admin_client = cls._get_identity_admin_client()
- password = "pass"
-
- while True:
- try:
- rand_name_root = rand_name(cls.__name__)
- if cls.isolated_creds:
- # Main user already created. Create the alt one...
- rand_name_root += '-alt'
- tenant_name = rand_name_root + "-tenant"
- tenant_desc = tenant_name + "-desc"
-
- resp, tenant = admin_client.create_tenant(
- name=tenant_name, description=tenant_desc)
- break
- except exceptions.Duplicate:
- if cls.config.compute.allow_tenant_reuse:
- tenant = admin_client.get_tenant_by_name(tenant_name)
- LOG.info('Re-using existing tenant %s', tenant)
- break
-
- while True:
- try:
- rand_name_root = rand_name(cls.__name__)
- if cls.isolated_creds:
- # Main user already created. Create the alt one...
- rand_name_root += '-alt'
- username = rand_name_root + "-user"
- email = rand_name_root + "@example.com"
- resp, user = admin_client.create_user(username,
- password,
- tenant['id'],
- email)
- break
- except exceptions.Duplicate:
- if cls.config.compute.allow_tenant_reuse:
- user = admin_client.get_user_by_username(tenant['id'],
- username)
- LOG.info('Re-using existing user %s', user)
- break
- # Store the complete creds (including UUID ids...) for later
- # but return just the username, tenant_name, password tuple
- # that the various clients will use.
- cls.isolated_creds.append((user, tenant))
-
- # Assign admin role if this is for admin creds
- if admin:
- _, roles = admin_client.list_roles()
- role = None
- try:
- _, roles = admin_client.list_roles()
- role = next(r for r in roles if r['name'] == 'admin')
- except StopIteration:
- msg = "No admin role found"
- raise exceptions.NotFound(msg)
- admin_client.assign_user_role(tenant['id'], user['id'], role['id'])
-
- return username, tenant_name, password
-
- @classmethod
- def clear_isolated_creds(cls):
- if not cls.isolated_creds:
- return
- admin_client = cls._get_identity_admin_client()
-
- for user, tenant in cls.isolated_creds:
- admin_client.delete_user(user['id'])
- admin_client.delete_tenant(tenant['id'])
-
- @classmethod
def clear_servers(cls):
for server in cls.servers:
try:
@@ -204,7 +108,7 @@
def tearDownClass(cls):
cls.clear_images()
cls.clear_servers()
- cls.clear_isolated_creds()
+ cls._clear_isolated_creds()
@classmethod
def create_server(cls, **kwargs):
diff --git a/tempest/api/volume/base.py b/tempest/api/volume/base.py
index 5770d28..a84f9e8 100644
--- a/tempest/api/volume/base.py
+++ b/tempest/api/volume/base.py
@@ -19,7 +19,6 @@
from tempest import clients
from tempest.common import log as logging
-from tempest.common.utils.data_utils import rand_name
import tempest.test
LOG = logging.getLogger(__name__)
@@ -65,59 +64,10 @@
cls.os.tenant_name)
@classmethod
- def _get_identity_admin_client(cls):
- """
- Returns an instance of the Identity Admin API client
- """
- os = clients.ComputeAdminManager()
- return os.identity_client
-
- @classmethod
- def _get_isolated_creds(cls):
- """
- Creates a new set of user/tenant/password credentials for a
- **regular** user of the Volume API so that a test case can
- operate in an isolated tenant container.
- """
- admin_client = cls._get_identity_admin_client()
- rand_name_root = rand_name(cls.__name__)
- if cls.isolated_creds:
- # Main user already created. Create the alt one...
- rand_name_root += '-alt'
- username = rand_name_root + "-user"
- email = rand_name_root + "@example.com"
- tenant_name = rand_name_root + "-tenant"
- tenant_desc = tenant_name + "-desc"
- password = "pass"
-
- resp, tenant = admin_client.create_tenant(name=tenant_name,
- description=tenant_desc)
- resp, user = admin_client.create_user(username,
- password,
- tenant['id'],
- email)
- # Store the complete creds (including UUID ids...) for later
- # but return just the username, tenant_name, password tuple
- # that the various clients will use.
- cls.isolated_creds.append((user, tenant))
-
- return username, tenant_name, password
-
- @classmethod
- def clear_isolated_creds(cls):
- if not cls.isolated_creds:
- return
- admin_client = cls._get_identity_admin_client()
-
- for user, tenant in cls.isolated_creds:
- admin_client.delete_user(user['id'])
- admin_client.delete_tenant(tenant['id'])
-
- @classmethod
def tearDownClass(cls):
cls.clear_snapshots()
cls.clear_volumes()
- cls.clear_isolated_creds()
+ cls._clear_isolated_creds()
@classmethod
def create_snapshot(cls, volume_id=1, **kwargs):
@@ -198,6 +148,13 @@
msg = ("Missing Volume Admin API credentials "
"in configuration.")
raise cls.skipException(msg)
-
- cls.os_adm = clients.AdminManager(interface=cls._interface)
+ if cls.config.compute.allow_tenant_isolation:
+ creds = cls._get_isolated_creds(admin=True)
+ admin_username, admin_tenant_name, admin_password = creds
+ cls.os_adm = clients.Manager(username=admin_username,
+ password=admin_password,
+ tenant_name=admin_tenant_name,
+ interface=cls._interface)
+ else:
+ cls.os_adm = clients.AdminManager(interface=cls._interface)
cls.client = cls.os_adm.volume_types_client
diff --git a/tempest/test.py b/tempest/test.py
index d7008a7..d151c84 100644
--- a/tempest/test.py
+++ b/tempest/test.py
@@ -21,8 +21,11 @@
import testresources
import testtools
+from tempest import clients
from tempest.common import log as logging
+from tempest.common.utils.data_utils import rand_name
from tempest import config
+from tempest import exceptions
from tempest import manager
LOG = logging.getLogger(__name__)
@@ -65,6 +68,104 @@
if hasattr(super(BaseTestCase, cls), 'setUpClass'):
super(BaseTestCase, cls).setUpClass()
+ @classmethod
+ def _get_identity_admin_client(cls):
+ """
+ Returns an instance of the Identity Admin API client
+ """
+ os = clients.AdminManager(interface=cls._interface)
+ admin_client = os.identity_client
+ return admin_client
+
+ @classmethod
+ def _get_client_args(cls):
+
+ return (
+ cls.config,
+ cls.config.identity.admin_username,
+ cls.config.identity.admin_password,
+ cls.config.identity.uri
+ )
+
+ @classmethod
+ def _get_isolated_creds(cls, admin=False):
+ """
+ Creates a new set of user/tenant/password credentials for a
+ **regular** user of the Compute API so that a test case can
+ operate in an isolated tenant container.
+ """
+ admin_client = cls._get_identity_admin_client()
+ password = "pass"
+
+ while True:
+ try:
+ rand_name_root = rand_name(cls.__name__)
+ if cls.isolated_creds:
+ # Main user already created. Create the alt or admin one...
+ if admin:
+ rand_name_root += '-admin'
+ else:
+ rand_name_root += '-alt'
+ tenant_name = rand_name_root + "-tenant"
+ tenant_desc = tenant_name + "-desc"
+
+ resp, tenant = admin_client.create_tenant(
+ name=tenant_name, description=tenant_desc)
+ break
+ except exceptions.Duplicate:
+ if cls.config.compute.allow_tenant_reuse:
+ tenant = admin_client.get_tenant_by_name(tenant_name)
+ LOG.info('Re-using existing tenant %s', tenant)
+ break
+
+ while True:
+ try:
+ rand_name_root = rand_name(cls.__name__)
+ if cls.isolated_creds:
+ # Main user already created. Create the alt one...
+ rand_name_root += '-alt'
+ username = rand_name_root + "-user"
+ email = rand_name_root + "@example.com"
+ resp, user = admin_client.create_user(username,
+ password,
+ tenant['id'],
+ email)
+ break
+ except exceptions.Duplicate:
+ if cls.config.compute.allow_tenant_reuse:
+ user = admin_client.get_user_by_username(tenant['id'],
+ username)
+ LOG.info('Re-using existing user %s', user)
+ break
+ # Store the complete creds (including UUID ids...) for later
+ # but return just the username, tenant_name, password tuple
+ # that the various clients will use.
+ cls.isolated_creds.append((user, tenant))
+
+ # Assign admin role if this is for admin creds
+ if admin:
+ _, roles = admin_client.list_roles()
+ role = None
+ try:
+ _, roles = admin_client.list_roles()
+ role = next(r for r in roles if r['name'] == 'admin')
+ except StopIteration:
+ msg = "No admin role found"
+ raise exceptions.NotFound(msg)
+ admin_client.assign_user_role(tenant['id'], user['id'], role['id'])
+
+ return username, tenant_name, password
+
+ @classmethod
+ def _clear_isolated_creds(cls):
+ if not cls.isolated_creds:
+ return
+ admin_client = cls._get_identity_admin_client()
+
+ for user, tenant in cls.isolated_creds:
+ admin_client.delete_user(user['id'])
+ admin_client.delete_tenant(tenant['id'])
+
def call_until_true(func, duration, sleep_for):
"""