Merge "Filter out floating IPs from server IPs list"
diff --git a/.zuul.yaml b/.zuul.yaml
index ecc9284..2c09276 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -172,6 +172,26 @@
c-bak: false
- job:
+ name: tempest-integrated-networking
+ parent: devstack-tempest
+ branches: ^(?!stable/ocata).*$
+ description: |
+ This job runs integration tests for networking. This is subset of
+ 'tempest-full' job and run only Neutron and Nova related tests.
+ This is meant to be run on neutron gate only.
+ vars:
+ tox_envlist: integrated-network
+ devstack_localrc:
+ USE_PYTHON3: true
+ FORCE_CONFIG_DRIVE: true
+ devstack_services:
+ s-account: false
+ s-container: false
+ s-object: false
+ s-proxy: false
+ c-bak: false
+
+- job:
name: tempest-full-py3-ipv6
parent: devstack-tempest-ipv6
# This currently works from stable/pike on.
@@ -404,7 +424,6 @@
- opendev.org/openstack/monasca-log-api
- opendev.org/openstack/monasca-tempest-plugin
- opendev.org/openstack/murano-tempest-plugin
- - opendev.org/x/networking-ansible
- opendev.org/openstack/networking-bgpvpn
- opendev.org/x/networking-cisco
- opendev.org/x/networking-fortinet
@@ -499,6 +518,21 @@
ENABLE_FILE_INJECTION: true
DATABASE_TYPE: postgresql
+- project-template:
+ name: integrated-gate-networking
+ description: |
+ Run the python3 Tempest network integration tests (Nova and Neutron related)
+ in check and gate for the neutron integrated gate. This is meant to be
+ run on neutron gate only.
+ check:
+ jobs:
+ - grenade-py3
+ - tempest-integrated-networking
+ gate:
+ jobs:
+ - grenade-py3
+ - tempest-integrated-networking
+
- project:
templates:
- check-requirements
diff --git a/releasenotes/notes/config_image_certificate_compute_feature-c56efb520d54aff5.yaml b/releasenotes/notes/config_image_certificate_compute_feature-c56efb520d54aff5.yaml
new file mode 100644
index 0000000..8475f50
--- /dev/null
+++ b/releasenotes/notes/config_image_certificate_compute_feature-c56efb520d54aff5.yaml
@@ -0,0 +1,8 @@
+---
+other:
+ - |
+ New configuration options ``[compute]/certified_image_ref`` and
+ ``[compute]/certified_image_trusted_certs`` have been introduced. These
+ are required in order to run the ``ServerShowV263Test`` test and allow a
+ signed image with the required img_signature_* properties set along
+ with a list of trusted certificates to be used during the test.
diff --git a/tempest/api/compute/flavors/test_flavors_negative.py b/tempest/api/compute/flavors/test_flavors_negative.py
index 3a474e6..235049a 100644
--- a/tempest/api/compute/flavors/test_flavors_negative.py
+++ b/tempest/api/compute/flavors/test_flavors_negative.py
@@ -70,9 +70,7 @@
self.assertEqual(min_img_ram, image['min_ram'])
# Try to create server with flavor of insufficient ram size
- self.assertRaisesRegex(lib_exc.BadRequest,
- "Flavor's memory is too small for "
- "requested image",
- self.create_test_server,
- image_id=image['id'],
- flavor=flavor['id'])
+ self.assertRaises(lib_exc.BadRequest,
+ self.create_test_server,
+ image_id=image['id'],
+ flavor=flavor['id'])
diff --git a/tempest/api/compute/servers/test_server_actions.py b/tempest/api/compute/servers/test_server_actions.py
index f6c3e73..d47ff51 100644
--- a/tempest/api/compute/servers/test_server_actions.py
+++ b/tempest/api/compute/servers/test_server_actions.py
@@ -417,10 +417,7 @@
waiters.wait_for_server_status(self.client, self.server_id, 'ACTIVE')
# Make sure everything still looks OK.
server = self.client.show_server(self.server_id)['server']
- # The flavor id is not returned in the server response after
- # microversion 2.46 so handle that gracefully.
- if server['flavor'].get('id'):
- self.assertEqual(self.flavor_ref, server['flavor']['id'])
+ self.assert_flavor_equal(self.flavor_ref, server['flavor'])
attached_volumes = server['os-extended-volumes:volumes_attached']
self.assertEqual(1, len(attached_volumes))
self.assertEqual(volume['id'], attached_volumes[0]['id'])
diff --git a/tempest/api/compute/servers/test_servers.py b/tempest/api/compute/servers/test_servers.py
index e8b1161..76d65dd 100644
--- a/tempest/api/compute/servers/test_servers.py
+++ b/tempest/api/compute/servers/test_servers.py
@@ -186,10 +186,17 @@
min_microversion = '2.63'
max_microversion = 'latest'
+ @testtools.skipUnless(CONF.compute.certified_image_ref,
+ '``[compute]/certified_image_ref`` required to test '
+ 'image certificate validation.')
+ @testtools.skipUnless(CONF.compute.certified_image_trusted_certs,
+ '``[compute]/certified_image_trusted_certs`` '
+ 'required to test image certificate validation.')
@decorators.idempotent_id('71b8e3d5-11d2-494f-b917-b094a4afed3c')
def test_show_update_rebuild_list_server(self):
- trusted_certs = ['test-cert-1', 'test-cert-2']
+ trusted_certs = CONF.compute.certified_image_trusted_certs
server = self.create_test_server(
+ image_id=CONF.compute.certified_image_ref,
trusted_image_certificates=trusted_certs,
wait_until='ACTIVE')
diff --git a/tempest/cmd/run.py b/tempest/cmd/run.py
index 77d4496..f9ca2c7 100644
--- a/tempest/cmd/run.py
+++ b/tempest/cmd/run.py
@@ -19,11 +19,11 @@
==============
Tempest run has several options:
- * **--regex/-r**: This is a selection regex like what stestr uses. It will run
- any tests that match on re.match() with the regex
- * **--smoke/-s**: Run all the tests tagged as smoke
- * **--black-regex**: It allows to do simple test exclusion via passing a
- rejection/black regexp
+* ``--regex/-r``: This is a selection regex like what stestr uses. It will run
+ any tests that match on re.match() with the regex
+* ``--smoke/-s``: Run all the tests tagged as smoke
+* ``--black-regex``: It allows to do simple test exclusion via passing a
+ rejection/black regexp
There are also the ``--blacklist-file`` and ``--whitelist-file`` options that
let you pass a filepath to tempest run with the file format being a line
diff --git a/tempest/config.py b/tempest/config.py
index c608261..c50ebbe 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -271,6 +271,17 @@
help="Valid secondary image reference to be used in tests. "
"This is a required option, but if only one image is "
"available duplicate the value of image_ref above"),
+ cfg.StrOpt('certified_image_ref',
+ help="Valid image reference to be used in image certificate "
+ "validation tests when enabled. This image must also "
+ "have the required img_signature_* properties set. "
+ "Additional details available within the following Nova "
+ "documentation: https://docs.openstack.org/nova/latest/"
+ "user/certificate-validation.html"),
+ cfg.ListOpt('certified_image_trusted_certs',
+ help="A list of trusted certificates to be used when the "
+ "image certificate validation compute feature is "
+ "enabled."),
cfg.StrOpt('flavor_ref',
default="1",
help="Valid primary flavor to use in tests."),
@@ -524,9 +535,8 @@
default=True,
help='Enable special configuration drive with metadata.'),
cfg.ListOpt('scheduler_enabled_filters',
- default=["RetryFilter", "AvailabilityZoneFilter",
- "ComputeFilter", "ComputeCapabilitiesFilter",
- "ImagePropertiesFilter",
+ default=["AvailabilityZoneFilter", "ComputeFilter",
+ "ComputeCapabilitiesFilter", "ImagePropertiesFilter",
"ServerGroupAntiAffinityFilter",
"ServerGroupAffinityFilter"],
help="A list of enabled filters that Nova will accept as "
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index f6f31e2..1252f09 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -1277,7 +1277,7 @@
:param tenant_id: id of tenant to create resources in.
:param dns_nameservers: list of dns servers to send to subnet.
:param port_security_enabled: whether or not port_security is enabled
- :param: net_dict: a dict containing experimental network information in
+ :param net_dict: a dict containing experimental network information in
a form like this: {'provider:network_type': 'vlan',
'provider:physical_network': 'foo',
'provider:segmentation_id': '42'}
diff --git a/tempest/tests/cmd/test_run.py b/tempest/tests/cmd/test_run.py
index 0e00d94..8997a4c 100644
--- a/tempest/tests/cmd/test_run.py
+++ b/tempest/tests/cmd/test_run.py
@@ -49,7 +49,7 @@
args = mock.Mock(spec=argparse.Namespace)
setattr(args, 'smoke', False)
setattr(args, 'regex', '')
- self.assertIsNone(None, self.run_cmd._build_regex(args))
+ self.assertIsNone(self.run_cmd._build_regex(args))
def test__build_regex_smoke(self):
args = mock.Mock(spec=argparse.Namespace)
diff --git a/tools/generate-tempest-plugins-list.py b/tools/generate-tempest-plugins-list.py
index 35b1144..c18f109 100644
--- a/tools/generate-tempest-plugins-list.py
+++ b/tools/generate-tempest-plugins-list.py
@@ -41,19 +41,21 @@
# TODO(masayukig): Some of these can be removed from BLACKLIST in the future
# when the patches are merged.
BLACKLIST = [
- 'barbican-tempest-plugin', # https://review.opendev.org/#/c/634631/
- 'cyborg-tempest-plugin', # https://review.opendev.org/659687
- 'intel-nfv-ci-tests', # https://review.opendev.org/#/c/634640/
- 'networking-ansible', # https://review.opendev.org/#/c/634647/
- 'networking-generic-switch', # https://review.opendev.org/#/c/634846/
- 'networking-l2gw-tempest-plugin', # https://review.opendev.org/#/c/635093/
- 'networking-midonet', # https://review.opendev.org/#/c/635096/
- 'networking-plumgrid', # https://review.opendev.org/#/c/635096/
- 'networking-spp', # https://review.opendev.org/#/c/635098/
- 'neutron-dynamic-routing', # https://review.opendev.org/#/c/637718/
- 'neutron-vpnaas', # https://review.opendev.org/#/c/637719/
- 'nova-lxd', # https://review.opendev.org/#/c/638334/
- 'valet', # https://review.opendev.org/#/c/638339/
+ 'openstack/barbican-tempest-plugin',
+ # https://review.opendev.org/#/c/634631/
+ 'x/gce-api', # It looks gce-api doesn't support python3 yet.
+ 'x/intel-nfv-ci-tests', # https://review.opendev.org/#/c/634640/
+ 'openstack/networking-generic-switch',
+ # https://review.opendev.org/#/c/634846/
+ 'openstack/networking-l2gw-tempest-plugin',
+ # https://review.opendev.org/#/c/635093/
+ 'openstack/networking-midonet', # https://review.opendev.org/#/c/635096/
+ 'x/networking-plumgrid', # https://review.opendev.org/#/c/635096/
+ 'x/networking-spp', # https://review.opendev.org/#/c/635098/
+ 'openstack/neutron-dynamic-routing',
+ # https://review.opendev.org/#/c/637718/
+ 'openstack/neutron-vpnaas', # https://review.opendev.org/#/c/637719/
+ 'x/valet', # https://review.opendev.org/#/c/638339/
]
url = 'https://review.opendev.org/projects/'
@@ -79,6 +81,8 @@
except HTTPError as err:
if err.code == 404:
return False
+ # We should not ignore non 404 errors.
+ raise err
p = re.compile(r'^tempest\.test_plugins', re.M)
if p.findall(r.read().decode('utf-8')):
return True
diff --git a/tools/tempest-integrated-gate-networking-blacklist.txt b/tools/tempest-integrated-gate-networking-blacklist.txt
new file mode 100644
index 0000000..9566f69
--- /dev/null
+++ b/tools/tempest-integrated-gate-networking-blacklist.txt
@@ -0,0 +1,17 @@
+# This file includes the backlist of tests which need to be
+# skipped for Integrated-gate-networking template.
+
+# Skip Cinder, Glance, keystone and Swift API tests.
+tempest.api.volume
+tempest.api.image
+tempest.api.object_storage
+tempest.api.identity
+
+# Skip Cinder, Glance and Swift only scenario tests.
+tempest.scenario.test_encrypted_cinder_volumes.TestEncryptedCinderVolumes.test_encrypted_cinder_volumes_luks
+tempest.scenario.test_encrypted_cinder_volumes.TestEncryptedCinderVolumes.test_encrypted_cinder_volumes_cryptsetup
+tempest.scenario.test_object_storage_basic_ops.TestObjectStorageBasicOps.test_swift_basic_ops
+tempest.scenario.test_object_storage_basic_ops.TestObjectStorageBasicOps.test_swift_acl_anonymous_download
+tempest.scenario.test_volume_boot_pattern.TestVolumeBootPattern.test_boot_server_from_encrypted_volume_luks
+tempest.scenario.test_volume_boot_pattern.TestVolumeBootPattern.test_image_defined_boot_from_volume
+tempest.scenario.test_volume_boot_pattern.TestVolumeBootPattern.test_create_server_from_volume_snapshot
diff --git a/tox.ini b/tox.ini
index 291d899..5df5cec 100644
--- a/tox.ini
+++ b/tox.ini
@@ -118,6 +118,18 @@
find . -type f -name "*.pyc" -delete
tempest run --regex '(^tempest\.scenario.*)|(?!.*\[.*\bslow\b.*\])(^tempest\.api)' {posargs}
+[testenv:integrated-network]
+envdir = .tox/tempest
+sitepackages = {[tempestenv]sitepackages}
+setenv = {[tempestenv]setenv}
+deps = {[tempestenv]deps}
+# The regex below is used to select which tests to run and exclude the slow tag and
+# tests listed in blacklist file:
+commands =
+ find . -type f -name "*.pyc" -delete
+ tempest run --regex '(?!.*\[.*\bslow\b.*\])(^tempest\.api)' --blacklist_file ./tools/tempest-integrated-gate-networking-blacklist.txt {posargs}
+ tempest run --combine --serial --regex '(?!.*\[.*\bslow\b.*\])(^tempest\.scenario)' --blacklist_file ./tools/tempest-integrated-gate-networking-blacklist.txt {posargs}
+
[testenv:full-serial]
envdir = .tox/tempest
sitepackages = {[tempestenv]sitepackages}