Merge "Add bandwidth inventory to the subnodes in tempest-multinode-full-py3"
diff --git a/releasenotes/notes/add-alt-project-dynamic-creds-1a3bc543e65d9433.yaml b/releasenotes/notes/add-alt-project-dynamic-creds-1a3bc543e65d9433.yaml
new file mode 100644
index 0000000..de81b2b
--- /dev/null
+++ b/releasenotes/notes/add-alt-project-dynamic-creds-1a3bc543e65d9433.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - |
+ Add project alternate admin, member and reader role for dynamic credentials.
diff --git a/tempest/cmd/subunit_describe_calls.py b/tempest/cmd/subunit_describe_calls.py
index 172fbaa..6c36d82 100644
--- a/tempest/cmd/subunit_describe_calls.py
+++ b/tempest/cmd/subunit_describe_calls.py
@@ -40,12 +40,14 @@
subunit-describe-calls will take in either stdin subunit v1 or v2 stream or a
file path which contains either a subunit v1 or v2 stream passed via the
---subunit parameter. This is then parsed checking for details contained in the
-file_bytes of the --non-subunit-name parameter (the default is pythonlogging
-which is what Tempest uses to store logs). By default the OpenStack Kilo
-release port defaults (http://bit.ly/22jpF5P) are used unless a file is
-provided via the --ports option. The resulting output is dumped in JSON output
-to the path provided in the --output-file option.
+``--subunit`` parameter. This is then parsed checking for details contained in
+the file_bytes of the ``--non-subunit-name`` parameter (the default is
+pythonlogging which is what Tempest uses to store logs). By default `the
+OpenStack default ports
+<https://docs.openstack.org/install-guide/firewalls-default-ports.html>`_
+are used unless a file is provided via the ``--ports`` option. The resulting
+output is dumped in JSON output to the path provided in the ``--output-file``
+option.
Ports file JSON structure
^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -110,9 +112,8 @@
response_re = re.compile(r'.* Response - Headers: (?P<headers>.*)')
body_re = re.compile(r'.*Body: (?P<body>.*)')
- # Based on newton defaults:
- # http://docs.openstack.org/newton/config-reference/
- # firewalls-default-ports.html
+ # Based on OpenStack default ports:
+ # https://docs.openstack.org/install-guide/firewalls-default-ports.html
services = {
"8776": "Block Storage",
"8774": "Nova",
@@ -131,7 +132,10 @@
"3260": "iSCSI",
"3306": "MySQL",
"5672": "AMQP",
- "8082": "murano"}
+ "8082": "murano",
+ "8778": "Clustering",
+ "8999": "Vitrage",
+ "8989": "Mistral"}
def __init__(self, services=None):
super(UrlParser, self).__init__()
diff --git a/tempest/lib/common/cred_provider.py b/tempest/lib/common/cred_provider.py
index 35bca1d..5af5a5e 100644
--- a/tempest/lib/common/cred_provider.py
+++ b/tempest/lib/common/cred_provider.py
@@ -86,14 +86,26 @@
return
@abc.abstractmethod
+ def get_project_alt_admin_creds(self):
+ return
+
+ @abc.abstractmethod
def get_project_member_creds(self):
return
@abc.abstractmethod
+ def get_project_alt_member_creds(self):
+ return
+
+ @abc.abstractmethod
def get_project_reader_creds(self):
return
@abc.abstractmethod
+ def get_project_alt_reader_creds(self):
+ return
+
+ @abc.abstractmethod
def clear_creds(self):
return
diff --git a/tempest/lib/common/dynamic_creds.py b/tempest/lib/common/dynamic_creds.py
index 95f7e0b..5e2308e 100644
--- a/tempest/lib/common/dynamic_creds.py
+++ b/tempest/lib/common/dynamic_creds.py
@@ -379,12 +379,15 @@
credentials = self._creds["%s_%s" % (scope, credential_type[0])]
else:
if scope:
- if credential_type == 'admin':
+ if credential_type in [['admin'], ['alt_admin']]:
credentials = self._create_creds(
admin=True, scope=scope)
else:
+ cred_type = credential_type
+ if credential_type in [['alt_member'], ['alt_reader']]:
+ cred_type = credential_type[0][4:]
credentials = self._create_creds(
- roles=credential_type, scope=scope)
+ roles=[cred_type], scope=scope)
elif credential_type in ['primary', 'alt', 'admin']:
is_admin = (credential_type == 'admin')
credentials = self._create_creds(admin=is_admin)
@@ -443,12 +446,21 @@
def get_project_admin_creds(self):
return self.get_credentials(['admin'], scope='project')
+ def get_project_alt_admin_creds(self):
+ return self.get_credentials(['alt_admin'], scope='project')
+
def get_project_member_creds(self):
return self.get_credentials(['member'], scope='project')
+ def get_project_alt_member_creds(self):
+ return self.get_credentials(['alt_member'], scope='project')
+
def get_project_reader_creds(self):
return self.get_credentials(['reader'], scope='project')
+ def get_project_alt_reader_creds(self):
+ return self.get_credentials(['alt_reader'], scope='project')
+
def get_creds_by_roles(self, roles, force_new=False):
roles = list(set(roles))
# The roles list as a str will become the index as the dict key for
diff --git a/tempest/lib/common/preprov_creds.py b/tempest/lib/common/preprov_creds.py
index 313d3eb..a41f0bb 100644
--- a/tempest/lib/common/preprov_creds.py
+++ b/tempest/lib/common/preprov_creds.py
@@ -374,6 +374,10 @@
self._creds['project_admin'] = project_admin
return project_admin
+ def get_project_alt_admin_creds(self):
+ # TODO(gmann): Implement alt admin hash.
+ return
+
def get_project_member_creds(self):
if self._creds.get('project_member'):
return self._creds.get('project_member')
@@ -381,6 +385,10 @@
self._creds['project_member'] = project_member
return project_member
+ def get_project_alt_member_creds(self):
+ # TODO(gmann): Implement alt member hash.
+ return
+
def get_project_reader_creds(self):
if self._creds.get('project_reader'):
return self._creds.get('project_reader')
@@ -388,6 +396,10 @@
self._creds['project_reader'] = project_reader
return project_reader
+ def get_project_alt_reader_creds(self):
+ # TODO(gmann): Implement alt reader hash.
+ return
+
def get_creds_by_roles(self, roles, force_new=False):
roles = list(set(roles))
exist_creds = self._creds.get(str(roles).encode(
diff --git a/tempest/test.py b/tempest/test.py
index 68602d6..2dfedeb 100644
--- a/tempest/test.py
+++ b/tempest/test.py
@@ -296,6 +296,7 @@
identity_version = cls.get_identity_version()
# setting force_tenant_isolation to True also needs admin credentials.
if ('admin' in cls.credentials or
+ 'alt_admin' in cls.credentials or
getattr(cls, 'force_tenant_isolation', False)):
if not credentials.is_admin_available(
identity_version=identity_version):
diff --git a/tempest/tests/lib/common/test_dynamic_creds.py b/tempest/tests/lib/common/test_dynamic_creds.py
index e9073cc..4bb6440 100644
--- a/tempest/tests/lib/common/test_dynamic_creds.py
+++ b/tempest/tests/lib/common/test_dynamic_creds.py
@@ -214,6 +214,56 @@
self.assertEqual(admin_creds.user_id, '1234')
@mock.patch('tempest.lib.common.rest_client.RestClient')
+ def test_project_alt_admin_creds(self, MockRestClient):
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
+ self._mock_list_roles('1234', 'admin')
+ self._mock_user_create('1234', 'fake_alt_admin_user')
+ self._mock_tenant_create('1234', 'fake_alt_admin')
+
+ user_mock = mock.patch.object(self.roles_client.RolesClient,
+ 'create_user_role_on_project')
+ user_mock.start()
+ self.addCleanup(user_mock.stop)
+ with mock.patch.object(self.roles_client.RolesClient,
+ 'create_user_role_on_project') as user_mock:
+ alt_admin_creds = creds.get_project_alt_admin_creds()
+ user_mock.assert_has_calls([
+ mock.call('1234', '1234', '1234')])
+ self.assertEqual(alt_admin_creds.username, 'fake_alt_admin_user')
+ self.assertEqual(alt_admin_creds.project_name, 'fake_alt_admin')
+ # Verify IDs
+ self.assertEqual(alt_admin_creds.project_id, '1234')
+ self.assertEqual(alt_admin_creds.user_id, '1234')
+
+ @mock.patch('tempest.lib.common.rest_client.RestClient')
+ def test_project_alt_member_creds(self, MockRestClient):
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
+ self._mock_assign_user_role()
+ self._mock_list_role()
+ self._mock_tenant_create('1234', 'fake_alt_member')
+ self._mock_user_create('1234', 'fake_alt_user')
+ alt_member_creds = creds.get_project_alt_member_creds()
+ self.assertEqual(alt_member_creds.username, 'fake_alt_user')
+ self.assertEqual(alt_member_creds.project_name, 'fake_alt_member')
+ # Verify IDs
+ self.assertEqual(alt_member_creds.project_id, '1234')
+ self.assertEqual(alt_member_creds.user_id, '1234')
+
+ @mock.patch('tempest.lib.common.rest_client.RestClient')
+ def test_project_alt_reader_creds(self, MockRestClient):
+ creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
+ self._mock_assign_user_role()
+ self._mock_list_roles('1234', 'reader')
+ self._mock_tenant_create('1234', 'fake_alt_reader')
+ self._mock_user_create('1234', 'fake_alt_user')
+ alt_reader_creds = creds.get_project_alt_reader_creds()
+ self.assertEqual(alt_reader_creds.username, 'fake_alt_user')
+ self.assertEqual(alt_reader_creds.project_name, 'fake_alt_reader')
+ # Verify IDs
+ self.assertEqual(alt_reader_creds.project_id, '1234')
+ self.assertEqual(alt_reader_creds.user_id, '1234')
+
+ @mock.patch('tempest.lib.common.rest_client.RestClient')
def test_role_creds(self, MockRestClient):
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_list_2_roles()