Merge "Clean up [identity-feature-enable] options for old releases"
diff --git a/releasenotes/notes/identity-feature-opt-cleanup-caracal-7afd283855a07025.yaml b/releasenotes/notes/identity-feature-opt-cleanup-caracal-7afd283855a07025.yaml
new file mode 100644
index 0000000..67f6ede
--- /dev/null
+++ b/releasenotes/notes/identity-feature-opt-cleanup-caracal-7afd283855a07025.yaml
@@ -0,0 +1,21 @@
+---
+upgrade:
+ - |
+ The following deprecated options in the ``[identity-feature-enabled]``
+ section have been removed. Project tags API and application credentials
+ API are now always tested if identity v3 API is available.
+
+ - ``project_tag``
+ - ``application_credentials``
+
+ - |
+ Default value of the ``[identity-feature-enabled] access_rule`` option has
+ been changed from ``False`` to ``True`` and now the access rule API is
+ always tested when identity API is available.
+
+deprecations:
+ - |
+ The Keystone access_rule is enabled by default since Train release and we
+ no longer need a separate config in Tempest to enable it. Therefore
+ the ``[identity-feature-enabled] access_rule`` option has been deprecated
+ and will be removed in a future release.
diff --git a/tempest/api/identity/admin/v3/test_project_tags.py b/tempest/api/identity/admin/v3/test_project_tags.py
index 2cc7257..2004cbc 100644
--- a/tempest/api/identity/admin/v3/test_project_tags.py
+++ b/tempest/api/identity/admin/v3/test_project_tags.py
@@ -13,8 +13,6 @@
# License for the specific language governing permissions and limitations
# under the License.
-import testtools
-
from tempest.api.identity import base
from tempest import config
from tempest.lib.common.utils import data_utils
@@ -33,8 +31,6 @@
force_tenant_isolation = False
@decorators.idempotent_id('7c123aac-999d-416a-a0fb-84b915ab10de')
- @testtools.skipUnless(CONF.identity_feature_enabled.project_tags,
- 'Project tags not available.')
def test_list_update_delete_project_tags(self):
"""Test listing, updating and deleting of project tags"""
project = self.setup_test_project()
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index c9e0e1c..9cdd917 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -322,13 +322,6 @@
class BaseApplicationCredentialsV3Test(BaseIdentityV3Test):
@classmethod
- def skip_checks(cls):
- super(BaseApplicationCredentialsV3Test, cls).skip_checks()
- if not CONF.identity_feature_enabled.application_credentials:
- raise cls.skipException("Application credentials are not available"
- " in this environment")
-
- @classmethod
def resource_setup(cls):
super(BaseApplicationCredentialsV3Test, cls).resource_setup()
cls.user_id = cls.os_primary.credentials.user_id
diff --git a/tempest/config.py b/tempest/config.py
index 1a08d6b..e4e7171 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -263,23 +263,11 @@
default=False,
help='Does the environment have the security compliance '
'settings enabled?'),
- cfg.BoolOpt('project_tags',
- default=True,
- help='Is the project tags identity v3 API available?',
- deprecated_for_removal=True,
- deprecated_reason='Project tags API is a default feature '
- 'since Queens'),
- cfg.BoolOpt('application_credentials',
- default=True,
- help='Does the environment have application credentials '
- 'enabled?',
- deprecated_for_removal=True,
- deprecated_reason='Application credentials is a default '
- 'feature since Queens'),
- # Access rules for application credentials is a default feature in Train.
- # This config option can removed once Stein is EOL.
cfg.BoolOpt('access_rules',
- default=False,
+ default=True,
+ deprecated_for_removal=True,
+ deprecated_reason='Access rules for application credentials '
+ 'is a default feature since Train',
help='Does the environment have access rules enabled?'),
cfg.BoolOpt('immutable_user_source',
default=False,