Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / c625bcfb52247fc5857a99af74dcef1b0ca8f42b^! / .
commitc625bcfb52247fc5857a99af74dcef1b0ca8f42b[log] [tgz]
authorAndrea Frittoli (andreaf) <andrea.frittoli@hp.com>Fri Oct 09 12:09:05 2015 +0100
committerAndrea Frittoli (andreaf) <andrea.frittoli@hp.com>Wed Oct 21 11:06:56 2015 +0100
treefc6eee7c6e33e562ec1ffd94f717aef53e180aef
parentd22ec33640affaeabd17c591599da86ffdf6d722 [diff]
Stop validating pre-provisioned credentials

Stop validating pre-provisioned credentials when requested
within the credential provider. This drops the need for
estabilishing connection to the identity service, and
reduces the amount of configuration that has to be passed
into the credentials provider for it to work.

This work is in preparation to the migration of the
pre-provisioned credentials provider to tempest-lib.

Change-Id: I825a01ff72cb3a937aafeb2104333db7113ef4d0

diff --git a/tempest/common/preprov_creds.py b/tempest/common/preprov_creds.py
index eac7f4e..3781b0c 100644
--- a/tempest/common/preprov_creds.py
+++ b/tempest/common/preprov_creds.py

@@ -18,6 +18,7 @@
 from oslo_concurrency import lockutils
 from oslo_log import log as logging
 import six
+from tempest_lib import auth
 import yaml
 
 from tempest import clients
@@ -280,7 +281,12 @@
 
     def _wrap_creds_with_network(self, hash):
         creds_dict = self.hash_dict['creds'][hash]
-        credential = cred_provider.get_credentials(
+        # Make sure a domain scope if defined for users in case of V3
+        creds_dict = self._extend_credentials(creds_dict)
+        # This just builds a Credentials object, it does not validate
+        # nor fill  with missing fields.
+        credential = auth.get_credentials(
+            auth_url=None, fill_in=False,
             identity_version=self.identity_version, **creds_dict)
         net_creds = cred_provider.TestResources(credential)
         net_clients = clients.Manager(credentials=credential)
@@ -294,6 +300,16 @@
         net_creds.set_resources(network=network)
         return net_creds
 
+    def _extend_credentials(self, creds_dict):
+        # In case of v3, adds a user_domain_name field to the creds
+        # dict if not defined
+        if self.identity_version == 'v3':
+            user_domain_fields = set(['user_domain_name', 'user_domain_id'])
+            if not user_domain_fields.intersection(set(creds_dict.keys())):
+                _domain = CONF.auth.default_credentials_domain_name
+                creds_dict['user_domain_name'] = _domain
+        return creds_dict
+
 
 class NonLockingCredentialProvider(PreProvisionedCredentialProvider):
     """Credentials provider which always returns the first and second
@@ -323,7 +339,8 @@
         if self._creds.get('primary'):
             return self._creds.get('primary')
         primary_credential = cred_provider.get_configured_credentials(
-            credential_type='user', identity_version=self.identity_version)
+            fill_in=False, credential_type='user',
+            identity_version=self.identity_version)
         self._creds['primary'] = cred_provider.TestResources(
             primary_credential)
         return self._creds['primary']
@@ -332,7 +349,7 @@
         if self._creds.get('alt'):
             return self._creds.get('alt')
         alt_credential = cred_provider.get_configured_credentials(
-            credential_type='alt_user',
+            fill_in=False, credential_type='alt_user',
             identity_version=self.identity_version)
         self._creds['alt'] = cred_provider.TestResources(
             alt_credential)

diff --git a/tempest/manager.py b/tempest/manager.py
index 6a003bc..d7c3128 100644
--- a/tempest/manager.py
+++ b/tempest/manager.py

@@ -54,7 +54,7 @@
         else:
             creds = self.credentials
         # Creates an auth provider for the credentials
-        self.auth_provider = get_auth_provider(creds)
+        self.auth_provider = get_auth_provider(creds, pre_auth=True)
         # FIXME(andreaf) unused
         self.client_attr_names = []
 
@@ -66,7 +66,7 @@
         return auth.KeystoneV2AuthProvider, CONF.identity.uri
 
 
-def get_auth_provider(credentials):
+def get_auth_provider(credentials, pre_auth=False):
     default_params = {
         'disable_ssl_certificate_validation':
             CONF.identity.disable_ssl_certificate_validation,
@@ -78,4 +78,8 @@
             'Credentials must be specified')
     auth_provider_class, auth_url = get_auth_provider_class(
         credentials)
-    return auth_provider_class(credentials, auth_url, **default_params)
+    _auth_provider = auth_provider_class(credentials, auth_url,
+                                         **default_params)
+    if pre_auth:
+        _auth_provider.set_auth()
+    return _auth_provider

diff --git a/tempest/scenario/utils.py b/tempest/scenario/utils.py
index 63847c3..12509f7 100644
--- a/tempest/scenario/utils.py
+++ b/tempest/scenario/utils.py

@@ -19,13 +19,13 @@
 
 from oslo_serialization import jsonutils as json
 from tempest_lib.common.utils import misc
+from tempest_lib import exceptions as exc_lib
 import testscenarios
 import testtools
 
 from tempest import clients
 from tempest.common import credentials
 from tempest import config
-from tempest import exceptions
 
 CONF = config.CONF
 
@@ -174,7 +174,7 @@
         scenario_utils = InputScenarioUtils()
         scenario_flavor = scenario_utils.scenario_flavors
         scenario_image = scenario_utils.scenario_images
-    except (exceptions.InvalidConfiguration, TypeError):
+    except (exc_lib.InvalidCredentials, TypeError):
         output = standard_tests
     finally:
         if scenario_utils: