Merge "Refactor fixed_ips API response schema"
diff --git a/etc/tempest.conf.sample b/etc/tempest.conf.sample
index 80d52a4..2e57007 100644
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@@ -116,6 +116,11 @@
# Roles to assign to all users created by tempest (list value)
#tempest_roles =
+# Only applicable when identity.auth_version is v3.Domain within which
+# isolated credentials are provisioned.The default "None" means that
+# the domain from theadmin user is used instead. (string value)
+#tenant_isolation_domain_name = <None>
+
[baremetal]
diff --git a/tempest/api_schema/response/compute/aggregates.py b/tempest/api_schema/response/compute/aggregates.py
deleted file mode 100644
index fc20885..0000000
--- a/tempest/api_schema/response/compute/aggregates.py
+++ /dev/null
@@ -1,101 +0,0 @@
-# Copyright 2014 NEC Corporation. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import copy
-
-# create-aggregate api doesn't have 'hosts' and 'metadata' attributes.
-aggregate_for_create = {
- 'type': 'object',
- 'properties': {
- 'availability_zone': {'type': ['string', 'null']},
- 'created_at': {'type': 'string'},
- 'deleted': {'type': 'boolean'},
- 'deleted_at': {'type': ['string', 'null']},
- 'id': {'type': 'integer'},
- 'name': {'type': 'string'},
- 'updated_at': {'type': ['string', 'null']}
- },
- 'required': ['availability_zone', 'created_at', 'deleted',
- 'deleted_at', 'id', 'name', 'updated_at']
-}
-
-aggregate = copy.deepcopy(aggregate_for_create)
-aggregate['properties'].update({
- 'hosts': {'type': 'array'},
- 'metadata': {'type': 'object'}
-})
-aggregate['required'].extend(['hosts', 'metadata'])
-
-aggregate = {
- 'type': 'object',
- 'properties': {
- 'availability_zone': {'type': ['string', 'null']},
- 'created_at': {'type': 'string'},
- 'deleted': {'type': 'boolean'},
- 'deleted_at': {'type': ['string', 'null']},
- 'hosts': {'type': 'array'},
- 'id': {'type': 'integer'},
- 'metadata': {'type': 'object'},
- 'name': {'type': 'string'},
- 'updated_at': {'type': ['string', 'null']}
- },
- 'required': ['availability_zone', 'created_at', 'deleted',
- 'deleted_at', 'hosts', 'id', 'metadata',
- 'name', 'updated_at']
-}
-
-list_aggregates = {
- 'status_code': [200],
- 'response_body': {
- 'type': 'object',
- 'properties': {
- 'aggregates': {
- 'type': 'array',
- 'items': aggregate
- }
- },
- 'required': ['aggregates']
- }
-}
-
-get_aggregate = {
- 'status_code': [200],
- 'response_body': {
- 'type': 'object',
- 'properties': {
- 'aggregate': aggregate
- },
- 'required': ['aggregate']
- }
-}
-
-aggregate_set_metadata = get_aggregate
-# The 'updated_at' attribute of 'update_aggregate' can't be null.
-update_aggregate = copy.deepcopy(get_aggregate)
-update_aggregate['response_body']['properties']['aggregate']['properties'][
- 'updated_at'] = {
- 'type': 'string'
- }
-
-common_create_aggregate = {
- 'response_body': {
- 'type': 'object',
- 'properties': {
- 'aggregate': aggregate_for_create
- },
- 'required': ['aggregate']
- }
-}
-
-aggregate_add_remove_host = get_aggregate
diff --git a/tempest/api_schema/response/compute/v2_1/aggregates.py b/tempest/api_schema/response/compute/v2_1/aggregates.py
index d87e4de..c935592 100644
--- a/tempest/api_schema/response/compute/v2_1/aggregates.py
+++ b/tempest/api_schema/response/compute/v2_1/aggregates.py
@@ -14,12 +14,75 @@
import copy
-from tempest.api_schema.response.compute import aggregates
+# create-aggregate api doesn't have 'hosts' and 'metadata' attributes.
+aggregate_for_create = {
+ 'type': 'object',
+ 'properties': {
+ 'availability_zone': {'type': ['string', 'null']},
+ 'created_at': {'type': 'string'},
+ 'deleted': {'type': 'boolean'},
+ 'deleted_at': {'type': ['string', 'null']},
+ 'id': {'type': 'integer'},
+ 'name': {'type': 'string'},
+ 'updated_at': {'type': ['string', 'null']}
+ },
+ 'required': ['availability_zone', 'created_at', 'deleted',
+ 'deleted_at', 'id', 'name', 'updated_at'],
+}
+
+common_aggregate_info = copy.deepcopy(aggregate_for_create)
+common_aggregate_info['properties'].update({
+ 'hosts': {'type': 'array'},
+ 'metadata': {'type': 'object'}
+})
+common_aggregate_info['required'].extend(['hosts', 'metadata'])
+
+list_aggregates = {
+ 'status_code': [200],
+ 'response_body': {
+ 'type': 'object',
+ 'properties': {
+ 'aggregates': {
+ 'type': 'array',
+ 'items': common_aggregate_info
+ }
+ },
+ 'required': ['aggregates'],
+ }
+}
+
+get_aggregate = {
+ 'status_code': [200],
+ 'response_body': {
+ 'type': 'object',
+ 'properties': {
+ 'aggregate': common_aggregate_info
+ },
+ 'required': ['aggregate'],
+ }
+}
+
+aggregate_set_metadata = get_aggregate
+# The 'updated_at' attribute of 'update_aggregate' can't be null.
+update_aggregate = copy.deepcopy(get_aggregate)
+update_aggregate['response_body']['properties']['aggregate']['properties'][
+ 'updated_at'] = {
+ 'type': 'string'
+ }
delete_aggregate = {
'status_code': [200]
}
-create_aggregate = copy.deepcopy(aggregates.common_create_aggregate)
-# V2 API's response status_code is 200
-create_aggregate['status_code'] = [200]
+create_aggregate = {
+ 'status_code': [200],
+ 'response_body': {
+ 'type': 'object',
+ 'properties': {
+ 'aggregate': aggregate_for_create
+ },
+ 'required': ['aggregate'],
+ }
+}
+
+aggregate_add_remove_host = get_aggregate
diff --git a/tempest/common/accounts.py b/tempest/common/accounts.py
index c8b2b93..8e9a018 100644
--- a/tempest/common/accounts.py
+++ b/tempest/common/accounts.py
@@ -35,9 +35,9 @@
class Accounts(cred_provider.CredentialProvider):
- def __init__(self, name):
- super(Accounts, self).__init__(name)
- self.name = name
+ def __init__(self, identity_version=None, name=None):
+ super(Accounts, self).__init__(identity_version=identity_version,
+ name=name)
if os.path.isfile(CONF.auth.test_accounts_file):
accounts = read_accounts_yaml(CONF.auth.test_accounts_file)
self.use_default_creds = False
@@ -45,13 +45,7 @@
accounts = {}
self.use_default_creds = True
self.hash_dict = self.get_hash_dict(accounts)
- # FIXME(dhellmann): The configuration option is not part of
- # the API of the library, because if we change the option name
- # or group it will break this use. Tempest needs to set this
- # value somewhere that it owns, and then use
- # lockutils.set_defaults() to tell oslo.concurrency what value
- # to use.
- self.accounts_dir = os.path.join(CONF.oslo_concurrency.lock_path,
+ self.accounts_dir = os.path.join(lockutils.get_lock_path(CONF),
'test_accounts')
self.isolated_creds = {}
@@ -208,7 +202,8 @@
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
creds = self._get_creds()
- primary_credential = cred_provider.get_credentials(**creds)
+ primary_credential = cred_provider.get_credentials(
+ identity_version=self.identity_version, **creds)
self.isolated_creds['primary'] = primary_credential
return primary_credential
@@ -216,7 +211,8 @@
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
creds = self._get_creds()
- alt_credential = cred_provider.get_credentials(**creds)
+ alt_credential = cred_provider.get_credentials(
+ identity_version=self.identity_version, **creds)
self.isolated_creds['alt'] = alt_credential
return alt_credential
@@ -232,7 +228,8 @@
new_index = str(roles) + '-' + str(len(self.isolated_creds))
self.isolated_creds[new_index] = exist_creds
creds = self._get_creds(roles=roles)
- role_credential = cred_provider.get_credentials(**creds)
+ role_credential = cred_provider.get_credentials(
+ identity_version=self.identity_version, **creds)
self.isolated_creds[str(roles)] = role_credential
return role_credential
@@ -300,10 +297,11 @@
return self.isolated_creds.get('primary')
if not self.use_default_creds:
creds = self.get_creds(0)
- primary_credential = cred_provider.get_credentials(**creds)
+ primary_credential = cred_provider.get_credentials(
+ identity_version=self.identity_version, **creds)
else:
primary_credential = cred_provider.get_configured_credentials(
- 'user')
+ credential_type='user', identity_version=self.identity_version)
self.isolated_creds['primary'] = primary_credential
return primary_credential
@@ -312,10 +310,12 @@
return self.isolated_creds.get('alt')
if not self.use_default_creds:
creds = self.get_creds(1)
- alt_credential = cred_provider.get_credentials(**creds)
+ alt_credential = cred_provider.get_credentials(
+ identity_version=self.identity_version, **creds)
else:
alt_credential = cred_provider.get_configured_credentials(
- 'alt_user')
+ credential_type='alt_user',
+ identity_version=self.identity_version)
self.isolated_creds['alt'] = alt_credential
return alt_credential
diff --git a/tempest/common/cred_provider.py b/tempest/common/cred_provider.py
index bff9a0a..b0300cb 100644
--- a/tempest/common/cred_provider.py
+++ b/tempest/common/cred_provider.py
@@ -83,7 +83,7 @@
domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
- kwargs['user_domain_name'] = CONF.identity.admin_domain_name
+ params['user_domain_name'] = CONF.identity.admin_domain_name
auth_url = CONF.identity.uri_v3
else:
auth_url = CONF.identity.uri
@@ -95,8 +95,25 @@
@six.add_metaclass(abc.ABCMeta)
class CredentialProvider(object):
- def __init__(self, name, password='pass', network_resources=None):
- self.name = name
+ def __init__(self, identity_version=None, name=None, password='pass',
+ network_resources=None):
+ """A CredentialProvider supplies credentials to test classes.
+ :param identity_version If specified it will return credentials of the
+ corresponding identity version, otherwise it
+ uses auth_version from configuration
+ :param name Name of the calling test. Included in provisioned
+ credentials when credentials are provisioned on the fly
+ :param password Used for provisioned credentials when credentials are
+ provisioned on the fly
+ :param network_resources Network resources required for the credentials
+ """
+ # TODO(andreaf) name and password are tenant isolation specific, and
+ # could be removed from this abstract class
+ self.name = name or "test_creds"
+ self.identity_version = identity_version or CONF.identity.auth_version
+ if not auth.is_identity_version_supported(self.identity_version):
+ raise exceptions.InvalidIdentityVersion(
+ identity_version=self.identity_version)
@abc.abstractmethod
def get_primary_creds(self):
diff --git a/tempest/common/isolated_creds.py b/tempest/common/isolated_creds.py
index 5f582c1..22fc9c3 100644
--- a/tempest/common/isolated_creds.py
+++ b/tempest/common/isolated_creds.py
@@ -12,8 +12,10 @@
# License for the specific language governing permissions and limitations
# under the License.
+import abc
import netaddr
from oslo_log import log as logging
+import six
from tempest_lib.common.utils import data_utils
from tempest_lib import exceptions as lib_exc
@@ -21,22 +23,142 @@
from tempest.common import cred_provider
from tempest import config
from tempest import exceptions
+from tempest.services.identity.v2.json import identity_client as v2_identity
CONF = config.CONF
LOG = logging.getLogger(__name__)
+@six.add_metaclass(abc.ABCMeta)
+class CredsClient(object):
+ """This class is a wrapper around the identity clients, to provide a
+ single interface for managing credentials in both v2 and v3 cases.
+ It's not bound to created credentials, only to a specific set of admin
+ credentials used for generating credentials.
+ """
+
+ def __init__(self, identity_client):
+ # The client implies version and credentials
+ self.identity_client = identity_client
+ self.credentials = self.identity_client.auth_provider.credentials
+
+ def create_user(self, username, password, project, email):
+ user = self.identity_client.create_user(
+ username, password, project['id'], email)
+ return user
+
+ @abc.abstractmethod
+ def create_project(self, name, description):
+ pass
+
+ def assign_user_role(self, user, project, role_name):
+ try:
+ roles = self._list_roles()
+ role = next(r for r in roles if r['name'] == role_name)
+ except StopIteration:
+ msg = 'No "%s" role found' % role_name
+ raise lib_exc.NotFound(msg)
+ try:
+ self.identity_client.assign_user_role(project['id'], user['id'],
+ role['id'])
+ except lib_exc.Conflict:
+ LOG.debug("Role %s already assigned on project %s for user %s" % (
+ role['id'], project['id'], user['id']))
+
+ @abc.abstractmethod
+ def get_credentials(self, user, project, password):
+ pass
+
+ def delete_user(self, user_id):
+ self.identity_client.delete_user(user_id)
+
+ def _list_roles(self):
+ roles = self.identity_client.list_roles()
+ return roles
+
+
+class V2CredsClient(CredsClient):
+
+ def create_project(self, name, description):
+ tenant = self.identity_client.create_tenant(
+ name=name, description=description)
+ return tenant
+
+ def get_credentials(self, user, project, password):
+ return cred_provider.get_credentials(
+ identity_version='v2',
+ username=user['name'], user_id=user['id'],
+ tenant_name=project['name'], tenant_id=project['id'],
+ password=password)
+
+ def delete_project(self, project_id):
+ self.identity_client.delete_tenant(project_id)
+
+
+class V3CredsClient(CredsClient):
+
+ def __init__(self, identity_client, domain_name):
+ super(V3CredsClient, self).__init__(identity_client)
+ try:
+ # Domain names must be unique, in any case a list is returned,
+ # selecting the first (and only) element
+ self.creds_domain = self.identity_client.list_domains(
+ params={'name': domain_name})[0]
+ except lib_exc.NotFound:
+ # TODO(andrea) we could probably create the domain on the fly
+ msg = "Configured domain %s could not be found" % domain_name
+ raise exceptions.InvalidConfiguration(msg)
+
+ def create_project(self, name, description):
+ project = self.identity_client.create_project(
+ name=name, description=description,
+ domain_id=self.creds_domain['id'])
+ return project
+
+ def get_credentials(self, user, project, password):
+ return cred_provider.get_credentials(
+ identity_version='v3',
+ username=user['name'], user_id=user['id'],
+ project_name=project['name'], project_id=project['id'],
+ password=password,
+ project_domain_name=self.creds_domain['name'])
+
+ def delete_project(self, project_id):
+ self.identity_client.delete_project(project_id)
+
+
+def get_creds_client(identity_client, project_domain_name=None):
+ if isinstance(identity_client, v2_identity.IdentityClientJSON):
+ return V2CredsClient(identity_client)
+ else:
+ return V3CredsClient(identity_client, project_domain_name)
+
+
class IsolatedCreds(cred_provider.CredentialProvider):
- def __init__(self, name, password='pass', network_resources=None):
- super(IsolatedCreds, self).__init__(name, password, network_resources)
+ def __init__(self, identity_version=None, name=None, password='pass',
+ network_resources=None):
+ super(IsolatedCreds, self).__init__(identity_version, name, password,
+ network_resources)
self.network_resources = network_resources
self.isolated_creds = {}
self.isolated_net_resources = {}
self.ports = []
self.password = password
+ self.default_admin_creds = cred_provider.get_configured_credentials(
+ 'identity_admin', fill_in=True,
+ identity_version=self.identity_version)
self.identity_admin_client, self.network_admin_client = (
self._get_admin_clients())
+ # Domain where isolated credentials are provisioned (v3 only).
+ # Use that of the admin account is None is configured.
+ self.creds_domain_name = None
+ if self.identity_version == 'v3':
+ self.creds_domain_name = (
+ CONF.auth.tenant_isolation_domain_name or
+ self.default_admin_creds.project_domain_name)
+ self.creds_client = get_creds_client(
+ self.identity_admin_client, self.creds_domain_name)
def _get_admin_clients(self):
"""
@@ -45,57 +167,11 @@
identity
network
"""
- os = clients.AdminManager()
- return os.identity_client, os.network_client
-
- def _create_tenant(self, name, description):
- tenant = self.identity_admin_client.create_tenant(
- name=name, description=description)
- return tenant
-
- def _get_tenant_by_name(self, name):
- tenant = self.identity_admin_client.get_tenant_by_name(name)
- return tenant
-
- def _create_user(self, username, password, tenant, email):
- user = self.identity_admin_client.create_user(
- username, password, tenant['id'], email)
- return user
-
- def _get_user(self, tenant, username):
- user = self.identity_admin_client.get_user_by_username(
- tenant['id'], username)
- return user
-
- def _list_roles(self):
- roles = self.identity_admin_client.list_roles()
- return roles
-
- def _assign_user_role(self, tenant, user, role_name):
- role = None
- try:
- roles = self._list_roles()
- role = next(r for r in roles if r['name'] == role_name)
- except StopIteration:
- msg = 'No "%s" role found' % role_name
- raise lib_exc.NotFound(msg)
- try:
- self.identity_admin_client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
- except lib_exc.Conflict:
- LOG.warning('Trying to add %s for user %s in tenant %s but they '
- ' were already granted that role' % (role_name,
- user['name'],
- tenant['name']))
-
- def _delete_user(self, user):
- self.identity_admin_client.delete_user(user)
-
- def _delete_tenant(self, tenant):
- if CONF.service_available.neutron:
- self._cleanup_default_secgroup(tenant)
- self.identity_admin_client.delete_tenant(tenant)
+ os = clients.Manager(self.default_admin_creds)
+ if self.identity_version == 'v2':
+ return os.identity_client, os.network_client
+ else:
+ return os.identity_v3_client, os.network_client
def _create_creds(self, suffix="", admin=False, roles=None):
"""Create random credentials under the following schema.
@@ -112,31 +188,26 @@
else:
root = self.name
- tenant_name = data_utils.rand_name(root) + suffix
- tenant_desc = tenant_name + "-desc"
- tenant = self._create_tenant(name=tenant_name,
- description=tenant_desc)
+ project_name = data_utils.rand_name(root) + suffix
+ project_desc = project_name + "-desc"
+ project = self.creds_client.create_project(
+ name=project_name, description=project_desc)
username = data_utils.rand_name(root) + suffix
email = data_utils.rand_name(root) + suffix + "@example.com"
- user = self._create_user(username, self.password,
- tenant, email)
+ user = self.creds_client.create_user(
+ username, self.password, project, email)
if admin:
- self._assign_user_role(tenant, user, CONF.identity.admin_role)
+ self.creds_client.assign_user_role(user, project,
+ CONF.identity.admin_role)
# Add roles specified in config file
for conf_role in CONF.auth.tempest_roles:
- self._assign_user_role(tenant, user, conf_role)
+ self.creds_client.assign_user_role(user, project, conf_role)
# Add roles requested by caller
if roles:
for role in roles:
- self._assign_user_role(tenant, user, role)
- return self._get_credentials(user, tenant)
-
- def _get_credentials(self, user, tenant):
- return cred_provider.get_credentials(
- username=user['name'], user_id=user['id'],
- tenant_name=tenant['name'], tenant_id=tenant['id'],
- password=self.password)
+ self.creds_client.assign_user_role(user, project, role)
+ return self.creds_client.get_credentials(user, project, self.password)
def _create_network_resources(self, tenant_id):
network = None
@@ -371,12 +442,14 @@
self._clear_isolated_net_resources()
for creds in self.isolated_creds.itervalues():
try:
- self._delete_user(creds.user_id)
+ self.creds_client.delete_user(creds.user_id)
except lib_exc.NotFound:
LOG.warn("user with name: %s not found for delete" %
creds.username)
try:
- self._delete_tenant(creds.tenant_id)
+ if CONF.service_available.neutron:
+ self._cleanup_default_secgroup(creds.tenant_id)
+ self.creds_client.delete_project(creds.tenant_id)
except lib_exc.NotFound:
LOG.warn("tenant with name: %s not found for delete" %
creds.tenant_name)
diff --git a/tempest/config.py b/tempest/config.py
index 12620de..4ee4669 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -60,7 +60,13 @@
"number of concurrent test processes."),
cfg.ListOpt('tempest_roles',
help="Roles to assign to all users created by tempest",
- default=[])
+ default=[]),
+ cfg.StrOpt('tenant_isolation_domain_name',
+ default=None,
+ help="Only applicable when identity.auth_version is v3."
+ "Domain within which isolated credentials are provisioned."
+ "The default \"None\" means that the domain from the"
+ "admin user is used instead.")
]
identity_group = cfg.OptGroup(name='identity',
diff --git a/tempest/services/compute/json/aggregates_client.py b/tempest/services/compute/json/aggregates_client.py
index 7f1c162..36a347b 100644
--- a/tempest/services/compute/json/aggregates_client.py
+++ b/tempest/services/compute/json/aggregates_client.py
@@ -17,8 +17,7 @@
from tempest_lib import exceptions as lib_exc
-from tempest.api_schema.response.compute import aggregates as schema
-from tempest.api_schema.response.compute.v2_1 import aggregates as v2_schema
+from tempest.api_schema.response.compute.v2_1 import aggregates as schema
from tempest.common import service_client
@@ -44,7 +43,7 @@
resp, body = self.post('os-aggregates', post_body)
body = json.loads(body)
- self.validate_response(v2_schema.create_aggregate, resp, body)
+ self.validate_response(schema.create_aggregate, resp, body)
return service_client.ResponseBody(resp, body['aggregate'])
def update_aggregate(self, aggregate_id, name, availability_zone=None):
@@ -63,7 +62,7 @@
def delete_aggregate(self, aggregate_id):
"""Deletes the given aggregate."""
resp, body = self.delete("os-aggregates/%s" % str(aggregate_id))
- self.validate_response(v2_schema.delete_aggregate, resp, body)
+ self.validate_response(schema.delete_aggregate, resp, body)
return service_client.ResponseBody(resp, body)
def is_resource_deleted(self, id):
diff --git a/tempest/services/identity/v3/json/identity_client.py b/tempest/services/identity/v3/json/identity_client.py
index be5aa80..bc90fd1 100644
--- a/tempest/services/identity/v3/json/identity_client.py
+++ b/tempest/services/identity/v3/json/identity_client.py
@@ -242,9 +242,12 @@
self.expected_success(204, resp.status)
return service_client.ResponseBody(resp, body)
- def list_domains(self):
+ def list_domains(self, params=None):
"""List Domains."""
- resp, body = self.get('domains')
+ url = 'domains'
+ if params:
+ url += '?%s' % urllib.urlencode(params)
+ resp, body = self.get(url)
self.expected_success(200, resp.status)
body = json.loads(body)
return service_client.ResponseBodyList(resp, body['domains'])
diff --git a/tempest/tests/common/test_accounts.py b/tempest/tests/common/test_accounts.py
index 29fe902..2a98a06 100644
--- a/tempest/tests/common/test_accounts.py
+++ b/tempest/tests/common/test_accounts.py
@@ -17,6 +17,7 @@
import mock
from oslo_concurrency.fixture import lockutils as lockutils_fixtures
+from oslo_concurrency import lockutils
from oslo_config import cfg
from oslotest import mockpatch
@@ -81,7 +82,7 @@
def test_get_hash(self):
self.stubs.Set(token_client.TokenClientJSON, 'raw_request',
fake_identity._fake_v2_response)
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
@@ -90,7 +91,7 @@
self.assertEqual(hash_list[3], results)
def test_get_hash_dict(self):
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
hash_dict = test_account_class.get_hash_dict(self.test_accounts)
hash_list = self._get_hash_list(self.test_accounts)
for hash in hash_list:
@@ -101,7 +102,7 @@
# Emulate the lock existing on the filesystem
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
with mock.patch('__builtin__.open', mock.mock_open(), create=True):
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
res = test_account_class._create_hash_file('12345')
self.assertFalse(res, "_create_hash_file should return False if the "
"pseudo-lock file already exists")
@@ -110,7 +111,7 @@
# Emulate the lock not existing on the filesystem
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=False))
with mock.patch('__builtin__.open', mock.mock_open(), create=True):
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
res = test_account_class._create_hash_file('12345')
self.assertTrue(res, "_create_hash_file should return True if the "
"pseudo-lock doesn't already exist")
@@ -122,17 +123,11 @@
hash_list = self._get_hash_list(self.test_accounts)
mkdir_mock = self.useFixture(mockpatch.Patch('os.mkdir'))
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=False))
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
with mock.patch('__builtin__.open', mock.mock_open(),
create=True) as open_mock:
test_account_class._get_free_hash(hash_list)
- # FIXME(dhellmann): The configuration option is not part
- # of the API of the library, because if we change the
- # option name or group it will break this use. Tempest
- # needs to set this value somewhere that it owns, and then
- # use lockutils.set_defaults() to tell oslo.concurrency
- # what value to use.
- lock_path = os.path.join(accounts.CONF.oslo_concurrency.lock_path,
+ lock_path = os.path.join(lockutils.get_lock_path(accounts.CONF),
'test_accounts',
hash_list[0])
open_mock.assert_called_once_with(lock_path, 'w')
@@ -147,7 +142,7 @@
self.useFixture(mockpatch.Patch('os.path.isdir', return_value=True))
# Emulate all lcoks in list are in use
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
with mock.patch('__builtin__.open', mock.mock_open(), create=True):
self.assertRaises(exceptions.InvalidConfiguration,
test_account_class._get_free_hash, hash_list)
@@ -157,7 +152,7 @@
# Emulate no pre-existing lock
self.useFixture(mockpatch.Patch('os.path.isdir', return_value=True))
hash_list = self._get_hash_list(self.test_accounts)
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
def _fake_is_file(path):
# Fake isfile() to return that the path exists unless a specific
@@ -170,13 +165,7 @@
with mock.patch('__builtin__.open', mock.mock_open(),
create=True) as open_mock:
test_account_class._get_free_hash(hash_list)
- # FIXME(dhellmann): The configuration option is not part
- # of the API of the library, because if we change the
- # option name or group it will break this use. Tempest
- # needs to set this value somewhere that it owns, and then
- # use lockutils.set_defaults() to tell oslo.concurrency
- # what value to use.
- lock_path = os.path.join(accounts.CONF.oslo_concurrency.lock_path,
+ lock_path = os.path.join(lockutils.get_lock_path(accounts.CONF),
'test_accounts',
hash_list[3])
open_mock.assert_has_calls([mock.call(lock_path, 'w')])
@@ -188,17 +177,11 @@
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
# Pretend the lock dir is empty
self.useFixture(mockpatch.Patch('os.listdir', return_value=[]))
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
- # FIXME(dhellmann): The configuration option is not part of
- # the API of the library, because if we change the option name
- # or group it will break this use. Tempest needs to set this
- # value somewhere that it owns, and then use
- # lockutils.set_defaults() to tell oslo.concurrency what value
- # to use.
- hash_path = os.path.join(accounts.CONF.oslo_concurrency.lock_path,
+ hash_path = os.path.join(lockutils.get_lock_path(accounts.CONF),
'test_accounts',
hash_list[2])
lock_path = os.path.join(accounts.CONF.oslo_concurrency.lock_path,
@@ -214,24 +197,18 @@
# Pretend the lock dir is empty
self.useFixture(mockpatch.Patch('os.listdir', return_value=[
hash_list[1], hash_list[4]]))
- test_account_class = accounts.Accounts('test_name')
+ test_account_class = accounts.Accounts('v2', 'test_name')
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
- # FIXME(dhellmann): The configuration option is not part of
- # the API of the library, because if we change the option name
- # or group it will break this use. Tempest needs to set this
- # value somewhere that it owns, and then use
- # lockutils.set_defaults() to tell oslo.concurrency what value
- # to use.
- hash_path = os.path.join(accounts.CONF.oslo_concurrency.lock_path,
+ hash_path = os.path.join(lockutils.get_lock_path(accounts.CONF),
'test_accounts',
hash_list[2])
remove_mock.mock.assert_called_once_with(hash_path)
rmdir_mock.mock.assert_not_called()
def test_is_multi_user(self):
- test_accounts_class = accounts.Accounts('test_name')
+ test_accounts_class = accounts.Accounts('v2', 'test_name')
self.assertTrue(test_accounts_class.is_multi_user())
def test_is_not_multi_user(self):
@@ -239,14 +216,14 @@
self.useFixture(mockpatch.Patch(
'tempest.common.accounts.read_accounts_yaml',
return_value=self.test_accounts))
- test_accounts_class = accounts.Accounts('test_name')
+ test_accounts_class = accounts.Accounts('v2', 'test_name')
self.assertFalse(test_accounts_class.is_multi_user())
def test__get_creds_by_roles_one_role(self):
self.useFixture(mockpatch.Patch(
'tempest.common.accounts.read_accounts_yaml',
return_value=self.test_accounts))
- test_accounts_class = accounts.Accounts('test_name')
+ test_accounts_class = accounts.Accounts('v2', 'test_name')
hashes = test_accounts_class.hash_dict['roles']['role4']
temp_hash = hashes[0]
get_free_hash_mock = self.useFixture(mockpatch.PatchObject(
@@ -263,7 +240,7 @@
self.useFixture(mockpatch.Patch(
'tempest.common.accounts.read_accounts_yaml',
return_value=self.test_accounts))
- test_accounts_class = accounts.Accounts('test_name')
+ test_accounts_class = accounts.Accounts('v2', 'test_name')
hashes = test_accounts_class.hash_dict['roles']['role4']
hashes2 = test_accounts_class.hash_dict['roles']['role2']
hashes = list(set(hashes) & set(hashes2))
@@ -282,7 +259,7 @@
self.useFixture(mockpatch.Patch(
'tempest.common.accounts.read_accounts_yaml',
return_value=self.test_accounts))
- test_accounts_class = accounts.Accounts('test_name')
+ test_accounts_class = accounts.Accounts('v2', 'test_name')
hashes = test_accounts_class.hash_dict['creds'].keys()
admin_hashes = test_accounts_class.hash_dict['roles'][
cfg.CONF.identity.admin_role]
@@ -321,7 +298,7 @@
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
def test_get_creds(self):
- test_accounts_class = accounts.NotLockingAccounts('test_name')
+ test_accounts_class = accounts.NotLockingAccounts('v2', 'test_name')
for i in xrange(len(self.test_accounts)):
creds = test_accounts_class.get_creds(i)
msg = "Empty credentials returned for ID %s" % str(i)
diff --git a/tempest/tests/test_tenant_isolation.py b/tempest/tests/test_tenant_isolation.py
index 7ab3f1e..82cbde9 100644
--- a/tempest/tests/test_tenant_isolation.py
+++ b/tempest/tests/test_tenant_isolation.py
@@ -44,7 +44,7 @@
self._mock_list_ec2_credentials('fake_user_id', 'fake_tenant_id')
def test_tempest_client(self):
- iso_creds = isolated_creds.IsolatedCreds('test class')
+ iso_creds = isolated_creds.IsolatedCreds(name='test class')
self.assertTrue(isinstance(iso_creds.identity_admin_client,
json_iden_client.IdentityClientJSON))
self.assertTrue(isinstance(iso_creds.network_admin_client,
@@ -139,7 +139,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_primary_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
self._mock_list_role()
@@ -155,7 +155,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_admin_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_list_roles('1234', 'admin')
self._mock_user_create('1234', 'fake_admin_user')
@@ -179,7 +179,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_role_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds('v2', 'test class',
password='fake_password')
self._mock_list_2_roles()
self._mock_user_create('1234', 'fake_role_user')
@@ -207,7 +207,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_all_cred_cleanup(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
roles_fix = self._mock_list_role()
@@ -251,7 +251,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_alt_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
self._mock_list_role()
@@ -266,7 +266,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_creation(self, MockRestClient):
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
self._mock_list_role()
@@ -298,7 +298,7 @@
"description": args['name'],
"security_group_rules": [],
"id": "sg-%s" % args['tenant_id']}]}
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
# Create primary tenant and network
self._mock_assign_user_role()
@@ -415,7 +415,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_alt_creation(self, MockRestClient):
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
self._mock_list_role()
@@ -441,7 +441,7 @@
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_admin_creation(self, MockRestClient):
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password')
self._mock_assign_user_role()
self._mock_user_create('1234', 'fake_admin_user')
@@ -473,7 +473,7 @@
'subnet': False,
'dhcp': False,
}
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password',
network_resources=net_dict)
self._mock_assign_user_role()
@@ -509,7 +509,7 @@
'subnet': False,
'dhcp': False,
}
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password',
network_resources=net_dict)
self._mock_assign_user_role()
@@ -527,7 +527,7 @@
'subnet': True,
'dhcp': False,
}
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password',
network_resources=net_dict)
self._mock_assign_user_role()
@@ -545,7 +545,7 @@
'subnet': False,
'dhcp': True,
}
- iso_creds = isolated_creds.IsolatedCreds('test class',
+ iso_creds = isolated_creds.IsolatedCreds(name='test class',
password='fake_password',
network_resources=net_dict)
self._mock_assign_user_role()