Merge "Test live migrate on a paused instance"
diff --git a/README.rst b/README.rst
index ba93712..94a5352 100644
--- a/README.rst
+++ b/README.rst
@@ -18,7 +18,7 @@
incorrect assessment of their cloud. Explicit is always better.
- Tempest uses OpenStack public interfaces. Tests in Tempest should
only touch public interfaces, API calls (native or 3rd party),
- public CLI or libraries.
+ or libraries.
- Tempest should not touch private or implementation specific
interfaces. This means not directly going to the database, not
directly hitting the hypervisors, not testing extensions not
diff --git a/doc/source/field_guide/cli.rst b/doc/source/field_guide/cli.rst
deleted file mode 120000
index 13caef5..0000000
--- a/doc/source/field_guide/cli.rst
+++ /dev/null
@@ -1 +0,0 @@
-../../../tempest/cli/README.rst
\ No newline at end of file
diff --git a/etc/logging.conf.sample b/etc/logging.conf.sample
index cdeedef..36cd324 100644
--- a/etc/logging.conf.sample
+++ b/etc/logging.conf.sample
@@ -34,7 +34,7 @@
formatter=simple
[formatter_tests]
-class = tempest.openstack.common.log.ContextFormatter
+class = oslo_log.formatters.ContextFormatter
[formatter_simple]
format=%(asctime)s.%(msecs)03d %(process)d %(levelname)s: %(message)s
diff --git a/etc/tempest.conf.sample b/etc/tempest.conf.sample
index 6be06b9..4418b9d 100644
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@@ -201,27 +201,6 @@
#build_interval = 1
-[cli]
-
-#
-# From tempest.config
-#
-
-# enable cli tests (boolean value)
-#enabled = true
-
-# directory where python client binaries are located (string value)
-#cli_dir = /usr/local/bin
-
-# Whether the tempest run location has access to the *-manage
-# commands. In a pure blackbox environment it will not. (boolean
-# value)
-#has_manage = true
-
-# Number of seconds to wait on a CLI timeout (integer value)
-#timeout = 15
-
-
[compute]
#
diff --git a/requirements.txt b/requirements.txt
index 0d7fc0d..3a32b69 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,10 +9,8 @@
boto>=2.32.1
paramiko>=1.13.0
netaddr>=0.7.12
-python-glanceclient>=0.15.0
-python-cinderclient>=1.1.0
-python-heatclient>=0.3.0
testrepository>=0.0.18
+pyOpenSSL>=0.11
oslo.concurrency>=1.8.0,<1.9.0 # Apache-2.0
oslo.config>=1.9.3,<1.10.0 # Apache-2.0
oslo.i18n>=1.5.0,<1.6.0 # Apache-2.0
@@ -23,4 +21,5 @@
iso8601>=0.1.9
fixtures>=0.3.14
testscenarios>=0.4
-tempest-lib>=0.4.0
+tempest-lib>=0.5.0
+PyYAML>=3.1.0
diff --git a/setup.cfg b/setup.cfg
index 1e7cc2b..2de9f34 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,6 +1,5 @@
[metadata]
name = tempest
-version = 4
summary = OpenStack Integration Testing
description-file =
README.rst
diff --git a/tempest/README.rst b/tempest/README.rst
index d28c3f9..fec2874 100644
--- a/tempest/README.rst
+++ b/tempest/README.rst
@@ -14,7 +14,6 @@
| tempest/
| api/ - API tests
-| cli/ - CLI tests
| scenario/ - complex scenario tests
| stress/ - stress tests
| thirdparty/ - 3rd party api tests
@@ -38,16 +37,6 @@
frameworks.
-:ref:`cli_field_guide`
-----------------------
-
-CLI tests use the openstack CLI to interact with the OpenStack
-cloud. CLI testing in unit tests is somewhat difficult because unlike
-server testing, there is no access to server code to
-instantiate. Tempest seems like a logical place for this, as it
-prereqs having a running OpenStack cloud.
-
-
:ref:`scenario_field_guide`
---------------------------
diff --git a/tempest/api/compute/base.py b/tempest/api/compute/base.py
index eca634d..26d6661 100644
--- a/tempest/api/compute/base.py
+++ b/tempest/api/compute/base.py
@@ -334,6 +334,15 @@
return server['id']
@classmethod
+ def delete_server(cls, server_id):
+ """Deletes an existing server and waits for it to be gone."""
+ try:
+ cls.servers_client.delete_server(server_id)
+ cls.servers_client.wait_for_server_termination(server_id)
+ except Exception:
+ LOG.exception('Failed to delete server %s' % server_id)
+
+ @classmethod
def delete_volume(cls, volume_id):
"""Deletes the given volume and waits for it to be gone."""
cls._delete_volume(cls.volumes_extensions_client, volume_id)
diff --git a/tempest/api/compute/flavors/test_flavors.py b/tempest/api/compute/flavors/test_flavors.py
index 6c71c94..c1c87f9 100644
--- a/tempest/api/compute/flavors/test_flavors.py
+++ b/tempest/api/compute/flavors/test_flavors.py
@@ -38,7 +38,6 @@
'name': flavor['name']}
self.assertIn(flavor_min_detail, flavors)
- @test.attr(type='smoke')
@test.idempotent_id('6e85fde4-b3cd-4137-ab72-ed5f418e8c24')
def test_list_flavors_with_detail(self):
# Detailed list of all flavors should contain the expected flavor
diff --git a/tempest/api/compute/images/test_images_oneserver.py b/tempest/api/compute/images/test_images_oneserver.py
index 2968208..a92048f 100644
--- a/tempest/api/compute/images/test_images_oneserver.py
+++ b/tempest/api/compute/images/test_images_oneserver.py
@@ -73,7 +73,6 @@
flavor = self.flavors_client.get_flavor_details(flavor_id)
return flavor['disk']
- @test.attr(type='smoke')
@test.idempotent_id('3731d080-d4c5-4872-b41a-64d0d0021314')
def test_create_delete_image(self):
diff --git a/tempest/api/compute/images/test_list_images.py b/tempest/api/compute/images/test_list_images.py
index 7a7a363..95f49c9 100644
--- a/tempest/api/compute/images/test_list_images.py
+++ b/tempest/api/compute/images/test_list_images.py
@@ -34,14 +34,12 @@
super(ListImagesTestJSON, cls).setup_clients()
cls.client = cls.images_client
- @test.attr(type='smoke')
@test.idempotent_id('490d0898-e12a-463f-aef0-c50156b9f789')
def test_get_image(self):
# Returns the correct details for a single image
image = self.client.get_image(self.image_ref)
self.assertEqual(self.image_ref, image['id'])
- @test.attr(type='smoke')
@test.idempotent_id('fd51b7f4-d4a3-4331-9885-866658112a6f')
def test_list_images(self):
# The list of all images should contain the image
@@ -49,7 +47,6 @@
found = any([i for i in images if i['id'] == self.image_ref])
self.assertTrue(found)
- @test.attr(type='smoke')
@test.idempotent_id('9f94cb6b-7f10-48c5-b911-a0b84d7d4cd6')
def test_list_images_with_detail(self):
# Detailed list of all images should contain the expected images
diff --git a/tempest/api/compute/security_groups/test_security_group_rules.py b/tempest/api/compute/security_groups/test_security_group_rules.py
index 70394d8..ff3f25b 100644
--- a/tempest/api/compute/security_groups/test_security_group_rules.py
+++ b/tempest/api/compute/security_groups/test_security_group_rules.py
@@ -78,7 +78,6 @@
self.expected['ip_range'] = {'cidr': '0.0.0.0/0'}
self._check_expected_response(rule)
- @test.attr(type='smoke')
@test.idempotent_id('7a01873e-3c38-4f30-80be-31a043cfe2fd')
@test.services('network')
def test_security_group_rules_create_with_optional_cidr(self):
@@ -102,7 +101,6 @@
self.expected['ip_range'] = {'cidr': cidr}
self._check_expected_response(rule)
- @test.attr(type='smoke')
@test.idempotent_id('7f5d2899-7705-4d4b-8458-4505188ffab6')
@test.services('network')
def test_security_group_rules_create_with_optional_group_id(self):
@@ -167,7 +165,6 @@
self.assertTrue(any([i for i in rules if i['id'] == rule1_id]))
self.assertTrue(any([i for i in rules if i['id'] == rule2_id]))
- @test.attr(type='smoke')
@test.idempotent_id('fc5c5acf-2091-43a6-a6ae-e42760e9ffaf')
@test.services('network')
def test_security_group_rules_delete_when_peer_group_deleted(self):
diff --git a/tempest/api/compute/security_groups/test_security_groups.py b/tempest/api/compute/security_groups/test_security_groups.py
index 16e7acf..0ce26a3 100644
--- a/tempest/api/compute/security_groups/test_security_groups.py
+++ b/tempest/api/compute/security_groups/test_security_groups.py
@@ -60,7 +60,6 @@
"list" % ', '.join(m_group['name']
for m_group in deleted_sgs))
- @test.attr(type='smoke')
@test.idempotent_id('ecc0da4a-2117-48af-91af-993cca39a615')
@test.services('network')
def test_security_group_create_get_delete(self):
@@ -83,7 +82,6 @@
self.client.delete_security_group(securitygroup['id'])
self.client.wait_for_resource_deletion(securitygroup['id'])
- @test.attr(type='smoke')
@test.idempotent_id('fe4abc0d-83f5-4c50-ad11-57a1127297a2')
@test.services('network')
def test_server_security_groups(self):
@@ -127,7 +125,6 @@
self.client.delete_security_group(sg['id'])
self.client.delete_security_group(sg2['id'])
- @test.attr(type='smoke')
@test.idempotent_id('7d4e1d3c-3209-4d6d-b020-986304ebad1f')
@test.services('network')
def test_update_security_groups(self):
diff --git a/tempest/api/compute/servers/test_attach_interfaces.py b/tempest/api/compute/servers/test_attach_interfaces.py
index 42a61da..7ce6269 100644
--- a/tempest/api/compute/servers/test_attach_interfaces.py
+++ b/tempest/api/compute/servers/test_attach_interfaces.py
@@ -118,7 +118,6 @@
self.assertEqual(sorted(list1), sorted(list2))
- @test.attr(type='smoke')
@test.idempotent_id('73fe8f02-590d-4bf1-b184-e9ca81065051')
@test.services('network')
def test_create_list_show_delete_interfaces(self):
diff --git a/tempest/api/compute/servers/test_create_server.py b/tempest/api/compute/servers/test_create_server.py
index ee756f4..c62ff89 100644
--- a/tempest/api/compute/servers/test_create_server.py
+++ b/tempest/api/compute/servers/test_create_server.py
@@ -85,7 +85,6 @@
found = any([i for i in servers if i['id'] == self.server['id']])
self.assertTrue(found)
- @test.attr(type='smoke')
@test.idempotent_id('585e934c-448e-43c4-acbf-d06a9b899997')
def test_list_servers_with_detail(self):
# The created server should be in the detailed list of all servers
diff --git a/tempest/api/compute/servers/test_list_server_filters.py b/tempest/api/compute/servers/test_list_server_filters.py
index 25b2862..5374af0 100644
--- a/tempest/api/compute/servers/test_list_server_filters.py
+++ b/tempest/api/compute/servers/test_list_server_filters.py
@@ -69,10 +69,7 @@
network = cls.get_tenant_network()
if network:
- if network.get('name'):
- cls.fixed_network_name = network['name']
- else:
- cls.fixed_network_name = None
+ cls.fixed_network_name = network.get('name')
else:
cls.fixed_network_name = None
network_kwargs = fixed_network.set_networks_kwarg(network)
diff --git a/tempest/api/compute/servers/test_list_servers_negative.py b/tempest/api/compute/servers/test_list_servers_negative.py
index 0178c9e..fd4d902 100644
--- a/tempest/api/compute/servers/test_list_servers_negative.py
+++ b/tempest/api/compute/servers/test_list_servers_negative.py
@@ -21,7 +21,6 @@
class ListServersNegativeTestJSON(base.BaseV2ComputeTest):
- force_tenant_isolation = True
@classmethod
def setup_clients(cls):
diff --git a/tempest/api/compute/servers/test_server_actions.py b/tempest/api/compute/servers/test_server_actions.py
index 8b6d9d6..dbfdbdb 100644
--- a/tempest/api/compute/servers/test_server_actions.py
+++ b/tempest/api/compute/servers/test_server_actions.py
@@ -105,13 +105,11 @@
self._test_reboot_server('HARD')
@decorators.skip_because(bug="1014647")
- @test.attr(type='smoke')
@test.idempotent_id('4640e3ef-a5df-482e-95a1-ceeeb0faa84d')
def test_reboot_server_soft(self):
# The server should be signaled to reboot gracefully
self._test_reboot_server('SOFT')
- @test.attr(type='smoke')
@test.idempotent_id('aaa6cdf3-55a7-461a-add9-1c8596b9a07c')
def test_rebuild_server(self):
# The server should be rebuilt using the provided image and data
@@ -183,27 +181,16 @@
self.client.wait_for_server_status(self.server_id, 'SHUTOFF')
self.client.start(self.server_id)
- def _detect_server_image_flavor(self, server_id):
- # Detects the current server image flavor ref.
- server = self.client.get_server(server_id)
- current_flavor = server['flavor']['id']
- new_flavor_ref = self.flavor_ref_alt \
- if current_flavor == self.flavor_ref else self.flavor_ref
- return current_flavor, new_flavor_ref
-
def _test_resize_server_confirm(self, stop=False):
# The server's RAM and disk space should be modified to that of
# the provided flavor
- previous_flavor_ref, new_flavor_ref = \
- self._detect_server_image_flavor(self.server_id)
-
if stop:
self.servers_client.stop(self.server_id)
self.servers_client.wait_for_server_status(self.server_id,
'SHUTOFF')
- self.client.resize(self.server_id, new_flavor_ref)
+ self.client.resize(self.server_id, self.flavor_ref_alt)
self.client.wait_for_server_status(self.server_id, 'VERIFY_RESIZE')
self.client.confirm_resize(self.server_id)
@@ -211,23 +198,25 @@
self.client.wait_for_server_status(self.server_id, expected_status)
server = self.client.get_server(self.server_id)
- self.assertEqual(new_flavor_ref, server['flavor']['id'])
+ self.assertEqual(self.flavor_ref_alt, server['flavor']['id'])
if stop:
# NOTE(mriedem): tearDown requires the server to be started.
self.client.start(self.server_id)
+ # NOTE(jlk): Explicitly delete the server to get a new one for later
+ # tests. Avoids resize down race issues.
+ self.addCleanup(self.delete_server, self.server_id)
+
@test.idempotent_id('1499262a-9328-4eda-9068-db1ac57498d2')
@testtools.skipUnless(CONF.compute_feature_enabled.resize,
'Resize not available.')
- @test.attr(type='smoke')
def test_resize_server_confirm(self):
self._test_resize_server_confirm(stop=False)
@test.idempotent_id('138b131d-66df-48c9-a171-64f45eb92962')
@testtools.skipUnless(CONF.compute_feature_enabled.resize,
'Resize not available.')
- @test.attr(type='smoke')
def test_resize_server_confirm_from_stopped(self):
self._test_resize_server_confirm(stop=True)
@@ -238,17 +227,14 @@
# The server's RAM and disk space should return to its original
# values after a resize is reverted
- previous_flavor_ref, new_flavor_ref = \
- self._detect_server_image_flavor(self.server_id)
-
- self.client.resize(self.server_id, new_flavor_ref)
+ self.client.resize(self.server_id, self.flavor_ref_alt)
self.client.wait_for_server_status(self.server_id, 'VERIFY_RESIZE')
self.client.revert_resize(self.server_id)
self.client.wait_for_server_status(self.server_id, 'ACTIVE')
server = self.client.get_server(self.server_id)
- self.assertEqual(previous_flavor_ref, server['flavor']['id'])
+ self.assertEqual(self.flavor_ref, server['flavor']['id'])
@test.idempotent_id('b963d4f1-94b3-4c40-9e97-7b583f46e470')
@testtools.skipUnless(CONF.compute_feature_enabled.snapshot,
diff --git a/tempest/api/compute/servers/test_server_rescue.py b/tempest/api/compute/servers/test_server_rescue.py
index 4b1e8f0..4e3ce47 100644
--- a/tempest/api/compute/servers/test_server_rescue.py
+++ b/tempest/api/compute/servers/test_server_rescue.py
@@ -77,7 +77,6 @@
self.servers_client.unrescue_server(server_id)
self.servers_client.wait_for_server_status(server_id, 'ACTIVE')
- @test.attr(type='smoke')
@test.idempotent_id('fd032140-714c-42e4-a8fd-adcd8df06be6')
def test_rescue_unrescue_instance(self):
self.servers_client.rescue_server(
diff --git a/tempest/api/compute/test_quotas.py b/tempest/api/compute/test_quotas.py
index 86bf5fa..a6e877c 100644
--- a/tempest/api/compute/test_quotas.py
+++ b/tempest/api/compute/test_quotas.py
@@ -43,7 +43,6 @@
'instances', 'security_group_rules',
'cores', 'security_groups'))
- @test.attr(type='smoke')
@test.idempotent_id('f1ef0a97-dbbb-4cca-adc5-c9fbc4f76107')
def test_get_quotas(self):
# User can get the quota set for it's tenant
@@ -60,7 +59,6 @@
for quota in expected_quota_set:
self.assertIn(quota, quota_set.keys())
- @test.attr(type='smoke')
@test.idempotent_id('9bfecac7-b966-4f47-913f-1a9e2c12134a')
def test_get_default_quotas(self):
# User can get the default quota set for it's tenant
@@ -70,7 +68,6 @@
for quota in expected_quota_set:
self.assertIn(quota, quota_set.keys())
- @test.attr(type='smoke')
@test.idempotent_id('cd65d997-f7e4-4966-a7e9-d5001b674fdc')
def test_compare_tenant_quotas_with_default_quotas(self):
# Tenants are created with the default quota values
diff --git a/tempest/api/compute/volumes/test_volumes_get.py b/tempest/api/compute/volumes/test_volumes_get.py
index 1c11128..d96dcc2 100644
--- a/tempest/api/compute/volumes/test_volumes_get.py
+++ b/tempest/api/compute/volumes/test_volumes_get.py
@@ -38,7 +38,6 @@
super(VolumesGetTestJSON, cls).setup_clients()
cls.client = cls.volumes_extensions_client
- @test.attr(type='smoke')
@test.idempotent_id('f10f25eb-9775-4d9d-9cbe-1cf54dae9d5f')
def test_volume_create_get_delete(self):
# CREATE, GET, DELETE Volume
diff --git a/tempest/api/identity/admin/v3/test_default_project_id.py b/tempest/api/identity/admin/v3/test_default_project_id.py
index 95ba885..0b9d60e 100644
--- a/tempest/api/identity/admin/v3/test_default_project_id.py
+++ b/tempest/api/identity/admin/v3/test_default_project_id.py
@@ -10,10 +10,10 @@
# License for the specific language governing permissions and limitations
# under the License.
+from tempest_lib import auth
from tempest_lib.common.utils import data_utils
from tempest.api.identity import base
-from tempest import auth
from tempest import clients
from tempest import config
from tempest import manager
diff --git a/tempest/api/identity/admin/v3/test_trusts.py b/tempest/api/identity/admin/v3/test_trusts.py
index 502da28..3ebb90d 100644
--- a/tempest/api/identity/admin/v3/test_trusts.py
+++ b/tempest/api/identity/admin/v3/test_trusts.py
@@ -45,10 +45,11 @@
super(BaseTrustsV3Test, self).tearDown()
def create_trustor_and_roles(self):
- # Get trustor project ID, use the admin project
- self.trustor_project_name = self.client.tenant_name
- self.trustor_project_id = self.get_tenant_by_name(
- self.trustor_project_name)['id']
+ # create a project that trusts will be granted on
+ self.trustor_project_name = data_utils.rand_name(name='project-')
+ project = self.client.create_project(self.trustor_project_name,
+ domain_id='default')
+ self.trustor_project_id = project['id']
self.assertIsNotNone(self.trustor_project_id)
# Create a trustor User
@@ -61,7 +62,8 @@
description=u_desc,
password=self.trustor_password,
email=u_email,
- project_id=self.trustor_project_id)
+ project_id=self.trustor_project_id,
+ domain_id='default')
self.trustor_user_id = user['id']
# And two roles, one we'll delegate and one we won't
@@ -89,15 +91,20 @@
# Initialize a new client with the trustor credentials
creds = cred_provider.get_credentials(
+ identity_version='v3',
username=self.trustor_username,
password=self.trustor_password,
- tenant_name=self.trustor_project_name)
+ user_domain_id='default',
+ tenant_name=self.trustor_project_name,
+ project_domain_id='default')
os = clients.Manager(credentials=creds)
self.trustor_client = os.identity_v3_client
def cleanup_user_and_roles(self):
if self.trustor_user_id:
self.client.delete_user(self.trustor_user_id)
+ if self.trustor_project_id:
+ self.client.delete_project(self.trustor_project_id)
if self.delegated_role_id:
self.client.delete_role(self.delegated_role_id)
if self.not_delegated_role_id:
diff --git a/tempest/api/image/v2/test_images.py b/tempest/api/image/v2/test_images.py
index 832ddf0..32f80a2 100644
--- a/tempest/api/image/v2/test_images.py
+++ b/tempest/api/image/v2/test_images.py
@@ -28,6 +28,7 @@
Here we test the basic operations of images
"""
+ @test.attr(type='smoke')
@test.idempotent_id('139b765e-7f3d-4b3d-8b37-3ca3876ee318')
def test_register_upload_get_image_file(self):
@@ -69,6 +70,7 @@
body = self.client.get_image_file(image_id)
self.assertEqual(file_content, body.data)
+ @test.attr(type='smoke')
@test.idempotent_id('f848bb94-1c6e-45a4-8726-39e3a5b23535')
def test_delete_image(self):
# Deletes an image by image_id
@@ -90,6 +92,7 @@
images_id = [item['id'] for item in images]
self.assertNotIn(image_id, images_id)
+ @test.attr(type='smoke')
@test.idempotent_id('f66891a7-a35c-41a8-b590-a065c2a1caa6')
def test_update_image(self):
# Updates an image by image_id
diff --git a/tempest/auth.py b/tempest/auth.py
deleted file mode 100644
index 113ad69..0000000
--- a/tempest/auth.py
+++ /dev/null
@@ -1,659 +0,0 @@
-# Copyright 2014 Hewlett-Packard Development Company, L.P.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import abc
-import copy
-import datetime
-import exceptions
-import re
-import urlparse
-
-from oslo_log import log as logging
-import six
-
-from tempest.services.identity.v2.json import token_client as json_v2id
-from tempest.services.identity.v3.json import token_client as json_v3id
-
-
-LOG = logging.getLogger(__name__)
-
-
-@six.add_metaclass(abc.ABCMeta)
-class AuthProvider(object):
- """
- Provide authentication
- """
-
- def __init__(self, credentials):
- """
- :param credentials: credentials for authentication
- """
- if self.check_credentials(credentials):
- self.credentials = credentials
- else:
- raise TypeError("Invalid credentials")
- self.cache = None
- self.alt_auth_data = None
- self.alt_part = None
-
- def __str__(self):
- return "Creds :{creds}, cached auth data: {cache}".format(
- creds=self.credentials, cache=self.cache)
-
- @abc.abstractmethod
- def _decorate_request(self, filters, method, url, headers=None, body=None,
- auth_data=None):
- """
- Decorate request with authentication data
- """
- return
-
- @abc.abstractmethod
- def _get_auth(self):
- return
-
- @abc.abstractmethod
- def _fill_credentials(self, auth_data_body):
- return
-
- def fill_credentials(self):
- """
- Fill credentials object with data from auth
- """
- auth_data = self.get_auth()
- self._fill_credentials(auth_data[1])
- return self.credentials
-
- @classmethod
- def check_credentials(cls, credentials):
- """
- Verify credentials are valid.
- """
- return isinstance(credentials, Credentials) and credentials.is_valid()
-
- @property
- def auth_data(self):
- return self.get_auth()
-
- @auth_data.deleter
- def auth_data(self):
- self.clear_auth()
-
- def get_auth(self):
- """
- Returns auth from cache if available, else auth first
- """
- if self.cache is None or self.is_expired(self.cache):
- self.set_auth()
- return self.cache
-
- def set_auth(self):
- """
- Forces setting auth, ignores cache if it exists.
- Refills credentials
- """
- self.cache = self._get_auth()
- self._fill_credentials(self.cache[1])
-
- def clear_auth(self):
- """
- Can be called to clear the access cache so that next request
- will fetch a new token and base_url.
- """
- self.cache = None
- self.credentials.reset()
-
- @abc.abstractmethod
- def is_expired(self, auth_data):
- return
-
- def auth_request(self, method, url, headers=None, body=None, filters=None):
- """
- Obtains auth data and decorates a request with that.
- :param method: HTTP method of the request
- :param url: relative URL of the request (path)
- :param headers: HTTP headers of the request
- :param body: HTTP body in case of POST / PUT
- :param filters: select a base URL out of the catalog
- :returns a Tuple (url, headers, body)
- """
- orig_req = dict(url=url, headers=headers, body=body)
-
- auth_url, auth_headers, auth_body = self._decorate_request(
- filters, method, url, headers, body)
- auth_req = dict(url=auth_url, headers=auth_headers, body=auth_body)
-
- # Overwrite part if the request if it has been requested
- if self.alt_part is not None:
- if self.alt_auth_data is not None:
- alt_url, alt_headers, alt_body = self._decorate_request(
- filters, method, url, headers, body,
- auth_data=self.alt_auth_data)
- alt_auth_req = dict(url=alt_url, headers=alt_headers,
- body=alt_body)
- auth_req[self.alt_part] = alt_auth_req[self.alt_part]
-
- else:
- # If alt auth data is None, skip auth in the requested part
- auth_req[self.alt_part] = orig_req[self.alt_part]
-
- # Next auth request will be normal, unless otherwise requested
- self.reset_alt_auth_data()
-
- return auth_req['url'], auth_req['headers'], auth_req['body']
-
- def reset_alt_auth_data(self):
- """
- Configure auth provider to provide valid authentication data
- """
- self.alt_part = None
- self.alt_auth_data = None
-
- def set_alt_auth_data(self, request_part, auth_data):
- """
- Configure auth provider to provide alt authentication data
- on a part of the *next* auth_request. If credentials are None,
- set invalid data.
- :param request_part: request part to contain invalid auth: url,
- headers, body
- :param auth_data: alternative auth_data from which to get the
- invalid data to be injected
- """
- self.alt_part = request_part
- self.alt_auth_data = auth_data
-
- @abc.abstractmethod
- def base_url(self, filters, auth_data=None):
- """
- Extracts the base_url based on provided filters
- """
- return
-
-
-class KeystoneAuthProvider(AuthProvider):
-
- token_expiry_threshold = datetime.timedelta(seconds=60)
-
- def __init__(self, credentials, auth_url,
- disable_ssl_certificate_validation=None,
- ca_certs=None, trace_requests=None):
- super(KeystoneAuthProvider, self).__init__(credentials)
- self.dsvm = disable_ssl_certificate_validation
- self.ca_certs = ca_certs
- self.trace_requests = trace_requests
- self.auth_client = self._auth_client(auth_url)
-
- def _decorate_request(self, filters, method, url, headers=None, body=None,
- auth_data=None):
- if auth_data is None:
- auth_data = self.auth_data
- token, _ = auth_data
- base_url = self.base_url(filters=filters, auth_data=auth_data)
- # build authenticated request
- # returns new request, it does not touch the original values
- _headers = copy.deepcopy(headers) if headers is not None else {}
- _headers['X-Auth-Token'] = str(token)
- if url is None or url == "":
- _url = base_url
- else:
- # Join base URL and url, and remove multiple contiguous slashes
- _url = "/".join([base_url, url])
- parts = [x for x in urlparse.urlparse(_url)]
- parts[2] = re.sub("/{2,}", "/", parts[2])
- _url = urlparse.urlunparse(parts)
- # no change to method or body
- return str(_url), _headers, body
-
- @abc.abstractmethod
- def _auth_client(self):
- return
-
- @abc.abstractmethod
- def _auth_params(self):
- return
-
- def _get_auth(self):
- # Bypasses the cache
- auth_func = getattr(self.auth_client, 'get_token')
- auth_params = self._auth_params()
-
- # returns token, auth_data
- token, auth_data = auth_func(**auth_params)
- return token, auth_data
-
- def get_token(self):
- return self.auth_data[0]
-
-
-class KeystoneV2AuthProvider(KeystoneAuthProvider):
-
- EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%SZ'
-
- def _auth_client(self, auth_url):
- return json_v2id.TokenClientJSON(
- auth_url, disable_ssl_certificate_validation=self.dsvm,
- ca_certs=self.ca_certs, trace_requests=self.trace_requests)
-
- def _auth_params(self):
- return dict(
- user=self.credentials.username,
- password=self.credentials.password,
- tenant=self.credentials.tenant_name,
- auth_data=True)
-
- def _fill_credentials(self, auth_data_body):
- tenant = auth_data_body['token']['tenant']
- user = auth_data_body['user']
- if self.credentials.tenant_name is None:
- self.credentials.tenant_name = tenant['name']
- if self.credentials.tenant_id is None:
- self.credentials.tenant_id = tenant['id']
- if self.credentials.username is None:
- self.credentials.username = user['name']
- if self.credentials.user_id is None:
- self.credentials.user_id = user['id']
-
- def base_url(self, filters, auth_data=None):
- """
- Filters can be:
- - service: compute, image, etc
- - region: the service region
- - endpoint_type: adminURL, publicURL, internalURL
- - api_version: replace catalog version with this
- - skip_path: take just the base URL
- """
- if auth_data is None:
- auth_data = self.auth_data
- token, _auth_data = auth_data
- service = filters.get('service')
- region = filters.get('region')
- endpoint_type = filters.get('endpoint_type', 'publicURL')
-
- if service is None:
- raise exceptions.EndpointNotFound("No service provided")
-
- _base_url = None
- for ep in _auth_data['serviceCatalog']:
- if ep["type"] == service:
- for _ep in ep['endpoints']:
- if region is not None and _ep['region'] == region:
- _base_url = _ep.get(endpoint_type)
- if not _base_url:
- # No region matching, use the first
- _base_url = ep['endpoints'][0].get(endpoint_type)
- break
- if _base_url is None:
- raise exceptions.EndpointNotFound(service)
-
- parts = urlparse.urlparse(_base_url)
- if filters.get('api_version', None) is not None:
- path = "/" + filters['api_version']
- noversion_path = "/".join(parts.path.split("/")[2:])
- if noversion_path != "":
- path += "/" + noversion_path
- _base_url = _base_url.replace(parts.path, path)
- if filters.get('skip_path', None) is not None and parts.path != '':
- _base_url = _base_url.replace(parts.path, "/")
-
- return _base_url
-
- def is_expired(self, auth_data):
- _, access = auth_data
- expiry = datetime.datetime.strptime(access['token']['expires'],
- self.EXPIRY_DATE_FORMAT)
- return expiry - self.token_expiry_threshold <= \
- datetime.datetime.utcnow()
-
-
-class KeystoneV3AuthProvider(KeystoneAuthProvider):
-
- EXPIRY_DATE_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
-
- def _auth_client(self, auth_url):
- return json_v3id.V3TokenClientJSON(
- auth_url, disable_ssl_certificate_validation=self.dsvm,
- ca_certs=self.ca_certs, trace_requests=self.trace_requests)
-
- def _auth_params(self):
- return dict(
- user_id=self.credentials.user_id,
- username=self.credentials.username,
- password=self.credentials.password,
- project_id=self.credentials.project_id,
- project_name=self.credentials.project_name,
- user_domain_id=self.credentials.user_domain_id,
- user_domain_name=self.credentials.user_domain_name,
- project_domain_id=self.credentials.project_domain_id,
- project_domain_name=self.credentials.project_domain_name,
- domain_id=self.credentials.domain_id,
- domain_name=self.credentials.domain_name,
- auth_data=True)
-
- def _fill_credentials(self, auth_data_body):
- # project or domain, depending on the scope
- project = auth_data_body.get('project', None)
- domain = auth_data_body.get('domain', None)
- # user is always there
- user = auth_data_body['user']
- # Set project fields
- if project is not None:
- if self.credentials.project_name is None:
- self.credentials.project_name = project['name']
- if self.credentials.project_id is None:
- self.credentials.project_id = project['id']
- if self.credentials.project_domain_id is None:
- self.credentials.project_domain_id = project['domain']['id']
- if self.credentials.project_domain_name is None:
- self.credentials.project_domain_name = \
- project['domain']['name']
- # Set domain fields
- if domain is not None:
- if self.credentials.domain_id is None:
- self.credentials.domain_id = domain['id']
- if self.credentials.domain_name is None:
- self.credentials.domain_name = domain['name']
- # Set user fields
- if self.credentials.username is None:
- self.credentials.username = user['name']
- if self.credentials.user_id is None:
- self.credentials.user_id = user['id']
- if self.credentials.user_domain_id is None:
- self.credentials.user_domain_id = user['domain']['id']
- if self.credentials.user_domain_name is None:
- self.credentials.user_domain_name = user['domain']['name']
-
- def base_url(self, filters, auth_data=None):
- """
- Filters can be:
- - service: compute, image, etc
- - region: the service region
- - endpoint_type: adminURL, publicURL, internalURL
- - api_version: replace catalog version with this
- - skip_path: take just the base URL
- """
- if auth_data is None:
- auth_data = self.auth_data
- token, _auth_data = auth_data
- service = filters.get('service')
- region = filters.get('region')
- endpoint_type = filters.get('endpoint_type', 'public')
-
- if service is None:
- raise exceptions.EndpointNotFound("No service provided")
-
- if 'URL' in endpoint_type:
- endpoint_type = endpoint_type.replace('URL', '')
- _base_url = None
- catalog = _auth_data['catalog']
- # Select entries with matching service type
- service_catalog = [ep for ep in catalog if ep['type'] == service]
- if len(service_catalog) > 0:
- service_catalog = service_catalog[0]['endpoints']
- else:
- # No matching service
- raise exceptions.EndpointNotFound(service)
- # Filter by endpoint type (interface)
- filtered_catalog = [ep for ep in service_catalog if
- ep['interface'] == endpoint_type]
- if len(filtered_catalog) == 0:
- # No matching type, keep all and try matching by region at least
- filtered_catalog = service_catalog
- # Filter by region
- filtered_catalog = [ep for ep in filtered_catalog if
- ep['region'] == region]
- if len(filtered_catalog) == 0:
- # No matching region, take the first endpoint
- filtered_catalog = [service_catalog[0]]
- # There should be only one match. If not take the first.
- _base_url = filtered_catalog[0].get('url', None)
- if _base_url is None:
- raise exceptions.EndpointNotFound(service)
-
- parts = urlparse.urlparse(_base_url)
- if filters.get('api_version', None) is not None:
- path = "/" + filters['api_version']
- noversion_path = "/".join(parts.path.split("/")[2:])
- if noversion_path != "":
- path += "/" + noversion_path
- _base_url = _base_url.replace(parts.path, path)
- if filters.get('skip_path', None) is not None:
- _base_url = _base_url.replace(parts.path, "/")
-
- return _base_url
-
- def is_expired(self, auth_data):
- _, access = auth_data
- expiry = datetime.datetime.strptime(access['expires_at'],
- self.EXPIRY_DATE_FORMAT)
- return expiry - self.token_expiry_threshold <= \
- datetime.datetime.utcnow()
-
-
-def is_identity_version_supported(identity_version):
- return identity_version in IDENTITY_VERSION
-
-
-def get_credentials(auth_url, fill_in=True, identity_version='v2',
- disable_ssl_certificate_validation=None, ca_certs=None,
- trace_requests=None, **kwargs):
- """
- Builds a credentials object based on the configured auth_version
-
- :param auth_url (string): Full URI of the OpenStack Identity API(Keystone)
- which is used to fetch the token from Identity service.
- :param fill_in (boolean): obtain a token and fill in all credential
- details provided by the identity service. When fill_in is not
- specified, credentials are not validated. Validation can be invoked
- by invoking ``is_valid()``
- :param identity_version (string): identity API version is used to
- select the matching auth provider and credentials class
- :param disable_ssl_certificate_validation: whether to enforce SSL
- certificate validation in SSL API requests to the auth system
- :param ca_certs: CA certificate bundle for validation of certificates
- in SSL API requests to the auth system
- :param trace_requests: trace in log API requests to the auth system
- :param kwargs (dict): Dict of credential key/value pairs
-
- Examples:
-
- Returns credentials from the provided parameters:
- >>> get_credentials(username='foo', password='bar')
-
- Returns credentials including IDs:
- >>> get_credentials(username='foo', password='bar', fill_in=True)
- """
- if not is_identity_version_supported(identity_version):
- raise exceptions.InvalidIdentityVersion(
- identity_version=identity_version)
-
- credential_class, auth_provider_class = IDENTITY_VERSION.get(
- identity_version)
-
- creds = credential_class(**kwargs)
- # Fill in the credentials fields that were not specified
- if fill_in:
- dsvm = disable_ssl_certificate_validation
- auth_provider = auth_provider_class(
- creds, auth_url, disable_ssl_certificate_validation=dsvm,
- ca_certs=ca_certs, trace_requests=trace_requests)
- creds = auth_provider.fill_credentials()
- return creds
-
-
-class Credentials(object):
- """
- Set of credentials for accessing OpenStack services
-
- ATTRIBUTES: list of valid class attributes representing credentials.
- """
-
- ATTRIBUTES = []
-
- def __init__(self, **kwargs):
- """
- Enforce the available attributes at init time (only).
- Additional attributes can still be set afterwards if tests need
- to do so.
- """
- self._initial = kwargs
- self._apply_credentials(kwargs)
-
- def _apply_credentials(self, attr):
- for key in attr.keys():
- if key in self.ATTRIBUTES:
- setattr(self, key, attr[key])
- else:
- raise exceptions.InvalidCredentials
-
- def __str__(self):
- """
- Represent only attributes included in self.ATTRIBUTES
- """
- _repr = dict((k, getattr(self, k)) for k in self.ATTRIBUTES)
- return str(_repr)
-
- def __eq__(self, other):
- """
- Credentials are equal if attributes in self.ATTRIBUTES are equal
- """
- return str(self) == str(other)
-
- def __getattr__(self, key):
- # If an attribute is set, __getattr__ is not invoked
- # If an attribute is not set, and it is a known one, return None
- if key in self.ATTRIBUTES:
- return None
- else:
- raise AttributeError
-
- def __delitem__(self, key):
- # For backwards compatibility, support dict behaviour
- if key in self.ATTRIBUTES:
- delattr(self, key)
- else:
- raise AttributeError
-
- def get(self, item, default):
- # In this patch act as dict for backward compatibility
- try:
- return getattr(self, item)
- except AttributeError:
- return default
-
- def get_init_attributes(self):
- return self._initial.keys()
-
- def is_valid(self):
- raise NotImplementedError
-
- def reset(self):
- # First delete all known attributes
- for key in self.ATTRIBUTES:
- if getattr(self, key) is not None:
- delattr(self, key)
- # Then re-apply initial setup
- self._apply_credentials(self._initial)
-
-
-class KeystoneV2Credentials(Credentials):
-
- ATTRIBUTES = ['username', 'password', 'tenant_name', 'user_id',
- 'tenant_id']
-
- def is_valid(self):
- """
- Minimum set of valid credentials, are username and password.
- Tenant is optional.
- """
- return None not in (self.username, self.password)
-
-
-class KeystoneV3Credentials(Credentials):
- """
- Credentials suitable for the Keystone Identity V3 API
- """
-
- ATTRIBUTES = ['domain_id', 'domain_name', 'password', 'username',
- 'project_domain_id', 'project_domain_name', 'project_id',
- 'project_name', 'tenant_id', 'tenant_name', 'user_domain_id',
- 'user_domain_name', 'user_id']
-
- def __setattr__(self, key, value):
- parent = super(KeystoneV3Credentials, self)
- # for tenant_* set both project and tenant
- if key == 'tenant_id':
- parent.__setattr__('project_id', value)
- elif key == 'tenant_name':
- parent.__setattr__('project_name', value)
- # for project_* set both project and tenant
- if key == 'project_id':
- parent.__setattr__('tenant_id', value)
- elif key == 'project_name':
- parent.__setattr__('tenant_name', value)
- # for *_domain_* set both user and project if not set yet
- if key == 'user_domain_id':
- if self.project_domain_id is None:
- parent.__setattr__('project_domain_id', value)
- if key == 'project_domain_id':
- if self.user_domain_id is None:
- parent.__setattr__('user_domain_id', value)
- if key == 'user_domain_name':
- if self.project_domain_name is None:
- parent.__setattr__('project_domain_name', value)
- if key == 'project_domain_name':
- if self.user_domain_name is None:
- parent.__setattr__('user_domain_name', value)
- # support domain_name coming from config
- if key == 'domain_name':
- parent.__setattr__('user_domain_name', value)
- parent.__setattr__('project_domain_name', value)
- # finally trigger default behaviour for all attributes
- parent.__setattr__(key, value)
-
- def is_valid(self):
- """
- Valid combinations of v3 credentials (excluding token, scope)
- - User id, password (optional domain)
- - User name, password and its domain id/name
- For the scope, valid combinations are:
- - None
- - Project id (optional domain)
- - Project name and its domain id/name
- - Domain id
- - Domain name
- """
- valid_user_domain = any(
- [self.user_domain_id is not None,
- self.user_domain_name is not None])
- valid_project_domain = any(
- [self.project_domain_id is not None,
- self.project_domain_name is not None])
- valid_user = any(
- [self.user_id is not None,
- self.username is not None and valid_user_domain])
- valid_project_scope = any(
- [self.project_name is None and self.project_id is None,
- self.project_id is not None,
- self.project_name is not None and valid_project_domain])
- valid_domain_scope = any(
- [self.domain_id is None and self.domain_name is None,
- self.domain_id or self.domain_name])
- return all([self.password is not None,
- valid_user,
- valid_project_scope and valid_domain_scope])
-
-
-IDENTITY_VERSION = {'v2': (KeystoneV2Credentials, KeystoneV2AuthProvider),
- 'v3': (KeystoneV3Credentials, KeystoneV3AuthProvider)}
diff --git a/tempest/cli/README.rst b/tempest/cli/README.rst
deleted file mode 100644
index bc18084..0000000
--- a/tempest/cli/README.rst
+++ /dev/null
@@ -1,50 +0,0 @@
-.. _cli_field_guide:
-
-Tempest Field Guide to CLI tests
-================================
-
-
-What are these tests?
----------------------
-The cli tests test the various OpenStack command line interface tools
-to ensure that they minimally function. The current scope is read only
-operations on a cloud that are hard to test via unit tests.
-
-
-Why are these tests in tempest?
--------------------------------
-These tests exist here because it is extremely difficult to build a
-functional enough environment in the python-\*client unit tests to
-provide this kind of testing. Because we already put up a cloud in the
-gate with devstack + tempest it was decided it was better to have
-these as a side tree in tempest instead of another QA effort which
-would split review time.
-
-
-Scope of these tests
---------------------
-This should stay limited to the scope of testing the cli. Functional
-testing of the cloud should be elsewhere, this is about exercising the
-cli code.
-
-
-Example of a good test
-----------------------
-Tests should be isolated to a single command in one of the python
-clients.
-
-Tests should not modify the cloud.
-
-If a test is validating the cli for bad data, it should do it with
-assertRaises.
-
-A reasonable example of an existing test is as follows::
-
- def test_admin_list(self):
- self.nova('list')
- self.nova('list', params='--all-tenants 1')
- self.nova('list', params='--all-tenants 0')
- self.assertRaises(subprocess.CalledProcessError,
- self.nova,
- 'list',
- params='--all-tenants bad')
diff --git a/tempest/cli/__init__.py b/tempest/cli/__init__.py
deleted file mode 100644
index 6733204..0000000
--- a/tempest/cli/__init__.py
+++ /dev/null
@@ -1,126 +0,0 @@
-# Copyright 2013 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import functools
-
-from tempest_lib.cli import base
-from tempest_lib.cli import output_parser
-import testtools
-
-from tempest.common import credentials
-from tempest import config
-from tempest import exceptions
-from tempest.openstack.common import versionutils
-from tempest import test
-
-
-CONF = config.CONF
-
-
-def check_client_version(client, version):
- """Checks if the client's version is compatible with the given version
-
- @param client: The client to check.
- @param version: The version to compare against.
- @return: True if the client version is compatible with the given version
- parameter, False otherwise.
- """
- current_version = base.execute(client, '', params='--version',
- merge_stderr=True, cli_dir=CONF.cli.cli_dir)
-
- if not current_version.strip():
- raise exceptions.TempestException('"%s --version" output was empty' %
- client)
-
- return versionutils.is_compatible(version, current_version,
- same_major=False)
-
-
-def min_client_version(*args, **kwargs):
- """A decorator to skip tests if the client used isn't of the right version.
-
- @param client: The client command to run. For python-novaclient, this is
- 'nova', for python-cinderclient this is 'cinder', etc.
- @param version: The minimum version required to run the CLI test.
- """
- def decorator(func):
- @functools.wraps(func)
- def wrapper(*func_args, **func_kwargs):
- if not check_client_version(kwargs['client'], kwargs['version']):
- msg = "requires %s client version >= %s" % (kwargs['client'],
- kwargs['version'])
- raise testtools.TestCase.skipException(msg)
- return func(*func_args, **func_kwargs)
- return wrapper
- return decorator
-
-
-class ClientTestBase(test.BaseTestCase):
-
- @classmethod
- def skip_checks(cls):
- super(ClientTestBase, cls).skip_checks()
- if not CONF.identity_feature_enabled.api_v2:
- raise cls.skipException("CLI clients rely on identity v2 API, "
- "which is configured as not available")
-
- @classmethod
- def resource_setup(cls):
- if not CONF.cli.enabled:
- msg = "cli testing disabled"
- raise cls.skipException(msg)
- super(ClientTestBase, cls).resource_setup()
- cls.isolated_creds = credentials.get_isolated_credentials(cls.__name__)
- cls.creds = cls.isolated_creds.get_admin_creds()
-
- def _get_clients(self):
- clients = base.CLIClient(self.creds.username,
- self.creds.password,
- self.creds.tenant_name,
- CONF.identity.uri, CONF.cli.cli_dir)
- return clients
-
- # TODO(mtreinish): The following code is basically copied from tempest-lib.
- # The base cli test class in tempest-lib 0.0.1 doesn't work as a mixin like
- # is needed here. The code below should be removed when tempest-lib
- # provides a way to provide this functionality
- def setUp(self):
- super(ClientTestBase, self).setUp()
- self.clients = self._get_clients()
- self.parser = output_parser
-
- def assertTableStruct(self, items, field_names):
- """Verify that all items has keys listed in field_names.
-
- :param items: items to assert are field names in the output table
- :type items: list
- :param field_names: field names from the output table of the cmd
- :type field_names: list
- """
- for item in items:
- for field in field_names:
- self.assertIn(field, item)
-
- def assertFirstLineStartsWith(self, lines, beginning):
- """Verify that the first line starts with a string
-
- :param lines: strings for each line of output
- :type lines: list
- :param beginning: verify this is at the beginning of the first line
- :type beginning: string
- """
- self.assertTrue(lines[0].startswith(beginning),
- msg=('Beginning of first line has invalid content: %s'
- % lines[:3]))
diff --git a/tempest/cli/simple_read_only/README.txt b/tempest/cli/simple_read_only/README.txt
deleted file mode 100644
index ca5fa2f..0000000
--- a/tempest/cli/simple_read_only/README.txt
+++ /dev/null
@@ -1 +0,0 @@
-This directory consists of simple read only python client tests.
diff --git a/tempest/cli/simple_read_only/__init__.py b/tempest/cli/simple_read_only/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/tempest/cli/simple_read_only/__init__.py
+++ /dev/null
diff --git a/tempest/cli/simple_read_only/heat_templates/heat_minimal.yaml b/tempest/cli/simple_read_only/heat_templates/heat_minimal.yaml
deleted file mode 100644
index 7dcda39..0000000
--- a/tempest/cli/simple_read_only/heat_templates/heat_minimal.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-HeatTemplateFormatVersion: '2012-12-12'
-Description: Minimal template to test validation
-Parameters:
- InstanceImage:
- Description: Glance image name
- Type: String
- InstanceType:
- Description: Nova instance type
- Type: String
- Default: m1.small
- AllowedValues: [m1.tiny, m1.small, m1.medium, m1.large, m1.nano, m1.xlarge, m1.micro]
- ConstraintDescription: must be a valid nova instance type.
-Resources:
- InstanceResource:
- Type: OS::Nova::Server
- Properties:
- flavor: {Ref: InstanceType}
- image: {Ref: InstanceImage}
diff --git a/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml b/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml
deleted file mode 100644
index 4657bfc..0000000
--- a/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-heat_template_version: 2013-05-23
-description: A minimal HOT test template
-parameters:
- instance_image:
- description: Glance image name
- type: string
- instance_type:
- description: Nova instance type
- type: string
- default: m1.small
- constraints:
- - allowed_values: [m1.small, m1.medium, m1.large]
- description: instance_type must be one of m1.small, m1.medium or m1.large
-resources:
- instance:
- type: OS::Nova::Server
- properties:
- image: { get_param: instance_image }
- flavor: { get_param: instance_type }
diff --git a/tempest/cli/simple_read_only/image/__init__.py b/tempest/cli/simple_read_only/image/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/tempest/cli/simple_read_only/image/__init__.py
+++ /dev/null
diff --git a/tempest/cli/simple_read_only/image/test_glance.py b/tempest/cli/simple_read_only/image/test_glance.py
deleted file mode 100644
index e38ca48..0000000
--- a/tempest/cli/simple_read_only/image/test_glance.py
+++ /dev/null
@@ -1,106 +0,0 @@
-# Copyright 2013 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import re
-
-from oslo_log import log as logging
-from tempest_lib import exceptions
-
-from tempest import cli
-from tempest import config
-from tempest import test
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class SimpleReadOnlyGlanceClientTest(cli.ClientTestBase):
- """Basic, read-only tests for Glance CLI client.
-
- Checks return values and output of read-only commands.
- These tests do not presume any content, nor do they create
- their own. They only verify the structure of output if present.
- """
-
- @classmethod
- def resource_setup(cls):
- if not CONF.service_available.glance:
- msg = ("%s skipped as Glance is not available" % cls.__name__)
- raise cls.skipException(msg)
- super(SimpleReadOnlyGlanceClientTest, cls).resource_setup()
-
- def glance(self, *args, **kwargs):
- return self.clients.glance(*args,
- endpoint_type=CONF.image.endpoint_type,
- **kwargs)
-
- @test.idempotent_id('c6bd9bf9-717f-4458-8d74-05b682ea7adf')
- def test_glance_fake_action(self):
- self.assertRaises(exceptions.CommandFailed,
- self.glance,
- 'this-does-not-exist')
-
- @test.idempotent_id('72bcdaf3-11cd-48cb-bb8e-62b329acc1ef')
- def test_glance_image_list(self):
- out = self.glance('image-list')
- endpoints = self.parser.listing(out)
- self.assertTableStruct(endpoints, [
- 'ID', 'Name', 'Disk Format', 'Container Format',
- 'Size', 'Status'])
-
- @test.idempotent_id('965d294c-8772-4899-ba33-26ee23406135')
- def test_glance_member_list(self):
- tenant_name = '--tenant-id %s' % CONF.identity.admin_tenant_name
- out = self.glance('member-list',
- params=tenant_name)
- endpoints = self.parser.listing(out)
- self.assertTableStruct(endpoints,
- ['Image ID', 'Member ID', 'Can Share'])
-
- @test.idempotent_id('43b80ee5-4297-47f3-ab4c-6f81b9c6edb3')
- def test_glance_help(self):
- help_text = self.glance('help')
- lines = help_text.split('\n')
- self.assertFirstLineStartsWith(lines, 'usage: glance')
-
- commands = []
- cmds_start = lines.index('Positional arguments:')
- cmds_end = lines.index('Optional arguments:')
- command_pattern = re.compile('^ {4}([a-z0-9\-\_]+)')
- for line in lines[cmds_start:cmds_end]:
- match = command_pattern.match(line)
- if match:
- commands.append(match.group(1))
- commands = set(commands)
- wanted_commands = set(('image-create', 'image-delete', 'help',
- 'image-download', 'image-show', 'image-update',
- 'member-create', 'member-delete',
- 'member-list', 'image-list'))
- self.assertFalse(wanted_commands - commands)
-
- # Optional arguments:
-
- @test.idempotent_id('3b2359ea-3719-4b47-81e5-44a042572b11')
- def test_glance_version(self):
- self.glance('', flags='--version')
-
- @test.idempotent_id('1a52d3bd-3edf-4d67-b3da-999a5d9e0c5e')
- def test_glance_debug_list(self):
- self.glance('image-list', flags='--debug')
-
- @test.idempotent_id('6f42b076-f9a7-4e2b-a729-579f53e7814e')
- def test_glance_timeout(self):
- self.glance('image-list', flags='--timeout %d' % CONF.cli.timeout)
diff --git a/tempest/cli/simple_read_only/orchestration/__init__.py b/tempest/cli/simple_read_only/orchestration/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/tempest/cli/simple_read_only/orchestration/__init__.py
+++ /dev/null
diff --git a/tempest/cli/simple_read_only/orchestration/test_heat.py b/tempest/cli/simple_read_only/orchestration/test_heat.py
deleted file mode 100644
index 8defe51..0000000
--- a/tempest/cli/simple_read_only/orchestration/test_heat.py
+++ /dev/null
@@ -1,117 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import json
-import os
-
-from oslo_log import log as logging
-import yaml
-
-import tempest.cli
-from tempest import config
-from tempest import test
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class SimpleReadOnlyHeatClientTest(tempest.cli.ClientTestBase):
- """Basic, read-only tests for Heat CLI client.
-
- Basic smoke test for the heat CLI commands which do not require
- creating or modifying stacks.
- """
-
- @classmethod
- def resource_setup(cls):
- if (not CONF.service_available.heat):
- msg = ("Skipping all Heat cli tests because it is "
- "not available")
- raise cls.skipException(msg)
- super(SimpleReadOnlyHeatClientTest, cls).resource_setup()
- cls.heat_template_path = os.path.join(os.path.dirname(
- os.path.dirname(os.path.realpath(__file__))),
- 'heat_templates/heat_minimal.yaml')
-
- def heat(self, *args, **kwargs):
- return self.clients.heat(
- *args, endpoint_type=CONF.orchestration.endpoint_type, **kwargs)
-
- @test.idempotent_id('0ae034bb-ce35-45e8-b7aa-3e339cd3140f')
- def test_heat_stack_list(self):
- self.heat('stack-list')
-
- @test.idempotent_id('a360d069-7250-4aed-9721-0a6f2db7c3fa')
- def test_heat_stack_list_debug(self):
- self.heat('stack-list', flags='--debug')
-
- @test.idempotent_id('e1b7c177-5ab4-4d3f-8a26-ea01ebbd2b8c')
- def test_heat_resource_template_fmt_default(self):
- ret = self.heat('resource-template OS::Nova::Server')
- self.assertIn('Type: OS::Nova::Server', ret)
-
- @test.idempotent_id('93f82f76-aab2-4910-9359-11cf48f2a46b')
- def test_heat_resource_template_fmt_arg_short_yaml(self):
- ret = self.heat('resource-template -F yaml OS::Nova::Server')
- self.assertIn('Type: OS::Nova::Server', ret)
- self.assertIsInstance(yaml.safe_load(ret), dict)
-
- @test.idempotent_id('7356a98c-e14d-43f0-8c25-c9f7daa0aafa')
- def test_heat_resource_template_fmt_arg_long_json(self):
- ret = self.heat('resource-template --format json OS::Nova::Server')
- self.assertIn('"Type": "OS::Nova::Server"', ret)
- self.assertIsInstance(json.loads(ret), dict)
-
- @test.idempotent_id('2fd99d20-beff-4667-b42e-de9095f671d7')
- def test_heat_resource_type_list(self):
- ret = self.heat('resource-type-list')
- rsrc_types = self.parser.listing(ret)
- self.assertTableStruct(rsrc_types, ['resource_type'])
-
- @test.idempotent_id('62f60dbf-d139-4698-b230-a09fb531d643')
- def test_heat_resource_type_show(self):
- rsrc_schema = self.heat('resource-type-show OS::Nova::Server')
- # resource-type-show returns a json resource schema
- self.assertIsInstance(json.loads(rsrc_schema), dict)
-
- @test.idempotent_id('6ca16ff7-9d5f-4448-a8c2-4cecc7b5ba3a')
- def test_heat_template_validate_yaml(self):
- ret = self.heat('template-validate -f %s' % self.heat_template_path)
- # On success template-validate returns a json representation
- # of the template parameters
- self.assertIsInstance(json.loads(ret), dict)
-
- @test.idempotent_id('35241014-16ea-4cb6-ad3e-4ee5f41446de')
- def test_heat_template_validate_hot(self):
- ret = self.heat('template-validate -f %s' % self.heat_template_path)
- self.assertIsInstance(json.loads(ret), dict)
-
- @test.idempotent_id('34d43e0a-36dc-4ea8-9b85-0189e3de89d8')
- def test_heat_help(self):
- self.heat('help')
-
- @tempest.cli.min_client_version(client='heat', version='0.2.7')
- @test.idempotent_id('c122c08b-839d-49d1-afd1-bc546b2d18d3')
- def test_heat_bash_completion(self):
- self.heat('bash-completion')
-
- @test.idempotent_id('1b045e12-2fa0-4895-9282-00668428dfbe')
- def test_heat_help_cmd(self):
- # Check requesting help for a specific command works
- help_text = self.heat('help resource-template')
- lines = help_text.split('\n')
- self.assertFirstLineStartsWith(lines, 'usage: heat resource-template')
-
- @test.idempotent_id('c7837f8f-d0a8-47fd-b75b-14ba3e3fa9a2')
- def test_heat_version(self):
- self.heat('', flags='--version')
diff --git a/tempest/cli/simple_read_only/volume/__init__.py b/tempest/cli/simple_read_only/volume/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/tempest/cli/simple_read_only/volume/__init__.py
+++ /dev/null
diff --git a/tempest/cli/simple_read_only/volume/test_cinder.py b/tempest/cli/simple_read_only/volume/test_cinder.py
deleted file mode 100644
index cb29cc8..0000000
--- a/tempest/cli/simple_read_only/volume/test_cinder.py
+++ /dev/null
@@ -1,220 +0,0 @@
-# Copyright 2013 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import logging
-import re
-
-from tempest_lib import exceptions
-import testtools
-
-from tempest import cli
-from tempest import clients
-from tempest import config
-from tempest import test
-
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class SimpleReadOnlyCinderClientTest(cli.ClientTestBase):
- """Basic, read-only tests for Cinder CLI client.
-
- Checks return values and output of read-only commands.
- These tests do not presume any content, nor do they create
- their own. They only verify the structure of output if present.
- """
-
- @classmethod
- def resource_setup(cls):
- if not CONF.service_available.cinder:
- msg = ("%s skipped as Cinder is not available" % cls.__name__)
- raise cls.skipException(msg)
- super(SimpleReadOnlyCinderClientTest, cls).resource_setup()
- id_cl = clients.AdminManager().identity_client
- tenant = id_cl.get_tenant_by_name(CONF.identity.admin_tenant_name)
- cls.admin_tenant_id = tenant['id']
-
- def cinder(self, *args, **kwargs):
- return self.clients.cinder(*args,
- endpoint_type=CONF.volume.endpoint_type,
- **kwargs)
-
- @test.idempotent_id('229bc6dc-d804-4668-b753-b590caf63061')
- def test_cinder_fake_action(self):
- self.assertRaises(exceptions.CommandFailed,
- self.cinder,
- 'this-does-not-exist')
-
- @test.idempotent_id('77140216-14db-4fc5-a246-e2a587e9e99b')
- def test_cinder_absolute_limit_list(self):
- roles = self.parser.listing(self.cinder('absolute-limits'))
- self.assertTableStruct(roles, ['Name', 'Value'])
-
- @test.idempotent_id('2206b9ce-1a36-4a0a-a129-e5afc7cee1dd')
- def test_cinder_backup_list(self):
- backup_list = self.parser.listing(self.cinder('backup-list'))
- self.assertTableStruct(backup_list, ['ID', 'Volume ID', 'Status',
- 'Name', 'Size', 'Object Count',
- 'Container'])
-
- @test.idempotent_id('c7f50346-cd99-4e0b-953f-796ff5f47295')
- def test_cinder_extra_specs_list(self):
- extra_specs_list = self.parser.listing(self.cinder('extra-specs-list'))
- self.assertTableStruct(extra_specs_list, ['ID', 'Name', 'extra_specs'])
-
- @test.idempotent_id('9de694cb-b40b-442c-a30c-5f9873e144f7')
- def test_cinder_volumes_list(self):
- list = self.parser.listing(self.cinder('list'))
- self.assertTableStruct(list, ['ID', 'Status', 'Name', 'Size',
- 'Volume Type', 'Bootable',
- 'Attached to'])
- self.cinder('list', params='--all-tenants 1')
- self.cinder('list', params='--all-tenants 0')
- self.assertRaises(exceptions.CommandFailed,
- self.cinder,
- 'list',
- params='--all-tenants bad')
-
- @test.idempotent_id('56f7c15c-ee82-4f23-bbe8-ce99b66da493')
- def test_cinder_quota_class_show(self):
- """This CLI can accept and string as param."""
- roles = self.parser.listing(self.cinder('quota-class-show',
- params='abc'))
- self.assertTableStruct(roles, ['Property', 'Value'])
-
- @test.idempotent_id('a919a811-b7f0-47a7-b4e5-f3eb674dd200')
- def test_cinder_quota_defaults(self):
- """This CLI can accept and string as param."""
- roles = self.parser.listing(self.cinder('quota-defaults',
- params=self.admin_tenant_id))
- self.assertTableStruct(roles, ['Property', 'Value'])
-
- @test.idempotent_id('18166673-ffa8-4df3-b60c-6375532288bc')
- def test_cinder_quota_show(self):
- """This CLI can accept and string as param."""
- roles = self.parser.listing(self.cinder('quota-show',
- params=self.admin_tenant_id))
- self.assertTableStruct(roles, ['Property', 'Value'])
-
- @test.idempotent_id('b2c66ed9-ca96-4dc4-94cc-8083e664e516')
- def test_cinder_rate_limits(self):
- rate_limits = self.parser.listing(self.cinder('rate-limits'))
- self.assertTableStruct(rate_limits, ['Verb', 'URI', 'Value', 'Remain',
- 'Unit', 'Next_Available'])
-
- @test.idempotent_id('7a19955b-807c-481a-a2ee-9d76733eac28')
- @testtools.skipUnless(CONF.volume_feature_enabled.snapshot,
- 'Volume snapshot not available.')
- def test_cinder_snapshot_list(self):
- snapshot_list = self.parser.listing(self.cinder('snapshot-list'))
- self.assertTableStruct(snapshot_list, ['ID', 'Volume ID', 'Status',
- 'Name', 'Size'])
-
- @test.idempotent_id('6e54ecd9-7ba9-490d-8e3b-294b67139e73')
- def test_cinder_type_list(self):
- type_list = self.parser.listing(self.cinder('type-list'))
- self.assertTableStruct(type_list, ['ID', 'Name'])
-
- @test.idempotent_id('2c363583-24a0-4980-b9cb-b50c0d241e82')
- def test_cinder_list_extensions(self):
- roles = self.parser.listing(self.cinder('list-extensions'))
- self.assertTableStruct(roles, ['Name', 'Summary', 'Alias', 'Updated'])
-
- @test.idempotent_id('691bd6df-30ad-4be7-927b-a02d62aaa38a')
- def test_cinder_credentials(self):
- credentials = self.parser.listing(self.cinder('credentials'))
- self.assertTableStruct(credentials, ['User Credentials', 'Value'])
-
- @test.idempotent_id('5c6d71a3-4904-4a3a-aec9-7fd4aa830e95')
- def test_cinder_availability_zone_list(self):
- zone_list = self.parser.listing(self.cinder('availability-zone-list'))
- self.assertTableStruct(zone_list, ['Name', 'Status'])
-
- @test.idempotent_id('9b0fd5a6-f955-42b9-a42f-6f542a80b9a3')
- def test_cinder_endpoints(self):
- out = self.cinder('endpoints')
- tables = self.parser.tables(out)
- for table in tables:
- headers = table['headers']
- self.assertTrue(2 >= len(headers))
- self.assertEqual('Value', headers[1])
-
- @test.idempotent_id('301b5ae1-9591-4e9f-999c-d525a9bdf822')
- def test_cinder_service_list(self):
- service_list = self.parser.listing(self.cinder('service-list'))
- self.assertTableStruct(service_list, ['Binary', 'Host', 'Zone',
- 'Status', 'State', 'Updated_at'])
-
- @test.idempotent_id('7260ae52-b462-461e-9048-36d0bccf92c6')
- def test_cinder_transfer_list(self):
- transfer_list = self.parser.listing(self.cinder('transfer-list'))
- self.assertTableStruct(transfer_list, ['ID', 'Volume ID', 'Name'])
-
- @test.idempotent_id('0976dea8-14f3-45a9-8495-3617fc4fbb13')
- def test_cinder_bash_completion(self):
- self.cinder('bash-completion')
-
- @test.idempotent_id('b7c00361-be80-4512-8735-5f98fc54f2a9')
- def test_cinder_qos_list(self):
- qos_list = self.parser.listing(self.cinder('qos-list'))
- self.assertTableStruct(qos_list, ['ID', 'Name', 'Consumer', 'specs'])
-
- @test.idempotent_id('2e92dc6e-22b5-4d94-abfc-b543b0c50a89')
- def test_cinder_encryption_type_list(self):
- encrypt_list = self.parser.listing(self.cinder('encryption-type-list'))
- self.assertTableStruct(encrypt_list, ['Volume Type ID', 'Provider',
- 'Cipher', 'Key Size',
- 'Control Location'])
-
- @test.idempotent_id('0ee6cb4c-8de6-4811-a7be-7f4bb75b80cc')
- def test_admin_help(self):
- help_text = self.cinder('help')
- lines = help_text.split('\n')
- self.assertFirstLineStartsWith(lines, 'usage: cinder')
-
- commands = []
- cmds_start = lines.index('Positional arguments:')
- cmds_end = lines.index('Optional arguments:')
- command_pattern = re.compile('^ {4}([a-z0-9\-\_]+)')
- for line in lines[cmds_start:cmds_end]:
- match = command_pattern.match(line)
- if match:
- commands.append(match.group(1))
- commands = set(commands)
- wanted_commands = set(('absolute-limits', 'list', 'help',
- 'quota-show', 'type-list', 'snapshot-list'))
- self.assertFalse(wanted_commands - commands)
-
- # Optional arguments:
-
- @test.idempotent_id('2fd6f530-183c-4bda-8918-1e59e36c26b9')
- def test_cinder_version(self):
- self.cinder('', flags='--version')
-
- @test.idempotent_id('306bac51-c443-4426-a6cf-583a953fcd68')
- def test_cinder_debug_list(self):
- self.cinder('list', flags='--debug')
-
- @test.idempotent_id('6d97fcd2-5dd1-429d-af70-030c949d86cd')
- def test_cinder_retries_list(self):
- self.cinder('list', flags='--retries 3')
-
- @test.idempotent_id('95a2850c-35b4-4159-bb93-51647a5ad232')
- def test_cinder_region_list(self):
- region = CONF.volume.region
- if not region:
- region = CONF.identity.region
- self.cinder('list', flags='--os-region-name ' + region)
diff --git a/tempest/clients.py b/tempest/clients.py
index e1b6eab..a0c9471 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -16,6 +16,8 @@
import copy
from oslo_log import log as logging
+from tempest_lib.services.identity.v2.token_client import TokenClientJSON
+from tempest_lib.services.identity.v3.token_client import V3TokenClientJSON
from tempest.common import cred_provider
from tempest.common import negative_rest_client
@@ -77,7 +79,6 @@
DatabaseVersionsClientJSON
from tempest.services.identity.v2.json.identity_client import \
IdentityClientJSON
-from tempest.services.identity.v2.json.token_client import TokenClientJSON
from tempest.services.identity.v3.json.credentials_client import \
CredentialsClientJSON
from tempest.services.identity.v3.json.endpoints_client import \
@@ -88,7 +89,6 @@
from tempest.services.identity.v3.json.region_client import RegionClientJSON
from tempest.services.identity.v3.json.service_client import \
ServiceClientJSON
-from tempest.services.identity.v3.json.token_client import V3TokenClientJSON
from tempest.services.image.v1.json.image_client import ImageClientJSON
from tempest.services.image.v2.json.image_client import ImageClientV2JSON
from tempest.services.messaging.json.messaging_client import \
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index f84771f..b2311b0 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -114,10 +114,10 @@
import netaddr
from oslo_log import log as logging
from oslo_utils import timeutils
+from tempest_lib import auth
from tempest_lib import exceptions as lib_exc
import yaml
-import tempest.auth
from tempest import config
from tempest.services.compute.json import flavors_client
from tempest.services.compute.json import floating_ips_client
@@ -175,7 +175,7 @@
}
object_storage_params.update(default_params)
- _creds = tempest.auth.KeystoneV2Credentials(
+ _creds = auth.KeystoneV2Credentials(
username=user,
password=pw,
tenant_name=tenant)
@@ -185,7 +185,7 @@
'ca_certs': CONF.identity.ca_certificates_file,
'trace_requests': CONF.debug.trace_requests
}
- _auth = tempest.auth.KeystoneV2AuthProvider(
+ _auth = auth.KeystoneV2AuthProvider(
_creds, CONF.identity.uri, **auth_provider_params)
self.identity = identity_client.IdentityClientJSON(
_auth,
diff --git a/tempest/common/cred_provider.py b/tempest/common/cred_provider.py
index 3223027..461097f 100644
--- a/tempest/common/cred_provider.py
+++ b/tempest/common/cred_provider.py
@@ -16,8 +16,8 @@
from oslo_log import log as logging
import six
+from tempest_lib import auth
-from tempest import auth
from tempest import config
from tempest import exceptions
diff --git a/tempest/config.py b/tempest/config.py
index a299c45..a711b33 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -1098,25 +1098,6 @@
help="Timeout for unprovisioning an Ironic node.")
]
-cli_group = cfg.OptGroup(name='cli', title="cli Configuration Options")
-
-CLIGroup = [
- cfg.BoolOpt('enabled',
- default=True,
- help="enable cli tests"),
- cfg.StrOpt('cli_dir',
- default='/usr/local/bin',
- help="directory where python client binaries are located"),
- cfg.BoolOpt('has_manage',
- default=True,
- help=("Whether the tempest run location has access to the "
- "*-manage commands. In a pure blackbox environment "
- "it will not.")),
- cfg.IntOpt('timeout',
- default=15,
- help="Number of seconds to wait on a CLI timeout"),
-]
-
negative_group = cfg.OptGroup(name='negative', title="Negative Test Options")
NegativeGroup = [
@@ -1155,7 +1136,6 @@
(debug_group, DebugGroup),
(baremetal_group, BaremetalGroup),
(input_scenario_group, InputScenarioGroup),
- (cli_group, CLIGroup),
(negative_group, NegativeGroup)
]
@@ -1219,7 +1199,6 @@
self.debug = _CONF.debug
self.baremetal = _CONF.baremetal
self.input_scenario = _CONF['input-scenario']
- self.cli = _CONF.cli
self.negative = _CONF.negative
_CONF.set_default('domain_name', self.identity.admin_domain_name,
group='identity')
diff --git a/tempest/manager.py b/tempest/manager.py
index 025ce65..c39d3e5 100644
--- a/tempest/manager.py
+++ b/tempest/manager.py
@@ -13,7 +13,8 @@
# License for the specific language governing permissions and limitations
# under the License.
-from tempest import auth
+from tempest_lib import auth
+
from tempest.common import cred_provider
from tempest import config
from tempest import exceptions
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index c7272fe..98bacf0 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -310,7 +310,7 @@
linux_client.validate_authentication()
except Exception:
LOG.exception('Initializing SSH connection to %s failed' % ip)
- # If we don't explicitely set for which servers we want to
+ # If we don't explicitly set for which servers we want to
# log the console output then all the servers will be logged.
# See the definition of _log_console_output()
self._log_console_output(log_console_of_servers)
diff --git a/tempest/scenario/test_baremetal_basic_ops.py b/tempest/scenario/test_baremetal_basic_ops.py
index 612a5a2..e54c25a 100644
--- a/tempest/scenario/test_baremetal_basic_ops.py
+++ b/tempest/scenario/test_baremetal_basic_ops.py
@@ -126,8 +126,9 @@
self.boot_instance()
self.validate_ports()
self.verify_connectivity()
- floating_ip = self.add_floating_ip()
- self.verify_connectivity(ip=floating_ip)
+ if CONF.compute.ssh_connect_method == 'floating':
+ floating_ip = self.add_floating_ip()
+ self.verify_connectivity(ip=floating_ip)
vm_client = self.get_remote_client(self.instance)
diff --git a/tempest/services/identity/v2/json/token_client.py b/tempest/services/identity/v2/json/token_client.py
deleted file mode 100644
index e61ac84..0000000
--- a/tempest/services/identity/v2/json/token_client.py
+++ /dev/null
@@ -1,110 +0,0 @@
-# Copyright 2015 NEC Corporation. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import json
-from tempest_lib.common import rest_client
-from tempest_lib import exceptions as lib_exc
-
-from tempest.common import service_client
-from tempest import exceptions
-
-
-class TokenClientJSON(rest_client.RestClient):
-
- def __init__(self, auth_url, disable_ssl_certificate_validation=None,
- ca_certs=None, trace_requests=None):
- dscv = disable_ssl_certificate_validation
- super(TokenClientJSON, self).__init__(
- None, None, None, disable_ssl_certificate_validation=dscv,
- ca_certs=ca_certs, trace_requests=trace_requests)
-
- # Normalize URI to ensure /tokens is in it.
- if 'tokens' not in auth_url:
- auth_url = auth_url.rstrip('/') + '/tokens'
-
- self.auth_url = auth_url
-
- def auth(self, user, password, tenant=None):
- creds = {
- 'auth': {
- 'passwordCredentials': {
- 'username': user,
- 'password': password,
- },
- }
- }
-
- if tenant:
- creds['auth']['tenantName'] = tenant
-
- body = json.dumps(creds)
- resp, body = self.post(self.auth_url, body=body)
- self.expected_success(200, resp.status)
-
- return service_client.ResponseBody(resp, body['access'])
-
- def auth_token(self, token_id, tenant=None):
- creds = {
- 'auth': {
- 'token': {
- 'id': token_id,
- },
- }
- }
-
- if tenant:
- creds['auth']['tenantName'] = tenant
-
- body = json.dumps(creds)
- resp, body = self.post(self.auth_url, body=body)
- self.expected_success(200, resp.status)
-
- return service_client.ResponseBody(resp, body['access'])
-
- def request(self, method, url, extra_headers=False, headers=None,
- body=None):
- """A simple HTTP request interface."""
- if headers is None:
- headers = self.get_headers(accept_type="json")
- elif extra_headers:
- try:
- headers.update(self.get_headers(accept_type="json"))
- except (ValueError, TypeError):
- headers = self.get_headers(accept_type="json")
-
- resp, resp_body = self.raw_request(url, method,
- headers=headers, body=body)
- self._log_request(method, url, resp)
-
- if resp.status in [401, 403]:
- resp_body = json.loads(resp_body)
- raise lib_exc.Unauthorized(resp_body['error']['message'])
- elif resp.status not in [200, 201]:
- raise exceptions.IdentityError(
- 'Unexpected status code {0}'.format(resp.status))
-
- if isinstance(resp_body, str):
- resp_body = json.loads(resp_body)
- return resp, resp_body
-
- def get_token(self, user, password, tenant, auth_data=False):
- """
- Returns (token id, token data) for supplied credentials
- """
- body = self.auth(user, password, tenant)
-
- if auth_data:
- return body['token']['id'], body
- else:
- return body['token']['id']
diff --git a/tempest/services/identity/v3/json/token_client.py b/tempest/services/identity/v3/json/token_client.py
deleted file mode 100644
index 3e37403..0000000
--- a/tempest/services/identity/v3/json/token_client.py
+++ /dev/null
@@ -1,172 +0,0 @@
-# Copyright 2015 NEC Corporation. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import json
-from tempest_lib.common import rest_client
-from tempest_lib import exceptions as lib_exc
-
-from tempest.common import service_client
-from tempest import exceptions
-
-
-class V3TokenClientJSON(rest_client.RestClient):
-
- def __init__(self, auth_url, disable_ssl_certificate_validation=None,
- ca_certs=None, trace_requests=None):
- dscv = disable_ssl_certificate_validation
- super(V3TokenClientJSON, self).__init__(
- None, None, None, disable_ssl_certificate_validation=dscv,
- ca_certs=ca_certs, trace_requests=trace_requests)
- if not auth_url:
- raise exceptions.InvalidConfiguration('you must specify a v3 uri '
- 'if using the v3 identity '
- 'api')
- if 'auth/tokens' not in auth_url:
- auth_url = auth_url.rstrip('/') + '/auth/tokens'
-
- self.auth_url = auth_url
-
- def auth(self, user_id=None, username=None, password=None, project_id=None,
- project_name=None, user_domain_id=None, user_domain_name=None,
- project_domain_id=None, project_domain_name=None, domain_id=None,
- domain_name=None, token=None):
- """
- :param user_id: user id
- :param username: user name
- :param user_domain_id: the user domain id
- :param user_domain_name: the user domain name
- :param project_domain_id: the project domain id
- :param project_domain_name: the project domain name
- :param domain_id: a domain id to scope to
- :param domain_name: a domain name to scope to
- :param project_id: a project id to scope to
- :param project_name: a project name to scope to
- :param token: a token to re-scope.
-
- Accepts different combinations of credentials.
- Sample sample valid combinations:
- - token
- - token, project_name, project_domain_id
- - user_id, password
- - username, password, user_domain_id
- - username, password, project_name, user_domain_id, project_domain_id
- Validation is left to the server side.
- """
- creds = {
- 'auth': {
- 'identity': {
- 'methods': [],
- }
- }
- }
- id_obj = creds['auth']['identity']
- if token:
- id_obj['methods'].append('token')
- id_obj['token'] = {
- 'id': token
- }
-
- if (user_id or username) and password:
- id_obj['methods'].append('password')
- id_obj['password'] = {
- 'user': {
- 'password': password,
- }
- }
- if user_id:
- id_obj['password']['user']['id'] = user_id
- else:
- id_obj['password']['user']['name'] = username
-
- _domain = None
- if user_domain_id is not None:
- _domain = dict(id=user_domain_id)
- elif user_domain_name is not None:
- _domain = dict(name=user_domain_name)
- if _domain:
- id_obj['password']['user']['domain'] = _domain
-
- if (project_id or project_name):
- _project = dict()
-
- if project_id:
- _project['id'] = project_id
- elif project_name:
- _project['name'] = project_name
-
- if project_domain_id is not None:
- _project['domain'] = {'id': project_domain_id}
- elif project_domain_name is not None:
- _project['domain'] = {'name': project_domain_name}
-
- creds['auth']['scope'] = dict(project=_project)
- elif domain_id:
- creds['auth']['scope'] = dict(domain={'id': domain_id})
- elif domain_name:
- creds['auth']['scope'] = dict(domain={'name': domain_name})
-
- body = json.dumps(creds)
- resp, body = self.post(self.auth_url, body=body)
- self.expected_success(201, resp.status)
- return service_client.ResponseBody(resp, body)
-
- def request(self, method, url, extra_headers=False, headers=None,
- body=None):
- """A simple HTTP request interface."""
- if headers is None:
- # Always accept 'json', for xml token client too.
- # Because XML response is not easily
- # converted to the corresponding JSON one
- headers = self.get_headers(accept_type="json")
- elif extra_headers:
- try:
- headers.update(self.get_headers(accept_type="json"))
- except (ValueError, TypeError):
- headers = self.get_headers(accept_type="json")
-
- resp, resp_body = self.raw_request(url, method,
- headers=headers, body=body)
- self._log_request(method, url, resp)
-
- if resp.status in [401, 403]:
- resp_body = json.loads(resp_body)
- raise lib_exc.Unauthorized(resp_body['error']['message'])
- elif resp.status not in [200, 201, 204]:
- raise exceptions.IdentityError(
- 'Unexpected status code {0}'.format(resp.status))
-
- return resp, json.loads(resp_body)
-
- def get_token(self, **kwargs):
- """
- Returns (token id, token data) for supplied credentials
- """
-
- auth_data = kwargs.pop('auth_data', False)
-
- if not (kwargs.get('user_domain_id') or
- kwargs.get('user_domain_name')):
- kwargs['user_domain_name'] = 'Default'
-
- if not (kwargs.get('project_domain_id') or
- kwargs.get('project_domain_name')):
- kwargs['project_domain_name'] = 'Default'
-
- body = self.auth(**kwargs)
-
- token = body.response.get('x-subject-token')
- if auth_data:
- return token, body['token']
- else:
- return token
diff --git a/tempest/test_discover/test_discover.py b/tempest/test_discover/test_discover.py
index 3fbb8e1..4a4b43a 100644
--- a/tempest/test_discover/test_discover.py
+++ b/tempest/test_discover/test_discover.py
@@ -25,7 +25,7 @@
suite = unittest.TestSuite()
base_path = os.path.split(os.path.dirname(os.path.abspath(__file__)))[0]
base_path = os.path.split(base_path)[0]
- for test_dir in ['./tempest/api', './tempest/cli', './tempest/scenario',
+ for test_dir in ['./tempest/api', './tempest/scenario',
'./tempest/thirdparty']:
if not pattern:
suite.addTests(loader.discover(test_dir, top_level_dir=base_path))
diff --git a/tempest/tests/cli/__init__.py b/tempest/tests/cli/__init__.py
deleted file mode 100644
index e69de29..0000000
--- a/tempest/tests/cli/__init__.py
+++ /dev/null
diff --git a/tempest/tests/cli/test_cli.py b/tempest/tests/cli/test_cli.py
deleted file mode 100644
index 8f18dfc..0000000
--- a/tempest/tests/cli/test_cli.py
+++ /dev/null
@@ -1,68 +0,0 @@
-# Copyright 2014 IBM Corp.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import mock
-from tempest_lib.cli import base as cli_base
-import testtools
-
-from tempest import cli
-from tempest import config
-from tempest import exceptions
-from tempest.tests import base
-from tempest.tests import fake_config
-
-
-class TestMinClientVersion(base.TestCase):
- """Tests for the min_client_version decorator.
- """
-
- def setUp(self):
- super(TestMinClientVersion, self).setUp()
- self.useFixture(fake_config.ConfigFixture())
- self.stubs.Set(config, 'TempestConfigPrivate', fake_config.FakePrivate)
-
- def _test_min_version(self, required, installed, expect_skip):
-
- @cli.min_client_version(client='nova', version=required)
- def fake(self, expect_skip):
- if expect_skip:
- # If we got here, the decorator didn't raise a skipException as
- # expected so we need to fail.
- self.fail('Should not have gotten past the decorator.')
-
- with mock.patch.object(cli_base, 'execute',
- return_value=installed) as mock_cmd:
- if expect_skip:
- self.assertRaises(testtools.TestCase.skipException, fake,
- self, expect_skip)
- else:
- fake(self, expect_skip)
- mock_cmd.assert_called_once_with('nova', '', params='--version',
- cli_dir='/usr/local/bin',
- merge_stderr=True)
-
- def test_min_client_version(self):
- # required, installed, expect_skip
- cases = (('2.17.0', '2.17.0', False),
- ('2.17.0', '2.18.0', False),
- ('2.18.0', '2.17.0', True))
-
- for case in cases:
- self._test_min_version(*case)
-
- @mock.patch.object(cli_base, 'execute', return_value=' ')
- def test_check_client_version_empty_output(self, mock_execute):
- # Tests that an exception is raised if the command output is empty.
- self.assertRaises(exceptions.TempestException,
- cli.check_client_version, 'nova', '2.18.0')
diff --git a/tempest/tests/common/test_accounts.py b/tempest/tests/common/test_accounts.py
index b4048ba..f357bf4 100644
--- a/tempest/tests/common/test_accounts.py
+++ b/tempest/tests/common/test_accounts.py
@@ -20,13 +20,13 @@
from oslo_concurrency import lockutils
from oslo_config import cfg
from oslotest import mockpatch
+from tempest_lib import auth
+from tempest_lib.services.identity.v2 import token_client
-from tempest import auth
from tempest.common import accounts
from tempest.common import cred_provider
from tempest import config
from tempest import exceptions
-from tempest.services.identity.v2.json import token_client
from tempest.tests import base
from tempest.tests import fake_config
from tempest.tests import fake_http
diff --git a/tempest/tests/common/test_cred_provider.py b/tempest/tests/common/test_cred_provider.py
index 76430ac..ed3f931 100644
--- a/tempest/tests/common/test_cred_provider.py
+++ b/tempest/tests/common/test_cred_provider.py
@@ -13,21 +13,21 @@
# under the License.
from oslo_config import cfg
+from tempest_lib import auth
+from tempest_lib import exceptions as lib_exc
+from tempest_lib.services.identity.v2 import token_client as v2_client
+from tempest_lib.services.identity.v3 import token_client as v3_client
-from tempest import auth
+
from tempest.common import cred_provider
from tempest.common import tempest_fixtures as fixtures
from tempest import config
-from tempest.services.identity.v2.json import token_client as v2_client
-from tempest.services.identity.v3.json import token_client as v3_client
+from tempest.tests import base
from tempest.tests import fake_config
from tempest.tests import fake_identity
-# Note(andreaf): once credentials tests move to tempest-lib, I will copy the
-# parts of them required by these here.
-from tempest.tests import test_credentials as test_creds
-class ConfiguredV2CredentialsTests(test_creds.CredentialsTests):
+class ConfiguredV2CredentialsTests(base.TestCase):
attributes = {
'username': 'fake_username',
'password': 'fake_password',
@@ -46,6 +46,23 @@
self.stubs.Set(self.tokenclient_class, 'raw_request',
self.identity_response)
+ def _get_credentials(self, attributes=None):
+ if attributes is None:
+ attributes = self.attributes
+ return self.credentials_class(**attributes)
+
+ def _check(self, credentials, credentials_class, filled):
+ # Check the right version of credentials has been returned
+ self.assertIsInstance(credentials, credentials_class)
+ # Check the id attributes are filled in
+ attributes = [x for x in credentials.ATTRIBUTES if (
+ '_id' in x and x != 'domain_id')]
+ for attr in attributes:
+ if filled:
+ self.assertIsNotNone(getattr(credentials, attr))
+ else:
+ self.assertIsNone(getattr(credentials, attr))
+
def _verify_credentials(self, credentials_class, filled=True,
identity_version=None):
for ctype in cred_provider.CREDENTIAL_TYPES:
@@ -58,6 +75,15 @@
identity_version=identity_version)
self._check(creds, credentials_class, filled)
+ def test_create(self):
+ creds = self._get_credentials()
+ self.assertEqual(self.attributes, creds._initial)
+
+ def test_create_invalid_attr(self):
+ self.assertRaises(lib_exc.InvalidCredentials,
+ self._get_credentials,
+ attributes=dict(invalid='fake'))
+
def test_get_configured_credentials(self):
self.useFixture(fixtures.LockFixture('auth_version'))
self._verify_credentials(credentials_class=self.credentials_class)
diff --git a/tempest/tests/fake_credentials.py b/tempest/tests/fake_credentials.py
deleted file mode 100644
index 649d51d..0000000
--- a/tempest/tests/fake_credentials.py
+++ /dev/null
@@ -1,63 +0,0 @@
-# Copyright 2014 Hewlett-Packard Development Company, L.P.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import auth
-
-
-class FakeCredentials(auth.Credentials):
-
- def is_valid(self):
- return True
-
-
-class FakeKeystoneV2Credentials(auth.KeystoneV2Credentials):
-
- def __init__(self):
- creds = dict(
- username='fake_username',
- password='fake_password',
- tenant_name='fake_tenant_name'
- )
- super(FakeKeystoneV2Credentials, self).__init__(**creds)
-
-
-class FakeKeystoneV3Credentials(auth.KeystoneV3Credentials):
- """
- Fake credentials suitable for the Keystone Identity V3 API
- """
-
- def __init__(self):
- creds = dict(
- username='fake_username',
- password='fake_password',
- user_domain_name='fake_domain_name',
- project_name='fake_tenant_name',
- project_domain_name='fake_domain_name'
- )
- super(FakeKeystoneV3Credentials, self).__init__(**creds)
-
-
-class FakeKeystoneV3DomainCredentials(auth.KeystoneV3Credentials):
- """
- Fake credentials suitable for the Keystone Identity V3 API, with no scope
- """
-
- def __init__(self):
- creds = dict(
- username='fake_username',
- password='fake_password',
- user_domain_name='fake_domain_name'
- )
- super(FakeKeystoneV3DomainCredentials, self).__init__(**creds)
diff --git a/tempest/tests/test_auth.py b/tempest/tests/test_auth.py
deleted file mode 100644
index eb63b30..0000000
--- a/tempest/tests/test_auth.py
+++ /dev/null
@@ -1,411 +0,0 @@
-# Copyright 2014 IBM Corp.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import copy
-import datetime
-
-from oslotest import mockpatch
-
-from tempest import auth
-from tempest import exceptions
-from tempest.services.identity.v2.json import token_client as v2_client
-from tempest.services.identity.v3.json import token_client as v3_client
-from tempest.tests import base
-from tempest.tests import fake_credentials
-from tempest.tests import fake_http
-from tempest.tests import fake_identity
-
-
-def fake_get_credentials(fill_in=True, identity_version='v2', **kwargs):
- return fake_credentials.FakeCredentials()
-
-
-class BaseAuthTestsSetUp(base.TestCase):
- _auth_provider_class = None
- credentials = fake_credentials.FakeCredentials()
-
- def _auth(self, credentials, auth_url, **params):
- """
- returns auth method according to keystone
- """
- return self._auth_provider_class(credentials, auth_url, **params)
-
- def setUp(self):
- super(BaseAuthTestsSetUp, self).setUp()
- self.fake_http = fake_http.fake_httplib2(return_type=200)
- self.stubs.Set(auth, 'get_credentials', fake_get_credentials)
- self.auth_provider = self._auth(self.credentials,
- fake_identity.FAKE_AUTH_URL)
-
-
-class TestBaseAuthProvider(BaseAuthTestsSetUp):
- """
- This tests auth.AuthProvider class which is base for the other so we
- obviously don't test not implemented method or the ones which strongly
- depends on them.
- """
-
- class FakeAuthProviderImpl(auth.AuthProvider):
- def _decorate_request():
- pass
-
- def _fill_credentials():
- pass
-
- def _get_auth():
- pass
-
- def base_url():
- pass
-
- def is_expired():
- pass
-
- _auth_provider_class = FakeAuthProviderImpl
-
- def _auth(self, credentials, auth_url, **params):
- """
- returns auth method according to keystone
- """
- return self._auth_provider_class(credentials, **params)
-
- def test_check_credentials_bad_type(self):
- self.assertFalse(self.auth_provider.check_credentials([]))
-
- def test_auth_data_property_when_cache_exists(self):
- self.auth_provider.cache = 'foo'
- self.useFixture(mockpatch.PatchObject(self.auth_provider,
- 'is_expired',
- return_value=False))
- self.assertEqual('foo', getattr(self.auth_provider, 'auth_data'))
-
- def test_delete_auth_data_property_through_deleter(self):
- self.auth_provider.cache = 'foo'
- del self.auth_provider.auth_data
- self.assertIsNone(self.auth_provider.cache)
-
- def test_delete_auth_data_property_through_clear_auth(self):
- self.auth_provider.cache = 'foo'
- self.auth_provider.clear_auth()
- self.assertIsNone(self.auth_provider.cache)
-
- def test_set_and_reset_alt_auth_data(self):
- self.auth_provider.set_alt_auth_data('foo', 'bar')
- self.assertEqual(self.auth_provider.alt_part, 'foo')
- self.assertEqual(self.auth_provider.alt_auth_data, 'bar')
-
- self.auth_provider.reset_alt_auth_data()
- self.assertIsNone(self.auth_provider.alt_part)
- self.assertIsNone(self.auth_provider.alt_auth_data)
-
- def test_auth_class(self):
- self.assertRaises(TypeError,
- auth.AuthProvider,
- fake_credentials.FakeCredentials)
-
-
-class TestKeystoneV2AuthProvider(BaseAuthTestsSetUp):
- _endpoints = fake_identity.IDENTITY_V2_RESPONSE['access']['serviceCatalog']
- _auth_provider_class = auth.KeystoneV2AuthProvider
- credentials = fake_credentials.FakeKeystoneV2Credentials()
-
- def setUp(self):
- super(TestKeystoneV2AuthProvider, self).setUp()
- self.stubs.Set(v2_client.TokenClientJSON, 'raw_request',
- fake_identity._fake_v2_response)
- self.target_url = 'test_api'
-
- def _get_fake_alt_identity(self):
- return fake_identity.ALT_IDENTITY_V2_RESPONSE['access']
-
- def _get_result_url_from_endpoint(self, ep, endpoint_type='publicURL',
- replacement=None):
- if replacement:
- return ep[endpoint_type].replace('v2', replacement)
- return ep[endpoint_type]
-
- def _get_token_from_fake_identity(self):
- return fake_identity.TOKEN
-
- def _get_from_fake_identity(self, attr):
- access = fake_identity.IDENTITY_V2_RESPONSE['access']
- if attr == 'user_id':
- return access['user']['id']
- elif attr == 'tenant_id':
- return access['token']['tenant']['id']
-
- def _test_request_helper(self, filters, expected):
- url, headers, body = self.auth_provider.auth_request('GET',
- self.target_url,
- filters=filters)
-
- self.assertEqual(expected['url'], url)
- self.assertEqual(expected['token'], headers['X-Auth-Token'])
- self.assertEqual(expected['body'], body)
-
- def _auth_data_with_expiry(self, date_as_string):
- token, access = self.auth_provider.auth_data
- access['token']['expires'] = date_as_string
- return token, access
-
- def test_request(self):
- filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion'
- }
-
- url = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][1]) + '/' + self.target_url
-
- expected = {
- 'body': None,
- 'url': url,
- 'token': self._get_token_from_fake_identity(),
- }
- self._test_request_helper(filters, expected)
-
- def test_request_with_alt_auth_cleans_alt(self):
- self.auth_provider.set_alt_auth_data(
- 'body',
- (fake_identity.ALT_TOKEN, self._get_fake_alt_identity()))
- self.test_request()
- # Assert alt auth data is clear after it
- self.assertIsNone(self.auth_provider.alt_part)
- self.assertIsNone(self.auth_provider.alt_auth_data)
-
- def test_request_with_alt_part_without_alt_data(self):
- """
- Assert that when alt_part is defined, the corresponding original
- request element is kept the same.
- """
- filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'fakeRegion'
- }
- self.auth_provider.set_alt_auth_data('url', None)
-
- url, headers, body = self.auth_provider.auth_request('GET',
- self.target_url,
- filters=filters)
-
- self.assertEqual(url, self.target_url)
- self.assertEqual(self._get_token_from_fake_identity(),
- headers['X-Auth-Token'])
- self.assertEqual(body, None)
-
- def test_request_with_bad_service(self):
- filters = {
- 'service': 'BAD_SERVICE',
- 'endpoint_type': 'publicURL',
- 'region': 'fakeRegion'
- }
- self.assertRaises(exceptions.EndpointNotFound,
- self.auth_provider.auth_request, 'GET',
- self.target_url, filters=filters)
-
- def test_request_without_service(self):
- filters = {
- 'service': None,
- 'endpoint_type': 'publicURL',
- 'region': 'fakeRegion'
- }
- self.assertRaises(exceptions.EndpointNotFound,
- self.auth_provider.auth_request, 'GET',
- self.target_url, filters=filters)
-
- def test_check_credentials_missing_attribute(self):
- for attr in ['username', 'password']:
- cred = copy.copy(self.credentials)
- del cred[attr]
- self.assertFalse(self.auth_provider.check_credentials(cred))
-
- def test_fill_credentials(self):
- self.auth_provider.fill_credentials()
- creds = self.auth_provider.credentials
- for attr in ['user_id', 'tenant_id']:
- self.assertEqual(self._get_from_fake_identity(attr),
- getattr(creds, attr))
-
- def _test_base_url_helper(self, expected_url, filters,
- auth_data=None):
-
- url = self.auth_provider.base_url(filters, auth_data)
- self.assertEqual(url, expected_url)
-
- def test_base_url(self):
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion'
- }
- expected = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][1])
- self._test_base_url_helper(expected, self.filters)
-
- def test_base_url_to_get_admin_endpoint(self):
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'adminURL',
- 'region': 'FakeRegion'
- }
- expected = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][1], endpoint_type='adminURL')
- self._test_base_url_helper(expected, self.filters)
-
- def test_base_url_unknown_region(self):
- """
- Assure that if the region is unknow the first endpoint is returned.
- """
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'AintNoBodyKnowThisRegion'
- }
- expected = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][0])
- self._test_base_url_helper(expected, self.filters)
-
- def test_base_url_with_non_existent_service(self):
- self.filters = {
- 'service': 'BAD_SERVICE',
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion'
- }
- self.assertRaises(exceptions.EndpointNotFound,
- self._test_base_url_helper, None, self.filters)
-
- def test_base_url_without_service(self):
- self.filters = {
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion'
- }
- self.assertRaises(exceptions.EndpointNotFound,
- self._test_base_url_helper, None, self.filters)
-
- def test_base_url_with_api_version_filter(self):
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion',
- 'api_version': 'v12'
- }
- expected = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][1], replacement='v12')
- self._test_base_url_helper(expected, self.filters)
-
- def test_base_url_with_skip_path_filter(self):
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'publicURL',
- 'region': 'FakeRegion',
- 'skip_path': True
- }
- expected = 'http://fake_url/'
- self._test_base_url_helper(expected, self.filters)
-
- def test_token_not_expired(self):
- expiry_data = datetime.datetime.utcnow() + datetime.timedelta(days=1)
- auth_data = self._auth_data_with_expiry(
- expiry_data.strftime(self.auth_provider.EXPIRY_DATE_FORMAT))
- self.assertFalse(self.auth_provider.is_expired(auth_data))
-
- def test_token_expired(self):
- expiry_data = datetime.datetime.utcnow() - datetime.timedelta(hours=1)
- auth_data = self._auth_data_with_expiry(
- expiry_data.strftime(self.auth_provider.EXPIRY_DATE_FORMAT))
- self.assertTrue(self.auth_provider.is_expired(auth_data))
-
- def test_token_not_expired_to_be_renewed(self):
- expiry_data = datetime.datetime.utcnow() + \
- self.auth_provider.token_expiry_threshold / 2
- auth_data = self._auth_data_with_expiry(
- expiry_data.strftime(self.auth_provider.EXPIRY_DATE_FORMAT))
- self.assertTrue(self.auth_provider.is_expired(auth_data))
-
-
-class TestKeystoneV3AuthProvider(TestKeystoneV2AuthProvider):
- _endpoints = fake_identity.IDENTITY_V3_RESPONSE['token']['catalog']
- _auth_provider_class = auth.KeystoneV3AuthProvider
- credentials = fake_credentials.FakeKeystoneV3Credentials()
-
- def setUp(self):
- super(TestKeystoneV3AuthProvider, self).setUp()
- self.stubs.Set(v3_client.V3TokenClientJSON, 'raw_request',
- fake_identity._fake_v3_response)
-
- def _get_fake_alt_identity(self):
- return fake_identity.ALT_IDENTITY_V3['token']
-
- def _get_result_url_from_endpoint(self, ep, replacement=None):
- if replacement:
- return ep['url'].replace('v3', replacement)
- return ep['url']
-
- def _auth_data_with_expiry(self, date_as_string):
- token, access = self.auth_provider.auth_data
- access['expires_at'] = date_as_string
- return token, access
-
- def _get_from_fake_identity(self, attr):
- token = fake_identity.IDENTITY_V3_RESPONSE['token']
- if attr == 'user_id':
- return token['user']['id']
- elif attr == 'project_id':
- return token['project']['id']
- elif attr == 'user_domain_id':
- return token['user']['domain']['id']
- elif attr == 'project_domain_id':
- return token['project']['domain']['id']
-
- def test_check_credentials_missing_attribute(self):
- # reset credentials to fresh ones
- self.credentials.reset()
- for attr in ['username', 'password', 'user_domain_name',
- 'project_domain_name']:
- cred = copy.copy(self.credentials)
- del cred[attr]
- self.assertFalse(self.auth_provider.check_credentials(cred),
- "Credentials should be invalid without %s" % attr)
-
- def test_check_domain_credentials_missing_attribute(self):
- # reset credentials to fresh ones
- self.credentials.reset()
- domain_creds = fake_credentials.FakeKeystoneV3DomainCredentials()
- for attr in ['username', 'password', 'user_domain_name']:
- cred = copy.copy(domain_creds)
- del cred[attr]
- self.assertFalse(self.auth_provider.check_credentials(cred),
- "Credentials should be invalid without %s" % attr)
-
- def test_fill_credentials(self):
- self.auth_provider.fill_credentials()
- creds = self.auth_provider.credentials
- for attr in ['user_id', 'project_id', 'user_domain_id',
- 'project_domain_id']:
- self.assertEqual(self._get_from_fake_identity(attr),
- getattr(creds, attr))
-
- # Overwrites v2 test
- def test_base_url_to_get_admin_endpoint(self):
- self.filters = {
- 'service': 'compute',
- 'endpoint_type': 'admin',
- 'region': 'MiddleEarthRegion'
- }
- expected = self._get_result_url_from_endpoint(
- self._endpoints[0]['endpoints'][2])
- self._test_base_url_helper(expected, self.filters)
diff --git a/tempest/tests/test_credentials.py b/tempest/tests/test_credentials.py
deleted file mode 100644
index bf44d11..0000000
--- a/tempest/tests/test_credentials.py
+++ /dev/null
@@ -1,180 +0,0 @@
-# Copyright 2014 Hewlett-Packard Development Company, L.P.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import copy
-
-from tempest import auth
-from tempest import exceptions
-from tempest.services.identity.v2.json import token_client as v2_client
-from tempest.services.identity.v3.json import token_client as v3_client
-from tempest.tests import base
-from tempest.tests import fake_identity
-
-
-class CredentialsTests(base.TestCase):
- attributes = {}
- credentials_class = auth.Credentials
-
- def _get_credentials(self, attributes=None):
- if attributes is None:
- attributes = self.attributes
- return self.credentials_class(**attributes)
-
- def _check(self, credentials, credentials_class, filled):
- # Check the right version of credentials has been returned
- self.assertIsInstance(credentials, credentials_class)
- # Check the id attributes are filled in
- attributes = [x for x in credentials.ATTRIBUTES if (
- '_id' in x and x != 'domain_id')]
- for attr in attributes:
- if filled:
- self.assertIsNotNone(getattr(credentials, attr))
- else:
- self.assertIsNone(getattr(credentials, attr))
-
- def test_create(self):
- creds = self._get_credentials()
- self.assertEqual(self.attributes, creds._initial)
-
- def test_create_invalid_attr(self):
- self.assertRaises(exceptions.InvalidCredentials,
- self._get_credentials,
- attributes=dict(invalid='fake'))
-
- def test_is_valid(self):
- creds = self._get_credentials()
- self.assertRaises(NotImplementedError, creds.is_valid)
-
-
-class KeystoneV2CredentialsTests(CredentialsTests):
- attributes = {
- 'username': 'fake_username',
- 'password': 'fake_password',
- 'tenant_name': 'fake_tenant_name'
- }
-
- identity_response = fake_identity._fake_v2_response
- credentials_class = auth.KeystoneV2Credentials
- tokenclient_class = v2_client.TokenClientJSON
- identity_version = 'v2'
-
- def setUp(self):
- super(KeystoneV2CredentialsTests, self).setUp()
- self.stubs.Set(self.tokenclient_class, 'raw_request',
- self.identity_response)
-
- def _verify_credentials(self, credentials_class, creds_dict, filled=True):
- creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
- fill_in=filled,
- identity_version=self.identity_version,
- **creds_dict)
- self._check(creds, credentials_class, filled)
-
- def test_get_credentials(self):
- self._verify_credentials(credentials_class=self.credentials_class,
- creds_dict=self.attributes)
-
- def test_get_credentials_not_filled(self):
- self._verify_credentials(credentials_class=self.credentials_class,
- creds_dict=self.attributes,
- filled=False)
-
- def test_is_valid(self):
- creds = self._get_credentials()
- self.assertTrue(creds.is_valid())
-
- def _test_is_not_valid(self, ignore_key):
- creds = self._get_credentials()
- for attr in self.attributes.keys():
- if attr == ignore_key:
- continue
- temp_attr = getattr(creds, attr)
- delattr(creds, attr)
- self.assertFalse(creds.is_valid(),
- "Credentials should be invalid without %s" % attr)
- setattr(creds, attr, temp_attr)
-
- def test_is_not_valid(self):
- # NOTE(mtreinish): A KeystoneV2 credential object is valid without
- # a tenant_name. So skip that check. See tempest.auth for the valid
- # credential requirements
- self._test_is_not_valid('tenant_name')
-
- def test_reset_all_attributes(self):
- creds = self._get_credentials()
- initial_creds = copy.deepcopy(creds)
- set_attr = creds.__dict__.keys()
- missing_attr = set(creds.ATTRIBUTES).difference(set_attr)
- # Set all unset attributes, then reset
- for attr in missing_attr:
- setattr(creds, attr, 'fake' + attr)
- creds.reset()
- # Check reset credentials are same as initial ones
- self.assertEqual(creds, initial_creds)
-
- def test_reset_single_attribute(self):
- creds = self._get_credentials()
- initial_creds = copy.deepcopy(creds)
- set_attr = creds.__dict__.keys()
- missing_attr = set(creds.ATTRIBUTES).difference(set_attr)
- # Set one unset attributes, then reset
- for attr in missing_attr:
- setattr(creds, attr, 'fake' + attr)
- creds.reset()
- # Check reset credentials are same as initial ones
- self.assertEqual(creds, initial_creds)
-
-
-class KeystoneV3CredentialsTests(KeystoneV2CredentialsTests):
- attributes = {
- 'username': 'fake_username',
- 'password': 'fake_password',
- 'project_name': 'fake_project_name',
- 'user_domain_name': 'fake_domain_name'
- }
-
- credentials_class = auth.KeystoneV3Credentials
- identity_response = fake_identity._fake_v3_response
- tokenclient_class = v3_client.V3TokenClientJSON
- identity_version = 'v3'
-
- def test_is_not_valid(self):
- # NOTE(mtreinish) For a Keystone V3 credential object a project name
- # is not required to be valid, so we skip that check. See tempest.auth
- # for the valid credential requirements
- self._test_is_not_valid('project_name')
-
- def test_synced_attributes(self):
- attributes = self.attributes
- # Create V3 credentials with tenant instead of project, and user_domain
- for attr in ['project_id', 'user_domain_id']:
- attributes[attr] = 'fake_' + attr
- creds = self._get_credentials(attributes)
- self.assertEqual(creds.project_name, creds.tenant_name)
- self.assertEqual(creds.project_id, creds.tenant_id)
- self.assertEqual(creds.user_domain_name, creds.project_domain_name)
- self.assertEqual(creds.user_domain_id, creds.project_domain_id)
- # Replace user_domain with project_domain
- del attributes['user_domain_name']
- del attributes['user_domain_id']
- del attributes['project_name']
- del attributes['project_id']
- for attr in ['project_domain_name', 'project_domain_id',
- 'tenant_name', 'tenant_id']:
- attributes[attr] = 'fake_' + attr
- self.assertEqual(creds.tenant_name, creds.project_name)
- self.assertEqual(creds.tenant_id, creds.project_id)
- self.assertEqual(creds.project_domain_name, creds.user_domain_name)
- self.assertEqual(creds.project_domain_id, creds.user_domain_id)
diff --git a/tempest/tests/test_tenant_isolation.py b/tempest/tests/test_tenant_isolation.py
index fd8718f..1eb33a4 100644
--- a/tempest/tests/test_tenant_isolation.py
+++ b/tempest/tests/test_tenant_isolation.py
@@ -15,6 +15,7 @@
import mock
from oslo_config import cfg
from oslotest import mockpatch
+from tempest_lib.services.identity.v2 import token_client as json_token_client
from tempest.common import isolated_creds
from tempest.common import service_client
@@ -22,7 +23,6 @@
from tempest import exceptions
from tempest.services.identity.v2.json import identity_client as \
json_iden_client
-from tempest.services.identity.v2.json import token_client as json_token_client
from tempest.services.network.json import network_client as json_network_client
from tempest.tests import base
from tempest.tests import fake_config
diff --git a/tox.ini b/tox.ini
index 2f0aa99..88d1302 100644
--- a/tox.ini
+++ b/tox.ini
@@ -47,7 +47,7 @@
# See the testrepostiory bug: https://bugs.launchpad.net/testrepository/+bug/1208610
commands =
find . -type f -name "*.pyc" -delete
- bash tools/pretty_tox.sh '(?!.*\[.*\bslow\b.*\])(^tempest\.(api|scenario|thirdparty|cli)) {posargs}'
+ bash tools/pretty_tox.sh '(?!.*\[.*\bslow\b.*\])(^tempest\.(api|scenario|thirdparty)) {posargs}'
[testenv:full-serial]
sitepackages = {[tempestenv]sitepackages}
@@ -57,7 +57,7 @@
# See the testrepostiory bug: https://bugs.launchpad.net/testrepository/+bug/1208610
commands =
find . -type f -name "*.pyc" -delete
- bash tools/pretty_tox_serial.sh '(?!.*\[.*\bslow\b.*\])(^tempest\.(api|scenario|thirdparty|cli)) {posargs}'
+ bash tools/pretty_tox_serial.sh '(?!.*\[.*\bslow\b.*\])(^tempest\.(api|scenario|thirdparty)) {posargs}'
[testenv:heat-slow]
sitepackages = {[tempestenv]sitepackages}