Merge "tighten up isolated creds create"
diff --git a/etc/tempest.conf.sample b/etc/tempest.conf.sample
index bb9a68e..21c8506 100644
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@@ -226,7 +226,7 @@
# Timeout in seconds to wait for ping to succeed. (integer
# value)
-#ping_timeout=60
+#ping_timeout=120
# Timeout in seconds to wait for authentication to succeed.
# (integer value)
diff --git a/etc/whitelist.yaml b/etc/whitelist.yaml
index 1c12b6c..2d8b741 100644
--- a/etc/whitelist.yaml
+++ b/etc/whitelist.yaml
@@ -78,6 +78,8 @@
ceilometer-acentral:
- module: "ceilometer.central.manager"
message: "403 Forbidden"
+ - module: "ceilometer.central.manager"
+ message: "get_samples\\(\\) got an unexpected keyword argument 'resources'"
ceilometer-alarm-evaluator:
- module: "ceilometer.alarm.service"
@@ -133,6 +135,8 @@
message: "but the actual state is deleting to caller"
- module: "nova.openstack.common.rpc.common"
message: "Traceback \\(most recent call last"
+ - module: "nova.openstack.common.threadgroup"
+ message: "Service with host .* topic conductor exists."
n-sch:
- module: "nova.scheduler.filter_scheduler"
diff --git a/tempest/api/compute/servers/test_server_actions.py b/tempest/api/compute/servers/test_server_actions.py
index 49d8495..fea8dd5 100644
--- a/tempest/api/compute/servers/test_server_actions.py
+++ b/tempest/api/compute/servers/test_server_actions.py
@@ -268,6 +268,7 @@
}
resp, image_list = self.os.image_client.image_list_detail(
properties,
+ status='active',
sort_key='created_at',
sort_dir='asc')
self.assertEqual(200, resp.status)
@@ -292,6 +293,7 @@
oldest_backup_exist = False
resp, image_list = self.os.image_client.image_list_detail(
properties,
+ status='active',
sort_key='created_at',
sort_dir='asc')
self.assertEqual(200, resp.status)
diff --git a/tempest/api/compute/servers/test_server_metadata.py b/tempest/api/compute/servers/test_server_metadata.py
index 80ac4da..ad4931c 100644
--- a/tempest/api/compute/servers/test_server_metadata.py
+++ b/tempest/api/compute/servers/test_server_metadata.py
@@ -14,8 +14,7 @@
# under the License.
from tempest.api.compute import base
-from tempest import exceptions
-from tempest.test import attr
+from tempest import test
class ServerMetadataTestJSON(base.BaseV2ComputeTest):
@@ -28,8 +27,6 @@
cls.quotas = cls.quotas_client
cls.admin_client = cls._get_identity_admin_client()
resp, tenants = cls.admin_client.list_tenants()
- cls.tenant_id = [tnt['id'] for tnt in tenants if tnt['name'] ==
- cls.client.tenant_name][0]
resp, server = cls.create_test_server(meta={}, wait_until='ACTIVE')
cls.server_id = server['id']
@@ -40,7 +37,7 @@
resp, _ = self.client.set_server_metadata(self.server_id, meta)
self.assertEqual(resp.status, 200)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_list_server_metadata(self):
# All metadata key/value pairs for a server should be returned
resp, resp_metadata = self.client.list_server_metadata(self.server_id)
@@ -50,7 +47,7 @@
expected = {'key1': 'value1', 'key2': 'value2'}
self.assertEqual(expected, resp_metadata)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_set_server_metadata(self):
# The server's metadata should be replaced with the provided values
# Create a new set of metadata for the server
@@ -64,22 +61,7 @@
resp, resp_metadata = self.client.list_server_metadata(self.server_id)
self.assertEqual(resp_metadata, req_metadata)
- @attr(type='gate')
- def test_server_create_metadata_key_too_long(self):
- # Attempt to start a server with a meta-data key that is > 255
- # characters
-
- # Try a few values
- for sz in [256, 257, 511, 1023]:
- key = "k" * sz
- meta = {key: 'data1'}
- self.assertRaises(exceptions.OverLimit,
- self.create_test_server,
- meta=meta)
-
- # no teardown - all creates should fail
-
- @attr(type='gate')
+ @test.attr(type='gate')
def test_update_server_metadata(self):
# The server's metadata values should be updated to the
# provided values
@@ -93,7 +75,7 @@
expected = {'key1': 'alt1', 'key2': 'value2', 'key3': 'value3'}
self.assertEqual(expected, resp_metadata)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_update_metadata_empty_body(self):
# The original metadata should not be lost if empty metadata body is
# passed
@@ -103,14 +85,14 @@
expected = {'key1': 'value1', 'key2': 'value2'}
self.assertEqual(expected, resp_metadata)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_get_server_metadata_item(self):
# The value for a specific metadata key should be returned
resp, meta = self.client.get_server_metadata_item(self.server_id,
'key2')
self.assertEqual('value2', meta['key2'])
- @attr(type='gate')
+ @test.attr(type='gate')
def test_set_server_metadata_item(self):
# The item's value should be updated to the provided value
# Update the metadata value
@@ -124,7 +106,7 @@
expected = {'key1': 'value1', 'key2': 'value2', 'nova': 'alt'}
self.assertEqual(expected, resp_metadata)
- @attr(type='gate')
+ @test.attr(type='gate')
def test_delete_server_metadata_item(self):
# The metadata value/key pair should be deleted from the server
resp, meta = self.client.delete_server_metadata_item(self.server_id,
@@ -136,80 +118,6 @@
expected = {'key2': 'value2'}
self.assertEqual(expected, resp_metadata)
- @attr(type=['negative', 'gate'])
- def test_server_metadata_negative(self):
- # Blank key should trigger an error.
- meta = {'': 'data1'}
- self.assertRaises(exceptions.BadRequest,
- self.create_test_server,
- meta=meta)
-
- # GET on a non-existent server should not succeed
- self.assertRaises(exceptions.NotFound,
- self.client.get_server_metadata_item, 999, 'test2')
-
- # List metadata on a non-existent server should not succeed
- self.assertRaises(exceptions.NotFound,
- self.client.list_server_metadata, 999)
-
- # Raise BadRequest if key in uri does not match
- # the key passed in body.
- meta = {'testkey': 'testvalue'}
- self.assertRaises(exceptions.BadRequest,
- self.client.set_server_metadata_item,
- self.server_id, 'key', meta)
-
- # Set metadata on a non-existent server should not succeed
- meta = {'meta1': 'data1'}
- self.assertRaises(exceptions.NotFound,
- self.client.set_server_metadata, 999, meta)
-
- # An update should not happen for a non-existent image
- meta = {'key1': 'value1', 'key2': 'value2'}
- self.assertRaises(exceptions.NotFound,
- self.client.update_server_metadata, 999, meta)
-
- # Blank key should trigger an error
- meta = {'': 'data1'}
- self.assertRaises(exceptions.BadRequest,
- self.client.update_server_metadata,
- self.server_id, meta=meta)
-
- # Should not be able to delete metadata item from a non-existent server
- self.assertRaises(exceptions.NotFound,
- self.client.delete_server_metadata_item, 999, 'd')
-
- # Raise a 413 OverLimit exception while exceeding metadata items limit
- # for tenant.
- _, quota_set = self.quotas.get_quota_set(self.tenant_id)
- quota_metadata = quota_set['metadata_items']
- req_metadata = {}
- for num in range(1, quota_metadata + 2):
- req_metadata['key' + str(num)] = 'val' + str(num)
- self.assertRaises(exceptions.OverLimit,
- self.client.set_server_metadata,
- self.server_id, req_metadata)
-
- # Raise a 413 OverLimit exception while exceeding metadata items limit
- # for tenant (update).
- self.assertRaises(exceptions.OverLimit,
- self.client.update_server_metadata,
- self.server_id, req_metadata)
-
- # Raise a bad request error for blank key.
- # set_server_metadata will replace all metadata with new value
- meta = {'': 'data1'}
- self.assertRaises(exceptions.BadRequest,
- self.client.set_server_metadata,
- self.server_id, meta=meta)
-
- # Raise a bad request error for a missing metadata field
- # set_server_metadata will replace all metadata with new value
- meta = {'meta1': 'data1'}
- self.assertRaises(exceptions.BadRequest,
- self.client.set_server_metadata,
- self.server_id, meta=meta, no_metadata_field=True)
-
class ServerMetadataTestXML(ServerMetadataTestJSON):
_interface = 'xml'
diff --git a/tempest/api/compute/servers/test_server_metadata_negative.py b/tempest/api/compute/servers/test_server_metadata_negative.py
new file mode 100644
index 0000000..d12f91c
--- /dev/null
+++ b/tempest/api/compute/servers/test_server_metadata_negative.py
@@ -0,0 +1,165 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2012 OpenStack Foundation
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.compute import base
+from tempest.common.utils import data_utils
+from tempest import exceptions
+from tempest import test
+
+
+class ServerMetadataNegativeTestJSON(base.BaseV2ComputeTest):
+ _interface = 'json'
+
+ @classmethod
+ def setUpClass(cls):
+ super(ServerMetadataNegativeTestJSON, cls).setUpClass()
+ cls.client = cls.servers_client
+ cls.quotas = cls.quotas_client
+ cls.admin_client = cls._get_identity_admin_client()
+ resp, tenants = cls.admin_client.list_tenants()
+ cls.tenant_id = [tnt['id'] for tnt in tenants if tnt['name'] ==
+ cls.client.tenant_name][0]
+ resp, server = cls.create_test_server(meta={}, wait_until='ACTIVE')
+
+ cls.server_id = server['id']
+
+ @test.attr(type=['gate', 'negative'])
+ def test_server_create_metadata_key_too_long(self):
+ # Attempt to start a server with a meta-data key that is > 255
+ # characters
+
+ # Tryset_server_metadata_item a few values
+ for sz in [256, 257, 511, 1023]:
+ key = "k" * sz
+ meta = {key: 'data1'}
+ self.assertRaises(exceptions.OverLimit,
+ self.create_test_server,
+ meta=meta)
+
+ # no teardown - all creates should fail
+
+ @test.attr(type=['negative', 'gate'])
+ def test_create_server_metadata_blank_key(self):
+ # Blank key should trigger an error.
+ meta = {'': 'data1'}
+ self.assertRaises(exceptions.BadRequest,
+ self.create_test_server,
+ meta=meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_server_metadata_non_existent_server(self):
+ # GET on a non-existent server should not succeed
+ non_existent_server_id = data_utils.rand_uuid()
+ self.assertRaises(exceptions.NotFound,
+ self.client.get_server_metadata_item,
+ non_existent_server_id,
+ 'test2')
+
+ @test.attr(type=['negative', 'gate'])
+ def test_list_server_metadata_non_existent_server(self):
+ # List metadata on a non-existent server should not succeed
+ non_existent_server_id = data_utils.rand_uuid()
+ self.assertRaises(exceptions.NotFound,
+ self.client.list_server_metadata,
+ non_existent_server_id)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_wrong_key_passed_in_body(self):
+ # Raise BadRequest if key in uri does not match
+ # the key passed in body.
+ meta = {'testkey': 'testvalue'}
+ self.assertRaises(exceptions.BadRequest,
+ self.client.set_server_metadata_item,
+ self.server_id, 'key', meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_set_metadata_non_existent_server(self):
+ # Set metadata on a non-existent server should not succeed
+ non_existent_server_id = data_utils.rand_uuid()
+ meta = {'meta1': 'data1'}
+ self.assertRaises(exceptions.NotFound,
+ self.client.set_server_metadata,
+ non_existent_server_id,
+ meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_update_metadata_non_existent_server(self):
+ # An update should not happen for a non-existent server
+ non_existent_server_id = data_utils.rand_uuid()
+ meta = {'key1': 'value1', 'key2': 'value2'}
+ self.assertRaises(exceptions.NotFound,
+ self.client.update_server_metadata,
+ non_existent_server_id,
+ meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_update_metadata_with_blank_key(self):
+ # Blank key should trigger an error
+ meta = {'': 'data1'}
+ self.assertRaises(exceptions.BadRequest,
+ self.client.update_server_metadata,
+ self.server_id, meta=meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_delete_metadata_non_existent_server(self):
+ # Should not be able to delete metadata item from a non-existent server
+ non_existent_server_id = data_utils.rand_uuid()
+ self.assertRaises(exceptions.NotFound,
+ self.client.delete_server_metadata_item,
+ non_existent_server_id,
+ 'd')
+
+ @test.attr(type=['negative', 'gate'])
+ def test_metadata_items_limit(self):
+ # Raise a 413 OverLimit exception while exceeding metadata items limit
+ # for tenant.
+ _, quota_set = self.quotas.get_quota_set(self.tenant_id)
+ quota_metadata = quota_set['metadata_items']
+ req_metadata = {}
+ for num in range(1, quota_metadata + 2):
+ req_metadata['key' + str(num)] = 'val' + str(num)
+ self.assertRaises(exceptions.OverLimit,
+ self.client.set_server_metadata,
+ self.server_id, req_metadata)
+
+ # Raise a 413 OverLimit exception while exceeding metadata items limit
+ # for tenant (update).
+ self.assertRaises(exceptions.OverLimit,
+ self.client.update_server_metadata,
+ self.server_id, req_metadata)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_set_server_metadata_blank_key(self):
+ # Raise a bad request error for blank key.
+ # set_server_metadata will replace all metadata with new value
+ meta = {'': 'data1'}
+ self.assertRaises(exceptions.BadRequest,
+ self.client.set_server_metadata,
+ self.server_id, meta=meta)
+
+ @test.attr(type=['negative', 'gate'])
+ def test_set_server_metadata_missing_metadata(self):
+ # Raise a bad request error for a missing metadata field
+ # set_server_metadata will replace all metadata with new value
+ meta = {'meta1': 'data1'}
+ self.assertRaises(exceptions.BadRequest,
+ self.client.set_server_metadata,
+ self.server_id, meta=meta, no_metadata_field=True)
+
+
+class ServerMetadataNegativeTestXML(ServerMetadataNegativeTestJSON):
+ _interface = 'xml'
diff --git a/tempest/api/compute/v3/admin/test_servers.py b/tempest/api/compute/v3/admin/test_servers.py
index f6f5673..a8e1a0a 100644
--- a/tempest/api/compute/v3/admin/test_servers.py
+++ b/tempest/api/compute/v3/admin/test_servers.py
@@ -15,6 +15,7 @@
from tempest.api.compute import base
from tempest.common.utils import data_utils
from tempest import exceptions
+from tempest import test
from tempest.test import attr
from tempest.test import skip_because
@@ -62,6 +63,7 @@
self.assertEqual('200', resp['status'])
self.assertEqual([], servers)
+ @test.skip_because(bug='1265416')
@attr(type='gate')
def test_list_servers_by_admin_with_all_tenants(self):
# Listing servers by admin user with all tenants parameter
diff --git a/tempest/api/compute/v3/images/test_images_oneserver.py b/tempest/api/compute/v3/images/test_images_oneserver.py
index babf452..fb54942 100644
--- a/tempest/api/compute/v3/images/test_images_oneserver.py
+++ b/tempest/api/compute/v3/images/test_images_oneserver.py
@@ -119,10 +119,6 @@
@attr(type=['gate'])
def test_create_image_specify_multibyte_character_image_name(self):
- if self.__class__._interface == "xml":
- # NOTE(sdague): not entirely accurage, but we'd need a ton of work
- # in our XML client to make this good
- raise self.skipException("Not testable in XML")
# prefix character is:
# http://www.fileformat.info/info/unicode/char/1F4A9/index.htm
utf8_name = data_utils.rand_name(u'\xF0\x9F\x92\xA9')
diff --git a/tempest/api/compute/v3/images/test_images_oneserver_negative.py b/tempest/api/compute/v3/images/test_images_oneserver_negative.py
index dc628dc..d9e7882 100644
--- a/tempest/api/compute/v3/images/test_images_oneserver_negative.py
+++ b/tempest/api/compute/v3/images/test_images_oneserver_negative.py
@@ -85,8 +85,6 @@
@skip_because(bug="1006725")
@attr(type=['negative', 'gate'])
def test_create_image_specify_multibyte_character_image_name(self):
- if self.__class__._interface == "xml":
- raise self.skipException("Not testable in XML")
# invalid multibyte sequence from:
# http://stackoverflow.com/questions/1301402/
# example-invalid-utf8-string
diff --git a/tempest/api/compute/v3/images/test_list_image_filters.py b/tempest/api/compute/v3/images/test_list_image_filters.py
index ad93b3d..f654920 100644
--- a/tempest/api/compute/v3/images/test_list_image_filters.py
+++ b/tempest/api/compute/v3/images/test_list_image_filters.py
@@ -135,8 +135,6 @@
# Verify only the expected number of results are returned
params = {'limit': '1'}
resp, images = self.client.list_images(params)
- # when _interface='xml', one element for images_links in images
- # ref: Question #224349
self.assertEqual(1, len([x for x in images if 'id' in x]))
@attr(type='gate')
diff --git a/tempest/api/compute/v3/servers/test_list_server_filters.py b/tempest/api/compute/v3/servers/test_list_server_filters.py
index 15d6fa2..8698d97 100644
--- a/tempest/api/compute/v3/servers/test_list_server_filters.py
+++ b/tempest/api/compute/v3/servers/test_list_server_filters.py
@@ -123,7 +123,6 @@
# Verify only the expected number of servers are returned
params = {'limit': 1}
resp, servers = self.client.list_servers(params)
- # when _interface='xml', one element for servers_links in servers
self.assertEqual(1, len([x for x in servers['servers'] if 'id' in x]))
@utils.skip_unless_attr('multiple_images', 'Only one image found')
diff --git a/tempest/api/compute/v3/servers/test_list_servers_negative.py b/tempest/api/compute/v3/servers/test_list_servers_negative.py
index 10d36bf..23f2bda 100644
--- a/tempest/api/compute/v3/servers/test_list_servers_negative.py
+++ b/tempest/api/compute/v3/servers/test_list_servers_negative.py
@@ -103,7 +103,6 @@
# List servers by specifying limits
resp, body = self.client.list_servers({'limit': 1})
self.assertEqual('200', resp['status'])
- # when _interface='xml', one element for servers_links in servers
self.assertEqual(1, len([x for x in body['servers'] if 'id' in x]))
@attr(type=['negative', 'gate'])
diff --git a/tempest/api/compute/v3/servers/test_servers_negative.py b/tempest/api/compute/v3/servers/test_servers_negative.py
index e58d33d..aadba77 100644
--- a/tempest/api/compute/v3/servers/test_servers_negative.py
+++ b/tempest/api/compute/v3/servers/test_servers_negative.py
@@ -155,9 +155,6 @@
@test.attr(type=['negative', 'gate'])
def test_create_numeric_server_name(self):
# Create a server with a numeric name
- if self.__class__._interface == "xml":
- raise self.skipException("Not testable in XML")
-
server_name = 12345
self.assertRaises(exceptions.BadRequest,
self.create_test_server,
diff --git a/tempest/api/compute/volumes/test_volumes_get.py b/tempest/api/compute/volumes/test_volumes_get.py
index d8cc190..b5a4802 100644
--- a/tempest/api/compute/volumes/test_volumes_get.py
+++ b/tempest/api/compute/volumes/test_volumes_get.py
@@ -55,7 +55,7 @@
# GET Volume
resp, fetched_volume = self.client.get_volume(volume['id'])
self.assertEqual(200, resp.status)
- # Verfication of details of fetched Volume
+ # Verification of details of fetched Volume
self.assertEqual(v_name,
fetched_volume['displayName'],
'The fetched Volume is different '
diff --git a/tempest/api/data_processing/__init__.py b/tempest/api/data_processing/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tempest/api/data_processing/__init__.py
diff --git a/tempest/api/data_processing/base.py b/tempest/api/data_processing/base.py
new file mode 100644
index 0000000..ab882cd
--- /dev/null
+++ b/tempest/api/data_processing/base.py
@@ -0,0 +1,91 @@
+# Copyright (c) 2013 Mirantis Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from tempest import config
+import tempest.test
+
+
+CONF = config.CONF
+
+
+class BaseDataProcessingTest(tempest.test.BaseTestCase):
+ _interface = 'json'
+
+ @classmethod
+ def setUpClass(cls):
+ super(BaseDataProcessingTest, cls).setUpClass()
+ os = cls.get_client_manager()
+ if not CONF.service_available.savanna:
+ raise cls.skipException("Savanna support is required")
+ cls.client = os.data_processing_client
+
+ # set some constants
+ cls.flavor_ref = CONF.compute.flavor_ref
+ cls.simple_node_group_template = {
+ 'plugin_name': 'vanilla',
+ 'hadoop_version': '1.2.1',
+ 'node_processes': [
+ "datanode",
+ "tasktracker"
+ ],
+ 'flavor_id': cls.flavor_ref,
+ 'node_configs': {
+ 'HDFS': {
+ 'Data Node Heap Size': 1024
+ },
+ 'MapReduce': {
+ 'Task Tracker Heap Size': 1024
+ }
+ }
+ }
+
+ # add lists for watched resources
+ cls._node_group_templates = []
+
+ @classmethod
+ def tearDownClass(cls):
+ # cleanup node group templates
+ for ngt_id in cls._node_group_templates:
+ try:
+ cls.client.delete_node_group_template(ngt_id)
+ except Exception:
+ # ignore errors while auto removing created resource
+ pass
+
+ super(BaseDataProcessingTest, cls).tearDownClass()
+
+ @classmethod
+ def create_node_group_template(cls, name, plugin_name, hadoop_version,
+ node_processes, flavor_id,
+ node_configs=None, **kwargs):
+ """Creates watched node group template with specified params.
+
+ It supports passing additional params using kwargs and returns created
+ object. All resources created in this method will be automatically
+ removed in tearDownClass method.
+ """
+
+ resp, body = cls.client.create_node_group_template(name, plugin_name,
+ hadoop_version,
+ node_processes,
+ flavor_id,
+ node_configs,
+ **kwargs)
+
+ # store id of created node group template
+ template_id = body['id']
+ cls._node_group_templates.append(template_id)
+
+ return resp, body, template_id
diff --git a/tempest/api/data_processing/test_node_group_templates.py b/tempest/api/data_processing/test_node_group_templates.py
new file mode 100644
index 0000000..ff4fa6a
--- /dev/null
+++ b/tempest/api/data_processing/test_node_group_templates.py
@@ -0,0 +1,83 @@
+# Copyright (c) 2013 Mirantis Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from tempest.api.data_processing import base as dp_base
+from tempest.common.utils import data_utils
+from tempest.test import attr
+
+
+class NodeGroupTemplateTest(dp_base.BaseDataProcessingTest):
+ def _create_simple_node_group_template(self, template_name=None):
+ """Creates simple Node Group Template with optional name specified.
+
+ It creates template and ensures response status and template name.
+ Returns id and name of created template.
+ """
+
+ if template_name is None:
+ # generate random name if it's not specified
+ template_name = data_utils.rand_name('savanna')
+
+ # create simple node group template
+ resp, body, template_id = self.create_node_group_template(
+ template_name, **self.simple_node_group_template)
+
+ # ensure that template created successfully
+ self.assertEqual(202, resp.status)
+ self.assertEqual(template_name, body['name'])
+
+ return template_id, template_name
+
+ @attr(type='smoke')
+ def test_node_group_template_create(self):
+ # just create and ensure template
+ self._create_simple_node_group_template()
+
+ @attr(type='smoke')
+ def test_node_group_template_list(self):
+ template_info = self._create_simple_node_group_template()
+
+ # check for node group template in list
+ resp, templates = self.client.list_node_group_templates()
+
+ self.assertEqual(200, resp.status)
+ templates_info = list([(template['id'], template['name'])
+ for template in templates])
+ self.assertIn(template_info, templates_info)
+
+ @attr(type='smoke')
+ def test_node_group_template_get(self):
+ template_id, template_name = self._create_simple_node_group_template()
+
+ # check node group template fetch by id
+ resp, template = self.client.get_node_group_template(template_id)
+
+ self.assertEqual(200, resp.status)
+ self.assertEqual(template_name, template['name'])
+ self.assertEqual(self.simple_node_group_template['plugin_name'],
+ template['plugin_name'])
+ self.assertEqual(self.simple_node_group_template['node_processes'],
+ template['node_processes'])
+ self.assertEqual(self.simple_node_group_template['flavor_id'],
+ template['flavor_id'])
+
+ @attr(type='smoke')
+ def test_node_group_template_delete(self):
+ template_id, template_name = self._create_simple_node_group_template()
+
+ # delete the node group template by id
+ resp = self.client.delete_node_group_template(template_id)
+
+ self.assertEqual('204', resp[0]['status'])
diff --git a/tempest/api/identity/admin/test_roles_negative.py b/tempest/api/identity/admin/test_roles_negative.py
index 4eaa255..e316dc7 100644
--- a/tempest/api/identity/admin/test_roles_negative.py
+++ b/tempest/api/identity/admin/test_roles_negative.py
@@ -134,14 +134,6 @@
self.client.clear_auth()
@attr(type=['negative', 'gate'])
- def test_assign_user_role_for_non_existent_user(self):
- # Attempt to assign a role to a non existent user should fail
- (user, tenant, role) = self._get_role_params()
- non_existent_user = str(uuid.uuid4().hex)
- self.assertRaises(exceptions.NotFound, self.client.assign_user_role,
- tenant['id'], non_existent_user, role['id'])
-
- @attr(type=['negative', 'gate'])
def test_assign_user_role_for_non_existent_role(self):
# Attempt to assign a non existent role to user should fail
(user, tenant, role) = self._get_role_params()
@@ -192,17 +184,6 @@
self.client.clear_auth()
@attr(type=['negative', 'gate'])
- def test_remove_user_role_non_existent_user(self):
- # Attempt to remove a role from a non existent user should fail
- (user, tenant, role) = self._get_role_params()
- resp, user_role = self.client.assign_user_role(tenant['id'],
- user['id'],
- role['id'])
- non_existent_user = str(uuid.uuid4().hex)
- self.assertRaises(exceptions.NotFound, self.client.remove_user_role,
- tenant['id'], non_existent_user, role['id'])
-
- @attr(type=['negative', 'gate'])
def test_remove_user_role_non_existent_role(self):
# Attempt to delete a non existent role from a user should fail
(user, tenant, role) = self._get_role_params()
@@ -247,14 +228,6 @@
finally:
self.client.clear_auth()
- @attr(type=['negative', 'gate'])
- def test_list_user_roles_for_non_existent_user(self):
- # Attempt to list roles of a non existent user should fail
- (user, tenant, role) = self._get_role_params()
- non_existent_user = str(uuid.uuid4().hex)
- self.assertRaises(exceptions.NotFound, self.client.list_user_roles,
- tenant['id'], non_existent_user)
-
class RolesTestXML(RolesNegativeTestJSON):
_interface = 'xml'
diff --git a/tempest/api/network/base.py b/tempest/api/network/base.py
index d7df6b2..0085cd6 100644
--- a/tempest/api/network/base.py
+++ b/tempest/api/network/base.py
@@ -115,13 +115,13 @@
"""Wrapper utility that returns a test network."""
network_name = network_name or data_utils.rand_name('test-network-')
- resp, body = cls.client.create_network(network_name)
+ resp, body = cls.client.create_network(name=network_name)
network = body['network']
cls.networks.append(network)
return network
@classmethod
- def create_subnet(cls, network):
+ def create_subnet(cls, network, ip_version=4):
"""Wrapper utility that returns a test subnet."""
cidr = netaddr.IPNetwork(cls.network_cfg.tenant_network_cidr)
mask_bits = cls.network_cfg.tenant_network_mask_bits
@@ -130,8 +130,10 @@
failure = None
for subnet_cidr in cidr.subnet(mask_bits):
try:
- resp, body = cls.client.create_subnet(network['id'],
- str(subnet_cidr))
+ resp, body = cls.client.create_subnet(
+ network_id=network['id'],
+ cidr=str(subnet_cidr),
+ ip_version=ip_version)
break
except exceptions.BadRequest as e:
is_overlapping_cidr = 'overlaps with another subnet' in str(e)
@@ -150,7 +152,7 @@
@classmethod
def create_port(cls, network):
"""Wrapper utility that returns a test port."""
- resp, body = cls.client.create_port(network['id'])
+ resp, body = cls.client.create_port(network_id=network['id'])
port = body['port']
cls.ports.append(port)
return port
diff --git a/tempest/api/network/test_floating_ips.py b/tempest/api/network/test_floating_ips.py
index e050c17..a7c1bd2 100644
--- a/tempest/api/network/test_floating_ips.py
+++ b/tempest/api/network/test_floating_ips.py
@@ -112,7 +112,7 @@
# Create a floating IP
created_floating_ip = self.create_floating_ip(self.ext_net_id)
# Create a port
- resp, port = self.client.create_port(self.network['id'])
+ resp, port = self.client.create_port(network_id=self.network['id'])
created_port = port['port']
resp, floating_ip = self.client.update_floating_ip(
created_floating_ip['id'], port_id=created_port['id'])
diff --git a/tempest/api/network/test_networks.py b/tempest/api/network/test_networks.py
index 4269644..b1f4608 100644
--- a/tempest/api/network/test_networks.py
+++ b/tempest/api/network/test_networks.py
@@ -65,13 +65,13 @@
def test_create_update_delete_network_subnet(self):
# Creates a network
name = data_utils.rand_name('network-')
- resp, body = self.client.create_network(name)
+ resp, body = self.client.create_network(name=name)
self.assertEqual('201', resp['status'])
network = body['network']
net_id = network['id']
# Verification of network update
new_name = "New_network"
- resp, body = self.client.update_network(net_id, new_name)
+ resp, body = self.client.update_network(net_id, name=new_name)
self.assertEqual('200', resp['status'])
updated_net = body['network']
self.assertEqual(updated_net['name'], new_name)
@@ -80,8 +80,10 @@
mask_bits = self.network_cfg.tenant_network_mask_bits
for subnet_cidr in cidr.subnet(mask_bits):
try:
- resp, body = self.client.create_subnet(net_id,
- str(subnet_cidr))
+ resp, body = self.client.create_subnet(
+ network_id=net_id,
+ cidr=str(subnet_cidr),
+ ip_version=4)
break
except exceptions.BadRequest as e:
is_overlapping_cidr = 'overlaps with another subnet' in str(e)
@@ -92,7 +94,8 @@
subnet_id = subnet['id']
# Verification of subnet update
new_subnet = "New_subnet"
- resp, body = self.client.update_subnet(subnet_id, new_subnet)
+ resp, body = self.client.update_subnet(subnet_id,
+ name=new_subnet)
self.assertEqual('200', resp['status'])
updated_subnet = body['subnet']
self.assertEqual(updated_subnet['name'], new_subnet)
@@ -179,12 +182,13 @@
@attr(type='smoke')
def test_create_update_delete_port(self):
# Verify that successful port creation, update & deletion
- resp, body = self.client.create_port(self.network['id'])
+ resp, body = self.client.create_port(
+ network_id=self.network['id'])
self.assertEqual('201', resp['status'])
port = body['port']
# Verification of port update
new_port = "New_Port"
- resp, body = self.client.update_port(port['id'], new_port)
+ resp, body = self.client.update_port(port['id'], name=new_port)
self.assertEqual('200', resp['status'])
updated_port = body['port']
self.assertEqual(updated_port['name'], new_port)
@@ -241,7 +245,7 @@
bulk network creation
bulk subnet creation
- bulk subnet creation
+ bulk port creation
list tenant's networks
v2.0 of the Neutron API is assumed. It is also assumed that the following
diff --git a/tempest/api/network/test_networks_negative.py b/tempest/api/network/test_networks_negative.py
index 67306e9..89c8a9f 100644
--- a/tempest/api/network/test_networks_negative.py
+++ b/tempest/api/network/test_networks_negative.py
@@ -45,7 +45,7 @@
def test_update_non_existent_network(self):
non_exist_id = data_utils.rand_name('network')
self.assertRaises(exceptions.NotFound, self.client.update_network,
- non_exist_id, "new_name")
+ non_exist_id, name="new_name")
@attr(type=['negative', 'smoke'])
def test_delete_non_existent_network(self):
diff --git a/tempest/api/network/test_routers.py b/tempest/api/network/test_routers.py
index e746597..426273c 100644
--- a/tempest/api/network/test_routers.py
+++ b/tempest/api/network/test_routers.py
@@ -94,7 +94,8 @@
network = self.create_network()
self.create_subnet(network)
router = self.create_router(data_utils.rand_name('router-'))
- resp, port_body = self.client.create_port(network['id'])
+ resp, port_body = self.client.create_port(
+ network_id=network['id'])
# add router interface to port created above
resp, interface = self.client.add_router_interface_with_port_id(
router['id'], port_body['port']['id'])
diff --git a/tempest/api/object_storage/test_account_quotas.py b/tempest/api/object_storage/test_account_quotas.py
index 6312f69..cacc66e 100644
--- a/tempest/api/object_storage/test_account_quotas.py
+++ b/tempest/api/object_storage/test_account_quotas.py
@@ -17,12 +17,9 @@
from tempest.api.object_storage import base
from tempest import clients
from tempest.common.utils import data_utils
-from tempest import config
from tempest import exceptions
from tempest import test
-CONF = config.CONF
-
class AccountQuotasTest(base.BaseObjectTest):
@@ -106,15 +103,6 @@
self.assertEqual(resp["status"], "201")
self.assertHeaders(resp, 'Object', 'PUT')
- @test.attr(type=["negative", "smoke"])
- @test.requires_ext(extension='account_quotas', service='object')
- def test_upload_large_object(self):
- object_name = data_utils.rand_name(name="TestObject")
- data = data_utils.arbitrary_string(30)
- self.assertRaises(exceptions.OverLimit,
- self.object_client.create_object,
- self.container_name, object_name, data)
-
@test.attr(type=["smoke"])
@test.requires_ext(extension='account_quotas', service='object')
def test_admin_modify_quota(self):
@@ -138,20 +126,3 @@
self.assertEqual(resp["status"], "204")
self.assertHeaders(resp, 'Account', 'POST')
-
- @test.attr(type=["negative", "smoke"])
- @test.requires_ext(extension='account_quotas', service='object')
- def test_user_modify_quota(self):
- """Test that a user is not able to modify or remove a quota on
- its account.
- """
-
- # Not able to remove quota
- self.assertRaises(exceptions.Unauthorized,
- self.account_client.create_account_metadata,
- {"Quota-Bytes": ""})
-
- # Not able to modify quota
- self.assertRaises(exceptions.Unauthorized,
- self.account_client.create_account_metadata,
- {"Quota-Bytes": "100"})
diff --git a/tempest/api/object_storage/test_account_quotas_negative.py b/tempest/api/object_storage/test_account_quotas_negative.py
new file mode 100644
index 0000000..e35cd17
--- /dev/null
+++ b/tempest/api/object_storage/test_account_quotas_negative.py
@@ -0,0 +1,119 @@
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
+#
+# Author: Joe H. Rahme <joe.hakim.rahme@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.object_storage import base
+from tempest import clients
+from tempest.common.utils import data_utils
+from tempest import exceptions
+from tempest import test
+
+
+class AccountQuotasNegativeTest(base.BaseObjectTest):
+
+ @classmethod
+ def setUpClass(cls):
+ super(AccountQuotasNegativeTest, cls).setUpClass()
+ cls.container_name = data_utils.rand_name(name="TestContainer")
+ cls.container_client.create_container(cls.container_name)
+
+ cls.data.setup_test_user()
+
+ cls.os_reselleradmin = clients.Manager(
+ cls.data.test_user,
+ cls.data.test_password,
+ cls.data.test_tenant)
+
+ # Retrieve the ResellerAdmin role id
+ reseller_role_id = None
+ try:
+ _, roles = cls.os_admin.identity_client.list_roles()
+ reseller_role_id = next(r['id'] for r in roles if r['name']
+ == 'ResellerAdmin')
+ except StopIteration:
+ msg = "No ResellerAdmin role found"
+ raise exceptions.NotFound(msg)
+
+ # Retrieve the ResellerAdmin tenant id
+ _, users = cls.os_admin.identity_client.get_users()
+ reseller_user_id = next(usr['id'] for usr in users if usr['name']
+ == cls.data.test_user)
+
+ # Retrieve the ResellerAdmin tenant id
+ _, tenants = cls.os_admin.identity_client.list_tenants()
+ reseller_tenant_id = next(tnt['id'] for tnt in tenants if tnt['name']
+ == cls.data.test_tenant)
+
+ # Assign the newly created user the appropriate ResellerAdmin role
+ cls.os_admin.identity_client.assign_user_role(
+ reseller_tenant_id,
+ reseller_user_id,
+ reseller_role_id)
+
+ # Retrieve a ResellerAdmin auth token and use it to set a quota
+ # on the client's account
+ cls.reselleradmin_token = cls.token_client.get_token(
+ cls.data.test_user,
+ cls.data.test_password,
+ cls.data.test_tenant)
+
+ def setUp(self):
+ super(AccountQuotasNegativeTest, self).setUp()
+
+ # Set a quota of 20 bytes on the user's account before each test
+ headers = {"X-Auth-Token": self.reselleradmin_token,
+ "X-Account-Meta-Quota-Bytes": "20"}
+
+ self.os.custom_account_client.request("POST", "", headers, "")
+
+ def tearDown(self):
+ # remove the quota from the container
+ headers = {"X-Auth-Token": self.reselleradmin_token,
+ "X-Remove-Account-Meta-Quota-Bytes": "x"}
+
+ self.os.custom_account_client.request("POST", "", headers, "")
+ super(AccountQuotasNegativeTest, self).tearDown()
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.delete_containers([cls.container_name])
+ cls.data.teardown_all()
+ super(AccountQuotasNegativeTest, cls).tearDownClass()
+
+ @test.attr(type=["negative", "smoke"])
+ @test.requires_ext(extension='account_quotas', service='object')
+ def test_user_modify_quota(self):
+ """Test that a user is not able to modify or remove a quota on
+ its account.
+ """
+
+ # Not able to remove quota
+ self.assertRaises(exceptions.Unauthorized,
+ self.account_client.create_account_metadata,
+ {"Quota-Bytes": ""})
+
+ # Not able to modify quota
+ self.assertRaises(exceptions.Unauthorized,
+ self.account_client.create_account_metadata,
+ {"Quota-Bytes": "100"})
+
+ @test.attr(type=["negative", "smoke"])
+ @test.requires_ext(extension='account_quotas', service='object')
+ def test_upload_large_object(self):
+ object_name = data_utils.rand_name(name="TestObject")
+ data = data_utils.arbitrary_string(30)
+ self.assertRaises(exceptions.OverLimit,
+ self.object_client.create_object,
+ self.container_name, object_name, data)
diff --git a/tempest/api/object_storage/test_account_services.py b/tempest/api/object_storage/test_account_services.py
index 2a1bf0d..79fd99d 100644
--- a/tempest/api/object_storage/test_account_services.py
+++ b/tempest/api/object_storage/test_account_services.py
@@ -18,7 +18,6 @@
from tempest.api.object_storage import base
from tempest.common import custom_matchers
from tempest.common.utils import data_utils
-from tempest import exceptions
from tempest.test import attr
from tempest.test import HTTP_SUCCESS
@@ -154,26 +153,3 @@
resp, _ = self.account_client.list_account_metadata()
self.assertHeaders(resp, 'Account', 'HEAD')
self.assertNotIn('x-account-meta-' + header, resp)
-
- @attr(type=['negative', 'gate'])
- def test_list_containers_with_non_authorized_user(self):
- # list containers using non-authorized user
-
- # create user
- self.data.setup_test_user()
- resp, body = \
- self.token_client.auth(self.data.test_user,
- self.data.test_password,
- self.data.test_tenant)
- new_token = \
- self.token_client.get_token(self.data.test_user,
- self.data.test_password,
- self.data.test_tenant)
- custom_headers = {'X-Auth-Token': new_token}
- params = {'format': 'json'}
- # list containers with non-authorized user token
- self.assertRaises(exceptions.Unauthorized,
- self.custom_account_client.list_account_containers,
- params=params, metadata=custom_headers)
- # delete the user which was created
- self.data.teardown_all()
diff --git a/tempest/api/object_storage/test_account_services_negative.py b/tempest/api/object_storage/test_account_services_negative.py
new file mode 100644
index 0000000..3b07e17
--- /dev/null
+++ b/tempest/api/object_storage/test_account_services_negative.py
@@ -0,0 +1,46 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
+#
+# Author: Joe H. Rahme <joe.hakim.rahme@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.object_storage import base
+from tempest import exceptions
+from tempest.test import attr
+
+
+class AccountNegativeTest(base.BaseObjectTest):
+
+ @attr(type=['negative', 'gate'])
+ def test_list_containers_with_non_authorized_user(self):
+ # list containers using non-authorized user
+
+ # create user
+ self.data.setup_test_user()
+ self.token_client.auth(self.data.test_user,
+ self.data.test_password,
+ self.data.test_tenant)
+ new_token = \
+ self.token_client.get_token(self.data.test_user,
+ self.data.test_password,
+ self.data.test_tenant)
+ custom_headers = {'X-Auth-Token': new_token}
+ params = {'format': 'json'}
+ # list containers with non-authorized user token
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_account_client.list_account_containers,
+ params=params, metadata=custom_headers)
+ # delete the user which was created
+ self.data.teardown_all()
diff --git a/tempest/api/object_storage/test_container_acl.py b/tempest/api/object_storage/test_container_acl.py
index a01b703..0733524 100644
--- a/tempest/api/object_storage/test_container_acl.py
+++ b/tempest/api/object_storage/test_container_acl.py
@@ -15,7 +15,6 @@
from tempest.api.object_storage import base
from tempest.common.utils import data_utils
-from tempest import exceptions
from tempest.test import attr
from tempest.test import HTTP_SUCCESS
@@ -44,108 +43,6 @@
self.delete_containers([self.container_name])
super(ObjectTestACLs, self).tearDown()
- @attr(type=['negative', 'gate'])
- def test_write_object_without_using_creds(self):
- # trying to create object with empty headers
- # X-Auth-Token is not provided
- object_name = data_utils.rand_name(name='Object')
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.create_object,
- self.container_name, object_name, 'data')
-
- @attr(type=['negative', 'gate'])
- def test_delete_object_without_using_creds(self):
- # create object
- object_name = data_utils.rand_name(name='Object')
- resp, _ = self.object_client.create_object(self.container_name,
- object_name, 'data')
- # trying to delete object with empty headers
- # X-Auth-Token is not provided
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.delete_object,
- self.container_name, object_name)
-
- @attr(type=['negative', 'gate'])
- def test_write_object_with_non_authorized_user(self):
- # attempt to upload another file using non-authorized user
- # User provided token is forbidden. ACL are not set
- object_name = data_utils.rand_name(name='Object')
- # trying to create object with non-authorized user
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.create_object,
- self.container_name, object_name, 'data',
- metadata=self.custom_headers)
-
- @attr(type=['negative', 'gate'])
- def test_read_object_with_non_authorized_user(self):
- # attempt to read object using non-authorized user
- # User provided token is forbidden. ACL are not set
- object_name = data_utils.rand_name(name='Object')
- resp, _ = self.object_client.create_object(
- self.container_name, object_name, 'data')
- self.assertEqual(resp['status'], '201')
- self.assertHeaders(resp, 'Object', 'PUT')
- # trying to get object with non authorized user token
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.get_object,
- self.container_name, object_name,
- metadata=self.custom_headers)
-
- @attr(type=['negative', 'gate'])
- def test_delete_object_with_non_authorized_user(self):
- # attempt to delete object using non-authorized user
- # User provided token is forbidden. ACL are not set
- object_name = data_utils.rand_name(name='Object')
- resp, _ = self.object_client.create_object(
- self.container_name, object_name, 'data')
- self.assertEqual(resp['status'], '201')
- self.assertHeaders(resp, 'Object', 'PUT')
- # trying to delete object with non-authorized user token
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.delete_object,
- self.container_name, object_name,
- metadata=self.custom_headers)
-
- @attr(type=['negative', 'smoke'])
- def test_read_object_without_rights(self):
- # attempt to read object using non-authorized user
- # update X-Container-Read metadata ACL
- cont_headers = {'X-Container-Read': 'badtenant:baduser'}
- resp_meta, body = self.container_client.update_container_metadata(
- self.container_name, metadata=cont_headers,
- metadata_prefix='')
- self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
- self.assertHeaders(resp_meta, 'Container', 'POST')
- # create object
- object_name = data_utils.rand_name(name='Object')
- resp, _ = self.object_client.create_object(self.container_name,
- object_name, 'data')
- self.assertEqual(resp['status'], '201')
- self.assertHeaders(resp, 'Object', 'PUT')
- # Trying to read the object without rights
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.get_object,
- self.container_name, object_name,
- metadata=self.custom_headers)
-
- @attr(type=['negative', 'smoke'])
- def test_write_object_without_rights(self):
- # attempt to write object using non-authorized user
- # update X-Container-Write metadata ACL
- cont_headers = {'X-Container-Write': 'badtenant:baduser'}
- resp_meta, body = self.container_client.update_container_metadata(
- self.container_name, metadata=cont_headers,
- metadata_prefix='')
- self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
- self.assertHeaders(resp_meta, 'Container', 'POST')
- # Trying to write the object without rights
- object_name = data_utils.rand_name(name='Object')
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.create_object,
- self.container_name,
- object_name, 'data',
- metadata=self.custom_headers)
-
@attr(type='smoke')
def test_read_object_with_rights(self):
# attempt to read object using authorized user
@@ -189,48 +86,3 @@
metadata=self.custom_headers)
self.assertIn(int(resp['status']), HTTP_SUCCESS)
self.assertHeaders(resp, 'Object', 'PUT')
-
- @attr(type=['negative', 'smoke'])
- def test_write_object_without_write_rights(self):
- # attempt to write object using non-authorized user
- # update X-Container-Read and X-Container-Write metadata ACL
- cont_headers = {'X-Container-Read':
- self.data.test_tenant + ':' + self.data.test_user,
- 'X-Container-Write': ''}
- resp_meta, body = self.container_client.update_container_metadata(
- self.container_name, metadata=cont_headers,
- metadata_prefix='')
- self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
- self.assertHeaders(resp_meta, 'Container', 'POST')
- # Trying to write the object without write rights
- object_name = data_utils.rand_name(name='Object')
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.create_object,
- self.container_name,
- object_name, 'data',
- metadata=self.custom_headers)
-
- @attr(type=['negative', 'smoke'])
- def test_delete_object_without_write_rights(self):
- # attempt to delete object using non-authorized user
- # update X-Container-Read and X-Container-Write metadata ACL
- cont_headers = {'X-Container-Read':
- self.data.test_tenant + ':' + self.data.test_user,
- 'X-Container-Write': ''}
- resp_meta, body = self.container_client.update_container_metadata(
- self.container_name, metadata=cont_headers,
- metadata_prefix='')
- self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
- self.assertHeaders(resp_meta, 'Container', 'POST')
- # create object
- object_name = data_utils.rand_name(name='Object')
- resp, _ = self.object_client.create_object(self.container_name,
- object_name, 'data')
- self.assertEqual(resp['status'], '201')
- self.assertHeaders(resp, 'Object', 'PUT')
- # Trying to delete the object without write rights
- self.assertRaises(exceptions.Unauthorized,
- self.custom_object_client.delete_object,
- self.container_name,
- object_name,
- metadata=self.custom_headers)
diff --git a/tempest/api/object_storage/test_container_acl_negative.py b/tempest/api/object_storage/test_container_acl_negative.py
new file mode 100644
index 0000000..e75f21d
--- /dev/null
+++ b/tempest/api/object_storage/test_container_acl_negative.py
@@ -0,0 +1,195 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
+#
+# Author: Joe H. Rahme <joe.hakim.rahme@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.object_storage import base
+from tempest.common.utils import data_utils
+from tempest import exceptions
+from tempest.test import attr
+from tempest.test import HTTP_SUCCESS
+
+
+class ObjectACLsNegativeTest(base.BaseObjectTest):
+ @classmethod
+ def setUpClass(cls):
+ super(ObjectACLsNegativeTest, cls).setUpClass()
+ cls.data.setup_test_user()
+ cls.new_token = cls.token_client.get_token(cls.data.test_user,
+ cls.data.test_password,
+ cls.data.test_tenant)
+ cls.custom_headers = {'X-Auth-Token': cls.new_token}
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.data.teardown_all()
+ super(ObjectACLsNegativeTest, cls).tearDownClass()
+
+ def setUp(self):
+ super(ObjectACLsNegativeTest, self).setUp()
+ self.container_name = data_utils.rand_name(name='TestContainer')
+ self.container_client.create_container(self.container_name)
+
+ def tearDown(self):
+ self.delete_containers([self.container_name])
+ super(ObjectACLsNegativeTest, self).tearDown()
+
+ @attr(type=['negative', 'gate'])
+ def test_write_object_without_using_creds(self):
+ # trying to create object with empty headers
+ # X-Auth-Token is not provided
+ object_name = data_utils.rand_name(name='Object')
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.create_object,
+ self.container_name, object_name, 'data')
+
+ @attr(type=['negative', 'gate'])
+ def test_delete_object_without_using_creds(self):
+ # create object
+ object_name = data_utils.rand_name(name='Object')
+ resp, _ = self.object_client.create_object(self.container_name,
+ object_name, 'data')
+ # trying to delete object with empty headers
+ # X-Auth-Token is not provided
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.delete_object,
+ self.container_name, object_name)
+
+ @attr(type=['negative', 'gate'])
+ def test_write_object_with_non_authorized_user(self):
+ # attempt to upload another file using non-authorized user
+ # User provided token is forbidden. ACL are not set
+ object_name = data_utils.rand_name(name='Object')
+ # trying to create object with non-authorized user
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.create_object,
+ self.container_name, object_name, 'data',
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'gate'])
+ def test_read_object_with_non_authorized_user(self):
+ # attempt to read object using non-authorized user
+ # User provided token is forbidden. ACL are not set
+ object_name = data_utils.rand_name(name='Object')
+ resp, _ = self.object_client.create_object(
+ self.container_name, object_name, 'data')
+ self.assertEqual(resp['status'], '201')
+ self.assertHeaders(resp, 'Object', 'PUT')
+ # trying to get object with non authorized user token
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.get_object,
+ self.container_name, object_name,
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'gate'])
+ def test_delete_object_with_non_authorized_user(self):
+ # attempt to delete object using non-authorized user
+ # User provided token is forbidden. ACL are not set
+ object_name = data_utils.rand_name(name='Object')
+ resp, _ = self.object_client.create_object(
+ self.container_name, object_name, 'data')
+ self.assertEqual(resp['status'], '201')
+ self.assertHeaders(resp, 'Object', 'PUT')
+ # trying to delete object with non-authorized user token
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.delete_object,
+ self.container_name, object_name,
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'smoke'])
+ def test_read_object_without_rights(self):
+ # attempt to read object using non-authorized user
+ # update X-Container-Read metadata ACL
+ cont_headers = {'X-Container-Read': 'badtenant:baduser'}
+ resp_meta, body = self.container_client.update_container_metadata(
+ self.container_name, metadata=cont_headers,
+ metadata_prefix='')
+ self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
+ self.assertHeaders(resp_meta, 'Container', 'POST')
+ # create object
+ object_name = data_utils.rand_name(name='Object')
+ resp, _ = self.object_client.create_object(self.container_name,
+ object_name, 'data')
+ self.assertEqual(resp['status'], '201')
+ self.assertHeaders(resp, 'Object', 'PUT')
+ # Trying to read the object without rights
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.get_object,
+ self.container_name, object_name,
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'smoke'])
+ def test_write_object_without_rights(self):
+ # attempt to write object using non-authorized user
+ # update X-Container-Write metadata ACL
+ cont_headers = {'X-Container-Write': 'badtenant:baduser'}
+ resp_meta, body = self.container_client.update_container_metadata(
+ self.container_name, metadata=cont_headers,
+ metadata_prefix='')
+ self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
+ self.assertHeaders(resp_meta, 'Container', 'POST')
+ # Trying to write the object without rights
+ object_name = data_utils.rand_name(name='Object')
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.create_object,
+ self.container_name,
+ object_name, 'data',
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'smoke'])
+ def test_write_object_without_write_rights(self):
+ # attempt to write object using non-authorized user
+ # update X-Container-Read and X-Container-Write metadata ACL
+ cont_headers = {'X-Container-Read':
+ self.data.test_tenant + ':' + self.data.test_user,
+ 'X-Container-Write': ''}
+ resp_meta, body = self.container_client.update_container_metadata(
+ self.container_name, metadata=cont_headers,
+ metadata_prefix='')
+ self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
+ self.assertHeaders(resp_meta, 'Container', 'POST')
+ # Trying to write the object without write rights
+ object_name = data_utils.rand_name(name='Object')
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.create_object,
+ self.container_name,
+ object_name, 'data',
+ metadata=self.custom_headers)
+
+ @attr(type=['negative', 'smoke'])
+ def test_delete_object_without_write_rights(self):
+ # attempt to delete object using non-authorized user
+ # update X-Container-Read and X-Container-Write metadata ACL
+ cont_headers = {'X-Container-Read':
+ self.data.test_tenant + ':' + self.data.test_user,
+ 'X-Container-Write': ''}
+ resp_meta, body = self.container_client.update_container_metadata(
+ self.container_name, metadata=cont_headers,
+ metadata_prefix='')
+ self.assertIn(int(resp_meta['status']), HTTP_SUCCESS)
+ self.assertHeaders(resp_meta, 'Container', 'POST')
+ # create object
+ object_name = data_utils.rand_name(name='Object')
+ resp, _ = self.object_client.create_object(self.container_name,
+ object_name, 'data')
+ self.assertEqual(resp['status'], '201')
+ self.assertHeaders(resp, 'Object', 'PUT')
+ # Trying to delete the object without write rights
+ self.assertRaises(exceptions.Unauthorized,
+ self.custom_object_client.delete_object,
+ self.container_name,
+ object_name,
+ metadata=self.custom_headers)
diff --git a/tempest/api/object_storage/test_object_formpost.py b/tempest/api/object_storage/test_object_formpost.py
index 621a693..6f46ec9 100644
--- a/tempest/api/object_storage/test_object_formpost.py
+++ b/tempest/api/object_storage/test_object_formpost.py
@@ -116,21 +116,3 @@
self.assertIn(int(resp['status']), HTTP_SUCCESS)
self.assertHeaders(resp, "Object", "GET")
self.assertEqual(body, "hello world")
-
- @attr(type=['gate', 'negative'])
- def test_post_object_using_form_expired(self):
- body, content_type = self.get_multipart_form(expires=1)
- time.sleep(2)
-
- headers = {'Content-Type': content_type,
- 'Content-Length': str(len(body))}
-
- url = "%s/%s/%s" % (self.container_client.base_url,
- self.container_name,
- self.object_name)
-
- # Use a raw request, otherwise authentication headers are used
- resp, body = self.object_client.http_obj.request(url, "POST",
- body, headers=headers)
- self.assertEqual(int(resp['status']), 401)
- self.assertIn('FormPost: Form Expired', body)
diff --git a/tempest/api/object_storage/test_object_formpost_negative.py b/tempest/api/object_storage/test_object_formpost_negative.py
new file mode 100644
index 0000000..a07e277
--- /dev/null
+++ b/tempest/api/object_storage/test_object_formpost_negative.py
@@ -0,0 +1,112 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
+# Author: Joe H. Rahme <joe.hakim.rahme@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import hashlib
+import hmac
+import time
+import urlparse
+
+from tempest.api.object_storage import base
+from tempest.common.utils import data_utils
+from tempest.test import attr
+
+
+class ObjectFormPostNegativeTest(base.BaseObjectTest):
+
+ @classmethod
+ def setUpClass(cls):
+ super(ObjectFormPostNegativeTest, cls).setUpClass()
+ cls.container_name = data_utils.rand_name(name='TestContainer')
+ cls.object_name = data_utils.rand_name(name='ObjectTemp')
+
+ cls.container_client.create_container(cls.container_name)
+ cls.containers = [cls.container_name]
+
+ cls.key = 'Meta'
+ cls.metadata = {'Temp-URL-Key': cls.key}
+ cls.account_client.create_account_metadata(metadata=cls.metadata)
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.account_client.delete_account_metadata(metadata=cls.metadata)
+ cls.delete_containers(cls.containers)
+ cls.data.teardown_all()
+ super(ObjectFormPostNegativeTest, cls).tearDownClass()
+
+ def get_multipart_form(self, expires=600):
+ path = "%s/%s/%s" % (
+ urlparse.urlparse(self.container_client.base_url).path,
+ self.container_name,
+ self.object_name)
+
+ redirect = ''
+ max_file_size = 104857600
+ max_file_count = 10
+ expires += int(time.time())
+ hmac_body = '%s\n%s\n%s\n%s\n%s' % (path,
+ redirect,
+ max_file_size,
+ max_file_count,
+ expires)
+
+ signature = hmac.new(self.key, hmac_body, hashlib.sha1).hexdigest()
+
+ fields = {'redirect': redirect,
+ 'max_file_size': str(max_file_size),
+ 'max_file_count': str(max_file_count),
+ 'expires': str(expires),
+ 'signature': signature}
+
+ boundary = '--boundary--'
+ data = []
+ for (key, value) in fields.items():
+ data.append('--' + boundary)
+ data.append('Content-Disposition: form-data; name="%s"' % key)
+ data.append('')
+ data.append(value)
+
+ data.append('--' + boundary)
+ data.append('Content-Disposition: form-data; '
+ 'name="file1"; filename="testfile"')
+ data.append('Content-Type: application/octet-stream')
+ data.append('')
+ data.append('hello world')
+
+ data.append('--' + boundary + '--')
+ data.append('')
+
+ body = '\r\n'.join(data)
+ content_type = 'multipart/form-data; boundary=%s' % boundary
+ return body, content_type
+
+ @attr(type=['gate', 'negative'])
+ def test_post_object_using_form_expired(self):
+ body, content_type = self.get_multipart_form(expires=1)
+ time.sleep(2)
+
+ headers = {'Content-Type': content_type,
+ 'Content-Length': str(len(body))}
+
+ url = "%s/%s/%s" % (self.container_client.base_url,
+ self.container_name,
+ self.object_name)
+
+ # Use a raw request, otherwise authentication headers are used
+ resp, body = self.object_client.http_obj.request(url, "POST",
+ body, headers=headers)
+ self.assertEqual(int(resp['status']), 401)
+ self.assertIn('FormPost: Form Expired', body)
diff --git a/tempest/api/object_storage/test_object_temp_url.py b/tempest/api/object_storage/test_object_temp_url.py
index 0523c68..47c270e 100644
--- a/tempest/api/object_storage/test_object_temp_url.py
+++ b/tempest/api/object_storage/test_object_temp_url.py
@@ -22,7 +22,6 @@
from tempest.api.object_storage import base
from tempest.common.utils import data_utils
from tempest import config
-from tempest import exceptions
from tempest import test
CONF = config.CONF
@@ -186,19 +185,3 @@
resp, body = self.object_client.head(url)
self.assertIn(int(resp['status']), test.HTTP_SUCCESS)
self.assertHeaders(resp, 'Object', 'HEAD')
-
- @test.attr(type=['gate', 'negative'])
- @test.requires_ext(extension='tempurl', service='object')
- def test_get_object_after_expiration_time(self):
-
- expires = self._get_expiry_date(1)
- # get a temp URL for the created object
- url = self._get_temp_url(self.container_name,
- self.object_name, "GET",
- expires, self.key)
-
- # temp URL is valid for 1 seconds, let's wait 2
- time.sleep(2)
-
- self.assertRaises(exceptions.Unauthorized,
- self.object_client.get, url)
diff --git a/tempest/api/object_storage/test_object_temp_url_negative.py b/tempest/api/object_storage/test_object_temp_url_negative.py
new file mode 100644
index 0000000..cc507c5
--- /dev/null
+++ b/tempest/api/object_storage/test_object_temp_url_negative.py
@@ -0,0 +1,109 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (C) 2013 eNovance SAS <licensing@enovance.com>
+#
+# Author: Joe H. Rahme <joe.hakim.rahme@enovance.com>
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import hashlib
+import hmac
+import time
+import urlparse
+
+from tempest.api.object_storage import base
+from tempest.common.utils import data_utils
+from tempest import exceptions
+from tempest import test
+
+
+class ObjectTempUrlNegativeTest(base.BaseObjectTest):
+
+ @classmethod
+ def setUpClass(cls):
+ super(ObjectTempUrlNegativeTest, cls).setUpClass()
+
+ cls.container_name = data_utils.rand_name(name='TestContainer')
+ cls.container_client.create_container(cls.container_name)
+ cls.containers = [cls.container_name]
+
+ # update account metadata
+ cls.key = 'Meta'
+ cls.metadata = {'Temp-URL-Key': cls.key}
+ cls.account_client.create_account_metadata(metadata=cls.metadata)
+ cls.account_client_metadata, _ = \
+ cls.account_client.list_account_metadata()
+
+ @classmethod
+ def tearDownClass(cls):
+ resp, _ = cls.account_client.delete_account_metadata(
+ metadata=cls.metadata)
+
+ cls.delete_containers(cls.containers)
+
+ # delete the user setup created
+ cls.data.teardown_all()
+ super(ObjectTempUrlNegativeTest, cls).tearDownClass()
+
+ def setUp(self):
+ super(ObjectTempUrlNegativeTest, self).setUp()
+ # make sure the metadata has been set
+ self.assertIn('x-account-meta-temp-url-key',
+ self.account_client_metadata)
+
+ self.assertEqual(
+ self.account_client_metadata['x-account-meta-temp-url-key'],
+ self.key)
+
+ # create object
+ self.object_name = data_utils.rand_name(name='ObjectTemp')
+ self.data = data_utils.arbitrary_string(size=len(self.object_name),
+ base_text=self.object_name)
+ self.object_client.create_object(self.container_name,
+ self.object_name, self.data)
+
+ def _get_expiry_date(self, expiration_time=1000):
+ return int(time.time() + expiration_time)
+
+ def _get_temp_url(self, container, object_name, method, expires,
+ key):
+ """Create the temporary URL."""
+
+ path = "%s/%s/%s" % (
+ urlparse.urlparse(self.object_client.base_url).path,
+ container, object_name)
+
+ hmac_body = '%s\n%s\n%s' % (method, expires, path)
+ sig = hmac.new(key, hmac_body, hashlib.sha1).hexdigest()
+
+ url = "%s/%s?temp_url_sig=%s&temp_url_expires=%s" % (container,
+ object_name,
+ sig, expires)
+
+ return url
+
+ @test.attr(type=['gate', 'negative'])
+ @test.requires_ext(extension='tempurl', service='object')
+ def test_get_object_after_expiration_time(self):
+
+ expires = self._get_expiry_date(1)
+ # get a temp URL for the created object
+ url = self._get_temp_url(self.container_name,
+ self.object_name, "GET",
+ expires, self.key)
+
+ # temp URL is valid for 1 seconds, let's wait 2
+ time.sleep(2)
+
+ self.assertRaises(exceptions.Unauthorized,
+ self.object_client.get, url)
diff --git a/tempest/api/orchestration/stacks/test_templates.py b/tempest/api/orchestration/stacks/test_templates.py
index 6cbc872..2da819d 100644
--- a/tempest/api/orchestration/stacks/test_templates.py
+++ b/tempest/api/orchestration/stacks/test_templates.py
@@ -10,17 +10,11 @@
# License for the specific language governing permissions and limitations
# under the License.
-import logging
-
from tempest.api.orchestration import base
from tempest.common.utils import data_utils
-from tempest import exceptions
from tempest.test import attr
-LOG = logging.getLogger(__name__)
-
-
class TemplateYAMLTestJSON(base.BaseOrchestrationTest):
_interface = 'json'
@@ -59,14 +53,6 @@
self.parameters)
self.assertEqual('200', resp['status'])
- @attr(type=['gate', 'negative'])
- def test_validate_template_url(self):
- """Validating template passing url to it."""
- self.assertRaises(exceptions.BadRequest,
- self.client.validate_template_url,
- template_url=self.invalid_template_url,
- parameters=self.parameters)
-
class TemplateAWSTestJSON(TemplateYAMLTestJSON):
template = """
diff --git a/tempest/api/orchestration/stacks/test_templates_negative.py b/tempest/api/orchestration/stacks/test_templates_negative.py
new file mode 100644
index 0000000..c55f6ee
--- /dev/null
+++ b/tempest/api/orchestration/stacks/test_templates_negative.py
@@ -0,0 +1,62 @@
+# Copyright 2014 NEC Corporation. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.orchestration import base
+from tempest import exceptions
+from tempest import test
+
+
+class TemplateYAMLNegativeTestJSON(base.BaseOrchestrationTest):
+ _interface = 'json'
+
+ template = """
+HeatTemplateFormatVersion: '2012-12-12'
+Description: |
+ Template which creates only a new user
+Resources:
+ CfnUser:
+ Type: AWS::IAM::User
+"""
+
+ invalid_template_url = 'http://www.example.com/template.yaml'
+
+ @classmethod
+ def setUpClass(cls):
+ super(TemplateYAMLNegativeTestJSON, cls).setUpClass()
+ cls.client = cls.orchestration_client
+ cls.parameters = {}
+
+ @test.attr(type=['gate', 'negative'])
+ def test_validate_template_url(self):
+ """Validating template passing url to it."""
+ self.assertRaises(exceptions.BadRequest,
+ self.client.validate_template_url,
+ template_url=self.invalid_template_url,
+ parameters=self.parameters)
+
+
+class TemplateAWSNegativeTestJSON(TemplateYAMLNegativeTestJSON):
+ template = """
+{
+ "AWSTemplateFormatVersion" : "2010-09-09",
+ "Description" : "Template which creates only a new user",
+ "Resources" : {
+ "CfnUser" : {
+ "Type" : "AWS::IAM::User"
+ }
+ }
+}
+"""
+
+ invalid_template_url = 'http://www.example.com/template.template'
diff --git a/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml b/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml
index 6d89b7b..4657bfc 100644
--- a/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml
+++ b/tempest/cli/simple_read_only/heat_templates/heat_minimal_hot.yaml
@@ -3,10 +3,10 @@
parameters:
instance_image:
description: Glance image name
- type: String
+ type: string
instance_type:
description: Nova instance type
- type: String
+ type: string
default: m1.small
constraints:
- allowed_values: [m1.small, m1.medium, m1.large]
diff --git a/tempest/cli/simple_read_only/test_cinder.py b/tempest/cli/simple_read_only/test_cinder.py
index f71a2de..cf8440d 100644
--- a/tempest/cli/simple_read_only/test_cinder.py
+++ b/tempest/cli/simple_read_only/test_cinder.py
@@ -47,6 +47,12 @@
def test_cinder_volumes_list(self):
self.cinder('list')
+ self.cinder('list', params='--all-tenants 1')
+ self.cinder('list', params='--all-tenants 0')
+ self.assertRaises(subprocess.CalledProcessError,
+ self.cinder,
+ 'list',
+ params='--all-tenants bad')
def test_cinder_quota_class_show(self):
"""This CLI can accept and string as param."""
diff --git a/tempest/common/glance_http.py b/tempest/common/glance_http.py
index e72cd9e..2ce05ee 100644
--- a/tempest/common/glance_http.py
+++ b/tempest/common/glance_http.py
@@ -218,6 +218,8 @@
return getattr(self.connection, name)
def makefile(self, *args, **kwargs):
+ # Ensure the socket is closed when this file is closed
+ kwargs['close'] = True
return socket._fileobject(self.connection, *args, **kwargs)
@@ -345,6 +347,15 @@
self.sock = OpenSSLConnectionDelegator(self.context, sock)
self.sock.connect((self.host, self.port))
+ def close(self):
+ if self.sock:
+ # Remove the reference to the socket but don't close it yet.
+ # Response close will close both socket and associated
+ # file. Closing socket too soon will cause response
+ # reads to fail with socket IO error 'Bad file descriptor'.
+ self.sock = None
+ super(VerifiedHTTPSConnection, self).close()
+
class ResponseBodyIterator(object):
"""A class that acts as an iterator over an HTTP response."""
diff --git a/tempest/common/isolated_creds.py b/tempest/common/isolated_creds.py
index 38834ff..f2df061 100644
--- a/tempest/common/isolated_creds.py
+++ b/tempest/common/isolated_creds.py
@@ -247,7 +247,7 @@
def _create_network(self, name, tenant_id):
if self.tempest_client:
resp, resp_body = self.network_admin_client.create_network(
- name, tenant_id=tenant_id)
+ name=name, tenant_id=tenant_id)
else:
body = {'network': {'tenant_id': tenant_id, 'name': name}}
resp_body = self.network_admin_client.create_network(body)
@@ -267,15 +267,18 @@
if self.network_resources:
resp, resp_body = self.network_admin_client.\
create_subnet(
- network_id, str(subnet_cidr),
+ network_id=network_id, cidr=str(subnet_cidr),
name=subnet_name,
tenant_id=tenant_id,
- enable_dhcp=self.network_resources['dhcp'])
+ enable_dhcp=self.network_resources['dhcp'],
+ ip_version=4)
else:
resp, resp_body = self.network_admin_client.\
- create_subnet(network_id, str(subnet_cidr),
+ create_subnet(network_id=network_id,
+ cidr=str(subnet_cidr),
name=subnet_name,
- tenant_id=tenant_id)
+ tenant_id=tenant_id,
+ ip_version=4)
else:
body['subnet']['cidr'] = str(subnet_cidr)
resp_body = self.network_admin_client.create_subnet(body)
diff --git a/tempest/common/rest_client.py b/tempest/common/rest_client.py
index 81ebd4b..a90c924 100644
--- a/tempest/common/rest_client.py
+++ b/tempest/common/rest_client.py
@@ -280,7 +280,8 @@
" (auth URL is '%s'), the response status is %s" %
(req_url, resp.status))
raise exceptions.AuthenticationFailure(user=user,
- password=password)
+ password=password,
+ tenant=project_name)
def expected_success(self, expected_code, read_code):
assert_msg = ("This function only allowed to use for HTTP status"
diff --git a/tempest/config.py b/tempest/config.py
index d529965..5a9199d 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -147,7 +147,7 @@
default='root',
help="User name used to authenticate to an instance."),
cfg.IntOpt('ping_timeout',
- default=60,
+ default=120,
help="Timeout in seconds to wait for ping to "
"succeed."),
cfg.IntOpt('ssh_timeout',
diff --git a/tempest/openstack/common/fixture/mockpatch.py b/tempest/openstack/common/fixture/mockpatch.py
index 858e77c..d7dcc11 100644
--- a/tempest/openstack/common/fixture/mockpatch.py
+++ b/tempest/openstack/common/fixture/mockpatch.py
@@ -22,14 +22,15 @@
class PatchObject(fixtures.Fixture):
"""Deal with code around mock."""
- def __init__(self, obj, attr, **kwargs):
+ def __init__(self, obj, attr, new=mock.DEFAULT, **kwargs):
self.obj = obj
self.attr = attr
self.kwargs = kwargs
+ self.new = new
def setUp(self):
super(PatchObject, self).setUp()
- _p = mock.patch.object(self.obj, self.attr, **self.kwargs)
+ _p = mock.patch.object(self.obj, self.attr, self.new, **self.kwargs)
self.mock = _p.start()
self.addCleanup(_p.stop)
diff --git a/tempest/services/network/json/network_client.py b/tempest/services/network/json/network_client.py
index 8cb74a9..47c20d2 100644
--- a/tempest/services/network/json/network_client.py
+++ b/tempest/services/network/json/network_client.py
@@ -47,50 +47,8 @@
def serialize(self, data):
return json.dumps(data)
- def create_network(self, name, **kwargs):
- post_body = {'network': kwargs}
- post_body['network']['name'] = name
- body = json.dumps(post_body)
- uri = '%s/networks' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
-
- def create_bulk_network(self, count, names):
- network_list = list()
- for i in range(count):
- network_list.append({'name': names[i]})
- post_body = {'networks': network_list}
- body = json.dumps(post_body)
- uri = '%s/networks' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
-
- def create_subnet(self, net_uuid, cidr, ip_version=4, **kwargs):
- post_body = {'subnet': kwargs}
- post_body['subnet']['ip_version'] = ip_version
- post_body['subnet']['network_id'] = net_uuid
- post_body['subnet']['cidr'] = cidr
- body = json.dumps(post_body)
- uri = '%s/subnets' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
-
- def create_port(self, network_id, **kwargs):
- post_body = {
- 'port': {
- 'network_id': network_id,
- }
- }
- for key, val in kwargs.items():
- post_body['port'][key] = val
- body = json.dumps(post_body)
- uri = '%s/ports' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
+ def serialize_list(self, data, root=None, item=None):
+ return self.serialize(data)
def update_quotas(self, tenant_id, **kwargs):
put_body = {'quota': kwargs}
@@ -105,42 +63,6 @@
resp, body = self.delete(uri)
return resp, body
- def update_subnet(self, subnet_id, new_name):
- put_body = {
- 'subnet': {
- 'name': new_name,
- }
- }
- body = json.dumps(put_body)
- uri = '%s/subnets/%s' % (self.uri_prefix, subnet_id)
- resp, body = self.put(uri, body)
- body = json.loads(body)
- return resp, body
-
- def update_port(self, port_id, new_name):
- put_body = {
- 'port': {
- 'name': new_name,
- }
- }
- body = json.dumps(put_body)
- uri = '%s/ports/%s' % (self.uri_prefix, port_id)
- resp, body = self.put(uri, body)
- body = json.loads(body)
- return resp, body
-
- def update_network(self, network_id, new_name):
- put_body = {
- "network": {
- "name": new_name,
- }
- }
- body = json.dumps(put_body)
- uri = '%s/networks/%s' % (self.uri_prefix, network_id)
- resp, body = self.put(uri, body)
- body = json.loads(body)
- return resp, body
-
def create_router(self, name, admin_state_up=True, **kwargs):
post_body = {'router': kwargs}
post_body['router']['name'] = name
@@ -272,22 +194,6 @@
body = json.loads(body)
return resp, body
- def create_bulk_subnet(self, subnet_list):
- post_body = {'subnets': subnet_list}
- body = json.dumps(post_body)
- uri = '%s/subnets' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
-
- def create_bulk_port(self, port_list):
- post_body = {'ports': port_list}
- body = json.dumps(post_body)
- uri = '%s/ports' % (self.uri_prefix)
- resp, body = self.post(uri, body)
- body = json.loads(body)
- return resp, body
-
def create_vip(self, name, protocol, protocol_port, subnet_id, pool_id):
post_body = {
"vip": {
diff --git a/tempest/services/network/network_client_base.py b/tempest/services/network/network_client_base.py
index 57b0ebb..f4a012f 100644
--- a/tempest/services/network/network_client_base.py
+++ b/tempest/services/network/network_client_base.py
@@ -156,3 +156,31 @@
if name[:prefix_len] == prefix:
return method_functors[index](name[prefix_len:])
raise AttributeError(name)
+
+ # Common methods that are hard to automate
+ def create_bulk_network(self, count, names):
+ network_list = list()
+ for i in range(count):
+ network_list.append({'name': names[i]})
+ post_data = {'networks': network_list}
+ body = self.serialize_list(post_data, "networks", "network")
+ uri = self.get_uri("networks")
+ resp, body = self.post(uri, body)
+ body = {'networks': self.deserialize_list(body)}
+ return resp, body
+
+ def create_bulk_subnet(self, subnet_list):
+ post_data = {'subnets': subnet_list}
+ body = self.serialize_list(post_data, 'subnets', 'subnet')
+ uri = self.get_uri('subnets')
+ resp, body = self.post(uri, body)
+ body = {'subnets': self.deserialize_list(body)}
+ return resp, body
+
+ def create_bulk_port(self, port_list):
+ post_data = {'ports': port_list}
+ body = self.serialize_list(post_data, 'ports', 'port')
+ uri = self.get_uri('ports')
+ resp, body = self.post(uri, body)
+ body = {'ports': self.deserialize_list(body)}
+ return resp, body
diff --git a/tempest/services/network/xml/network_client.py b/tempest/services/network/xml/network_client.py
index ebb2d00..b8e39ad 100644
--- a/tempest/services/network/xml/network_client.py
+++ b/tempest/services/network/xml/network_client.py
@@ -33,6 +33,12 @@
return RestClientXML(config, username, password,
auth_url, tenant_name)
+ def _parse_array(self, node):
+ array = []
+ for child in node.getchildren():
+ array.append(xml_to_json(child))
+ return array
+
def deserialize_list(self, body):
return parse_array(etree.fromstring(body), self.PLURALS)
@@ -44,84 +50,34 @@
# expecting the dict with single key
root = body.keys()[0]
post_body = Element(root)
+ post_body.add_attr('xmlns:xsi',
+ 'http://www.w3.org/2001/XMLSchema-instance')
for name, attr in body[root].items():
- elt = Element(name, attr)
+ elt = self._get_element(name, attr)
post_body.append(elt)
return str(Document(post_body))
- def create_network(self, name):
- uri = '%s/networks' % (self.uri_prefix)
- post_body = Element("network")
- p2 = Element("name", name)
- post_body.append(p2)
- resp, body = self.post(uri, str(Document(post_body)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
+ def serialize_list(self, body, root_name=None, item_name=None):
+ # expecting dict in form
+ # body = {'resources': [res_dict1, res_dict2, ...]
+ post_body = Element(root_name)
+ post_body.add_attr('xmlns:xsi',
+ 'http://www.w3.org/2001/XMLSchema-instance')
+ for item in body[body.keys()[0]]:
+ elt = Element(item_name)
+ for name, attr in item.items():
+ elt_content = self._get_element(name, attr)
+ elt.append(elt_content)
+ post_body.append(elt)
+ return str(Document(post_body))
- def create_bulk_network(self, count, names):
- uri = '%s/networks' % (self.uri_prefix)
- post_body = Element("networks")
- for i in range(count):
- p1 = Element("network")
- p2 = Element("name", names[i])
- p1.append(p2)
- post_body.append(p1)
- resp, body = self.post(uri, str(Document(post_body)))
- networks = parse_array(etree.fromstring(body))
- networks = {"networks": networks}
- return resp, networks
-
- def create_subnet(self, net_uuid, cidr):
- uri = '%s/subnets' % (self.uri_prefix)
- subnet = Element("subnet")
- p2 = Element("network_id", net_uuid)
- p3 = Element("cidr", cidr)
- p4 = Element("ip_version", 4)
- subnet.append(p2)
- subnet.append(p3)
- subnet.append(p4)
- resp, body = self.post(uri, str(Document(subnet)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
-
- def create_port(self, net_uuid, **kwargs):
- uri = '%s/ports' % (self.uri_prefix)
- port = Element("port")
- p1 = Element('network_id', net_uuid)
- port.append(p1)
- for key, val in kwargs.items():
- key = Element(key, val)
- port.append(key)
- resp, body = self.post(uri, str(Document(port)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
-
- def update_port(self, port_id, name):
- uri = '%s/ports/%s' % (self.uri_prefix, str(port_id))
- port = Element("port")
- p2 = Element("name", name)
- port.append(p2)
- resp, body = self.put(uri, str(Document(port)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
-
- def update_subnet(self, subnet_id, name):
- uri = '%s/subnets/%s' % (self.uri_prefix, str(subnet_id))
- subnet = Element("subnet")
- p2 = Element("name", name)
- subnet.append(p2)
- resp, body = self.put(uri, str(Document(subnet)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
-
- def update_network(self, net_id, name):
- uri = '%s/networks/%s' % (self.uri_prefix, str(net_id))
- network = Element("network")
- p2 = Element("name", name)
- network.append(p2)
- resp, body = self.put(uri, str(Document(network)))
- body = _root_tag_fetcher_and_xml_to_json_parse(body)
- return resp, body
+ def _get_element(self, name, value):
+ if value is None:
+ xml_elem = Element(name)
+ xml_elem.add_attr("xsi:nil", "true")
+ return xml_elem
+ else:
+ return Element(name, value)
def create_security_group(self, name):
uri = '%s/security-groups' % (self.uri_prefix)
@@ -147,36 +103,6 @@
body = _root_tag_fetcher_and_xml_to_json_parse(body)
return resp, body
- def create_bulk_subnet(self, subnet_list):
- uri = '%s/subnets' % (self.uri_prefix)
- post_body = Element("subnets")
- for i in range(len(subnet_list)):
- v = subnet_list[i]
- p1 = Element("subnet")
- for k, kv in v.iteritems():
- p2 = Element(k, kv)
- p1.append(p2)
- post_body.append(p1)
- resp, body = self.post(uri, str(Document(post_body)))
- subnets = parse_array(etree.fromstring(body))
- subnets = {"subnets": subnets}
- return resp, subnets
-
- def create_bulk_port(self, port_list):
- uri = '%s/ports' % (self.uri_prefix)
- post_body = Element("ports")
- for i in range(len(port_list)):
- v = port_list[i]
- p1 = Element("port")
- for k, kv in v.iteritems():
- p2 = Element(k, kv)
- p1.append(p2)
- post_body.append(p1)
- resp, body = self.post(uri, str(Document(post_body)))
- ports = parse_array(etree.fromstring(body))
- ports = {"ports": ports}
- return resp, ports
-
def create_vip(self, name, protocol, protocol_port, subnet_id, pool_id):
uri = '%s/lb/vips' % (self.uri_prefix)
post_body = Element("vip")
diff --git a/tempest/test_discover/test_discover.py b/tempest/test_discover/test_discover.py
index 87fdbdc..3fbb8e1 100644
--- a/tempest/test_discover/test_discover.py
+++ b/tempest/test_discover/test_discover.py
@@ -13,7 +13,12 @@
# under the License.
import os
-import unittest
+import sys
+
+if sys.version_info >= (2, 7):
+ import unittest
+else:
+ import unittest2 as unittest
def load_tests(loader, tests, pattern):
diff --git a/tools/verify_tempest_config.py b/tools/verify_tempest_config.py
index 0c21cea..b393402 100755
--- a/tools/verify_tempest_config.py
+++ b/tools/verify_tempest_config.py
@@ -14,13 +14,17 @@
# License for the specific language governing permissions and limitations
# under the License.
+import json
import sys
+import httplib2
+
from tempest import clients
from tempest import config
CONF = config.CONF
+RAW_HTTP = httplib2.Http()
def verify_glance_api_versions(os):
@@ -35,6 +39,19 @@
not CONF.image_feature_enabled.api_v2))
+def verify_nova_api_versions(os):
+ # Check nova api versions
+ os.servers_client._set_auth()
+ v2_endpoint = os.servers_client.base_url
+ endpoint = 'http://' + v2_endpoint.split('/')[2]
+ __, body = RAW_HTTP.request(endpoint, 'GET')
+ body = json.loads(body)
+ versions = map(lambda x: x['id'], body['versions'])
+ if CONF.compute_feature_enabled.api_v3 != ('v3.0' in versions):
+ print('Config option compute api_v3 should be change to: %s' % (
+ not CONF.compute_feature_enabled.api_v3))
+
+
def get_extension_client(os, service):
extensions_client = {
'nova': os.extensions_client,
@@ -117,6 +134,7 @@
for service in ['nova', 'nova_v3', 'cinder', 'neutron']:
results = verify_extensions(os, service, results)
verify_glance_api_versions(os)
+ verify_nova_api_versions(os)
display_results(results)