Add rocky config to keystone and update tests
Change-Id: I626aa02b2d3047a368b74017386bc3ad5487bebf
Related-Prod: PROD-23724 (PROD:23724)
diff --git a/tests/pillar/repo_mcp_openstack_ocata.sls b/tests/pillar/repo_mcp_openstack_ocata.sls
new file mode 100644
index 0000000..7d73591
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_ocata.sls
@@ -0,0 +1,52 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }} ocata main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }}/archive-mcpocata.key"
+ pin:
+ - pin: 'release a=ocata'
+ priority: 1100
+ package: '*'
+ mirantis_openstack_hotfix:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }} ocata-hotfix main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }}/archive-mcpocata.key"
+ pin:
+ - pin: 'release a=ocata-hotfix'
+ priority: 1100
+ package: '*'
+ mirantis_openstack_security:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }} ocata-security main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }}/archive-mcpocata.key"
+ pin:
+ - pin: 'release a=ocata-security'
+ priority: 1100
+ package: '*'
+ mirantis_openstack_updates:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }} ocata-updates main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }}/archive-mcpocata.key"
+ pin:
+ - pin: 'release a=ocata-uptades'
+ priority: 1100
+ package: '*'
+ mirantis_openstack_holdback:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }} ocata-holdback main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/ocata/{{ grains.get('oscodename') }}/archive-mcpocata.key"
+ pin:
+ - pin: 'release a=ocata-holdback'
+ priority: 1100
+ package: '*'
+ mk_openstack:
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/{{ grains.get('oscodename') }}/ nightly ocata"
+ architectures: amd64
+ key_url: "http://apt-mk.mirantis.com/public.gpg"
+ pin:
+ - pin: 'release a=nightly'
+ priority: 1100
+ package: '*'
diff --git a/tests/pillar/repo_mcp_openstack_pike.sls b/tests/pillar/repo_mcp_openstack_pike.sls
new file mode 100644
index 0000000..789b907
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_pike.sls
@@ -0,0 +1,12 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_repo:
+ source: "deb http://mirror.fuel-infra.org/mcp-repos/pike/{{ grains.get('oscodename') }} pike main"
+ architectures: amd64
+ key_url: "http://mirror.fuel-infra.org/mcp-repos/pike/{{ grains.get('oscodename') }}/archive-mcppike.key"
+ pin:
+ - pin: 'release a=pike'
+ priority: 1050
+ package: '*'
\ No newline at end of file
diff --git a/tests/pillar/repo_mcp_openstack_queens.sls b/tests/pillar/repo_mcp_openstack_queens.sls
new file mode 100644
index 0000000..a8c7e77
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_queens.sls
@@ -0,0 +1,12 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_repo:
+ source: "deb http://mirror.mirantis.com/nightly/openstack-queens/{{ grains.get('oscodename') }} {{ grains.get('oscodename') }} main"
+ architectures: amd64
+ key_url: "http://mirror.mirantis.com/nightly/openstack-queens/{{ grains.get('oscodename') }}/archive-queens.key"
+ pin:
+ - pin: 'release l=queens'
+ priority: 1050
+ package: '*'
\ No newline at end of file
diff --git a/tests/pillar/repo_mcp_openstack_rocky.sls b/tests/pillar/repo_mcp_openstack_rocky.sls
new file mode 100644
index 0000000..88a4131
--- /dev/null
+++ b/tests/pillar/repo_mcp_openstack_rocky.sls
@@ -0,0 +1,12 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mirantis_openstack_repo:
+ source: "deb http://mirror.mirantis.com/nightly/openstack-rocky/{{ grains.get('oscodename') }} {{ grains.get('oscodename') }} main"
+ architectures: amd64
+ key_url: "http://mirror.mirantis.com/nightly/openstack-rocky/{{ grains.get('oscodename') }}/archive-rocky.key"
+ pin:
+ - pin: 'release l=rocky'
+ priority: 1050
+ package: '*'
\ No newline at end of file
diff --git a/tests/pillar/repo_mos9.sls b/tests/pillar/repo_mos9.sls
deleted file mode 100644
index 64d75b8..0000000
--- a/tests/pillar/repo_mos9.sls
+++ /dev/null
@@ -1,8 +0,0 @@
-linux:
- system:
- enabled: true
- repo:
- mirantis_openstack:
- source: "deb [arch=amd64] http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/ mos9.0 main restricted"
- architectures: amd64
- key_url: "http://mirror.fuel-infra.org/mos-repos/ubuntu/9.0/archive-mos9.0.key"
diff --git a/tests/pillar/single.sls b/tests/pillar/single.sls
index d52812d..e4e191e 100644
--- a/tests/pillar/single.sls
+++ b/tests/pillar/single.sls
@@ -9,6 +9,9 @@
admin_name: admin
admin_password: passw0rd
admin_email: root@localhost
+ admin_project:
+ domain: project
+ name: projectname
bind:
address: 0.0.0.0
private_address: 127.0.0.1
@@ -18,36 +21,99 @@
region: RegionOne
database:
engine: mysql
- host: localhost
+ host: 127.0.0.1
name: keystone
password: passw0rd
user: keystone
+ connection_recycle_time: 3600
+ max_pool_size: 10
+ max_retries: -1
+ max_overflow: 30
+ domain:
+ default_domain:
+ default: True
+ domain_specific_drivers_enabled: true
+ description: 'default'
+ not_default_domain:
+ description: 'not_default'
tokens:
- engine: cache
+ engine: fernet
expiration: 86400
- location: /etc/keystone/fernet-keys/
- notification: false
+ location: /var/lib/keystone/fernet-keys
+ max_active_keys: 3
+ notification: true
notification_format: cadf
logging:
- log_appender: false
+ debug: false
+ log_file: keystone.log
+ log_dir: /var/log/keystone
+ use_syslog: false
+ syslog_log_facility: LOG_USER
+ log_appender: true
log_handlers:
watchedfile:
enabled: true
fluentd:
- enabled: false
+ enabled: true
ossyslog:
- enabled: false
+ enabled: true
extra_config:
federation:
cache_group_membership_in_db: true
- #message_queue:
- #engine: rabbitmq
- #host: 127.0.0.1
- #port: 5672
- #user: openstack
- #password: password
- #virtual_host: '/openstack'
- #ha_queues: true
+ assignment:
+ backend: sql
+ auth_methods:
+ - password
+ - token
+ cache:
+ backend: 'oslo_cache.memcache_pool'
+ members:
+ - host: 127.0.0.1
+ port: 11211
+ credential:
+ location: /var/lib/keystone/credential-keys
+ cors:
+ allowed_origin: 'https://horizon.example.com'
+ allow_credentials: True
+ expose_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token'
+ max_age: 3600
+ allow_methods: 'GET,PUT,POST,DELETE,PATCH'
+ allow_headers: 'X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token,X-Project-Id,X-Project-Name,X-Project-Domain-Id,X-Project-Domain-Name,X-Domain-Id,X-Domain-Name'
+ backend: sql
+ hash_algorithm: sha256
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ ha_queues: true
+ heartbeat_timeout_threshold: 0
+ heartbeat_rate: 2
+ executor_thread_pool_size: 64
+ rpc_response_timeout: 60
+ control_exchange: keystone
+ max_request_body_size: 114688
+ enable_proxy_headers_parsing: True
+ healthcheck:
+ path: /healthcheck
+ profiler:
+ enabled: true
+ policy:
+ policy_file: 'policy.json'
+ federation:
+ federation_driver: sql
+ federated_domain_name: Federated
+ trusted_dashboard:
+ - 'https://acme.example.com/auth/websso'
+ - 'https://beta.example.com/auth/websso'
+ oidc:
+ remote_id_attribute: HTTP_OIDC_ISS
+ protocol: oidc
+ saml2:
+ remote_id_attribute: HTTP_OIDC_ISS
+ protocol: saml2
# Client state
client:
enabled: false
@@ -118,34 +184,3 @@
#admin_address: keystone
#admin_port: 35357
#admin_path: '/v2.0'
-# CI related dependencies
-mysql:
- client:
- enabled: true
- version: '5.7'
- admin:
- host: localhost
- port: 3306
- user: admin
- password: password
- encoding: utf8
- server:
- enabled: true
- version: "5.7"
- force_encoding: utf8
- bind:
- address: 0.0.0.0
- port: 3306
- protocol: tcp
- database:
- keystone:
- encoding: utf8
- users:
- - host: '%'
- name: keystone
- password: passw0rd
- rights: all
- - host: 127.0.0.1
- name: keystone
- password: passw0rd
- rights: all
diff --git a/tests/pillar/ssl.sls b/tests/pillar/ssl.sls
deleted file mode 100644
index 8e42d8e..0000000
--- a/tests/pillar/ssl.sls
+++ /dev/null
@@ -1,62 +0,0 @@
-# Test case with enabled SSL of the following communication paths:
-# - messaging (rabbitmq)
-
-keystone:
- server:
- enabled: true
- version: liberty
- service_token: token
- service_tenant: service
- admin_tenant: admin
- admin_name: admin
- admin_password: passw0rd
- admin_email: root@localhost
- bind:
- address: 0.0.0.0
- private_address: 127.0.0.1
- private_port: 35357
- public_address: 127.0.0.1
- public_port: 5000
- region: RegionOne
- database:
- engine: mysql
- host: 127.0.0.1
- name: keystone
- password: passw0rd
- user: keystone
- ssl:
- enabled: True
- tokens:
- engine: cache
- expiration: 86400
- location: /etc/keystone/fernet-keys/
- notification: true
- notification_format: cadf
- logging:
- log_appender: false
- log_handlers:
- watchedfile:
- enabled: true
- fluentd:
- enabled: false
- ossyslog:
- enabled: false
- message_queue:
- engine: rabbitmq
- host: 127.0.0.1
- port: 5671
- user: openstack
- password: passw0rd
- virtual_host: '/openstack'
- ha_queues: true
- ssl:
- enabled: True
- cache:
- engine: memcached
- members:
- - host: 127.0.0.1
- port: 11211
- - host: 127.0.0.1
- port: 11211
- - host: 127.0.0.1
- port: 11211