def _clean_tenant(self, tenant):
print("Cleaning tenant: %s " % tenant["name"])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = not self.options.delete_tempest_conf_objects
tenant_id = tenant["id"]
tenant_name = tenant["name"]
tenant_data = None
if is_dry_run:
tenant_data = dry_run_data["_tenants_to_clean"][tenant_id] = {}
tenant_data["name"] = tenant_name
kwargs = {
"username": CONF.auth.admin_username,
"password": CONF.auth.admin_password,
"tenant_name": tenant["name"],
}
mgr = clients.Manager(credentials=credentials.get_credentials(**kwargs))
kwargs = {
"data": tenant_data,
"is_dry_run": is_dry_run,
"saved_state_json": None,
"is_preserve": is_preserve,
"is_save_state": False,
"tenant_id": tenant_id,
}
for service in self.tenant_services:
svc = service(mgr, **kwargs)
svc.run()
def get_credential_provider(opts):
identity_version = "".join(['v', str(opts.identity_version)])
# NOTE(andreaf) For now tempest.conf controls whether resources will
# actually be created. Once we remove the dependency from tempest.conf
# we will need extra CLI option(s) to control this.
network_resources = {'router': True,
'network': True,
'subnet': True,
'dhcp': True}
admin_creds_dict = {'username': opts.os_username,
'password': opts.os_password}
_project_name = opts.os_project_name or opts.os_tenant_name
if opts.identity_version == 3:
admin_creds_dict['project_name'] = _project_name
admin_creds_dict['domain_name'] = opts.os_domain_name or 'Default'
elif opts.identity_version == 2:
admin_creds_dict['tenant_name'] = _project_name
admin_creds = credentials_factory.get_credentials(
fill_in=False, identity_version=identity_version, **admin_creds_dict)
return dynamic_creds.DynamicCredentialProvider(
identity_version=identity_version,
name=opts.tag,
network_resources=network_resources,
neutron_available=CONF.service_available.neutron,
create_networks=CONF.auth.create_isolated_networks,
identity_admin_role=CONF.identity.admin_role,
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
project_network_cidr=CONF.network.project_network_cidr,
project_network_mask_bits=CONF.network.project_network_mask_bits,
public_network_id=CONF.network.public_network_id,
admin_creds=admin_creds,
**credentials_factory.get_dynamic_provider_params())
def get_credential_provider(opts):
identity_version = "".join(['v', str(opts.identity_version)])
# NOTE(andreaf) For now tempest.conf controls whether resources will
# actually be created. Once we remove the dependency from tempest.conf
# we will need extra CLI option(s) to control this.
network_resources = {'router': True,
'network': True,
'subnet': True,
'dhcp': True}
admin_creds_dict = {'username': opts.os_username,
'password': opts.os_password}
_project_name = opts.os_project_name or opts.os_tenant_name
if opts.identity_version == 3:
admin_creds_dict['project_name'] = _project_name
admin_creds_dict['domain_name'] = opts.os_domain_name or 'Default'
elif opts.identity_version == 2:
admin_creds_dict['tenant_name'] = _project_name
admin_creds = credentials_factory.get_credentials(
fill_in=False, identity_version=identity_version, **admin_creds_dict)
return dynamic_creds.DynamicCredentialProvider(
identity_version=identity_version,
name=opts.tag,
network_resources=network_resources,
admin_creds=admin_creds,
**credentials_factory.get_dynamic_provider_params())
def _clean_project(self, project):
print("Cleaning project: %s " % project['name'])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = not self.options.delete_tempest_conf_objects
project_id = project['id']
project_name = project['name']
project_data = None
if is_dry_run:
project_data = dry_run_data["_projects_to_clean"][project_id] = {}
project_data['name'] = project_name
kwargs = {"username": CONF.auth.admin_username,
"password": CONF.auth.admin_password,
"project_name": project['name']}
mgr = clients.Manager(credentials=credentials.get_credentials(
**kwargs))
kwargs = {'data': project_data,
'is_dry_run': is_dry_run,
'saved_state_json': None,
'is_preserve': is_preserve,
'is_save_state': False,
'project_id': project_id}
for service in self.project_services:
svc = service(mgr, **kwargs)
svc.run()
def _clean_project(self, project):
print("Cleaning project: %s " % project['name'])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = not self.options.delete_tempest_conf_objects
project_id = project['id']
project_name = project['name']
project_data = None
if is_dry_run:
project_data = dry_run_data["_projects_to_clean"][project_id] = {}
project_data['name'] = project_name
kwargs = {"username": CONF.auth.admin_username,
"password": CONF.auth.admin_password,
"project_name": project['name']}
mgr = clients.Manager(credentials=credentials.get_credentials(
**kwargs))
kwargs = {'data': project_data,
'is_dry_run': is_dry_run,
'saved_state_json': self.json_data,
'is_preserve': is_preserve,
'is_save_state': False,
'project_id': project_id,
'got_exceptions': self.GOT_EXCEPTIONS}
for service in self.project_services:
svc = service(mgr, **kwargs)
svc.run()
def create_trustor_and_roles(self):
# create a project that trusts will be granted on
trustor_project_name = data_utils.rand_name(name='project')
project = self.projects_client.create_project(
trustor_project_name,
domain_id=CONF.identity.default_domain_id)['project']
self.trustor_project_id = project['id']
self.assertIsNotNone(self.trustor_project_id)
# Create a trustor User
trustor_username = data_utils.rand_name('user')
u_desc = trustor_username + 'description'
u_email = trustor_username + '@testmail.xx'
trustor_password = data_utils.rand_password()
user = self.users_client.create_user(
name=trustor_username,
description=u_desc,
password=trustor_password,
email=u_email,
project_id=self.trustor_project_id,
domain_id=CONF.identity.default_domain_id)['user']
self.trustor_user_id = user['id']
# And two roles, one we'll delegate and one we won't
self.delegated_role = data_utils.rand_name('DelegatedRole')
self.not_delegated_role = data_utils.rand_name('NotDelegatedRole')
role = self.roles_client.create_role(name=self.delegated_role)['role']
self.delegated_role_id = role['id']
role = self.roles_client.create_role(
name=self.not_delegated_role)['role']
self.not_delegated_role_id = role['id']
# Assign roles to trustor
self.roles_client.create_user_role_on_project(
self.trustor_project_id,
self.trustor_user_id,
self.delegated_role_id)
self.roles_client.create_user_role_on_project(
self.trustor_project_id,
self.trustor_user_id,
self.not_delegated_role_id)
# Get trustee user ID, use the demo user
trustee_username = self.non_admin_client.user
self.trustee_user_id = self.get_user_by_name(trustee_username)['id']
self.assertIsNotNone(self.trustee_user_id)
# Initialize a new client with the trustor credentials
creds = common_creds.get_credentials(
identity_version='v3',
username=trustor_username,
password=trustor_password,
user_domain_id=CONF.identity.default_domain_id,
tenant_name=trustor_project_name,
project_domain_id=CONF.identity.default_domain_id,
domain_id=CONF.identity.default_domain_id)
os = clients.Manager(credentials=creds)
self.trustor_client = os.trusts_client
def _clean_tenant(self, tenant):
print("Cleaning tenant: %s " % tenant['name'])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = not self.options.delete_tempest_conf_objects
tenant_id = tenant['id']
tenant_name = tenant['name']
tenant_data = None
if is_dry_run:
tenant_data = dry_run_data["_tenants_to_clean"][tenant_id] = {}
tenant_data['name'] = tenant_name
kwargs = {
"username": CONF.auth.admin_username,
"password": CONF.auth.admin_password,
"tenant_name": tenant['name']
}
mgr = clients.Manager(credentials=credentials.get_credentials(
**kwargs))
kwargs = {
'data': tenant_data,
'is_dry_run': is_dry_run,
'saved_state_json': None,
'is_preserve': is_preserve,
'is_save_state': False,
'tenant_id': tenant_id
}
for service in self.tenant_services:
svc = service(mgr, **kwargs)
svc.run()
def create_trustor_and_roles(self):
# create a project that trusts will be granted on
trustor_project_name = data_utils.rand_name(name='project')
project = self.projects_client.create_project(
trustor_project_name,
domain_id=CONF.identity.default_domain_id)['project']
self.trustor_project_id = project['id']
self.assertIsNotNone(self.trustor_project_id)
# Create a trustor User
trustor_username = data_utils.rand_name('user')
u_desc = trustor_username + 'description'
u_email = trustor_username + '@testmail.xx'
trustor_password = data_utils.rand_password()
user = self.users_client.create_user(
name=trustor_username,
description=u_desc,
password=trustor_password,
email=u_email,
project_id=self.trustor_project_id,
domain_id=CONF.identity.default_domain_id)['user']
self.trustor_user_id = user['id']
# And two roles, one we'll delegate and one we won't
self.delegated_role = data_utils.rand_name('DelegatedRole')
self.not_delegated_role = data_utils.rand_name('NotDelegatedRole')
role = self.roles_client.create_role(name=self.delegated_role)['role']
self.delegated_role_id = role['id']
role = self.roles_client.create_role(
name=self.not_delegated_role)['role']
self.not_delegated_role_id = role['id']
# Assign roles to trustor
self.roles_client.create_user_role_on_project(
self.trustor_project_id,
self.trustor_user_id,
self.delegated_role_id)
self.roles_client.create_user_role_on_project(
self.trustor_project_id,
self.trustor_user_id,
self.not_delegated_role_id)
# Get trustee user ID, use the demo user
trustee_username = self.non_admin_client.user
self.trustee_user_id = self.get_user_by_name(trustee_username)['id']
self.assertIsNotNone(self.trustee_user_id)
# Initialize a new client with the trustor credentials
creds = common_creds.get_credentials(
identity_version='v3',
username=trustor_username,
password=trustor_password,
user_domain_id=CONF.identity.default_domain_id,
tenant_name=trustor_project_name,
project_domain_id=CONF.identity.default_domain_id,
domain_id=CONF.identity.default_domain_id)
os = clients.Manager(credentials=creds)
self.trustor_client = os.trusts_client
def get_credential_provider(opts):
identity_version = "".join(['v', str(opts.identity_version)])
# NOTE(andreaf) For now tempest.conf controls whether resources will
# actually be created. Once we remove the dependency from tempest.conf
# we will need extra CLI option(s) to control this.
network_resources = {
'router': True,
'network': True,
'subnet': True,
'dhcp': True
}
admin_creds_dict = {
'username': opts.os_username,
'password': opts.os_password
}
_project_name = opts.os_project_name or opts.os_tenant_name
if opts.identity_version == 3:
admin_creds_dict['project_name'] = _project_name
admin_creds_dict['domain_name'] = opts.os_domain_name or 'Default'
elif opts.identity_version == 2:
admin_creds_dict['tenant_name'] = _project_name
admin_creds = credentials_factory.get_credentials(
fill_in=False, identity_version=identity_version, **admin_creds_dict)
return dynamic_creds.DynamicCredentialProvider(
name=opts.tag,
network_resources=network_resources,
**credentials_factory.get_dynamic_provider_params(
identity_version, admin_creds=admin_creds))
def _get_fake_admin_creds(self):
return credentials.get_credentials(
fill_in=False,
identity_version=self.fixed_params['identity_version'],
username='******',
password='******',
tenant_name='fake_tenant')
def test_get_extension_client_sysexit(self):
creds = credentials_factory.get_credentials(
fill_in=False, username='******', project_name='fake_project',
password='******')
os = clients.Manager(creds)
self.assertRaises(SystemExit,
verify_tempest_config.get_extension_client,
os, 'fakeservice')
def test_get_extension_client_sysexit(self):
creds = credentials_factory.get_credentials(
fill_in=False, username='******', project_name='fake_project',
password='******')
os = clients.Manager(creds)
self.assertRaises(SystemExit,
verify_tempest_config.get_extension_client,
os, 'fakeservice')
def _get_fake_admin_creds(self):
return credentials.get_credentials(
fill_in=False,
identity_version=self.fixed_params["identity_version"],
username="******",
password="******",
tenant_name="fake_tenant",
)
def test_get_extension_client(self):
creds = credentials_factory.get_credentials(
fill_in=False, username='******', project_name='fake_project',
password='******')
os = clients.Manager(creds)
for service in ['nova', 'neutron', 'swift', 'cinder']:
extensions_client = verify_tempest_config.get_extension_client(
os, service)
self.assertIsInstance(extensions_client, rest_client.RestClient)
def test_get_extension_client(self):
creds = credentials_factory.get_credentials(
fill_in=False, username='******', project_name='fake_project',
password='******')
os = clients.Manager(creds)
for service in ['nova', 'neutron', 'swift', 'cinder']:
extensions_client = verify_tempest_config.get_extension_client(
os, service)
self.assertIsInstance(extensions_client, rest_client.RestClient)
def test_get_credentials_v2(self, mock_auth_get_credentials):
expected_uri = 'V2_URI'
expected_result = 'my_creds'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri', expected_uri, 'identity')
params = {'foo': 'bar'}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(identity_version='v2', **params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=True, identity_version='v2',
**expected_params)
def test_get_credentials_v2(self, mock_auth_get_credentials):
expected_uri = 'V2_URI'
expected_result = 'my_creds'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri', expected_uri, 'identity')
params = {'foo': 'bar'}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(identity_version='v2', **params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri,
fill_in=True,
identity_version='v2',
**expected_params)
def test_get_credentials_v3_domain(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
expected_domain = 'my_domain'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('default_credentials_domain_name',
expected_domain, 'auth')
params = {'foo': 'bar', 'user_domain_name': expected_domain}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False, identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=False, identity_version='v3',
**expected_params)
def _create_server(self, project, **kwargs):
creds = credentials_factory.get_credentials(fill_in=False,
identity_version='v3',
**{
'user_id':
project['user']['id'],
'password':
'******',
'project_name':
project['name']
})
client = tempest_clients.Manager(creds).servers_client
kwargs['flavorRef'] = CONF.compute.flavor_ref
kwargs['imageRef'] = CONF.compute.image_ref
server = client.create_server(**kwargs)['server']
self.addCleanup(self.admin_client.servers_client.delete_server,
server['id'])
return server
def test_get_credentials_v3_system(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('admin_system', 'all', 'auth')
params = {'system': 'all'}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False,
identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri,
fill_in=False,
identity_version='v3',
**expected_params)
def test_get_credentials_v3_domain(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
expected_domain = 'my_domain'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('default_credentials_domain_name',
expected_domain, 'auth')
params = {'foo': 'bar', 'user_domain_name': expected_domain}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False,
identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri,
fill_in=False,
identity_version='v3',
**expected_params)
def get_credential_provider(opts):
identity_version = "".join(['v', str(opts.identity_version)])
# NOTE(andreaf) For now tempest.conf controls whether resources will
# actually be created. Once we remove the dependency from tempest.conf
# we will need extra CLI option(s) to control this.
network_resources = {
'router': True,
'network': True,
'subnet': True,
'dhcp': True
}
admin_creds_dict = {
'username': opts.os_username,
'password': opts.os_password
}
_project_name = opts.os_project_name or opts.os_tenant_name
if opts.identity_version == 3:
admin_creds_dict['project_name'] = _project_name
admin_creds_dict['domain_name'] = opts.os_domain_name or 'Default'
elif opts.identity_version == 2:
admin_creds_dict['tenant_name'] = _project_name
admin_creds = credentials_factory.get_credentials(
fill_in=False, identity_version=identity_version, **admin_creds_dict)
return dynamic_creds.DynamicCredentialProvider(
identity_version=identity_version,
name=opts.tag,
network_resources=network_resources,
neutron_available=CONF.service_available.neutron,
create_networks=CONF.auth.create_isolated_networks,
identity_admin_role=CONF.identity.admin_role,
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
project_network_cidr=CONF.network.project_network_cidr,
project_network_mask_bits=CONF.network.project_network_mask_bits,
public_network_id=CONF.network.public_network_id,
admin_creds=admin_creds,
**credentials_factory.get_dynamic_provider_params())
def _get_fake_admin_creds(self):
return credentials.get_credentials(
fill_in=False,
identity_version=self.fixed_params['identity_version'],
username='******', password='******',
tenant_name='fake_tenant')
def test_credentials(self):
return common_creds.get_credentials(username=self.test_user,
user_id=self.user['id'],
password=self.test_password,
tenant_name=self.test_tenant,
tenant_id=self.tenant['id'])
def test_credentials(self):
return common_creds.get_credentials(username=self.test_user,
user_id=self.user['id'],
password=self.test_password,
tenant_name=self.test_tenant,
tenant_id=self.tenant['id'])
