def test_get_credentials_provider_preprov_no_file(self):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', None, group='auth')
with testtools.ExpectedException(
exc_type=exceptions.InvalidConfiguration):
cf.get_credentials_provider('some_name',
force_tenant_isolation=False,
identity_version='some_version')
def test_get_credentials_provider_preprov_no_file(self):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', None, group='auth')
with testtools.ExpectedException(
exc_type=exceptions.InvalidConfiguration):
cf.get_credentials_provider(
'some_name',
force_tenant_isolation=False,
identity_version='some_version')
def test_get_credentials_provider_preprov(
self, mock_preprov_provider_params,
mock_preprov_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', '/some/file', group='auth')
expected_params = {'foo': 'bar'}
mock_preprov_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_identity_version = 'identity_version'
cf.get_credentials_provider(expected_name,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_preprov_provider_params.assert_called_once_with(
expected_identity_version)
mock_preprov_credentials_provider_class.assert_called_once_with(
name=expected_name, **expected_params)
def test_get_credentials_provider_preprov(
self, mock_preprov_provider_params,
mock_preprov_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', '/some/file', group='auth')
expected_params = {'foo': 'bar'}
mock_preprov_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_preprov_provider_params.assert_called_once_with(
expected_identity_version)
mock_preprov_credentials_provider_class.assert_called_once_with(
name=expected_name, **expected_params)
def __init__(self):
network_resources = {"network": False, "router": False, "subnet": False, "dhcp": False}
self.cred_provider = credentials.get_credentials_provider(
name="InputScenarioUtils", identity_version=CONF.identity.auth_version, network_resources=network_resources
)
os = clients.Manager(self.cred_provider.get_primary_creds())
self.compute_images_client = os.compute_images_client
self.flavors_client = os.flavors_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def resource_setup(cls):
super(BaseEventsTestCase, cls).resource_setup()
auth_version = CONF.identity.auth_version
cred_provider = cred_factory.get_credentials_provider(
cls.__name__, identity_version=auth_version)
credentials = cred_provider.get_creds_by_roles(['admin']).credentials
cls.os_primary = clients.Manager(credentials=credentials)
cls.events_api_client = cls.os_primary.events_api_client
cls.events_search_client = cls.os_primary.events_search_client
def test_get_credentials_provider_dynamic(
self, mock_dynamic_provider_params,
mock_dynamic_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', True, group='auth')
expected_params = {'foo': 'bar'}
mock_dynamic_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_network_resources = {'network': 'resources'}
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
network_resources=expected_network_resources,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_dynamic_provider_params.assert_called_once_with(
expected_identity_version)
mock_dynamic_credentials_provider_class.assert_called_once_with(
name=expected_name, network_resources=expected_network_resources,
**expected_params)
def resource_setup(cls):
super(BaseLogsTestCase, cls).resource_setup()
auth_version = CONF.identity.auth_version
cred_provider = cred_factory.get_credentials_provider(
cls.__name__, identity_version=auth_version)
credentials = cred_provider.get_creds_by_roles(
['monasca-user', 'admin']).credentials
cls.os = clients.Manager(credentials=credentials)
cls.logs_clients = cls.os.log_api_clients
cls.logs_search_client = cls.os.log_search_client
def resource_setup(cls):
super(BaseFreezerApiTest, cls).resource_setup()
auth_version = CONF.identity.auth_version
cls.cred_provider = credentials_factory.get_credentials_provider(
cls.__name__,
force_tenant_isolation=True,
identity_version=auth_version)
credentials = cls.cred_provider.get_creds_by_roles(
['admin', 'service'])
cls.os = clients.Manager(credentials=credentials)
cls.freezer_api_client = cls.os.freezer_api_client
def resource_setup(cls):
super(BaseMonascaTest, cls).resource_setup()
auth_version = CONF.identity.auth_version
cls.cred_provider = credentials_factory.get_credentials_provider(
cls.__name__,
force_tenant_isolation=True,
identity_version=auth_version)
credentials = cls.cred_provider.get_creds_by_roles(
['monasca-user', 'anotherrole']).credentials
cls.os = clients.Manager(credentials=credentials)
cls.monasca_client = cls.os.monasca_client
def test_get_credentials_provider_dynamic(
self, mock_dynamic_provider_params,
mock_dynamic_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', True, group='auth')
expected_params = {'foo': 'bar'}
mock_dynamic_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_network_resources = {'network': 'resources'}
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
network_resources=expected_network_resources,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_dynamic_provider_params.assert_called_once_with(
expected_identity_version)
mock_dynamic_credentials_provider_class.assert_called_once_with(
name=expected_name,
network_resources=expected_network_resources,
**expected_params)
def resource_setup(cls):
super(BaseLogsTestCase, cls).resource_setup()
auth_version = CONF.identity.auth_version
cred_provider = cred_factory.get_credentials_provider(
cls.__name__,
identity_version=auth_version)
credentials = cred_provider.get_creds_by_roles(
['monasca-user']).credentials
cls.os = clients.Manager(credentials=credentials)
cls.logs_clients = cls.os.log_api_clients
cls.logs_search_client = cls.os.log_search_client
def main(opts=None):
print('Running config verification...')
if opts is None:
print("Use of: 'verify-tempest-config' is deprecated, "
"please use: 'tempest verify-config'")
opts = parse_args()
update = opts.update
replace = opts.replace_ext
global CONF_PARSER
outfile = sys.stdout
if update:
conf_file = _get_config_file()
CONF_PARSER = moves.configparser.SafeConfigParser()
CONF_PARSER.optionxform = str
CONF_PARSER.readfp(conf_file)
# Indicate not to create network resources as part of getting credentials
net_resources = {
'network': False,
'router': False,
'subnet': False,
'dhcp': False
}
icreds = credentials.get_credentials_provider(
'verify_tempest_config', network_resources=net_resources)
try:
os = clients.Manager(icreds.get_primary_creds())
services = check_service_availability(os, update)
results = {}
for service in ['nova', 'cinder', 'neutron', 'swift']:
if service not in services:
continue
results = verify_extensions(os, service, results)
# Verify API versions of all services in the keystone catalog and
# keystone itself.
services.append('keystone')
for service in services:
verify_api_versions(os, service, update)
display_results(results, update, replace)
if update:
conf_file.close()
if opts.output:
with open(opts.output, 'w+') as outfile:
CONF_PARSER.write(outfile)
finally:
icreds.clear_creds()
def main(opts=None):
print('Running config verification...')
if opts is None:
print("Use of: 'verify-tempest-config' is deprecated, "
"please use: 'tempest verify-config'")
opts = parse_args()
update = opts.update
replace = opts.replace_ext
global CONF_PARSER
outfile = sys.stdout
if update:
conf_file = _get_config_file()
CONF_PARSER = moves.configparser.SafeConfigParser()
CONF_PARSER.optionxform = str
CONF_PARSER.readfp(conf_file)
# Indicate not to create network resources as part of getting credentials
net_resources = {
'network': False,
'router': False,
'subnet': False,
'dhcp': False
}
icreds = credentials.get_credentials_provider(
'verify_tempest_config', network_resources=net_resources)
try:
os = clients.Manager(icreds.get_primary_creds().credentials)
services = check_service_availability(os, update)
results = {}
for service in ['nova', 'cinder', 'neutron', 'swift']:
if service not in services:
continue
results = verify_extensions(os, service, results)
# Verify API versions of all services in the keystone catalog and
# keystone itself.
services.append('keystone')
for service in services:
verify_api_versions(os, service, update)
display_results(results, update, replace)
if update:
conf_file.close()
if opts.output:
with open(opts.output, 'w+') as outfile:
CONF_PARSER.write(outfile)
finally:
icreds.clear_creds()
def get_credentials_with_keypair(cls, name=None,
type_of_creds="default",
class_cleanup=False):
if name is None:
# Get name of test method
name = inspect.stack()[1][3]
if len(name) > 32:
name = name[0:32]
# Choose type of isolated creds
ic = common_creds.get_credentials_provider(
name,
identity_version=config.Config.auth_version
)
if class_cleanup:
cls.ic_class_list.append(ic)
else:
cls.ic_method_list.append(ic)
creds = None
if "admin" == type_of_creds:
creds = ic.get_admin_creds()
elif "alt" == type_of_creds:
creds = ic.get_alt_creds()
elif "default" == type_of_creds:
creds = ic.get_primary_creds()
else:
creds = ic.self.get_credentials(type_of_creds)
keypair = None
if config.Config.keypair_name:
_, keypairs_client = cls.get_clients(creds, type_of_creds,
'keypair_setup')
try:
keypairs_client.delete_keypair(config.Config.keypair_name)
except Exception:
cls.LOG.debug("Creating keypair %s",
config.Config.keypair_name)
keypair_body = keypairs_client.create_keypair(
name=config.Config.keypair_name
)
cls.LOG.debug("Keypair body: %s", keypair_body)
keypair = keypair_body['keypair']['private_key']
return (creds, keypair)
def __init__(self):
network_resources = {
'network': False,
'router': False,
'subnet': False,
'dhcp': False,
}
self.cred_provider = credentials.get_credentials_provider(
name='InputScenarioUtils',
identity_version=CONF.identity.auth_version,
network_resources=network_resources)
os = clients.Manager(self.cred_provider.get_primary_creds())
self.compute_images_client = os.compute_images_client
self.flavors_client = os.flavors_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def __init__(self):
network_resources = {
'network': False,
'router': False,
'subnet': False,
'dhcp': False,
}
self.cred_provider = credentials.get_credentials_provider(
name='InputScenarioUtils',
identity_version=CONF.identity.auth_version,
network_resources=network_resources)
os = clients.Manager(self.cred_provider.get_primary_creds())
self.images_client = os.images_client
self.flavors_client = os.flavors_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def _get_credentials_provider(cls):
"""Returns a credentials provider
If no credential provider exists yet creates one.
It uses self.identity_version if defined, or the configuration value
"""
if (not hasattr(cls, '_creds_provider') or not cls._creds_provider or
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls.network_resources,
force_tenant_isolation=force_tenant_isolation,
identity_version=cls.get_identity_version())
return cls._creds_provider
def _get_credentials_provider(cls):
"""Returns a credentials provider
If no credential provider exists yet creates one.
It uses self.identity_version if defined, or the configuration value
"""
if (not hasattr(cls, '_creds_provider') or not cls._creds_provider or
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls.network_resources,
force_tenant_isolation=force_tenant_isolation,
identity_version=cls.get_identity_version())
return cls._creds_provider
def get_credentials_provider(name, network_resources=None,
force_tenant_isolation=False,
identity_version=None):
# A new get_credentials_provider() function. It gets the tempest
# credentials provider, and if an accounts yaml is specified, gets
# the new creds provider that is used to exactly match roles on users
provider = credentials_factory.get_credentials_provider(
name, network_resources=network_resources,
force_tenant_isolation=force_tenant_isolation,
identity_version=identity_version)
if CONF.auth.test_accounts_file:
return ppc.ExactRoleMatchingPreProvisionedCredentialProvider(
name=name, identity_version=identity_version,
**credentials_factory._get_preprov_provider_params())
else:
return provider
def _get_credentials_provider(cls):
"""Returns a credentials provider
If no credential provider exists yet creates one.
It always use the configuration value from identity.auth_version,
since we always want to provision accounts with the current version
of the identity API.
"""
if (not hasattr(cls, '_creds_provider') or not cls._creds_provider or
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls._network_resources,
force_tenant_isolation=force_tenant_isolation)
return cls._creds_provider
def get_client_with_isolated_creds(cls, name=None, type_of_creds="admin"):
cls.credentials = common_creds.get_credentials_provider(
name=cls.__name__,
force_tenant_isolation=CONF.auth.use_dynamic_credentials,
identity_version=CONF.identity.auth_version)
if "admin" in type_of_creds:
creds = cls.credentials.get_admin_creds()
elif "alt" in type_of_creds:
creds = cls.credentials.get_alt_creds()
else:
creds = cls.credentials.get_credentials(type_of_creds)
cls.credentials.type_of_creds = type_of_creds
os = clients.Manager(credentials=creds)
client = os.service_broker_client
return client
def _get_credentials_provider(cls):
"""Returns a credentials provider
If no credential provider exists yet creates one.
It always use the configuration value from identity.auth_version,
since we always want to provision accounts with the current version
of the identity API.
"""
if (not hasattr(cls, '_creds_provider') or not cls._creds_provider or
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls.network_resources,
force_tenant_isolation=force_tenant_isolation)
return cls._creds_provider
def get_credentials_with_keypair(cls, name=None,
type_of_creds="default",
class_cleanup=False):
if name is None:
# Get name of test method
name = inspect.stack()[1][3]
if len(name) > 32:
name = name[0:32]
# Choose type of isolated creds
ic = common_creds.get_credentials_provider(
name,
identity_version=config.Config.auth_version
)
if class_cleanup:
cls.ic_class_list.append(ic)
else:
cls.ic_method_list.append(ic)
creds = None
if "admin" == type_of_creds:
creds = ic.get_admin_creds()
elif "alt" == type_of_creds:
creds = ic.get_alt_creds()
elif "default" == type_of_creds:
creds = ic.get_primary_creds()
else:
creds = ic.self.get_credentials(type_of_creds)
_, keypairs_client = cls.get_clients(
creds, type_of_creds, 'keypair_setup')
keypair = None
try:
keypairs_client.show_keypair(config.Config.keypair_id)
except Exception:
keypair_body = keypairs_client.create_keypair(
name=config.Config.keypair_id)
cls.LOG.debug("Keypair body: %s" % keypair_body)
keypair = keypair_body['keypair']['private_key']
return (creds, keypair)
def get_configured_isolated_creds(cls, type_of_creds='admin'):
identity_version = CONF.identity.auth_version
if identity_version == 'v3':
cls.admin_role = CONF.identity.admin_role
else:
cls.admin_role = 'admin'
cls.credentials = common_creds.get_credentials_provider(
name=cls.__name__,
force_tenant_isolation=CONF.auth.use_dynamic_credentials,
identity_version=CONF.identity.auth_version)
if type_of_creds == 'primary':
creds = cls.credentials.get_primary_creds()
elif type_of_creds == 'admin':
creds = cls.credentials.get_admin_creds()
elif type_of_creds == 'alt':
creds = cls.credentials.get_alt_creds()
else:
creds = cls.credentials.get_credentials(type_of_creds)
cls.credentials.type_of_creds = type_of_creds
return creds.credentials
def main(opts=None):
print("Running config verification...")
if opts is None:
print("Use of: 'verify-tempest-config' is deprecated, " "please use: 'tempest verify-config'")
opts = parse_args()
update = opts.update
replace = opts.replace_ext
global CONF_PARSER
outfile = sys.stdout
if update:
conf_file = _get_config_file()
if opts.output:
outfile = open(opts.output, "w+")
CONF_PARSER = moves.configparser.SafeConfigParser()
CONF_PARSER.optionxform = str
CONF_PARSER.readfp(conf_file)
icreds = credentials.get_credentials_provider("verify_tempest_config")
try:
os = clients.Manager(icreds.get_primary_creds())
services = check_service_availability(os, update)
results = {}
for service in ["nova", "cinder", "neutron", "swift"]:
if service not in services:
continue
results = verify_extensions(os, service, results)
# Verify API versions of all services in the keystone catalog and
# keystone itself.
services.append("keystone")
for service in services:
verify_api_versions(os, service, update)
display_results(results, update, replace)
if update:
conf_file.close()
CONF_PARSER.write(outfile)
outfile.close()
finally:
icreds.clear_creds()
def main():
print('Running config verification...')
opts = parse_args()
update = opts.update
replace = opts.replace_ext
global CONF_PARSER
outfile = sys.stdout
if update:
conf_file = _get_config_file()
if opts.output:
outfile = open(opts.output, 'w+')
CONF_PARSER = moves.configparser.SafeConfigParser()
CONF_PARSER.optionxform = str
CONF_PARSER.readfp(conf_file)
icreds = credentials.get_credentials_provider('verify_tempest_config')
try:
os = clients.Manager(icreds.get_primary_creds())
services = check_service_availability(os, update)
results = {}
for service in ['nova', 'cinder', 'neutron', 'swift']:
if service not in services:
continue
results = verify_extensions(os, service, results)
# Verify API versions of all services in the keystone catalog and
# keystone itself.
services.append('keystone')
for service in services:
verify_api_versions(os, service, update)
display_results(results, update, replace)
if update:
conf_file.close()
CONF_PARSER.write(outfile)
outfile.close()
finally:
icreds.clear_creds()
def main():
print('Running config verification...')
opts = parse_args()
update = opts.update
replace = opts.replace_ext
global CONF_PARSER
outfile = sys.stdout
if update:
conf_file = _get_config_file()
if opts.output:
outfile = open(opts.output, 'w+')
CONF_PARSER = moves.configparser.SafeConfigParser()
CONF_PARSER.optionxform = str
CONF_PARSER.readfp(conf_file)
icreds = credentials.get_credentials_provider('verify_tempest_config')
try:
os = clients.Manager(icreds.get_primary_creds())
services = check_service_availability(os, update)
results = {}
for service in ['nova', 'cinder', 'neutron', 'swift']:
if service not in services:
continue
results = verify_extensions(os, service, results)
# Verify API versions of all services in the keystone catalog and
# keystone itself.
services.append('keystone')
for service in services:
verify_api_versions(os, service, update)
display_results(results, update, replace)
if update:
conf_file.close()
CONF_PARSER.write(outfile)
outfile.close()
finally:
icreds.clear_creds()
def __init__(self):
self.isolated_creds = credentials.get_credentials_provider(
self.__class__.__name__, network_resources={})
primary_credentials = self.primary_credentials()
self._manager = clients.Manager(credentials=primary_credentials)
# Underlying clients.
self.flavors_client = self._manager.flavors_client
self.floating_ips_client = self._manager.compute_floating_ips_client
# Glance image client v1
self.image_client = self._manager.image_client
# Compute image client
self.compute_images_client = self._manager.compute_images_client
self.keypairs_client = self._manager.keypairs_client
self.availability_zone_client = self._manager.availability_zone_client
# Nova security groups client
self.security_groups_client = (
self._manager.compute_security_groups_client)
self.security_group_rules_client = (
self._manager.compute_security_group_rules_client)
self.servers_client = self._manager.servers_client
self.volumes_client = self._manager.volumes_client
self.snapshots_client = self._manager.snapshots_client
self.interface_client = self._manager.interfaces_client
# Neutron network client
self.ports_client = self._manager.ports_client
self.networks_client = self._manager.networks_client
self.compute_networks_client = self._manager.compute_networks_client
self.subnets_client = self._manager.subnets_client
# Heat client
self.orchestration_client = self._manager.orchestration_client
def __init__(self):
self.isolated_creds = credentials.get_credentials_provider(
self.__class__.__name__, network_resources={})
primary_credentials = self.primary_credentials()
self._manager = clients.Manager(credentials=primary_credentials)
# Underlying clients.
self.flavors_client = self._manager.flavors_client
self.floating_ips_client = self._manager.compute_floating_ips_client
# Glance image client v1
self.image_client = self._manager.image_client
# Compute image client
self.compute_images_client = self._manager.compute_images_client
self.keypairs_client = self._manager.keypairs_client
self.availability_zone_client = self._manager.availability_zone_client
# Nova security groups client
self.security_groups_client = (
self._manager.compute_security_groups_client)
self.security_group_rules_client = (
self._manager.compute_security_group_rules_client)
self.servers_client = self._manager.servers_client
self.volumes_client = self._manager.volumes_client
self.snapshots_client = self._manager.snapshots_client
self.interface_client = self._manager.interfaces_client
# Neutron network client
self.ports_client = self._manager.ports_client
self.networks_client = self._manager.networks_client
self.compute_networks_client = self._manager.compute_networks_client
self.subnets_client = self._manager.subnets_client
# Heat client
self.orchestration_client = self._manager.orchestration_client