def _get_object_storage_client(self, credentials):
if not CONF.service_available.swift:
return None
import swiftclient
auth_url = CONF.identity.uri
# add current tenant to swift operator role group.
admin_credentials = auth.get_default_credentials('identity_admin')
keystone_admin = self._get_identity_client(admin_credentials)
# enable test user to operate swift by adding operator role to him.
roles = keystone_admin.roles.list()
operator_role = CONF.object_storage.operator_role
member_role = [role for role in roles if role.name == operator_role][0]
# NOTE(maurosr): This is surrounded in the try-except block cause
# neutron tests doesn't have tenant isolation.
try:
keystone_admin.roles.add_user_role(self.identity_client.user_id,
member_role.id,
self.identity_client.tenant_id)
except keystoneclient.exceptions.Conflict:
pass
endpoint_type = CONF.object_storage.endpoint_type
os_options = {'endpoint_type': endpoint_type}
return swiftclient.Connection(auth_url, credentials.username,
credentials.password,
tenant_name=credentials.tenant_name,
auth_version='2',
os_options=os_options)
def __init__(self):
os = clients.Manager(
auth.get_default_credentials('user', fill_in=False))
self.images_client = os.images_client
self.flavors_client = os.flavors_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def __init__(self):
os = clients.Manager(
auth.get_default_credentials('user', fill_in=False))
self.images_client = os.images_client
self.flavors_client = os.flavors_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def _verify_credentials(self,
credentials_class,
filled=True,
creds_dict=None):
def _check(credentials):
# Check the right version of credentials has been returned
self.assertIsInstance(credentials, credentials_class)
# Check the id attributes are filled in
attributes = [
x for x in credentials.ATTRIBUTES
if ('_id' in x and x != 'domain_id')
]
for attr in attributes:
if filled:
self.assertIsNotNone(getattr(credentials, attr))
else:
self.assertIsNone(getattr(credentials, attr))
if creds_dict is None:
for ctype in auth.Credentials.TYPES:
creds = auth.get_default_credentials(credential_type=ctype,
fill_in=filled)
_check(creds)
else:
creds = auth.get_credentials(fill_in=filled, **creds_dict)
_check(creds)
def _get_object_storage_client(self, credentials):
if not CONF.service_available.swift:
return None
import swiftclient
auth_url = CONF.identity.uri
# add current tenant to swift operator role group.
admin_credentials = auth.get_default_credentials('identity_admin')
keystone_admin = self._get_identity_client(admin_credentials)
# enable test user to operate swift by adding operator role to him.
roles = keystone_admin.roles.list()
operator_role = CONF.object_storage.operator_role
member_role = [role for role in roles if role.name == operator_role][0]
# NOTE(maurosr): This is surrounded in the try-except block cause
# neutron tests doesn't have tenant isolation.
try:
keystone_admin.roles.add_user_role(self.identity_client.user_id,
member_role.id,
self.identity_client.tenant_id)
except keystoneclient.exceptions.Conflict:
pass
endpoint_type = CONF.object_storage.endpoint_type
os_options = {'endpoint_type': endpoint_type}
return swiftclient.Connection(auth_url,
credentials.username,
credentials.password,
tenant_name=credentials.tenant_name,
auth_version='2',
os_options=os_options)
def __init__(self):
# Load configuration items
self.ssh_users = json.loads(CONF.input_scenario.ssh_user_regex)
self.non_ssh_image_pattern = \
CONF.input_scenario.non_ssh_image_regex
# Setup clients
ocm = clients.OfficialClientManager(
auth.get_default_credentials('user'))
self.client = ocm.compute_client
def __init__(self):
# Load configuration items
self.ssh_users = json.loads(CONF.input_scenario.ssh_user_regex)
self.non_ssh_image_pattern = \
CONF.input_scenario.non_ssh_image_regex
# Setup clients
ocm = clients.OfficialClientManager(
auth.get_default_credentials('user'))
self.client = ocm.compute_client
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
if not self.use_default_creds:
creds = self.get_creds(1)
alt_credential = auth.get_credentials(**creds)
else:
alt_credential = auth.get_default_credentials('alt_user')
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
if not self.use_default_creds:
creds = self.get_creds(0)
primary_credential = auth.get_credentials(**creds)
else:
primary_credential = auth.get_default_credentials('user')
self.isolated_creds['primary'] = primary_credential
return primary_credential
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
if not self.use_default_creds:
creds = self.get_creds(1)
alt_credential = auth.get_credentials(**creds)
else:
alt_credential = auth.get_default_credentials('alt_user')
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
if not self.use_default_creds:
creds = self.get_creds(0)
primary_credential = auth.get_credentials(**creds)
else:
primary_credential = auth.get_default_credentials('user')
self.isolated_creds['primary'] = primary_credential
return primary_credential
def _get_admin_clients(self):
"""
Returns a tuple with instances of the following admin clients (in this
order):
identity
network
"""
if self.tempest_client:
os = clients.AdminManager(interface=self.interface)
else:
os = clients.OfficialClientManager(
auth.get_default_credentials('identity_admin'))
return os.identity_client, os.network_client
def _get_roles(self):
admin_credentials = auth.get_default_credentials('identity_admin')
keystone_admin = self._get_identity_client(admin_credentials)
username = self.credentials.username
tenant_name = self.credentials.tenant_name
user_id = keystone_admin.users.find(name=username).id
tenant_id = keystone_admin.tenants.find(name=tenant_name).id
roles = keystone_admin.roles.roles_for_user(
user=user_id, tenant=tenant_id)
return [r.name for r in roles]
def _get_roles(self):
admin_credentials = auth.get_default_credentials('identity_admin')
keystone_admin = self._get_identity_client(admin_credentials)
username = self.credentials.username
tenant_name = self.credentials.tenant_name
user_id = keystone_admin.users.find(name=username).id
tenant_id = keystone_admin.tenants.find(name=tenant_name).id
roles = keystone_admin.roles.roles_for_user(user=user_id,
tenant=tenant_id)
return [r.name for r in roles]
def _get_admin_clients(self):
"""
Returns a tuple with instances of the following admin clients (in this
order):
identity
network
"""
if self.tempest_client:
os = clients.AdminManager(interface=self.interface)
else:
os = clients.OfficialClientManager(
auth.get_default_credentials('identity_admin')
)
return os.identity_client, os.network_client
def __init__(self, credentials=None):
"""
We allow overriding of the credentials used within the various
client classes managed by the Manager object. Left as None, the
standard username/password/tenant_name[/domain_name] is used.
:param credentials: Override of the credentials
"""
self.auth_version = CONF.identity.auth_version
if credentials is None:
self.credentials = auth.get_default_credentials('user')
else:
self.credentials = credentials
# Check if passed or default credentials are valid
if not self.credentials.is_valid():
raise exceptions.InvalidCredentials()
# Creates an auth provider for the credentials
self.auth_provider = self.get_auth_provider(self.credentials)
# FIXME(andreaf) unused
self.client_attr_names = []
def __init__(self, credentials=None):
"""
We allow overriding of the credentials used within the various
client classes managed by the Manager object. Left as None, the
standard username/password/tenant_name[/domain_name] is used.
:param credentials: Override of the credentials
"""
self.auth_version = CONF.identity.auth_version
if credentials is None:
self.credentials = auth.get_default_credentials('user')
else:
self.credentials = credentials
# Check if passed or default credentials are valid
if not self.credentials.is_valid():
raise exceptions.InvalidCredentials()
# Creates an auth provider for the credentials
self.auth_provider = self.get_auth_provider(self.credentials)
# FIXME(andreaf) unused
self.client_attr_names = []
def _verify_credentials(self, credentials_class, filled=True,
creds_dict=None):
def _check(credentials):
# Check the right version of credentials has been returned
self.assertIsInstance(credentials, credentials_class)
# Check the id attributes are filled in
attributes = [x for x in credentials.ATTRIBUTES if (
'_id' in x and x != 'domain_id')]
for attr in attributes:
if filled:
self.assertIsNotNone(getattr(credentials, attr))
else:
self.assertIsNone(getattr(credentials, attr))
if creds_dict is None:
for ctype in auth.Credentials.TYPES:
creds = auth.get_default_credentials(credential_type=ctype,
fill_in=filled)
_check(creds)
else:
creds = auth.get_credentials(fill_in=filled, **creds_dict)
_check(creds)
def _get_network_client(self):
# The intended configuration is for the network client to have
# admin privileges and indicate for whom resources are being
# created via a 'tenant_id' parameter. This will often be
# preferable to authenticating as a specific user because
# working with certain resources (public routers and networks)
# often requires admin privileges anyway.
if not CONF.service_available.neutron:
return None
import neutronclient.v2_0.client
credentials = auth.get_default_credentials('identity_admin')
auth_url = CONF.identity.uri
dscv = CONF.identity.disable_ssl_certificate_validation
endpoint_type = CONF.network.endpoint_type
return neutronclient.v2_0.client.Client(
username=credentials.username,
password=credentials.password,
tenant_name=credentials.tenant_name,
endpoint_type=endpoint_type,
auth_url=auth_url,
insecure=dscv)
def _get_network_client(self):
# The intended configuration is for the network client to have
# admin privileges and indicate for whom resources are being
# created via a 'tenant_id' parameter. This will often be
# preferable to authenticating as a specific user because
# working with certain resources (public routers and networks)
# often requires admin privileges anyway.
if not CONF.service_available.neutron:
return None
import neutronclient.v2_0.client
credentials = auth.get_default_credentials('identity_admin')
auth_url = CONF.identity.uri
dscv = CONF.identity.disable_ssl_certificate_validation
endpoint_type = CONF.network.endpoint_type
return neutronclient.v2_0.client.Client(
username=credentials.username,
password=credentials.password,
tenant_name=credentials.tenant_name,
endpoint_type=endpoint_type,
auth_url=auth_url,
insecure=dscv)
def _prepare_ebs_image(cls):
if cls.config.cloudscaling.ebs_image_id:
return cls.config.cloudscaling.ebs_image_id
if not cls.config.cloudscaling.image_id_ami:
raise cls.skipException("".join(
("EC2 ", cls.__name__, ": requires image_id_ami setting")))
if not cls.config.service_available.cinder:
skip_msg = ("%s skipped as Cinder is not available" % cls.__name__)
raise cls.skipException(skip_msg)
if not cls.config.service_available.nova:
skip_msg = ("%s skipped as nova is not available" % cls.__name__)
raise cls.skipException(skip_msg)
admin_creds = auth.get_default_credentials('compute_admin')
os = base_clients.Manager(admin_creds, interface='json')
cls.os = os
cls.volumes_client = os.volumes_client
cls.servers_client = os.servers_client
cls.images_client = os.images_client
cls.snapshots_client = os.snapshots_client
# NOTE(apavlov): create volume
resp, volume = cls.volumes_client.create_volume(
VOLUME_SIZE, display_name="aws_volume")
assert 200 == resp.status
cls.addResourceCleanUp(cls._delete_volume, volume['id'])
cls.volumes_client.wait_for_volume_status(volume['id'], 'available')
# NOTE(apavlov): boot instance
bdm = [{
"volume_id": volume['id'],
"delete_on_termination": "1",
"device_name": "/dev/vda"
}]
resp, server = cls.servers_client.create_server(
"aws_instance",
cls.config.cloudscaling.image_id_ami,
cls.config.compute.flavor_ref,
block_device_mapping=bdm)
assert 202 == resp.status
rc_server = cls.addResourceCleanUp(cls.servers_client.delete_server,
server['id'])
cls.servers_client.wait_for_server_status(server['id'], 'ACTIVE')
# NOTE(apavlov): create image from instance
image_name = data_utils.rand_name("aws_ebs_image-")
resp, _ = cls.images_client.create_image(server['id'], image_name)
assert 202 == resp.status
cls.image_id = resp["location"].split('/')[-1]
cls.addResourceCleanUp(cls.images_client.delete_image, cls.image_id)
# NOTE(apavlov): delete instance
cls.cancelResourceCleanUp(rc_server)
cls.servers_client.delete_server(server['id'])
cls.servers_client.wait_for_server_termination(server['id'])
images = cls.ec2_client.get_all_images()
for image in images:
if image_name in image.location:
return image.id
raise base.TestCasePreparationError("Can't find ebs image.")
def _prepare_ebs_image(cls):
if cls.config.cloudscaling.ebs_image_id:
return cls.config.cloudscaling.ebs_image_id
if not cls.config.cloudscaling.image_id_ami:
raise cls.skipException("".join(("EC2 ", cls.__name__,
": requires image_id_ami setting")))
if not cls.config.service_available.cinder:
skip_msg = ("%s skipped as Cinder is not available" % cls.__name__)
raise cls.skipException(skip_msg)
if not cls.config.service_available.nova:
skip_msg = ("%s skipped as nova is not available" % cls.__name__)
raise cls.skipException(skip_msg)
admin_creds = auth.get_default_credentials('compute_admin')
os = base_clients.Manager(admin_creds, interface='json')
cls.os = os
cls.volumes_client = os.volumes_client
cls.servers_client = os.servers_client
cls.images_client = os.images_client
cls.snapshots_client = os.snapshots_client
# NOTE(apavlov): create volume
resp, volume = cls.volumes_client.create_volume(VOLUME_SIZE,
display_name="aws_volume")
assert 200 == resp.status
cls.addResourceCleanUp(cls._delete_volume, volume['id'])
cls.volumes_client.wait_for_volume_status(volume['id'], 'available')
# NOTE(apavlov): boot instance
bdm = [{
"volume_id": volume['id'],
"delete_on_termination": "1",
"device_name": "/dev/vda"}]
resp, server = cls.servers_client.create_server(
"aws_instance",
cls.config.cloudscaling.image_id_ami,
cls.config.compute.flavor_ref,
block_device_mapping=bdm)
assert 202 == resp.status
rc_server = cls.addResourceCleanUp(cls.servers_client.delete_server,
server['id'])
cls.servers_client.wait_for_server_status(server['id'], 'ACTIVE')
# NOTE(apavlov): create image from instance
image_name = data_utils.rand_name("aws_ebs_image-")
resp, _ = cls.images_client.create_image(server['id'],
image_name)
assert 202 == resp.status
cls.image_id = resp["location"].split('/')[-1]
cls.addResourceCleanUp(cls.images_client.delete_image,
cls.image_id)
# NOTE(apavlov): delete instance
cls.cancelResourceCleanUp(rc_server)
cls.servers_client.delete_server(server['id'])
cls.servers_client.wait_for_server_termination(server['id'])
images = cls.ec2_client.get_all_images()
for image in images:
if image_name in image.location:
return image.id
raise base.TestCasePreparationError("Can't find ebs image.")
def __init__(self, interface='json', service=None):
base = super(ComputeAdminManager, self)
base.__init__(
credentials=auth.get_default_credentials('compute_admin'),
interface=interface,
service=service)
def __init__(self, interface='json', service=None):
super(AltManager, self).__init__(
credentials=auth.get_default_credentials('alt_user'),
interface=interface,
service=service)
def __init__(self, interface='json', service=None):
super(AdminManager, self).__init__(
credentials=auth.get_default_credentials('identity_admin'),
interface=interface,
service=service)
def _get_credentials(cls, get_creds, ctype):
if CONF.compute.allow_tenant_isolation:
creds = get_creds()
else:
creds = auth.get_default_credentials(ctype)
return creds
def __init__(self, interface='json', service=None):
super(AltManager, self).__init__(
credentials=auth.get_default_credentials('alt_user'),
interface=interface,
service=service)
def get_admin_creds(self):
return auth.get_default_credentials("identity_admin", fill_in=False)
def get_admin_creds(self):
return auth.get_default_credentials("identity_admin", fill_in=False)
def credentials(cls):
admin_creds = auth.get_default_credentials('identity_admin')
creds = auth.get_default_credentials('user')
admin_creds.tenant_name = creds.tenant_name
return admin_creds
def __init__(self, interface='json', service=None):
super(AdminManager, self).__init__(
credentials=auth.get_default_credentials('identity_admin'),
interface=interface,
service=service)
def credentials(cls):
admin_creds = auth.get_default_credentials('identity_admin')
creds = auth.get_default_credentials('user')
admin_creds.tenant_name = creds.tenant_name
return admin_creds
def __init__(self):
ocm = clients.OfficialClientManager(
auth.get_default_credentials('user', fill_in=False))
self.client = ocm.compute_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex
def _get_credentials(cls, get_creds, ctype):
if CONF.compute.allow_tenant_isolation:
creds = get_creds()
else:
creds = auth.get_default_credentials(ctype)
return creds
def __init__(self, interface='json', service=None):
base = super(ComputeAdminManager, self)
base.__init__(
credentials=auth.get_default_credentials('compute_admin'),
interface=interface,
service=service)
def __init__(self):
ocm = clients.OfficialClientManager(
auth.get_default_credentials('user', fill_in=False))
self.client = ocm.compute_client
self.image_pattern = CONF.input_scenario.image_regex
self.flavor_pattern = CONF.input_scenario.flavor_regex