class _ComputeAuthComposite(MemoizedAuthServiceComposite):
_compute_endpoint_config = ComputeEndpointConfig
_auth_endpoint_config = UserAuthConfig()
_auth_user_config = UserConfig()
def __init__(self):
self.compute_endpoint_config = self._compute_endpoint_config()
self.marshalling_config = MarshallingConfig()
super(_ComputeAuthComposite, self).__init__(
service_name=self.compute_endpoint_config.compute_endpoint_name,
region=self.compute_endpoint_config.region,
endpoint_config=self._auth_endpoint_config,
user_config=self._auth_user_config)
self.servers_url = self.public_url
if self.compute_endpoint_config.compute_endpoint_url:
self.servers_url = '{0}/{1}'.format(
self.compute_endpoint_config.compute_endpoint_url,
self.tenant_id)
self.client_args = {
'url': self.servers_url,
'auth_token': self.token_id,
'serialize_format': self.marshalling_config.serializer,
'deserialize_format': self.marshalling_config.deserializer
}
def get_auth_data():
"""
Authenticate and return a dictionary containing the storage url and
auth token.
"""
result = {
'storage_url': None,
'auth_token': None}
endpoint_config = UserAuthConfig()
user_config = UserConfig()
objectstorage_config = ObjectStorageConfig()
auth_provider = AuthProvider()
access_data = auth_provider.get_access_data(
endpoint_config, user_config)
if endpoint_config.strategy.lower() == 'saio_tempauth':
result['storage_url'] = access_data.storage_url
result['auth_token'] = access_data.auth_token
else:
service = access_data.get_service(
objectstorage_config.identity_service_name)
endpoint = service.get_endpoint(objectstorage_config.region)
result['storage_url'] = endpoint.public_url
result['auth_token'] = access_data.token.id_
return result
def setUpClass(cls):
super(ObjectStorageFixture, cls).setUpClass()
endpoint_config = UserAuthConfig()
user_config = UserConfig()
objectstorage_config = ObjectStorageConfig()
objectstorage_api_config = ObjectStorageAPIConfig()
auth_provider = AuthProvider()
access_data = auth_provider.get_access_data(endpoint_config,
user_config)
service = access_data.get_service(
objectstorage_config.identity_service_name)
endpoint = service.get_endpoint(objectstorage_config.region)
storage_url = endpoint.public_url
auth_token = access_data.token.id_
cls.base_container_name = objectstorage_api_config.base_container_name
cls.base_object_name = objectstorage_api_config.base_object_name
cls.client = ObjectStorageAPIClient(storage_url, auth_token)
cls.behaviors = ObjectStorageAPI_Behaviors(client=cls.client)
def get_access_data(self, endpoint_config=None, user_config=None):
endpoint_config = endpoint_config or UserAuthConfig()
user_config = user_config or UserConfig()
if endpoint_config.strategy.lower() == 'keystone':
token_client = OSTokenAPI_Client(
endpoint_config.auth_endpoint, 'json', 'json')
token_behaviors = OSTokenAPI_Behaviors(token_client)
return token_behaviors.get_access_data(user_config.username,
user_config.password,
user_config.tenant_name)
elif endpoint_config.strategy.lower() == 'rax_auth':
token_client = RaxTokenAPI_Client(
endpoint_config.auth_endpoint, 'json', 'json')
token_behaviors = RaxTokenAPI_Behaviors(token_client)
return token_behaviors.get_access_data(user_config.username,
user_config.api_key,
user_config.tenant_id)
elif endpoint_config.strategy.lower() == 'saio_tempauth':
auth_client = SaioAuthAPI_Client(endpoint_config.auth_endpoint)
auth_behaviors = SaioAuthAPI_Behaviors(auth_client)
return auth_behaviors.get_access_data(
user_config.username, user_config.password)
else:
raise NotImplementedError
def setUpClass(cls):
super(QuotasAdminTest, cls).setUpClass()
cls.tenant_id = UserConfig().tenant_id
cls.default_quota_set = DefaultQuotaSetConfig()
cls.server_response = cls.server_behaviors.create_active_server()
cls.server_to_resize = cls.server_response.entity
cls.resources.add(cls.server_to_resize.id,
cls.servers_client.delete_server)
def __init__(
self, service_name, region, endpoint_config=None,
user_config=None):
self.endpoint_config = endpoint_config or UserAuthConfig()
self.user_config = user_config or UserConfig()
self.service_name = service_name
self.region = region
def setUpClass(cls):
super(ComputeFixture, cls).setUpClass()
cls.flavors_config = FlavorsConfig()
cls.images_config = ImagesConfig()
cls.servers_config = ServersConfig()
cls.compute_endpoint = ComputeEndpointConfig()
cls.marshalling = MarshallingConfig()
cls.config_drive_config = ConfigDriveConfig()
cls.flavor_ref = cls.flavors_config.primary_flavor
cls.flavor_ref_alt = cls.flavors_config.secondary_flavor
cls.image_ref = cls.images_config.primary_image
cls.image_ref_alt = cls.images_config.secondary_image
cls.disk_path = cls.servers_config.instance_disk_path
cls.endpoint_config = UserAuthConfig()
cls.user_config = UserConfig()
access_data = AuthProvider.get_access_data(cls.endpoint_config,
cls.user_config)
# If authentication fails, halt
if access_data is None:
cls.assertClassSetupFailure('Authentication failed.')
compute_service = access_data.get_service(
cls.compute_endpoint.compute_endpoint_name)
url = compute_service.get_endpoint(
cls.compute_endpoint.region).public_url
# If a url override was provided, use that value instead
if cls.compute_endpoint.compute_endpoint_url:
url = '{0}/{1}'.format(cls.compute_endpoint.compute_endpoint_url,
cls.user_config.tenant_id)
client_args = {'url': url, 'auth_token': access_data.token.id_,
'serialize_format': cls.marshalling.serializer,
'deserialize_format': cls.marshalling.deserializer}
cls.flavors_client = FlavorsClient(**client_args)
cls.servers_client = ServersClient(**client_args)
cls.images_client = ImagesClient(**client_args)
cls.keypairs_client = KeypairsClient(**client_args)
cls.security_groups_client = SecurityGroupsClient(**client_args)
cls.security_group_rule_client = SecurityGroupRulesClient(
**client_args)
cls.rescue_client = RescueClient(**client_args)
cls.vnc_client = VncConsoleClient(**client_args)
cls.console_output_client = ConsoleOutputClient(**client_args)
cls.server_behaviors = ServerBehaviors(cls.servers_client,
cls.servers_config,
cls.images_config,
cls.flavors_config)
cls.image_behaviors = ImageBehaviors(cls.images_client,
cls.servers_client,
cls.images_config)
cls.config_drive_behaviors = ConfigDriveBehaviors(cls.servers_client,
cls.servers_config,
cls.server_behaviors)
cls.flavors_client.add_exception_handler(ExceptionHandler())
cls.resources = ResourcePool()
def __init__(self,
service_name,
region,
endpoint_config=None,
user_config=None):
self.endpoint_config = endpoint_config or UserAuthConfig()
self.user_config = user_config or UserConfig()
self.access_data = self.cache_access_data(endpoint_config, user_config)
self.token_id = self.access_data.token.id_
self.tenant_id = self.access_data.token.tenant.id_
self.service_name = service_name
self.region = region
def setUpClass(cls):
super(ImagesFixture, cls).setUpClass()
cls.images_config = ImagesConfig()
cls.marshalling = MarshallingConfig()
cls.endpoint_config = UserAuthConfig()
cls.user_config = UserConfig()
cls.alt_user_config = AltUserConfig()
cls.third_user_config = ThirdUserConfig()
cls.resources = ResourcePool()
cls.serialize_format = cls.marshalling.serializer
cls.deserialize_format = cls.marshalling.deserializer
cls.user_list = cls.generate_user_list(cls.images_config.account_list)
cls.access_data = cls.user_list['user'][cls.ACCESS_DATA]
cls.images_client = cls.user_list['user'][cls.CLIENT]
cls.images_behavior = cls.user_list['user'][cls.BEHAVIOR]
cls.tenant_id = cls.access_data.token.tenant.id_
cls.addClassCleanup(cls.images_behavior.resources.release)
if cls.user_list.get('alt_user'):
cls.alt_access_data = cls.user_list['alt_user'][cls.ACCESS_DATA]
cls.alt_images_client = cls.user_list['alt_user'][cls.CLIENT]
cls.alt_images_behavior = cls.user_list['alt_user'][cls.BEHAVIOR]
cls.alt_tenant_id = cls.alt_access_data.token.tenant.id_
cls.addClassCleanup(cls.alt_images_behavior.resources.release)
if cls.user_list.get('third_user'):
cls.third_access_data = (
cls.user_list['third_user'][cls.ACCESS_DATA])
cls.third_images_client = cls.user_list['third_user'][cls.CLIENT]
cls.third_images_behavior = (
cls.user_list['third_user'][cls.BEHAVIOR])
cls.third_tenant_id = cls.third_access_data.token.tenant.id_
cls.addClassCleanup(cls.third_images_behavior.resources.release)
cls.error_msg = Messages.ERROR_MSG
cls.id_regex = re.compile(ImageProperties.ID_REGEX)
cls.import_from = cls.images_config.import_from
cls.import_from_bootable = cls.images_config.import_from_bootable
cls.import_from_format = cls.images_config.import_from_format
cls.export_to = cls.images_config.export_to
cls.max_created_at_delta = cls.images_config.max_created_at_delta
cls.max_expires_at_delta = cls.images_config.max_expires_at_delta
cls.max_updated_at_delta = cls.images_config.max_updated_at_delta
cls.test_file = cls.read_data_file(cls.images_config.test_file)
cls.addClassCleanup(cls.resources.release)
cls.exception_handler = ExceptionHandler()
cls.images_client.add_exception_handler(cls.exception_handler)
def setUpClass(cls):
"""
Perform actions that setup the necessary resources for testing
The following resources are created during this setup:
- An instance is created using the tenant identified in
the test config
"""
super(QuotasAdminTest, cls).setUpClass()
cls.tenant_id = UserConfig().tenant_id
cls.default_quota_set = DefaultQuotaSetConfig()
cls.server_response = cls.server_behaviors.create_active_server()
cls.server_to_resize = cls.server_response.entity
cls.resources.add(cls.server_to_resize.id,
cls.servers_client.delete_server)
def setUpClass(cls):
super(ComputeFixture, cls).setUpClass()
cls.flavors_config = FlavorsConfig()
cls.images_config = ImagesConfig()
cls.servers_config = ServersConfig()
cls.compute_endpoint = ComputeEndpointConfig()
cls.flavor_ref = cls.flavors_config.primary_flavor
cls.flavor_ref_alt = cls.flavors_config.secondary_flavor
cls.image_ref = cls.images_config.primary_image
cls.image_ref_alt = cls.images_config.secondary_image
cls.disk_path = cls.servers_config.instance_disk_path
cls.endpoint_config = UserAuthConfig()
user_config = UserConfig()
access_data = AuthProvider.get_access_data(cls.endpoint_config,
user_config)
compute_service = access_data.get_service(
cls.compute_endpoint.compute_endpoint_name)
url = compute_service.get_endpoint(
cls.compute_endpoint.region).public_url
cls.flavors_client = FlavorsClient(url, access_data.token.id_, 'json',
'json')
cls.servers_client = ServersClient(url, access_data.token.id_, 'json',
'json')
cls.images_client = ImagesClient(url, access_data.token.id_, 'json',
'json')
cls.keypairs_client = KeypairsClient(url, access_data.token.id_,
'json', 'json')
cls.sec_groups_client = SecurityGroupsClient(url,
access_data.token.id_,
'json', 'json')
cls.rescue_client = RescueClient(url, access_data.token.id_, 'json',
'json')
cls.server_behaviors = ServerBehaviors(cls.servers_client,
cls.servers_config,
cls.images_config,
cls.flavors_config)
cls.image_behaviors = ImageBehaviors(cls.images_client,
cls.servers_client,
cls.images_config)
cls.flavors_client.add_exception_handler(ExceptionHandler())
cls.resources = ResourcePool()
def generate_user_list(cls, account_list):
"""
@summary: Generates list of users containing access_data, account
types, behaviors, clients, and configurations
"""
cls.ACCESS_DATA = "access_data"
cls.BEHAVIOR = "behavior"
cls.CLIENT = "client"
cls.CONFIG = "config"
user_list = dict()
for user in account_list:
user_list[user] = dict()
user_list[user][cls.CONFIG] = UserConfig(section_name=user)
user_list[user][cls.CONFIG].SECTION_NAME = user
access_data = AuthProvider.get_access_data(
cls.endpoint_config, user_config=user_list[user][cls.CONFIG])
# If authentication fails, fail immediately
if access_data is None:
cls.assertClassSetupFailure('Authentication failed.')
user_list[user][cls.ACCESS_DATA] = access_data
images_service = access_data.get_service(
cls.images_config.endpoint_name)
images_url_check = images_service.get_endpoint(
cls.images_config.region)
# If endpoint validation fails, fail immediately
if images_url_check is None:
cls.assertClassSetupFailure('Endpoint validation failed')
cls.url = (images_service.get_endpoint(
cls.images_config.region).public_url)
# If a url override was provided, use it instead
if cls.images_config.override_url:
cls.url = cls.images_config.override_url
images_client = cls.generate_images_client(access_data)
user_list[user][cls.CLIENT] = images_client
images_behavior = ImagesBehaviors(images_client, cls.images_config)
user_list[user][cls.BEHAVIOR] = images_behavior
return user_list
def get_access_data(endpoint_config=None, user_config=None):
endpoint_config = endpoint_config or UserAuthConfig()
user_config = user_config or UserConfig()
if endpoint_config.strategy.lower() == 'keystone':
return IdentityServiceBehaviors.get_access_data(
user_config.username, user_config.password,
user_config.tenant_name, endpoint_config.auth_endpoint)
elif endpoint_config.strategy.lower() == 'rax_auth':
token_client = RaxTokenAPI_Client(endpoint_config.auth_endpoint,
'json', 'json')
token_behaviors = RaxTokenAPI_Behaviors(token_client)
return token_behaviors.get_access_data(user_config.username,
user_config.api_key,
user_config.tenant_id)
elif endpoint_config.strategy.lower() == 'rax_auth_mfa':
passcode = user_config.passcode
if passcode is None:
# TODO: This is a place holder for adding the functionality to
# use an external service (e.g. - SMS) to provide the passcode
pass
token_client = RaxToken_MFA_API_Client(
url=endpoint_config.auth_endpoint,
serialize_format='json',
deserialize_format='json')
token_behaviors = RaxToken_MFA_API_Behaviors(token_client)
return token_behaviors.get_access_data(
username=user_config.username,
password=user_config.password,
tenant_id=user_config.tenant_id,
passcode=passcode)
elif endpoint_config.strategy.lower() == 'saio_tempauth':
auth_client = SaioAuthAPI_Client(endpoint_config.auth_endpoint)
auth_behaviors = SaioAuthAPI_Behaviors(auth_client)
return auth_behaviors.get_access_data(user_config.username,
user_config.password)
else:
raise NotImplementedError
def setUpClass(cls):
super(BareMetalFixture, cls).setUpClass()
cls.marshalling = MarshallingConfig()
cls.bare_metal_endpoint = BareMetalEndpointConfig()
cls.endpoint_config = UserAuthConfig()
cls.user_config = UserConfig()
cls.access_data = AuthProvider.get_access_data(cls.endpoint_config,
cls.user_config)
# If authentication fails, halt
if cls.access_data is None:
cls.assertClassSetupFailure('Authentication failed.')
bare_metal_service = cls.access_data.get_service(
cls.bare_metal_endpoint.bare_metal_endpoint_name)
url = bare_metal_service.get_endpoint(
cls.bare_metal_endpoint.region).public_url
# If a url override was provided, use that value instead
if cls.bare_metal_endpoint.bare_metal_endpoint_url:
url = cls.bare_metal_endpoint.bare_metal_endpoint_url
client_args = {
'url': url,
'auth_token': cls.access_data.token.id_,
'serialize_format': cls.marshalling.serializer,
'deserialize_format': cls.marshalling.deserializer
}
cls.chassis_client = ChassisClient(**client_args)
cls.drivers_client = DriversClient(**client_args)
cls.nodes_client = NodesClient(**client_args)
cls.ports_client = PortsClient(**client_args)
cls.resources = ResourcePool()
cls.addClassCleanup(cls.resources.release)
def setUpClass(cls):
super(QuotasAdminTest, cls).setUpClass()
cls.tenant_id = UserConfig().tenant_id
cls.default_quota_set = DefaultQuotaSetConfig()
class OtterRbacTests(AutoscaleFixture):
"""
System tests to verify the rbac roles for otter.
"""
user_config = UserConfig()
password = user_config.password
def setUp(self):
"""
Create a group with a policy and a webhook
"""
super(OtterRbacTests, self).setUp()
create_group = self.autoscale_behaviors.create_scaling_group_given(
gc_min_entities=0)
self.group = create_group.entity
self.policy_webhook = self.autoscale_behaviors.create_policy_webhook(
self.group.id, {
'change': 1,
'cooldown': 0
})
self.resources.add(self.group, self.empty_scaling_group)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_admin_autoscale_observer(self):
"""
Given a user with the observer role for Autoscale and admin role
for nova and lbaas, verify the user has permissions to GET
groups, GET a group, GET the group state for a group, GET the
configs of a group, GET the launch configs of a group, LIST
policies and GET a policy
"""
autoscale_na_la_ao = self.autoscale_config.autoscale_na_la_ao
user_client = self._create_client(autoscale_na_la_ao, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client, 403)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_autoscale_admin(self):
"""
Given a user with an admin role for Autscale, nova and lbaas,
verify the user has permissions to perform all CRUD operations
in otter.
"""
autoscale_na_la_aa = self.autoscale_config.autoscale_na_la_aa
user_client = self._create_client(autoscale_na_la_aa, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_autoscale_observer(self):
"""
Given a user with observer role for Autoscale, nova and lbaas,
ensure the user can still perform all the GET operations on
Otter.
"""
autoscale_no_lo_ao = self.autoscale_config.autoscale_no_lo_ao
user_client = self._create_client(autoscale_no_lo_ao, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client, 403)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_observer_autoscale_admin(self):
"""
Given a user with an admin role for Autoscale, and observer role
for nova and lbaas, ensure the user can still perform all
admin operations on Otter.
"""
autoscale_no_lo_aa = self.autoscale_config.autoscale_no_lo_aa
user_client = self._create_client(autoscale_no_lo_aa, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client)
@tags(type='rbac', speed='quick')
def test_nova_admin_lbaas_observer_autoscale_admin(self):
"""
Given a user with an admin role for Autoscale and Nova, and
observer role for lbaas, ensure the user can still perform all
admin operations on Otter.
"""
autoscale_na_lo_aa = self.autoscale_config.autoscale_na_lo_aa
user_client = self._create_client(autoscale_na_lo_aa, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_creator_autoscale_admin(self):
"""
Given a user with an admin role for Autoscale, and creator role
for nova and lbaas, ensure the user can still perform all
admin operations on Otter.
"""
autoscale_nc_lc_aa = self.autoscale_config.autoscale_nc_lc_aa
user_client = self._create_client(autoscale_nc_lc_aa, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_creator_autoscale_observer(self):
"""
Given a user with an observer role for Autoscale, and creator role
for nova and lbaas, ensure the user can still perform all
observer operations on Otter.
"""
autoscale_nc_lc_ao = self.autoscale_config.autoscale_nc_lc_ao
user_client = self._create_client(autoscale_nc_lc_ao, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client, 403)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_no_access_autoscale_admin(self):
"""
Given a user with an admin role for Autoscale, and no access to
nova and lbaas, ensure the user can still perform all admin
operations on Otter.
"""
autoscale_nno_lno_aa = self.autoscale_config.autoscale_nno_lno_aa
user_client = self._create_client(autoscale_nno_lno_aa, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_no_access_autoscale_observer(self):
"""
Given a user with an observer role for Autoscale, and no access to
nova and lbaas, ensure the user can still perform all observer
operations on Otter.
"""
autoscale_nno_lno_ao = self.autoscale_config.autoscale_nno_lno_ao
user_client = self._create_client(autoscale_nno_lno_ao, self.password)
self._verify_otter_observer_role(user_client)
self._verify_otter_admin_roles_other_than_GET_calls(user_client, 403)
@tags(type='rbac', speed='quick')
def test_nova_lbaas_admin_autoscale_no_access(self):
"""
Given a user with no access to Autoscale, and admin roles for nova
and lbaas, ensure the user can not perform any operations on
Otter.
"""
autoscale_na_la_ano = self.autoscale_config.autoscale_na_la_ano
user_client = self._create_client(autoscale_na_la_ano, self.password)
self._verify_otter_observer_role(user_client, 403)
self._verify_otter_admin_roles_other_than_GET_calls(user_client, 403)
def _create_client(self, username, password):
"""
Create a client for the given test account
"""
endpoint = self.endpoint_config.auth_endpoint
token_client = OSTokenAPI_Client(endpoint, 'json', 'json')
token_behaviors = OSTokenAPI_Behaviors(token_client)
access_data = token_behaviors.get_access_data(username, password,
self.tenant_id)
autoscale_temp_client = AutoscalingAPIClient(
url=self.url,
auth_token=access_data.token.id_,
serialize_format='json',
deserialize_format='json')
return autoscale_temp_client
def _verify_otter_observer_role(self,
user_client,
expected_response_code=200):
"""
verify all the GET calls on a group and policy. Uses the group,
policy and webhook created as part of the setUp.
"""
list_groups_response = user_client.list_scaling_groups()
self.assertEquals(list_groups_response.status_code,
expected_response_code,
msg='List groups returned response code {0}'.format(
list_groups_response.status_code))
get_group_response = (
user_client.view_manifest_config_for_scaling_group(self.group.id))
self.assertEquals(get_group_response.status_code,
expected_response_code,
msg='Get group returned response code {0} on group '
'{1}'.format(get_group_response.status_code,
self.group.id))
get_group_state_response = user_client.list_status_entities_sgroups(
self.group.id)
self.assertEquals(
get_group_state_response.status_code,
expected_response_code,
msg='Get group state returned response code {0} on group '
'{1}'.format(get_group_state_response.status_code, self.group.id))
get_group_config_response = user_client.view_scaling_group_config(
self.group.id)
self.assertEquals(
get_group_config_response.status_code,
expected_response_code,
msg='Get group config returned response code {0} on group '
'{1}'.format(get_group_config_response.status_code, self.group.id))
get_launch_config_response = user_client.view_launch_config(
self.group.id)
self.assertEquals(
get_launch_config_response.status_code,
expected_response_code,
msg='Get launch config returned response code {0} on group {1}'.
format(get_launch_config_response.status_code, self.group.id))
list_policies_response = user_client.list_policies(self.group.id)
self.assertEquals(
list_policies_response.status_code,
expected_response_code,
msg='List policies returned response code {0} for the group'
' {1}'.format(list_policies_response.status_code, self.group.id))
get_policy_response = user_client.get_policy_details(
self.group.id, self.policy_webhook['policy_id'])
self.assertEquals(get_policy_response.status_code,
expected_response_code,
msg='Get group returned response code {0} on group '
'{1}'.format(get_policy_response.status_code,
self.group.id))
def _verify_otter_admin_roles_other_than_GET_calls(
self,
user_client,
expected_response_code=None,
lc_load_balancers=None):
"""
verify all the otter api calls except for all the GET calls, as
_verify_otter_observer_role covers them already.
"""
response_codes = {
'create': 201,
'upd-del': 204,
'execute': 202,
'get': 200
}
if expected_response_code:
response_codes.update(
dict.fromkeys(['create', 'upd-del', 'execute', 'get'],
expected_response_code))
# create group
create_scaling_group_response = user_client.create_scaling_group(
gc_name='test-group',
gc_cooldown=1,
gc_min_entities=0,
lc_image_ref=self.lc_image_ref,
lc_flavor_ref=self.lc_flavor_ref,
lc_name='test-grp-srv',
lc_load_balancers=lc_load_balancers)
self.assertEquals(create_scaling_group_response.status_code,
response_codes['create'],
msg='Create group returned response code {0}'.format(
create_scaling_group_response.status_code))
# update group config
update_group_config_response = user_client.update_group_config(
group_id=self.group.id,
name='update_name',
cooldown=self.group.groupConfiguration.cooldown,
min_entities=self.group.groupConfiguration.minEntities,
max_entities=self.group.groupConfiguration.maxEntities,
metadata={})
self.assertEquals(
update_group_config_response.status_code,
response_codes['upd-del'],
msg='Update group config returned response code {0} on group '
'{1}'.format(update_group_config_response.status_code,
self.group.id))
# update launch config
update_launch_config_response = user_client.update_launch_config(
group_id=self.group.id,
name='update_name',
image_ref=self.group.launchConfiguration.server.imageRef,
flavor_ref=self.group.launchConfiguration.server.flavorRef)
self.assertEquals(
update_launch_config_response.status_code,
response_codes['upd-del'],
msg='Update launch config returned response code {0} on group '
'{1}'.format(update_launch_config_response.status_code,
self.group.id))
# create policy
create_policy_response = user_client.create_policy(
group_id=self.group.id,
name='test-policy',
cooldown=1,
change=1,
policy_type='webhook')
self.assertEquals(
create_policy_response.status_code,
response_codes['create'],
msg='Create policy returned response code {0} on group '
'{1}'.format(create_policy_response.status_code, self.group.id))
# update_policy
update_policy_response = user_client.update_policy(
group_id=self.group.id,
policy_id=self.policy_webhook['policy_id'],
name='upd_name',
cooldown=0,
change=1,
policy_type='webhook')
self.assertEquals(
update_policy_response.status_code,
response_codes['upd-del'],
msg='Update policy returned response code {0} on group '
'{1}'.format(update_policy_response.status_code, self.group.id))
# execute_policy
execute_policy_response = user_client.execute_policy(
self.group.id, self.policy_webhook['policy_id'])
self.assertEquals(
execute_policy_response.status_code,
response_codes['execute'],
msg='Execute policy returned response code {0} on group '
'{1}'.format(execute_policy_response.status_code, self.group.id))
# create_webhook
create_webhook_response = user_client.create_webhook(
self.group.id, self.policy_webhook['policy_id'], 'test-wb')
self.assertEquals(
create_webhook_response.status_code,
response_codes['create'],
msg='Create webhook returned response code {0} on group '
'{1}'.format(create_webhook_response.status_code, self.group.id))
# list webhooks
list_webhook_response = user_client.list_webhooks(
self.group.id, self.policy_webhook['policy_id'])
self.assertEquals(
list_webhook_response.status_code,
response_codes['get'],
msg='List webhooks returned response code {0} on group '
'{1}'.format(list_webhook_response.status_code, self.group.id))
# get webhook
get_webhook_response = user_client.get_webhook(
self.group.id, self.policy_webhook['policy_id'],
self.policy_webhook['webhook_id'])
self.assertEquals(
get_webhook_response.status_code,
response_codes['get'],
msg='List webhooks returned response code {0} on group '
'{1}'.format(get_webhook_response.status_code, self.group.id))
# update webhook
update_webhook_response = user_client.update_webhook(
self.group.id,
self.policy_webhook['policy_id'],
self.policy_webhook['webhook_id'],
name='upd-wb',
metadata={})
self.assertEquals(
update_webhook_response.status_code,
response_codes['upd-del'],
msg='Update webhook returned response code {0} on group '
'{1}'.format(update_webhook_response.status_code, self.group.id))
# execute webhook
execute_webhook_response = user_client.execute_webhook(
self.policy_webhook['webhook_url'])
self.assertEquals(
execute_webhook_response.status_code,
202,
msg='Execute webhook returned response code {0} on group '
'{1}'.format(execute_webhook_response.status_code, self.group.id))
# delete webhook
delete_webhook_response = user_client.delete_webhook(
self.group.id, self.policy_webhook['policy_id'],
self.policy_webhook['webhook_id'])
self.assertEquals(
delete_webhook_response.status_code,
response_codes['upd-del'],
msg='Delete webhook returned response code {0} on group '
'{1}'.format(delete_webhook_response.status_code, self.group.id))
# delete policy
delete_policy_response = user_client.delete_scaling_policy(
self.group.id, self.policy_webhook['policy_id'])
self.assertEquals(
delete_policy_response.status_code,
response_codes['upd-del'],
msg='Delete policy returned response code {0} on group '
'{1}'.format(delete_policy_response.status_code, self.group.id))
# delete group
self.resources.add(self.group.id, self.empty_scaling_group(self.group))
delete_group_response = user_client.delete_scaling_group(
self.group.id, "true")
self.assertEquals(
delete_group_response.status_code,
response_codes['upd-del'],
msg='Delete group returned response code {0} on group '
'{1}'.format(delete_group_response.status_code, self.group.id))
def setUpClass(cls):
super(BaseIdentityAdminTest, cls).setUpClass()
cls.token_config = IdentityTokenConfig()
cls.user_config = UserConfig()
cls.endpoint_url = cls.token_config.authentication_endpoint
cls.serialize_format = cls.token_config.serialize_format
cls.deserialize_format = cls.token_config.deserialize_format
cls.auth_token = {'headers': {'X-Auth-Token': None}}
cls.token_client = TokenAPI_Client(
url=cls.endpoint_url,
deserialize_format=cls.deserialize_format,
serialize_format=cls.serialize_format)
cls.admin_auth_response = cls.token_client.authenticate(
username=cls.token_config.username,
password=cls.token_config.password,
tenant_name=cls.token_config.tenant_name)
cls.access_data = cls.admin_auth_response.entity
cls.admin_token = cls.access_data.token
cls.admin = cls.access_data.user
cls.demo_auth_response = cls.token_client.authenticate(
username=cls.user_config.username,
password=cls.user_config.password,
tenant_name=cls.user_config.tenant_name)
cls.demo_access_data = cls.demo_auth_response.entity
cls.demo_token = cls.demo_access_data.token
cls.tenant_client = TenantsAPI_Client(
url=cls.endpoint_url,
auth_token=cls.admin_token.id_,
deserialize_format=cls.deserialize_format,
serialize_format=cls.serialize_format)
cls.tenant_behavior = TenantsBehaviors(cls.tenant_client)
cls.demo_tenant = cls.tenant_behavior.get_tenant_by_name(name="demo")
cls.demo_user = cls.tenant_behavior.get_user_by_name(name="demo")
cls.admin_role = cls.tenant_behavior.get_role_by_name(
name="admin",
user_id=cls.admin.id_,
tenant_id=cls.admin_token.tenant.id_)
cls.demo_tenant_client = TenantsAPI_Client(
url=cls.endpoint_url,
auth_token=cls.demo_token.id_,
deserialize_format=cls.deserialize_format,
serialize_format=cls.serialize_format)
cls.extension_client = ExtensionsAPI_Client(
url=cls.endpoint_url,
auth_token=cls.admin_token.id_,
serialized_format=cls.deserialize_format,
deserialized_format=cls.deserialize_format)
cls.demo_extension_client = ExtensionsAPI_Client(
url=cls.endpoint_url,
auth_token=cls.demo_token.id_,
serialized_format=cls.deserialize_format,
deserialized_format=cls.deserialize_format)
def setUpClass(cls):
super(ComputeFixture, cls).setUpClass()
cls.flavors_config = FlavorsConfig()
cls.images_config = ImagesConfig()
cls.servers_config = ServersConfig()
cls.compute_endpoint = ComputeEndpointConfig()
cls.marshalling = MarshallingConfig()
cls.config_drive_config = ConfigDriveConfig()
cls.cloud_init_config = CloudInitConfig()
cls.flavor_ref = cls.flavors_config.primary_flavor
cls.flavor_ref_alt = cls.flavors_config.secondary_flavor
cls.image_ref = cls.images_config.primary_image
cls.image_ref_alt = cls.images_config.secondary_image
cls.disk_path = cls.servers_config.instance_disk_path
cls.split_ephemeral_disk_enabled = \
cls.servers_config.split_ephemeral_disk_enabled
cls.ephemeral_disk_max_size = \
cls.servers_config.ephemeral_disk_max_size
cls.disk_format_type = cls.servers_config.disk_format_type
cls.expected_networks = cls.servers_config.expected_networks
cls.file_injection_enabled = \
cls.servers_config.personality_file_injection_enabled
cls.endpoint_config = UserAuthConfig()
cls.user_config = UserConfig()
cls.access_data = AuthProvider.get_access_data(cls.endpoint_config,
cls.user_config)
# If authentication fails, halt
if cls.access_data is None:
cls.assertClassSetupFailure('Authentication failed.')
compute_service = cls.access_data.get_service(
cls.compute_endpoint.compute_endpoint_name)
url = compute_service.get_endpoint(
cls.compute_endpoint.region).public_url
# If a url override was provided, use that value instead
if cls.compute_endpoint.compute_endpoint_url:
url = '{0}/{1}'.format(cls.compute_endpoint.compute_endpoint_url,
cls.user_config.tenant_id)
client_args = {'url': url, 'auth_token': cls.access_data.token.id_,
'serialize_format': cls.marshalling.serializer,
'deserialize_format': cls.marshalling.deserializer}
cls.flavors_client = FlavorsClient(**client_args)
cls.servers_client = ServersClient(**client_args)
cls.boot_from_volume_client = VolumesBootClient(**client_args)
cls.images_client = ImagesClient(**client_args)
cls.keypairs_client = KeypairsClient(**client_args)
cls.security_groups_client = SecurityGroupsClient(**client_args)
cls.security_group_rule_client = SecurityGroupRulesClient(
**client_args)
cls.volume_attachments_client = VolumeAttachmentsAPIClient(
url=url, auth_token=cls.access_data.token.id_,
serialize_format=cls.marshalling.serializer,
deserialize_format=cls.marshalling.deserializer)
cls.rescue_client = RescueClient(**client_args)
cls.vnc_client = VncConsoleClient(**client_args)
cls.console_output_client = ConsoleOutputClient(**client_args)
cls.limits_client = LimitsClient(**client_args)
cls.server_behaviors = ServerBehaviors(
servers_client=cls.servers_client,
images_client=cls.images_client,
servers_config=cls.servers_config,
images_config=cls.images_config,
flavors_config=cls.flavors_config)
cls.volume_server_behaviors = VolumeServerBehaviors(
servers_client=cls.servers_client,
images_client=cls.images_client,
servers_config=cls.servers_config,
images_config=cls.images_config,
flavors_config=cls.flavors_config,
server_behaviors=cls.server_behaviors,
boot_from_volume_client=cls.boot_from_volume_client)
cls.image_behaviors = ImageBehaviors(cls.images_client,
cls.servers_client,
cls.images_config)
cls.config_drive_behaviors = ConfigDriveBehaviors(cls.servers_client,
cls.servers_config,
cls.server_behaviors)
cls.flavors_client.add_exception_handler(ExceptionHandler())
cls.resources = ResourcePool()
cls.addClassCleanup(cls.resources.release)
def setUpClass(cls):
"""
Initialize autoscale configs, behaviors and client
"""
super(AutoscaleFixture, cls).setUpClass()
cls.resources = ResourcePool()
cls.autoscale_config = AutoscaleConfig()
cls.endpoint_config = UserAuthConfig()
user_config = UserConfig()
access_data = AuthProvider.get_access_data(cls.endpoint_config,
user_config)
server_service = access_data.get_service(
cls.autoscale_config.server_endpoint_name)
load_balancer_service = access_data.get_service(
cls.autoscale_config.load_balancer_endpoint_name)
server_url = server_service.get_endpoint(
cls.autoscale_config.region).public_url
lbaas_url = load_balancer_service.get_endpoint(
cls.autoscale_config.region).public_url
cls.tenant_id = cls.autoscale_config.tenant_id
env = os.environ['OSTNG_CONFIG_FILE']
if ('preprod' in env.lower()) or ('dev' in env.lower()):
cls.url = str(cls.autoscale_config.server_endpoint) + '/' + str(
cls.tenant_id)
else:
autoscale_service = access_data.get_service(
cls.autoscale_config.autoscale_endpoint_name)
cls.url = autoscale_service.get_endpoint(
cls.autoscale_config.region).public_url
cls.autoscale_client = AutoscalingAPIClient(cls.url,
access_data.token.id_,
'json', 'json')
cls.server_client = ServersClient(server_url, access_data.token.id_,
'json', 'json')
cls.lbaas_client = LbaasAPIClient(lbaas_url, access_data.token.id_,
'json', 'json')
cls.autoscale_behaviors = AutoscaleBehaviors(cls.autoscale_config,
cls.autoscale_client)
cls.gc_name = cls.autoscale_config.gc_name
cls.gc_cooldown = int(cls.autoscale_config.gc_cooldown)
cls.gc_min_entities = int(cls.autoscale_config.gc_min_entities)
cls.gc_min_entities_alt = int(cls.autoscale_config.gc_min_entities_alt)
cls.gc_max_entities = int(cls.autoscale_config.gc_max_entities)
cls.lc_name = cls.autoscale_config.lc_name
cls.lc_flavor_ref = cls.autoscale_config.lc_flavor_ref
cls.lc_image_ref = cls.autoscale_config.lc_image_ref
cls.lc_image_ref_alt = cls.autoscale_config.lc_image_ref_alt
cls.sp_name = rand_name(cls.autoscale_config.sp_name)
cls.sp_cooldown = int(cls.autoscale_config.sp_cooldown)
cls.sp_change = int(cls.autoscale_config.sp_change)
cls.sp_change_percent = int(cls.autoscale_config.sp_change_percent)
cls.sp_desired_capacity = int(cls.autoscale_config.sp_desired_capacity)
cls.sp_policy_type = cls.autoscale_config.sp_policy_type
cls.upd_sp_change = int(cls.autoscale_config.upd_sp_change)
cls.lc_load_balancers = cls.autoscale_config.lc_load_balancers
cls.sp_list = cls.autoscale_config.sp_list
cls.wb_name = rand_name(cls.autoscale_config.wb_name)
cls.load_balancer_1 = int(cls.autoscale_config.load_balancer_1)
cls.load_balancer_2 = int(cls.autoscale_config.load_balancer_2)
cls.load_balancer_3 = int(cls.autoscale_config.load_balancer_3)
cls.lb_other_region = int(cls.autoscale_config.lb_other_region)
cls.interval_time = int(cls.autoscale_config.interval_time)
cls.timeout = int(cls.autoscale_config.timeout)
cls.scheduler_interval = OtterConstants.SCHEDULER_INTERVAL
cls.scheduler_batch = OtterConstants.SCHEDULER_BATCH
cls.max_maxentities = OtterConstants.MAX_MAXENTITIES
cls.max_cooldown = OtterConstants.MAX_COOLDOWN
cls.max_groups = OtterConstants.MAX_GROUPS
cls.max_policies = OtterConstants.MAX_POLICIES
cls.max_webhooks = OtterConstants.MAX_WEBHOOKS
cls.limit_value_all = OtterConstants.LIMIT_VALUE_ALL
cls.limit_unit_all = OtterConstants.LIMIT_UNIT_ALL
cls.limit_value_webhook = OtterConstants.LIMIT_VALUE_WEBHOOK
cls.limit_unit_webhook = OtterConstants.LIMIT_UNIT_WEBHOOK
cls.non_autoscale_username = cls.autoscale_config.non_autoscale_username
cls.non_autoscale_password = cls.autoscale_config.non_autoscale_password
cls.non_autoscale_tenant = cls.autoscale_config.non_autoscale_tenant
def setUpClass(cls):
super(ImagesFixture, cls).setUpClass()
cls.images_config = ImagesConfig()
cls.marshalling = MarshallingConfig()
cls.endpoint_config = UserAuthConfig()
cls.user_config = UserConfig()
cls.alt_user_config = AltUserConfig()
cls.third_user_config = ThirdUserConfig()
cls.resources = ResourcePool()
cls.serialize_format = cls.marshalling.serializer
cls.deserialize_format = cls.marshalling.deserializer
cls.access_data = AuthProvider.get_access_data(cls.endpoint_config,
cls.user_config)
# If authentication fails, fail immediately
if cls.access_data is None:
cls.assertClassSetupFailure('Authentication failed')
cls.alt_access_data = AuthProvider.get_access_data(
cls.endpoint_config, cls.alt_user_config)
# If authentication fails, fail immediately
if cls.alt_access_data is None:
cls.assertClassSetupFailure('Authentication failed')
cls.third_access_data = AuthProvider.get_access_data(
cls.endpoint_config, cls.third_user_config)
# If authentication fails, fail immediately
if cls.third_access_data is None:
cls.assertClassSetupFailure('Authentication failed')
images_service = cls.access_data.get_service(
cls.images_config.endpoint_name)
images_url_check = images_service.get_endpoint(
cls.images_config.region)
# If endpoint validation fails, fail immediately
if images_url_check is None:
cls.assertClassSetupFailure('Endpoint validation failed')
cls.url = (images_service.get_endpoint(
cls.images_config.region).public_url)
# If a url override was provided, use it instead
if cls.images_config.override_url:
cls.url = cls.images_config.override_url
cls.images_client = cls.generate_images_client(cls.access_data)
cls.alt_images_client = cls.generate_images_client(cls.alt_access_data)
cls.third_images_client = cls.generate_images_client(
cls.third_access_data)
cls.images_behavior = ImagesBehaviors(images_client=cls.images_client,
images_config=cls.images_config)
cls.alt_images_behavior = ImagesBehaviors(
images_client=cls.alt_images_client,
images_config=cls.images_config)
cls.third_images_behavior = ImagesBehaviors(
images_client=cls.third_images_client,
images_config=cls.images_config)
cls.alt_tenant_id = cls.alt_access_data.token.tenant.id_
cls.error_msg = Messages.ERROR_MSG
cls.export_to = cls.images_config.export_to
cls.id_regex = re.compile(ImageProperties.ID_REGEX)
cls.import_from = cls.images_config.import_from
cls.import_from_bootable = cls.images_config.import_from_bootable
cls.import_from_format = cls.images_config.import_from_format
cls.max_created_at_delta = cls.images_config.max_created_at_delta
cls.max_expires_at_delta = cls.images_config.max_expires_at_delta
cls.max_updated_at_delta = cls.images_config.max_updated_at_delta
cls.tenant_id = cls.access_data.token.tenant.id_
cls.third_tenant_id = cls.third_access_data.token.tenant.id_
cls.test_file = cls.read_data_file(cls.images_config.test_file)
cls.image_schema_json = cls.read_data_file(
cls.images_config.image_schema_json)
cls.images_schema_json = cls.read_data_file(
cls.images_config.images_schema_json)
cls.image_member_schema_json = cls.read_data_file(
cls.images_config.image_member_schema_json)
cls.image_members_schema_json = cls.read_data_file(
cls.images_config.image_members_schema_json)
cls.task_schema_json = cls.read_data_file(
cls.images_config.task_schema_json)
cls.tasks_schema_json = cls.read_data_file(
cls.images_config.tasks_schema_json)
cls.addClassCleanup(cls.resources.release)
cls.addClassCleanup(cls.images_behavior.resources.release)
cls.addClassCleanup(cls.alt_images_behavior.resources.release)
cls.addClassCleanup(cls.third_images_behavior.resources.release)
def __init__(self, client=None):
self.client = client
self.config = UserConfig()
def _set_up_clients():
"""
Read the user creds from the configuration file in and constructs all the
service clients. If it can't authenticate, or it cannot construct the
autoscale/server/lbaas clients, then it fails.
The RCv3 client is not created if the account does not have access to RCv3
or if RCv3 configuration parameters are not present or invalid.
"""
user_config = UserConfig()
access_data = AuthProvider.get_access_data(endpoint_config, user_config)
if access_data is None:
raise Exception(
"Unable to authenticate against identity to get auth token and "
"service catalog.")
_autoscale_client = _make_client(
access_data,
autoscale_config.autoscale_endpoint_name,
autoscale_config.region,
AutoscalingAPIClient,
"Autoscale")
_server_client = _make_client(
access_data,
autoscale_config.server_endpoint_name,
autoscale_config.server_region_override or autoscale_config.region,
ServersClient,
"Nova Compute")
_images_client = _make_client(
access_data,
autoscale_config.server_endpoint_name,
autoscale_config.region,
ImagesClient,
"Nova images")
_lbaas_client = _make_client(
access_data,
autoscale_config.load_balancer_endpoint_name,
autoscale_config.lbaas_region_override or autoscale_config.region,
LbaasAPIClient,
"Cloud Load Balancers")
_rcv3_client = None
if _rcv3_cloud_network and _rcv3_load_balancer_pool:
_rcv3_client = _make_client(
access_data,
autoscale_config.rcv3_endpoint_name,
autoscale_config.rcv3_region_override or autoscale_config.region,
RackConnectV3APIClient,
"RackConnect v3")
else:
print("Not enough test configuration for RCv3 provided. "
"Will not run RCv3 tests.")
if not all([x is not None for x in (_autoscale_client, _server_client,
_lbaas_client)]):
raise Exception(
"Unable to instantiate all necessary clients.")
return (_autoscale_client, _server_client, _images_client, _lbaas_client,
_rcv3_client)