9b0fec938f
Scoring Keystone for guideline 2018.01 Changes: Update notes on the working materials folder. Items To Be Discussed: identity-v3-list-projects capability was marked required 2017.09. But the only TC available was flagged since it needs 2 users. Q. Should we move the capability back to advisory until TC is fixed? or until other suitable TCs are added? Change-Id: Ic84cbe834474e579345e22256f2e956ad2b4b897 Note: waiting for additional comments from PTL.
3.6 KiB
3.6 KiB
| 1 | Capability | Program | Status | Method | Endpoint | Test available? | interop relevant? | PTL Comments | From Defcore Discussion | Scorer Comments | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2 | identity-v3-tokens-create | platform/compute/object | required | POST | /v3/auth/tokens | 1 | yes | The returned token value is in the X-Auth-Token header | tempest.api.identity.v3.test_tokens{test_create_token} | This TC refers to API https://developer.openstack.org/api-ref/identity/v3/#password-authentication-with-unscoped-authorization. Should we add other test cases to tempest in order to validate API for: password-authentication-with-scoped-authorization and password-authentication-with-explicit-unscoped-authorization? | |
| 3 | identity-v3-api-discovery | platform/compute | required | GET | /v3 | 3 | yes | make required | tempest.api.identity.v3.test_api_discovery{test_api_version_resources, test_api_media_types, test_api_version_statuses} | ||
| 4 | identity-v3-list-projects | platform/compute | required | GET | /v3/users/{user_id}/projects | 1 | yes | Flagged since require 2 set of user credentials. | |||
| 5 | |||||||||||
| 6 | identity-v3-create-ec2-credentials | POST | /v3/credentials | 1 | yes | Should we make ec2 compatibility required? unclear | |||||
| 7 | identity-v3-list-ec2-credentials | GET | /v3/credentials | 1 | yes | Should we make ec2 compatibility required? unclear | |||||
| 8 | identity-v3-show-ec2-credentials | GET | /v3/credentials/{credential_id} | 1 | yes | Should we make ec2 compatibility required? unclear | |||||
| 9 | identity-v3-delete-ec2-credentials | DELETE | /v3/credentials/{credential_id} | 1 | yes | Should we make ec2 compatibility required? unclear | |||||
| 10 | identity-v3-update-ec2-credentials | PATCH | /v3/credentials/{credential_id} | Should we make ec2 compatibility required? unclear | |||||||
| 11 | identity-v3-catalog | (make sure it works on all supported releases) | returned with the token | ||||||||
| 12 | identity-v3-password-update | POST | /v3/users/{user_id}/password | 1 | yes | Untestable without changing user's password, security risk. Also password policies are very particular to different companies, making a test that would pass on all is near impossible. | tempest.api.identity.v3.test_users{test_update_own_password} | ||||
| 13 | |||||||||||
| 14 | identity-v3-list-groups | platform/compute | GET | /v3/users/{user_id}/groups | 0 | yes | no test available for this feature | ||||
| 15 | identity-v3-get-project | platform/compute | GET | /v3/projects/{project_id} | 0 | yes | admin required | ||||
| 16 | identity-v3-list-roles | platform/compute | GET | /v3/roles | 0 | no | admin required | ||||
| 17 | identity-v3-get-role | platform/compute | GET | /v3/roles/{role_id} | no | admin required | |||||
| 18 | identity-v3-list-domains | platform/compute | GET | /v3/domains | no | admin required | |||||
| 19 | identity-v3-get-domain | platform/compute | GET | /v3/domains/{domain_id} | no | admin required | |||||
| 20 | |||||||||||
| 21 | identity-v3-tokens-validate | platform/compute | advisory | GET | /v3/auth/tokens | yes | Token to be validated is passed in the X-Subject-Token header | ||||
| 22 | identity-v3-revoke-token | platform/compute | DELETE | /v3/auth/tokens | 1 | yes | Token to be revoked is passed in the X-Subject-Token header | keystone.keystone.tests.unit.test_revoke{test_revoke_by_user} | |||
| 23 | identity-v3-get-catalog | platform/compute/object | advisory | GET | /v3/auth/catalog | 0 | yes | TC added in Tempest | |||
| 24 | identity-v3-get-auth-projects | platform/compute | GET | /v3/auth/projects | 0 | yes | equivalent as far as I can tell to identity-v3-list-projects. couldn't find a test specific for this, there are some tests related in keystone.tests.unit.test_v3_auth.py | ||||
| 25 | |||||||||||
| 26 | identity-v2-list-versions | GET | / | 1 | yes | Deprecated | |||||
| 27 | identity-v2-show-version | GET | /v2.0 | 1 | yes | Deprecated | |||||
| 28 | identity-v2-token-generation | POST | /v2.0/tokens | 1 | yes | Deprecated | |||||
| 29 | identity-v2-tenants | GET | /v2.0/tenants | 1 | yes | Deprecated | |||||
| 30 | identity-v2-list-extensions | GET | /v2.0/extensions | Deprecated | |||||||
| 31 | identity-v2-show-extension | GET | /v2.0/extensions/{alias} | Deprecated |