Remove admin_* from identity section

Since Tempest 12 following values are removed from identity section: - admin_username - admin_password - admin_project_name The values were moved to auth section. Change-Id: Ia98c9449b3fdc7aae40d204f0e2da44f987a5f9d
2018-06-06 22:20:53 +00:00 · 2018-06-06 22:20:53 +00:00 · 4912283b03
commit 4912283b03
parent 283de20574
12 changed files with 34 additions and 44 deletions
--- a/config_tempest/clients.py
+++ b/config_tempest/clients.py
@ -174,7 +174,7 @@ class ClientManager(object):
        # Set admin tenant id needed for keystone v3 tests.
        if creds.admin:
            tenant = self.tenants.get_project_by_name(creds.tenant_name)
-            conf.set('identity', 'admin_project_id', tenant['id'])
+            conf.set('auth', 'admin_project_id', tenant['id'])

    def _get_default_params(self, conf):
        default_params = {
--- a/config_tempest/constants.py
+++ b/config_tempest/constants.py
@ -42,9 +42,6 @@ ALL_CREDENTIALS_KEYS = {
    "identity.alt_username": [],
    "identity.alt_password": [],
    "identity.alt_project_name": [],
-    "identity.admin_username": [],
-    "identity.admin_password": [],
-    "identity.admin_project_name": [],
    "identity.admin_domain_name": [],
 }

--- a/config_tempest/main.py
+++ b/config_tempest/main.py
@ -162,15 +162,6 @@ def set_options(conf, deployer_input, non_admin, overrides=[],
        conf.set("auth", "admin_username", "")
        conf.set("auth", "admin_project_name", "")
        conf.set("auth", "admin_password", "")
-        # To maintain backward compatibilty
-        # Moved to auth
-        conf.set("identity", "admin_username", "")
-        # To maintain backward compatibility
-        # renamed as admin_project_name in auth section
-        conf.set("identity", "admin_project_name", "")
-        # To maintain backward compatibility
-        # Moved to auth
-        conf.set("identity", "admin_password", "")
        conf.set("auth", "use_dynamic_credentials", "False")

    # get and set auth data from client's config
@ -325,17 +316,20 @@ def set_cloud_config_values(non_admin, cloud_creds, conf):
    """
    try:
        if non_admin:
+            # Tempest doesn't have non-admin credentials, but we're gonna
+            # keep them under identity for future usage
            conf.set('identity', 'username', cloud_creds['username'])
            conf.set('identity',
                     'project_name',
                     cloud_creds['project_name'])
            conf.set('identity', 'password', cloud_creds['password'])
        else:
-            conf.set('identity', 'admin_username', cloud_creds['username'])
-            conf.set('identity',
+            # admin credentials are under auth section
+            conf.set('auth', 'admin_username', cloud_creds['username'])
+            conf.set('auth',
                     'admin_project_name',
                     cloud_creds['project_name'])
-            conf.set('identity', 'admin_password', cloud_creds['password'])
+            conf.set('auth', 'admin_password', cloud_creds['password'])
        conf.set('identity', 'uri', cloud_creds['auth_url'])

    except cfg.NoSuchOptError:
--- a/config_tempest/tests/base.py
+++ b/config_tempest/tests/base.py
@ -40,9 +40,9 @@ class BaseConfigTempestTest(base.BaseTestCase):
        conf.set("identity", "auth_version", "v3")
        conf.set("identity", "uri", uri + V2, priority=True)
        conf.set("identity", "uri_v3", uri + V3)
-        conf.set("identity", "admin_username", "admin")
-        conf.set("identity", "admin_project_name", "adminTenant")
-        conf.set("identity", "admin_password", "adminPass")
+        conf.set("auth", "admin_username", "admin")
+        conf.set("auth", "admin_project_name", "adminTenant")
+        conf.set("auth", "admin_password", "adminPass")
        conf.set("auth", "use_dynamic_credentials", "False")
        return conf

--- a/config_tempest/tests/test_clients.py
+++ b/config_tempest/tests/test_clients.py
@ -115,7 +115,7 @@ class TestClientManager(BaseConfigTempestTest):
        self.useFixture(MonkeyPatch(func2mock, mock_function))
        ClientManager(self.conf, self.creds)
        # check if admin tenant id was set
-        admin_tenant_id = self.conf.get("identity", "admin_project_id")
+        admin_tenant_id = self.conf.get("auth", "admin_project_id")
        self.assertEqual(admin_tenant_id, "my_fake_id")

    def test_get_service_client(self):
--- a/config_tempest/tests/test_config_tempest.py
+++ b/config_tempest/tests/test_config_tempest.py
@ -78,11 +78,11 @@ class TestOsClientConfigSupport(BaseConfigTempestTest):
                             conf.get('identity', 'project_name'))
        else:
            self.assertEqual(cloud_args['username'],
-                             conf.get('identity', 'admin_username'))
+                             conf.get('auth', 'admin_username'))
            self.assertEqual(cloud_args['password'],
-                             conf.get('identity', 'admin_password'))
+                             conf.get('auth', 'admin_password'))
            self.assertEqual(cloud_args['project_name'],
-                             conf.get('identity', 'admin_project_name'))
+                             conf.get('auth', 'admin_project_name'))

    def test_init_manager_client_config(self):
        self._obtain_client_config_data(True)
@ -117,7 +117,6 @@ class TestOsClientConfigSupport(BaseConfigTempestTest):
        manager = ClientManager(self.conf, creds)
        # check if cloud_args credentials were overrided by admin ones
        self._check_credentials(manager,
-                                self.conf.get('identity', 'admin_username'),
-                                self.conf.get('identity', 'admin_password'),
-                                self.conf.get('identity',
-                                              'admin_project_name'))
+                                self.conf.get('auth', 'admin_username'),
+                                self.conf.get('auth', 'admin_password'),
+                                self.conf.get('auth', 'admin_project_name'))
--- a/config_tempest/tests/test_users.py
+++ b/config_tempest/tests/test_users.py
@ -63,7 +63,7 @@ class TestUsers(BaseConfigTempestTest):
        self.Service.create_tempest_users(orchestration)
        if orchestration:
            self.assertEqual(mock_give_role_to_user.mock_calls, [
-                mock.call(self.conf.get('identity',
+                mock.call(self.conf.get('auth',
                                        'admin_username'),
                          role_name='admin'),
                mock.call(self.conf.get('identity',
@ -73,7 +73,7 @@ class TestUsers(BaseConfigTempestTest):
            ])
        else:
            mock_give_role_to_user.assert_called_with(
-                self.conf.get('identity', 'admin_username'),
+                self.conf.get('auth', 'admin_username'),
                role_name='admin')
        self.assertEqual(mock_create_user_with_tenant.mock_calls, [
            mock.call(self.conf.get('identity', 'username'),
--- a/config_tempest/users.py
+++ b/config_tempest/users.py
@ -46,8 +46,6 @@ class Users(object):
                                     self._conf.get(sec, 'alt_project_name'))

        username = self._conf.get_defaulted('auth', 'admin_username')
-        if username is None:
-            username = self._conf.get_defaulted('identity', 'admin_username')

        self.give_role_to_user(username, role_name='admin')

--- a/etc/default-overrides.conf
+++ b/etc/default-overrides.conf
@ -54,18 +54,6 @@ alt_project_name=alt_demo
 # (string value)
 alt_password=secrete

-# Administrative Username to use for Keystone API requests.
-# (string value)
-# Parameter moved to auth section. Would be deprecated in future
-# releases
-admin_username=admin
-
-# Administrative Tenant name to use for Keystone API requests.
-# (string value)
-# Parameter moved to auth section as admin_project_name. Would
-# be deprecated in future releases
-admin_project_name=admin
-
 admin_domain_name=Default


--- a/releasenotes/notes/Remove-options-prefixed-by-admin_-from-tempest.conf-f038f679b40daaea.yaml
+++ b/releasenotes/notes/Remove-options-prefixed-by-admin_-from-tempest.conf-f038f679b40daaea.yaml
@ -0,0 +1,10 @@
+---
+other:
+  - |
+    The following options are moved from identity section:
+      - admin_username
+      - admin_password
+      - admin_project_name
+
+    to auth section as this is done in Tempest since
+    Tempest 12.
--- a/roles/generate-tempestconf-file-cloud/tasks/main.yaml
+++ b/roles/generate-tempestconf-file-cloud/tasks/main.yaml
@ -33,7 +33,11 @@
          --out etc/cloud_tempest.conf \
          --debug \
          -v \
+          {% if cloud_user == "devstack-admin" %}
          --create \
+          {% else %}
+          --non-admin \
+          {% endif %}
          --os-cloud {{ cloud_user }} \
          auth.tempest_roles Member \
          service_available.swift False \
--- a/roles/generate-tempestconf-file/tasks/generate-tempestconf.sh.j2
+++ b/roles/generate-tempestconf-file/tasks/generate-tempestconf.sh.j2
@ -16,7 +16,7 @@ discover-tempest-config \
 --test-accounts {{ test_accounts_file }} \
 {% endif %}
 identity.uri $OS_AUTH_URL \
-identity.admin_password $OS_PASSWORD \
+auth.admin_password $OS_PASSWORD \
 service_available.swift False \
 {{ aditional_tempestconf_params }} \
 image.http_image {{ url_cirros_image }}