Add support for admin parameters moving to auth

The admin parameters have been moved to auth. As such this patch tries to find them under auth section and if they are not found falls back to the older method. Change-Id: Ic2676a949dbc92abca270a58ea5a39ef494702de
2017-04-20 10:38:29 -04:00 · 2017-04-20 10:38:29 -04:00 · d430dcd548
parent 6220c36290
commit d430dcd548
5 changed files with 84 additions and 5 deletions
--- a/config_tempest/config_tempest.py
+++ b/config_tempest/config_tempest.py
@ -149,8 +149,17 @@ def main():
    else:
        conf.set("identity", "uri_v3", uri.replace("v2.0", "v3"))
    if args.non_admin:
+        conf.set("auth", "admin_username", "")
+        conf.set("auth", "admin_project_name", "")
+        conf.set("auth", "admin_password", "")
+        # To maintain backward compatibilty
+        # Moved to auth
        conf.set("identity", "admin_username", "")
+        # To maintain backward compatibility
+        # renamed as admin_project_name in auth section
        conf.set("identity", "admin_tenant_name", "")
+        # To maintain backward compatibility
+        # Moved to auth
        conf.set("identity", "admin_password", "")
        conf.set("auth", "allow_tenant_isolation", "False")
    if args.use_test_accounts:
@ -364,10 +373,20 @@ class ClientManager(object):
            tenant_name = os_client_creds.get('project_name')
        if admin:
            try:
-                username = conf.get_defaulted('identity', 'admin_username')
-                password = conf.get_defaulted('identity', 'admin_password')
-                tenant_name = conf.get_defaulted('identity',
-                                                 'admin_tenant_name')
+                username = conf.get_defaulted('auth', 'admin_username')
+                if username is None:
+                    username = conf.get_defaulted('identity', 'admin_username')
+
+                password = conf.get_defaulted('auth', 'admin_password')
+                if password is None:
+                    password = conf.get_defaulted('identity', 'admin_password')
+
+                tenant_name = conf.get_defaulted('auth',
+                                                 'admin_project_name')
+                if tenant_name is None:
+                    tenant_name = conf.get_defaulted('identity',
+                                                     'admin_tenant_name')
+
            except cfg.NoSuchOptError:
                LOG.warning(
                    'Could not load some identity admin options from %s',
@ -573,8 +592,11 @@ def create_tempest_users(tenants_client, roles_client, users_client, conf,
                            conf.get('identity', 'password'),
                            conf.get('identity', 'tenant_name'))

+    username = conf.get_defaulted('auth', 'admin_username')
+    if username is None:
+        username = conf.get_defaulted('identity', 'admin_username')
    give_role_to_user(tenants_client, roles_client, users_client,
-                      conf.get('identity', 'admin_username'),
+                      username,
                      conf.get('identity', 'tenant_name'), role_name='admin')

    # Prior to juno, and with earlier juno defaults, users needed to have
--- a/config_tempest/tests/base.py
+++ b/config_tempest/tests/base.py
@ -44,6 +44,23 @@ class BaseConfigTempestTest(base.BaseTestCase):
        conf.set("auth", "allow_tenant_isolation", "False")
        return conf

+    def _get_alt_conf(self, V2, V3):
+        """Contains newer params in place of the deprecated params"""
+        conf = tool.TempestConf()
+        uri = "http://172.16.52.151:5000/"
+        conf.set("identity", "username", "demo")
+        conf.set("identity", "password", "secret")
+        conf.set("identity", "tenant_name", "demo")
+        conf.set("identity", "disable_ssl_certificate_validation", "true")
+        conf.set("identity", "auth_version", "v3")
+        conf.set("identity", "uri", uri + V2, priority=True)
+        conf.set("identity", "uri_v3", uri + V3)
+        conf.set("auth", "admin_username", "admin")
+        conf.set("auth", "admin_project_name", "adminTenant")
+        conf.set("auth", "admin_password", "adminPass")
+        conf.set("auth", "allow_tenant_isolation", "False")
+        return conf
+
    @mock.patch('os_client_config.cloud_config.CloudConfig')
    def _get_clients(self, conf, mock_args, admin=False):
        """Returns ClientManager instance"""
--- a/config_tempest/tests/test_config_tempest.py
+++ b/config_tempest/tests/test_config_tempest.py
@ -113,6 +113,23 @@ class TestClientManager(BaseConfigTempestTest):
        admin_tenant_id = self.conf.get("identity", "admin_tenant_id")
        self.assertEqual(admin_tenant_id, "my_fake_id")

+    def test_init_manager_as_admin_using_new_auth(self):
+        self.conf = self._get_alt_conf("v2.0", "v3")
+        self.client = self._get_clients(self.conf)
+        mock_function = mock.Mock(return_value={"id": "my_fake_id"})
+        func2mock = 'config_tempest.config_tempest.identity.get_tenant_by_name'
+        self.useFixture(MonkeyPatch(func2mock, mock_function))
+        self._get_clients(self.conf, admin=True)
+        # check if admin credentials were set
+        admin_tenant = self.conf.get("auth", "admin_project_name")
+        admin_password = self.conf.get("auth", "admin_password")
+        self.assertEqual(self.conf.get("auth", "admin_username"), "admin")
+        self.assertEqual(admin_tenant, "adminTenant")
+        self.assertEqual(admin_password, "adminPass")
+        # check if admin tenant id was set
+        admin_tenant_id = self.conf.get("identity", "admin_tenant_id")
+        self.assertEqual(admin_tenant_id, "my_fake_id")
+

 class TestOsClientConfigSupport(BaseConfigTempestTest):

--- a/etc/default-overrides.conf
+++ b/etc/default-overrides.conf
@ -17,6 +17,16 @@ log_file=tempest.log
 # Roles to assign to all users created by tempest (list value)
 tempest_roles = _member_

+# Administrative Username to use for Keystone API requests.
+# (string value)
+admin_username=admin
+
+# Administrative Tenant name to use for Keystone API requests.
+# (string value)
+admin_project_name=admin
+
+admin_domain_name=Default
+
 [compute]

 # Should the tests ssh to instances? (boolean value)
@ -53,14 +63,19 @@ alt_password=secrete

 # Administrative Username to use for Keystone API requests.
 # (string value)
+# Parameter moved to auth section. Would be deprecated in future
+# releases
 admin_username=admin

 # Administrative Tenant name to use for Keystone API requests.
 # (string value)
+# Parameter moved to auth section as admin_project_name. Would 
+# be deprecated in future releases
 admin_tenant_name=admin

 admin_domain_name=Default

+
 disable_ssl_certificate_validation=true

 [object-storage]
--- a/releasenotes/notes/add-support-for-admin-parameter-moving-to-auth-a0873bb19ea8428b.yaml
+++ b/releasenotes/notes/add-support-for-admin-parameter-moving-to-auth-a0873bb19ea8428b.yaml
@ -0,0 +1,8 @@
+---
+prelude: >
+    Add support for admin parameters being used from auth section
+deprecations:
+  - |
+    Move admin_username to auth from identity
+    Move admin_tenant_name to auth from identity
+    Move admin_password to auth from identity