Use Domains with Keystone v3 in functional tests
This patch enables configuration of domains when using Keystone v3 authentication in the functional test suite. Change-Id: If7fbb1924ebb99dc93eacedc371369fe1fa6312f
This commit is contained in:
Douglas Mendizábal
Douglas Mendizábal
parent
66c88d09da
commit
39331ca5d2
@ -5,19 +5,23 @@
|
|||||||
uri=http://localhost:5000/v3
|
uri=http://localhost:5000/v3
|
||||||
version=v3
|
version=v3
|
||||||
|
|
||||||
|
# Default user credentials
|
||||||
username=admin
|
username=admin
|
||||||
project_name=admin
|
|
||||||
password=secretadmin
|
password=secretadmin
|
||||||
|
project_name=admin
|
||||||
domain_name=Default
|
domain_name=Default
|
||||||
|
|
||||||
|
# Service user credentials
|
||||||
service_admin=service-admin
|
service_admin=service-admin
|
||||||
service_admin_project=service
|
|
||||||
service_admin_password=secretservice
|
service_admin_password=secretservice
|
||||||
|
service_admin_project=service
|
||||||
|
service_admin_domain=Default
|
||||||
|
|
||||||
[rbac_users]
|
[rbac_users]
|
||||||
# Replace these values that represent additional users for RBAC testing
|
# Replace these values that represent additional users for RBAC testing
|
||||||
project_a=project_a
|
project_a=project_a
|
||||||
project_b=project_b
|
project_b=project_b
|
||||||
|
project_domain=Default
|
||||||
|
|
||||||
# users for project_a
|
# users for project_a
|
||||||
admin_a=project_a_admin
|
admin_a=project_a_admin
|
||||||
|
|||||||
@ -22,12 +22,14 @@ STORED_AUTHENTICATION = None
|
|||||||
|
|
||||||
class FunctionalTestAuth(auth.AuthBase):
|
class FunctionalTestAuth(auth.AuthBase):
|
||||||
|
|
||||||
def __init__(self, endpoint, version, username, password, project_name):
|
def __init__(self, endpoint, version, username, password,
|
||||||
|
project_name, project_domain):
|
||||||
self.endpoint = endpoint
|
self.endpoint = endpoint
|
||||||
self.version = version
|
self.version = version
|
||||||
self.username = username
|
self.username = username
|
||||||
self.password = password
|
self.password = password
|
||||||
self.project_name = project_name
|
self.project_name = project_name
|
||||||
|
self.project_domain = project_domain
|
||||||
|
|
||||||
self._client = None
|
self._client = None
|
||||||
|
|
||||||
@ -64,7 +66,9 @@ class FunctionalTestAuth(auth.AuthBase):
|
|||||||
self._client = v3_client.Client(
|
self._client = v3_client.Client(
|
||||||
username=self.username,
|
username=self.username,
|
||||||
password=self.password,
|
password=self.password,
|
||||||
|
user_domain_name=self.project_domain,
|
||||||
project_name=self.project_name,
|
project_name=self.project_name,
|
||||||
|
project_domain_name=self.project_domain,
|
||||||
auth_url=self.endpoint
|
auth_url=self.endpoint
|
||||||
)
|
)
|
||||||
return self._client.auth_token, self._client.project_id
|
return self._client.auth_token, self._client.project_id
|
||||||
|
|||||||
@ -38,75 +38,47 @@ class BarbicanClient(object):
|
|||||||
'Content-Type': 'application/json',
|
'Content-Type': 'application/json',
|
||||||
'Accept': 'application/json'
|
'Accept': 'application/json'
|
||||||
}
|
}
|
||||||
self.region = CONF.identity.region
|
identity = CONF.identity
|
||||||
self._default_user_name = CONF.identity.username
|
self.region = identity.region
|
||||||
self._auth = {}
|
self._default_user_name = identity.username
|
||||||
self._auth[CONF.identity.username] = auth.FunctionalTestAuth(
|
self._auth = dict()
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
self._auth[identity.username] = auth.FunctionalTestAuth(
|
||||||
username=CONF.identity.username,
|
endpoint=identity.uri,
|
||||||
password=CONF.identity.password,
|
version=identity.version,
|
||||||
project_name=CONF.identity.project_name)
|
username=identity.username,
|
||||||
self._auth[CONF.identity.service_admin] = auth.FunctionalTestAuth(
|
password=identity.password,
|
||||||
endpoint=CONF.identity.uri,
|
project_name=identity.project_name,
|
||||||
version=CONF.identity.version,
|
project_domain=identity.domain_name)
|
||||||
username=CONF.identity.service_admin,
|
|
||||||
password=CONF.identity.service_admin_password,
|
self._auth[identity.service_admin] = auth.FunctionalTestAuth(
|
||||||
project_name=CONF.identity.service_admin_project)
|
endpoint=identity.uri,
|
||||||
self._auth[CONF.rbac_users.admin_a] = auth.FunctionalTestAuth(
|
version=identity.version,
|
||||||
endpoint=CONF.identity.uri,
|
username=identity.service_admin,
|
||||||
version=CONF.identity.version,
|
password=identity.service_admin_password,
|
||||||
username=CONF.rbac_users.admin_a,
|
project_name=identity.service_admin_project,
|
||||||
password=CONF.rbac_users.admin_a_password,
|
project_domain=identity.service_admin_domain)
|
||||||
project_name=CONF.rbac_users.project_a)
|
|
||||||
self._auth[CONF.rbac_users.creator_a] = auth.FunctionalTestAuth(
|
rbac = CONF.rbac_users
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
for user in ['admin_a', 'creator_a', 'creator_a_2',
|
||||||
username=CONF.rbac_users.creator_a,
|
'observer_a', 'auditor_a']:
|
||||||
password=CONF.rbac_users.creator_a_password,
|
self._auth[getattr(rbac, user)] = auth.FunctionalTestAuth(
|
||||||
project_name=CONF.rbac_users.project_a)
|
endpoint=identity.uri,
|
||||||
self._auth[CONF.rbac_users.creator_a_2] = auth.FunctionalTestAuth(
|
version=identity.version,
|
||||||
endpoint=CONF.identity.uri,
|
username=getattr(rbac, user),
|
||||||
version=CONF.identity.version,
|
password=getattr(rbac, user + '_password'),
|
||||||
username=CONF.rbac_users.creator_a_2,
|
project_name=rbac.project_a,
|
||||||
password=CONF.rbac_users.creator_a_2_password,
|
project_domain=rbac.project_domain)
|
||||||
project_name=CONF.rbac_users.project_a)
|
|
||||||
self._auth[CONF.rbac_users.observer_a] = auth.FunctionalTestAuth(
|
for user in ['admin_b', 'creator_b', 'observer_b', 'auditor_b']:
|
||||||
endpoint=CONF.identity.uri,
|
self._auth[getattr(rbac, user)] = auth.FunctionalTestAuth(
|
||||||
version=CONF.identity.version,
|
endpoint=identity.uri,
|
||||||
username=CONF.rbac_users.observer_a,
|
version=identity.version,
|
||||||
password=CONF.rbac_users.observer_a_password,
|
username=getattr(rbac, user),
|
||||||
project_name=CONF.rbac_users.project_a)
|
password=getattr(rbac, user + '_password'),
|
||||||
self._auth[CONF.rbac_users.auditor_a] = auth.FunctionalTestAuth(
|
project_name=rbac.project_b,
|
||||||
endpoint=CONF.identity.uri,
|
project_domain=rbac.project_domain)
|
||||||
version=CONF.identity.version,
|
|
||||||
username=CONF.rbac_users.auditor_a,
|
|
||||||
password=CONF.rbac_users.auditor_a_password,
|
|
||||||
project_name=CONF.rbac_users.project_a)
|
|
||||||
self._auth[CONF.rbac_users.admin_b] = auth.FunctionalTestAuth(
|
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
|
||||||
username=CONF.rbac_users.admin_b,
|
|
||||||
password=CONF.rbac_users.admin_b_password,
|
|
||||||
project_name=CONF.rbac_users.project_b)
|
|
||||||
self._auth[CONF.rbac_users.creator_b] = auth.FunctionalTestAuth(
|
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
|
||||||
username=CONF.rbac_users.creator_b,
|
|
||||||
password=CONF.rbac_users.creator_b_password,
|
|
||||||
project_name=CONF.rbac_users.project_b)
|
|
||||||
self._auth[CONF.rbac_users.observer_b] = auth.FunctionalTestAuth(
|
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
|
||||||
username=CONF.rbac_users.observer_b,
|
|
||||||
password=CONF.rbac_users.observer_b_password,
|
|
||||||
project_name=CONF.rbac_users.project_b)
|
|
||||||
self._auth[CONF.rbac_users.auditor_b] = auth.FunctionalTestAuth(
|
|
||||||
endpoint=CONF.identity.uri,
|
|
||||||
version=CONF.identity.version,
|
|
||||||
username=CONF.rbac_users.auditor_b,
|
|
||||||
password=CONF.rbac_users.auditor_b_password,
|
|
||||||
project_name=CONF.rbac_users.project_b)
|
|
||||||
|
|
||||||
def get_all_functional_test_user_names(self):
|
def get_all_functional_test_user_names(self):
|
||||||
retval = []
|
retval = []
|
||||||
|
|||||||
@ -35,6 +35,7 @@ def setup_config(config_file=''):
|
|||||||
cfg.StrOpt('region', default='RegionOne'),
|
cfg.StrOpt('region', default='RegionOne'),
|
||||||
cfg.StrOpt('service_admin', default='service-admin'),
|
cfg.StrOpt('service_admin', default='service-admin'),
|
||||||
cfg.StrOpt('service_admin_project', default='service'),
|
cfg.StrOpt('service_admin_project', default='service'),
|
||||||
|
cfg.StrOpt('service_admin_domain', default='Default'),
|
||||||
cfg.StrOpt('service_admin_password', default='secretservice',
|
cfg.StrOpt('service_admin_password', default='secretservice',
|
||||||
secret=True)]
|
secret=True)]
|
||||||
TEST_CONF.register_group(identity_group)
|
TEST_CONF.register_group(identity_group)
|
||||||
@ -44,6 +45,7 @@ def setup_config(config_file=''):
|
|||||||
rbac_users_options = [
|
rbac_users_options = [
|
||||||
cfg.StrOpt('project_a', default='project_a'),
|
cfg.StrOpt('project_a', default='project_a'),
|
||||||
cfg.StrOpt('project_b', default='project_b'),
|
cfg.StrOpt('project_b', default='project_b'),
|
||||||
|
cfg.StrOpt('project_domain', default='Default'),
|
||||||
cfg.StrOpt('admin_a', default='project_a_admin'),
|
cfg.StrOpt('admin_a', default='project_a_admin'),
|
||||||
cfg.StrOpt('admin_a_password', default='barbican', secret=True),
|
cfg.StrOpt('admin_a_password', default='barbican', secret=True),
|
||||||
cfg.StrOpt('creator_a', default='project_a_creator'),
|
cfg.StrOpt('creator_a', default='project_a_creator'),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user