Browse Source

Migrate from Amulet to Zaza

This patch migrate tests from Amulet to Zaza, and Python3 only.

SSL is enabled for all bundles with charm-vault, except trusty, which is
not supported by vault.

func-test-pr: https://github.com/openstack-charmers/zaza-openstack-tests/pull/55

Partial-Bug: 1828424

Change-Id: I4dacf33d3ab4dedbbe62a36b1b2ce5606e51d234
Signed-off-by: Joe Guo <guoqiao@gmail.com>
changes/03/680903/3
Joe Guo 1 month ago
parent
commit
660ce5b021

+ 3
- 3
Makefile View File

@@ -1,16 +1,16 @@
1 1
 #!/usr/bin/make
2
-PYTHON := /usr/bin/env python
2
+PYTHON := /usr/bin/env python3
3 3
 
4 4
 lint:
5 5
 	@tox -e pep8
6 6
 
7 7
 test:
8 8
 	@echo Starting unit tests...
9
-	@tox -e py27
9
+	@tox -e py3
10 10
 
11 11
 functional_test:
12 12
 	@echo Starting functional tests...
13
-	@tox -e func27
13
+	@tox -e func
14 14
 
15 15
 bin/charm_helpers_sync.py:
16 16
 	@mkdir -p bin

+ 1
- 0
hooks/certificates-relation-changed View File

@@ -0,0 +1 @@
1
+hooks.py

+ 1
- 0
hooks/certificates-relation-joined View File

@@ -0,0 +1 @@
1
+hooks.py

+ 21
- 0
hooks/hooks.py View File

@@ -45,10 +45,16 @@ from charmhelpers.contrib.openstack.utils import (
45 45
     set_unit_paused,
46 46
     set_unit_upgrading,
47 47
 )
48
+
48 49
 from charmhelpers.contrib.openstack.templating import OSConfigRenderer
49 50
 
50 51
 from charmhelpers.contrib.charmsupport import nrpe
51 52
 
53
+from charmhelpers.contrib.openstack.cert_utils import (
54
+    get_certificate_request,
55
+    process_certificates,
56
+)
57
+
52 58
 CONF_FILE_DIR = '/etc/glance-simplestreams-sync'
53 59
 USR_SHARE_DIR = '/usr/share/glance-simplestreams-sync'
54 60
 
@@ -353,6 +359,21 @@ def post_series_upgrade():
353 359
     hookenv.status_set("active", "")
354 360
 
355 361
 
362
+@hooks.hook('certificates-relation-joined')
363
+def certs_joined(relation_id=None):
364
+    hookenv.relation_set(
365
+        relation_id=relation_id,
366
+        relation_settings=get_certificate_request())
367
+
368
+
369
+@hooks.hook('certificates-relation-changed')
370
+def certs_changed(relation_id=None, unit=None):
371
+    process_certificates('glance-simplestreams-sync', relation_id, unit)
372
+    configs = get_configs()
373
+    configs.write_all()
374
+    identity_service_changed()
375
+
376
+
356 377
 if __name__ == '__main__':
357 378
     try:
358 379
         hooks.execute(sys.argv)

+ 2
- 0
metadata.yaml View File

@@ -28,3 +28,5 @@ requires:
28 28
     interface: keystone
29 29
   amqp:
30 30
     interface: rabbitmq
31
+  certificates:
32
+    interface: tls-certificates

+ 9
- 5
scripts/glance-simplestreams-sync.py View File

@@ -392,10 +392,12 @@ class StatusExchange:
392 392
             return False
393 393
 
394 394
         try:
395
-            url = "amqp://{}:{}@{}/{}".format(id_conf['rabbit_userid'],
396
-                                              id_conf['rabbit_password'],
397
-                                              host,
398
-                                              id_conf['rabbit_virtual_host'])
395
+            # amqp:// implies librabbitmq if available, otherwise pyamqp
396
+            # librabbitmq doesn't support SSL
397
+            # use pyamqp:// explicitly for SSL
398
+            url = "pyamqp://{}:{}@{}/{}".format(
399
+                id_conf['rabbit_userid'], id_conf['rabbit_password'],
400
+                host, id_conf['rabbit_virtual_host'])
399 401
 
400 402
             ssl = None
401 403
             if 'rabbit_use_ssl' in id_conf:
@@ -503,7 +505,9 @@ def main():
503 505
                                       "message": "Sync starting."})
504 506
         do_sync(charm_conf, status_exchange)
505 507
         ts = time.strftime("%x %X")
506
-        completed_msg = "Sync completed at {}".format(ts)
508
+        # "Unit is ready" is one of approved message prefixes
509
+        # Prefix the message with it will help zaza to understand the status.
510
+        completed_msg = "Unit is ready. Sync completed at {}".format(ts)
507 511
         status_exchange.send_message({"status": "Done",
508 512
                                       "message": completed_msg})
509 513
         status_set('active', completed_msg)

+ 4
- 23
test-requirements.txt View File

@@ -1,29 +1,10 @@
1
-# The order of packages is significant, because pip processes them in the order
2
-# of appearance. Changing the order has an impact on the overall integration
3
-# process, which may cause wedges in the gate later.
4 1
 charm-tools>=2.4.4
2
+requests>=2.18.4
5 3
 coverage>=3.6
6 4
 mock>=1.2
7 5
 flake8>=2.2.4,<=2.4.1
8 6
 stestr>=2.2.0
9
-requests>=2.18.4
10
-# BEGIN: Amulet OpenStack Charm Helper Requirements
11
-# Liberty client lower constraints
12
-amulet>=1.14.3,<2.0;python_version=='2.7'
13
-bundletester>=0.6.1,<1.0;python_version=='2.7'
14
-python-ceilometerclient>=1.5.0
15
-python-cinderclient>=1.4.0
16 7
 python-glanceclient>=1.1.0
17
-python-heatclient>=0.8.0
18
-python-keystoneclient>=1.7.1
19
-python-neutronclient>=3.1.0
20
-python-novaclient>=2.30.1
21
-python-openstackclient>=1.7.0
22
-python-swiftclient>=2.6.0
23
-pika>=0.10.0,<1.0
24
-distro-info
25
-git+https://github.com/juju/charm-helpers.git#egg=charmhelpers
26
-# END: Amulet OpenStack Charm Helper Requirements
27
-# NOTE: workaround for 14.04 pip/tox
28
-pytz
29
-pyudev  # for ceph-* charm unit tests (not mocked?)
8
+
9
+git+https://github.com/openstack-charmers/zaza.git#egg=zaza;python_version>='3.0'
10
+git+https://github.com/openstack-charmers/zaza-openstack-tests.git#egg=zaza.openstack

+ 0
- 9
tests/README.md View File

@@ -1,9 +0,0 @@
1
-# Overview
2
-
3
-This directory provides Amulet tests to verify basic deployment functionality
4
-from the perspective of this charm, its requirements and its features, as
5
-exercised in a subset of the full OpenStack deployment test bundle topology.
6
-
7
-For full details on functional testing of OpenStack charms please refer to
8
-the [functional testing](http://docs.openstack.org/developer/charm-guide/testing.html#functional-testing)
9
-section of the OpenStack Charm Guide.

+ 0
- 263
tests/basic_deployment.py View File

@@ -1,263 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""
18
-Basic glance-simplestreams-sync functional tests.
19
-"""
20
-
21
-import amulet
22
-import json
23
-import re
24
-import requests
25
-import time
26
-
27
-from charmhelpers.contrib.openstack.amulet.deployment import (
28
-    OpenStackAmuletDeployment
29
-)
30
-
31
-from charmhelpers.contrib.openstack.amulet.utils import (
32
-    OpenStackAmuletUtils,
33
-    DEBUG,
34
-    # ERROR
35
-)
36
-
37
-# Use DEBUG to turn on debug logging
38
-u = OpenStackAmuletUtils(DEBUG)
39
-
40
-
41
-class GlanceBasicDeployment(OpenStackAmuletDeployment):
42
-    """Amulet tests on a basic file-backed glance deployment.  Verify
43
-    relations, service status, endpoint service catalog, create and
44
-    delete new image."""
45
-
46
-    SERVICES = ('apache2', 'haproxy', 'glance-api', 'glance-registry')
47
-
48
-    def __init__(self, series=None, openstack=None, source=None,
49
-                 stable=False):
50
-        """Deploy the entire test environment."""
51
-        super(GlanceBasicDeployment, self).__init__(series, openstack,
52
-                                                    source, stable)
53
-        self._add_services()
54
-        self._add_relations()
55
-        self._configure_services()
56
-        self._deploy()
57
-
58
-        u.log.info('Waiting on extended status checks...')
59
-
60
-        # NOTE(thedac):  This charm has a non-standard workload status.
61
-        # The default match for ready will fail. Check the other charms
62
-        # for standard workload status and check this charm for Sync
63
-        # completed.
64
-
65
-        # Check for ready
66
-        exclude_services = ['glance-simplestreams-sync']
67
-        self._auto_wait_for_status(exclude_services=exclude_services)
68
-
69
-        # Check for Sync completed
70
-        self._auto_wait_for_status(re.compile('Sync completed.*',
71
-                                              re.IGNORECASE),
72
-                                   include_only=exclude_services)
73
-
74
-        self.d.sentry.wait()
75
-        self._initialize_tests()
76
-
77
-    def _assert_services(self, should_run):
78
-        u.get_unit_process_ids(
79
-            {self.glance_sentry: self.SERVICES},
80
-            expect_success=should_run)
81
-
82
-    def _add_services(self):
83
-        """Add services
84
-
85
-           Add the services that we're testing, where glance is local,
86
-           and the rest of the service are from lp branches that are
87
-           compatible with the local charm (e.g. stable or next).
88
-           """
89
-        this_service = {'name': 'glance-simplestreams-sync'}
90
-        other_services = [
91
-            self.get_percona_service_entry(),
92
-            {'name': 'glance'},
93
-            {'name': 'rabbitmq-server'},
94
-            {'name': 'keystone'},
95
-        ]
96
-        super(GlanceBasicDeployment, self)._add_services(
97
-            this_service,
98
-            other_services,
99
-            use_source=['glance-simplestreams-sync'],
100
-        )
101
-
102
-    def _add_relations(self):
103
-        """Add relations for the services."""
104
-        relations = {
105
-            'glance:identity-service': 'keystone:identity-service',
106
-            'glance:shared-db': 'percona-cluster:shared-db',
107
-            'keystone:shared-db': 'percona-cluster:shared-db',
108
-            'glance:amqp': 'rabbitmq-server:amqp',
109
-            'glance-simplestreams-sync:identity-service':
110
-                'keystone:identity-service',
111
-            'glance-simplestreams-sync:amqp':
112
-                'rabbitmq-server:amqp',
113
-        }
114
-
115
-        super(GlanceBasicDeployment, self)._add_relations(relations)
116
-
117
-    def _configure_services(self):
118
-        """Configure all of the services."""
119
-        gss_config = {
120
-            # https://bugs.launchpad.net/bugs/1686437
121
-            'source': 'ppa:simplestreams-dev/trunk',
122
-            'use_swift': 'False',
123
-        }
124
-        glance_config = {}
125
-        keystone_config = {
126
-            'admin-password': 'openstack',
127
-            'admin-token': 'ubuntutesting',
128
-        }
129
-        pxc_config = {
130
-            'dataset-size': '25%',
131
-            'max-connections': 1000,
132
-            'root-password': 'ChangeMe123',
133
-            'sst-password': 'ChangeMe123',
134
-        }
135
-        configs = {
136
-            'glance-simplestreams-sync': gss_config,
137
-            'glance': glance_config,
138
-            'keystone': keystone_config,
139
-            'percona-cluster': pxc_config,
140
-        }
141
-        super(GlanceBasicDeployment, self)._configure_services(configs)
142
-
143
-    def _initialize_tests(self):
144
-        """Perform final initialization before tests get run."""
145
-        # Access the sentries for inspecting service units
146
-        self.gss_sentry = self.d.sentry['glance-simplestreams-sync'][0]
147
-        self.pxc_sentry = self.d.sentry['percona-cluster'][0]
148
-        self.glance_sentry = self.d.sentry['glance'][0]
149
-        self.keystone_sentry = self.d.sentry['keystone'][0]
150
-        self.rabbitmq_sentry = self.d.sentry['rabbitmq-server'][0]
151
-        u.log.debug('openstack release val: {}'.format(
152
-            self._get_openstack_release()))
153
-        u.log.debug('openstack release str: {}'.format(
154
-            self._get_openstack_release_string()))
155
-
156
-        # Authenticate admin with keystone
157
-        self.keystone_session, self.keystone = u.get_default_keystone_session(
158
-            self.keystone_sentry,
159
-            openstack_release=self._get_openstack_release())
160
-
161
-        # Authenticate admin with glance endpoint
162
-        self.glance = u.authenticate_glance_admin(self.keystone)
163
-
164
-    def test_010_wait_for_image_sync(self):
165
-        """Wait for images to be synced. Expect at least one."""
166
-
167
-        max_image_wait = 600
168
-        retry_sleep = 2
169
-        images = []
170
-
171
-        time_start = time.time()
172
-        while not images:
173
-            images = [image.name for image in self.glance.images.list()]
174
-            u.log.debug('Images: {}'.format(images))
175
-            if images:
176
-                break
177
-
178
-            time_now = time.time()
179
-            if time_now - time_start >= max_image_wait:
180
-                raise Exception('Images not synced within '
181
-                                '{}s'.format(time_now - time_start))
182
-            else:
183
-                u.log.debug('Waiting {}s'.format(retry_sleep))
184
-                time.sleep(retry_sleep)
185
-                retry_sleep = retry_sleep + 4 if retry_sleep < 30 else 30
186
-
187
-    def test_050_gss_permissions_regression_check_lp1611987(self):
188
-        """Assert the intended file permissions on gss config files
189
-           https://bugs.launchpad.net/bugs/1611987"""
190
-
191
-        perm_check = [
192
-            {
193
-                'file_path': '/etc/glance-simplestreams-sync/identity.yaml',
194
-                'expected_perms': '640',
195
-                'unit_sentry': self.gss_sentry
196
-            },
197
-            {
198
-                'file_path': '/etc/glance-simplestreams-sync/mirrors.yaml',
199
-                'expected_perms': '640',
200
-                'unit_sentry': self.gss_sentry
201
-            },
202
-            {
203
-                'file_path': '/var/log/glance-simplestreams-sync.log',
204
-                'expected_perms': '640',
205
-                'unit_sentry': self.gss_sentry
206
-            },
207
-        ]
208
-
209
-        for _check in perm_check:
210
-            cmd = 'stat -c %a {}'.format(_check['file_path'])
211
-            output, _ = u.run_cmd_unit(_check['unit_sentry'], cmd)
212
-
213
-            assert output == _check['expected_perms'], \
214
-                '{} perms not as expected'.format(_check['file_path'])
215
-
216
-            u.log.debug('Permissions on {}: {}'.format(
217
-                _check['file_path'], output))
218
-
219
-    def test_102_service_catalog(self):
220
-        """Verify that the service catalog endpoint data is valid."""
221
-        u.log.debug('Checking keystone service catalog...')
222
-        endpoint_check = {
223
-            'adminURL': u.valid_url,
224
-            'id': u.not_null,
225
-            'region': 'RegionOne',
226
-            'publicURL': u.valid_url,
227
-            'internalURL': u.valid_url
228
-        }
229
-        expected = {
230
-            'product-streams': [endpoint_check],
231
-            'image': [endpoint_check],
232
-            'identity': [endpoint_check]
233
-        }
234
-        actual = self.keystone.service_catalog.get_endpoints()
235
-
236
-        ret = u.validate_svc_catalog_endpoint_data(
237
-            expected,
238
-            actual,
239
-            openstack_release=self._get_openstack_release())
240
-        if ret:
241
-            amulet.raise_status(amulet.FAIL, msg=ret)
242
-
243
-    def test_110_local_product_stream(self):
244
-        """Verify that the local product stream is accessible and has data"""
245
-        u.log.debug('Checking local product streams...')
246
-        _expected = ['com.ubuntu.cloud:server:14.04:amd64',
247
-                     'com.ubuntu.cloud:server:16.04:amd64',
248
-                     'com.ubuntu.cloud:server:18.04:amd64']
249
-        _uri = "streams/v1/auto.sync.json"
250
-        _key = "url"
251
-        if self._get_openstack_release() <= self.xenial_pike:
252
-            _key = "publicURL"
253
-
254
-        _catalog = self.keystone.service_catalog.get_endpoints()
255
-        _ps_interface = _catalog["product-streams"][0][_key]
256
-        _url = "{}/{}".format(_ps_interface, _uri)
257
-        _client = requests.session()
258
-        _json_data = _client.get(_url).text
259
-        _product_streams = json.loads(_json_data)
260
-
261
-        for image in _expected:
262
-            assert image in _product_streams["products"].keys()
263
-        u.log.debug("Local product stream successful")

+ 0
- 165
tests/basic_deployment_ssl.py View File

@@ -1,165 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""
18
-Basic glance-simplestreams-sync functional tests.
19
-"""
20
-
21
-import base64
22
-import os
23
-import re
24
-import tempfile
25
-
26
-from charmhelpers.contrib.openstack.amulet.deployment import (
27
-    OpenStackAmuletDeployment
28
-)
29
-
30
-from charmhelpers.contrib.openstack.amulet.utils import (
31
-    OpenStackAmuletUtils,
32
-    DEBUG,
33
-    # ERROR
34
-)
35
-
36
-import generate_certs
37
-
38
-# Use DEBUG to turn on debug logging
39
-u = OpenStackAmuletUtils(DEBUG)
40
-
41
-
42
-class GlanceBasicDeployment(OpenStackAmuletDeployment):
43
-    """Amulet tests on a basic file-backed glance deployment.  Verify
44
-    relations, service status, endpoint service catalog, create and
45
-    delete new image."""
46
-
47
-    SERVICES = ('apache2', 'haproxy', 'glance-api', 'glance-registry')
48
-
49
-    def __init__(self, series=None, openstack=None, source=None,
50
-                 stable=False):
51
-        """Deploy the entire test environment."""
52
-        super(GlanceBasicDeployment, self).__init__(series, openstack,
53
-                                                    source, stable)
54
-        self._add_services()
55
-        self._add_relations()
56
-        self._configure_services()
57
-        self._deploy()
58
-
59
-        u.log.info('Waiting on extended status checks...')
60
-
61
-        # NOTE(thedac):  This charm has a non-standard workload status.
62
-        # The default match for ready will fail. Check the other charms
63
-        # for standard workload status and check this charm for Sync
64
-        # completed.
65
-
66
-        # Check for ready
67
-        exclude_services = ['glance-simplestreams-sync']
68
-        self._auto_wait_for_status(exclude_services=exclude_services)
69
-
70
-        # Check for Sync completed; if SSL is okay, this should work
71
-        self._auto_wait_for_status(re.compile('Sync completed.*',
72
-                                              re.IGNORECASE),
73
-                                   include_only=exclude_services)
74
-
75
-        self.d.sentry.wait()
76
-
77
-    def _assert_services(self, should_run):
78
-        u.get_unit_process_ids(
79
-            {self.glance_sentry: self.SERVICES},
80
-            expect_success=should_run)
81
-
82
-    def _add_services(self):
83
-        """Add services
84
-
85
-           Add the services that we're testing, where glance is local,
86
-           and the rest of the service are from lp branches that are
87
-           compatible with the local charm (e.g. stable or next).
88
-           """
89
-        this_service = {'name': 'glance-simplestreams-sync'}
90
-        other_services = [
91
-            {'name': 'percona-cluster', 'constraints': {'mem': '3072M'}},
92
-            {'name': 'glance'},
93
-            {'name': 'rabbitmq-server'},
94
-            {'name': 'keystone'},
95
-        ]
96
-        super(GlanceBasicDeployment, self)._add_services(
97
-            this_service,
98
-            other_services,
99
-            use_source=['glance-simplestreams-sync'],
100
-        )
101
-
102
-    def _add_relations(self):
103
-        """Add relations for the services."""
104
-        relations = {
105
-            'glance:identity-service': 'keystone:identity-service',
106
-            'glance:shared-db': 'percona-cluster:shared-db',
107
-            'keystone:shared-db': 'percona-cluster:shared-db',
108
-            'glance:amqp': 'rabbitmq-server:amqp',
109
-            'glance-simplestreams-sync:identity-service':
110
-                'keystone:identity-service',
111
-            'glance-simplestreams-sync:amqp':
112
-                'rabbitmq-server:amqp',
113
-        }
114
-
115
-        super(GlanceBasicDeployment, self)._add_relations(relations)
116
-
117
-    def _configure_services(self):
118
-        """Configure all of the services."""
119
-        _path = tempfile.gettempdir()
120
-        generate_certs.generate_certs(_path)
121
-
122
-        _cacert = self.load_base64(_path, 'cacert.pem')
123
-        _cert = self.load_base64(_path, 'cert.pem')
124
-        _key = self.load_base64(_path, 'cert.key')
125
-
126
-        gss_config = {
127
-            # https://bugs.launchpad.net/bugs/1686437
128
-            'source': 'ppa:simplestreams-dev/trunk',
129
-            'use_swift': 'False',
130
-            'ssl_ca': _cacert,
131
-        }
132
-        glance_config = {
133
-            'ssl_ca': _cacert,
134
-            'ssl_cert': _cert,
135
-            'ssl_key': _key,
136
-        }
137
-        keystone_config = {
138
-            'admin-password': 'openstack',
139
-            'admin-token': 'ubuntutesting',
140
-            'ssl_ca': _cacert,
141
-            'ssl_cert': _cert,
142
-            'ssl_key': _key,
143
-        }
144
-        pxc_config = {
145
-            'dataset-size': '25%',
146
-            'max-connections': 1000,
147
-            'root-password': 'ChangeMe123',
148
-            'sst-password': 'ChangeMe123',
149
-        }
150
-        rabbitmq_server_config = {
151
-            'ssl': 'on',
152
-        }
153
-        configs = {
154
-            'glance-simplestreams-sync': gss_config,
155
-            'glance': glance_config,
156
-            'keystone': keystone_config,
157
-            'percona-cluster': pxc_config,
158
-            'rabbitmq-server': rabbitmq_server_config,
159
-        }
160
-        super(GlanceBasicDeployment, self)._configure_services(configs)
161
-
162
-    @staticmethod
163
-    def load_base64(*path):
164
-        with open(os.path.join(*path)) as f:
165
-            return base64.b64encode(f.read())

+ 62
- 0
tests/bundles/bionic-queens.yaml View File

@@ -0,0 +1,62 @@
1
+series: bionic
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    to:
49
+      - '3'
50
+  glance:
51
+    charm: cs:~openstack-charmers-next/glance
52
+    num_units: 1
53
+    to:
54
+      - '4'
55
+  glance-simplestreams-sync:
56
+    charm: ../../glance-simplestreams-sync
57
+    num_units: 1
58
+    options:
59
+      source: ppa:simplestreams-dev/trunk
60
+      use_swift: False
61
+    to:
62
+      - '5'

+ 66
- 0
tests/bundles/bionic-rocky.yaml View File

@@ -0,0 +1,66 @@
1
+series: bionic
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    options:
49
+      openstack-origin: cloud:bionic-rocky
50
+    to:
51
+      - '3'
52
+  glance:
53
+    charm: cs:~openstack-charmers-next/glance
54
+    num_units: 1
55
+    options:
56
+      openstack-origin: cloud:bionic-rocky
57
+    to:
58
+      - '4'
59
+  glance-simplestreams-sync:
60
+    charm: ../../glance-simplestreams-sync
61
+    num_units: 1
62
+    options:
63
+      source: ppa:simplestreams-dev/trunk
64
+      use_swift: False
65
+    to:
66
+      - '5'

+ 67
- 0
tests/bundles/bionic-stein.yaml View File

@@ -0,0 +1,67 @@
1
+series: bionic
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    series: bionic
47
+    charm: cs:~openstack-charmers-next/keystone
48
+    num_units: 1
49
+    options:
50
+      openstack-origin: cloud:bionic-stein
51
+    to:
52
+      - '3'
53
+  glance:
54
+    charm: cs:~openstack-charmers-next/glance
55
+    num_units: 1
56
+    options:
57
+      openstack-origin: cloud:bionic-stein
58
+    to:
59
+      - '4'
60
+  glance-simplestreams-sync:
61
+    charm: ../../glance-simplestreams-sync
62
+    num_units: 1
63
+    options:
64
+      source: ppa:simplestreams-dev/trunk
65
+      use_swift: False
66
+    to:
67
+      - '5'

+ 67
- 0
tests/bundles/bionic-train.yaml View File

@@ -0,0 +1,67 @@
1
+series: bionic
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    series: bionic
47
+    charm: cs:~openstack-charmers-next/keystone
48
+    num_units: 1
49
+    options:
50
+      openstack-origin: cloud:bionic-train
51
+    to:
52
+      - '3'
53
+  glance:
54
+    charm: cs:~openstack-charmers-next/glance
55
+    num_units: 1
56
+    options:
57
+      openstack-origin: cloud:bionic-train
58
+    to:
59
+      - '4'
60
+  glance-simplestreams-sync:
61
+    charm: ../../glance-simplestreams-sync
62
+    num_units: 1
63
+    options:
64
+      source: ppa:simplestreams-dev/trunk
65
+      use_swift: False
66
+    to:
67
+      - '5'

+ 62
- 0
tests/bundles/disco-stein.yaml View File

@@ -0,0 +1,62 @@
1
+series: disco
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    to:
49
+      - '3'
50
+  glance:
51
+    charm: cs:~openstack-charmers-next/glance
52
+    num_units: 1
53
+    to:
54
+      - '4'
55
+  glance-simplestreams-sync:
56
+    charm: ../../glance-simplestreams-sync
57
+    num_units: 1
58
+    options:
59
+      source: ppa:simplestreams-dev/trunk
60
+      use_swift: False
61
+    to:
62
+      - '5'

+ 59
- 0
tests/bundles/trusty-mitaka.yaml View File

@@ -0,0 +1,59 @@
1
+series: trusty
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+  - 'no ssl for this bundle since charm-vault does not support trusty'
6
+
7
+machines:
8
+  '0':
9
+    constraints: mem=3072M
10
+    # series "trusty" not supported by mysql charm
11
+    series: xenial
12
+  '1':
13
+  '2':
14
+  '3':
15
+  '4':
16
+
17
+relations:
18
+  - ['keystone:shared-db', 'mysql:shared-db']
19
+  - ['glance:shared-db', 'mysql:shared-db']
20
+  - ['glance:amqp', 'rabbitmq-server:amqp']
21
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
22
+  - ['glance:identity-service', 'keystone:identity-service']
23
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
24
+
25
+applications:
26
+  mysql:
27
+    charm: cs:~openstack-charmers-next/percona-cluster
28
+    # series "trusty" not supported by mysql charm
29
+    series: xenial
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    to:
37
+      - '1'
38
+  keystone:
39
+    charm: cs:~openstack-charmers-next/keystone
40
+    num_units: 1
41
+    options:
42
+      openstack-origin: cloud:trusty-mitaka
43
+    to:
44
+      - '2'
45
+  glance:
46
+    charm: cs:~openstack-charmers-next/glance
47
+    num_units: 1
48
+    options:
49
+      openstack-origin: cloud:trusty-mitaka
50
+    to:
51
+      - '3'
52
+  glance-simplestreams-sync:
53
+    charm: ../../glance-simplestreams-sync
54
+    num_units: 1
55
+    options:
56
+      source: ppa:simplestreams-dev/trunk
57
+      use_swift: False
58
+    to:
59
+      - '4'

+ 62
- 0
tests/bundles/xenial-mitaka.yaml View File

@@ -0,0 +1,62 @@
1
+series: xenial
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    to:
49
+      - '3'
50
+  glance:
51
+    charm: cs:~openstack-charmers-next/glance
52
+    num_units: 1
53
+    to:
54
+      - '4'
55
+  glance-simplestreams-sync:
56
+    charm: ../../glance-simplestreams-sync
57
+    num_units: 1
58
+    options:
59
+      source: ppa:simplestreams-dev/trunk
60
+      use_swift: False
61
+    to:
62
+      - '5'

+ 66
- 0
tests/bundles/xenial-ocata.yaml View File

@@ -0,0 +1,66 @@
1
+series: xenial
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    options:
49
+      openstack-origin: cloud:xenial-ocata
50
+    to:
51
+      - '3'
52
+  glance:
53
+    charm: cs:~openstack-charmers-next/glance
54
+    num_units: 1
55
+    options:
56
+      openstack-origin: cloud:xenial-ocata
57
+    to:
58
+      - '4'
59
+  glance-simplestreams-sync:
60
+    charm: ../../glance-simplestreams-sync
61
+    num_units: 1
62
+    options:
63
+      source: ppa:simplestreams-dev/trunk
64
+      use_swift: False
65
+    to:
66
+      - '5'

+ 66
- 0
tests/bundles/xenial-pike.yaml View File

@@ -0,0 +1,66 @@
1
+series: xenial
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    options:
49
+      openstack-origin: cloud:xenial-pike
50
+    to:
51
+      - '3'
52
+  glance:
53
+    charm: cs:~openstack-charmers-next/glance
54
+    num_units: 1
55
+    options:
56
+      openstack-origin: cloud:xenial-pike
57
+    to:
58
+      - '4'
59
+  glance-simplestreams-sync:
60
+    charm: ../../glance-simplestreams-sync
61
+    num_units: 1
62
+    options:
63
+      source: ppa:simplestreams-dev/trunk
64
+      use_swift: False
65
+    to:
66
+      - '5'

+ 66
- 0
tests/bundles/xenial-queens.yaml View File

@@ -0,0 +1,66 @@
1
+series: xenial
2
+
3
+comment:
4
+  - 'machines section to decide order of deployment. database sooner = faster'
5
+
6
+machines:
7
+  '0':
8
+    constraints: mem=3072M
9
+  '1':
10
+  '2':
11
+  '3':
12
+  '4':
13
+  '5':
14
+
15
+relations:
16
+  - ['vault:shared-db', 'mysql:shared-db']
17
+  - ['keystone:shared-db', 'mysql:shared-db']
18
+  - ['glance:shared-db', 'mysql:shared-db']
19
+  - ['glance:amqp', 'rabbitmq-server:amqp']
20
+  - ['glance-simplestreams-sync:amqp', 'rabbitmq-server:amqp']
21
+  - ['keystone:certificates', 'vault:certificates']
22
+  - ['glance:certificates', 'vault:certificates']
23
+  - ['glance-simplestreams-sync:certificates', 'vault:certificates']
24
+  - ['glance:identity-service', 'keystone:identity-service']
25
+  - ['glance-simplestreams-sync:identity-service', 'keystone:identity-service']
26
+
27
+applications:
28
+  mysql:
29
+    charm: cs:~openstack-charmers-next/percona-cluster
30
+    num_units: 1
31
+    to:
32
+      - '0'
33
+  rabbitmq-server:
34
+    charm: cs:~openstack-charmers-next/rabbitmq-server
35
+    num_units: 1
36
+    options:
37
+      ssl: 'on'  # must be str(in quote), otherwise it's bool
38
+    to:
39
+      - '1'
40
+  vault:
41
+    charm: cs:~openstack-charmers-next/vault
42
+    num_units: 1
43
+    to:
44
+      - '2'
45
+  keystone:
46
+    charm: cs:~openstack-charmers-next/keystone
47
+    num_units: 1
48
+    options:
49
+      openstack-origin: cloud:xenial-queens
50
+    to:
51
+      - '3'
52
+  glance:
53
+    charm: cs:~openstack-charmers-next/glance
54
+    num_units: 1
55
+    options:
56
+      openstack-origin: cloud:xenial-queens
57
+    to:
58
+      - '4'
59
+  glance-simplestreams-sync:
60
+    charm: ../../glance-simplestreams-sync
61
+    num_units: 1
62
+    options:
63
+      source: ppa:simplestreams-dev/trunk
64
+      use_swift: False
65
+    to:
66
+      - '5'

+ 0
- 243
tests/cert.py View File

@@ -1,243 +0,0 @@
1
-# Copyright 2018 Canonical Ltd.
2
-#
3
-# Licensed under the Apache License, Version 2.0 (the "License");
4
-# you may not use this file except in compliance with the License.
5
-# You may obtain a copy of the License at
6
-#
7
-#     http://www.apache.org/licenses/LICENSE-2.0
8
-#
9
-# Unless required by applicable law or agreed to in writing, software
10
-# distributed under the License is distributed on an "AS IS" BASIS,
11
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
-# See the License for the specific language governing permissions and
13
-# limitations under the License.
14
-"""Module for working with x.509 certificates."""
15
-
16
-import cryptography
17
-from cryptography.hazmat.primitives.asymmetric import padding, rsa
18
-import cryptography.hazmat.primitives.hashes as hashes
19
-import cryptography.hazmat.primitives.serialization as serialization
20
-import datetime
21
-import ipaddress
22
-
23
-
24
-def generate_cert(common_name,
25
-                  alternative_names=None,
26
-                  password=None,
27
-                  issuer_name=None,
28
-                  signing_key=None,
29
-                  signing_key_password=None,
30
-                  generate_ca=False):
31
-    """Generate x.509 certificate.
32
-
33
-    Example of how to create a certificate chain::
34
-
35
-        (cakey, cacert) = generate_cert(
36
-            'DivineAuthority',
37
-            generate_ca=True)
38
-        (crkey, crcert) = generate_cert(
39
-            'test.com',
40
-            issuer_name='DivineAuthority',
41
-            signing_key=cakey)
42
-
43
-    :param common_name: Common Name to use in generated certificate
44
-    :type common_name: str
45
-    :param alternative_names: List of names to add as SubjectAlternativeName
46
-    :type alternative_names: Optional[list(str)]
47
-    :param password: Password to protect encrypted private key with
48
-    :type password: Optional[str]
49
-    :param issuer_name: Issuer name, must match provided_private_key issuer
50
-    :type issuer_name: Optional[str]
51
-    :param signing_key: PEM encoded PKCS8 formatted private key
52
-    :type signing_key: Optional[str]
53
-    :param signing_key_password: Password to decrypt private key
54
-    :type signing_key_password: Optional[str]
55
-    :param generate_ca: Generate a certificate usable as a CA certificate
56
-    :type generate_ca: bool
57
-    :returns: x.509 certificate
58
-    :rtype: cryptography.x509.Certificate
59
-    """
60
-    if password is not None:
61
-        encryption_algorithm = serialization.BestAvailableEncryption(password)
62
-    else:
63
-        encryption_algorithm = serialization.NoEncryption()
64
-
65
-    if signing_key:
66
-        _signing_key = serialization.load_pem_private_key(
67
-            signing_key,
68
-            password=signing_key_password,
69
-            backend=cryptography.hazmat.backends.default_backend(),
70
-        )
71
-
72
-    private_key = rsa.generate_private_key(
73
-        public_exponent=65537,  # per RFC 5280 Appendix C
74
-        key_size=2048,
75
-        backend=cryptography.hazmat.backends.default_backend()
76
-    )
77
-
78
-    public_key = private_key.public_key()
79
-
80
-    builder = cryptography.x509.CertificateBuilder()
81
-    builder = builder.subject_name(cryptography.x509.Name([
82
-        cryptography.x509.NameAttribute(
83
-            cryptography.x509.oid.NameOID.COMMON_NAME, common_name),
84
-    ]))
85
-
86
-    if issuer_name is None:
87
-        issuer_name = common_name
88
-
89
-    builder = builder.issuer_name(cryptography.x509.Name([
90
-        cryptography.x509.NameAttribute(
91
-            cryptography.x509.oid.NameOID.COMMON_NAME, issuer_name),
92
-    ]))
93
-    builder = builder.not_valid_before(
94
-        datetime.datetime.today() - datetime.timedelta(1, 0, 0),
95
-    )
96
-    builder = builder.not_valid_after(
97
-        datetime.datetime.today() + datetime.timedelta(1, 0, 0),
98
-    )
99
-    builder = builder.serial_number(cryptography.x509.random_serial_number())
100
-    builder = builder.public_key(public_key)
101
-
102
-    san_list = [cryptography.x509.DNSName(common_name)]
103
-    if alternative_names is not None:
104
-        for name in alternative_names:
105
-            try:
106
-                addr = ipaddress.ip_address(name)
107
-            except ValueError:
108
-                san_list.append(cryptography.x509.DNSName(name))
109
-            else:
110
-                san_list.append(cryptography.x509.IPAddress(addr))
111
-
112
-    builder = builder.add_extension(
113
-        cryptography.x509.SubjectAlternativeName(
114
-            san_list,
115
-        ),
116
-        critical=False,
117
-    )
118
-    builder = builder.add_extension(
119
-        cryptography.x509.BasicConstraints(ca=generate_ca, path_length=None),
120
-        critical=True,
121
-    )
122
-
123
-    if signing_key:
124
-        sign_key = _signing_key
125
-    else:
126
-        sign_key = private_key
127
-
128
-    certificate = builder.sign(
129
-        private_key=sign_key,
130
-        algorithm=cryptography.hazmat.primitives.hashes.SHA256(),
131
-        backend=cryptography.hazmat.backends.default_backend(),
132
-    )
133
-
134
-    return (
135
-        private_key.private_bytes(
136
-            encoding=serialization.Encoding.PEM,
137
-            format=serialization.PrivateFormat.PKCS8,
138
-            encryption_algorithm=encryption_algorithm),
139
-        certificate.public_bytes(
140
-            serialization.Encoding.PEM)
141
-    )
142
-
143
-
144
-def sign_csr(csr, ca_private_key, ca_cert=None, issuer_name=None,
145
-             ca_private_key_password=None, generate_ca=False):
146
-    """Sign CSR with the given key.
147
-
148
-    :param csr: Certificate to sign
149
-    :type csr: str
150
-    :param ca_private_key: Private key to be used to sign csr
151
-    :type ca_private_key: str
152
-    :param ca_cert: Cert to base some options from
153
-    :type ca_cert: str
154
-    :param issuer_name: Issuer name, must match provided_private_key issuer
155
-    :type issuer_name: Optional[str]
156
-    :param ca_private_key_password: Password to decrypt ca_private_key
157
-    :type ca_private_key_password: Optional[str]
158
-    :param generate_ca: Allow resulting cert to be used as ca
159
-    :type generate_ca: bool
160
-    :returns: x.509 certificate
161
-    :rtype: cryptography.x509.Certificate
162
-    """
163
-    backend = cryptography.hazmat.backends.default_backend()
164
-    # Create x509 artifacts
165
-    root_ca_pkey = serialization.load_pem_private_key(
166
-        ca_private_key.encode(),
167
-        password=ca_private_key_password,
168
-        backend=backend)
169
-
170
-    new_csr = cryptography.x509.load_pem_x509_csr(
171
-        csr.encode(),
172
-        backend)
173
-
174
-    if ca_cert:
175
-        root_ca_cert = cryptography.x509.load_pem_x509_certificate(
176
-            ca_cert.encode(),
177
-            backend)
178
-        issuer_name = root_ca_cert.subject
179
-    else:
180
-        issuer_name = issuer_name
181
-    # Create builder
182
-    builder = cryptography.x509.CertificateBuilder()
183
-    builder = builder.serial_number(
184
-        cryptography.x509.random_serial_number())
185
-    builder = builder.issuer_name(issuer_name)
186
-    builder = builder.not_valid_before(
187
-        datetime.datetime.today() - datetime.timedelta(1, 0, 0),
188
-    )
189
-    builder = builder.not_valid_after(
190
-        datetime.datetime.today() + datetime.timedelta(80, 0, 0),
191
-    )
192
-    builder = builder.subject_name(new_csr.subject)
193
-    builder = builder.public_key(new_csr.public_key())
194
-
195
-    builder = builder.add_extension(
196
-        cryptography.x509.BasicConstraints(ca=generate_ca, path_length=None),
197
-        critical=True
198
-    )
199
-
200
-    # Sign the csr
201
-    signer_ca_cert = builder.sign(
202
-        private_key=root_ca_pkey,
203
-        algorithm=hashes.SHA256(),
204
-        backend=backend)
205
-
206
-    return signer_ca_cert.public_bytes(encoding=serialization.Encoding.PEM)
207
-
208
-
209
-def is_keys_valid(public_key_string, private_key_string):
210
-    """Test whether these are a valid public/private key pair.
211
-
212
-    :param public_key_string: PEM encoded key data.
213
-    :type public_key_string: str
214
-    :param private_key_string: OpenSSH encoded key data.
215
-    :type private_key_string: str
216
-    """
217
-    private_key = serialization.load_pem_private_key(
218
-        private_key_string.encode(),
219
-        password=None,
220
-        backend=cryptography.hazmat.backends.default_backend()
221
-    )
222
-    public_key = serialization.load_ssh_public_key(
223
-        public_key_string.encode(),
224
-        backend=cryptography.hazmat.backends.default_backend()
225
-    )
226
-    message = b"encrypted data"
227
-    ciphertext = public_key.encrypt(
228
-        message,
229
-        padding.OAEP(
230
-            mgf=padding.MGF1(algorithm=hashes.SHA256()),
231
-            algorithm=hashes.SHA256(),
232
-            label=None))
233
-
234
-    try:
235
-        plaintext = private_key.decrypt(
236
-            ciphertext,
237
-            padding.OAEP(
238
-                mgf=padding.MGF1(algorithm=hashes.SHA256()),
239
-                algorithm=hashes.SHA256(),
240
-                label=None))
241
-    except ValueError:
242
-        plaintext = ''
243
-    return plaintext == message

+ 0
- 23
tests/dev-basic-cosmic-rocky View File

@@ -1,23 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic Glance deployment on cosmic-rocky."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='cosmic')
23
-    deployment.run_tests()

+ 0
- 25
tests/dev-basic-xenial-pike-ssl View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on xenial-pike."""
18
-
19
-from basic_deployment_ssl import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='xenial',
23
-                                       openstack='cloud:xenial-pike',
24
-                                       source='cloud:xenial-updates/pike')
25
-    deployment.run_tests()

+ 0
- 23
tests/gate-basic-bionic-queens View File

@@ -1,23 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic Glance deployment on bionic-queens."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='bionic')
23
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-bionic-rocky View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on bionic-rocky."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='bionic',
23
-                                         openstack='cloud:bionic-rocky',
24
-                                         source='cloud:bionic-updates/rocky')
25
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-bionic-stein View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on bionic-stein."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='bionic',
23
-                                         openstack='cloud:bionic-stein',
24
-                                         source='cloud:bionic-stein')
25
-    deployment.run_tests()

+ 0
- 23
tests/gate-basic-disco-stein View File

@@ -1,23 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic Glance deployment on disco-stein."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='disco')
23
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-trusty-mitaka View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on trusty-mitaka."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='trusty',
23
-                                         openstack='cloud:trusty-mitaka',
24
-                                         source='cloud:trusty-updates/mitaka')
25
-    deployment.run_tests()

+ 0
- 23
tests/gate-basic-xenial-mitaka View File

@@ -1,23 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic Glance deployment on xenial-mitaka."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='xenial')
23
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-xenial-ocata View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on xenial-ocata."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='xenial',
23
-                                         openstack='cloud:xenial-ocata',
24
-                                         source='cloud:xenial-updates/ocata')
25
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-xenial-pike View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on xenial-pike."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='xenial',
23
-                                       openstack='cloud:xenial-pike',
24
-                                       source='cloud:xenial-updates/pike')
25
-    deployment.run_tests()

+ 0
- 25
tests/gate-basic-xenial-queens View File

@@ -1,25 +0,0 @@
1
-#!/usr/bin/env python
2
-#
3
-# Copyright 2016 Canonical Ltd
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#  http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-
17
-"""Amulet tests on a basic glance deployment on xenial-queens."""
18
-
19
-from basic_deployment import GlanceBasicDeployment
20
-
21
-if __name__ == '__main__':
22
-    deployment = GlanceBasicDeployment(series='xenial',
23
-                                         openstack='cloud:xenial-queens',
24
-                                         source='cloud:xenial-updates/queens')
25
-    deployment.run_tests()

+ 0
- 88
tests/generate_certs.py View File

@@ -1,88 +0,0 @@
1
-#!/usr/bin/env python
2
-
3
-# Copyright 2018 Canonical Ltd.
4
-#
5
-# Licensed under the Apache License, Version 2.0 (the "License");
6
-# you may not use this file except in compliance with the License.
7
-# You may obtain a copy of the License at
8
-#
9
-#     http://www.apache.org/licenses/LICENSE-2.0
10
-#
11
-# Unless required by applicable law or agreed to in writing, software
12
-# distributed under the License is distributed on an "AS IS" BASIS,
13
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
-# See the License for the specific language governing permissions and
15
-# limitations under the License.
16
-import ipaddress
17
-import itertools
18
-import os
19
-import socket
20
-import tempfile
21
-
22
-import six
23
-
24
-import cert as _cert
25
-
26
-ISSUER_NAME = u'OSCI'
27
-
28
-CERT_DIR = tempfile.gettempdir()
29
-
30
-
31
-def determine_CIDR_EXT():
32
-    ip = socket.gethostbyname(socket.getfqdn())
33
-    if ip.startswith('10.5'):
34
-        # running in a bastion
35
-        return u"10.5.0.0/24"
36
-    else:
37
-        # running on UOSCI
38
-        return u"172.17.107.0/24"
39
-
40
-
41
-def write_cert(path, filename, data, mode=0o600):
42
-    """
43
-    Helper function for writing certificate data to disk.
44
-
45
-    :param path: Directory file should be put in
46
-    :type path: str
47
-    :param filename: Name of file
48
-    :type filename: str
49
-    :param data: Data to write
50
-    :type data: any
51
-    :param mode: Create mode (permissions) of file
52
-    :type mode: Octal(int)
53
-    """
54
-    with os.fdopen(os.open(os.path.join(path, filename),
55
-                           os.O_WRONLY | os.O_CREAT, mode), 'wb') as f:
56
-        f.write(data)
57
-
58
-
59
-# We need to restrain the number of SubjectAlternativeNames we attempt to put
60
-# in the certificate.  There is a hard limit for what length the sum of all
61
-# extensions in the certificate can have.
62
-#
63
-# - 2^11 ought to be enough for anybody
64
-def generate_certs(cert_dir=CERT_DIR):
65
-    alt_names = []
66
-    for addr in itertools.islice(
67
-            ipaddress.IPv4Network(determine_CIDR_EXT()), 2**11):
68
-
69
-        if six.PY2:
70
-            alt_names.append(unicode(addr))  # NOQA -- py3 doesn't have unicode
71
-        else:
72
-            alt_names.append(str(addr))
73
-
74
-    (cakey, cacert) = _cert.generate_cert(ISSUER_NAME,
75
-                                          generate_ca=True)
76
-    (key, cert) = _cert.generate_cert(u'*.serverstack',
77
-                                      alternative_names=alt_names,
78
-                                      issuer_name=ISSUER_NAME,
79
-                                      signing_key=cakey)
80
-
81
-    write_cert(cert_dir, 'cacert.pem', cacert)
82
-    write_cert(cert_dir, 'ca.key', cakey)
83
-    write_cert(cert_dir, 'cert.pem', cert)
84
-    write_cert(cert_dir, 'cert.key', key)
85
-
86
-
87
-if __name__ == '__main__':
88
-    generate_certs()

+ 47
- 18
tests/tests.yaml View File

@@ -1,18 +1,47 @@
1
-# Bootstrap the model if necessary.
2
-bootstrap: True
3
-# Re-use bootstrap node.
4
-reset: True
5
-# Use tox/requirements to drive the venv instead of bundletester's venv feature.
6
-virtualenv: False
7
-# Leave makefile empty, otherwise unit/lint tests will rerun ahead of amulet.
8
-makefile: []
9
-# Do not specify juju PPA sources.  Juju is presumed to be pre-installed
10
-# and configured in all test runner environments.
11
-#sources:
12
-# Do not specify or rely on system packages.
13
-#packages:
14
-# Do not specify python packages here.  Use test-requirements.txt
15
-# and tox instead.  ie. The venv is constructed before bundletester
16
-# is invoked.
17
-#python-packages:
18
-reset_timeout: 600
1
+charm_name: glance-simplestreams-sync
2
+
3
+comment:
4
+  - 'the glance configure job validates operation of identity-service relation'
5
+
6
+# functest-run-suite ...
7
+# functest-deploy --bundle /path/to/gate/bundle
8
+gate_bundles:
9
+  - model_alias_trusty: trusty-mitaka
10
+  - xenial-mitaka
11
+  - xenial-ocata
12
+  - xenial-pike
13
+  - xenial-queens
14
+  - bionic-queens
15
+  - bionic-rocky
16
+  - bionic-stein
17
+  - disco-stein
18
+
19
+# functest-run-suite --smoke ...
20
+# functest-deploy --bundle /path/to/smoke/bundle
21
+# smoke bundle should (Ubuntu LTS latest)-(OpenStack latest)
22
+smoke_bundles:
23
+  - bionic-stein
24
+
25
+# functest-run-suite --dev ...
26
+# functest-deploy --bundle /path/to/dev/bundle
27
+# smoke bundle should be (Ubuntu LTS latest)-(OpenStack development)
28
+dev_bundles:
29
+  - bionic-train
30
+
31
+# special target deploy status for above deploy phase
32
+target_deploy_status:
33
+  vault:
34
+    # vault will be blocked with functest-deploy, this is ok to move on
35
+    # functest-configure will fix it with `auto_initialize` in next phase
36
+    workload-status: blocked
37
+    workload-status-message: Vault needs to be initialized
38
+
39
+# functest-configure
40
+configure:
41
+  - zaza.openstack.charm_tests.vault.setup.auto_initialize
42
+  # skip vault init for trusty since vault doesn't suport trusty
43
+  - model_alias_trusty: []
44
+
45
+# functest-test
46
+tests:
47
+  - zaza.openstack.charm_tests.glance_simplestreams_sync.tests.GlanceSimpleStreamsSyncTest

+ 20
- 56
tox.ini View File

@@ -13,19 +13,12 @@ skip_missing_interpreters = False
13 13
 setenv = VIRTUAL_ENV={envdir}
14 14
          PYTHONHASHSEED=0
15 15
          CHARM_DIR={envdir}
16
-         AMULET_SETUP_TIMEOUT=5400
17 16
 install_command =
18 17
   pip install {opts} {packages}
19 18
 commands = stestr run {posargs}
20 19
 whitelist_externals = juju
21
-passenv = HOME TERM AMULET_* CS_API_*
22
-
23
-[testenv:py27]
24
-basepython = python2.7
25
-deps = -r{toxinidir}/requirements.txt
26
-       -r{toxinidir}/test-requirements.txt
27
-# charm is NOT PY27 compatible
28
-commands = /bin/true
20
+passenv = HOME TERM CS_API_* OS_*
21
+deps = -r{toxinidir}/test-requirements.txt
29 22
 
30 23
 [testenv:py35]
31 24
 basepython = python3.5
@@ -42,6 +35,11 @@ basepython = python3.7
42 35
 deps = -r{toxinidir}/requirements.txt
43 36
        -r{toxinidir}/test-requirements.txt
44 37
 
38
+[testenv:py3]
39
+basepython = python3
40
+deps = -r{toxinidir}/requirements.txt
41
+       -r{toxinidir}/test-requirements.txt
42
+
45 43
 [testenv:pep8]
46 44
 basepython = python3
47 45
 deps = -r{toxinidir}/requirements.txt
@@ -79,61 +77,27 @@ omit =
79 77
 
80 78
 [testenv:venv]
81 79
 basepython = python3
82
-commands = {posargs}
83
-
84
-[testenv:func27-noop]
85
-# DRY RUN - For Debug
86
-basepython = python2.7
87
-deps = -r{toxinidir}/requirements.txt
88
-       -r{toxinidir}/test-requirements.txt
89
-commands =
90
-    bundletester -vl DEBUG -r json -o func-results.json --test-pattern "gate-*" -n --no-destroy
91
-
92
-[testenv:func27]
93
-# Charm Functional Test
94
-# Run all gate tests which are +x (expected to always pass)
95
-basepython = python2.7
96
-deps = -r{toxinidir}/requirements.txt
97
-       -r{toxinidir}/test-requirements.txt
98
-commands =
99
-    bundletester -vl DEBUG -r json -o func-results.json --test-pattern "gate-*" --no-destroy
80
+commands = /bin/true
100 81
 
101
-[testenv:func27-smoke]
102
-# Charm Functional Test
103
-# Run a specific test as an Amulet smoke test (expected to always pass)
104
-basepython = python2.7
105
-deps = -r{toxinidir}/requirements.txt
106
-       -r{toxinidir}/test-requirements.txt
82
+[testenv:func]
83
+basepython = python3
107 84
 commands =
108
-    bundletester -vl DEBUG -r json -o func-results.json gate-basic-bionic-stein --no-destroy
85
+    functest-run-suite --keep-model
109 86
 
110
-[testenv:func27-dfs]
111
-# Charm Functional Test
112
-# Run all deploy-from-source tests which are +x (may not always pass!)
113
-basepython = python2.7
114
-deps = -r{toxinidir}/requirements.txt
115
-       -r{toxinidir}/test-requirements.txt
87
+[testenv:func-smoke]
88
+basepython = python3
116 89
 commands =
117
-    bundletester -vl DEBUG -r json -o func-results.json --test-pattern "dfs-*" --no-destroy
90
+    functest-run-suite --keep-model --smoke
118 91
 
119
-[testenv:func27-dev]
120
-# Charm Functional Test
121
-# Run all development test targets which are +x (may not always pass!)
122
-basepython = python2.7
123
-deps = -r{toxinidir}/requirements.txt
124
-       -r{toxinidir}/test-requirements.txt
92
+[testenv:func-dev]
93
+basepython = python3
125 94
 commands =
126
-    bundletester -vl DEBUG -r json -o func-results.json --test-pattern "dev-*" --no-destroy
95
+    functest-run-suite --keep-model --dev
127 96
 
128
-[testenv:func27-smoke-ssl]
129
-# Charm functional test, minimal, model setup using SSL - no basic_deployment tests as
130
-# Amulet doesn't do SSL, and basic deployment tests the actual functionality.
131
-# This just tests that the SSL verification bits get to the right places.
132
-basepython = python2.7
133
-deps = -r{toxinidir}/requirements.txt
134
-       -r{toxinidir}/test-requirements.txt
97
+[testenv:func-target]
98
+basepython = python3
135 99
 commands =
136
-    bundletester -vl DEBUG -r json -o func-results.json dev-basic-xenial-pike-ssl --no-destroy
100
+    functest-run-suite --keep-model --bundle {posargs}
137 101
 
138 102
 [flake8]
139 103
 ignore = E402,E226

Loading…
Cancel
Save