commit e83c2f07e5798c205a068657675704620b1f14bf Author: James Page Date: Fri Jan 27 14:31:20 2017 +0000 Initial baseline of charm diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a0b2628 --- /dev/null +++ b/.gitignore @@ -0,0 +1,7 @@ +build +layers +.tox +interfaces +.testrepository +*__pycache__* +*.pyc diff --git a/.gitreview b/.gitreview new file mode 100644 index 0000000..cf620eb --- /dev/null +++ b/.gitreview @@ -0,0 +1,4 @@ +[gerrit] +host=review.openstack.org +port=29418 +project=openstack/charm-keystone-ldap.git diff --git a/.project b/.project new file mode 100644 index 0000000..d0187fc --- /dev/null +++ b/.project @@ -0,0 +1,17 @@ + + + keystone-ldap + + + + + + org.python.pydev.PyDevBuilder + + + + + + org.python.pydev.pythonNature + + diff --git a/.pydevproject b/.pydevproject new file mode 100644 index 0000000..b016161 --- /dev/null +++ b/.pydevproject @@ -0,0 +1,11 @@ + + +python 2.7 +Default + +/keystone-ldap/src/lib +/keystone-ldap/src/reactive +/keystone-ldap/unit_tests +/keystone-ldap/src/tests + + diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..d645695 --- /dev/null +++ b/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..4215b08 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,13 @@ +# The order of packages is significant, because pip processes them in the order +# of appearance. Changing the order has an impact on the overall integration +# process, which may cause wedges in the gate later. +pbr>=1.8.0,<1.9.0 +PyYAML>=3.1.0 +simplejson>=2.2.0 +netifaces>=0.10.4 +netaddr>=0.7.12,!=0.7.16 +Jinja2>=2.6 # BSD License (3 clause) +six>=1.9.0 +dnspython>=1.12.0 +psutil>=1.1.1,<2.0.0 +charm-tools diff --git a/src/README.md b/src/README.md new file mode 100644 index 0000000..e68b35d --- /dev/null +++ b/src/README.md @@ -0,0 +1,24 @@ +# Overview + +This subordinate charm provides ... + + +# Usage + +With the OpenStack nova-compute and neutron-gateway charms: + + juju deploy ... + juju deploy neutron-gateway + juju add-relation nova-compute ... + juju add-relation neutron-gateway ... + +# Configuration Options + +This charm will optionally configure the local ip address of the OVS instance to something other than the 'private-address' provided by Juju: + + juju set ... os-data-network=10.20.3.0/21 + + +# Restrictions + + diff --git a/src/config.yaml b/src/config.yaml new file mode 100644 index 0000000..7552b77 --- /dev/null +++ b/src/config.yaml @@ -0,0 +1,29 @@ +options: + domain-name: + type: string + default: + description: Name of the keystone domain to configure; defaults to the deployed application name. + ldap-server: + type: string + default: + description: LDAP server address for keystone identity backend. + ldap-user: + type: string + default: + description: Username of the LDAP identity server. + ldap-password: + type: string + default: + description: Password of the LDAP identity server. + ldap-suffix: + type: string + default: + description: LDAP server suffix to be used by keystone. + ldap-config-flags: + type: string + default: + description: comma sperated options for LDAP configuration. + ldap-readonly: + type: boolean + default: True + description: LDAP identity server backend readonly to keystone. diff --git a/src/copyright b/src/copyright new file mode 100644 index 0000000..a9b1efa --- /dev/null +++ b/src/copyright @@ -0,0 +1,16 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0 + +Files: * +Copyright: 2017, Canonical Ltd. +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); you may + not use this file except in compliance with the License. You may obtain + a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + License for the specific language governing permissions and limitations + under the License. diff --git a/src/icon.svg b/src/icon.svg new file mode 100644 index 0000000..3b655e5 --- /dev/null +++ b/src/icon.svg @@ -0,0 +1,450 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + + + diff --git a/src/layer.yaml b/src/layer.yaml new file mode 100644 index 0000000..7aec550 --- /dev/null +++ b/src/layer.yaml @@ -0,0 +1,5 @@ +includes: ['layer:openstack', 'interface:keystone-domain-backend'] +options: + basic: + use_venv: True + include_system_packages: True diff --git a/src/lib/charm/openstack/__init__.py b/src/lib/charm/openstack/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/src/lib/charm/openstack/keystone_ldap.py b/src/lib/charm/openstack/keystone_ldap.py new file mode 100644 index 0000000..62dfc8b --- /dev/null +++ b/src/lib/charm/openstack/keystone_ldap.py @@ -0,0 +1,117 @@ +# +# Copyright 2017 Canonical Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import charmhelpers.core as core +import charmhelpers.core.host as ch_host +import charmhelpers.core.hookenv as hookenv + +import charmhelpers.contrib.openstack.templating as os_templating + +import charms_openstack.charm + + +DOMAIN_CONF = "/etc/keystone/domains/keystone.{}.conf" +KEYSTONE_CONF_TEMPLATE = "keystone.conf" + + +class KeystoneLDAPCharm(charms_openstack.charm.OpenStackCharm): + + # Internal name of charm + service_name = name = 'keystone-ldap' + + # Package to derive application version from + version_package = 'keystone' + + # First release supported + release = 'mitaka' + + # List of packages to install for this charm + packages = ['python-ldap', 'python-ldappool'] + + @property + def domain_name(self): + """Domain name for the running application + + :returns: string containing the current domain name for the application + """ + return hookenv.config('domain-name') or hookenv.service_name() + + def configuration_complete(self): + """Determine whether sufficient configuration has been provided + to configure keystone for use with a LDAP backend + + :returns: boolean indicating whether configuration is complete + """ + required_config = { + 'ldap_server': hookenv.config('ldap-server'), + 'ldap_user': hookenv.config('ldap-user'), + 'ldap_password': hookenv.config('ldap-password'), + 'ldap_suffix': hookenv.config('ldap-suffix'), + } + return all(required_config.values()) + + @property + def configuration_file(self): + """Configuration file for domain configuration""" + return DOMAIN_CONF.format(self.domain_name) + + def assess_status(self): + """Determine the current application status for the charm""" + hookenv.application_version_set(self.application_version) + if not self.configuration_complete(): + hookenv.status_set('blocked', + 'LDAP configuration incomplete') + else: + hookenv.status_set('active', + 'Unit is ready') + + def render_config(self, restart_trigger): + """Render the domain specific LDAP configuration for the application + """ + checksum = ch_host.path_hash(self.configuration_file) + core.templating.render( + source=KEYSTONE_CONF_TEMPLATE, + template_loader=os_templating.get_loader( + 'templates/', self.release), + target=self.configuration_file, + context=self.adapters_instance) + if checksum != ch_host.path_hash(self.configuration_file): + restart_trigger() + + +def render_config(restart_trigger): + """Render the configuration for the charm + + :params: restart_trigger: function to call if configuration file + changed as a result of rendering + """ + KeystoneLDAPCharm.singleton.render_config(restart_trigger) + + +def assess_status(): + """Just call the KeystoneLDAPCharm.singleton.assess_status() command to update + status on the unit. + """ + KeystoneLDAPCharm.singleton.assess_status() + + +def configuration_complete(): + """Determine whether charm configuration is actually complete""" + return KeystoneLDAPCharm.singleton.configuration_complete() + + +def configuration_file(): + """Configuration file for current domain configuration""" + return KeystoneLDAPCharm.singleton.configuration_file \ No newline at end of file diff --git a/src/metadata.yaml b/src/metadata.yaml new file mode 100644 index 0000000..6b45f22 --- /dev/null +++ b/src/metadata.yaml @@ -0,0 +1,27 @@ +name: keystone-ldap +subordinate: true +maintainer: OpenStack Charmers +summary: Keystone Domain backend for LDAP or Active Directory +description: + Keystone v3 deployments support the use of domain specific identity + drivers, allowing different types of authentication backend to be + deployed in a single Keystone deployment. + . + This charm supports use of LDAP or Active Directory backends, with + configuration details provided by charm configuration options. +tags: + - openstack + - ldap + - identity +series: + - xenial + - trusty + - yakkety +provides: + domain-backend: + interface: keystone-domain-backend + scope: container +requires: + container: + interface: juju-info + scope: container diff --git a/src/reactive/keystone_ldap_handlers.py b/src/reactive/keystone_ldap_handlers.py new file mode 100644 index 0000000..f6a696f --- /dev/null +++ b/src/reactive/keystone_ldap_handlers.py @@ -0,0 +1,43 @@ +# +# Copyright 2017 Canonical Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import charms_openstack.charm as charm +import charms.reactive as reactive + +import charm.openstack.keystone_ldap as keystone_ldap # noqa + +import charmhelpers.core.hookenv as hookenv + +charm.use_defaults( + 'charm.installed', + 'update-status') + + +@reactive.when('domain-backend.connected') +@reactive.when('config.complete') +def configure_domain_name(domain): + keystone_ldap.render_config(domain.trigger_restart) + domain.domain_name(hookenv.config('domain-name') or + hookenv.service_name()) + + +@reactive.when_not('always.run') +def check_configuration(): + '''Validate required configuration options at set state''' + if keystone_ldap.configuration_complete(): + reactive.set_state('config.complete') + else: + reactive.remove_state('config.complete') + keystone_ldap.assess_status() diff --git a/src/templates/keystone.conf b/src/templates/keystone.conf new file mode 100644 index 0000000..d03f238 --- /dev/null +++ b/src/templates/keystone.conf @@ -0,0 +1,27 @@ +[ldap] +url = {{ options.ldap_server }} +user = {{ options.ldap_user }} +password = {{ options.ldap_password }} +suffix = {{ options.ldap_suffix }} + +user_id_attribute = cn +user_name_attribute = sn + +user_filter = +group_filter = + +debug_level = 4095 + +# TODO insert generat options via config + +user_allow_create = {{ not options.ldap_readonly }} +user_allow_update = {{ not options.ldap_readonly }} +user_allow_delete = {{ not options.ldap_readonly }} + +group_allow_create = {{ not options.ldap_readonly }} +group_allow_update = {{ not options.ldap_readonly }} +group_allow_delete = {{ not options.ldap_readonly }} + +[identity] +driver = ldap + diff --git a/src/tests/README.md b/src/tests/README.md new file mode 100644 index 0000000..046be7f --- /dev/null +++ b/src/tests/README.md @@ -0,0 +1,9 @@ +# Overview + +This directory provides Amulet tests to verify basic deployment functionality +from the perspective of this charm, its requirements and its features, as +exercised in a subset of the full OpenStack deployment test bundle topology. + +For full details on functional testing of OpenStack charms please refer to +the [functional testing](http://docs.openstack.org/developer/charm-guide/testing.html#functional-testing) +section of the OpenStack Charm Guide. diff --git a/src/tests/basic_deployment.py b/src/tests/basic_deployment.py new file mode 100644 index 0000000..fef51b2 --- /dev/null +++ b/src/tests/basic_deployment.py @@ -0,0 +1,178 @@ +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import amulet +import json +import subprocess +import time + + +import charmhelpers.contrib.openstack.amulet.deployment as amulet_deployment +import charmhelpers.contrib.openstack.amulet.utils as os_amulet_utils + +# Use DEBUG to turn on debug logging +u = os_amulet_utils.OpenStackAmuletUtils(os_amulet_utils.DEBUG) + + +class SDNCharmDeployment(amulet_deployment.OpenStackAmuletDeployment): + """Amulet tests on a basic sdn_charm deployment.""" + + def __init__(self, series, openstack=None, source=None, stable=False): + """Deploy the entire test environment.""" + super(SDNCharmDeployment, self).__init__(series, openstack, + source, stable) + self._add_services() + self._add_relations() + self._configure_services() + self._deploy() + + u.log.info('Waiting on extended status checks...') + exclude_services = ['mysql', 'mongodb'] + self._auto_wait_for_status(exclude_services=exclude_services) + + self._initialize_tests() + + def _add_services(self): + """Add services + + Add the services that we're testing, where sdn_charm is local, + and the rest of the service are from lp branches that are + compatible with the local charm (e.g. stable or next). + """ + this_service = {'name': 'sdn_charm'} + other_services = [ + { + 'name': 'nova-compute', + 'constraints': {'mem': '4G'}, + }, + { + 'name': 'neutron-api', + }, + { + 'name': 'neutron-gateway', + }, + {'name': 'mysql'}, + {'name': 'rabbitmq-server'}, + {'name': 'keystone'}, + {'name': 'nova-cloud-controller'}, + {'name': 'glance'}, + ] + super(SDNCharmDeployment, self)._add_services(this_service, + other_services) + + def _add_relations(self): + """Add all of the relations for the services.""" + relations = { + 'nova-compute:neutron-plugin': 'sdn_charm:neutron-plugin', + 'keystone:shared-db': 'mysql:shared-db', + 'nova-cloud-controller:shared-db': 'mysql:shared-db', + 'nova-cloud-controller:amqp': 'rabbitmq-server:amqp', + 'nova-cloud-controller:image-service': 'glance:image-service', + 'nova-cloud-controller:identity-service': + 'keystone:identity-service', + 'nova-compute:cloud-compute': + 'nova-cloud-controller:cloud-compute', + 'nova-compute:amqp': 'rabbitmq-server:amqp', + 'nova-compute:image-service': 'glance:image-service', + 'glance:shared-db': 'mysql:shared-db', + 'glance:identity-service': 'keystone:identity-service', + 'glance:amqp': 'rabbitmq-server:amqp', + 'neutron-api:shared-db': 'mysql:shared-db', + 'neutron-api:amqp': 'rabbitmq-server:amqp', + 'neutron-api:neutron-api': 'nova-cloud-controller:neutron-api', + 'neutron-api:identity-service': 'keystone:identity-service', + 'neutron-gateway:amqp': 'rabbitmq-server:amqp', + 'neutron-gateway:neutron-plugin-api': + 'neutron-api:neutron-plugin-api', + 'neutron-gateway:quantum-network-service': + 'nova-cloud-controller:quantum-network-service', + 'neutron-gateway:juju-info': 'sdn_charm:container', + } + super(SDNCharmDeployment, self)._add_relations(relations) + + def _configure_services(self): + """Configure all of the services.""" + keystone_config = {'admin-password': 'openstack', + 'admin-token': 'ubuntutesting'} + configs = {'keystone': keystone_config} + super(SDNCharmDeployment, self)._configure_services(configs) + + def _get_token(self): + return self.keystone.service_catalog.catalog['token']['id'] + + def _initialize_tests(self): + """Perform final initialization before tests get run.""" + # Access the sentries for inspecting service units + self.sdn_charm_sentry = self.d.sentry['sdn_charm'][0] + self.mysql_sentry = self.d.sentry['mysql'][0] + self.keystone_sentry = self.d.sentry['keystone'][0] + self.rabbitmq_sentry = self.d.sentry['rabbitmq-server'][0] + self.sdn_charm_svcs = [ + 'sdn_charm-agent', 'sdn_charm-api'] + + # Authenticate admin with keystone endpoint + self.keystone = u.authenticate_keystone_admin(self.keystone_sentry, + user='admin', + password='openstack', + tenant='admin') + + def check_and_wait(self, check_command, interval=2, max_wait=200, + desc=None): + waited = 0 + while not check_command() or waited > max_wait: + if desc: + u.log.debug(desc) + time.sleep(interval) + waited = waited + interval + if waited > max_wait: + raise Exception('cmd failed {}'.format(check_command)) + + def _run_action(self, unit_id, action, *args): + command = ["juju", "action", "do", "--format=json", unit_id, action] + command.extend(args) + print("Running command: %s\n" % " ".join(command)) + output = subprocess.check_output(command) + output_json = output.decode(encoding="UTF-8") + data = json.loads(output_json) + action_id = data[u'Action queued with id'] + return action_id + + def _wait_on_action(self, action_id): + command = ["juju", "action", "fetch", "--format=json", action_id] + while True: + try: + output = subprocess.check_output(command) + except Exception as e: + print(e) + return False + output_json = output.decode(encoding="UTF-8") + data = json.loads(output_json) + if data[u"status"] == "completed": + return True + elif data[u"status"] == "failed": + return False + time.sleep(2) + + def test_100_services(self): + """Verify the expected services are running on the corresponding + service units.""" + u.log.debug('Checking system services on units...') + + service_names = { + self.sdn_charm_sentry: self.sdn_charm_svcs, + } + + ret = u.validate_services_by_name(service_names) + if ret: + amulet.raise_status(amulet.FAIL, msg=ret) + + u.log.debug('OK') diff --git a/src/tests/gate-basic-trusty-icehouse b/src/tests/gate-basic-trusty-icehouse new file mode 100755 index 0000000..10219c4 --- /dev/null +++ b/src/tests/gate-basic-trusty-icehouse @@ -0,0 +1,19 @@ +#!/usr/bin/env python +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Amulet tests on a basic SDN Charm deployment on trusty-icehouse.""" + +from basic_deployment import SDNCharmDeployment + +if __name__ == '__main__': + deployment = SDNCharmDeployment(series='trusty') + deployment.run_tests() diff --git a/src/tests/gate-basic-trusty-liberty b/src/tests/gate-basic-trusty-liberty new file mode 100755 index 0000000..88bb4cf --- /dev/null +++ b/src/tests/gate-basic-trusty-liberty @@ -0,0 +1,21 @@ +#!/usr/bin/env python +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Amulet tests on a basic SDN Charm deployment on trusty-liberty.""" + +from basic_deployment import SDNCharmDeployment + +if __name__ == '__main__': + deployment = SDNCharmDeployment(series='trusty', + openstack='cloud:trusty-liberty', + source='cloud:trusty-updates/liberty') + deployment.run_tests() diff --git a/src/tests/gate-basic-trusty-mitaka b/src/tests/gate-basic-trusty-mitaka new file mode 100755 index 0000000..018fb27 --- /dev/null +++ b/src/tests/gate-basic-trusty-mitaka @@ -0,0 +1,21 @@ +#!/usr/bin/env python +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Amulet tests on a basic SDN Charm deployment on trusty-mitaka.""" + +from basic_deployment import SDNCharmDeployment + +if __name__ == '__main__': + deployment = SDNCharmDeployment(series='trusty', + openstack='cloud:trusty-mitaka', + source='cloud:trusty-updates/mitaka') + deployment.run_tests() diff --git a/src/tests/gate-basic-xenial-mitaka b/src/tests/gate-basic-xenial-mitaka new file mode 100755 index 0000000..f6df242 --- /dev/null +++ b/src/tests/gate-basic-xenial-mitaka @@ -0,0 +1,19 @@ +#!/usr/bin/env python +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Amulet tests on a basic SDN Charm deployment on xenial-mitaka.""" + +from basic_deployment import SDNCharmDeployment + +if __name__ == '__main__': + deployment = SDNCharmDeployment(series='xenial') + deployment.run_tests() diff --git a/src/tests/tests.yaml b/src/tests/tests.yaml new file mode 100644 index 0000000..e3185c6 --- /dev/null +++ b/src/tests/tests.yaml @@ -0,0 +1,17 @@ +# Bootstrap the model if necessary. +bootstrap: True +# Re-use bootstrap node instead of destroying/re-bootstrapping. +reset: True +# Use tox/requirements to drive the venv instead of bundletester's venv feature. +virtualenv: False +# Leave makefile empty, otherwise unit/lint tests will rerun ahead of amulet. +makefile: [] +# Do not specify juju PPA sources. Juju is presumed to be pre-installed +# and configured in all test runner environments. +#sources: +# Do not specify or rely on system packages. +#packages: +# Do not specify python packages here. Use test-requirements.txt +# and tox instead. ie. The venv is constructed before bundletester +# is invoked. +#python-packages: diff --git a/src/tox.ini b/src/tox.ini new file mode 100644 index 0000000..9e2a4cc --- /dev/null +++ b/src/tox.ini @@ -0,0 +1,77 @@ +[tox] +# Default to current LTS +envlist = pep8,py27 +skipsdist = True + +[testenv] +setenv = VIRTUAL_ENV={envdir} + PYTHONHASHSEED=0 + CHARM_DIR={envdir} + AMULET_SETUP_TIMEOUT=2700 +passenv = HOME TERM AMULET_* +install_command = + pip install --allow-unverified python-apt {opts} {packages} +commands = ostestr {posargs} + +[testenv:py27] +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt + +[testenv:pep8] +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = flake8 {posargs} hooks unit_tests tests + charm-proof + +[testenv:venv] +commands = {posargs} + +[testenv:func27-noop] +# DRY RUN - For Debug +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = + bundletester -vl DEBUG -r json -o func-results.json --test-pattern "gate-*" -n --no-destroy + +[testenv:func27] +# Charm Functional Test +# Run all gate tests which are +x (expected to always pass) +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = + bundletester -vl DEBUG -r json -o func-results.json --test-pattern "gate-*" --no-destroy + +[testenv:func27-smoke] +# Charm Functional Test +# Run a specific test as an Amulet smoke test (expected to always pass) +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = + bundletester -vl DEBUG -r json -o func-results.json gate-basic-xenial-mitaka --no-destroy + +[testenv:func27-dfs] +# Charm Functional Test +# Run all deploy-from-source tests which are +x (may not always pass!) +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = + bundletester -vl DEBUG -r json -o func-results.json --test-pattern "dfs-*" --no-destroy + +[testenv:func27-dev] +# Charm Functional Test +# Run all development test targets which are +x (may not always pass!) +basepython = python2.7 +deps = -r{toxinidir}/requirements.txt + -r{toxinidir}/test-requirements.txt +commands = + bundletester -vl DEBUG -r json -o func-results.json --test-pattern "dev-*" --no-destroy + +[flake8] +ignore = E402,E226 +exclude = hooks/charmhelpers diff --git a/test-requirements.txt b/test-requirements.txt new file mode 100644 index 0000000..368dbf2 --- /dev/null +++ b/test-requirements.txt @@ -0,0 +1,7 @@ +# Lint and unit test requirements +flake8 +os-testr>=0.4.1 +charms.reactive +mock>=1.2 +coverage>=3.6 +git+https://github.com/openstack/charms.openstack.git#egg=charms-openstack diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..df765e0 --- /dev/null +++ b/tox.ini @@ -0,0 +1,45 @@ +[tox] +skipsdist = True +envlist = pep8,py34,py35 +skip_missing_interpreters = True + +[testenv] +setenv = VIRTUAL_ENV={envdir} + PYTHONHASHSEED=0 + TERM=linux + INTERFACE_PATH={toxinidir}/interfaces + LAYER_PATH={toxinidir}/layers + INTERFACE_PATH={toxinidir}/interfaces + JUJU_REPOSITORY={toxinidir}/build +passenv = http_proxy https_proxy +install_command = + pip install {opts} {packages} +deps = + -r{toxinidir}/requirements.txt + +[testenv:build] +basepython = python2.7 +commands = + charm-build --log-level DEBUG -o {toxinidir}/build src {posargs} + +[testenv:py34] +basepython = python3.4 +deps = -r{toxinidir}/test-requirements.txt +commands = ostestr {posargs} + +[testenv:py35] +basepython = python3.5 +deps = -r{toxinidir}/test-requirements.txt +commands = ostestr {posargs} + +[testenv:pep8] +basepython = python2.7 +deps = -r{toxinidir}/test-requirements.txt +commands = flake8 {posargs} src unit_tests + +[testenv:venv] +commands = {posargs} + +[flake8] +# E402 ignore necessary for path append before sys module import in actions +ignore = E402 diff --git a/unit_tests/__init__.py b/unit_tests/__init__.py new file mode 100644 index 0000000..d537812 --- /dev/null +++ b/unit_tests/__init__.py @@ -0,0 +1,43 @@ +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import sys +import mock + +sys.path.append('src') +sys.path.append('src/lib') + +# Mock out charmhelpers so that we can test without it. +# also stops sideeffects from occuring. +charmhelpers = mock.MagicMock() +apt_pkg = mock.MagicMock() +sys.modules['apt_pkg'] = apt_pkg +sys.modules['charmhelpers'] = charmhelpers +sys.modules['charmhelpers.core'] = charmhelpers.core +sys.modules['charmhelpers.core.decorators'] = charmhelpers.core.decorators +sys.modules['charmhelpers.core.hookenv'] = charmhelpers.core.hookenv +sys.modules['charmhelpers.core.host'] = charmhelpers.core.host +sys.modules['charmhelpers.core.unitdata'] = charmhelpers.core.unitdata +sys.modules['charmhelpers.core.templating'] = charmhelpers.core.templating +sys.modules['charmhelpers.contrib'] = charmhelpers.contrib +sys.modules['charmhelpers.contrib.openstack'] = charmhelpers.contrib.openstack +sys.modules['charmhelpers.contrib.openstack.utils'] = ( + charmhelpers.contrib.openstack.utils) +sys.modules['charmhelpers.contrib.openstack.templating'] = ( + charmhelpers.contrib.openstack.templating) +sys.modules['charmhelpers.contrib.network'] = charmhelpers.contrib.network +sys.modules['charmhelpers.contrib.network.ip'] = ( + charmhelpers.contrib.network.ip) +sys.modules['charmhelpers.fetch'] = charmhelpers.fetch +sys.modules['charmhelpers.cli'] = charmhelpers.cli +sys.modules['charmhelpers.contrib.hahelpers'] = charmhelpers.contrib.hahelpers +sys.modules['charmhelpers.contrib.hahelpers.cluster'] = ( + charmhelpers.contrib.hahelpers.cluster) diff --git a/unit_tests/test_lib_charm_openstack_openvswitch_odl.py b/unit_tests/test_lib_charm_openstack_openvswitch_odl.py new file mode 100644 index 0000000..257cb10 --- /dev/null +++ b/unit_tests/test_lib_charm_openstack_openvswitch_odl.py @@ -0,0 +1,44 @@ +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import +from __future__ import print_function + +import unittest + +import mock + +import charm.openstack.sdn_charm as sdn_charm + + +class Helper(unittest.TestCase): + + def setUp(self): + self._patches = {} + self._patches_start = {} + + def tearDown(self): + for k, v in self._patches.items(): + v.stop() + setattr(self, k, None) + self._patches = None + self._patches_start = None + + def patch(self, obj, attr, return_value=None, **kwargs): + mocked = mock.patch.object(obj, attr, **kwargs) + self._patches[attr] = mocked + started = mocked.start() + started.return_value = return_value + self._patches_start[attr] = started + setattr(self, attr, started) + + +class TestSDNCharm(Helper): diff --git a/unit_tests/test_openvswitch_odl_handlers.py b/unit_tests/test_openvswitch_odl_handlers.py new file mode 100644 index 0000000..33c1502 --- /dev/null +++ b/unit_tests/test_openvswitch_odl_handlers.py @@ -0,0 +1,40 @@ +# Copyright 2016 Canonical Ltd +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import +from __future__ import print_function + +import mock + +import reactive.sdn_charm_handlers as handlers + +import charms_openstack.test_utils as test_utils + + +class TestRegisteredHooks(test_utils.TestRegisteredHooks): + + def test_hooks(self): + defaults = [ + 'charm.installed', + 'config.changed', + 'update-status'] + hook_set = { + 'when': { + }, + 'when_not': { + } + } + # test that the hooks were registered via the + # reactive.barbican_handlers + self.registered_hooks_test_helper(handlers, hook_set, defaults) + + +class TestSDNCharmHandles(test_utils.PatchHelper):