This patch removes the copy of tempest scenario manager
and directly imports the manager from tempest which has been
marked stable in tempest 27.0.0 release.
Current test class does not clean volume / backup resources.
Change the create for volume and backups from base and not from client.
The base create contains waiters and run cleanup resources.
Right now master is used, but it is not compatible with stein.
Tempest is already pinned to an older version, but there is no way
at the moment to globally pin tempest plugins to the last known
working version for a branch (but it will be added soon).
This commit lays down a basic structure for protection tests. These are
useful for testing various secure RBAC personas, but leveraging all the
dynamic credential work in tempest's authentication libraries to
provision clients for testing. We're also adding a non-voting protection
test job so that we can integrate protection testing into the cinder
gate as we work through policy changes.
This commit also adds some basic tests exercising the capabilities
admin-only API. These tests ensure that only operators (e.g.,
system-administrators) or formally known as project-administrators, can
access the capabilities API. Assertions and functionality in these tests
may expand in the future to accomodate system-scope when cinder can
properly consume system-scoped tokens from keystone.
For now, the tests assume project-administrators are deployment
operators, which is the legacy way of denoting "admin-ness" in OpenStack
Those tests were disabled when ceph was upgraded
to a newer release (I51c90e592070b99422e692d5e9e97083d93146e8)
because they were failing.
But it seems they are working now, and it is not not trivial
at this point to understand whether something was fixed
in ceph or in cinder, so let's re-enable them.
Also, add a few additional (initially experimental) jobs
to double-check the ceph/c-bak scenario against
the stable branches.
This reverts commit 9d626d0de5
and adds more functionalities.
Removed duplicated 'VIRT_DRIVER=libvirt' entry, removed deprecated service 'n-net' and added 'c-bak' service
Signed-off-by: Rafael Fayan <firstname.lastname@example.org>
The first real cinderlib supported branch works with train,
so restructure the lvm/barbican jobs to disable cinderlib testing
with any branch older than train.
While those branches are in Extended Maintenance status,
the job may be still used there to remove their old legacy
counterpart to easy the maintenance.
Change I0b6ab9fb943c7b0925a0a0d2490a8bcdfa76cedc removed the 'member'
user from the default roles assigned to dynamic tempest users.
This broke cinder-backup with the default swift backend.
Set the full list of roles, including 'creator' which should be
added by the barbican devstack plugin. Unfortunately the values
here overrides any other setting.
While waiting for tempest scenario manager to stabilize its API,
a copy of it has been imported, so make sure to use it and to not
rely on tempest's one (whose API is changing during the stabilization
process, so it may break anytime).
Just one file needs to change its imports.
At the same time, fix the import order for another file.
Tempest replaced the below rolevar for run-tempest role
- tempest_test_blacklist is replaced by tempest_test_exclude_list
- tempest_black_regex is replaced by tempest_exclude_regex
old name are still supported for compatiblity but we recommend
to switch to new one.
We don't really have unit tests in the repository and any py3x venv
would not really be useful (the tests are executed through tempest),
but let's remove the old dependency anyway and depend on stestr
like all the other OpenStack projects.
This patch adds data integrity tests for snapshot with the following
1) create a volume from image
2) Boot an instance from the volume
3) create file on vm and write data into it
4) create first snapshot
5) repeat 3
5) create second snapshot
6) repeat 3
7) create third snapshot
Now restore the snapshots one by one into volume, create instances
from it and check the number of files and file content at each
point snapshot was created.
We are also temporarily making a copy of tempest scenario manager until
the actual manager is available for import in tempest plugins.
It doesn't seem to provide any benefit and is also removed from cinder
For detailed reason, please look into the commit message of the cinder
As discussed in I50d3b874b7e0676436c434be6c059f221041560f the tests
introduced by I846b96ef925c34162cf462da91d854ceacabe022 broke
nova-ceph-multistore thanks to the use of
[workarounds]/never_download_image_if_on_rbd in the job and some image
creation in the test that isn't strictly required.
To ensure breakages like this are visable in the future this change adds
the nova-ceph-multistore job as a non-voting job within this repo.
An independent image isn't required for these tests and additionally
isn't required when calling create_server as the lack of an image
results in CONF.compute.image_ref being used by
The creation of this image resulted in the nova-ceph-multistore job
breaking as documented in bug #1912607. This broke as we use the job to
provide both our core ceph coverage and slightly more edgey topologies
using Glance multistore and the [workarounds]/ workaround option. This
option blocking the download of rbd images via g-api when n-cpu can't
clone the rbd volumes directly, as caused by the image creation in
Iaf6f6e0dbcb25561bf00e969e1964cd30e974e64 is currently skipping any
encryption test in the nova-ceph-multistore job to workaround bug
#1912607 for the time being but we would obviously like to revert that
if possible and expand our coverage.
A follow up change will also propose adding nova-ceph-multistore to the
gate of this plugin to avoid future breakage.
Due to an error in the _setup_encryption_keys volume rekey code, a
cloned encrypted volume that has been rekeyed will specify an
encryption key different from the key used to format the volume,
so it cannot be attached.
This test scenario will cover this feature and also the case of