Merge "Test cleanup: do not leak FDs during test runs"

2014-09-04 03:25:13 +00:00 · 2014-09-04 03:25:13 +00:00 · 9a9f707eb2
parent 8661e941ab 1175b6537c
commit 9a9f707eb2
5 changed files with 41 additions and 10 deletions
--- a/keystone/tests/ksfixtures/temporaryfile.py
+++ b/keystone/tests/ksfixtures/temporaryfile.py
@ -0,0 +1,29 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import tempfile
+
+import fixtures
+
+
+class SecureTempFile(fixtures.Fixture):
+    """A fixture for creating a secure temp file."""
+
+    def setUp(self):
+        super(SecureTempFile, self).setUp()
+
+        _fd, self.file_name = tempfile.mkstemp()
+        # Make sure no file descriptors are leaked, close the unused FD.
+        os.close(_fd)
+        self.addCleanup(os.remove, self.file_name)
--- a/keystone/tests/test_policy.py
+++ b/keystone/tests/test_policy.py
@ -14,7 +14,6 @@
 #    under the License.

 import json
-import tempfile

 import mock
 import six
@ -25,6 +24,7 @@ from keystone import exception
 from keystone.openstack.common import policy as common_policy
 from keystone.policy.backends import rules
 from keystone import tests
+from keystone.tests.ksfixtures import temporaryfile


 class PolicyFileTestCase(tests.TestCase):
@ -32,7 +32,8 @@ class PolicyFileTestCase(tests.TestCase):
        # self.tmpfilename should exist before setUp super is called
        # this is to ensure it is available for the config_fixture in
        # the config_overrides call.
-        _unused, self.tmpfilename = tempfile.mkstemp()
+        self.tempfile = self.useFixture(temporaryfile.SecureTempFile())
+        self.tmpfilename = self.tempfile.file_name
        super(PolicyFileTestCase, self).setUp()

        rules.reset()
--- a/keystone/tests/test_v3_filters.py
+++ b/keystone/tests/test_v3_filters.py
@ -13,13 +13,13 @@
 # License for the specific language governing permissions and limitations
 # under the License.

-import tempfile
 import uuid

 from keystone import config
 from keystone.openstack.common import jsonutils
 from keystone.policy.backends import rules
 from keystone.tests import filtering
+from keystone.tests.ksfixtures import temporaryfile
 from keystone.tests import test_v3


@ -40,7 +40,8 @@ class IdentityTestFilteredCase(filtering.FilterTests,
        # file in each test to create the policies
        self.orig_policy_file = CONF.policy_file
        rules.reset()
-        _unused, self.tmpfilename = tempfile.mkstemp()
+        self.tempfile = self.useFixture(temporaryfile.SecureTempFile())
+        self.tmpfilename = self.tempfile.file_name
        self.config_fixture.config(policy_file=self.tmpfilename)

        # drop the policy rules
--- a/keystone/tests/test_v3_oauth1.py
+++ b/keystone/tests/test_v3_oauth1.py
@ -13,8 +13,6 @@
 # under the License.

 import copy
-import os
-import tempfile
 import uuid

 from six.moves import urllib
@ -25,6 +23,7 @@ from keystone.contrib.oauth1 import controllers
 from keystone.contrib.oauth1 import core
 from keystone import exception
 from keystone.openstack.common import jsonutils
+from keystone.tests.ksfixtures import temporaryfile
 from keystone.tests import test_v3


@ -563,11 +562,11 @@ class AuthTokenTests(OAuthFlowTests):
                 expected_status=403)

    def _set_policy(self, new_policy):
-        _unused, self.tmpfilename = tempfile.mkstemp()
+        self.tempfile = self.useFixture(temporaryfile.SecureTempFile())
+        self.tmpfilename = self.tempfile.file_name
        self.config_fixture.config(policy_file=self.tmpfilename)
        with open(self.tmpfilename, "w") as policyfile:
            policyfile.write(jsonutils.dumps(new_policy))
-        self.addCleanup(os.remove, self.tmpfilename)

    def test_trust_token_cannot_authorize_request_token(self):
        trust_token = self._create_trust_get_token()
--- a/keystone/tests/test_v3_protection.py
+++ b/keystone/tests/test_v3_protection.py
@ -13,7 +13,6 @@
 # License for the specific language governing permissions and limitations
 # under the License.

-import tempfile
 import uuid

 from keystone import config
@ -21,6 +20,7 @@ from keystone import exception
 from keystone.openstack.common import jsonutils
 from keystone.policy.backends import rules
 from keystone import tests
+from keystone.tests.ksfixtures import temporaryfile
 from keystone.tests import test_v3


@ -56,7 +56,8 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
        # file in each test to create the policies
        self.addCleanup(rules.reset)
        rules.reset()
-        _unused, self.tmpfilename = tempfile.mkstemp()
+        self.tempfile = self.useFixture(temporaryfile.SecureTempFile())
+        self.tmpfilename = self.tempfile.file_name
        self.config_fixture.config(policy_file=self.tmpfilename)

        # A default auth request we can use - un-scoped user token