Use keystone v3 for functional tests

* Update functional_creds.conf.sample
* and functional_creds.conf in post_gate_hook
* Update python_client_base to use keystone v3 credentials
* Get magnum_url from magnum.conf

Closes-Bug: #1474152
Change-Id: If1ce6e77396857fef68c5c288f0b1c7fecb0b4d4

functional_creds.conf.sample

@@ -1,16 +1,20 @@
 # Credentials for functional testing
 [auth]
-auth_url = http://127.0.0.1:5000/v2.0
+auth_url = http://127.0.0.1:5000/v3
 magnum_url = http://127.0.0.1:9511/v1
 username = demo
-tenant_name = demo
+project_name = demo
+project_domain_id = default
+user_domain_id = default
 password = password
-auth_version = v2
+auth_version = v3
 insecure=False
 [admin]
 user = admin
-tenant = admin
+project_name = admin
 pass = password
+project_domain_id = default
+user_domain_id = default
 [magnum]
 image_id = fedora-atomic-latest
 nic_id = public

magnum/tests/contrib/post_test_hook.sh

@@ -64,6 +64,11 @@ function create_test_data {
     # qcow2 images, the format is 'bare'.
     export IMAGE_ID=$(glance --os-image-api-version 1 image-list | grep $container_format | grep -i $image_name | awk '{print $2}')
 
+    #Get magnum_url
+    local magnum_api_ip=$(iniget /etc/magnum/magnum.conf api host)
+    local magnum_api_port=$(iniget /etc/magnum/magnum.conf api port)
+    local magnum_url="http://"$magnum_api_ip":"$magnum_api_port"/v1"
+
     # pass the appropriate variables via a config file
     CREDS_FILE=$MAGNUM_DIR/functional_creds.conf
     cat <<EOF > $CREDS_FILE
@@ -71,15 +76,19 @@ function create_test_data {
 
 [auth]
 auth_url = $OS_AUTH_URL
-magnum_url = $BYPASS_URL
+magnum_url = $magnum_url
 username = $OS_USERNAME
-tenant_name = $OS_TENANT_NAME
+project_name = $OS_PROJECT_NAME
+project_domain_id = $OS_PROJECT_DOMAIN_ID
+user_domain_id = $OS_USER_DOMAIN_ID
 password = $OS_PASSWORD
-auth_version = v2
+auth_version = v3
 insecure = False
 [admin]
 user = $OS_USERNAME
-tenant = $OS_TENANT_NAME
+project_name = $OS_PROJECT_NAME
+project_domain_id = $OS_PROJECT_DOMAIN_ID
+user_domain_id = $OS_USER_DOMAIN_ID
 pass = $OS_PASSWORD
 region_name = $OS_REGION_NAME
 [magnum]
@@ -109,20 +118,8 @@ function add_flavor {
     # Get admin credentials
     pushd ../devstack
     source openrc admin admin
-    # NOTE(hongbin): This is a temporary work around. These variables are for
-    # keystone v3, but magnum is using v2 API. Therefore, unset them to make the
-    # keystoneclient work.
-    # Bug: #1473600
-    unset OS_PROJECT_DOMAIN_ID
-    unset OS_USER_DOMAIN_ID
-    unset OS_AUTH_TYPE
     popd
 
-    # Due to keystone defaulting everything to v3, we need to update to make func tests
-    # work in our gates back to v2
-    export OS_AUTH_URL=http://127.0.0.1:5000/v2.0
-    export OS_IDENTITY_API_VERSION=2.0
-
     # Create magnum specific flavor for use in functional tests.
     echo_summary "Create a flavor"
     nova flavor-create  m1.magnum 100 1024 10 1
@@ -173,7 +170,6 @@ if [[ "api" == "$coe" ]]; then
 
     # Set demo credentials
     source $BASE/new/devstack/accrc/demo/demo
-    unset OS_AUTH_TYPE
 
     create_test_data $coe
 
@@ -198,13 +194,6 @@ else
     # Get admin credentials
     pushd ../devstack
     source openrc admin admin
-    # NOTE(hongbin): This is a temporary work around. These variables are for
-    # keystone v3, but magnum is using v2 API. Therefore, unset them to make the
-    # keystoneclient work.
-    # Bug: #1473600
-    unset OS_PROJECT_DOMAIN_ID
-    unset OS_USER_DOMAIN_ID
-    unset OS_AUTH_TYPE
     popd
 
     add_flavor

magnum/tests/functional/python_client_base.py

@@ -28,7 +28,7 @@ from six.moves import configparser
 from heatclient import client as heatclient
 from k8sclient.client import api_client
 from k8sclient.client.apis import apiv_api
-from keystoneclient.v2_0 import client as ksclient
+from keystoneclient.v3 import client as ksclient
 
 from magnum.common.utils import rmtree_without_raise
 import magnum.conf
@@ -53,8 +53,7 @@ class BaseMagnumClient(base.BaseMagnumTest):
         super(BaseMagnumClient, cls).setUpClass()
         user = cliutils.env('OS_USERNAME')
         passwd = cliutils.env('OS_PASSWORD')
-        tenant = cliutils.env('OS_TENANT_NAME')
-        tenant_id = cliutils.env('OS_TENANT_ID')
+        project_name = cliutils.env('OS_PROJECT_NAME')
         auth_url = cliutils.env('OS_AUTH_URL')
         insecure = cliutils.env('INSECURE')
         region_name = cliutils.env('OS_REGION_NAME')
@@ -66,6 +65,8 @@ class BaseMagnumClient(base.BaseMagnumTest):
         keypair_id = cliutils.env('KEYPAIR_ID')
         dns_nameserver = cliutils.env('DNS_NAMESERVER')
         copy_logs = cliutils.env('COPY_LOGS')
+        user_domain_id = cliutils.env('OS_USER_DOMAIN_ID')
+        project_domain_id = cliutils.env('OS_PROJECT_DOMAIN_ID')
 
         config = configparser.RawConfigParser()
         if config.read('functional_creds.conf'):
@@ -73,7 +74,7 @@ class BaseMagnumClient(base.BaseMagnumTest):
             # override
             user = user or config.get('admin', 'user')
             passwd = passwd or config.get('admin', 'pass')
-            tenant = tenant or config.get('admin', 'tenant')
+            project_name = project_name or config.get('admin', 'project_name')
             auth_url = auth_url or config.get('auth', 'auth_url')
             insecure = insecure or config.get('auth', 'insecure')
             magnum_url = magnum_url or config.get('auth', 'magnum_url')
@@ -85,6 +86,11 @@ class BaseMagnumClient(base.BaseMagnumTest):
             keypair_id = keypair_id or config.get('magnum', 'keypair_id')
             dns_nameserver = dns_nameserver or config.get(
                 'magnum', 'dns_nameserver')
+            user_domain_id = user_domain_id or config.get(
+                'admin', 'user_domain_id')
+            project_domain_id = project_domain_id or config.get(
+                'admin', 'project_domain_id')
+
             try:
                 copy_logs = copy_logs or config.get('magnum', 'copy_logs')
             except configparser.NoOptionError:
@@ -99,16 +105,19 @@ class BaseMagnumClient(base.BaseMagnumTest):
         cls.copy_logs = str(copy_logs).lower() == 'true'
         cls.cs = v1client.Client(username=user,
                                  api_key=passwd,
-                                 project_id=tenant_id,
-                                 project_name=tenant,
+                                 project_name=project_name,
                                  auth_url=auth_url,
                                  insecure=insecure,
+                                 user_domain_id=user_domain_id,
+                                 project_domain_id=project_domain_id,
                                  service_type='container-infra',
                                  region_name=region_name,
                                  magnum_url=magnum_url)
         cls.keystone = ksclient.Client(username=user,
                                        password=passwd,
-                                       tenant_name=tenant,
+                                       project_name=project_name,
+                                       project_domain_id=project_domain_id,
+                                       user_domain_id=user_domain_id,
                                        auth_url=auth_url,
                                        insecure=insecure)
         token = cls.keystone.auth_token