Add provider for ec2 credentials

In order to run the the ec2api tempest tests, ec2 credentials have to
be created.  This provider creates the ec2 credentials and adds them
to the aws section of the tempest configuration together with some
static configuration that is necessary as well.  It also removes
service_available/ec2api parameter from tempest.conf, which actually
has no effect, since the ec2api tempest tests don't evaluate it.

Change-Id: Iab02a6f453de1a07cd059276cb46e23a4b0bb434

lib/puppet/provider/tempest_ec2_credentials/openstack.rb

@@ -0,0 +1,81 @@
+require File.join(File.dirname(__FILE__), '..','..','..', 'puppet/provider/tempest')
+
+Puppet::Type.type(:tempest_ec2_credentials).provide(
+  :openstack,
+  :parent => Puppet::Provider::Tempest
+) do
+
+  @credentials = Puppet::Provider::Openstack::CredentialsV3.new
+
+  def exists?
+    lines.each do |l|
+      l.chomp!
+      if access_line == l
+        access_found = true
+      end
+      if secret_line == l
+        secret_found = true
+      end
+    end
+    access_found && secret_found
+  end
+
+  def file_path
+    resource[:tempest_conf_path]
+  end
+
+  def create
+    handle_create
+  end
+
+  def destroy
+    handle_create
+  end
+
+  def get_ec2_credentials
+    if resource[:ensure] == :present or resource[:ensure].nil?
+      if @ec2_credentials.nil?
+        @ec2_credentials = self.class.request('ec2', 'credentials', 'create',
+          "--user #{resource[:user]}", "--project #{resource[:project]}")
+      end
+    elsif resource[:ensure] != :absent
+      raise(Puppet::Error, "Cannot ensure to #{resource[:ensure]}")
+    end
+    @ec2_credentials
+  end
+
+  def access_line
+    "aws_access = #{get_ec2_credentials[:access]}"
+  end
+
+  def secret_line
+    "aws_secret = #{get_ec2_credentials[:secret]}"
+  end
+
+  def conf_regex
+    /^\s*aws_(access|secret)\s*=\s*/
+  end
+
+  def handle_create()
+    file = lines
+    file.delete_if { |l| conf_regex.match(l) }
+    block_pos = file.find_index { |l| /^\[aws\]/ =~ l }
+    if block_pos.nil?
+      file += ["[aws]\n", "#{access_line}\n", "#{secret_line}\n"]
+    else
+      file.insert(block_pos+1, "#{access_line}\n", "#{secret_line}\n")
+    end
+    File.write(file_path, file.join)
+  end
+
+  private
+  def lines
+    # If this type is ever used with very large files, we should
+    #  write this in a different way, using a temp
+    #  file; for now assuming that this type is only used on
+    #  small-ish config files that can fit into memory without
+    #  too much trouble.
+    @lines ||= File.readlines(file_path)
+  end
+
+end

lib/puppet/type/tempest_ec2_credentials.rb

@@ -0,0 +1,24 @@
+Puppet::Type.newtype(:tempest_ec2_credentials) do
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    desc 'Name of the credentials.'
+  end
+
+  newparam(:user) do
+    desc 'Name of the user to create credentials for.'
+  end
+
+  newparam(:project) do
+    desc 'Name of the project to create credentials in.'
+  end
+
+  newparam(:tempest_conf_path) do
+    desc 'The path to tempest conf file.'
+  end
+
+  autorequire(:package) do
+    ['python-openstackclient']
+  end
+end

manifests/init.pp

@@ -473,7 +473,6 @@ class tempest(
     'service_available/trove':                         value => $trove_available;
     'service_available/ironic':                        value => $ironic_available;
     'service_available/zaqar':                         value => $zaqar_available;
-    'service_available/ec2api':                        value => $ec2api_available;
     'whitebox/db_uri':                                 value => $whitebox_db_uri;
     'cli/cli_dir':                                     value => $cli_dir;
     'scenario/img_dir':                                value => $img_dir;
@@ -695,4 +694,16 @@ be provided.')
     }
   }
 
+  if $ec2api_available {
+    tempest_config {
+      'aws/ec2_url': value => 'http://127.0.0.1:8788/';
+    }
+    tempest_ec2_credentials { 'ec2_test_creds':
+      ensure            => present,
+      tempest_conf_path => $tempest_conf,
+      user              => $username,
+      project           => $project_name_real,
+    }
+  }
+
 }

spec/classes/tempest_spec.rb

@@ -126,6 +126,30 @@ describe 'tempest' do
       end
     end
 
+    context 'with ec2api_available parameter' do
+      let :params do
+        { :ec2api_available => true,
+          :configure_images => false,
+          :username         => "testuser",
+          :project_name     => "testproject",
+        }
+      end
+
+      it 'sets aws configs' do
+        is_expected.to contain_tempest_config('aws/ec2_url').with_value('http://127.0.0.1:8788/')
+      end
+
+      it 'creates ec2 credentials' do
+        is_expected.to contain_tempest_ec2_credentials('ec2_test_creds').with(
+          :ensure               => 'present',
+          :tempest_conf_path    => '/var/lib/tempest/etc/tempest.conf',
+          :user                 => 'testuser',
+          :project              => 'testproject'
+        )
+      end
+
+    end
+
     context 'with parameters' do
       let :params do
         { :configure_images    => true,
@@ -236,7 +260,6 @@ describe 'tempest' do
           is_expected.to contain_tempest_config('service_available/trove').with(:value => false)
           is_expected.to contain_tempest_config('service_available/ironic').with(:value => false)
           is_expected.to contain_tempest_config('service_available/zaqar').with(:value => false)
-          is_expected.to contain_tempest_config('service_available/ec2api').with(:value => false)
           is_expected.to contain_tempest_config('service_available/designate').with(:value => false)
           is_expected.to contain_tempest_config('whitebox/db_uri').with(:value => nil)
           is_expected.to contain_tempest_config('cli/cli_dir').with(:value => nil)