FT Setup to test multi-tenant policy in LCM

To validate functional test cases in Zuul environment this
patch adds a new Ansible playbook. This playbook helps in
creating two different OpenStack projects, users to
validate multi tenant policy in Lifecycle Management.

In current design, tacker uses an administrator role user
"nfv_user" to execute functional test cases. Whereas this
patch adds member role (non administrator user) to newly
created users.

Generates OpenStack VIM config files using helper script and
register default VIMs to respective tenants.
Additionally copies newly generated VIM config files to
"tacker/tacker/tests/etc/samples" folder as these are required
in functional test cases.

Partial Implement: blueprint multi-tenant-policy

Change-Id: I20491eb294e5653bcdc2864885f55d04b21696a1

playbooks/devstack/pre.yaml

@@ -5,6 +5,7 @@
     - modify-heat-policy
     - setup-default-vim
     - setup-helm
+    - setup-multi-tenant-vim
     - role: bindep
       bindep_profile: test
       bindep_dir: "{{ zuul_work_dir }}"

roles/setup-multi-tenant-vim/defaults/main.yaml

@@ -0,0 +1,15 @@
+os_username_tenant1: test_user_1
+os_password_tenant1: devstack
+os_project_tenant1: test_tenant_1
+os_domain_tenant1: Default
+os_vim_name_tenant1: VIM_TEST
+os_vim_conf_name_tenant1: local-tenant1-vim.yaml
+os_vim_conf_path_tenant1: /tmp/local-tenant1-vim.yaml
+os_username_tenant2: test_user_2
+os_password_tenant2: devstack
+os_project_tenant2: test_tenant_2
+os_domain_tenant2: Default
+os_vim_name_tenant2: VIM_DEMO
+os_vim_conf_name_tenant2: local-tenant2-vim.yaml
+os_vim_conf_path_tenant2: /tmp/local-tenant2-vim.yaml
+os_member_role: member

roles/setup-multi-tenant-vim/tasks/main.yaml

@@ -0,0 +1,129 @@
+- block:
+  - name: Create first OpenStack project, user and assign role
+    shell: |
+       openstack --os-cloud devstack-admin project create \
+       --domain {{ os_domain_tenant1 }} \
+       --description 'Test multi tenant policy' {{ os_project_tenant1 }}
+       openstack --os-cloud devstack-admin user create \
+       --domain {{ os_domain_tenant1 }} --project {{ os_project_tenant1 }} \
+       --password {{ os_password_tenant1 }} {{ os_username_tenant1 }}
+       openstack --os-cloud devstack-admin role add \
+       --project {{ os_project_tenant1 }} \
+       --user {{ os_username_tenant1 }} {{ os_member_role }}
+
+  - name: Create second OpenStack project, user and assign role
+    shell: |
+       openstack --os-cloud devstack-admin project create \
+       --domain {{ os_domain_tenant2 }} \
+       --description 'Test multi tenant policy' {{ os_project_tenant2 }}
+       openstack --os-cloud devstack-admin user create \
+       --domain {{ os_domain_tenant2 }} --project {{ os_project_tenant2 }} \
+       --password {{ os_password_tenant2 }} {{ os_username_tenant2 }}
+       openstack --os-cloud devstack-admin role add \
+       --project {{ os_project_tenant2 }} \
+       --user {{ os_username_tenant2 }} {{ os_member_role }}
+
+  - name: Get stackenv from devstack environment
+    slurp:
+      src: "{{ devstack_base_dir }}/devstack/.stackenv"
+    register: stackenv
+
+  - name: Set a keystone authentication uri
+    set_fact:
+      auth_uri: "{{
+                stackenv.content
+                | b64decode
+                | regex_replace('\n', ' ')
+                | regex_replace('^.*KEYSTONE_SERVICE_URI=([^ ]+).*$', '\\1')
+                }}"
+
+  - name: Request authentication token for first tenant
+    shell: >
+       openstack --os-auth-url {{ auth_uri }}
+       --os-project-domain-name {{ os_domain_tenant1 }}
+       --os-user-domain-name {{ os_domain_tenant1 }}
+       --os-project-name {{ os_project_tenant1 }}
+       --os-username {{ os_username_tenant1 }}
+       --os-password {{ os_password_tenant1 }}
+       token issue
+
+  - name: Generate OpenStack VIM config for first tenant
+    shell: >
+       {{ zuul_work_dir }}/tools/gen_vim_config.sh --type openstack
+       --os-user {{ os_username_tenant1 }}
+       --os-password {{ os_password_tenant1 }}
+       --project {{ os_project_tenant1 }}
+       --os-project-domain {{ os_domain_tenant1 }}
+       --os-user-domain {{ os_domain_tenant1 }}
+       --endpoint {{ auth_uri }} --os-disable-cert-verify
+       -o {{ os_vim_conf_path_tenant1 }}
+
+  - name: Cat OpenStack VIM config for first tenant
+    shell: cat {{ os_vim_conf_path_tenant1 }}
+
+  - name: Register OpenStack VIM for first tenant
+    shell: >
+       openstack vim register
+       --os-username {{ os_username_tenant1 }}
+       --os-password {{ os_password_tenant1 }}
+       --os-project-name {{ os_project_tenant1 }}
+       --os-auth-url {{ auth_uri }}
+       --os-project-domain-name {{ os_domain_tenant1 }}
+       --os-user-domain-name {{ os_domain_tenant1 }}
+       --config-file {{ os_vim_conf_path_tenant1 }}
+       --is-default
+       --description "VIM for testing multi tenant"
+       {{ os_vim_name_tenant1 }}
+
+  - name: Copy first tenant vim config file
+    copy:
+       remote_src=True
+       src={{ os_vim_conf_path_tenant1 }}
+       dest={{ zuul_work_dir }}/tacker/tests/etc/samples/{{ os_vim_conf_name_tenant1 }}
+
+  - name: Request authentication token for second tenant
+    shell: >
+       openstack --os-auth-url {{ auth_uri }}
+       --os-project-domain-name {{ os_domain_tenant2 }}
+       --os-user-domain-name {{ os_domain_tenant2 }}
+       --os-project-name {{ os_project_tenant2 }}
+       --os-username {{ os_username_tenant2 }}
+       --os-password {{ os_password_tenant2 }}
+       token issue
+
+  - name: Generate OpenStack VIM config for second tenant
+    shell: >
+       {{ zuul_work_dir }}/tools/gen_vim_config.sh --type openstack
+       --os-user {{ os_username_tenant2 }}
+       --os-password {{ os_password_tenant2 }}
+       --project {{ os_project_tenant2 }}
+       --os-project-domain {{ os_domain_tenant2 }}
+       --os-user-domain {{ os_domain_tenant2 }}
+       --endpoint {{ auth_uri }} --os-disable-cert-verify
+       -o {{ os_vim_conf_path_tenant2 }}
+
+  - name: Cat OpenStack VIM config
+    shell: cat {{ os_vim_conf_path_tenant2 }}
+
+  - name: Register OpenStack VIM for second tenant
+    shell: >
+       openstack vim register
+       --os-username {{ os_username_tenant2 }}
+       --os-password {{ os_password_tenant2 }}
+       --os-project-name {{ os_project_tenant2 }}
+       --os-auth-url {{ auth_uri }}
+       --os-project-domain-name {{ os_domain_tenant2 }}
+       --os-user-domain-name {{ os_domain_tenant2 }}
+       --config-file {{ os_vim_conf_path_tenant2 }}
+       --is-default
+       --description "VIM for testing multi tenant"
+       {{ os_vim_name_tenant2 }}
+
+  - name: Copy second tenant vim config file
+    copy:
+       remote_src=True
+       src={{ os_vim_conf_path_tenant2 }}
+       dest={{ zuul_work_dir }}/tacker/tests/etc/samples/{{ os_vim_conf_name_tenant2 }}
+
+  when:
+    - inventory_hostname == 'controller-tacker'