tacker/tox.ini
kexuesheng 40a15b5945 Enhancement of Tacker API resource access control
For fine-grained access control based on user and VNF information
for API resources, this patch does the following things:
1.Add three comparison attributes of area, vendor, and tenant
  for the enhanced Tacker policy.
2.Convert special roles to API attributes in context.
3.Modify the API process to support Tacker policy authorize.
4.Add the Tacker policy filter to the list API processes.

Implements: blueprint enhance-api-policy
Change-Id: I5b4c39387860133a3bcf4544f18a6353c80773f6
2023-03-14 14:15:48 +00:00

231 lines
6.6 KiB
INI

[tox]
envlist = py39,py38,py36,pep8,docs
minversion = 3.18.0
ignore_basepython_conflict = True
[testenv]
basepython = python3
setenv = VIRTUAL_ENV={envdir}
OS_LOG_CAPTURE={env:OS_LOG_CAPTURE:true}
OS_STDOUT_CAPTURE={env:OS_STDOUT_CAPTURE:true}
OS_STDERR_CAPTURE={env:OS_STDERR_CAPTURE:true}
passenv = TOX_CONSTRAINTS_FILE
usedevelop = True
allowlist_externals = rm
deps =
-c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/2023.1}
-r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
commands =
stestr run --slowest --concurrency 1 {posargs}
[testenv:functional]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional run --slowest {posargs}
[testenv:dsvm-functional]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional run --slowest --concurrency 2 {posargs}
[testenv:dsvm-functional-legacy]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/legacy run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-separated-nfvo]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_separated_nfvo run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-separated-nfvo-v2]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_separated_nfvo_v2 run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-kubernetes]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_kubernetes run --slowest --concurrency 2 {posargs}
[testenv:dsvm-functional-sol-v2]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_v2 run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-v2-ubuntu-focal]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_v2 run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-kubernetes-v2]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_kubernetes_v2 run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol_kubernetes_oidc_auth]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_kubernetes_oidc_auth run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-multi-tenant]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_multi_tenant run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-kubernetes-multi-tenant]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_kubernetes_multi_tenant run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-v2-az-retry]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_v2_az_retry run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-enhanced-policy-sol]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_enhanced_policy/sol run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-enhanced-policy-sol-kubernetes]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_enhanced_policy/sol_kubernetes run --slowest --concurrency 1 {posargs}
[testenv:dsvm-functional-sol-https-v2]
setenv = {[testenv]setenv}
commands =
stestr --test-path=./tacker/tests/functional/sol_https_v2 run --slowest --concurrency 1 {posargs}
[testenv:dsvm-compliance-sol-api]
passenv =
{[testenv]passenv}
*_PROXY
commands_pre =
git clone https://forge.etsi.org/rep/nfv/api-tests.git
git -C api-tests checkout 2.6.1-fix-plu
pip install -U -r{envdir}/api-tests/requirements.txt
commands =
stestr --test-path={toxinidir}/tacker/tests/compliance --top-dir={toxinidir} run --slowest --concurrency 1 {posargs}
commands_post =
rm -rf api-tests
allowlist_externals =
git
rm
changedir = {envdir}
[testenv:debug]
commands = oslo_debug_helper {posargs}
[testenv:debug-py36]
basepython = python3.6
commands = oslo_debug_helper {posargs}
[testenv:debug-py39]
basepython = python3.9
commands = oslo_debug_helper {posargs}
[testenv:pep8]
deps = -r{toxinidir}/doc/requirements.txt
-r{toxinidir}/test-requirements.txt
commands =
flake8
doc8 -e .rst doc/source/ CONTRIBUTING.rst HACKING.rst README.rst TESTING.rst
tacker-db-manage check_migration
allowlist_externals = bash
[testenv:i18n]
commands = python ./tools/check_i18n.py ./tacker
[testenv:docs]
allowlist_externals =
sphinx-build
deps = -r{toxinidir}/doc/requirements.txt
commands =
sphinx-build -W -b html doc/source doc/build/html
oslopolicy-sample-generator --config-file=etc/tacker-policy-generator.conf
[testenv:api-ref]
deps = -r{toxinidir}/doc/requirements.txt
commands =
rm -rf api-ref/build
sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html
allowlist_externals = rm
[testenv:releasenotes]
deps = -r{toxinidir}/doc/requirements.txt
commands =
sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
[testenv:cover]
setenv =
PYTHON=coverage run --source tacker --parallel-mode
commands =
stestr run {posargs}
coverage combine
coverage html -d cover
coverage xml -o cover/coverage.xml
[testenv:venv]
commands = {posargs}
[flake8]
# E128 continuation line under-indented for visual indent
# N320 log messages does not translate
# W503 line break before binary operator
# W504 line break after binary operator
ignore = E128,N320,W503,W504
show-source = true
builtins = _
exclude = .venv,.git,.tox,dist,doc,*lib/python*,*egg,build,tools,.ropeproject
[hacking]
import_exceptions = tacker._i18n
[flake8:local-plugins]
extension =
N320 = checks:validate_log_translations
T301 = checks:no_log_warn
paths = ./tacker/hacking
[testenv:config-gen]
commands =
oslo-config-generator --config-file=etc/config-generator.conf
[testenv:genpolicy]
commands =
oslopolicy-sample-generator --config-file=etc/tacker-policy-generator.conf
[testenv:bindep]
# Do not install any requirements. We want this to be fast and work even if
# system dependencies are missing, since it's used to tell you what system
# dependencies are missing! This also means that bindep must be installed
# separately, outside of the requirements files, and develop mode disabled
# explicitly to avoid unnecessarily installing the checked-out repo too (this
# further relies on "tox.skipsdist = True" above).
deps = bindep
commands = bindep test