Remove CredentialProvider deps to CONF

CredentialProvider uses CONF to get identity_version.
Identity version is always passed in anyways, so removing the CONF
dependency and making identity_version a mandatory parameter,
so that the class is ready for migration to tempest-lib

Partially implements: bp tempest-library
Change-Id: Ia960bf0b293e23537b3aaa8114bdbf7a46db62b1
This commit is contained in:
Andrea Frittoli (andreaf) 2015-10-09 14:43:53 +01:00
parent c625bcfb52
commit 32d0de1f38
8 changed files with 93 additions and 58 deletions

View File

@ -98,19 +98,17 @@ def get_credentials(fill_in=True, identity_version=None, **kwargs):
@six.add_metaclass(abc.ABCMeta)
class CredentialProvider(object):
def __init__(self, identity_version=None, name=None,
def __init__(self, identity_version, name=None,
network_resources=None):
"""A CredentialProvider supplies credentials to test classes.
:param identity_version: If specified it will return credentials of the
corresponding identity version, otherwise it
uses auth_version from configuration
:param identity_version: Identity version of the credentials provided
:param name: Name of the calling test. Included in provisioned
credentials when credentials are provisioned on the fly
:param network_resources: Network resources required for the
credentials
"""
self.name = name or "test_creds"
self.identity_version = identity_version or CONF.identity.auth_version
self.identity_version = identity_version
if not auth.is_identity_version_supported(self.identity_version):
raise exceptions.InvalidIdentityVersion(
identity_version=self.identity_version)

View File

@ -32,6 +32,7 @@ def get_credentials_provider(name, network_resources=None,
# dynamic credentials. A new account will be produced only for that test.
# In case admin credentials are not available for the account creation,
# the test should be skipped else it would fail.
identity_version = identity_version or CONF.identity.auth_version
if CONF.auth.use_dynamic_credentials or force_tenant_isolation:
return dynamic_creds.DynamicCredentialProvider(
name=name,
@ -50,8 +51,10 @@ def get_credentials_provider(name, network_resources=None,
# We want a helper function here to check and see if admin credentials
# are available so we can do a single call from skip_checks if admin
# creds area vailable.
def is_admin_available():
# creds area available.
# This depends on identity_version as there may be admin credentials
# available for v2 but not for v3.
def is_admin_available(identity_version):
is_admin = True
# If dynamic credentials is enabled admin will be available
if CONF.auth.use_dynamic_credentials:
@ -60,13 +63,14 @@ def is_admin_available():
elif (CONF.auth.test_accounts_file and
os.path.isfile(CONF.auth.test_accounts_file)):
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
name='check_admin')
identity_version=identity_version, name='check_admin')
if not check_accounts.admin_available():
is_admin = False
else:
try:
cred_provider.get_configured_credentials('identity_admin',
fill_in=False)
cred_provider.get_configured_credentials(
'identity_admin', fill_in=False,
identity_version=identity_version)
except exceptions.InvalidConfiguration:
is_admin = False
return is_admin
@ -74,19 +78,21 @@ def is_admin_available():
# We want a helper function here to check and see if alt credentials
# are available so we can do a single call from skip_checks if alt
# creds area vailable.
def is_alt_available():
# If dynamic credentials is enabled admin will be available
# creds area available.
# This depends on identity_version as there may be alt credentials
# available for v2 but not for v3.
def is_alt_available(identity_version):
# If dynamic credentials is enabled alt will be available
if CONF.auth.use_dynamic_credentials:
return True
# Check whether test accounts file has the admin specified or not
if (CONF.auth.test_accounts_file and
os.path.isfile(CONF.auth.test_accounts_file)):
check_accounts = preprov_creds.PreProvisionedCredentialProvider(
name='check_alt')
identity_version=identity_version, name='check_alt')
else:
check_accounts = preprov_creds.NonLockingCredentialProvider(
name='check_alt')
identity_version=identity_version, name='check_alt')
try:
if not check_accounts.is_multi_user():
return False

View File

@ -30,7 +30,7 @@ LOG = logging.getLogger(__name__)
class DynamicCredentialProvider(cred_provider.CredentialProvider):
def __init__(self, identity_version=None, name=None,
def __init__(self, identity_version, name=None,
network_resources=None):
super(DynamicCredentialProvider, self).__init__(
identity_version, name, network_resources)

View File

@ -39,7 +39,7 @@ def read_accounts_yaml(path):
class PreProvisionedCredentialProvider(cred_provider.CredentialProvider):
def __init__(self, identity_version=None, name=None):
def __init__(self, identity_version, name=None):
super(PreProvisionedCredentialProvider, self).__init__(
identity_version=identity_version, name=name)
if (CONF.auth.test_accounts_file and

View File

@ -323,10 +323,13 @@ class BaseTestCase(testtools.testcase.WithAttributes,
If one is really needed it may be implemented either in the
resource_setup or at test level.
"""
if 'admin' in cls.credentials and not credentials.is_admin_available():
identity_version = cls.get_identity_version()
if 'admin' in cls.credentials and not credentials.is_admin_available(
identity_version=identity_version):
msg = "Missing Identity Admin API credentials in configuration."
raise cls.skipException(msg)
if 'alt' in cls.credentials and not credentials.is_alt_available():
if 'alt' in cls.credentials and not credentials.is_alt_available(
identity_version=identity_version):
msg = "Missing a 2nd set of API credentials in configuration."
raise cls.skipException(msg)
if hasattr(cls, 'identity_version'):
@ -453,6 +456,12 @@ class BaseTestCase(testtools.testcase.WithAttributes,
return cred_client.get_creds_client(client, domain)
@classmethod
def get_identity_version(cls):
"""Returns the identity version used by the test class"""
identity_version = getattr(cls, 'identity_version', None)
return identity_version or CONF.identity.auth_version
@classmethod
def _get_credentials_provider(cls):
"""Returns a credentials provider
@ -464,13 +473,11 @@ class BaseTestCase(testtools.testcase.WithAttributes,
not cls._creds_provider.name == cls.__name__):
force_tenant_isolation = getattr(cls, 'force_tenant_isolation',
False)
identity_version = getattr(cls, 'identity_version', None)
identity_version = identity_version or CONF.identity.auth_version
cls._creds_provider = credentials.get_credentials_provider(
name=cls.__name__, network_resources=cls.network_resources,
force_tenant_isolation=force_tenant_isolation,
identity_version=identity_version)
identity_version=cls.get_identity_version())
return cls._creds_provider
@classmethod
@ -597,7 +604,8 @@ class BaseTestCase(testtools.testcase.WithAttributes,
# for their servers, so using an admin network client to validate
# the network name
if (not CONF.service_available.neutron and
credentials.is_admin_available()):
credentials.is_admin_available(
identity_version=cls.get_identity_version())):
admin_creds = cred_provider.get_admin_creds()
admin_manager = clients.Manager(admin_creds)
networks_client = admin_manager.compute_networks_client
@ -747,7 +755,8 @@ class NegativeAutoTest(BaseTestCase):
"mechanism")
if "admin_client" in description and description["admin_client"]:
if not credentials.is_admin_available():
if not credentials.is_admin_available(
identity_version=self.get_identity_version()):
msg = ("Missing Identity Admin API credentials in"
"configuration.")
raise self.skipException(msg)

View File

@ -23,6 +23,8 @@ from tempest.tests import fake_config
class TestAdminAvailable(base.TestCase):
identity_version = 'v2'
def setUp(self):
super(TestAdminAvailable, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@ -60,16 +62,18 @@ class TestAdminAvailable(base.TestCase):
self.useFixture(mockpatch.Patch('os.path.isfile',
return_value=False))
if admin_creds:
(u, t, p) = ('u', 't', 'p')
(u, t, p, d) = ('u', 't', 'p', 'd')
else:
(u, t, p) = (None, None, None)
(u, t, p, d) = (None, None, None, None)
cfg.CONF.set_default('admin_username', u, group='auth')
cfg.CONF.set_default('admin_tenant_name', t, group='auth')
cfg.CONF.set_default('admin_password', p, group='auth')
cfg.CONF.set_default('admin_domain_name', d, group='auth')
expected = admin_creds is not None or tenant_isolation
observed = credentials.is_admin_available()
observed = credentials.is_admin_available(
identity_version=self.identity_version)
self.assertEqual(expected, observed)
# Tenant isolation implies admin so only one test case for True
@ -102,3 +106,8 @@ class TestAdminAvailable(base.TestCase):
self.run_test(tenant_isolation=False,
use_accounts_file=False,
admin_creds='role')
class TestAdminAvailableV3(TestAdminAvailable):
identity_version = 'v3'

View File

@ -36,6 +36,9 @@ from tempest.tests import fake_identity
class TestPreProvisionedCredentials(base.TestCase):
fixed_params = {'name': 'test class',
'identity_version': 'v2'}
def setUp(self):
super(TestPreProvisionedCredentials, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@ -89,7 +92,7 @@ class TestPreProvisionedCredentials(base.TestCase):
self.stubs.Set(token_client.TokenClient, 'raw_request',
fake_identity._fake_v2_response)
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
@ -99,7 +102,7 @@ class TestPreProvisionedCredentials(base.TestCase):
def test_get_hash_dict(self):
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
hash_dict = test_account_class.get_hash_dict(self.test_accounts)
hash_list = self._get_hash_list(self.test_accounts)
for hash in hash_list:
@ -113,7 +116,7 @@ class TestPreProvisionedCredentials(base.TestCase):
create=True):
test_account_class = (
preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name'))
**self.fixed_params))
res = test_account_class._create_hash_file('12345')
self.assertFalse(res, "_create_hash_file should return False if the "
"pseudo-lock file already exists")
@ -125,7 +128,7 @@ class TestPreProvisionedCredentials(base.TestCase):
create=True):
test_account_class = (
preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name'))
**self.fixed_params))
res = test_account_class._create_hash_file('12345')
self.assertTrue(res, "_create_hash_file should return True if the "
"pseudo-lock doesn't already exist")
@ -138,7 +141,7 @@ class TestPreProvisionedCredentials(base.TestCase):
mkdir_mock = self.useFixture(mockpatch.Patch('os.mkdir'))
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=False))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
with mock.patch('six.moves.builtins.open', mock.mock_open(),
create=True) as open_mock:
test_account_class._get_free_hash(hash_list)
@ -157,7 +160,7 @@ class TestPreProvisionedCredentials(base.TestCase):
# Emulate all lcoks in list are in use
self.useFixture(mockpatch.Patch('os.path.isfile', return_value=True))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
with mock.patch('six.moves.builtins.open', mock.mock_open(),
create=True):
self.assertRaises(exceptions.InvalidConfiguration,
@ -169,7 +172,7 @@ class TestPreProvisionedCredentials(base.TestCase):
self.useFixture(mockpatch.Patch('os.path.isdir', return_value=True))
hash_list = self._get_hash_list(self.test_accounts)
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
def _fake_is_file(path):
# Fake isfile() to return that the path exists unless a specific
@ -195,7 +198,7 @@ class TestPreProvisionedCredentials(base.TestCase):
# Pretend the lock dir is empty
self.useFixture(mockpatch.Patch('os.listdir', return_value=[]))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
@ -216,7 +219,7 @@ class TestPreProvisionedCredentials(base.TestCase):
self.useFixture(mockpatch.Patch('os.listdir', return_value=[
hash_list[1], hash_list[4]]))
test_account_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
remove_mock = self.useFixture(mockpatch.Patch('os.remove'))
rmdir_mock = self.useFixture(mockpatch.Patch('os.rmdir'))
test_account_class.remove_hash(hash_list[2])
@ -228,7 +231,7 @@ class TestPreProvisionedCredentials(base.TestCase):
def test_is_multi_user(self):
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
self.assertTrue(test_accounts_class.is_multi_user())
def test_is_not_multi_user(self):
@ -237,7 +240,7 @@ class TestPreProvisionedCredentials(base.TestCase):
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
self.assertFalse(test_accounts_class.is_multi_user())
def test__get_creds_by_roles_one_role(self):
@ -245,7 +248,7 @@ class TestPreProvisionedCredentials(base.TestCase):
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
hashes = test_accounts_class.hash_dict['roles']['role4']
temp_hash = hashes[0]
get_free_hash_mock = self.useFixture(mockpatch.PatchObject(
@ -263,7 +266,7 @@ class TestPreProvisionedCredentials(base.TestCase):
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
hashes = test_accounts_class.hash_dict['roles']['role4']
hashes2 = test_accounts_class.hash_dict['roles']['role2']
hashes = list(set(hashes) & set(hashes2))
@ -283,7 +286,7 @@ class TestPreProvisionedCredentials(base.TestCase):
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=self.test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
hashes = list(test_accounts_class.hash_dict['creds'].keys())
admin_hashes = test_accounts_class.hash_dict['roles'][
cfg.CONF.identity.admin_role]
@ -310,7 +313,7 @@ class TestPreProvisionedCredentials(base.TestCase):
'tempest.common.preprov_creds.read_accounts_yaml',
return_value=test_accounts))
test_accounts_class = preprov_creds.PreProvisionedCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
with mock.patch('tempest.services.compute.json.networks_client.'
'NetworksClient.list_networks',
return_value={'networks': [{'name': 'network-2',
@ -328,6 +331,9 @@ class TestPreProvisionedCredentials(base.TestCase):
class TestNotLockingAccount(base.TestCase):
fixed_params = {'name': 'test class',
'identity_version': 'v2'}
def setUp(self):
super(TestNotLockingAccount, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@ -349,7 +355,7 @@ class TestNotLockingAccount(base.TestCase):
def test_get_creds_roles_nonlocking_invalid(self):
test_accounts_class = preprov_creds.NonLockingCredentialProvider(
'v2', 'test_name')
**self.fixed_params)
self.assertRaises(exceptions.InvalidConfiguration,
test_accounts_class.get_creds_by_roles,
['fake_role'])

View File

@ -32,6 +32,9 @@ from tempest.tests import fake_identity
class TestDynamicCredentialProvider(base.TestCase):
fixed_params = {'name': 'test class',
'identity_version': 'v2'}
def setUp(self):
super(TestDynamicCredentialProvider, self).setUp()
self.useFixture(fake_config.ConfigFixture())
@ -44,7 +47,7 @@ class TestDynamicCredentialProvider(base.TestCase):
self._mock_list_ec2_credentials('fake_user_id', 'fake_tenant_id')
def test_tempest_client(self):
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self.assertTrue(isinstance(creds.identity_admin_client,
json_iden_client.IdentityClient))
self.assertTrue(isinstance(creds.network_admin_client,
@ -142,7 +145,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_primary_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_tenant_create('1234', 'fake_prim_tenant')
@ -157,7 +160,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_admin_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_list_roles('1234', 'admin')
self._mock_user_create('1234', 'fake_admin_user')
self._mock_tenant_create('1234', 'fake_admin_tenant')
@ -180,7 +183,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_role_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
creds = dynamic_creds.DynamicCredentialProvider('v2', 'test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_list_2_roles()
self._mock_user_create('1234', 'fake_role_user')
self._mock_tenant_create('1234', 'fake_role_tenant')
@ -209,7 +212,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_all_cred_cleanup(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_tenant_create('1234', 'fake_prim_tenant')
@ -249,7 +252,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_alt_creds(self, MockRestClient):
cfg.CONF.set_default('neutron', False, 'service_available')
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_alt_user')
@ -264,7 +267,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_no_network_creation_with_config_set(self, MockRestClient):
cfg.CONF.set_default('create_isolated_networks', False, group='auth')
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@ -292,7 +295,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_creation(self, MockRestClient):
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@ -323,7 +326,7 @@ class TestDynamicCredentialProvider(base.TestCase):
"description": args['name'],
"security_group_rules": [],
"id": "sg-%s" % args['tenant_id']}]}
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
# Create primary tenant and network
self._mock_assign_user_role()
self._mock_list_role()
@ -431,7 +434,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_alt_creation(self, MockRestClient):
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_alt_user')
@ -456,7 +459,7 @@ class TestDynamicCredentialProvider(base.TestCase):
@mock.patch('tempest_lib.common.rest_client.RestClient')
def test_network_admin_creation(self, MockRestClient):
creds = dynamic_creds.DynamicCredentialProvider(name='test class')
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
self._mock_assign_user_role()
self._mock_user_create('1234', 'fake_admin_user')
self._mock_tenant_create('1234', 'fake_admin_tenant')
@ -488,7 +491,8 @@ class TestDynamicCredentialProvider(base.TestCase):
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
name='test class', network_resources=net_dict)
network_resources=net_dict,
**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@ -523,7 +527,8 @@ class TestDynamicCredentialProvider(base.TestCase):
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
name='test class', network_resources=net_dict)
network_resources=net_dict,
**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@ -540,7 +545,8 @@ class TestDynamicCredentialProvider(base.TestCase):
'dhcp': False,
}
creds = dynamic_creds.DynamicCredentialProvider(
name='test class', network_resources=net_dict)
network_resources=net_dict,
**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')
@ -557,7 +563,8 @@ class TestDynamicCredentialProvider(base.TestCase):
'dhcp': True,
}
creds = dynamic_creds.DynamicCredentialProvider(
name='test class', network_resources=net_dict)
network_resources=net_dict,
**self.fixed_params)
self._mock_assign_user_role()
self._mock_list_role()
self._mock_user_create('1234', 'fake_prim_user')