Remove auth_version config from get_credentials

In preparation for migration to tempest-lib, add a new parameter to get_credentials to specify the identity version. Define a wrapper cred_provider.get_credentials that exposes the same signature auth.get_credetials use to have, and switch all consumers to use the cred_provider version. Do not raise InvalidConfiguration from auth module. Adapt unit tests accordingly, and remove their dependency to fake configs, to prepare them as well for migration to tempest-lib. Change-Id: Idd467166b7547b55be4cee076c9913c72b7b5a8d
2015-01-30 13:22:50 +00:00 · 2015-01-30 13:22:50 +00:00 · 878d5ab9d1
parent 9efbe95571
commit 878d5ab9d1
11 changed files with 58 additions and 57 deletions
--- a/tempest/api/identity/admin/v3/test_trusts.py
+++ b/tempest/api/identity/admin/v3/test_trusts.py
@ -14,8 +14,8 @@ import datetime
 import re

 from tempest.api.identity import base
-from tempest import auth
 from tempest import clients
+from tempest.common import cred_provider
 from tempest.common.utils import data_utils
 from tempest import config
 from tempest import exceptions
@ -87,7 +87,7 @@ class BaseTrustsV3Test(base.BaseIdentityV3AdminTest):
        self.assertIsNotNone(self.trustee_user_id)

        # Initialize a new client with the trustor credentials
-        creds = auth.get_credentials(
+        creds = cred_provider.get_credentials(
            username=self.trustor_username,
            password=self.trustor_password,
            tenant_name=self.trustor_project_name)
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@ -14,8 +14,8 @@
 #    under the License.


-from tempest import auth
 from tempest import clients
+from tempest.common import cred_provider
 from tempest.common.utils import data_utils
 from tempest import config
 from tempest import exceptions
@ -149,11 +149,11 @@ class DataGenerator(object):

        @property
        def test_credentials(self):
-            return auth.get_credentials(username=self.test_user,
-                                        user_id=self.user['id'],
-                                        password=self.test_password,
-                                        tenant_name=self.test_tenant,
-                                        tenant_id=self.tenant['id'])
+            return cred_provider.get_credentials(username=self.test_user,
+                                                 user_id=self.user['id'],
+                                                 password=self.test_password,
+                                                 tenant_name=self.test_tenant,
+                                                 tenant_id=self.tenant['id'])

        def setup_test_user(self):
            """Set up a test user."""
--- a/tempest/auth.py
+++ b/tempest/auth.py
@ -44,7 +44,6 @@ class AuthProvider(object):
        :param interface: 'json' or 'xml'. Applicable for tempest client only
            (deprecated: only json now supported)
        """
-        credentials = self._convert_credentials(credentials)
        if self.check_credentials(credentials):
            self.credentials = credentials
        else:
@ -54,13 +53,6 @@ class AuthProvider(object):
        self.alt_auth_data = None
        self.alt_part = None

-    def _convert_credentials(self, credentials):
-        # Support dict credentials for backwards compatibility
-        if isinstance(credentials, dict):
-            return get_credentials(**credentials)
-        else:
-            return credentials
-
    def __str__(self):
        return "Creds :{creds}, interface: {interface}, " \
               "cached auth data: {cache}".format(
@ -440,7 +432,11 @@ class KeystoneV3AuthProvider(KeystoneAuthProvider):
            datetime.datetime.utcnow()


-def get_credentials(fill_in=True, **kwargs):
+def is_identity_version_supported(identity_version):
+    return identity_version in IDENTITY_VERSION
+
+
+def get_credentials(fill_in=True, identity_version='v2', **kwargs):
    """
    Builds a credentials object based on the configured auth_version

@ -448,6 +444,8 @@ def get_credentials(fill_in=True, **kwargs):
           details provided by the identity service. When fill_in is not
           specified, credentials are not validated. Validation can be invoked
           by invoking ``is_valid()``
+    :param identity_version (string): identity API version is used to
+           select the matching auth provider and credentials class
    :param kwargs (dict): Dict of credential key/value pairs

    Examples:
@ -458,14 +456,13 @@ def get_credentials(fill_in=True, **kwargs):
        Returns credentials including IDs:
        >>> get_credentials(username='foo', password='bar', fill_in=True)
    """
-    if CONF.identity.auth_version == 'v2':
-        credential_class = KeystoneV2Credentials
-        auth_provider_class = KeystoneV2AuthProvider
-    elif CONF.identity.auth_version == 'v3':
-        credential_class = KeystoneV3Credentials
-        auth_provider_class = KeystoneV3AuthProvider
-    else:
-        raise exceptions.InvalidConfiguration('Unsupported auth version')
+    if not is_identity_version_supported(identity_version):
+        raise exceptions.InvalidIdentityVersion(
+            identity_version=identity_version)
+
+    credential_class, auth_provider_class = IDENTITY_VERSION.get(
+        identity_version)
+
    creds = credential_class(**kwargs)
    # Fill in the credentials fields that were not specified
    if fill_in:
@ -638,3 +635,7 @@ class KeystoneV3Credentials(Credentials):
             self.project_id is not None,
             self.project_name is not None and valid_project_domain])
        return all([self.password is not None, valid_user, valid_project])
+
+
+IDENTITY_VERSION = {'v2': (KeystoneV2Credentials, KeystoneV2AuthProvider),
+                    'v3': (KeystoneV3Credentials, KeystoneV3AuthProvider)}
--- a/tempest/cmd/cleanup.py
+++ b/tempest/cmd/cleanup.py
@ -54,9 +54,9 @@ import argparse
 import json
 import sys

-from tempest import auth
 from tempest import clients
 from tempest.cmd import cleanup_service
+from tempest.common import cred_provider
 from tempest import config
 from tempest.openstack.common import log as logging

@ -159,7 +159,8 @@ class Cleanup(object):
        kwargs = {"username": CONF.identity.admin_username,
                  "password": CONF.identity.admin_password,
                  "tenant_name": tenant['name']}
-        mgr = clients.Manager(credentials=auth.get_credentials(**kwargs))
+        mgr = clients.Manager(credentials=cred_provider.get_credentials(
+            **kwargs))
        kwargs = {'data': tenant_data,
                  'is_dry_run': is_dry_run,
                  'saved_state_json': None,
--- a/tempest/common/accounts.py
+++ b/tempest/common/accounts.py
@ -17,7 +17,6 @@ import os

 import yaml

-from tempest import auth
 from tempest.common import cred_provider
 from tempest import config
 from tempest import exceptions
@ -123,7 +122,7 @@ class Accounts(cred_provider.CredentialProvider):
        if self.isolated_creds.get('primary'):
            return self.isolated_creds.get('primary')
        creds = self._get_creds()
-        primary_credential = auth.get_credentials(**creds)
+        primary_credential = cred_provider.get_credentials(**creds)
        self.isolated_creds['primary'] = primary_credential
        return primary_credential

@ -131,7 +130,7 @@ class Accounts(cred_provider.CredentialProvider):
        if self.isolated_creds.get('alt'):
            return self.isolated_creds.get('alt')
        creds = self._get_creds()
-        alt_credential = auth.get_credentials(**creds)
+        alt_credential = cred_provider.get_credentials(**creds)
        self.isolated_creds['alt'] = alt_credential
        return alt_credential

@ -189,7 +188,7 @@ class NotLockingAccounts(Accounts):
            return self.isolated_creds.get('primary')
        if not self.use_default_creds:
            creds = self.get_creds(0)
-            primary_credential = auth.get_credentials(**creds)
+            primary_credential = cred_provider.get_credentials(**creds)
        else:
            primary_credential = cred_provider.get_configured_credentials(
                'user')
@ -201,7 +200,7 @@ class NotLockingAccounts(Accounts):
            return self.isolated_creds.get('alt')
        if not self.use_default_creds:
            creds = self.get_creds(1)
-            alt_credential = auth.get_credentials(**creds)
+            alt_credential = cred_provider.get_credentials(**creds)
        else:
            alt_credential = cred_provider.get_configured_credentials(
                'alt_user')
--- a/tempest/common/cred_provider.py
+++ b/tempest/common/cred_provider.py
@ -56,7 +56,7 @@ def get_configured_credentials(credential_type, fill_in=True,
            params[attr] = getattr(_section, prefix + "_" + attr)
    # Build and validate credentials. We are reading configured credentials,
    # so validate them even if fill_in is False
-    credentials = auth.get_credentials(fill_in=fill_in, **params)
+    credentials = get_credentials(fill_in=fill_in, **params)
    if not fill_in:
        if not credentials.is_valid():
            msg = ("The %s credentials are incorrectly set in the config file."
@ -66,6 +66,15 @@ def get_configured_credentials(credential_type, fill_in=True,
    return credentials


+# Wrapper around auth.get_credentials to use the configured identity version
+# is none is specified
+def get_credentials(fill_in=True, identity_version=None, **kwargs):
+    identity_version = identity_version or CONF.identity.auth_version
+    return auth.get_credentials(fill_in=fill_in,
+                                identity_version=identity_version,
+                                **kwargs)
+
+
@six.add_metaclass(abc.ABCMeta)
 class CredentialProvider(object):
    def __init__(self, name, interface='json', password='pass',
--- a/tempest/common/isolated_creds.py
+++ b/tempest/common/isolated_creds.py
@ -14,7 +14,6 @@

 import netaddr

-from tempest import auth
 from tempest import clients
 from tempest.common import cred_provider
 from tempest.common.utils import data_utils
@ -129,7 +128,7 @@ class IsolatedCreds(cred_provider.CredentialProvider):
        return self._get_credentials(user, tenant)

    def _get_credentials(self, user, tenant):
-        return auth.get_credentials(
+        return cred_provider.get_credentials(
            username=user['name'], user_id=user['id'],
            tenant_name=tenant['name'], tenant_id=tenant['id'],
            password=self.password)
--- a/tempest/exceptions.py
+++ b/tempest/exceptions.py
@ -63,6 +63,10 @@ class InvalidServiceTag(TempestException):
    message = "Invalid service tag"


+class InvalidIdentityVersion(TempestException):
+    message = "Invalid version %(identity_version) of the identity service"
+
+
 class TimeoutException(TempestException):
    message = "Request timed out"

--- a/tempest/stress/driver.py
+++ b/tempest/stress/driver.py
@ -19,8 +19,8 @@ import time

 from six import moves

-from tempest import auth
 from tempest import clients
+from tempest.common import cred_provider
 from tempest.common import ssh
 from tempest.common.utils import data_utils
 from tempest import config
@ -148,9 +148,9 @@ def stress_openstack(tests, duration, max_runs=None, stop_on_error=False):
                                            password,
                                            tenant['id'],
                                            "email")
-                creds = auth.get_credentials(username=username,
-                                             password=password,
-                                             tenant_name=tenant_name)
+                creds = cred_provider.get_credentials(username=username,
+                                                      password=password,
+                                                      tenant_name=tenant_name)
                manager = clients.Manager(credentials=creds)

            test_obj = importutils.import_class(test['action'])
--- a/tempest/tests/test_auth.py
+++ b/tempest/tests/test_auth.py
@ -30,7 +30,7 @@ from tempest.tests import fake_http
 from tempest.tests import fake_identity


-def fake_get_credentials(fill_in=True, **kwargs):
+def fake_get_credentials(fill_in=True, identity_version='v2', **kwargs):
    return fake_credentials.FakeCredentials()


@ -81,11 +81,6 @@ class TestBaseAuthProvider(BaseAuthTestsSetUp):
    def test_check_credentials_bad_type(self):
        self.assertFalse(self.auth_provider.check_credentials([]))

-    def test_instantiate_with_dict(self):
-        # Dict credentials are only supported for backward compatibility
-        auth_provider = self._auth(credentials={})
-        self.assertIsInstance(auth_provider.credentials, auth.Credentials)
-
    def test_auth_data_property_when_cache_exists(self):
        self.auth_provider.cache = 'foo'
        self.useFixture(mockpatch.PatchObject(self.auth_provider,
--- a/tempest/tests/test_credentials.py
+++ b/tempest/tests/test_credentials.py
@ -15,8 +15,6 @@

 import copy

-from oslo.config import cfg
-
 from tempest import auth
 from tempest.common import tempest_fixtures as fixtures
 from tempest import config
@ -78,6 +76,7 @@ class KeystoneV2CredentialsTests(CredentialsTests):
    identity_response = fake_identity._fake_v2_response
    credentials_class = auth.KeystoneV2Credentials
    tokenclient_class = v2_client.TokenClientJSON
+    identity_version = 'v2'

    def setUp(self):
        super(KeystoneV2CredentialsTests, self).setUp()
@ -85,7 +84,9 @@ class KeystoneV2CredentialsTests(CredentialsTests):
                       self.identity_response)

    def _verify_credentials(self, credentials_class, creds_dict, filled=True):
-        creds = auth.get_credentials(fill_in=filled, **creds_dict)
+        creds = auth.get_credentials(fill_in=filled,
+                                     identity_version=self.identity_version,
+                                     **creds_dict)
        self._check(creds, credentials_class, filled)

    def test_get_credentials(self):
@ -156,15 +157,7 @@ class KeystoneV3CredentialsTests(KeystoneV2CredentialsTests):
    credentials_class = auth.KeystoneV3Credentials
    identity_response = fake_identity._fake_v3_response
    tokenclient_class = v3_client.V3TokenClientJSON
-
-    def setUp(self):
-        super(KeystoneV3CredentialsTests, self).setUp()
-        # Additional config items reset by cfg fixture after each test
-        cfg.CONF.set_default('auth_version', 'v3', group='identity')
-        # Identity group items
-        for prefix in ['', 'alt_', 'admin_']:
-            cfg.CONF.set_default(prefix + 'domain_name', 'fake_domain_name',
-                                 group='identity')
+    identity_version = 'v3'

    def test_is_not_valid(self):
        # NOTE(mtreinish) For a Keystone V3 credential object a project name