Remove auth_version config from get_credentials
In preparation for migration to tempest-lib, add a new parameter to get_credentials to specify the identity version. Define a wrapper cred_provider.get_credentials that exposes the same signature auth.get_credetials use to have, and switch all consumers to use the cred_provider version. Do not raise InvalidConfiguration from auth module. Adapt unit tests accordingly, and remove their dependency to fake configs, to prepare them as well for migration to tempest-lib. Change-Id: Idd467166b7547b55be4cee076c9913c72b7b5a8d
This commit is contained in:
parent
9efbe95571
commit
878d5ab9d1
|
@ -14,8 +14,8 @@ import datetime
|
|||
import re
|
||||
|
||||
from tempest.api.identity import base
|
||||
from tempest import auth
|
||||
from tempest import clients
|
||||
from tempest.common import cred_provider
|
||||
from tempest.common.utils import data_utils
|
||||
from tempest import config
|
||||
from tempest import exceptions
|
||||
|
@ -87,7 +87,7 @@ class BaseTrustsV3Test(base.BaseIdentityV3AdminTest):
|
|||
self.assertIsNotNone(self.trustee_user_id)
|
||||
|
||||
# Initialize a new client with the trustor credentials
|
||||
creds = auth.get_credentials(
|
||||
creds = cred_provider.get_credentials(
|
||||
username=self.trustor_username,
|
||||
password=self.trustor_password,
|
||||
tenant_name=self.trustor_project_name)
|
||||
|
|
|
@ -14,8 +14,8 @@
|
|||
# under the License.
|
||||
|
||||
|
||||
from tempest import auth
|
||||
from tempest import clients
|
||||
from tempest.common import cred_provider
|
||||
from tempest.common.utils import data_utils
|
||||
from tempest import config
|
||||
from tempest import exceptions
|
||||
|
@ -149,11 +149,11 @@ class DataGenerator(object):
|
|||
|
||||
@property
|
||||
def test_credentials(self):
|
||||
return auth.get_credentials(username=self.test_user,
|
||||
user_id=self.user['id'],
|
||||
password=self.test_password,
|
||||
tenant_name=self.test_tenant,
|
||||
tenant_id=self.tenant['id'])
|
||||
return cred_provider.get_credentials(username=self.test_user,
|
||||
user_id=self.user['id'],
|
||||
password=self.test_password,
|
||||
tenant_name=self.test_tenant,
|
||||
tenant_id=self.tenant['id'])
|
||||
|
||||
def setup_test_user(self):
|
||||
"""Set up a test user."""
|
||||
|
|
|
@ -44,7 +44,6 @@ class AuthProvider(object):
|
|||
:param interface: 'json' or 'xml'. Applicable for tempest client only
|
||||
(deprecated: only json now supported)
|
||||
"""
|
||||
credentials = self._convert_credentials(credentials)
|
||||
if self.check_credentials(credentials):
|
||||
self.credentials = credentials
|
||||
else:
|
||||
|
@ -54,13 +53,6 @@ class AuthProvider(object):
|
|||
self.alt_auth_data = None
|
||||
self.alt_part = None
|
||||
|
||||
def _convert_credentials(self, credentials):
|
||||
# Support dict credentials for backwards compatibility
|
||||
if isinstance(credentials, dict):
|
||||
return get_credentials(**credentials)
|
||||
else:
|
||||
return credentials
|
||||
|
||||
def __str__(self):
|
||||
return "Creds :{creds}, interface: {interface}, " \
|
||||
"cached auth data: {cache}".format(
|
||||
|
@ -440,7 +432,11 @@ class KeystoneV3AuthProvider(KeystoneAuthProvider):
|
|||
datetime.datetime.utcnow()
|
||||
|
||||
|
||||
def get_credentials(fill_in=True, **kwargs):
|
||||
def is_identity_version_supported(identity_version):
|
||||
return identity_version in IDENTITY_VERSION
|
||||
|
||||
|
||||
def get_credentials(fill_in=True, identity_version='v2', **kwargs):
|
||||
"""
|
||||
Builds a credentials object based on the configured auth_version
|
||||
|
||||
|
@ -448,6 +444,8 @@ def get_credentials(fill_in=True, **kwargs):
|
|||
details provided by the identity service. When fill_in is not
|
||||
specified, credentials are not validated. Validation can be invoked
|
||||
by invoking ``is_valid()``
|
||||
:param identity_version (string): identity API version is used to
|
||||
select the matching auth provider and credentials class
|
||||
:param kwargs (dict): Dict of credential key/value pairs
|
||||
|
||||
Examples:
|
||||
|
@ -458,14 +456,13 @@ def get_credentials(fill_in=True, **kwargs):
|
|||
Returns credentials including IDs:
|
||||
>>> get_credentials(username='foo', password='bar', fill_in=True)
|
||||
"""
|
||||
if CONF.identity.auth_version == 'v2':
|
||||
credential_class = KeystoneV2Credentials
|
||||
auth_provider_class = KeystoneV2AuthProvider
|
||||
elif CONF.identity.auth_version == 'v3':
|
||||
credential_class = KeystoneV3Credentials
|
||||
auth_provider_class = KeystoneV3AuthProvider
|
||||
else:
|
||||
raise exceptions.InvalidConfiguration('Unsupported auth version')
|
||||
if not is_identity_version_supported(identity_version):
|
||||
raise exceptions.InvalidIdentityVersion(
|
||||
identity_version=identity_version)
|
||||
|
||||
credential_class, auth_provider_class = IDENTITY_VERSION.get(
|
||||
identity_version)
|
||||
|
||||
creds = credential_class(**kwargs)
|
||||
# Fill in the credentials fields that were not specified
|
||||
if fill_in:
|
||||
|
@ -638,3 +635,7 @@ class KeystoneV3Credentials(Credentials):
|
|||
self.project_id is not None,
|
||||
self.project_name is not None and valid_project_domain])
|
||||
return all([self.password is not None, valid_user, valid_project])
|
||||
|
||||
|
||||
IDENTITY_VERSION = {'v2': (KeystoneV2Credentials, KeystoneV2AuthProvider),
|
||||
'v3': (KeystoneV3Credentials, KeystoneV3AuthProvider)}
|
||||
|
|
|
@ -54,9 +54,9 @@ import argparse
|
|||
import json
|
||||
import sys
|
||||
|
||||
from tempest import auth
|
||||
from tempest import clients
|
||||
from tempest.cmd import cleanup_service
|
||||
from tempest.common import cred_provider
|
||||
from tempest import config
|
||||
from tempest.openstack.common import log as logging
|
||||
|
||||
|
@ -159,7 +159,8 @@ class Cleanup(object):
|
|||
kwargs = {"username": CONF.identity.admin_username,
|
||||
"password": CONF.identity.admin_password,
|
||||
"tenant_name": tenant['name']}
|
||||
mgr = clients.Manager(credentials=auth.get_credentials(**kwargs))
|
||||
mgr = clients.Manager(credentials=cred_provider.get_credentials(
|
||||
**kwargs))
|
||||
kwargs = {'data': tenant_data,
|
||||
'is_dry_run': is_dry_run,
|
||||
'saved_state_json': None,
|
||||
|
|
|
@ -17,7 +17,6 @@ import os
|
|||
|
||||
import yaml
|
||||
|
||||
from tempest import auth
|
||||
from tempest.common import cred_provider
|
||||
from tempest import config
|
||||
from tempest import exceptions
|
||||
|
@ -123,7 +122,7 @@ class Accounts(cred_provider.CredentialProvider):
|
|||
if self.isolated_creds.get('primary'):
|
||||
return self.isolated_creds.get('primary')
|
||||
creds = self._get_creds()
|
||||
primary_credential = auth.get_credentials(**creds)
|
||||
primary_credential = cred_provider.get_credentials(**creds)
|
||||
self.isolated_creds['primary'] = primary_credential
|
||||
return primary_credential
|
||||
|
||||
|
@ -131,7 +130,7 @@ class Accounts(cred_provider.CredentialProvider):
|
|||
if self.isolated_creds.get('alt'):
|
||||
return self.isolated_creds.get('alt')
|
||||
creds = self._get_creds()
|
||||
alt_credential = auth.get_credentials(**creds)
|
||||
alt_credential = cred_provider.get_credentials(**creds)
|
||||
self.isolated_creds['alt'] = alt_credential
|
||||
return alt_credential
|
||||
|
||||
|
@ -189,7 +188,7 @@ class NotLockingAccounts(Accounts):
|
|||
return self.isolated_creds.get('primary')
|
||||
if not self.use_default_creds:
|
||||
creds = self.get_creds(0)
|
||||
primary_credential = auth.get_credentials(**creds)
|
||||
primary_credential = cred_provider.get_credentials(**creds)
|
||||
else:
|
||||
primary_credential = cred_provider.get_configured_credentials(
|
||||
'user')
|
||||
|
@ -201,7 +200,7 @@ class NotLockingAccounts(Accounts):
|
|||
return self.isolated_creds.get('alt')
|
||||
if not self.use_default_creds:
|
||||
creds = self.get_creds(1)
|
||||
alt_credential = auth.get_credentials(**creds)
|
||||
alt_credential = cred_provider.get_credentials(**creds)
|
||||
else:
|
||||
alt_credential = cred_provider.get_configured_credentials(
|
||||
'alt_user')
|
||||
|
|
|
@ -56,7 +56,7 @@ def get_configured_credentials(credential_type, fill_in=True,
|
|||
params[attr] = getattr(_section, prefix + "_" + attr)
|
||||
# Build and validate credentials. We are reading configured credentials,
|
||||
# so validate them even if fill_in is False
|
||||
credentials = auth.get_credentials(fill_in=fill_in, **params)
|
||||
credentials = get_credentials(fill_in=fill_in, **params)
|
||||
if not fill_in:
|
||||
if not credentials.is_valid():
|
||||
msg = ("The %s credentials are incorrectly set in the config file."
|
||||
|
@ -66,6 +66,15 @@ def get_configured_credentials(credential_type, fill_in=True,
|
|||
return credentials
|
||||
|
||||
|
||||
# Wrapper around auth.get_credentials to use the configured identity version
|
||||
# is none is specified
|
||||
def get_credentials(fill_in=True, identity_version=None, **kwargs):
|
||||
identity_version = identity_version or CONF.identity.auth_version
|
||||
return auth.get_credentials(fill_in=fill_in,
|
||||
identity_version=identity_version,
|
||||
**kwargs)
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class CredentialProvider(object):
|
||||
def __init__(self, name, interface='json', password='pass',
|
||||
|
|
|
@ -14,7 +14,6 @@
|
|||
|
||||
import netaddr
|
||||
|
||||
from tempest import auth
|
||||
from tempest import clients
|
||||
from tempest.common import cred_provider
|
||||
from tempest.common.utils import data_utils
|
||||
|
@ -129,7 +128,7 @@ class IsolatedCreds(cred_provider.CredentialProvider):
|
|||
return self._get_credentials(user, tenant)
|
||||
|
||||
def _get_credentials(self, user, tenant):
|
||||
return auth.get_credentials(
|
||||
return cred_provider.get_credentials(
|
||||
username=user['name'], user_id=user['id'],
|
||||
tenant_name=tenant['name'], tenant_id=tenant['id'],
|
||||
password=self.password)
|
||||
|
|
|
@ -63,6 +63,10 @@ class InvalidServiceTag(TempestException):
|
|||
message = "Invalid service tag"
|
||||
|
||||
|
||||
class InvalidIdentityVersion(TempestException):
|
||||
message = "Invalid version %(identity_version) of the identity service"
|
||||
|
||||
|
||||
class TimeoutException(TempestException):
|
||||
message = "Request timed out"
|
||||
|
||||
|
|
|
@ -19,8 +19,8 @@ import time
|
|||
|
||||
from six import moves
|
||||
|
||||
from tempest import auth
|
||||
from tempest import clients
|
||||
from tempest.common import cred_provider
|
||||
from tempest.common import ssh
|
||||
from tempest.common.utils import data_utils
|
||||
from tempest import config
|
||||
|
@ -148,9 +148,9 @@ def stress_openstack(tests, duration, max_runs=None, stop_on_error=False):
|
|||
password,
|
||||
tenant['id'],
|
||||
"email")
|
||||
creds = auth.get_credentials(username=username,
|
||||
password=password,
|
||||
tenant_name=tenant_name)
|
||||
creds = cred_provider.get_credentials(username=username,
|
||||
password=password,
|
||||
tenant_name=tenant_name)
|
||||
manager = clients.Manager(credentials=creds)
|
||||
|
||||
test_obj = importutils.import_class(test['action'])
|
||||
|
|
|
@ -30,7 +30,7 @@ from tempest.tests import fake_http
|
|||
from tempest.tests import fake_identity
|
||||
|
||||
|
||||
def fake_get_credentials(fill_in=True, **kwargs):
|
||||
def fake_get_credentials(fill_in=True, identity_version='v2', **kwargs):
|
||||
return fake_credentials.FakeCredentials()
|
||||
|
||||
|
||||
|
@ -81,11 +81,6 @@ class TestBaseAuthProvider(BaseAuthTestsSetUp):
|
|||
def test_check_credentials_bad_type(self):
|
||||
self.assertFalse(self.auth_provider.check_credentials([]))
|
||||
|
||||
def test_instantiate_with_dict(self):
|
||||
# Dict credentials are only supported for backward compatibility
|
||||
auth_provider = self._auth(credentials={})
|
||||
self.assertIsInstance(auth_provider.credentials, auth.Credentials)
|
||||
|
||||
def test_auth_data_property_when_cache_exists(self):
|
||||
self.auth_provider.cache = 'foo'
|
||||
self.useFixture(mockpatch.PatchObject(self.auth_provider,
|
||||
|
|
|
@ -15,8 +15,6 @@
|
|||
|
||||
import copy
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from tempest import auth
|
||||
from tempest.common import tempest_fixtures as fixtures
|
||||
from tempest import config
|
||||
|
@ -78,6 +76,7 @@ class KeystoneV2CredentialsTests(CredentialsTests):
|
|||
identity_response = fake_identity._fake_v2_response
|
||||
credentials_class = auth.KeystoneV2Credentials
|
||||
tokenclient_class = v2_client.TokenClientJSON
|
||||
identity_version = 'v2'
|
||||
|
||||
def setUp(self):
|
||||
super(KeystoneV2CredentialsTests, self).setUp()
|
||||
|
@ -85,7 +84,9 @@ class KeystoneV2CredentialsTests(CredentialsTests):
|
|||
self.identity_response)
|
||||
|
||||
def _verify_credentials(self, credentials_class, creds_dict, filled=True):
|
||||
creds = auth.get_credentials(fill_in=filled, **creds_dict)
|
||||
creds = auth.get_credentials(fill_in=filled,
|
||||
identity_version=self.identity_version,
|
||||
**creds_dict)
|
||||
self._check(creds, credentials_class, filled)
|
||||
|
||||
def test_get_credentials(self):
|
||||
|
@ -156,15 +157,7 @@ class KeystoneV3CredentialsTests(KeystoneV2CredentialsTests):
|
|||
credentials_class = auth.KeystoneV3Credentials
|
||||
identity_response = fake_identity._fake_v3_response
|
||||
tokenclient_class = v3_client.V3TokenClientJSON
|
||||
|
||||
def setUp(self):
|
||||
super(KeystoneV3CredentialsTests, self).setUp()
|
||||
# Additional config items reset by cfg fixture after each test
|
||||
cfg.CONF.set_default('auth_version', 'v3', group='identity')
|
||||
# Identity group items
|
||||
for prefix in ['', 'alt_', 'admin_']:
|
||||
cfg.CONF.set_default(prefix + 'domain_name', 'fake_domain_name',
|
||||
group='identity')
|
||||
identity_version = 'v3'
|
||||
|
||||
def test_is_not_valid(self):
|
||||
# NOTE(mtreinish) For a Keystone V3 credential object a project name
|
||||
|
|
Loading…
Reference in New Issue