Stop validating pre-provisioned credentials
Stop validating pre-provisioned credentials when requested within the credential provider. This drops the need for estabilishing connection to the identity service, and reduces the amount of configuration that has to be passed into the credentials provider for it to work. This work is in preparation to the migration of the pre-provisioned credentials provider to tempest-lib. Change-Id: I825a01ff72cb3a937aafeb2104333db7113ef4d0
This commit is contained in:
parent
d22ec33640
commit
c625bcfb52
tempest
@ -18,6 +18,7 @@ import os
|
||||
from oslo_concurrency import lockutils
|
||||
from oslo_log import log as logging
|
||||
import six
|
||||
from tempest_lib import auth
|
||||
import yaml
|
||||
|
||||
from tempest import clients
|
||||
@ -280,7 +281,12 @@ class PreProvisionedCredentialProvider(cred_provider.CredentialProvider):
|
||||
|
||||
def _wrap_creds_with_network(self, hash):
|
||||
creds_dict = self.hash_dict['creds'][hash]
|
||||
credential = cred_provider.get_credentials(
|
||||
# Make sure a domain scope if defined for users in case of V3
|
||||
creds_dict = self._extend_credentials(creds_dict)
|
||||
# This just builds a Credentials object, it does not validate
|
||||
# nor fill with missing fields.
|
||||
credential = auth.get_credentials(
|
||||
auth_url=None, fill_in=False,
|
||||
identity_version=self.identity_version, **creds_dict)
|
||||
net_creds = cred_provider.TestResources(credential)
|
||||
net_clients = clients.Manager(credentials=credential)
|
||||
@ -294,6 +300,16 @@ class PreProvisionedCredentialProvider(cred_provider.CredentialProvider):
|
||||
net_creds.set_resources(network=network)
|
||||
return net_creds
|
||||
|
||||
def _extend_credentials(self, creds_dict):
|
||||
# In case of v3, adds a user_domain_name field to the creds
|
||||
# dict if not defined
|
||||
if self.identity_version == 'v3':
|
||||
user_domain_fields = set(['user_domain_name', 'user_domain_id'])
|
||||
if not user_domain_fields.intersection(set(creds_dict.keys())):
|
||||
_domain = CONF.auth.default_credentials_domain_name
|
||||
creds_dict['user_domain_name'] = _domain
|
||||
return creds_dict
|
||||
|
||||
|
||||
class NonLockingCredentialProvider(PreProvisionedCredentialProvider):
|
||||
"""Credentials provider which always returns the first and second
|
||||
@ -323,7 +339,8 @@ class NonLockingCredentialProvider(PreProvisionedCredentialProvider):
|
||||
if self._creds.get('primary'):
|
||||
return self._creds.get('primary')
|
||||
primary_credential = cred_provider.get_configured_credentials(
|
||||
credential_type='user', identity_version=self.identity_version)
|
||||
fill_in=False, credential_type='user',
|
||||
identity_version=self.identity_version)
|
||||
self._creds['primary'] = cred_provider.TestResources(
|
||||
primary_credential)
|
||||
return self._creds['primary']
|
||||
@ -332,7 +349,7 @@ class NonLockingCredentialProvider(PreProvisionedCredentialProvider):
|
||||
if self._creds.get('alt'):
|
||||
return self._creds.get('alt')
|
||||
alt_credential = cred_provider.get_configured_credentials(
|
||||
credential_type='alt_user',
|
||||
fill_in=False, credential_type='alt_user',
|
||||
identity_version=self.identity_version)
|
||||
self._creds['alt'] = cred_provider.TestResources(
|
||||
alt_credential)
|
||||
|
@ -54,7 +54,7 @@ class Manager(object):
|
||||
else:
|
||||
creds = self.credentials
|
||||
# Creates an auth provider for the credentials
|
||||
self.auth_provider = get_auth_provider(creds)
|
||||
self.auth_provider = get_auth_provider(creds, pre_auth=True)
|
||||
# FIXME(andreaf) unused
|
||||
self.client_attr_names = []
|
||||
|
||||
@ -66,7 +66,7 @@ def get_auth_provider_class(credentials):
|
||||
return auth.KeystoneV2AuthProvider, CONF.identity.uri
|
||||
|
||||
|
||||
def get_auth_provider(credentials):
|
||||
def get_auth_provider(credentials, pre_auth=False):
|
||||
default_params = {
|
||||
'disable_ssl_certificate_validation':
|
||||
CONF.identity.disable_ssl_certificate_validation,
|
||||
@ -78,4 +78,8 @@ def get_auth_provider(credentials):
|
||||
'Credentials must be specified')
|
||||
auth_provider_class, auth_url = get_auth_provider_class(
|
||||
credentials)
|
||||
return auth_provider_class(credentials, auth_url, **default_params)
|
||||
_auth_provider = auth_provider_class(credentials, auth_url,
|
||||
**default_params)
|
||||
if pre_auth:
|
||||
_auth_provider.set_auth()
|
||||
return _auth_provider
|
||||
|
@ -19,13 +19,13 @@ import unicodedata
|
||||
|
||||
from oslo_serialization import jsonutils as json
|
||||
from tempest_lib.common.utils import misc
|
||||
from tempest_lib import exceptions as exc_lib
|
||||
import testscenarios
|
||||
import testtools
|
||||
|
||||
from tempest import clients
|
||||
from tempest.common import credentials
|
||||
from tempest import config
|
||||
from tempest import exceptions
|
||||
|
||||
CONF = config.CONF
|
||||
|
||||
@ -174,7 +174,7 @@ def load_tests_input_scenario_utils(*args):
|
||||
scenario_utils = InputScenarioUtils()
|
||||
scenario_flavor = scenario_utils.scenario_flavors
|
||||
scenario_image = scenario_utils.scenario_images
|
||||
except (exceptions.InvalidConfiguration, TypeError):
|
||||
except (exc_lib.InvalidCredentials, TypeError):
|
||||
output = standard_tests
|
||||
finally:
|
||||
if scenario_utils:
|
||||
|
Loading…
x
Reference in New Issue
Block a user