Update dynamic creds to properly handle types during creation

A recent change modified how credential_types are passed into
_create_creds:

  https://review.opendev.org/c/openstack/tempest/+/773177

This change updates the code to check for types and only cast creds to a
list if it's a string.

It also adds a condition to only create a project role assignment if the
credential type is project-scoped. Otherwise, this fails with
system-scoped credentials.

Change-Id: I010434e1a97520cc7a55384af55e0b61ee4e2556
This commit is contained in:
Lance Bragstad 2021-03-04 17:12:10 +00:00
parent 79f3862f9d
commit ef13f406b9

View File

@ -228,6 +228,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
roles_to_assign = [r for r in roles]
if admin:
roles_to_assign.append(self.admin_role)
if scope == 'project':
self.creds_client.assign_user_role(
user, project, self.identity_admin_role)
if (self.identity_version == 'v3' and
@ -386,8 +387,10 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
cred_type = credential_type
if credential_type in [['alt_member'], ['alt_reader']]:
cred_type = credential_type[0][4:]
if isinstance(cred_type, str):
cred_type = [cred_type]
credentials = self._create_creds(
roles=[cred_type], scope=scope)
roles=cred_type, scope=scope)
elif credential_type in ['primary', 'alt', 'admin']:
is_admin = (credential_type == 'admin')
credentials = self._create_creds(admin=is_admin)