Merge "Remove CONF usage from dynamic_creds module"
This commit is contained in:
commit
ef3768bc71
|
@ -144,6 +144,13 @@ def get_credential_provider(opts):
|
||||||
identity_version=identity_version,
|
identity_version=identity_version,
|
||||||
name=opts.tag,
|
name=opts.tag,
|
||||||
network_resources=network_resources,
|
network_resources=network_resources,
|
||||||
|
neutron_available=CONF.service_available.neutron,
|
||||||
|
create_networks=CONF.auth.create_isolated_networks,
|
||||||
|
identity_admin_role=CONF.identity.admin_role,
|
||||||
|
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
|
||||||
|
project_network_cidr=CONF.network.project_network_cidr,
|
||||||
|
project_network_mask_bits=CONF.network.project_network_mask_bits,
|
||||||
|
public_network_id=CONF.network.public_network_id,
|
||||||
admin_creds=admin_creds,
|
admin_creds=admin_creds,
|
||||||
**credentials_factory.get_dynamic_provider_params())
|
**credentials_factory.get_dynamic_provider_params())
|
||||||
|
|
||||||
|
|
|
@ -80,6 +80,15 @@ def get_credentials_provider(name, network_resources=None,
|
||||||
network_resources=network_resources,
|
network_resources=network_resources,
|
||||||
identity_version=identity_version,
|
identity_version=identity_version,
|
||||||
admin_creds=admin_creds,
|
admin_creds=admin_creds,
|
||||||
|
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
|
||||||
|
identity_admin_role=CONF.identity.admin_role,
|
||||||
|
extra_roles=CONF.auth.tempest_roles,
|
||||||
|
neutron_available=CONF.service_available.neutron,
|
||||||
|
project_network_cidr=CONF.network.project_network_cidr,
|
||||||
|
project_network_mask_bits=CONF.network.project_network_mask_bits,
|
||||||
|
public_network_id=CONF.network.public_network_id,
|
||||||
|
create_networks=(CONF.auth.create_isolated_networks and not
|
||||||
|
CONF.baremetal.driver_enabled),
|
||||||
**get_dynamic_provider_params())
|
**get_dynamic_provider_params())
|
||||||
else:
|
else:
|
||||||
if CONF.auth.test_accounts_file:
|
if CONF.auth.test_accounts_file:
|
||||||
|
|
|
@ -20,18 +20,21 @@ from tempest import clients
|
||||||
from tempest.common import cred_client
|
from tempest.common import cred_client
|
||||||
from tempest.common import cred_provider
|
from tempest.common import cred_provider
|
||||||
from tempest.common.utils import data_utils
|
from tempest.common.utils import data_utils
|
||||||
from tempest import config
|
|
||||||
from tempest import exceptions
|
from tempest import exceptions
|
||||||
from tempest.lib import exceptions as lib_exc
|
from tempest.lib import exceptions as lib_exc
|
||||||
|
|
||||||
CONF = config.CONF
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
|
|
||||||
def __init__(self, identity_version, name=None, network_resources=None,
|
def __init__(self, identity_version, name=None, network_resources=None,
|
||||||
credentials_domain=None, admin_role=None, admin_creds=None):
|
credentials_domain=None, admin_role=None, admin_creds=None,
|
||||||
|
identity_admin_domain_scope=False,
|
||||||
|
identity_admin_role='admin', extra_roles=None,
|
||||||
|
neutron_available=False, create_networks=True,
|
||||||
|
project_network_cidr=None, project_network_mask_bits=None,
|
||||||
|
public_network_id=None):
|
||||||
"""Creates credentials dynamically for tests
|
"""Creates credentials dynamically for tests
|
||||||
|
|
||||||
A credential provider that, based on an initial set of
|
A credential provider that, based on an initial set of
|
||||||
|
@ -48,6 +51,23 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
:param dict network_resources: network resources to be created for
|
:param dict network_resources: network resources to be created for
|
||||||
the created credentials
|
the created credentials
|
||||||
:param Credentials admin_creds: initial admin credentials
|
:param Credentials admin_creds: initial admin credentials
|
||||||
|
:param bool identity_admin_domain_scope: Set to true if admin should be
|
||||||
|
scoped to the domain. By
|
||||||
|
default this is False and the
|
||||||
|
admin role is scoped to the
|
||||||
|
project.
|
||||||
|
:param str identity_admin_role: The role name to use for admin
|
||||||
|
:param list extra_roles: A list of strings for extra roles that should
|
||||||
|
be assigned to all created users
|
||||||
|
:param bool neutron_available: Whether we are running in an environemnt
|
||||||
|
with neutron
|
||||||
|
:param bool create_networks: Whether dynamic project networks should be
|
||||||
|
created or not
|
||||||
|
:param project_network_cidr: The CIDR to use for created project
|
||||||
|
networks
|
||||||
|
:param project_network_mask_bits: The network mask bits to use for
|
||||||
|
created project networks
|
||||||
|
:param public_network_id: The id for the public network to use
|
||||||
"""
|
"""
|
||||||
super(DynamicCredentialProvider, self).__init__(
|
super(DynamicCredentialProvider, self).__init__(
|
||||||
identity_version=identity_version, admin_role=admin_role,
|
identity_version=identity_version, admin_role=admin_role,
|
||||||
|
@ -56,7 +76,15 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
self.network_resources = network_resources
|
self.network_resources = network_resources
|
||||||
self._creds = {}
|
self._creds = {}
|
||||||
self.ports = []
|
self.ports = []
|
||||||
|
self.neutron_available = neutron_available
|
||||||
|
self.create_networks = create_networks
|
||||||
|
self.project_network_cidr = project_network_cidr
|
||||||
|
self.project_network_mask_bits = project_network_mask_bits
|
||||||
|
self.public_network_id = public_network_id
|
||||||
self.default_admin_creds = admin_creds
|
self.default_admin_creds = admin_creds
|
||||||
|
self.identity_admin_domain_scope = identity_admin_domain_scope
|
||||||
|
self.identity_admin_role = identity_admin_role or 'admin'
|
||||||
|
self.extra_roles = extra_roles or []
|
||||||
(self.identity_admin_client,
|
(self.identity_admin_client,
|
||||||
self.tenants_admin_client,
|
self.tenants_admin_client,
|
||||||
self.users_admin_client,
|
self.users_admin_client,
|
||||||
|
@ -98,7 +126,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
else:
|
else:
|
||||||
# We use a dedicated client manager for identity client in case we
|
# We use a dedicated client manager for identity client in case we
|
||||||
# need a different token scope for them.
|
# need a different token scope for them.
|
||||||
scope = 'domain' if CONF.identity.admin_domain_scope else 'project'
|
scope = 'domain' if self.identity_admin_domain_scope else 'project'
|
||||||
identity_os = clients.Manager(self.default_admin_creds,
|
identity_os = clients.Manager(self.default_admin_creds,
|
||||||
scope=scope)
|
scope=scope)
|
||||||
return (identity_os.identity_v3_client,
|
return (identity_os.identity_v3_client,
|
||||||
|
@ -141,11 +169,11 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
self.creds_client.assign_user_role(user, project, self.admin_role)
|
self.creds_client.assign_user_role(user, project, self.admin_role)
|
||||||
role_assigned = True
|
role_assigned = True
|
||||||
if (self.identity_version == 'v3' and
|
if (self.identity_version == 'v3' and
|
||||||
CONF.identity.admin_domain_scope):
|
self.identity_admin_domain_scope):
|
||||||
self.creds_client.assign_user_role_on_domain(
|
self.creds_client.assign_user_role_on_domain(
|
||||||
user, CONF.identity.admin_role)
|
user, self.identity_admin_role)
|
||||||
# Add roles specified in config file
|
# Add roles specified in config file
|
||||||
for conf_role in CONF.auth.tempest_roles:
|
for conf_role in self.extra_roles:
|
||||||
self.creds_client.assign_user_role(user, project, conf_role)
|
self.creds_client.assign_user_role(user, project, conf_role)
|
||||||
role_assigned = True
|
role_assigned = True
|
||||||
# Add roles requested by caller
|
# Add roles requested by caller
|
||||||
|
@ -234,8 +262,8 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
return resp_body['network']
|
return resp_body['network']
|
||||||
|
|
||||||
def _create_subnet(self, subnet_name, tenant_id, network_id):
|
def _create_subnet(self, subnet_name, tenant_id, network_id):
|
||||||
base_cidr = netaddr.IPNetwork(CONF.network.project_network_cidr)
|
base_cidr = netaddr.IPNetwork(self.project_network_cidr)
|
||||||
mask_bits = CONF.network.project_network_mask_bits
|
mask_bits = self.project_network_mask_bits
|
||||||
for subnet_cidr in base_cidr.subnet(mask_bits):
|
for subnet_cidr in base_cidr.subnet(mask_bits):
|
||||||
try:
|
try:
|
||||||
if self.network_resources:
|
if self.network_resources:
|
||||||
|
@ -264,7 +292,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
|
|
||||||
def _create_router(self, router_name, tenant_id):
|
def _create_router(self, router_name, tenant_id):
|
||||||
external_net_id = dict(
|
external_net_id = dict(
|
||||||
network_id=CONF.network.public_network_id)
|
network_id=self.public_network_id)
|
||||||
resp_body = self.routers_admin_client.create_router(
|
resp_body = self.routers_admin_client.create_router(
|
||||||
name=router_name,
|
name=router_name,
|
||||||
external_gateway_info=external_net_id,
|
external_gateway_info=external_net_id,
|
||||||
|
@ -288,9 +316,8 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
# Maintained until tests are ported
|
# Maintained until tests are ported
|
||||||
LOG.info("Acquired dynamic creds:\n credentials: %s"
|
LOG.info("Acquired dynamic creds:\n credentials: %s"
|
||||||
% credentials)
|
% credentials)
|
||||||
if (CONF.service_available.neutron and
|
if (self.neutron_available and
|
||||||
not CONF.baremetal.driver_enabled and
|
self.create_networks):
|
||||||
CONF.auth.create_isolated_networks):
|
|
||||||
network, subnet, router = self._create_network_resources(
|
network, subnet, router = self._create_network_resources(
|
||||||
credentials.tenant_id)
|
credentials.tenant_id)
|
||||||
credentials.set_resources(network=network, subnet=subnet,
|
credentials.set_resources(network=network, subnet=subnet,
|
||||||
|
@ -405,7 +432,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||||
# "circular dependency". So here just use try...except to
|
# "circular dependency". So here just use try...except to
|
||||||
# ensure tenant deletion without big changes.
|
# ensure tenant deletion without big changes.
|
||||||
try:
|
try:
|
||||||
if CONF.service_available.neutron:
|
if self.neutron_available:
|
||||||
self._cleanup_default_secgroup(creds.tenant_id)
|
self._cleanup_default_secgroup(creds.tenant_id)
|
||||||
except lib_exc.NotFound:
|
except lib_exc.NotFound:
|
||||||
LOG.warning("failed to cleanup tenant %s's secgroup" %
|
LOG.warning("failed to cleanup tenant %s's secgroup" %
|
||||||
|
|
|
@ -176,7 +176,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_primary_creds(self, MockRestClient):
|
def test_primary_creds(self, MockRestClient):
|
||||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
|
@ -191,7 +190,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_admin_creds(self, MockRestClient):
|
def test_admin_creds(self, MockRestClient):
|
||||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||||
self._mock_list_roles('1234', 'admin')
|
self._mock_list_roles('1234', 'admin')
|
||||||
self._mock_user_create('1234', 'fake_admin_user')
|
self._mock_user_create('1234', 'fake_admin_user')
|
||||||
|
@ -214,7 +212,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_role_creds(self, MockRestClient):
|
def test_role_creds(self, MockRestClient):
|
||||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||||
self._mock_list_2_roles()
|
self._mock_list_2_roles()
|
||||||
self._mock_user_create('1234', 'fake_role_user')
|
self._mock_user_create('1234', 'fake_role_user')
|
||||||
|
@ -243,7 +240,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_all_cred_cleanup(self, MockRestClient):
|
def test_all_cred_cleanup(self, MockRestClient):
|
||||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
|
@ -281,7 +277,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_alt_creds(self, MockRestClient):
|
def test_alt_creds(self, MockRestClient):
|
||||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
|
@ -296,8 +291,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_no_network_creation_with_config_set(self, MockRestClient):
|
def test_no_network_creation_with_config_set(self, MockRestClient):
|
||||||
cfg.CONF.set_default('create_isolated_networks', False, group='auth')
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
neutron_available=True, create_networks=False,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
self._mock_user_create('1234', 'fake_prim_user')
|
self._mock_user_create('1234', 'fake_prim_user')
|
||||||
|
@ -325,7 +322,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_network_creation(self, MockRestClient):
|
def test_network_creation(self, MockRestClient):
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
self._mock_user_create('1234', 'fake_prim_user')
|
self._mock_user_create('1234', 'fake_prim_user')
|
||||||
|
@ -356,7 +356,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
"description": args['name'],
|
"description": args['name'],
|
||||||
"security_group_rules": [],
|
"security_group_rules": [],
|
||||||
"id": "sg-%s" % args['tenant_id']}]}
|
"id": "sg-%s" % args['tenant_id']}]}
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
|
**self.fixed_params)
|
||||||
# Create primary tenant and network
|
# Create primary tenant and network
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
|
@ -460,7 +463,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_network_alt_creation(self, MockRestClient):
|
def test_network_alt_creation(self, MockRestClient):
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_list_role()
|
self._mock_list_role()
|
||||||
self._mock_user_create('1234', 'fake_alt_user')
|
self._mock_user_create('1234', 'fake_alt_user')
|
||||||
|
@ -485,7 +491,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
|
|
||||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||||
def test_network_admin_creation(self, MockRestClient):
|
def test_network_admin_creation(self, MockRestClient):
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
self._mock_user_create('1234', 'fake_admin_user')
|
self._mock_user_create('1234', 'fake_admin_user')
|
||||||
self._mock_tenant_create('1234', 'fake_admin_tenant')
|
self._mock_tenant_create('1234', 'fake_admin_tenant')
|
||||||
|
@ -517,6 +526,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
'dhcp': False,
|
'dhcp': False,
|
||||||
}
|
}
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
network_resources=net_dict,
|
network_resources=net_dict,
|
||||||
**self.fixed_params)
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
|
@ -553,6 +564,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
'dhcp': False,
|
'dhcp': False,
|
||||||
}
|
}
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
network_resources=net_dict,
|
network_resources=net_dict,
|
||||||
**self.fixed_params)
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
|
@ -571,6 +584,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
'dhcp': False,
|
'dhcp': False,
|
||||||
}
|
}
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
network_resources=net_dict,
|
network_resources=net_dict,
|
||||||
**self.fixed_params)
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
|
@ -589,6 +604,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
||||||
'dhcp': True,
|
'dhcp': True,
|
||||||
}
|
}
|
||||||
creds = dynamic_creds.DynamicCredentialProvider(
|
creds = dynamic_creds.DynamicCredentialProvider(
|
||||||
|
neutron_available=True,
|
||||||
|
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||||
network_resources=net_dict,
|
network_resources=net_dict,
|
||||||
**self.fixed_params)
|
**self.fixed_params)
|
||||||
self._mock_assign_user_role()
|
self._mock_assign_user_role()
|
||||||
|
|
Loading…
Reference in New Issue