Merge "Remove CONF usage from dynamic_creds module"
This commit is contained in:
commit
ef3768bc71
|
@ -144,6 +144,13 @@ def get_credential_provider(opts):
|
|||
identity_version=identity_version,
|
||||
name=opts.tag,
|
||||
network_resources=network_resources,
|
||||
neutron_available=CONF.service_available.neutron,
|
||||
create_networks=CONF.auth.create_isolated_networks,
|
||||
identity_admin_role=CONF.identity.admin_role,
|
||||
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
|
||||
project_network_cidr=CONF.network.project_network_cidr,
|
||||
project_network_mask_bits=CONF.network.project_network_mask_bits,
|
||||
public_network_id=CONF.network.public_network_id,
|
||||
admin_creds=admin_creds,
|
||||
**credentials_factory.get_dynamic_provider_params())
|
||||
|
||||
|
|
|
@ -80,6 +80,15 @@ def get_credentials_provider(name, network_resources=None,
|
|||
network_resources=network_resources,
|
||||
identity_version=identity_version,
|
||||
admin_creds=admin_creds,
|
||||
identity_admin_domain_scope=CONF.identity.admin_domain_scope,
|
||||
identity_admin_role=CONF.identity.admin_role,
|
||||
extra_roles=CONF.auth.tempest_roles,
|
||||
neutron_available=CONF.service_available.neutron,
|
||||
project_network_cidr=CONF.network.project_network_cidr,
|
||||
project_network_mask_bits=CONF.network.project_network_mask_bits,
|
||||
public_network_id=CONF.network.public_network_id,
|
||||
create_networks=(CONF.auth.create_isolated_networks and not
|
||||
CONF.baremetal.driver_enabled),
|
||||
**get_dynamic_provider_params())
|
||||
else:
|
||||
if CONF.auth.test_accounts_file:
|
||||
|
|
|
@ -20,18 +20,21 @@ from tempest import clients
|
|||
from tempest.common import cred_client
|
||||
from tempest.common import cred_provider
|
||||
from tempest.common.utils import data_utils
|
||||
from tempest import config
|
||||
from tempest import exceptions
|
||||
from tempest.lib import exceptions as lib_exc
|
||||
|
||||
CONF = config.CONF
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
||||
|
||||
def __init__(self, identity_version, name=None, network_resources=None,
|
||||
credentials_domain=None, admin_role=None, admin_creds=None):
|
||||
credentials_domain=None, admin_role=None, admin_creds=None,
|
||||
identity_admin_domain_scope=False,
|
||||
identity_admin_role='admin', extra_roles=None,
|
||||
neutron_available=False, create_networks=True,
|
||||
project_network_cidr=None, project_network_mask_bits=None,
|
||||
public_network_id=None):
|
||||
"""Creates credentials dynamically for tests
|
||||
|
||||
A credential provider that, based on an initial set of
|
||||
|
@ -48,6 +51,23 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
:param dict network_resources: network resources to be created for
|
||||
the created credentials
|
||||
:param Credentials admin_creds: initial admin credentials
|
||||
:param bool identity_admin_domain_scope: Set to true if admin should be
|
||||
scoped to the domain. By
|
||||
default this is False and the
|
||||
admin role is scoped to the
|
||||
project.
|
||||
:param str identity_admin_role: The role name to use for admin
|
||||
:param list extra_roles: A list of strings for extra roles that should
|
||||
be assigned to all created users
|
||||
:param bool neutron_available: Whether we are running in an environemnt
|
||||
with neutron
|
||||
:param bool create_networks: Whether dynamic project networks should be
|
||||
created or not
|
||||
:param project_network_cidr: The CIDR to use for created project
|
||||
networks
|
||||
:param project_network_mask_bits: The network mask bits to use for
|
||||
created project networks
|
||||
:param public_network_id: The id for the public network to use
|
||||
"""
|
||||
super(DynamicCredentialProvider, self).__init__(
|
||||
identity_version=identity_version, admin_role=admin_role,
|
||||
|
@ -56,7 +76,15 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
self.network_resources = network_resources
|
||||
self._creds = {}
|
||||
self.ports = []
|
||||
self.neutron_available = neutron_available
|
||||
self.create_networks = create_networks
|
||||
self.project_network_cidr = project_network_cidr
|
||||
self.project_network_mask_bits = project_network_mask_bits
|
||||
self.public_network_id = public_network_id
|
||||
self.default_admin_creds = admin_creds
|
||||
self.identity_admin_domain_scope = identity_admin_domain_scope
|
||||
self.identity_admin_role = identity_admin_role or 'admin'
|
||||
self.extra_roles = extra_roles or []
|
||||
(self.identity_admin_client,
|
||||
self.tenants_admin_client,
|
||||
self.users_admin_client,
|
||||
|
@ -98,7 +126,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
else:
|
||||
# We use a dedicated client manager for identity client in case we
|
||||
# need a different token scope for them.
|
||||
scope = 'domain' if CONF.identity.admin_domain_scope else 'project'
|
||||
scope = 'domain' if self.identity_admin_domain_scope else 'project'
|
||||
identity_os = clients.Manager(self.default_admin_creds,
|
||||
scope=scope)
|
||||
return (identity_os.identity_v3_client,
|
||||
|
@ -141,11 +169,11 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
self.creds_client.assign_user_role(user, project, self.admin_role)
|
||||
role_assigned = True
|
||||
if (self.identity_version == 'v3' and
|
||||
CONF.identity.admin_domain_scope):
|
||||
self.identity_admin_domain_scope):
|
||||
self.creds_client.assign_user_role_on_domain(
|
||||
user, CONF.identity.admin_role)
|
||||
user, self.identity_admin_role)
|
||||
# Add roles specified in config file
|
||||
for conf_role in CONF.auth.tempest_roles:
|
||||
for conf_role in self.extra_roles:
|
||||
self.creds_client.assign_user_role(user, project, conf_role)
|
||||
role_assigned = True
|
||||
# Add roles requested by caller
|
||||
|
@ -234,8 +262,8 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
return resp_body['network']
|
||||
|
||||
def _create_subnet(self, subnet_name, tenant_id, network_id):
|
||||
base_cidr = netaddr.IPNetwork(CONF.network.project_network_cidr)
|
||||
mask_bits = CONF.network.project_network_mask_bits
|
||||
base_cidr = netaddr.IPNetwork(self.project_network_cidr)
|
||||
mask_bits = self.project_network_mask_bits
|
||||
for subnet_cidr in base_cidr.subnet(mask_bits):
|
||||
try:
|
||||
if self.network_resources:
|
||||
|
@ -264,7 +292,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
|
||||
def _create_router(self, router_name, tenant_id):
|
||||
external_net_id = dict(
|
||||
network_id=CONF.network.public_network_id)
|
||||
network_id=self.public_network_id)
|
||||
resp_body = self.routers_admin_client.create_router(
|
||||
name=router_name,
|
||||
external_gateway_info=external_net_id,
|
||||
|
@ -288,9 +316,8 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
# Maintained until tests are ported
|
||||
LOG.info("Acquired dynamic creds:\n credentials: %s"
|
||||
% credentials)
|
||||
if (CONF.service_available.neutron and
|
||||
not CONF.baremetal.driver_enabled and
|
||||
CONF.auth.create_isolated_networks):
|
||||
if (self.neutron_available and
|
||||
self.create_networks):
|
||||
network, subnet, router = self._create_network_resources(
|
||||
credentials.tenant_id)
|
||||
credentials.set_resources(network=network, subnet=subnet,
|
||||
|
@ -405,7 +432,7 @@ class DynamicCredentialProvider(cred_provider.CredentialProvider):
|
|||
# "circular dependency". So here just use try...except to
|
||||
# ensure tenant deletion without big changes.
|
||||
try:
|
||||
if CONF.service_available.neutron:
|
||||
if self.neutron_available:
|
||||
self._cleanup_default_secgroup(creds.tenant_id)
|
||||
except lib_exc.NotFound:
|
||||
LOG.warning("failed to cleanup tenant %s's secgroup" %
|
||||
|
|
|
@ -176,7 +176,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_primary_creds(self, MockRestClient):
|
||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
|
@ -191,7 +190,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_admin_creds(self, MockRestClient):
|
||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
self._mock_list_roles('1234', 'admin')
|
||||
self._mock_user_create('1234', 'fake_admin_user')
|
||||
|
@ -214,7 +212,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_role_creds(self, MockRestClient):
|
||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
self._mock_list_2_roles()
|
||||
self._mock_user_create('1234', 'fake_role_user')
|
||||
|
@ -243,7 +240,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_all_cred_cleanup(self, MockRestClient):
|
||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
|
@ -281,7 +277,6 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_alt_creds(self, MockRestClient):
|
||||
cfg.CONF.set_default('neutron', False, 'service_available')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
|
@ -296,8 +291,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_no_network_creation_with_config_set(self, MockRestClient):
|
||||
cfg.CONF.set_default('create_isolated_networks', False, group='auth')
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True, create_networks=False,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
self._mock_user_create('1234', 'fake_prim_user')
|
||||
|
@ -325,7 +322,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_network_creation(self, MockRestClient):
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
self._mock_user_create('1234', 'fake_prim_user')
|
||||
|
@ -356,7 +356,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
"description": args['name'],
|
||||
"security_group_rules": [],
|
||||
"id": "sg-%s" % args['tenant_id']}]}
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
**self.fixed_params)
|
||||
# Create primary tenant and network
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
|
@ -460,7 +463,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_network_alt_creation(self, MockRestClient):
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_list_role()
|
||||
self._mock_user_create('1234', 'fake_alt_user')
|
||||
|
@ -485,7 +491,10 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
|
||||
@mock.patch('tempest.lib.common.rest_client.RestClient')
|
||||
def test_network_admin_creation(self, MockRestClient):
|
||||
creds = dynamic_creds.DynamicCredentialProvider(**self.fixed_params)
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
self._mock_user_create('1234', 'fake_admin_user')
|
||||
self._mock_tenant_create('1234', 'fake_admin_tenant')
|
||||
|
@ -517,6 +526,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
'dhcp': False,
|
||||
}
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
network_resources=net_dict,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
|
@ -553,6 +564,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
'dhcp': False,
|
||||
}
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
network_resources=net_dict,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
|
@ -571,6 +584,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
'dhcp': False,
|
||||
}
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
network_resources=net_dict,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
|
@ -589,6 +604,8 @@ class TestDynamicCredentialProvider(base.TestCase):
|
|||
'dhcp': True,
|
||||
}
|
||||
creds = dynamic_creds.DynamicCredentialProvider(
|
||||
neutron_available=True,
|
||||
project_network_cidr='10.100.0.0/16', project_network_mask_bits=28,
|
||||
network_resources=net_dict,
|
||||
**self.fixed_params)
|
||||
self._mock_assign_user_role()
|
||||
|
|
Loading…
Reference in New Issue