Commit Graph

999 Commits (cd147631f8254c2f727ccfc937566a7a200349f9)

Author SHA1 Message Date
Colleen Murphy cd0bbbdad3 Add system scope for admin auth
Keystone is moving away from using either project-scope or domain-scope
for the main cloud administrator user, and instead moving toward the
admin user having a role assignment on the "system" scope[1]. This will
mean that no particular project or domain is special, and instead the
cloud administrator scopes to the system in order to make
deployment-wide changes. Keystone has now migrated all of its policies
to understand system scope[2], and if a deployment sets
[oslo_policy]/enforce_scope=true in keystone.conf and uses the new
policies, an admin user scoped to the admin project will not be able to
create dynamic credentials for tempest.

This patch adds a new parameter ``[auth]/admin_system`` to indicate that
neither the ``admin_project`` or ``admin_domain`` parameters apply to
the admin user and that the user should instead authenticate with the
system scope. This also adds ``admin_user_domain_name`` so that the
admin user can be found in its domain (namespace) without setting
``domain_name``, and for completeness also adds
``admin_project_domain_name`` so that ``domain_name`` could be omitted
even if using project scope.



Change-Id: I840b273c37ca7cc4592c43813abfb424337e2836
2 years ago
Balazs Gibizer 2e515fe596 Remove race due to 1907084
The test_attach_scsi_disk_with_config_drive test cases is racy at volume
detach. Nova first detach the volume in cinder then later deletes the
BlockDeviceMapping from the nova DB. Test waits for the volume to become
available and then checks the list of volume attachments in the nova API
then it can see that the attachment is still there.

Closes-Bug: #1907084
Change-Id: I814ae3215f39d1e8407c4ca1c7117a314941c80b
3 years ago
Zuul ae5285d5d8 Merge "Fix "TypeError: format requires a mapping" in waiters" 3 years ago
Zuul 05628f2e91 Merge "Remove six.PY3/six.PY2" 3 years ago
zhufl 414ffbacb7 Fix "TypeError: format requires a mapping" in waiters
This is to fix the "TypeError: format requires a mapping" in
wait_for_image_imported_to_stores and wait_for_image_copied_to_stores.

Change-Id: I8a33bd4f4ea189ce9247dfecec1e53001682b870
3 years ago
Slawek Kaplonski e3405ba808 Check VM's console log before trying to SSH to it.
Due to issue described in related bug report, it seems that it may
happen sometimes that tempest will start trying to ssh to the instance
before ssh key will be really configured in the instance and in such
case it may happened that there will be AuthenticationFailure error
always there. Even if ssh key will be configured properly later during
the test.

To workaround that issue and avoid failures of tests, this patch adds
check if the vm is really booted and ready to ssh. It is done by
checking console log of the VM and looking for specific string "login:"
which appears at least in case of Cirros and Ubuntu images used in our
CI jobs.
In case when such string will not be found, test will continue to run
and will still try to ssh to the instance. So in worst case it may slow
ssh to the instance a bit but shouldn't really have any bad impact on
test as before this patch it would probably also wait similar amount of
time but on trying to SSH to the instance.

Similar workaround was introduced in the neutron-tempest-plugin with
[1]. After it was merged number of failed jobs due to ssh "Authentication
failure" issues lower down significantly.


Change-Id: I84a7c2fc389d181388ef821848ffad4bc67f1213
Related-Bug: #1892861
3 years ago
likui 7d91c87345 Remove six.PY3/six.PY2
The Python 2.7 Support has been removed by:
So remove hacking rules for compatibility between python 2 and 3

Change-Id: I0e78b982b79674520c7695c0cca7352677d7b7a0
3 years ago
Zuul ae784996c9 Merge "Add glance image import copy-image tests" 3 years ago
elajkat f9bb8b8b21 New list config option to list network features without API extension
Historically Neutron had API extensions to make it clear what feature
is available and what is not. There are however features without new
API extensions, see [1] and [2].
To avoid having lots of config options that makes it possible in a
branchless tempest to detect if a given feature is available or not on
a given Neutron branch this patch proposes a list config option similar
to api_extensions: available_features.
available_features is a list option with the special all entry, and new
tests that depend on API extensionless features can use this to be
skipped on older branches.


Change-Id: I9d4be68db0f18dcaded4bfe78f5a314cb450987a
3 years ago
Ghanshyam Mann 4346a82ffe Add glance image import copy-image tests
Glance image can be copied to mutli stores using
copy-image import method. Adding test for the same.


Change-Id: Ia7c967946304a8c7a79774b4116dd6169822f3ac
3 years ago
Zuul 3a19818d9e Merge "Fix error that instance could not be found" 3 years ago
ericxiett 5f65bf5802 Fix error that instance could not be found
The instance may have been deleted when calling 'force_delete_server'.
So this patch ignores exception 'lib_exc.NotFound' that avoid
error in tearing down stage.

Change-Id: I29d6d1a41e3fb1bbbdb1f16ef4e54916df2e1ec7
Closes-Bug: #1896865
3 years ago
PranaliD 491d63e12c Add glance multistore tests
Adding tests for below scenarios

 1. test for import_to_all_stores(--all-stores true)

 2. test for import_to_specified_stores(--stores store_list)

Change-Id: I3aa413c624881065a1cf46c6345f9eda923df8eb
3 years ago
Peter Penchev 5c243a9e4e Use the correct attachment id for multiattach.
A volume attached to multiple servers has multiple attachment structures
that are distinguished by their "attachment_id" field, not the "id" one.
So when setting up a waiter watching for an attachment being removed,
the "attachment_id" field must be passed. Thus, when attaching a volume,
it is necessary to wait until the attachment shows up in the volume's
data and then use the "attachment_id" field of that record to pass to
the waiter invoked at tear-down time.

Change-Id: I9ab9f786b23061dd3a6a3482ab9739ba504d2bc0
Closes-Bug: 1894724
3 years ago
Lukas Piwowarski 4f633edd97 Remove checking of Accept-Range header
Some tests fail when Accept-Range header is not present in the
response of the API. This is not necesseary as the Accept-Range
header is not mandatory according to RFC [1].


Closes-Bug: #1885723
Change-Id: I521eb4a332937328b5010df53ddab2af76090202
3 years ago
Thomas Morin 42e111c7d8 object storage: fix and cleanup header checks
As explained in [1] it is not legitimate to require a Transfer-Encoding
header in Swift responses. That prevents running some tests
successfully in the case where Swift is behind a proxy/load-balancer
that does not use any Transfer-Encoding in its responses.

This change hence removes the checks for the presence of a
"Transfer-Encoding" header, and replaces them by the use
of the existing check methods, after modifying the
custom_matcher checks on which these methods rely on to accept
either a Content-Length or a Transfer-Encoding header.

Some adaptation was also required to avoid trying to process 'etag'
for DELETE requests.

A side-effect of this change is a code simplification and
cleanup since the specific header checks in the corresponding
tests are replaced by the generic check methods.


Closes-Bug: 1819851
Change-Id: Iaccea41640a53b564f72cee73981e2e61d3e80ae
3 years ago
Zuul f9a492ad52 Merge "Fix noVNC failed TCs" 3 years ago
zhufl 747300b369 [Trivial]Add space between words in log message
This is to add space between words in log message in

Change-Id: I355bc829e7c0f01613fc907a6bf9e03b785ba3ea
3 years ago
Jason Li ca0fad075d Fix noVNC failed TCs
- Fix noVNC failed TCs tempest.api.compute.servers.test_novnc.NoVNCConsoleTestJSON.test_novnc:
  * Current noVNC request miss the / prefix in GET header in the websocket upgrade request.
  * Current GET header GET ?token=xxx HTTP/1 can cause "HTTP/1.1 400 Bad Request" error.
  * Fix the issue by adding / prefix and
  # updated request format is: GET /?token=xxx HTTP/1.1 or GET /websockify HTTP/1.1

Change-Id: I38a91b8e293e39625d08073e2b898451b6126ecb
3 years ago
Zuul 41f48727af Merge "Support force-deletion of servers." 3 years ago
Lee Yarwood c1b2a4a71b waiters: Add wait_for_volume_attachment_remove
This change adds a specific waiter for tracking the removal of
attachments from a volume. This should allow callers to track the
detaching of multiattached volumes from instances while the volume
remains in an `in-use` state.

Related-bug: #1858841
Change-Id: I85917f683d2bc81fdf3f6d3351bf56fdb649740e
3 years ago
Paras Babbar 4b45f9e54c Fix test_stamp_pattern to remove dependency of user supplied volume name
This patch removes CONF.compute.volume_device_name dependency and
use modified list_disks method to get the newly attached
device name and use that for mkfs rather than the user supplied
device name which is based on assumtion.

Also modfied test_attach_detach testcase and unit test
for remote_client accordingly.

Change-Id: I862d1ba55f45b09385057a51b0b52a851c19287e
Closes-Bug: #1852807
3 years ago
ericxiett d0ef93e016 Support force-deletion of servers.
If reclaim_instance_interval > 0 in nova.conf, some testcases will
fail cause of resource's state is 'in-use'. This patch adds the logic
in `wait_for_server_termination` that if the virtual machine state is
 SOFT_DELETED, then call `force_delete`.

Change-Id: I406188ac2aa54419fa4e44f547ae80a31b58b858
Closes-Bug: #1850568
3 years ago
Paras Babbar f11856505f Fix test_attach_detach_volume test case to not rely on user/libvirt supplied disk name
This patch removes user provided and libvirt assigned
value as that was based on assumption rather count the
disk name before and after attach/detach based on output
generated using 'lsblk' command  in the running instance
with the help of new method list_disks in client and
existing util remote client for remote ssh.

we observer this test case failing when the instance boot
with config drive format "vfat" enabled with two volume
vda and vdb volume disk name, so whatever test case boot with
config drive as well as ephemeral disk  was not be able to
use this testcase.

Change-Id: Id3e537bc55089ca5c35fa1f973dd47f2b11147ae
Partial-Bug: #1852807
4 years ago
Lucian Petrut 6a7472aa8b mke2fs: do not use full path
At the moment, tempest assumes that mke2fs will reside at /usr/sbin.
This is not necessarily true, for which reason it's safer to just
avoid using the full path.

Change-Id: I6455bbc2e5cec14d2520b19fc00d183d02879e4b
4 years ago
Zuul e467c3c9f2 Merge "Specify AZ for non-scenario tests" 4 years ago
Martin Kopec 00e6d6c2e9 Specify AZ for non-scenario tests
The review allows related non-scenario tests which create
volumes and servers to read and use
If the tests don't use the option and tested environment has
multiple availability_zones, the tests fail.

Related-bug: #1647999

Change-Id: Ia0a6fd2175635d4375514d7609646b4516836dc0
4 years ago
Zuul a2a3ff70ad Merge "Pass more accurate error message to DeleteErrorException" 4 years ago
zhufl 0ded98ff65 Pass more accurate error message to DeleteErrorException
Now we can get error messages like "Resource 595f6527-d84c-
4e14-a86f-c7be186a864c failed to delete and is in ERROR status",
and this has two problems:
1. It doesn't indicate which kind of resource, e.g., volume or server
2. For DeleteErrorException raised in volumes_client, the volume
   status is error_deleting, not ERROR.
So this is to pass full and accurate message to DeleteErrorException
to avoid the confusion.

Change-Id: I8cfd9f84b888b3380b6109e967b09f7fa74e4051
4 years ago
Zuul bba7ad6b2c Merge "Handle 'path' query parameter for test_novnc" 4 years ago
zhufl 0ea2c01d75 Break wait_for_volume_resource_status when error_extending
When extending volume reaches status error_extending, we should
return from wait_for_volume_resource_status immediately instead
of waiting for the TimeoutException.

Change-Id: I3db0325c23ebb8d42fe77f4c28552fe9cf5ed807
4 years ago
Zuul df5935be35 Merge "Adds protocol options for test_cross_tenant_traffic" 4 years ago
Zuul 7fb6e81027 Merge "Introduce an attached volume migration test" 4 years ago
Zuul 7102321f82 Merge "[Trivial]Remove unused variable assignments" 4 years ago
zhufl f5cff8b448 [Trivial]Remove unused variable assignments
This is to remove unused variable assignments in

Change-Id: Ib3a7943eabaf037540520d5e0e53750c4db5743d
4 years ago
melanie witt 27ba933ab5 Handle 'path' query parameter for test_novnc
Starting in v1.1.0 of noVNC, it no longer forwards a token from the
URI via a cookie and we must instead specify the token as part of the
'path' query parameter.

This adds handling of the 'path' query parameter so the test_novnc
tests will be able to work with a console access url that has the token
in the 'path' query parameter instead of in a cookie and thus work with
noVNC >= v1.1.0.

Related-Bug: #1822676

Change-Id: Ifc0262f869e4d08d2746275438575980213fe9b2
4 years ago
Lee Yarwood e5597401ff Introduce an attached volume migration test
This change introduces a true cinder host to host attached volume
migration test in addition to the existing attached volume retype test.
To enable this two new calls are introduced to the v3 volume client to
allow all volume backends to be listed per project and to also call for
a direct volume migration between backends.

Related-bug: #1803961
Depends-On: I1bdf3431bda2da98380e0dcaa9f952e6768ca3af
Change-Id: I501eb0cd5eb101b4dc553c2cdbc414693dd5b681
4 years ago
afazekas 40fcb9ba28 Add autopep8 to tox.ini
autopep8 is an automated code formatting tool for python,
it does not know everything, also not super fast,
but it is faster than I can manually reformat the code.

tools/ will call the formatting,
the tox will check did you called it.

Also adding a tox -eautopep8 way to use it.

autopep8 formats the lines in one way,
where tempest used a another way it was changed.

Change-Id: I6d51b14a5a5b87761071d0927fca23ba1651aa41
4 years ago
Zuul ca87ec6989 Merge "Ensure volume is deleted after build error" 4 years ago
Matt Riedemann acd6ecdbd9 Log the result of command in get_nic_name_by_ip
We need to know the result of the command run
in get_nic_name_by_ip to see what is getting parsed
since we are returning the empty string in some
cases which results in an error because
/var/run/ does not exist in the guest.

Change-Id: Ie15ac360a7fd384583607d5bf1d8ce7a3d2c3576
Related-Bug: #1813198
4 years ago
mccasland, trevor (tm2086) 0fedb410eb Ensure volume is deleted after build error
When creating a test server and the volume fails to build
a VolumeResourceBuildErrorException is raised causing a resource
leak on the testing system[1]

This change aims to remove the volume before raising the exception
to the calling test so that the system is properly cleaned up of
testing resources before exiting.


Change-Id: Ib064e4f2cb113f98da73db519d855fa892515f66
4 years ago
Sergey Vilgelm eac094a8cf
docs: Fix incorrect docstrings in reStructuredText format
Several docstrings have incorrect format, what prevents to generate
a documentation using sphinx-apidoc extension.

Change-Id: I66431c7030089173d7635c1e2a72765db21f9780
5 years ago
Artom Lifshitz 595ae16987 Deprecate available filters in favor of enabled
Previously, Tempest's default for scheduler_available_filters was
'all'. This was different from Nova's default enabled_filters, which
does *not* include all possible filters available in Nova. Thus, in a
deployment where both options were kept at their default value,
Tempest's is_scheduler_filter_enabled() would return True for all
filters, even if those filters weren't enabled in Nova. In addition,
the 'available' wording could be made clearer. This patch deprecates
scheduler_available_filters, replacing it with
scheduler_enabled_filters. The latter has its default value set to
Nova's enabled_filters default.

Related-bug: 1628443
Change-Id: I5c87865dc650d383ee006d36b6d52cdd90577ab9
5 years ago
ghanshyam 6c682ffc5d Make volume client alias with _latest suffix
This is next step patch from
which makes all the volume service clients alias with _latest suffix.

As all the volume clients point to v3 service client only, having
alias with _v2_ or _v3_ name are confusing.

This commit provide alias with _latest suffix and use them in
tempest. As old alias are being used in tempest plugins also,
we keep the old alias also and slowly will move each plugins to
start using new alias.

Change-Id: Ib89ab72ab4ada3e8442901f104b0b96072187ef9
5 years ago
Stephen Finucane 7f4a6211bf Mark raw strings as such
This is raising warnings now and will be an error in future versions of
Python 3.

Change-Id: I8827cb36ef2ef85e8f245a2a181fb23ee75bfd16
5 years ago
Artom Lifshitz 3306d428d2 Add wait_for_interface_detach method
The method waits for an interface to be detached from a server.
It will be used in the subsequent patch that tests tagged device
attach and detach (nova API 2.49).

Change-Id: If23bd5947dea345b30a77bc83c5b3dbfa5a4267b
5 years ago
Mohammed Naser aa5dd9a3cb Connect to default ports if none are specified
If the VNC is running at a default port and the address returned
is an address which does not contain a port, then the VNC tests
fail to connect because they attempt to call a socket connect
without an IP listed.

In addition, this makes sure that the Host header does not include
a port if we are hitting the default port so things are clean.

Change-Id: Ie5939a4c5789efb759f5a2372435be7f9af33e91
5 years ago
ghanshyam b20f7e62c6 Remove deprecated config options 'resources_prefix'
Config option 'resources_prefix' was deprecated. It is
used by only manila plugin which fix has been commited.

This commit removes this config option and hardcode the
resource prefix as 'tempest'

Change-Id: Idce7af97fe6647e3095b2b626fbacb3446694fbc
Depends-On: I9c140b3a9efabeced7fc26cb1f169ebe6789d88b
5 years ago
Masayuki Igawa 544b3c85c1
Remove confusing comment in common/
This commit removes a confusing comment. This "l.58" indicated that
around line 126 - `if multiple_create_request:` condition, originally.
(The condition has been modified from the original one, though.) And, we
shouldn't fix it to 'l.126' because it isn't stable.

Change-Id: Iad059ce8a97da544948e5383461a4cc480067992
6 years ago
Zuul 6dd6fc66d8 Merge "Add IPv6 support to create_websocket()" 6 years ago