openstack
/
tempest
Code Issues Proposed changes
tempest/tempest
History
Andrea Frittoli 8bbdb1660f Multiversion authentication part1 
Moves authentication from rest_client to an external auth_provider,
assigned to the client by the client manager.

The auth provider can decorate a request based on credentials (coming
from the client manager) and filters (region, service, endpoint_type)
given by the client. The auth provider can also return the raw
auth_data, which in the Keystone implementation is a tuple (token,
auth_data). The auth provider allows mixing multiple credentials
when decorating a request, possibly using empty or invalid credentials,
to facilitate negative tests.

The auth provider caches auth data, so that all API requests for a
specific set of credentials only require a single call to obtain a
token, unless the token expires or is forcefully deleted from the
auth provder.

Two implementations of the auth provider are included: Keystonev2 and
Keystonev3.  The Manager object behaves as factory of auth_providers,
building the correct one based on the configured auth_version, and on
the interface type (JSON or XML).

Fixes endpoint selection for v3 auth. Drops unused basic_auth.
Extends TokenClients to provide both token and auth data,
and accept different combinations of credentials for v3.
Removes redundant server_client_v3_auth.

Adapts tempest unit tests to work with modified rest client.

Introduces a configuration parameter for authentication version to be
used. That is used when instantiating the client manager, and it
applies to all clients used by api tests.

Next steps (next patches):
- move to credentials as dict (as opposed to tuple)
- expose a get_client method from the client manager
  and create clients only when requested
- remove redundant CustomizedHeader object storage clients
- supports keystone v3 in tenant isolation
- use Auth Provider in scenario tests
- use Auth Provider in CLI tests
- implement parsing of catalog XML format (?)

Partially implements: bp multi-keystone-api-version-tests

Change-Id: Icfa921e9051c01f339f8d2471b12d6ec950cc456
 		2014-02-05 11:34:53 +00:00
..
api Multiversion authentication part1 2014-02-05 11:34:53 +00:00
cli Convert cli tests to use global CONF object 2014-01-30 18:43:22 -05:00
common Multiversion authentication part1 2014-02-05 11:34:53 +00:00
hacking Remove vim headers 2014-01-20 11:22:45 +09:00
openstack Sync Patch and PatchObject fixtures from oslo-incubator 2014-01-21 03:23:21 +00:00
scenario Merge "Forbid availability_zone None in aggregate Nova API" 2014-02-05 01:48:36 +00:00
services Multiversion authentication part1 2014-02-05 11:34:53 +00:00
stress Fix stress test README.rst 2014-02-01 03:53:54 +04:00
test_discover Use unittest2.TestSuite with py26 2014-01-27 10:54:44 +01:00
tests Multiversion authentication part1 2014-02-05 11:34:53 +00:00
thirdparty Merge "Enable tenant isolation for the boto tests" 2014-02-01 13:57:33 +00:00
README.rst Remove Whitebox tests 2013-09-12 15:40:15 +00:00
__init__.py Changes the namespace from storm to tempest, as well as adding addition tests and improvements 2011-12-06 16:48:03 -06:00
auth.py Multiversion authentication part1 2014-02-05 11:34:53 +00:00
clients.py Multiversion authentication part1 2014-02-05 11:34:53 +00:00
config.py Multiversion authentication part1 2014-02-05 11:34:53 +00:00
exceptions.py Cleanup exceptions 2014-01-27 15:35:02 +09:00
manager.py Remove last uses of config without global CONF object 2014-01-31 14:57:17 +00:00
test.py Merge "Negative test autogeneration framework" 2014-02-04 14:59:01 +00:00

README.rst

Tempest Field Guide Overview

Tempest is designed to be useful for a large number of different environments. This includes being useful for gating commits to OpenStack core projects, being used to validate OpenStack cloud implementations for both correctness, as well as a burn in tool for OpenStack clouds.

As such Tempest tests come in many flavors, each with their own rules and guidelines. Below is the proposed Havana restructuring for Tempest to make this clear.

tempest/
   api/ - API tests
   cli/ - CLI tests
   scenario/ - complex scenario tests
   stress/ - stress tests
   thirdparty/ - 3rd party api tests

Each of these directories contains different types of tests. What belongs in each directory, the rules and examples for good tests, are documented in a README.rst file in the directory.

api

API tests are validation tests for the OpenStack API. They should not use the existing python clients for OpenStack, but should instead use the tempest implementations of clients. This allows us to test both XML and JSON. Having raw clients also lets us pass invalid JSON and XML to the APIs and see the results, something we could not get with the native clients.

When it makes sense, API testing should be moved closer to the projects themselves, possibly as functional tests in their unit test frameworks.

cli

CLI tests use the openstack CLI to interact with the OpenStack cloud. CLI testing in unit tests is somewhat difficult because unlike server testing, there is no access to server code to instantiate. Tempest seems like a logical place for this, as it prereqs having a running OpenStack cloud.

scenario

Scenario tests are complex "through path" tests for OpenStack functionality. They are typically a series of steps where complicated state requiring multiple services is set up exercised, and torn down.

Scenario tests can and should use the OpenStack python clients.

stress

Stress tests are designed to stress an OpenStack environment by running a high workload against it and seeing what breaks. Tools may be provided to help detect breaks (stack traces in the logs).

TODO: old stress tests deleted, new_stress that david is working on moves into here.

thirdparty

Many openstack components include 3rdparty API support. It is completely legitimate for Tempest to include tests of 3rdparty APIs, but those should be kept separate from the normal OpenStack validation.