OpenStack Testing (Tempest) of an existing cloud
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
tempest/tempest/tests/common/test_credentials_factory.py

307 lines
15 KiB

# Copyright 2017 IBM Corp.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from unittest import mock
from oslo_config import cfg
import testtools
from tempest.common import credentials_factory as cf
from tempest import config
from tempest.lib.common import dynamic_creds
from tempest.lib.common import preprov_creds
from tempest.lib import exceptions
from tempest.tests import base
from tempest.tests import fake_config
from tempest.tests.lib import fake_credentials
class TestCredentialsFactory(base.TestCase):
def setUp(self):
super(TestCredentialsFactory, self).setUp()
self.useFixture(fake_config.ConfigFixture())
self.patchobject(config, 'TempestConfigPrivate',
fake_config.FakePrivate)
def test_get_dynamic_provider_params_creds_v2(self):
expected_uri = 'EXPECTED_V2_URI'
cfg.CONF.set_default('uri', expected_uri, group='identity')
admin_creds = fake_credentials.FakeCredentials()
params = cf.get_dynamic_provider_params('v2', admin_creds=admin_creds)
expected_params = dict(identity_uri=expected_uri,
admin_creds=admin_creds)
for key in expected_params:
self.assertIn(key, params)
self.assertEqual(expected_params[key], params[key])
def test_get_dynamic_provider_params_creds_v3(self):
expected_uri = 'EXPECTED_V3_URI'
cfg.CONF.set_default('uri_v3', expected_uri, group='identity')
admin_creds = fake_credentials.FakeCredentials()
params = cf.get_dynamic_provider_params('v3', admin_creds=admin_creds)
expected_params = dict(identity_uri=expected_uri,
admin_creds=admin_creds)
for key in expected_params:
self.assertIn(key, params)
self.assertEqual(expected_params[key], params[key])
def test_get_dynamic_provider_params_creds_vx(self):
admin_creds = fake_credentials.FakeCredentials()
invalid_version = 'invalid_version_x'
with testtools.ExpectedException(
exc_type=exceptions.InvalidIdentityVersion,
value_re='Invalid version ' + invalid_version):
cf.get_dynamic_provider_params(invalid_version,
admin_creds=admin_creds)
def test_get_dynamic_provider_params_no_creds(self):
expected_identity_version = 'v3'
with mock.patch.object(
cf, 'get_configured_admin_credentials') as admin_creds_mock:
cf.get_dynamic_provider_params(expected_identity_version)
admin_creds_mock.assert_called_once_with(
fill_in=True, identity_version=expected_identity_version)
def test_get_preprov_provider_params_creds_v2(self):
expected_uri = 'EXPECTED_V2_URI'
cfg.CONF.set_default('uri', expected_uri, group='identity')
params = cf.get_preprov_provider_params('v2')
self.assertIn('identity_uri', params)
self.assertEqual(expected_uri, params['identity_uri'])
def test_get_preprov_provider_params_creds_v3(self):
expected_uri = 'EXPECTED_V3_URI'
cfg.CONF.set_default('uri_v3', expected_uri, group='identity')
params = cf.get_preprov_provider_params('v3')
self.assertIn('identity_uri', params)
self.assertEqual(expected_uri, params['identity_uri'])
def test_get_preprov_provider_params_creds_vx(self):
invalid_version = 'invalid_version_x'
with testtools.ExpectedException(
exc_type=exceptions.InvalidIdentityVersion,
value_re='Invalid version ' + invalid_version):
cf.get_dynamic_provider_params(invalid_version)
@mock.patch.object(dynamic_creds, 'DynamicCredentialProvider')
@mock.patch.object(cf, 'get_dynamic_provider_params')
def test_get_credentials_provider_dynamic(
self, mock_dynamic_provider_params,
mock_dynamic_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', True, group='auth')
expected_params = {'foo': 'bar'}
mock_dynamic_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_network_resources = {'network': 'resources'}
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
network_resources=expected_network_resources,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_dynamic_provider_params.assert_called_once_with(
expected_identity_version)
mock_dynamic_credentials_provider_class.assert_called_once_with(
name=expected_name, network_resources=expected_network_resources,
**expected_params)
@mock.patch.object(preprov_creds, 'PreProvisionedCredentialProvider')
@mock.patch.object(cf, 'get_preprov_provider_params')
def test_get_credentials_provider_preprov(
self, mock_preprov_provider_params,
mock_preprov_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', '/some/file', group='auth')
expected_params = {'foo': 'bar'}
mock_preprov_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
force_tenant_isolation=False,
identity_version=expected_identity_version)
mock_preprov_provider_params.assert_called_once_with(
expected_identity_version)
mock_preprov_credentials_provider_class.assert_called_once_with(
name=expected_name, **expected_params)
def test_get_credentials_provider_preprov_no_file(self):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
cfg.CONF.set_default('test_accounts_file', None, group='auth')
with testtools.ExpectedException(
exc_type=exceptions.InvalidConfiguration):
cf.get_credentials_provider(
'some_name',
force_tenant_isolation=False,
identity_version='some_version')
@mock.patch.object(dynamic_creds, 'DynamicCredentialProvider')
@mock.patch.object(cf, 'get_dynamic_provider_params')
def test_get_credentials_provider_force_dynamic(
self, mock_dynamic_provider_params,
mock_dynamic_credentials_provider_class):
cfg.CONF.set_default('use_dynamic_credentials', False, group='auth')
expected_params = {'foo': 'bar'}
mock_dynamic_provider_params.return_value = expected_params
expected_name = 'my_name'
expected_network_resources = {'network': 'resources'}
expected_identity_version = 'identity_version'
cf.get_credentials_provider(
expected_name,
network_resources=expected_network_resources,
force_tenant_isolation=True,
identity_version=expected_identity_version)
mock_dynamic_provider_params.assert_called_once_with(
expected_identity_version)
mock_dynamic_credentials_provider_class.assert_called_once_with(
name=expected_name, network_resources=expected_network_resources,
**expected_params)
@mock.patch.object(cf, 'get_credentials')
def test_get_configured_admin_credentials(self, mock_get_credentials):
cfg.CONF.set_default('auth_version', 'v3', 'identity')
all_params = [
('admin_username', 'username', 'my_name'),
('admin_user_domain_name', 'user_domain_name', 'my_dname'),
('admin_password', 'password', 'secret'),
('admin_project_name', 'project_name', 'my_pname'),
('admin_project_domain_name', 'project_domain_name', 'my_dname'),
('admin_domain_name', 'domain_name', 'my_dname'),
('admin_system', 'system', None),
]
expected_result = 'my_admin_credentials'
mock_get_credentials.return_value = expected_result
for config_item, _, value in all_params:
cfg.CONF.set_default(config_item, value, 'auth')
# Build the expected params
expected_params = dict(
[(field, value) for _, field, value in all_params])
expected_params.update(config.service_client_config())
admin_creds = cf.get_configured_admin_credentials()
mock_get_credentials.assert_called_once_with(
fill_in=True, identity_version='v3', **expected_params)
self.assertEqual(expected_result, admin_creds)
@mock.patch.object(cf, 'get_credentials')
def test_get_configured_admin_credentials_not_fill_valid(
self, mock_get_credentials):
cfg.CONF.set_default('auth_version', 'v2', 'identity')
all_params = [
('admin_username', 'username', 'my_name'),
('admin_user_domain_name', 'user_domain_name', 'my_dname'),
('admin_password', 'password', 'secret'),
('admin_project_domain_name', 'project_domain_name', 'my_dname'),
('admin_project_name', 'project_name', 'my_pname'),
('admin_domain_name', 'domain_name', 'my_dname'),
('admin_system', 'system', None),
]
expected_result = mock.Mock()
expected_result.is_valid.return_value = True
mock_get_credentials.return_value = expected_result
for config_item, _, value in all_params:
cfg.CONF.set_default(config_item, value, 'auth')
# Build the expected params
expected_params = dict(
[(field, value) for _, field, value in all_params])
expected_params.update(config.service_client_config())
admin_creds = cf.get_configured_admin_credentials(
fill_in=False, identity_version='v3')
mock_get_credentials.assert_called_once_with(
fill_in=False, identity_version='v3', **expected_params)
self.assertEqual(expected_result, admin_creds)
expected_result.is_valid.assert_called_once()
@mock.patch.object(cf, 'get_credentials')
def test_get_configured_admin_credentials_not_fill_not_valid(
self, mock_get_credentials):
cfg.CONF.set_default('auth_version', 'v2', 'identity')
expected_result = mock.Mock()
expected_result.is_valid.return_value = False
mock_get_credentials.return_value = expected_result
with testtools.ExpectedException(exceptions.InvalidConfiguration,
value_re='.*\n.*identity version v2'):
cf.get_configured_admin_credentials(fill_in=False)
@mock.patch('tempest.lib.auth.get_credentials')
def test_get_credentials_v2(self, mock_auth_get_credentials):
expected_uri = 'V2_URI'
expected_result = 'my_creds'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri', expected_uri, 'identity')
params = {'foo': 'bar'}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(identity_version='v2', **params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=True, identity_version='v2',
**expected_params)
@mock.patch('tempest.lib.auth.get_credentials')
def test_get_credentials_v3_no_domain(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
expected_domain = 'my_domain'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('default_credentials_domain_name',
expected_domain, 'auth')
params = {'foo': 'bar'}
expected_params = params.copy()
expected_params['domain_name'] = expected_domain
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False, identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=False, identity_version='v3',
**expected_params)
@mock.patch('tempest.lib.auth.get_credentials')
def test_get_credentials_v3_domain(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
expected_domain = 'my_domain'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('default_credentials_domain_name',
expected_domain, 'auth')
params = {'foo': 'bar', 'user_domain_name': expected_domain}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False, identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=False, identity_version='v3',
**expected_params)
@mock.patch('tempest.lib.auth.get_credentials')
def test_get_credentials_v3_system(self, mock_auth_get_credentials):
expected_uri = 'V3_URI'
expected_result = 'my_creds'
mock_auth_get_credentials.return_value = expected_result
cfg.CONF.set_default('uri_v3', expected_uri, 'identity')
cfg.CONF.set_default('admin_system', 'all', 'auth')
params = {'system': 'all'}
expected_params = params.copy()
expected_params.update(config.service_client_config())
result = cf.get_credentials(fill_in=False, identity_version='v3',
**params)
self.assertEqual(expected_result, result)
mock_auth_get_credentials.assert_called_once_with(
expected_uri, fill_in=False, identity_version='v3',
**expected_params)