x/swift3
Code Issues Proposed changes

Merge "Update how we set up Keystone"

Browse Source
This commit is contained in:
Jenkins
2017-02-21 20:22:44 +00:00
committed by Gerrit Code Review
parent e1598e29d9 170cdd711a
commit fc66da81a5
3 changed files with 74 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
swift3/test/functional/conf/keystone-paste.ini
View File

@@ -1,91 +1,80 @@
# Keystone PasteDeploy configuration file. # Keystone PasteDeploy configuration file.
[filter:debug] [filter:debug]
paste.filter_factory = keystone.common.wsgi:Debug.factory use = egg:oslo.middleware#debug
[filter:request_id]
use = egg:oslo.middleware#request_id
[filter:build_auth_context] [filter:build_auth_context]
paste.filter_factory = keystone.middleware:AuthContextMiddleware.factory use = egg:keystone#build_auth_context
[filter:token_auth] [filter:token_auth]
paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory use = egg:keystone#token_auth
[filter:admin_token_auth]
paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory
[filter:json_body] [filter:json_body]
paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory use = egg:keystone#json_body
[filter:user_crud_extension] [filter:cors]
paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory use = egg:oslo.middleware#cors
oslo_config_project = keystone
[filter:crud_extension] [filter:http_proxy_to_wsgi]
paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory use = egg:oslo.middleware#http_proxy_to_wsgi
[filter:healthcheck]
use = egg:oslo.middleware#healthcheck
[filter:ec2_extension] [filter:ec2_extension]
paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory use = egg:keystone#ec2_extension
[filter:ec2_extension_v3] [filter:ec2_extension_v3]
paste.filter_factory = keystone.contrib.ec2:Ec2ExtensionV3.factory use = egg:keystone#ec2_extension_v3
[filter:federation_extension]
paste.filter_factory = keystone.contrib.federation.routers:FederationExtension.factory
[filter:oauth1_extension]
paste.filter_factory = keystone.contrib.oauth1.routers:OAuth1Extension.factory
[filter:s3_extension] [filter:s3_extension]
paste.filter_factory = keystone.contrib.s3:S3Extension.factory use = egg:keystone#s3_extension
[filter:endpoint_filter_extension]
paste.filter_factory = keystone.contrib.endpoint_filter.routers:EndpointFilterExtension.factory
[filter:simple_cert_extension]
paste.filter_factory = keystone.contrib.simple_cert:SimpleCertExtension.factory
[filter:revoke_extension]
paste.filter_factory = keystone.contrib.revoke.routers:RevokeExtension.factory
[filter:url_normalize] [filter:url_normalize]
paste.filter_factory = keystone.middleware:NormalizingFilter.factory use = egg:keystone#url_normalize
[filter:stats_monitoring] [filter:sizelimit]
paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory use = egg:oslo.middleware#sizelimit
[filter:stats_reporting]
paste.filter_factory = keystone.contrib.stats:StatsExtension.factory
[filter:access_log]
paste.filter_factory = keystone.contrib.access:AccessLogMiddleware.factory
[app:public_service] [app:public_service]
paste.app_factory = keystone.service:public_app_factory use = egg:keystone#public_service
[app:service_v3] [app:service_v3]
paste.app_factory = keystone.service:v3_app_factory use = egg:keystone#service_v3
[app:admin_service] [app:admin_service]
paste.app_factory = keystone.service:admin_app_factory use = egg:keystone#admin_service
[pipeline:public_api] [pipeline:public_api]
pipeline = url_normalize build_auth_context token_auth admin_token_auth json_body ec2_extension user_crud_extension public_service # The last item in this pipeline must be public_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi url_normalize request_id build_auth_context token_auth json_body ec2_extension public_service
[pipeline:admin_api] [pipeline:admin_api]
pipeline = url_normalize build_auth_context token_auth admin_token_auth json_body ec2_extension s3_extension crud_extension admin_service # The last item in this pipeline must be admin_service or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi url_normalize request_id build_auth_context token_auth json_body ec2_extension s3_extension admin_service
[pipeline:api_v3] [pipeline:api_v3]
pipeline = url_normalize build_auth_context token_auth admin_token_auth json_body ec2_extension_v3 s3_extension simple_cert_extension service_v3 # The last item in this pipeline must be service_v3 or an equivalent
# application. It cannot be a filter.
pipeline = healthcheck cors sizelimit http_proxy_to_wsgi url_normalize request_id build_auth_context token_auth json_body ec2_extension_v3 s3_extension service_v3
[app:public_version_service] [app:public_version_service]
paste.app_factory = keystone.service:public_version_app_factory use = egg:keystone#public_version_service
[app:admin_version_service] [app:admin_version_service]
paste.app_factory = keystone.service:admin_version_app_factory use = egg:keystone#admin_version_service
[pipeline:public_version_api] [pipeline:public_version_api]
pipeline = url_normalize public_version_service pipeline = healthcheck cors sizelimit url_normalize public_version_service
[pipeline:admin_version_api] [pipeline:admin_version_api]
pipeline = url_normalize admin_version_service pipeline = healthcheck cors sizelimit url_normalize admin_version_service
[composite:main] [composite:main]
use = egg:Paste#urlmap use = egg:Paste#urlmap

4
swift3/test/functional/conf/keystone.conf.in
View File

@@ -22,3 +22,7 @@ certfile=%TEST_DIR%/certs/signing_cert.pem
keyfile=%TEST_DIR%/private/signing_key.pem keyfile=%TEST_DIR%/private/signing_key.pem
ca_certs=%TEST_DIR%/certs/ca.pem ca_certs=%TEST_DIR%/certs/ca.pem
ca_key=%TEST_DIR%/private/cakey.pem ca_key=%TEST_DIR%/private/cakey.pem
[fernet_tokens]
key_repository=%TEST_DIR%/fernet-keys/

51
swift3/test/functional/setup_keystone
View File

@@ -15,8 +15,11 @@
set -e set -e
export OS_TOKEN=ADMIN export OS_AUTH_URL=http://localhost:35357/
export OS_URL=http://localhost:35357/v2.0 export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_IDENTITY_API_VERSION=3
_get_id() _get_id()
{ {
@@ -33,25 +36,28 @@ _add_user()
TENANT_ID=$(openstack project list | awk "/ $tenant / { print \$2 }") TENANT_ID=$(openstack project list | awk "/ $tenant / { print \$2 }")
if [ "$TENANT_ID" == "" ]; then if [ "$TENANT_ID" == "" ]; then
# create a new tenant # create a new tenant
TENANT_ID=$(openstack project create $tenant | _get_id) TENANT_ID=$(openstack project create $tenant | _get_id)
fi fi
USER_ID=$(openstack user create $user --password=$password \ USER_ID=$(openstack user list | awk "/ $user / { print \$2 }")
--project $TENANT_ID | _get_id) if [ "$USER_ID" == "" ]; then
USER_ID=$(openstack user create $user --password=$password \
--project $TENANT_ID | _get_id)
fi
if [ "$role" != "" ]; then if [ "$role" != "" ]; then
ROLE_ID=$(openstack role list | awk "/ $role / { print \$2 }") ROLE_ID=$(openstack role list | awk "/ $role / { print \$2 }")
if [ "$ROLE_ID" == "" ]; then if [ "$ROLE_ID" == "" ]; then
# create a new role # create a new role
ROLE_ID=$(openstack role create $role | _get_id) ROLE_ID=$(openstack role create $role | _get_id)
fi fi
openstack role add --user $USER_ID --project $TENANT_ID $ROLE_ID openstack role add --user $USER_ID --project $TENANT_ID $ROLE_ID
fi fi
eval $(openstack ec2 credentials create --user $user --project $tenant \ eval $(openstack ec2 credentials create --user $user --project $tenant \
-f shell -c access -c secret) -f shell -c access -c secret)
export ${name}_ACCESS_KEY=$access export ${name}_ACCESS_KEY=$access
export ${name}_SECRET_KEY=$secret export ${name}_SECRET_KEY=$secret
} }
@@ -63,9 +69,9 @@ _create_swift_accounts()
_add_user TESTER test tester testing admin _add_user TESTER test tester testing admin
_add_user TESTER2 test tester2 testing2 member _add_user TESTER2 test tester2 testing2 member
SERVICE=$(openstack service create swift --type=object-store | _get_id) SERVICE=$(openstack service create --name=swift object-store | _get_id)
openstack endpoint create $SERVICE \ openstack endpoint create $SERVICE \
--publicurl "http://localhost:8080/v1/AUTH_\$(tenant_id)s" public "http://localhost:8080/v1/AUTH_\$(tenant_id)s"
} }
_setup_keystone() _setup_keystone()
@@ -75,11 +81,20 @@ _setup_keystone()
local log_file="${LOG_DEST:-${TEST_DIR}/log}/keystone.log" local log_file="${LOG_DEST:-${TEST_DIR}/log}/keystone.log"
mkdir -p "$(dirname "${log_file}")" mkdir -p "$(dirname "${log_file}")"
keystone-all --config-file conf/keystone.conf --debug > "${log_file}" 2>&1 & keystone-manage --config-file conf/keystone.conf --debug fernet_setup
export keystone_pid=$!
keystone-manage --config-file conf/keystone.conf --debug db_sync keystone-manage --config-file conf/keystone.conf --debug db_sync
keystone-manage --config-file conf/keystone.conf --debug pki_setup keystone-manage --config-file conf/keystone.conf --debug pki_setup
keystone-manage --config-file conf/keystone.conf --debug bootstrap \
--bootstrap-password=$OS_PASSWORD \
--bootstrap-admin-url=$OS_AUTH_URL \
--bootstrap-public-url=${OS_AUTH_URL/35357/5000}
keystone-wsgi-admin -p 35357 -- --config-file conf/keystone.conf --debug \
> "${log_file}" 2>&1 &
export keystone_pid=$!
# make sure it's actually running
sleep 1
ps -p $keystone_pid
_create_swift_accounts _create_swift_accounts
} }