RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2024-12-20 18:33:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
38898dfeb8
ceph/qa/tasks/keystone.py

464 lines
16 KiB
Python
Raw Normal View History

qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
"""
Deploy and configure Keystone for Teuthology
"""
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
import argparse
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
import contextlib
import logging
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
# still need this for python3.6
from collections import OrderedDict
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
from itertools import chain
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
from teuthology import misc as teuthology
from teuthology import contextutil
from teuthology.orchestra import run
qa/tasks/keystone: handle packaged dependencies of Keystone. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-14 12:06:43 +00:00
from teuthology.packaging import install_package
from teuthology.packaging import remove_package
qa/keystone: add missing ConfigError import Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-03 20:06:23 +00:00
from teuthology.exceptions import ConfigError
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
log = logging.getLogger(__name__)
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
def get_keystone_dir(ctx):
return '{tdir}/keystone'.format(tdir=teuthology.get_testdir(ctx))
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
def run_in_keystone_dir(ctx, client, args, **kwargs):
return ctx.cluster.only(client).run(
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
args=[ 'cd', get_keystone_dir(ctx), run.Raw('&&'), ] + args,
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
**kwargs
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
)
qa/keystone: pip install bindep Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 18:06:45 +00:00
def get_toxvenv_dir(ctx):
return ctx.tox.venv_path
qa/tasks/keystone: get rid of cStringIO for py3 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2020-02-21 19:15:44 +00:00
def toxvenv_sh(ctx, remote, args, **kwargs):
activate = get_toxvenv_dir(ctx) + '/bin/activate'
return remote.sh(['source', activate, run.Raw('&&')] + args, **kwargs)
qa/keystone: pip install bindep Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 18:06:45 +00:00
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
def run_in_keystone_venv(ctx, client, args):
run_in_keystone_dir(ctx, client,
[ 'source',
'.tox/venv/bin/activate',
run.Raw('&&')
] + args)
def get_keystone_venved_cmd(ctx, cmd, args):
kbindir = get_keystone_dir(ctx) + '/.tox/venv/bin/'
return [ kbindir + 'python', kbindir + cmd ] + args
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
@contextlib.contextmanager
def download(ctx, config):
"""
Download the Keystone from github.
Remove downloaded file upon exit.
The context passed in should be identical to the context
passed in to the main task.
"""
assert isinstance(config, dict)
log.info('Downloading keystone...')
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
keystonedir = get_keystone_dir(ctx)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
for (client, cconf) in config.items():
ctx.cluster.only(client).run(
args=[
'git', 'clone',
'-b', cconf.get('force-branch', 'master'),
'https://github.com/openstack/keystone.git',
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
keystonedir,
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
],
)
sha1 = cconf.get('sha1')
if sha1 is not None:
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
run_in_keystone_dir(ctx, client, [
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
'git', 'reset', '--hard', sha1,
],
)
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
# hax for http://tracker.ceph.com/issues/23659
run_in_keystone_dir(ctx, client, [
'sed', '-i',
's/pysaml2<4.0.3,>=2.4.0/pysaml2>=4.5.0/',
'requirements.txt'
],
)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
try:
yield
finally:
log.info('Removing keystone...')
for client in config:
ctx.cluster.only(client).run(
qa/rgw: patch keystone requirements.txt an ugly workaround for a python dependency conflict that's broken the rgw/tempest suite. allows us to preserve the pinned versions of keystone/tempest without having to maintain a fork of the keystone repository Fixes: http://tracker.ceph.com/issues/23659 Signed-off-by: Casey Bodley <cbodley@redhat.com>
2018-08-02 20:00:27 +00:00
args=[ 'rm', '-rf', keystonedir ],
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
)
qa/tasks/keystone.py: centos-8 bindep fix The upstream git repository for keystone contains a dependency for "python34-devel" which only exists in centos 7. For centos 8, the correct package is "python36-devel". So, patch bindep.txt before running bindep. Fixes: https://tracker.ceph.com/issues/48920 Signed-off-by: Marcus Watts <mwatts@redhat.com>
2021-01-14 18:14:11 +00:00
patch_bindep_template = """\
import fileinput
import sys
import os
fixed=False
os.chdir("{keystone_dir}")
for line in fileinput.input("bindep.txt", inplace=True):
if line == "python34-devel [platform:centos]\\n":
line="python34-devel [platform:centos-7]\\npython36-devel [platform:centos-8]\\n"
fixed=True
print(line,end="")
print("Fixed line" if fixed else "No fix necessary", file=sys.stderr)
exit(0)
"""
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
@contextlib.contextmanager
def install_packages(ctx, config):
"""
Download the packaged dependencies of Keystone.
Remove install packages upon exit.
The context passed in should be identical to the context
passed in to the main task.
"""
assert isinstance(config, dict)
log.info('Installing packages for Keystone...')
qa/tasks/keystone.py: centos-8 bindep fix The upstream git repository for keystone contains a dependency for "python34-devel" which only exists in centos 7. For centos 8, the correct package is "python36-devel". So, patch bindep.txt before running bindep. Fixes: https://tracker.ceph.com/issues/48920 Signed-off-by: Marcus Watts <mwatts@redhat.com>
2021-01-14 18:14:11 +00:00
patch_bindep = patch_bindep_template \
.replace("{keystone_dir}", get_keystone_dir(ctx))
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
packages = {}
for (client, _) in config.items():
qa: get rid of iterkeys for py3 compatibility Fixes: https://tracker.ceph.com/issues/42287 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2019-10-11 15:57:47 +00:00
(remote,) = ctx.cluster.only(client).remotes.keys()
qa/tasks/keystone.py: centos-8 bindep fix The upstream git repository for keystone contains a dependency for "python34-devel" which only exists in centos 7. For centos 8, the correct package is "python36-devel". So, patch bindep.txt before running bindep. Fixes: https://tracker.ceph.com/issues/48920 Signed-off-by: Marcus Watts <mwatts@redhat.com>
2021-01-14 18:14:11 +00:00
toxvenv_sh(ctx, remote, ['python'], stdin=patch_bindep)
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
# use bindep to read which dependencies we need from keystone/bindep.txt
qa/tasks/keystone: get rid of cStringIO for py3 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2020-02-21 19:15:44 +00:00
toxvenv_sh(ctx, remote, ['pip', 'install', 'bindep'])
packages[client] = toxvenv_sh(ctx, remote,
qa/keystone: pip install bindep Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 18:06:45 +00:00
['bindep', '--brief', '--file', '{}/bindep.txt'.format(get_keystone_dir(ctx))],
qa/tasks/keystone: get rid of cStringIO for py3 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2020-02-21 19:15:44 +00:00
check_status=False).splitlines() # returns 1 on success?
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
for dep in packages[client]:
install_package(dep, remote)
try:
yield
finally:
log.info('Removing packaged dependencies of Keystone...')
for (client, _) in config.items():
qa: get rid of iterkeys for py3 compatibility Fixes: https://tracker.ceph.com/issues/42287 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2019-10-11 15:57:47 +00:00
(remote,) = ctx.cluster.only(client).remotes.keys()
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
for dep in packages[client]:
remove_package(dep, remote)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
@contextlib.contextmanager
def setup_venv(ctx, config):
"""
Setup the virtualenv for Keystone using tox.
"""
assert isinstance(config, dict)
log.info('Setting up virtualenv for keystone...')
for (client, _) in config.items():
qa/tasks/keystone: deploy tox. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:09:08 +00:00
run_in_keystone_dir(ctx, client,
qa/tasks/tox: separate tox deployment from Keystone. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 23:23:31 +00:00
[ 'source',
qa: Run flake8 on python2 and python3 To be able to catch problems with python2 *and* python3, run flake8 with both versions. From the flake8 homepage: It is very important to install Flake8 on the correct version of Python for your needs. If you want Flake8 to properly parse new language features in Python 3.5 (for example), you need it to be installed on 3.5 for Flake8 to understand those features. In many ways, Flake8 is tied to the version of Python on which it runs. Also fix the problems with python3 on the way. Note: This requires now the six module for teuthology. But this is already an install_require in teuthology itself. Signed-off-by: Thomas Bechtold <tbechtold@suse.com>
2019-12-09 16:27:46 +00:00
'{tvdir}/bin/activate'.format(tvdir=get_toxvenv_dir(ctx)),
qa/tasks/keystone: deploy tox. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:09:08 +00:00
run.Raw('&&'),
'tox', '-e', 'venv', '--notest'
])
qa/tasks/keystone: make possible to deploy Keystone on CentOS as well. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-20 13:38:01 +00:00
run_in_keystone_venv(ctx, client,
qa/keystone: pin python-openstackclient and osc-lib keystone's dependencies are installed using its tox.ini, which in turn uses a constraints file of https://releases.openstack.org/constraints/upper/ussuri, and it pins cliff to 3.1.0, which is not able to fulfill the requirement of osc-lib 2.2.0. as it needs needs cliff>=3.2.0. per https://releases.openstack.org/ussuri/, the latest osc-lib for ussuri is 2.0.0. and osc-lib>=2.0.0 is required by python-openstackclient 2.5.1, so let's use it instead of using the latest one. if we install cliff==3.1.0 along with python-openstackclient==5.2.1, we will have following error, as `CommandManager.add_command_group()` method was added to cliff in 3.2.0. see https://opendev.org/openstack/cliff/commit/8477c4dbd0cf651b9b4ba4a4934de69d5942bfc2, so cliff failed to work with the latest openstackclient, like: 2020-06-29T17:26:23.402 INFO:teuthology.orchestra.run.smithi039.stderr:'CommandManager' object has no attribute 'add_command_group' 2020-06-29T17:26:23.402 INFO:teuthology.orchestra.run.smithi039.stderr:Traceback (most recent call last): 2020-06-29T17:26:23.403 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/cliff/app.py", line 264, in run 2020-06-29T17:26:23.403 INFO:teuthology.orchestra.run.smithi039.stderr: self.initialize_app(remainder) 2020-06-29T17:26:23.403 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/openstackclient/shell.py", line 133, in initialize_app 2020-06-29T17:26:23.403 INFO:teuthology.orchestra.run.smithi039.stderr: super(OpenStackShell, self).initialize_app(argv) 2020-06-29T17:26:23.403 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/osc_lib/shell.py", line 442, in initialize_app 2020-06-29T17:26:23.404 INFO:teuthology.orchestra.run.smithi039.stderr: self._load_plugins() 2020-06-29T17:26:23.404 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/openstackclient/shell.py", line 104, in _load_plugins 2020-06-29T17:26:23.404 INFO:teuthology.orchestra.run.smithi039.stderr: self.command_manager.add_command_group(cmd_group) 2020-06-29T17:26:23.404 INFO:teuthology.orchestra.run.smithi039.stderr:AttributeError: 'CommandManager' object has no attribute 'add_command_group' 2020-06-29T17:26:23.404 INFO:teuthology.orchestra.run.smithi039.stderr:Traceback (most recent call last): 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/osc_lib/shell.py", line 134, in run 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: ret_val = super(OpenStackShell, self).run(argv) 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/cliff/app.py", line 264, in run 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: self.initialize_app(remainder) 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/openstackclient/shell.py", line 133, in initialize_app 2020-06-29T17:26:23.405 INFO:teuthology.orchestra.run.smithi039.stderr: super(OpenStackShell, self).initialize_app(argv) 2020-06-29T17:26:23.406 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/osc_lib/shell.py", line 442, in initialize_app 2020-06-29T17:26:23.406 INFO:teuthology.orchestra.run.smithi039.stderr: self._load_plugins() 2020-06-29T17:26:23.406 INFO:teuthology.orchestra.run.smithi039.stderr: File "/home/ubuntu/cephtest/keystone/.tox/venv/lib/python3.6/site-packages/openstackclient/shell.py", line 104, in _load_plugins 2020-06-29T17:26:23.406 INFO:teuthology.orchestra.run.smithi039.stderr: self.command_manager.add_command_group(cmd_group) 2020-06-29T17:26:23.406 INFO:teuthology.orchestra.run.smithi039.stderr:AttributeError: 'CommandManager' object has no attribute 'add_command_group' in this change the openstackclients version is pin'ed to the latest stable of 5.2.1. will have a separated PR to bump up the cliff version on teuthology side. Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-07-01 08:32:33 +00:00
[ 'pip', 'install',
'python-openstackclient==5.2.1',
'osc-lib==2.0.0'
])
qa/tasks/keystone: deploy tox. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:09:08 +00:00
try:
yield
finally:
qa: Run flake8 on python2 and python3 To be able to catch problems with python2 *and* python3, run flake8 with both versions. From the flake8 homepage: It is very important to install Flake8 on the correct version of Python for your needs. If you want Flake8 to properly parse new language features in Python 3.5 (for example), you need it to be installed on 3.5 for Flake8 to understand those features. In many ways, Flake8 is tied to the version of Python on which it runs. Also fix the problems with python3 on the way. Note: This requires now the six module for teuthology. But this is already an install_require in teuthology itself. Signed-off-by: Thomas Bechtold <tbechtold@suse.com>
2019-12-09 16:27:46 +00:00
pass
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
@contextlib.contextmanager
def configure_instance(ctx, config):
assert isinstance(config, dict)
log.info('Configuring keystone...')
keyrepo_dir = '{kdir}/etc/fernet-keys'.format(kdir=get_keystone_dir(ctx))
for (client, _) in config.items():
# prepare the config file
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
run_in_keystone_dir(ctx, client,
[
'source',
f'{get_toxvenv_dir(ctx)}/bin/activate',
run.Raw('&&'),
'tox', '-e', 'genconfig'
])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
run_in_keystone_dir(ctx, client,
[
'cp', '-f',
'etc/keystone.conf.sample',
'etc/keystone.conf'
])
run_in_keystone_dir(ctx, client,
[
'sed',
'-e', 's^#key_repository =.*^key_repository = {kr}^'.format(kr = keyrepo_dir),
'-i', 'etc/keystone.conf'
])
qa/keystone: log to a file in the archive dir Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-06 19:39:24 +00:00
# log to a file that gets archived
log_file = '{p}/archive/keystone.{c}.log'.format(p=teuthology.get_testdir(ctx), c=client)
run_in_keystone_dir(ctx, client,
[
'sed',
'-e', 's^#log_file =.*^log_file = {}^'.format(log_file),
'-i', 'etc/keystone.conf'
])
qa/keystone: save keystone config to archive dir Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-12 17:02:36 +00:00
# copy the config to archive
run_in_keystone_dir(ctx, client, [
'cp', 'etc/keystone.conf',
'{}/archive/keystone.{}.conf'.format(teuthology.get_testdir(ctx), client)
])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
# prepare key repository for Fetnet token authenticator
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
run_in_keystone_dir(ctx, client, [ 'mkdir', '-p', keyrepo_dir ])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
run_in_keystone_venv(ctx, client, [ 'keystone-manage', 'fernet_setup' ])
# sync database
run_in_keystone_venv(ctx, client, [ 'keystone-manage', 'db_sync' ])
yield
@contextlib.contextmanager
def run_keystone(ctx, config):
assert isinstance(config, dict)
log.info('Configuring keystone...')
for (client, _) in config.items():
qa: get rid of iterkeys for py3 compatibility Fixes: https://tracker.ceph.com/issues/42287 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2019-10-11 15:57:47 +00:00
(remote,) = ctx.cluster.only(client).remotes.keys()
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
cluster_name, _, client_id = teuthology.split_role(client)
# start the public endpoint
client_public_with_id = 'keystone.public' + '.' + client_id
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
public_host, public_port = ctx.keystone.public_endpoints[client]
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
run_cmd = get_keystone_venved_cmd(ctx, 'keystone-wsgi-public',
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
[ '--host', public_host, '--port', str(public_port),
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
# Let's put the Keystone in background, wait for EOF
# and after receiving it, send SIGTERM to the daemon.
# This crazy hack is because Keystone, in contrast to
# our other daemons, doesn't quit on stdin.close().
# Teuthology relies on this behaviour.
run.Raw('& { read; kill %1; }')
]
)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
ctx.daemons.add_daemon(
remote, 'keystone', client_public_with_id,
cluster=cluster_name,
args=run_cmd,
logger=log.getChild(client),
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
stdin=run.PIPE,
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
cwd=get_keystone_dir(ctx),
wait=False,
check_status=False,
)
# start the admin endpoint
client_admin_with_id = 'keystone.admin' + '.' + client_id
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
admin_host, admin_port = ctx.keystone.admin_endpoints[client]
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
run_cmd = get_keystone_venved_cmd(ctx, 'keystone-wsgi-admin',
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
[ '--host', admin_host, '--port', str(admin_port),
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
run.Raw('& { read; kill %1; }')
]
)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
ctx.daemons.add_daemon(
remote, 'keystone', client_admin_with_id,
cluster=cluster_name,
args=run_cmd,
logger=log.getChild(client),
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
stdin=run.PIPE,
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
cwd=get_keystone_dir(ctx),
wait=False,
check_status=False,
)
# sleep driven synchronization
qa/tasks/keystone: the task can be now executed also on remotes. Initially it was compatible with local_runner only. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 16:07:48 +00:00
run_in_keystone_venv(ctx, client, [ 'sleep', '15' ])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
try:
yield
finally:
log.info('Stopping Keystone admin instance')
ctx.daemons.get_daemon('keystone', client_admin_with_id,
cluster_name).stop()
log.info('Stopping Keystone public instance')
ctx.daemons.get_daemon('keystone', client_public_with_id,
cluster_name).stop()
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
def dict_to_args(specials, items):
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
"""
Transform
[(key1, val1), (special, val_special), (key3, val3) ]
into:
[ '--key1', 'val1', '--key3', 'val3', 'val_special' ]
"""
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
args = []
special_vals = OrderedDict((k, '') for k in specials.split(','))
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
for (k, v) in items:
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
if k in special_vals:
special_vals[k] = v
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
else:
args.append('--{k}'.format(k=k))
args.append(v)
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
args.extend(arg for arg in special_vals.values() if arg)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
return args
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
def run_section_cmds(ctx, cclient, section_cmd, specials,
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
section_config_list):
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
admin_host, admin_port = ctx.keystone.admin_endpoints[cclient]
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
auth_section = [
qa/tasks/tempest: use user/pass to authenticate instead of using admin token use "admin" user to authenticate, as admin token is not suggested anymore. Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:54:41 +00:00
( 'os-username', 'admin' ),
( 'os-password', 'ADMIN' ),
( 'os-user-domain-id', 'default' ),
( 'os-project-name', 'admin' ),
( 'os-project-domain-id', 'default' ),
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
( 'os-identity-api-version', '3' ),
qa/tasks/tempest: use user/pass to authenticate instead of using admin token use "admin" user to authenticate, as admin token is not suggested anymore. Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:54:41 +00:00
( 'os-auth-url', 'http://{host}:{port}/v3'.format(host=admin_host,
port=admin_port) ),
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
]
for section_item in section_config_list:
run_in_keystone_venv(ctx, cclient,
[ 'openstack' ] + section_cmd.split() +
qa/tasks/keystone.py: support multiple positional args it's required when creating endpoint, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html, where we need to pass <service>, <interface>, and <url> Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-28 15:14:35 +00:00
dict_to_args(specials, auth_section + list(section_item.items())) +
qa/keystone: add --debug to openstack commands Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-12 18:02:29 +00:00
[ '--debug' ])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
tasks/barbican: Added task to deploy and configure barbican Fixed keystone, rgw and s3tests tasks to work with it. Signed-off-by: Adam Kupczyk <akupczyk@redhat.com>
2017-08-21 09:34:21 +00:00
def create_endpoint(ctx, cclient, service, url, adminurl=None):
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
endpoint_sections = [
{'service': service, 'interface': 'public', 'url': url},
]
tasks/barbican: Added task to deploy and configure barbican Fixed keystone, rgw and s3tests tasks to work with it. Signed-off-by: Adam Kupczyk <akupczyk@redhat.com>
2017-08-21 09:34:21 +00:00
if adminurl:
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
endpoint_sections.append(
{'service': service, 'interface': 'admin', 'url': adminurl}
)
run_section_cmds(ctx, cclient, 'endpoint create',
'service,interface,url',
endpoint_sections)
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
@contextlib.contextmanager
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
def fill_keystone(ctx, config):
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
assert isinstance(config, dict)
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
for (cclient, cconfig) in config.items():
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
public_host, public_port = ctx.keystone.public_endpoints[cclient]
url = 'http://{host}:{port}/v3'.format(host=public_host,
port=public_port)
admin_host, admin_port = ctx.keystone.admin_endpoints[cclient]
admin_url = 'http://{host}:{port}/v3'.format(host=admin_host,
port=admin_port)
opts = {'password': 'ADMIN',
'region-id': 'RegionOne',
qa/rgw: fix "cannot create secret" on barbican test fix "cannot create secret" on barbican test Signed-off-by: Or Friedmann <ofriedma@redhat.com> Fixes: https://tracker.ceph.com/issues/47799
2020-11-15 16:43:47 +00:00
'internal-url': url,
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
'admin-url': admin_url,
'public-url': url}
bootstrap_args = chain.from_iterable(('--bootstrap-{}'.format(k), v)
for k, v in opts.items())
run_in_keystone_venv(ctx, cclient,
['keystone-manage', 'bootstrap'] +
list(bootstrap_args))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
# configure tenants/projects
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
run_section_cmds(ctx, cclient, 'domain create', 'name',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('domains', []))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
run_section_cmds(ctx, cclient, 'project create', 'name',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('projects', []))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
run_section_cmds(ctx, cclient, 'user create', 'name',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('users', []))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
run_section_cmds(ctx, cclient, 'role create', 'name',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('roles', []))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
run_section_cmds(ctx, cclient, 'role add', 'name',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('role-mappings', []))
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
run_section_cmds(ctx, cclient, 'service create', 'type',
qa/tasks/keystone: use "keystone-manage bootstrap" * qa/tasks/keystone.py: instead of prefilling keystone manually, use "keystone-manage bootstrap" instead. it helps to setup the admin user, a "Default" domain with "default" id, and wire them up with the expected role and a "admin" project, etc. as id of the admin domain is known to be "default", we can just use it in our tests without querying openstack for the id of "Default" domain. this is very handy. * qa/suites/rgw/tempest/tasks/rgw_tempest.yaml: use "Default" for domain name. as "Default" is the name of the domain created by bootstrap, while "default" is its id. * qa/suites/rgw/crypt/2-kms/barbican.yaml: remove settings to bootstrap keystone Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-31 00:38:00 +00:00
cconfig.get('services', []))
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
# for the deferred endpoint creation; currently it's used in rgw.py
ctx.keystone.create_endpoint = create_endpoint
# sleep driven synchronization -- just in case
run_in_keystone_venv(ctx, cclient, [ 'sleep', '3' ])
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
try:
yield
finally:
pass
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
def assign_ports(ctx, config, initial_port):
"""
Assign port numbers starting from @initial_port
"""
port = initial_port
role_endpoints = {}
qa: get rid of iteritems for python3 compatibility Fixes: https://tracker.ceph.com/issues/42267 Signed-off-by: Kyr Shatskyy <kyrylo.shatskyy@suse.com>
2019-10-09 12:36:58 +00:00
for remote, roles_for_host in ctx.cluster.remotes.items():
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
for role in roles_for_host:
if role in config:
role_endpoints[role] = (remote.name.split('@')[1], port)
port += 1
return role_endpoints
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
@contextlib.contextmanager
def task(ctx, config):
"""
Deploy and configure Keystone
Example of configuration:
qa/tasks/tox: separate tox deployment from Keystone. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 23:23:31 +00:00
- install:
- ceph:
- tox: [ client.0 ]
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
- keystone:
client.0:
force-branch: master
qa/suites/rgw/tempest: bump up keystone to 17.0.0 * also generate a sample conf file following the document at https://github.com/openstack/keystone/tree/17.0.0.0rc2/etc * use "projects" instead of "tenants" to match the terminology used by openstack identify API 3.0. * test API 3.0 instead of API 2.0, by changing `rgw_keystone_api_version` from "2" to "3" * explicitly specify a domain "default" for project to be created, otherwise a POST request will fail with: ``` {"error":{"code":400,"message":"You have tried to create a resource using the admin token. As this token is not within a domain you must explicitly include a domain for this resource to belong to.","title":"Bad Request"}} ```` * create "default" domain, and use it, othewise a GET request fails like: ``` 2020-05-28T11:17:28.751 INFO:teuthology.orchestra.run.smithi092.stderr:http://smithi092.front.sepia.ceph.com:35357 "GET /v3/domains/default HTTP/1.1" 404 87 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP: [404] Content-Length: 87 Content-Type: application/json Date: Thu, 28 May 2020 11:17:28 GMT Server: WSGIServer/0.2 CPython/3.6.9 Vary: X-Auth-Token x-openstack-request-id: req-bc33796f-2bc3-411c-a7fb-1208918e0dbd 2020-05-28T11:17:28.752 INFO:teuthology.orchestra.run.smithi092.stderr:RESP BODY: {"error":{"code":404,"message":"Could not find domain: default.","title":"Not Found"}} ``` * add user to "default" domain when creating it. * use "type" as the positional argument, per https://docs.openstack.org/keystone/pike/admin/cli-keystone-manage-services.html otherwise we will have failures like: ``` 2020-05-28T13:38:24.867 INFO:teuthology.orchestra.run.smithi198.stderr:openstack service create: error: unrecognized arguments: --type keystone ``` * update `create_endpoint()` to use the V3 API, see https://docs.openstack.org/python-openstackclient/pike/cli/command-objects/endpoint.html Fixes: https://tracker.ceph.com/issues/45692 Signed-off-by: Kefu Chai <kchai@redhat.com>
2020-05-25 07:52:04 +00:00
domains:
- name: default
description: Default Domain
projects:
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
- name: admin
description: Admin Tenant
users:
- name: admin
password: ADMIN
project: admin
roles: [ name: admin, name: Member ]
role-mappings:
- name: admin
user: admin
project: admin
services:
- name: keystone
type: identity
description: Keystone Identity Service
- name: swift
type: object-store
description: Swift Service
"""
assert config is None or isinstance(config, list) \
or isinstance(config, dict), \
"task keystone only supports a list or dictionary for configuration"
qa/tasks/tox: separate tox deployment from Keystone. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 23:23:31 +00:00
tasks/barbican: Added task to deploy and configure barbican Fixed keystone, rgw and s3tests tasks to work with it. Signed-off-by: Adam Kupczyk <akupczyk@redhat.com>
2017-08-21 09:34:21 +00:00
if not hasattr(ctx, 'tox'):
qa/tasks/tox: separate tox deployment from Keystone. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-13 23:23:31 +00:00
raise ConfigError('keystone must run after the tox task')
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
all_clients = ['client.{id}'.format(id=id_)
for id_ in teuthology.all_roles_of_type(ctx.cluster, 'client')]
if config is None:
config = all_clients
if isinstance(config, list):
config = dict.fromkeys(config)
log.debug('Keystone config is %s', config)
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
ctx.keystone = argparse.Namespace()
ctx.keystone.public_endpoints = assign_ports(ctx, config, 5000)
ctx.keystone.admin_endpoints = assign_ports(ctx, config, 35357)
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
with contextutil.nested(
lambda: download(ctx=ctx, config=config),
qa/keystone: use bindep to discover keystone's dependencies downloads the keystone repository first, because we need keystone/bindep.txt to discover the binary dependencies Signed-off-by: Casey Bodley <cbodley@redhat.com>
2019-09-05 15:09:26 +00:00
lambda: install_packages(ctx=ctx, config=config),
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
lambda: setup_venv(ctx=ctx, config=config),
lambda: configure_instance(ctx=ctx, config=config),
lambda: run_keystone(ctx=ctx, config=config),
qa, rgw: Keystone's instances can be now accessed via non-local network interfaces. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-19 14:20:05 +00:00
lambda: fill_keystone(ctx=ctx, config=config),
qa/tasks/keystone: deploy a Keystone instance for testing RadosGW. Signed-off-by: Radoslaw Zarzynski <rzarzyns@redhat.com>
2017-07-04 09:58:10 +00:00
):
yield
Reference in New Issue Copy Permalink