diff --git a/qa/suites/rgw/iam/% b/qa/suites/rgw/iam/% deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/qa/suites/rgw/iam/.qa b/qa/suites/rgw/iam/.qa deleted file mode 120000 index a602a0353e7..00000000000 --- a/qa/suites/rgw/iam/.qa +++ /dev/null @@ -1 +0,0 @@ -../.qa/ \ No newline at end of file diff --git a/qa/suites/rgw/iam/cluster.yaml b/qa/suites/rgw/iam/cluster.yaml deleted file mode 120000 index 230ff0fdab4..00000000000 --- a/qa/suites/rgw/iam/cluster.yaml +++ /dev/null @@ -1 +0,0 @@ -.qa/clusters/fixed-2.yaml \ No newline at end of file diff --git a/qa/suites/rgw/iam/ignore-pg-availability.yaml b/qa/suites/rgw/iam/ignore-pg-availability.yaml deleted file mode 120000 index 32340b1fa8b..00000000000 --- a/qa/suites/rgw/iam/ignore-pg-availability.yaml +++ /dev/null @@ -1 +0,0 @@ -.qa/rgw/ignore-pg-availability.yaml \ No newline at end of file diff --git a/qa/suites/rgw/iam/objectstore.yaml b/qa/suites/rgw/iam/objectstore.yaml deleted file mode 120000 index a59cf517506..00000000000 --- a/qa/suites/rgw/iam/objectstore.yaml +++ /dev/null @@ -1 +0,0 @@ -.qa/objectstore/bluestore-bitmap.yaml \ No newline at end of file diff --git a/qa/suites/rgw/iam/pool-type.yaml b/qa/suites/rgw/iam/pool-type.yaml deleted file mode 120000 index 697b33b2043..00000000000 --- a/qa/suites/rgw/iam/pool-type.yaml +++ /dev/null @@ -1 +0,0 @@ -.qa/rgw_pool_type/replicated.yaml \ No newline at end of file diff --git a/qa/suites/rgw/iam/rgw_frontend b/qa/suites/rgw/iam/rgw_frontend deleted file mode 120000 index 030cd6ac8dc..00000000000 --- a/qa/suites/rgw/iam/rgw_frontend +++ /dev/null @@ -1 +0,0 @@ -.qa/rgw_frontend/ \ No newline at end of file diff --git a/qa/suites/rgw/iam/supported_random_distro$ b/qa/suites/rgw/iam/supported_random_distro$ deleted file mode 120000 index 0862b4457b3..00000000000 --- a/qa/suites/rgw/iam/supported_random_distro$ +++ /dev/null @@ -1 +0,0 @@ -.qa/distros/supported-random-distro$ \ No newline at end of file diff --git a/qa/suites/rgw/iam/tasks/+ b/qa/suites/rgw/iam/tasks/+ deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/qa/suites/rgw/iam/tasks/.qa b/qa/suites/rgw/iam/tasks/.qa deleted file mode 120000 index a602a0353e7..00000000000 --- a/qa/suites/rgw/iam/tasks/.qa +++ /dev/null @@ -1 +0,0 @@ -../.qa/ \ No newline at end of file diff --git a/qa/suites/rgw/iam/tasks/0-install.yaml b/qa/suites/rgw/iam/tasks/0-install.yaml deleted file mode 100644 index 013ccbd26fe..00000000000 --- a/qa/suites/rgw/iam/tasks/0-install.yaml +++ /dev/null @@ -1,15 +0,0 @@ -tasks: -- install: -- ceph: -- openssl_keys: -- rgw: - client.0: - -overrides: - ceph: - conf: - global: - osd_min_pg_log_entries: 10 - osd_max_pg_log_entries: 10 - client: - rgw lc debug interval: 10 diff --git a/qa/suites/rgw/iam/tasks/iamtests.yaml b/qa/suites/rgw/iam/tasks/iamtests.yaml deleted file mode 100644 index 4285f6ccc02..00000000000 --- a/qa/suites/rgw/iam/tasks/iamtests.yaml +++ /dev/null @@ -1,7 +0,0 @@ -tasks: -- s3tests: - client.0: - iam_tests: True - extra_attrs: ["test_of_iam","!fails_on_rgw"] - force-branch: ceph-master - rgw_server: client.0 \ No newline at end of file diff --git a/qa/tasks/s3tests.py b/qa/tasks/s3tests.py index 72214c928d1..31b9623251d 100644 --- a/qa/tasks/s3tests.py +++ b/qa/tasks/s3tests.py @@ -98,156 +98,93 @@ def create_users(ctx, config): log.info('Creating rgw users...') testdir = teuthology.get_testdir(ctx) - if ctx.sts_variable or ctx.iam_variable: - users = {'s3 main': 'foo', 's3 alt': 'bar', 's3 tenant': 'testx$tenanteduser', 'iam': 'foobar'} - for client in config['clients']: - s3tests_conf = config['s3tests_conf'][client] - s3tests_conf.setdefault('fixtures', {}) - s3tests_conf['fixtures'].setdefault('bucket prefix', 'test-' + client + '-{random}-') - for section, user in users.items(): - _config_user(s3tests_conf, section, '{user}.{client}'.format(user=user, client=client)) - log.debug('Creating user {user} on {host}'.format(user=s3tests_conf[section]['user_id'], host=client)) - cluster_name, daemon_type, client_id = teuthology.split_role(client) - client_with_id = daemon_type + '.' + client_id - if section=='iam': - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'user', 'create', - '--uid', s3tests_conf[section]['user_id'], - '--display-name', s3tests_conf[section]['display_name'], - '--access-key', s3tests_conf[section]['access_key'], - '--secret', s3tests_conf[section]['secret_key'], - '--cluster', cluster_name, - ], - ) - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'caps', 'add', - '--uid', s3tests_conf[section]['user_id'], - '--caps', 'user-policy=*', - '--cluster', cluster_name, - ], - ) - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'caps', 'add', - '--uid', s3tests_conf[section]['user_id'], - '--caps', 'roles=*', - '--cluster', cluster_name, - ], - ) - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'caps', 'add', - '--uid', s3tests_conf[section]['user_id'], - '--caps', 'oidc-provider=*', - '--cluster', cluster_name, - ], - ) + users = {'s3 main': 'foo', 's3 alt': 'bar', 's3 tenant': 'testx$tenanteduser', 'iam': 'foobar'} + for client in config['clients']: + s3tests_conf = config['s3tests_conf'][client] + s3tests_conf.setdefault('fixtures', {}) + s3tests_conf['fixtures'].setdefault('bucket prefix', 'test-' + client + '-{random}-') + for section, user in users.items(): + _config_user(s3tests_conf, section, '{user}.{client}'.format(user=user, client=client)) + log.debug('Creating user {user} on {host}'.format(user=s3tests_conf[section]['user_id'], host=client)) + cluster_name, daemon_type, client_id = teuthology.split_role(client) + client_with_id = daemon_type + '.' + client_id + # create user + ctx.cluster.only(client).run( + args=[ + 'adjust-ulimits', + 'ceph-coverage', + '{tdir}/archive/coverage'.format(tdir=testdir), + 'radosgw-admin', + '-n', client_with_id, + 'user', 'create', + '--uid', s3tests_conf[section]['user_id'], + '--display-name', s3tests_conf[section]['display_name'], + '--access-key', s3tests_conf[section]['access_key'], + '--secret', s3tests_conf[section]['secret_key'], + '--cluster', cluster_name, + ], + ) - else: - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'user', 'create', - '--uid', s3tests_conf[section]['user_id'], - '--display-name', s3tests_conf[section]['display_name'], - '--access-key', s3tests_conf[section]['access_key'], - '--secret', s3tests_conf[section]['secret_key'], - '--email', s3tests_conf[section]['email'], - '--caps', 'user-policy=*', - '--cluster', cluster_name, - ], - ) - if not ctx.dbstore_variable: - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'mfa', 'create', - '--uid', s3tests_conf[section]['user_id'], - '--totp-serial', s3tests_conf[section]['totp_serial'], - '--totp-seed', s3tests_conf[section]['totp_seed'], - '--totp-seconds', s3tests_conf[section]['totp_seconds'], - '--totp-window', '8', - '--totp-seed-type', 'base32', - '--cluster', cluster_name, - ], - ) - - else: - users = {'s3 main': 'foo', 's3 alt': 'bar', 's3 tenant': 'testx$tenanteduser'} - for client in config['clients']: - s3tests_conf = config['s3tests_conf'][client] - s3tests_conf.setdefault('fixtures', {}) - s3tests_conf['fixtures'].setdefault('bucket prefix', 'test-' + client + '-{random}-') - for section, user in users.items(): - _config_user(s3tests_conf, section, '{user}.{client}'.format(user=user, client=client)) - log.debug('Creating user {user} on {host}'.format(user=s3tests_conf[section]['user_id'], host=client)) - cluster_name, daemon_type, client_id = teuthology.split_role(client) - client_with_id = daemon_type + '.' + client_id + if not ctx.dbstore_variable: ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'user', 'create', - '--uid', s3tests_conf[section]['user_id'], - '--display-name', s3tests_conf[section]['display_name'], - '--access-key', s3tests_conf[section]['access_key'], - '--secret', s3tests_conf[section]['secret_key'], - '--email', s3tests_conf[section]['email'], - '--caps', 'user-policy=*', - '--cluster', cluster_name, - ], - ) - if not ctx.dbstore_variable: - ctx.cluster.only(client).run( - args=[ - 'adjust-ulimits', - 'ceph-coverage', - '{tdir}/archive/coverage'.format(tdir=testdir), - 'radosgw-admin', - '-n', client_with_id, - 'mfa', 'create', - '--uid', s3tests_conf[section]['user_id'], - '--totp-serial', s3tests_conf[section]['totp_serial'], - '--totp-seed', s3tests_conf[section]['totp_seed'], - '--totp-seconds', s3tests_conf[section]['totp_seconds'], - '--totp-window', '8', - '--totp-seed-type', 'base32', - '--cluster', cluster_name, - ], - ) + args=[ + 'adjust-ulimits', + 'ceph-coverage', + '{tdir}/archive/coverage'.format(tdir=testdir), + 'radosgw-admin', + '-n', client_with_id, + 'mfa', 'create', + '--uid', s3tests_conf[section]['user_id'], + '--totp-serial', s3tests_conf[section]['totp_serial'], + '--totp-seed', s3tests_conf[section]['totp_seed'], + '--totp-seconds', s3tests_conf[section]['totp_seconds'], + '--totp-window', '8', + '--totp-seed-type', 'base32', + '--cluster', cluster_name, + ], + ) + + # add/configure caps for iam user + if section=='iam': + ctx.cluster.only(client).run( + args=[ + 'adjust-ulimits', + 'ceph-coverage', + '{tdir}/archive/coverage'.format(tdir=testdir), + 'radosgw-admin', + '-n', client_with_id, + 'caps', 'add', + '--uid', s3tests_conf[section]['user_id'], + '--caps', 'user-policy=*', + '--cluster', cluster_name, + ], + ) + ctx.cluster.only(client).run( + args=[ + 'adjust-ulimits', + 'ceph-coverage', + '{tdir}/archive/coverage'.format(tdir=testdir), + 'radosgw-admin', + '-n', client_with_id, + 'caps', 'add', + '--uid', s3tests_conf[section]['user_id'], + '--caps', 'roles=*', + '--cluster', cluster_name, + ], + ) + ctx.cluster.only(client).run( + args=[ + 'adjust-ulimits', + 'ceph-coverage', + '{tdir}/archive/coverage'.format(tdir=testdir), + 'radosgw-admin', + '-n', client_with_id, + 'caps', 'add', + '--uid', s3tests_conf[section]['user_id'], + '--caps', 'oidc-provider=*', + '--cluster', cluster_name, + ], + ) if "TOKEN" in os.environ: s3tests_conf.setdefault('webidentity', {}) @@ -453,7 +390,7 @@ def run_tests(ctx, config): else: args += ['REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt'] # civetweb > 1.8 && beast parsers are strict on rfc2616 - attrs = ["!fails_on_rgw", "!lifecycle_expiration", "!fails_strict_rfc2616","!test_of_sts","!webidentity_test","!test_of_iam"] + attrs = ["!fails_on_rgw", "!lifecycle_expiration", "!fails_strict_rfc2616","!test_of_sts","!webidentity_test"] if client_config.get('calling-format') != 'ordinary': attrs += ['!fails_with_subdomain'] if not client_config.get('with-sse-s3'): @@ -582,17 +519,6 @@ def task(ctx, config): cloudtier_tests: True rgw_server: client.0 - To run any iam-tests don't forget to set a config variable named 'iam_tests' to 'True' as follows:: - - tasks: - - ceph: - - rgw: [client.0] - - s3tests: - client.0: - extra_attrs: ["test_of_iam"] - iam_tests: True - rgw_server: client.0 - """ assert hasattr(ctx, 'rgw'), 's3tests must run after the rgw task' assert config is None or isinstance(config, list) \ @@ -633,11 +559,6 @@ def task(ctx, config): else: ctx.dbstore_variable = False - if 'iam_tests' in client_config: - ctx.iam_variable = True - else: - ctx.iam_variable = False - #This will be the structure of config file when you want to run webidentity_test (sts-test) if ctx.sts_variable and "TOKEN" in os.environ: for client in clients: @@ -662,7 +583,7 @@ def task(ctx, config): } ) - elif ctx.sts_variable or ctx.iam_variable: + elif ctx.sts_variable: #This will be the structure of config file when you want to run assume_role_test and get_session_token_test (sts-test) or iam-tests for client in clients: endpoint = ctx.rgw.role_endpoints.get(client) @@ -680,8 +601,8 @@ def task(ctx, config): 'fixtures' : {}, 's3 main' : {}, 's3 alt' : {}, - 's3 tenant' : {}, 'iam' : {}, + 's3 tenant' : {}, } ) @@ -726,6 +647,7 @@ def task(ctx, config): 's3 main' : {}, 's3 alt' : {}, 's3 tenant' : {}, + 'iam' : {}, } )