From ce18faa92b16a6f7333e580dfd98ed2039b1a9b0 Mon Sep 17 00:00:00 2001 From: Lukas Piwowarski Date: Wed, 22 Apr 2020 12:44:50 +0000 Subject: [PATCH] Fix heat plugin support During the configuration of the heat plugin: - the 'auth_version' attribute was not set correctly, - the 'demo_tempestconf' user was not assigned the 'member' role, - a network within the demo project with a subnet was not created. This was causing the heat plugin to fail. The 'auth_version' is now set correctly, and the 'demo_tempestconf' user is assigned the 'member' role when configuring the heat plugin. Also, a network within the demo project with a subnet is created. Story: 2007464 Task: 39151 Change-Id: I6d6f2247ecb13317767ebbf93a413bcaff386141 --- config_tempest/clients.py | 34 +++++---- config_tempest/main.py | 4 +- config_tempest/services/identity.py | 5 ++ config_tempest/services/network.py | 2 +- config_tempest/services/orchestration.py | 71 +++++++++++++++---- .../tests/services/test_identity.py | 2 + config_tempest/users.py | 3 + 7 files changed, 90 insertions(+), 31 deletions(-) diff --git a/config_tempest/clients.py b/config_tempest/clients.py index bdc4b755..d9cc3b3b 100644 --- a/config_tempest/clients.py +++ b/config_tempest/clients.py @@ -29,6 +29,7 @@ from tempest.lib.services.identity.v3 import services_client as s_client from tempest.lib.services.identity.v3 import users_client as users_v3_client from tempest.lib.services.image.v2 import images_client from tempest.lib.services.network import networks_client +from tempest.lib.services.network import subnets_client from tempest.lib.services.object_storage import account_client try: # Since Rocky, volume.v3.services_client is the default @@ -155,20 +156,21 @@ class ClientManager(object): self.identity_region, **default_params) - self.networks = None + self.networks = networks_client.NetworksClient( + self.auth_provider, + conf.get_defaulted('network', 'catalog_type'), + self.identity_region, + endpoint_type=conf.get_defaulted('network', + 'endpoint_type'), + **default_params) - def create_neutron_client(): - if self.networks is None: - self.networks = networks_client.NetworksClient( - self.auth_provider, - conf.get_defaulted('network', 'catalog_type'), - self.identity_region, - endpoint_type=conf.get_defaulted('network', - 'endpoint_type'), - **default_params) - return self.networks - - self.get_neutron_client = create_neutron_client + self.subnets = subnets_client.SubnetsClient( + self.auth_provider, + conf.get_defaulted('network', 'catalog_type'), + self.identity_region, + endpoint_type=conf.get_defaulted('network', + 'endpoint_type'), + **default_params) # Set admin project id needed for keystone v3 tests. if creds.admin: @@ -237,6 +239,12 @@ class ClientManager(object): return self.volume_client elif service_name == "metering": return self.service_client + elif service_name == "orchestration": + return {'projects': self.projects, + 'roles': self.roles, + 'users': self.users, + 'networks': self.networks, + 'subnets': self.subnets} else: return None diff --git a/config_tempest/main.py b/config_tempest/main.py index c30ac5ef..90781588 100755 --- a/config_tempest/main.py +++ b/config_tempest/main.py @@ -207,7 +207,6 @@ def set_options(conf, deployer_input, non_admin, image_path, overrides=[], uri = conf.get("identity", "uri") if "v3" in uri: - conf.set("identity", "auth_version", "v3") conf.set("identity", "uri_v3", uri) else: # TODO(arxcruz) make a check if v3 is enabled @@ -521,12 +520,13 @@ def config_tempest(**kwargs): credentials = Credentials(conf, not kwargs.get('non_admin', False)) clients = ClientManager(conf, credentials) - services = Services(clients, conf, credentials) if kwargs.get('create', False) and kwargs.get('test_accounts') is None: users = Users(clients.projects, clients.roles, clients.users, conf) users.create_tempest_users() + services = Services(clients, conf, credentials) + if services.is_service(**{"type": "compute"}): flavors = Flavors(clients.flavors, kwargs.get('create', False), conf, kwargs.get('flavor_min_mem', C.DEFAULT_FLAVOR_RAM), diff --git a/config_tempest/services/identity.py b/config_tempest/services/identity.py index 63024306..217cded5 100644 --- a/config_tempest/services/identity.py +++ b/config_tempest/services/identity.py @@ -117,6 +117,11 @@ class IdentityService(VersionedService): def set_default_tempest_options(self, conf): """Set keystone feature flags based upon version ID.""" supported_versions = self.get_versions() + + if supported_versions: + major, minor = supported_versions[0].split('.') + conf.set('identity', 'auth_version', major) + if len(supported_versions) <= 1: return for version in supported_versions: diff --git a/config_tempest/services/network.py b/config_tempest/services/network.py index 4586e6d0..5f11b901 100644 --- a/config_tempest/services/network.py +++ b/config_tempest/services/network.py @@ -27,7 +27,7 @@ class NetworkService(VersionedService): def create_tempest_networks(self, conf, network_id): LOG.info("Setting up network") - self.client = self.client.get_neutron_client() + self.client = self.client.networks self.create_tempest_networks_neutron(conf, network_id) def create_tempest_networks_neutron(self, conf, public_network_id): diff --git a/config_tempest/services/orchestration.py b/config_tempest/services/orchestration.py index f47b902f..80645fa7 100644 --- a/config_tempest/services/orchestration.py +++ b/config_tempest/services/orchestration.py @@ -17,6 +17,7 @@ from six.moves import configparser from config_tempest.constants import LOG from config_tempest.services.base import Service +from config_tempest.users import Users class OrchestrationService(Service): @@ -31,32 +32,28 @@ class OrchestrationService(Service): def set_default_tempest_options(self, conf): try: - uri = conf.get('identity', 'uri') - if 'v3' not in uri: - return sec = 'heat_plugin' - # Tempest doesn't differentiate between admin or demo creds anymore - username = conf.get('auth', 'admin_username') - password = conf.get('auth', 'admin_password') - conf.set(sec, 'username', username) - conf.set(sec, 'password', password) - conf.set(sec, 'admin_username', username) - conf.set(sec, 'admin_password', password) + + conf.set(sec, 'username', conf.get('identity', 'username')) + conf.set(sec, 'password', conf.get('identity', 'password')) + conf.set(sec, 'admin_username', conf.get('auth', 'admin_username')) + conf.set(sec, 'admin_password', conf.get('auth', 'admin_password')) conf.set(sec, 'project_name', conf.get('identity', 'project_name')) + admin_project_name = conf.get('auth', 'admin_project_name') + conf.set(sec, 'admin_project_name', admin_project_name) conf.set(sec, 'region', conf.get('identity', 'region')) - conf.set(sec, 'auth_url', uri) v = '3' if conf.get('identity', 'auth_version') == 'v3' else '2' + if v == '3': + conf.set(sec, 'auth_url', conf.get('identity', 'uri_v3')) + else: + conf.set(sec, 'auth_url', conf.get('identity', 'uri')) conf.set(sec, 'auth_version', v) domain_name = conf.get('auth', 'admin_domain_name') conf.set(sec, 'project_domain_name', domain_name) conf.set(sec, 'user_domain_name', domain_name) - conf.set(sec, 'image_ssh_user', 'root') - conf.set(sec, 'network_for_ssh', 'public') - conf.set(sec, 'fixed_network_name', 'public') - # should be set to True if using self-signed SSL certificates which # is a general case conf.set(sec, 'disable_ssl_certificate_validation', 'True') @@ -64,6 +61,46 @@ class OrchestrationService(Service): LOG.warning("Be aware that an option required for " "heat_tempest_plugin cannot be set!") + networks_client = self.client['networks'] + subnets_client = self.client['subnets'] + projects_client = self.client['projects'] + roles_client = self.client['roles'] + users_client = self.client['users'] + + heat_network_name = "heat_tempestconf_network" + heat_subnet_name = "heat_tempestconf_subnet" + project = conf.get('identity', 'project_name') + + try: + network_list = networks_client.list_networks() + heat_network = [network for network in network_list['networks'] + if network['name'] == heat_network_name] + + if not heat_network: + project_id = projects_client.get_project_by_name(project)['id'] + heat_network = networks_client.create_network( + name=heat_network_name, + project_id=project_id) + heat_network_id = heat_network['network']['id'] + subnets_client.create_subnet( + network_id=heat_network_id, + ip_version=4, + cidr="192.168.199.0/24", + name=heat_subnet_name) + + conf.set(sec, 'fixed_network_name', heat_network_name) + except Exception: + LOG.warning("Could not create network within the %s project " + "needed by heat tempest plugin!", project) + + try: + users = Users(projects_client, roles_client, users_client, conf) + username = conf.get('identity', 'username') + users.give_role_to_user(username, "member") + except Exception: + LOG.warning("Could not assign role 'member' to user '%s'!", + username) + def post_configuration(self, conf, is_service): if conf.has_section('compute'): compute_options = conf.options('compute') @@ -79,3 +116,7 @@ class OrchestrationService(Service): if 'image_ref_alt' in compute_options: conf.set('heat_plugin', 'image_ref', conf.get('compute', 'image_ref_alt')) + if conf.has_section('network'): + network = conf.get('network', 'floating_network_name') + conf.set('heat_plugin', 'network_for_ssh', network) + conf.set('heat_plugin', 'floating_network_name', network) diff --git a/config_tempest/tests/services/test_identity.py b/config_tempest/tests/services/test_identity.py index 49d9fa43..1e8d83d5 100644 --- a/config_tempest/tests/services/test_identity.py +++ b/config_tempest/tests/services/test_identity.py @@ -92,3 +92,5 @@ class TestIdentityService(BaseServiceTest): self.assertEqual( conf.get('identity-feature-enabled', 'forbid_global_implied_dsr'), 'True') + self.assertEqual( + conf.get('identity', 'auth_version'), 'v3') diff --git a/config_tempest/users.py b/config_tempest/users.py index d8d83a5d..0b12c68b 100644 --- a/config_tempest/users.py +++ b/config_tempest/users.py @@ -60,7 +60,10 @@ class Users(object): proj_id = self.projects_client.get_project_by_name(project_name)['id'] users = self.users_client.list_users() user_ids = [u['id'] for u in users['users'] if u['name'] == username] + if not user_ids: + raise Exception("user %s not found" % username) user_id = user_ids[0] + roles = self.roles_client.list_roles() self.check_user_roles(roles) role_ids = [r['id'] for r in roles['roles'] if r['name'] == role_name]