Merge pull request #1 from camille-rodriguez/master

Add functional tests
2020-03-30 16:36:31 -05:00 · 2020-03-30 16:36:31 -05:00 · b5645c8958
commit b5645c8958
parent bebba096e3 68eefb0758
10 changed files with 310 additions and 12 deletions
--- a/src/README.md
+++ b/src/README.md
@ -4,22 +4,17 @@ This subordinate charm provides a way to authenticate in Openstack for
 a specific domain with a Kerberos ticket. This provides an additional 
 security layer. An external Kerberos server is necessary.

-The following documentation is useful to understand better the charm 
-implementation:
-
-* https://www.objectif-libre.com/fr/blog/2018/02/26/kerberos-authentication-for-keystone/ 
-* https://jaosorior.dev/2018/keberos-for-keystone-with-mod_auth_gssapi/
+This kerberos subordinate charm is supported on Ubuntu Bionic (18.04 LTS) with 
+the Openstack versions Queens and later. 


 # Usage

-Use this charm with the Keystone and Keystone-LDAP charms:
+Use this charm with the Keystone charm:
    
    juju deploy keystone
-    juju deploy keystone-ldap
    juju deploy openstack-dashboard
    juju deploy keystone-kerberos
-    juju add-relation keystone keystone-ldap
    juju add-relation keystone openstack-dashboard
    juju add-relation keystone keystone-kerberos
    
@ -47,8 +42,7 @@ In a bundle:

 To authenticate against Keystone and Kerberos from a host, the following 
 librairies need to be installed :
- sudo apt install krb5-user gcc python-dev libkrb5-dev python-pip
- pip install keystoneauth1[kerberos]
+- sudo apt install krb5-user python3-openstackclient python3-requests-kerberos

 # Configuration

--- a/src/metadata.yaml
+++ b/src/metadata.yaml
@ -11,7 +11,7 @@ tags:
  - ldap
 series:
  - bionic
-  - eoan
+  - focal
 subordinate: true
 provides:
  keystone-fid-service-provider:
--- a/src/test-requirements.txt
+++ b/src/test-requirements.txt
@ -5,4 +5,4 @@
 #
 # Functional Test Requirements (let Zaza's dependencies solve all dependencies here!)
 git+https://github.com/openstack-charmers/zaza.git#egg=zaza
-git+https://github.com/openstack-charmers/zaza-openstack-tests.git#egg=zaza.openstack
+git+https://github.com/openstack-charmers/zaza-openstack-tests.git#egg=zaza.openstack
--- a/src/tests/bundles/bionic-queens.yaml
+++ b/src/tests/bundles/bionic-queens.yaml
@ -0,0 +1,47 @@
+series: bionic
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/bundles/bionic-rocky.yaml
+++ b/src/tests/bundles/bionic-rocky.yaml
@ -0,0 +1,47 @@
+series: bionic
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/bundles/bionic-stein.yaml
+++ b/src/tests/bundles/bionic-stein.yaml
@ -0,0 +1,47 @@
+series: bionic
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/bundles/bionic-train.yaml
+++ b/src/tests/bundles/bionic-train.yaml
@ -0,0 +1,47 @@
+series: bionic
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/bundles/bionic-ussuri.yaml
+++ b/src/tests/bundles/bionic-ussuri.yaml
@ -0,0 +1,47 @@
+series: bionic
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/bundles/focal-ussuri.yaml
+++ b/src/tests/bundles/focal-ussuri.yaml
@ -0,0 +1,47 @@
+series: focal
+comment:
+- 'machines section to decide order of deployment. database sooner = faster'
+machines:
+  '0':
+    constraints: mem=3072M
+  '1':
+  '2':
+  '3':
+relations:
+- - keystone:shared-db
+  - mysql:shared-db
+- - keystone
+  - keystone-kerberos
+applications:
+  mysql:
+    charm: cs:~openstack-charmers-next/percona-cluster
+    num_units: 1
+    to:
+    - '0'
+  keystone:
+    charm: cs:~openstack-charmers-next/keystone
+    num_units: 1
+    options:
+      token-provider: 'fernet'
+      token-expiration: 60
+    to:
+    - '1'
+  keystone-kerberos:
+    charm: ../../../keystone-kerberos
+    options:
+      kerberos-realm: 'TESTUBUNTU.COM'
+      kerberos-server: 'kerberos.testubuntu.com'
+      kerberos-domain: 'k8s'
+    resource:
+      keystone_keytab: keystone.keytab
+
+  kerberos-server:
+    charm: cs:~openstack-charmers-next/kerberos-test-fixture
+    num_units: 1
+    to:
+      - '2'
+  ubuntu-test-host:
+    charm: cs:ubuntu
+    num_units: 1
+    to:
+      - '3'
--- a/src/tests/tests.yaml
+++ b/src/tests/tests.yaml
@ -0,0 +1,22 @@
+charm_name: keystone-kerberos
+smoke_bundles:
+  - bionic-train
+gate_bundles:
+  - bionic-queens
+  - bionic-rocky
+  - bionic-stein
+  - bionic-train
+dev_bundles:
+  - bionic-ussuri
+  - focal-ussuri
+configure:
+  - zaza.openstack.charm_tests.kerberos.setup.run_all_configuration_steps
+tests:
+  - zaza.openstack.charm_tests.kerberos.tests.CharmKeystoneKerberosTest
+tests_options:
+  force_deploy:
+    - focal-ussuri
+target_deploy_status:
+  keystone-kerberos:
+    workload-status: blocked
+    workload-status-message:  "Kerberos configuration incomplete"