test_keystone.py 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281
  1. # -*- coding: utf-8 -*-
  2. '''
  3. Tests for the Keystone states
  4. '''
  5. # Import python libs
  6. from __future__ import absolute_import, unicode_literals, print_function
  7. import logging
  8. # Import Salt Testing libs
  9. from tests.support.case import ModuleCase
  10. from tests.support.unit import skipIf
  11. from tests.support.mixins import SaltReturnAssertsMixin
  12. log = logging.getLogger(__name__)
  13. import pytest
  14. NO_KEYSTONE = False
  15. try:
  16. import keystoneclient # pylint: disable=import-error,unused-import
  17. except ImportError:
  18. NO_KEYSTONE = True
  19. @skipIf(
  20. NO_KEYSTONE,
  21. 'Please install keystoneclient and a keystone server before running'
  22. 'keystone integration tests.'
  23. )
  24. class KeystoneStateTest(ModuleCase, SaltReturnAssertsMixin):
  25. '''
  26. Validate the keystone state
  27. '''
  28. endpoint = 'http://localhost:35357/v2.0'
  29. token = 'administrator'
  30. @pytest.mark.destructive_test
  31. def setUp(self):
  32. ret = self.run_state('keystone.service_present',
  33. name='keystone',
  34. description='OpenStack Identity',
  35. service_type='identity',
  36. connection_endpoint=self.endpoint,
  37. connection_token=self.token)
  38. self.assertTrue(ret['keystone_|-keystone_|-keystone_|-service_present']['result'])
  39. ret = self.run_state('keystone.endpoint_present',
  40. name='keystone',
  41. region='RegionOne',
  42. publicurl='http://localhost:5000/v2.0',
  43. internalurl='http://localhost:5000/v2.0',
  44. adminurl='http://localhost:35357/v2.0',
  45. connection_endpoint=self.endpoint,
  46. connection_token=self.token)
  47. self.assertTrue(ret['keystone_|-keystone_|-keystone_|-endpoint_present']['result'])
  48. ret = self.run_state('keystone.tenant_present',
  49. name='admin',
  50. description='Admin Project',
  51. connection_endpoint=self.endpoint,
  52. connection_token=self.token)
  53. self.assertTrue(ret['keystone_|-admin_|-admin_|-tenant_present']['result'])
  54. ret = self.run_state('keystone.tenant_present',
  55. name='demo',
  56. description='Demo Project',
  57. connection_endpoint=self.endpoint,
  58. connection_token=self.token)
  59. self.assertTrue(ret['keystone_|-demo_|-demo_|-tenant_present']['result'])
  60. ret = self.run_state('keystone.role_present',
  61. name='admin',
  62. connection_endpoint=self.endpoint,
  63. connection_token=self.token)
  64. self.assertTrue(ret['keystone_|-admin_|-admin_|-role_present']['result'])
  65. ret = self.run_state('keystone.role_present',
  66. name='user',
  67. connection_endpoint=self.endpoint,
  68. connection_token=self.token)
  69. self.assertTrue(ret['keystone_|-user_|-user_|-role_present']['result'])
  70. ret = self.run_state('keystone.user_present',
  71. name='admin',
  72. email='admin@example.com',
  73. password='adminpass',
  74. tenant='admin',
  75. roles={'admin': ['admin']},
  76. connection_endpoint=self.endpoint,
  77. connection_token=self.token)
  78. self.assertTrue(ret['keystone_|-admin_|-admin_|-user_present']['result'])
  79. ret = self.run_state('keystone.user_present',
  80. name='demo',
  81. email='demo@example.com',
  82. password='demopass',
  83. tenant='demo',
  84. roles={'demo': ['user']},
  85. connection_endpoint=self.endpoint,
  86. connection_token=self.token)
  87. self.assertTrue(ret['keystone_|-demo_|-demo_|-user_present']['result'])
  88. @pytest.mark.destructive_test
  89. def test_keystone_v2(self):
  90. ret = self.run_state('keystone.service_present',
  91. name='testv2',
  92. description='Nova Service',
  93. service_type='compute',
  94. profile='adminv2')
  95. self.assertTrue(ret['keystone_|-testv2_|-testv2_|-service_present']['result'])
  96. ret = self.run_state('keystone.endpoint_present',
  97. name='nova',
  98. description='Nova Service',
  99. publicurl='http://localhost:8774/v2.1/%(tenant_id)s',
  100. internalurl='http://localhost:8774/v2.1/%(tenant_id)s',
  101. adminurl='http://localhost:8774/v2.1/%(tenant_id)s',
  102. region='RegionOne',
  103. profile='adminv2')
  104. self.assertTrue(ret['keystone_|-nova_|-nova_|-endpoint_present']['result'])
  105. # Region Two
  106. ret = self.run_state('keystone.endpoint_present',
  107. name='nova',
  108. description='Nova Service',
  109. publicurl='http://localhost:8774/v2.1/%(tenant_id)s',
  110. internalurl='http://localhost:8774/v2.1/%(tenant_id)s',
  111. adminurl='http://localhost:8774/v2.1/%(tenant_id)s',
  112. region='RegionTwo',
  113. profile='adminv2')
  114. self.assertTrue(ret['keystone_|-nova_|-nova_|-endpoint_present']['result'])
  115. # Region One, change publicurl
  116. ret = self.run_state('keystone.endpoint_present',
  117. name='nova',
  118. description='Nova Service',
  119. publicurl='http://127.0.0.1:8774/v2.1/%(tenant_id)s',
  120. internalurl='http://localhost:8774/v2.1/%(tenant_id)s',
  121. adminurl='http://localhost:8774/v2.1/%(tenant_id)s',
  122. region='RegionOne',
  123. profile='adminv2')
  124. self.assertTrue(ret['keystone_|-nova_|-nova_|-endpoint_present']['result'])
  125. ret = self.run_state('keystone.endpoint_get',
  126. name='nova',
  127. region='RegionOne',
  128. profile='adminv2')
  129. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  130. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['publicurl'].start_with('http://127.0.0.1'))
  131. ret = self.run_state('keystone.tenant_present',
  132. name='test',
  133. description='Test Tenant',
  134. profile='adminv2')
  135. self.assertTrue(ret['keystone_|-test_|-test_|-tenant_present']['result'])
  136. ret = self.run_state('keystone.role_present',
  137. name='user',
  138. profile='adminv2')
  139. self.assertTrue(ret['keystone_|-user_|-user_|-role_present']['result'])
  140. ret = self.run_state('keystone.user_present',
  141. name='test',
  142. email='test@example.com',
  143. tenant='test',
  144. password='testpass',
  145. roles={'test': ['user']},
  146. profile='adminv2')
  147. self.assertTrue(ret['keystone_|-test_|-test_|-user_present']['result'])
  148. ret = self.run_state('keystone.service_absent',
  149. name='testv2',
  150. profile='adminv2')
  151. self.assertTrue(ret['keystone_|-testv2_|-testv2_|-service_absent']['result'])
  152. @pytest.mark.destructive_test
  153. def test_keystone_v3(self):
  154. ret = self.run_state('keystone.service_present',
  155. name='testv3',
  156. description='Image Service',
  157. service_type='image',
  158. profile='adminv3')
  159. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-service_present']['result'])
  160. ret = self.run_state('keystone.endpoint_present',
  161. name='testv3',
  162. description='Glance Service',
  163. interface='public',
  164. url='http://localhost:9292',
  165. region='RegionOne',
  166. profile='adminv3')
  167. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  168. ret = self.run_state('keystone.endpoint_present',
  169. name='testv3',
  170. description='Glance Service',
  171. interface='internal',
  172. url='http://localhost:9292',
  173. region='RegionOne',
  174. profile='adminv3')
  175. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  176. ret = self.run_state('keystone.endpoint_present',
  177. name='testv3',
  178. description='Glance Service',
  179. interface='admin',
  180. url='http://localhost:9292',
  181. region='RegionOne',
  182. profile='adminv3')
  183. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  184. # Region Two
  185. ret = self.run_state('keystone.endpoint_present',
  186. name='testv3',
  187. description='Glance Service',
  188. interface='public',
  189. url='http://localhost:9292',
  190. region='RegionTwo',
  191. profile='adminv3')
  192. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  193. ret = self.run_state('keystone.endpoint_present',
  194. name='testv3',
  195. description='Glance Service',
  196. interface='internal',
  197. url='http://localhost:9292',
  198. region='RegionTwo',
  199. profile='adminv3')
  200. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  201. ret = self.run_state('keystone.endpoint_present',
  202. name='testv3',
  203. description='Glance Service',
  204. interface='admin',
  205. url='http://localhost:9292',
  206. region='RegionTwo',
  207. profile='adminv3')
  208. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  209. # Region One, change
  210. ret = self.run_state('keystone.endpoint_present',
  211. name='testv3',
  212. description='Glance Service',
  213. interface='public',
  214. url='http://127.0.0.1:9292',
  215. region='RegionOne',
  216. profile='adminv3')
  217. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  218. ret = self.run_state('keystone.endpoint_get',
  219. name='testv3',
  220. region='RegionOne',
  221. interface='public',
  222. profile='adminv3')
  223. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['result'])
  224. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-endpoint_present']['endpoint']['url'] == 'http://127.0.0.1:9292')
  225. ret = self.run_state('keystone.project_present',
  226. name='testv3',
  227. description='Test v3 Tenant',
  228. profile='adminv3')
  229. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-project_present']['result'])
  230. ret = self.run_state('keystone.role_present',
  231. name='user',
  232. profile='adminv3')
  233. self.assertTrue(ret['keystone_|-user_|-user_|-role_present']['result'])
  234. ret = self.run_state('keystone.user_present',
  235. name='testv3',
  236. email='testv3@example.com',
  237. project='testv3',
  238. password='testv3pass',
  239. roles={'testv3': ['user']},
  240. profile='adminv3')
  241. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-user_present']['result'])
  242. ret = self.run_state('keystone.service_absent',
  243. name='testv3',
  244. profile='adminv3')
  245. self.assertTrue(ret['keystone_|-testv3_|-testv3_|-service_absent']['result'])