test_keystone.py 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337
  1. # -*- coding: utf-8 -*-
  2. """
  3. Tests for the Keystone states
  4. """
  5. from __future__ import absolute_import, print_function, unicode_literals
  6. import logging
  7. import pytest
  8. from tests.support.case import ModuleCase
  9. from tests.support.mixins import SaltReturnAssertsMixin
  10. from tests.support.unit import skipIf
  11. log = logging.getLogger(__name__)
  12. NO_KEYSTONE = False
  13. try:
  14. import keystoneclient # pylint: disable=import-error,unused-import
  15. except ImportError:
  16. NO_KEYSTONE = True
  17. @skipIf(
  18. NO_KEYSTONE,
  19. "Please install keystoneclient and a keystone server before running"
  20. "keystone integration tests.",
  21. )
  22. class KeystoneStateTest(ModuleCase, SaltReturnAssertsMixin):
  23. """
  24. Validate the keystone state
  25. """
  26. endpoint = "http://localhost:35357/v2.0"
  27. token = "administrator"
  28. @pytest.mark.destructive_test
  29. def setUp(self):
  30. ret = self.run_state(
  31. "keystone.service_present",
  32. name="keystone",
  33. description="OpenStack Identity",
  34. service_type="identity",
  35. connection_endpoint=self.endpoint,
  36. connection_token=self.token,
  37. )
  38. self.assertTrue(
  39. ret["keystone_|-keystone_|-keystone_|-service_present"]["result"]
  40. )
  41. ret = self.run_state(
  42. "keystone.endpoint_present",
  43. name="keystone",
  44. region="RegionOne",
  45. publicurl="http://localhost:5000/v2.0",
  46. internalurl="http://localhost:5000/v2.0",
  47. adminurl="http://localhost:35357/v2.0",
  48. connection_endpoint=self.endpoint,
  49. connection_token=self.token,
  50. )
  51. self.assertTrue(
  52. ret["keystone_|-keystone_|-keystone_|-endpoint_present"]["result"]
  53. )
  54. ret = self.run_state(
  55. "keystone.tenant_present",
  56. name="admin",
  57. description="Admin Project",
  58. connection_endpoint=self.endpoint,
  59. connection_token=self.token,
  60. )
  61. self.assertTrue(ret["keystone_|-admin_|-admin_|-tenant_present"]["result"])
  62. ret = self.run_state(
  63. "keystone.tenant_present",
  64. name="demo",
  65. description="Demo Project",
  66. connection_endpoint=self.endpoint,
  67. connection_token=self.token,
  68. )
  69. self.assertTrue(ret["keystone_|-demo_|-demo_|-tenant_present"]["result"])
  70. ret = self.run_state(
  71. "keystone.role_present",
  72. name="admin",
  73. connection_endpoint=self.endpoint,
  74. connection_token=self.token,
  75. )
  76. self.assertTrue(ret["keystone_|-admin_|-admin_|-role_present"]["result"])
  77. ret = self.run_state(
  78. "keystone.role_present",
  79. name="user",
  80. connection_endpoint=self.endpoint,
  81. connection_token=self.token,
  82. )
  83. self.assertTrue(ret["keystone_|-user_|-user_|-role_present"]["result"])
  84. ret = self.run_state(
  85. "keystone.user_present",
  86. name="admin",
  87. email="admin@example.com",
  88. password="adminpass",
  89. tenant="admin",
  90. roles={"admin": ["admin"]},
  91. connection_endpoint=self.endpoint,
  92. connection_token=self.token,
  93. )
  94. self.assertTrue(ret["keystone_|-admin_|-admin_|-user_present"]["result"])
  95. ret = self.run_state(
  96. "keystone.user_present",
  97. name="demo",
  98. email="demo@example.com",
  99. password="demopass",
  100. tenant="demo",
  101. roles={"demo": ["user"]},
  102. connection_endpoint=self.endpoint,
  103. connection_token=self.token,
  104. )
  105. self.assertTrue(ret["keystone_|-demo_|-demo_|-user_present"]["result"])
  106. @pytest.mark.destructive_test
  107. def test_keystone_v2(self):
  108. ret = self.run_state(
  109. "keystone.service_present",
  110. name="testv2",
  111. description="Nova Service",
  112. service_type="compute",
  113. profile="adminv2",
  114. )
  115. self.assertTrue(ret["keystone_|-testv2_|-testv2_|-service_present"]["result"])
  116. ret = self.run_state(
  117. "keystone.endpoint_present",
  118. name="nova",
  119. description="Nova Service",
  120. publicurl="http://localhost:8774/v2.1/%(tenant_id)s",
  121. internalurl="http://localhost:8774/v2.1/%(tenant_id)s",
  122. adminurl="http://localhost:8774/v2.1/%(tenant_id)s",
  123. region="RegionOne",
  124. profile="adminv2",
  125. )
  126. self.assertTrue(ret["keystone_|-nova_|-nova_|-endpoint_present"]["result"])
  127. # Region Two
  128. ret = self.run_state(
  129. "keystone.endpoint_present",
  130. name="nova",
  131. description="Nova Service",
  132. publicurl="http://localhost:8774/v2.1/%(tenant_id)s",
  133. internalurl="http://localhost:8774/v2.1/%(tenant_id)s",
  134. adminurl="http://localhost:8774/v2.1/%(tenant_id)s",
  135. region="RegionTwo",
  136. profile="adminv2",
  137. )
  138. self.assertTrue(ret["keystone_|-nova_|-nova_|-endpoint_present"]["result"])
  139. # Region One, change publicurl
  140. ret = self.run_state(
  141. "keystone.endpoint_present",
  142. name="nova",
  143. description="Nova Service",
  144. publicurl="http://127.0.0.1:8774/v2.1/%(tenant_id)s",
  145. internalurl="http://localhost:8774/v2.1/%(tenant_id)s",
  146. adminurl="http://localhost:8774/v2.1/%(tenant_id)s",
  147. region="RegionOne",
  148. profile="adminv2",
  149. )
  150. self.assertTrue(ret["keystone_|-nova_|-nova_|-endpoint_present"]["result"])
  151. ret = self.run_state(
  152. "keystone.endpoint_get", name="nova", region="RegionOne", profile="adminv2"
  153. )
  154. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  155. self.assertTrue(
  156. ret["keystone_|-testv3_|-testv3_|-endpoint_present"][
  157. "publicurl"
  158. ].start_with("http://127.0.0.1")
  159. )
  160. ret = self.run_state(
  161. "keystone.tenant_present",
  162. name="test",
  163. description="Test Tenant",
  164. profile="adminv2",
  165. )
  166. self.assertTrue(ret["keystone_|-test_|-test_|-tenant_present"]["result"])
  167. ret = self.run_state("keystone.role_present", name="user", profile="adminv2")
  168. self.assertTrue(ret["keystone_|-user_|-user_|-role_present"]["result"])
  169. ret = self.run_state(
  170. "keystone.user_present",
  171. name="test",
  172. email="test@example.com",
  173. tenant="test",
  174. password="testpass",
  175. roles={"test": ["user"]},
  176. profile="adminv2",
  177. )
  178. self.assertTrue(ret["keystone_|-test_|-test_|-user_present"]["result"])
  179. ret = self.run_state(
  180. "keystone.service_absent", name="testv2", profile="adminv2"
  181. )
  182. self.assertTrue(ret["keystone_|-testv2_|-testv2_|-service_absent"]["result"])
  183. @pytest.mark.destructive_test
  184. def test_keystone_v3(self):
  185. ret = self.run_state(
  186. "keystone.service_present",
  187. name="testv3",
  188. description="Image Service",
  189. service_type="image",
  190. profile="adminv3",
  191. )
  192. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-service_present"]["result"])
  193. ret = self.run_state(
  194. "keystone.endpoint_present",
  195. name="testv3",
  196. description="Glance Service",
  197. interface="public",
  198. url="http://localhost:9292",
  199. region="RegionOne",
  200. profile="adminv3",
  201. )
  202. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  203. ret = self.run_state(
  204. "keystone.endpoint_present",
  205. name="testv3",
  206. description="Glance Service",
  207. interface="internal",
  208. url="http://localhost:9292",
  209. region="RegionOne",
  210. profile="adminv3",
  211. )
  212. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  213. ret = self.run_state(
  214. "keystone.endpoint_present",
  215. name="testv3",
  216. description="Glance Service",
  217. interface="admin",
  218. url="http://localhost:9292",
  219. region="RegionOne",
  220. profile="adminv3",
  221. )
  222. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  223. # Region Two
  224. ret = self.run_state(
  225. "keystone.endpoint_present",
  226. name="testv3",
  227. description="Glance Service",
  228. interface="public",
  229. url="http://localhost:9292",
  230. region="RegionTwo",
  231. profile="adminv3",
  232. )
  233. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  234. ret = self.run_state(
  235. "keystone.endpoint_present",
  236. name="testv3",
  237. description="Glance Service",
  238. interface="internal",
  239. url="http://localhost:9292",
  240. region="RegionTwo",
  241. profile="adminv3",
  242. )
  243. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  244. ret = self.run_state(
  245. "keystone.endpoint_present",
  246. name="testv3",
  247. description="Glance Service",
  248. interface="admin",
  249. url="http://localhost:9292",
  250. region="RegionTwo",
  251. profile="adminv3",
  252. )
  253. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  254. # Region One, change
  255. ret = self.run_state(
  256. "keystone.endpoint_present",
  257. name="testv3",
  258. description="Glance Service",
  259. interface="public",
  260. url="http://127.0.0.1:9292",
  261. region="RegionOne",
  262. profile="adminv3",
  263. )
  264. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  265. ret = self.run_state(
  266. "keystone.endpoint_get",
  267. name="testv3",
  268. region="RegionOne",
  269. interface="public",
  270. profile="adminv3",
  271. )
  272. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["result"])
  273. self.assertTrue(
  274. ret["keystone_|-testv3_|-testv3_|-endpoint_present"]["endpoint"]["url"]
  275. == "http://127.0.0.1:9292"
  276. )
  277. ret = self.run_state(
  278. "keystone.project_present",
  279. name="testv3",
  280. description="Test v3 Tenant",
  281. profile="adminv3",
  282. )
  283. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-project_present"]["result"])
  284. ret = self.run_state("keystone.role_present", name="user", profile="adminv3")
  285. self.assertTrue(ret["keystone_|-user_|-user_|-role_present"]["result"])
  286. ret = self.run_state(
  287. "keystone.user_present",
  288. name="testv3",
  289. email="testv3@example.com",
  290. project="testv3",
  291. password="testv3pass",
  292. roles={"testv3": ["user"]},
  293. profile="adminv3",
  294. )
  295. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-user_present"]["result"])
  296. ret = self.run_state(
  297. "keystone.service_absent", name="testv3", profile="adminv3"
  298. )
  299. self.assertTrue(ret["keystone_|-testv3_|-testv3_|-service_absent"]["result"])