X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Fkeystone%2Fspec%2Facceptance%2Fbasic_keystone_spec.rb;fp=3rdparty%2Fmodules%2Fkeystone%2Fspec%2Facceptance%2Fbasic_keystone_spec.rb;h=0000000000000000000000000000000000000000;hb=6e1426dc77fb4e5d51f07c187c6f2219431dc31e;hp=e5563f09b22b10aa3d5744775819474bcd90bd42;hpb=87423ba664cd5f2bb462ebadd08b1a90d0fe1c8d;p=mirror%2Fdsa-puppet.git diff --git a/3rdparty/modules/keystone/spec/acceptance/basic_keystone_spec.rb b/3rdparty/modules/keystone/spec/acceptance/basic_keystone_spec.rb deleted file mode 100644 index e5563f09b..000000000 --- a/3rdparty/modules/keystone/spec/acceptance/basic_keystone_spec.rb +++ /dev/null @@ -1,225 +0,0 @@ -require 'spec_helper_acceptance' - -describe 'basic keystone server with resources' do - - context 'default parameters' do - - it 'should work with no errors' do - pp= <<-EOS - Exec { logoutput => 'on_failure' } - - # Common resources - case $::osfamily { - 'Debian': { - include ::apt - class { '::openstack_extras::repo::debian::ubuntu': - release => 'kilo', - package_require => true, - } - } - 'RedHat': { - class { '::openstack_extras::repo::redhat::redhat': - release => 'kilo', - } - package { 'openstack-selinux': ensure => 'latest' } - } - default: { - fail("Unsupported osfamily (${::osfamily})") - } - } - - class { '::mysql::server': } - - # Keystone resources - class { '::keystone::client': } - class { '::keystone::cron::token_flush': } - class { '::keystone::db::mysql': - password => 'keystone', - } - class { '::keystone': - verbose => true, - debug => true, - database_connection => 'mysql://keystone:keystone@127.0.0.1/keystone', - admin_token => 'admin_token', - enabled => true, - } - # "v2" admin and service - class { '::keystone::roles::admin': - email => 'test@example.tld', - password => 'a_big_secret', - } - class { '::keystone::endpoint': - public_url => "http://127.0.0.1:5000/", - admin_url => "http://127.0.0.1:35357/", - default_domain => 'admin', - } - ::keystone::resource::service_identity { 'beaker-ci': - service_type => 'beaker', - service_description => 'beaker service', - service_name => 'beaker', - password => 'secret', - public_url => 'http://127.0.0.1:1234', - admin_url => 'http://127.0.0.1:1234', - internal_url => 'http://127.0.0.1:1234', - } - # v3 admin - # we don't use ::keystone::roles::admin but still create resources manually: - keystone_domain { 'admin_domain': - ensure => present, - enabled => true, - description => 'Domain for admin v3 users', - } - keystone_domain { 'service_domain': - ensure => present, - enabled => true, - description => 'Domain for admin v3 users', - } - keystone_tenant { 'servicesv3': - ensure => present, - enabled => true, - description => 'Tenant for the openstack services', - domain => 'service_domain', - } - keystone_tenant { 'openstackv3': - ensure => present, - enabled => true, - description => 'admin tenant', - domain => 'admin_domain', - } - keystone_user { 'adminv3': - ensure => present, - enabled => true, - tenant => 'openstackv3', # note: don't have to use 'openstackv3::admin_domain' here since the tenant name 'openstackv3' is unique among all domains - email => 'test@example.tld', - password => 'a_big_secret', - domain => 'admin_domain', - } - keystone_user_role { 'adminv3@openstackv3': - ensure => present, - roles => ['admin'], - } - # service user exists only in the service_domain - must - # use v3 api - ::keystone::resource::service_identity { 'beaker-civ3': - service_type => 'beakerv3', - service_description => 'beakerv3 service', - service_name => 'beakerv3', - password => 'secret', - tenant => 'servicesv3', - public_url => 'http://127.0.0.1:1234/v3', - admin_url => 'http://127.0.0.1:1234/v3', - internal_url => 'http://127.0.0.1:1234/v3', - user_domain => 'service_domain', - project_domain => 'service_domain', - } - EOS - - - # Run it twice and test for idempotency - apply_manifest(pp, :catch_failures => true) - apply_manifest(pp, :catch_changes => true) - end - - describe port(5000) do - it { is_expected.to be_listening.with('tcp') } - end - - describe port(35357) do - it { is_expected.to be_listening.with('tcp') } - end - - describe cron do - it { should have_entry('1 0 * * * keystone-manage token_flush >>/var/log/keystone/keystone-tokenflush.log 2>&1').with_user('keystone') } - end - - shared_examples_for 'keystone user/tenant/service/role/endpoint resources using v2 API' do |auth_creds| - it 'should find users in the default domain' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 user list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find tenants in the default domain' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 project list") do |r| - expect(r.stdout).to match(/openstack/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker service' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 service list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find admin role' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 role list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker endpoints' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v2.0 --os-identity-api-version 2 endpoint list --long") do |r| - expect(r.stdout).to match(/1234/) - expect(r.stderr).to be_empty - end - end - end - shared_examples_for 'keystone user/tenant/service/role/endpoint resources using v3 API' do |auth_creds| - it 'should find beaker user' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 user list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find services tenant' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 project list") do |r| - expect(r.stdout).to match(/services/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker service' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 service list") do |r| - expect(r.stdout).to match(/beaker/) - expect(r.stderr).to be_empty - end - end - it 'should find admin role' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 role list") do |r| - expect(r.stdout).to match(/admin/) - expect(r.stderr).to be_empty - end - end - it 'should find beaker endpoints' do - shell("openstack #{auth_creds} --os-auth-url http://127.0.0.1:5000/v3 --os-identity-api-version 3 endpoint list") do |r| - expect(r.stdout).to match(/1234/) - expect(r.stderr).to be_empty - end - end - end - describe 'with v2 admin with v2 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v2 API', - '--os-username admin --os-password a_big_secret --os-project-name openstack' - end - describe 'with v2 service with v2 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v2 API', - '--os-username beaker-ci --os-password secret --os-project-name services' - end - describe 'with v2 admin with v3 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username admin --os-password a_big_secret --os-project-name openstack --os-user-domain-name Default --os-project-domain-name Default' - end - describe "with v2 service with v3 credentials" do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username beaker-ci --os-password secret --os-project-name services --os-user-domain-name Default --os-project-domain-name Default' - end - describe 'with v3 admin with v3 credentials' do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username adminv3 --os-password a_big_secret --os-project-name openstackv3 --os-user-domain-name admin_domain --os-project-domain-name admin_domain' - end - describe "with v3 service with v3 credentials" do - include_examples 'keystone user/tenant/service/role/endpoint resources using v3 API', - '--os-username beaker-civ3 --os-password secret --os-project-name servicesv3 --os-user-domain-name service_domain --os-project-domain-name service_domain' - end - - end -end