From 661fbc57a5cd5137a58cc6a285f4b6f91d78e0f0 Mon Sep 17 00:00:00 2001 From: Tomi Juvonen Date: Thu, 15 Dec 2016 10:10:07 +0200 Subject: Change role of doctor user to _member_ Change role of doctor user to _member_ Do needful changes to API calls Add admin a role to project Add Fuel support JIRA: DOCTOR-80 Change-Id: Ic7f88b9ceb6c4fc90e5e985ecfbc50c907b2367e Signed-off-by: Tomi Juvonen --- tests/lib/installers/fuel | 38 +++++++++++++++++++++++++++++++++++ tests/run.sh | 51 ++++++++++++++++++++++++++++++++++------------- 2 files changed, 75 insertions(+), 14 deletions(-) diff --git a/tests/lib/installers/fuel b/tests/lib/installers/fuel index da0de34b..0c56963c 100644 --- a/tests/lib/installers/fuel +++ b/tests/lib/installers/fuel @@ -74,6 +74,31 @@ function installer_apply_patches { ip netns exec haproxy /usr/lib/ocf/resource.d/fuel/ns_haproxy restart fi fi + + np_conf=/etc/nova/policy.json + if [ -e $np_conf ]; then + entry="os_compute_api:servers:show:host_status" + new="rule:admin_or_owner" + np_backup="${np_conf}-doctor-saved" + if grep -q "${entry}.*${new}" $np_conf; then + echo "Not modifying nova policy" + elif grep -q "${entry}" $np_conf; then + echo "modify nova policy" + cp $np_conf $np_backup + oldline=$(grep "$entry" $np_conf) + newline=$(echo "$oldline" | sed "s/rule.*\"/$new\"/") + sed -i "s/$oldline/$newline/" $np_conf + service nova-api restart + else + echo "add nova policy" + cp $np_conf $np_backup + sed -i "/{/a \ \"${entry}\": \"$new\"" $np_conf + service nova-api restart + fi + else + # TODO(tojuvone) policy.json might not exists in Ocata. + echo "$np_conf does not exist!!!" + fi ' > installer_apply_patches_$node.log 2>&1 done } @@ -83,6 +108,8 @@ function setup_installer { installer_get_ssh_keys get_controller_ips installer_apply_patches + #Might take a moment for nova-api to restart + sleep 20 if ! openstack flavor show $VM_FLAVOR ; then openstack flavor create --ram 512 --disk 1 $VM_FLAVOR \ && touch created_doctor_flavor @@ -138,6 +165,17 @@ function installer_revert_patches { sed -ie "/# added by doctor script/d" $ep_conf service ceilometer-agent-notification restart fi + + np_conf=/etc/nova/policy.json + entry="os_compute_api:servers:show:host_status" + if [ -e $np_conf ]; then + np_backup="${np_conf}-doctor-saved" + if [ -e $np_backup ]; then + cp -f $np_backup $np_conf + rm $np_backup + service nova-api restart + fi + fi ' >> installer_apply_patches_$node.log 2>&1 done } diff --git a/tests/run.sh b/tests/run.sh index d97a5c9c..c21c3fd7 100755 --- a/tests/run.sh +++ b/tests/run.sh @@ -28,8 +28,7 @@ CONSUMER_PORT=12346 DOCTOR_USER=doctor DOCTOR_PW=doctor DOCTOR_PROJECT=doctor -#TODO: change back to `_member_` when JIRA DOCTOR-55 is done -DOCTOR_ROLE=admin +DOCTOR_ROLE=_member_ PROFILER_TYPE=${PROFILER_TYPE:-none} TOP_DIR=$(cd $(dirname "$0") && pwd) @@ -39,13 +38,15 @@ as_doctor_user="--os-username $DOCTOR_USER --os-password $DOCTOR_PW # NOTE: ceilometer command still requires '--os-tenant-name'. #ceilometer="ceilometer ${as_doctor_user/--os-project-name/--os-tenant-name}" ceilometer="ceilometer $as_doctor_user" +as_admin_user="--os-username admin --os-project-name $DOCTOR_PROJECT + --os-tenant-name $DOCTOR_PROJECT" # Functions get_compute_host_info() { - # get computer host info which first VM boot in - COMPUTE_HOST=$(openstack $as_doctor_user server show ${VM_BASENAME}1 | + # get computer host info which first VM boot in as admin user + COMPUTE_HOST=$(openstack $as_admin_user server show ${VM_BASENAME}1 | grep "OS-EXT-SRV-ATTR:host" | awk '{ print $4 }') compute_host_in_undercloud=${COMPUTE_HOST%%.*} die_if_not_set $LINENO COMPUTE_HOST "Failed to get compute hostname" @@ -108,17 +109,25 @@ register_image() { create_test_user() { openstack project list | grep -q " $DOCTOR_PROJECT " || { - openstack project create "$DOCTOR_PROJECT" + openstack project create --description "Doctor Project" \ + "$DOCTOR_PROJECT" } openstack user list | grep -q " $DOCTOR_USER " || { openstack user create "$DOCTOR_USER" --password "$DOCTOR_PW" \ --project "$DOCTOR_PROJECT" } - openstack role show "$DOCTOR_ROLE" || { + openstack role show "$DOCTOR_ROLE" | grep -q " $DOCTOR_ROLE " || { openstack role create "$DOCTOR_ROLE" } - openstack role add "$DOCTOR_ROLE" --user "$DOCTOR_USER" \ - --project "$DOCTOR_PROJECT" + openstack role assignment list --user "$DOCTOR_USER" \ + --project "$DOCTOR_PROJECT" --names | grep -q " $DOCTOR_ROLE " || { + openstack role add "$DOCTOR_ROLE" --user "$DOCTOR_USER" \ + --project "$DOCTOR_PROJECT" + } + openstack role assignment list --user admin --project "$DOCTOR_PROJECT" \ + --names | grep -q " admin " || { + openstack role add admin --user admin --project "$DOCTOR_PROJECT" + } # tojuvone: openstack quota show is broken and have to use nova # https://bugs.launchpad.net/manila/+bug/1652118 # Note! while it is encouraged to use openstack client it has proven @@ -140,6 +149,24 @@ create_test_user() { fi } +remove_test_user() { + openstack project list | grep -q " $DOCTOR_PROJECT " && { + openstack role assignment list --user admin \ + --project "$DOCTOR_PROJECT" --names | grep -q " admin " && { + openstack role remove admin --user admin --project "$DOCTOR_PROJECT" + } + openstack user list | grep -q " $DOCTOR_USER " && { + openstack role assignment list --user "$DOCTOR_USER" \ + --project "$DOCTOR_PROJECT" --names | grep -q " $DOCTOR_ROLE " && { + openstack role remove "$DOCTOR_ROLE" --user "$DOCTOR_USER" \ + --project "$DOCTOR_PROJECT" + } + openstack user delete "$DOCTOR_USER" + } + openstack project delete "$DOCTOR_PROJECT" + } +} + boot_vm() { # test VM done with test user, so can test non-admin @@ -435,12 +462,8 @@ cleanup() { if [[ "$use_existing_image" == false ]] ; then [ -n "$image_id" ] && openstack image delete "$image_id" fi - openstack role remove "$DOCTOR_ROLE" --user "$DOCTOR_USER" \ - --project "$DOCTOR_PROJECT" - openstack project delete "$DOCTOR_PROJECT" - openstack user delete "$DOCTOR_USER" - # NOTE: remove role only for doctor test. - #openstack role delete "$DOCTOR_ROLE" + + remove_test_user cleanup_installer cleanup_inspector -- cgit 1.2.3-korg