1 files changed, 92 insertions, 53 deletions

diff --git a/keystone-moon/tox.ini b/keystone-moon/tox.ini
index af1d9b82..13ca0d84 100644
--- a/keystone-moon/tox.ini
+++ b/keystone-moon/tox.ini
@@ -1,92 +1,131 @@
 [tox]
 minversion = 1.6
 skipsdist = True
-envlist = py27,py34,pep8,docs,genconfig,releasenotes
+envlist = py34,py27,pep8,docs,genconfig,releasenotes
 
 [testenv]
 usedevelop = True
-install_command = pip install -U {opts} {packages}
+install_command = pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/mitaka} {opts} {packages}
 setenv = VIRTUAL_ENV={envdir}
 deps = -r{toxinidir}/test-requirements.txt
        .[ldap,memcache,mongodb]
-commands = bash tools/pretty_tox.sh '{posargs}'
-whitelist_externals = bash
-passenv = http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy NO_PROXY
+commands =
+  find keystone -type f -name "*.pyc" -delete
+  bash tools/pretty_tox.sh '{posargs}'
+whitelist_externals =
+  bash
+  find
+passenv = http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy NO_PROXY PBR_VERSION
 
 [testenv:py34]
+commands =
+  find keystone -type f -name "*.pyc" -delete
+  bash tools/pretty_tox_py3.sh
+
+[testenv:legacy_drivers]
 deps = -r{toxinidir}/test-requirements.txt
        nose
-       .[memcache,mongodb]
+       .[ldap,memcache,mongodb]
 commands =
-  nosetests --with-coverage --cover-package=keystone \
-      keystone/tests/unit/auth/test_controllers.py \
-      keystone/tests/unit/catalog/test_core.py \
-      keystone/tests/unit/common/test_base64utils.py \
-      keystone/tests/unit/common/test_injection.py \
-      keystone/tests/unit/common/test_json_home.py \
-      keystone/tests/unit/common/test_sql_core.py \
-      keystone/tests/unit/common/test_utils.py \
-      keystone/tests/unit/test_auth_plugin.py \
-      keystone/tests/unit/test_backend.py \
-      keystone/tests/unit/test_backend_endpoint_policy.py \
-      keystone/tests/unit/test_backend_rules.py \
-      keystone/tests/unit/test_cache_backend_mongo.py \
-      keystone/tests/unit/test_config.py \
-      keystone/tests/unit/test_contrib_s3_core.py \
-      keystone/tests/unit/test_driver_hints.py \
-      keystone/tests/unit/test_exception.py \
-      keystone/tests/unit/test_policy.py \
-      keystone/tests/unit/test_singular_plural.py \
-      keystone/tests/unit/test_sql_livetest.py \
-      keystone/tests/unit/test_sql_migrate_extensions.py \
-      keystone/tests/unit/test_sql_upgrade.py \
-      keystone/tests/unit/test_ssl.py \
-      keystone/tests/unit/test_token_bind.py \
-      keystone/tests/unit/test_url_middleware.py \
-      keystone/tests/unit/test_v3_controller.py \
-      keystone/tests/unit/test_validation.py \
-      keystone/tests/unit/test_wsgi.py \
-      keystone/tests/unit/tests/test_core.py \
-      keystone/tests/unit/tests/test_utils.py \
-      keystone/tests/unit/token/test_pki_provider.py \
-      keystone/tests/unit/token/test_pkiz_provider.py \
-      keystone/tests/unit/token/test_token_model.py \
-      keystone/tests/unit/token/test_uuid_provider.py
+  # Run each legacy test separately, to avoid SQL model redefinitions
+  find keystone -type f -name "*.pyc" -delete
+  nosetests -v \
+      keystone/tests/unit/backend/legacy_drivers/assignment/V8/sql.py
+  nosetests -v \
+      keystone/tests/unit/backend/legacy_drivers/role/V8/sql.py
+  nosetests -v \
+      keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py
+  nosetests -v \
+      keystone/tests/unit/backend/legacy_drivers/resource/V8/sql.py
 
 [testenv:pep8]
+deps =
+     .[bandit]
+     {[testenv]deps}
 commands =
-  flake8 {posargs}
+  flake8
   # Run bash8 during pep8 runs to ensure violations are caught by
   # the check and gate queues
   bashate examples/pki/gen_pki.sh
   # Check that .po and .pot files are valid.
   bash -c "find keystone -type f -regex '.*\.pot?' -print0| \
            xargs -0 -n 1 msgfmt --check-format -o /dev/null"
+  # Run security linter
+  bandit -r keystone -x tests
 
-[tox:jenkins]
-downloadcache = ~/cache/pip
+[testenv:bandit]
+# NOTE(browne): This is required for the integration test job of the bandit
+# project. Please do not remove.
+deps = .[bandit]
+commands = bandit -r keystone -x tests
 
 [testenv:cover]
-commands = python setup.py testr --coverage --testr-args='{posargs}'
+# Also do not run test_coverage_ext tests while gathering coverage as those
+# tests conflict with coverage.
+# NOTE(sdague): this target does not use constraints because
+# upstream infra does not yet support it. Once that's fixed, we can
+# drop the install_command.
+install_command = pip install -U --force-reinstall {opts} {packages}
+commands =
+  find keystone -type f -name "*.pyc" -delete
+  python setup.py testr --coverage --testr-args='{posargs}'
 
 [testenv:venv]
+# NOTE(jaegerandi): this target does not use constraints because
+# upstream infra does not yet support it. Once that's fixed, we can
+# drop the install_command.
+install_command = pip install -U --force-reinstall {opts} {packages}
 commands = {posargs}
 
 [testenv:debug]
-commands = oslo_debug_helper {posargs}
+commands =
+  find keystone -type f -name "*.pyc" -delete
+  oslo_debug_helper {posargs}
+passenv =
+    KSTEST_ADMIN_URL
+    KSTEST_ADMIN_USERNAME
+    KSTEST_ADMIN_PASSWORD
+    KSTEST_ADMIN_DOMAIN_ID
+    KSTEST_PUBLIC_URL
+    KSTEST_USER_USERNAME
+    KSTEST_USER_PASSWORD
+    KSTEST_USER_DOMAIN_ID
+    KSTEST_PROJECT_ID
 
 [testenv:functional]
 basepython = python3.4
 deps = -r{toxinidir}/test-requirements.txt
 setenv = OS_TEST_PATH=./keystone/tests/functional
-commands = python setup.py testr --slowest --testr-args='{posargs}'
+commands =
+  find keystone -type f -name "*.pyc" -delete
+  python setup.py testr --slowest --testr-args='{posargs}'
+passenv =
+    KSTEST_ADMIN_URL
+    KSTEST_ADMIN_USERNAME
+    KSTEST_ADMIN_PASSWORD
+    KSTEST_ADMIN_DOMAIN_ID
+    KSTEST_PUBLIC_URL
+    KSTEST_USER_USERNAME
+    KSTEST_USER_PASSWORD
+    KSTEST_USER_DOMAIN_ID
+    KSTEST_PROJECT_ID
 
 [flake8]
 filename= *.py,keystone-all,keystone-manage
 show-source = true
 
-# H405  multi line docstring summary not separated with an empty line
-ignore = H405
+# D100: Missing docstring in public module
+# D101: Missing docstring in public class
+# D102: Missing docstring in public method
+# D103: Missing docstring in public function
+# D104: Missing docstring in public package
+# D105: Missing docstring in magic method
+# D202: No blank lines allowed after docstring.
+# D203: 1 blank required before class docstring.
+# D205: Blank line required between one-line summary and description.
+# D400: First line should end with a period.
+# D401: First line should be in imperative mood.
+ignore = D100,D101,D102,D103,D104,D105,D203,D205,D400,D401
 
 exclude=.venv,.git,.tox,build,dist,doc,*openstack/common*,*lib/python*,*egg,tools,vendor,.update-venv,*.ini,*.po,*.pot
 max-complexity=24
@@ -98,15 +137,15 @@ commands=
     python setup.py build_sphinx
 
 [testenv:releasenotes]
-commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
+# NOTE(sdague): this target does not use constraints because
+# upstream infra does not yet support it. Once that's fixed, we can
+# drop the install_command.
+install_command = pip install -U --force-reinstall {opts} {packages}
+commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
 
 [testenv:genconfig]
 commands = oslo-config-generator --config-file=config-generator/keystone.conf
 
-[testenv:bandit]
-deps = .[bandit]
-commands = bandit -c bandit.yaml -r keystone -n5 -p gate
-
 [hacking]
 import_exceptions =
   keystone.i18n