14 files changed, 66 insertions, 52 deletions

diff --git a/jjb/apex/apex.yml b/jjb/apex/apex.yml
index 92651e85c..9ccf8e39d 100644
--- a/jjb/apex/apex.yml
+++ b/jjb/apex/apex.yml
@@ -231,11 +231,15 @@
                   - branch-compare-type: 'ANT'
                     branch-pattern: '**/{branch}'
                 disable-strict-forbidden-file-verification: 'true'
+                file-paths:
+                  - compare-type: ANT
+                    pattern: '**'
                 forbidden-file-paths:
                   - compare-type: ANT
                     pattern: 'apex/tests/**'
                   - compare-type: ANT
                     pattern: 'docs/**'
+
     properties:
         - logrotate-default
         - build-blocker:
diff --git a/jjb/apex/apex.yml.j2 b/jjb/apex/apex.yml.j2
index 960839ad2..c878fe6af 100644
--- a/jjb/apex/apex.yml.j2
+++ b/jjb/apex/apex.yml.j2
@@ -143,11 +143,15 @@
                   - branch-compare-type: 'ANT'
                     branch-pattern: '**/{branch}'
                 disable-strict-forbidden-file-verification: 'true'
+                file-paths:
+                  - compare-type: ANT
+                    pattern: '**'
                 forbidden-file-paths:
                   - compare-type: ANT
                     pattern: 'apex/tests/**'
                   - compare-type: ANT
                     pattern: 'docs/**'
+
     properties:
         - logrotate-default
         - build-blocker:
diff --git a/jjb/armband/armband-verify-jobs.yml b/jjb/armband/armband-verify-jobs.yml
index b18d9f71e..c43dc7f82 100644
--- a/jjb/armband/armband-verify-jobs.yml
+++ b/jjb/armband/armband-verify-jobs.yml
@@ -208,7 +208,7 @@
     name: 'armband-verify-deploy-virtual-macro'
     builders:
         - shell:
-            !include-raw-escape: ../fuel/fuel-deploy.sh
+            !include-raw: ../fuel/fuel-deploy.sh
 
 - builder:
     name: 'armband-verify-smoke-test-macro'
diff --git a/jjb/daisy4nfv/daisy-project-jobs.yml b/jjb/daisy4nfv/daisy-project-jobs.yml
index fd0da7928..09b0bc2e1 100644
--- a/jjb/daisy4nfv/daisy-project-jobs.yml
+++ b/jjb/daisy4nfv/daisy-project-jobs.yml
@@ -54,6 +54,8 @@
             use-build-blocker: true
             blocking-jobs:
                 - '{installer}-daily-.*'
+                - 'daisy4nfv-merge-build-.*'
+                - 'daisy4nfv-verify-build-.*'
             block-level: 'NODE'
 
     scm:
diff --git a/jjb/daisy4nfv/daisy4nfv-merge-jobs.yml b/jjb/daisy4nfv/daisy4nfv-merge-jobs.yml
index 561ffbe24..f7a6c1363 100644
--- a/jjb/daisy4nfv/daisy4nfv-merge-jobs.yml
+++ b/jjb/daisy4nfv/daisy4nfv-merge-jobs.yml
@@ -154,6 +154,7 @@
             use-build-blocker: true
             blocking-jobs:
                 - '{alias}-merge-{phase}-.*'
+                - '{installer}-daily-.*'
             block-level: 'NODE'
 
     scm:
diff --git a/jjb/daisy4nfv/daisy4nfv-verify-jobs.yml b/jjb/daisy4nfv/daisy4nfv-verify-jobs.yml
index dff0ff0a4..6f6ab0fb0 100644
--- a/jjb/daisy4nfv/daisy4nfv-verify-jobs.yml
+++ b/jjb/daisy4nfv/daisy4nfv-verify-jobs.yml
@@ -50,7 +50,7 @@
         - build-blocker:
             use-build-blocker: true
             blocking-jobs:
-                - '{installer}-merge-build-.*'
+                - '{alias}-merge-build-.*'
             block-level: 'NODE'
 
     scm:
@@ -147,8 +147,9 @@
         - build-blocker:
             use-build-blocker: true
             blocking-jobs:
-                - '{installer}-merge-build-.*'
+                - '{alias}-merge-build-.*'
                 - '{alias}-verify-build-.*'
+                - '{installer}-daily-.*'
             block-level: 'NODE'
 
     scm:
diff --git a/jjb/fuel/fuel-verify-jobs.yml b/jjb/fuel/fuel-verify-jobs.yml
index f5840bcab..45197fc4e 100644
--- a/jjb/fuel/fuel-verify-jobs.yml
+++ b/jjb/fuel/fuel-verify-jobs.yml
@@ -208,7 +208,7 @@
     name: 'fuel-verify-deploy-virtual-macro'
     builders:
         - shell:
-            !include-raw-escape: ./fuel-deploy.sh
+            !include-raw: ./fuel-deploy.sh
 
 - builder:
     name: 'fuel-verify-smoke-test-macro'
diff --git a/jjb/functest/functest-alpine.sh b/jjb/functest/functest-alpine.sh
index f0e08e171..cee302699 100644
--- a/jjb/functest/functest-alpine.sh
+++ b/jjb/functest/functest-alpine.sh
@@ -70,7 +70,7 @@ set +e
 
 tiers=(healthcheck smoke features vnf)
 for tier in ${tiers[@]}; do
-    FUNCTEST_IMAGE=ollivier/functest-${tier}
+    FUNCTEST_IMAGE=opnfv/functest-${tier}
     echo "Functest: Pulling Functest Docker image ${FUNCTEST_IMAGE} ..."
     docker pull ${FUNCTEST_IMAGE}>/dev/null
     cmd="docker run ${envs} ${volumes} ${FUNCTEST_IMAGE}"
diff --git a/utils/test/testapi/etc/config.ini b/utils/test/testapi/etc/config.ini
index a7d8da622..8d0bde20b 100644
--- a/utils/test/testapi/etc/config.ini
+++ b/utils/test/testapi/etc/config.ini
@@ -27,3 +27,5 @@ static_path = /usr/local/share/opnfv_testapi
 [lfid]
 # Linux Foundation cas URL
 cas_url = https://identity.linuxfoundation.org/cas/
+#service url used to authenticate to cas
+signin_return = api/v1/auth/signin_return
diff --git a/utils/test/testapi/opnfv_testapi/common/check.py b/utils/test/testapi/opnfv_testapi/common/check.py
index 009d3d46c..24ba876a9 100644
--- a/utils/test/testapi/opnfv_testapi/common/check.py
+++ b/utils/test/testapi/opnfv_testapi/common/check.py
@@ -8,49 +8,14 @@
 ##############################################################################
 import functools
 
-import cas
 from tornado import gen
 from tornado import web
 
-from opnfv_testapi.common import constants
 from opnfv_testapi.common import message
 from opnfv_testapi.common import raises
-from opnfv_testapi.common.config import CONF
 from opnfv_testapi.db import api as dbapi
 
 
-def login(method):
-    @web.asynchronous
-    @gen.coroutine
-    @functools.wraps(method)
-    def wrapper(self, *args, **kwargs):
-        ticket = self.get_query_argument('ticket', default=None)
-        if ticket:
-            client = cas.CASClient(version='2',
-                                   server_url=CONF.lfid_cas_url,
-                                   service_url=CONF.ui_url)
-            (user, attrs, _) = client.verify_ticket(ticket=ticket)
-            print 'login user: {}'.format(user)
-            login_user = {
-                'user': user,
-                'email': attrs.get('mail'),
-                'fullname': attrs.get('field_lf_full_name'),
-                'groups': constants.TESTAPI_USERS + attrs.get('group', [])
-            }
-            q_user = {'user': user}
-            db_user = yield dbapi.db_find_one(constants.USER_TABLE, q_user)
-            if not db_user:
-                dbapi.db_save(constants.USER_TABLE, login_user)
-            else:
-                dbapi.db_update(constants.USER_TABLE, q_user, login_user)
-
-            self.clear_cookie(constants.TESTAPI_ID)
-            self.set_secure_cookie(constants.TESTAPI_ID, user)
-        ret = yield gen.coroutine(method)(self, *args, **kwargs)
-        raise gen.Return(ret)
-    return wrapper
-
-
 def authenticate(method):
     @web.asynchronous
     @gen.coroutine
diff --git a/utils/test/testapi/opnfv_testapi/common/constants.py b/utils/test/testapi/opnfv_testapi/common/constants.py
index b37ebb3d6..70c922383 100644
--- a/utils/test/testapi/opnfv_testapi/common/constants.py
+++ b/utils/test/testapi/opnfv_testapi/common/constants.py
@@ -2,4 +2,3 @@ TESTAPI_ID = 'testapi_id'
 CSRF_TOKEN = 'csrf_token'
 ROLE = 'role'
 TESTAPI_USERS = ['opnfv-testapi-users']
-USER_TABLE = 'users'
diff --git a/utils/test/testapi/opnfv_testapi/router/url_mappings.py b/utils/test/testapi/opnfv_testapi/router/url_mappings.py
index c038e88cc..ce0a3eeb3 100644
--- a/utils/test/testapi/opnfv_testapi/router/url_mappings.py
+++ b/utils/test/testapi/opnfv_testapi/router/url_mappings.py
@@ -76,6 +76,7 @@ mappings = [
 
     (r'/', root.RootHandler),
     (r'/api/v1/auth/signin', sign.SigninHandler),
+    (r'/{}'.format(CONF.lfid_signin_return), sign.SigninReturnHandler),
     (r'/api/v1/auth/signout', sign.SignoutHandler),
     (r'/api/v1/profile', user.UserHandler),
 
diff --git a/utils/test/testapi/opnfv_testapi/ui/auth/sign.py b/utils/test/testapi/opnfv_testapi/ui/auth/sign.py
index 01cd0f7c3..318473ea2 100644
--- a/utils/test/testapi/opnfv_testapi/ui/auth/sign.py
+++ b/utils/test/testapi/opnfv_testapi/ui/auth/sign.py
@@ -1,22 +1,59 @@
 from cas import CASClient
+from tornado import gen
+from tornado import web
 
 from opnfv_testapi.common import constants
 from opnfv_testapi.common.config import CONF
+from opnfv_testapi.db import api as dbapi
 from opnfv_testapi.resources import handlers
 
 
-class SigninHandler(handlers.GenericApiHandler):
+class SignBaseHandler(handlers.GenericApiHandler):
+    def __init__(self, application, request, **kwargs):
+        super(SignBaseHandler, self).__init__(application, request, **kwargs)
+        self.table = 'users'
+        self.cas_client = CASClient(version='2',
+                                    server_url=CONF.lfid_cas_url,
+                                    service_url='{}/{}'.format(
+                                        CONF.ui_url,
+                                        CONF.lfid_signin_return))
+
+
+class SigninHandler(SignBaseHandler):
+    def get(self):
+        self.redirect(url=(self.cas_client.get_login_url()))
+
+
+class SigninReturnHandler(SignBaseHandler):
+
+    @web.asynchronous
+    @gen.coroutine
     def get(self):
-        client = CASClient(version='2',
-                           server_url=CONF.lfid_cas_url,
-                           service_url=CONF.ui_url)
-        self.redirect(url=(client.get_login_url()))
+        ticket = self.get_query_argument('ticket', default=None)
+        if ticket:
+            (user, attrs, _) = self.cas_client.verify_ticket(ticket=ticket)
+            login_user = {
+                'user': user,
+                'email': attrs.get('mail'),
+                'fullname': attrs.get('field_lf_full_name'),
+                'groups': constants.TESTAPI_USERS + attrs.get('group', [])
+            }
+            q_user = {'user': user}
+            db_user = yield dbapi.db_find_one(self.table, q_user)
+            if not db_user:
+                dbapi.db_save(self.table, login_user)
+            else:
+                dbapi.db_update(self.table, q_user, login_user)
+
+            self.clear_cookie(constants.TESTAPI_ID)
+            self.set_secure_cookie(constants.TESTAPI_ID, user)
+
+            self.redirect(url=CONF.ui_url)
 
 
-class SignoutHandler(handlers.GenericApiHandler):
+class SignoutHandler(SignBaseHandler):
     def get(self):
         """Handle signout request."""
         self.clear_cookie(constants.TESTAPI_ID)
-        client = CASClient(version='2',
-                           server_url=CONF.lfid_cas_url)
-        self.redirect(url=(client.get_logout_url(redirect_url=CONF.ui_url)))
+        logout_url = self.cas_client.get_logout_url(redirect_url=CONF.ui_url)
+        self.redirect(url=logout_url)
diff --git a/utils/test/testapi/opnfv_testapi/ui/root.py b/utils/test/testapi/opnfv_testapi/ui/root.py
index 576cbddcf..286a6b097 100644
--- a/utils/test/testapi/opnfv_testapi/ui/root.py
+++ b/utils/test/testapi/opnfv_testapi/ui/root.py
@@ -1,4 +1,3 @@
-from opnfv_testapi.common import check
 from opnfv_testapi.common.config import CONF
 from opnfv_testapi.resources import handlers
 
@@ -7,6 +6,5 @@ class RootHandler(handlers.GenericApiHandler):
     def get_template_path(self):
         return CONF.ui_static_path
 
-    @check.login
     def get(self):
         self.render('testapi-ui/index.html')