From 2c9e0d2d5b8a8a37141303b7ed76027feca1b3cb Mon Sep 17 00:00:00 2001 From: Andy McCrae Date: Thu, 21 Apr 2016 18:42:52 +0100 Subject: [PATCH] Add fucntional tests for swift This is a first pass at adding functional tests for swift using the .functests within the upstream swift repository. User specific tests, as defined in /etc/swift/test.conf, are enabled with the exception of keystone v3 domain tests for which further work will be required. Change-Id: If0bcc96ce3b4bb2f80f08f4523dad3fd89023e77 --- tests/swift_test.conf.j2 | 112 ++++++++++++++++++++++++++++++++ tests/test.yml | 135 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 247 insertions(+) create mode 100644 tests/swift_test.conf.j2 diff --git a/tests/swift_test.conf.j2 b/tests/swift_test.conf.j2 new file mode 100644 index 00000000..2ad3f3de --- /dev/null +++ b/tests/swift_test.conf.j2 @@ -0,0 +1,112 @@ +[func_test] +# sample config for Swift with tempauth +#auth_host = 10.100.100.2 +#auth_port = 5000 +#auth_ssl = no +#auth_prefix = /auth/ +## sample config for Swift with Keystone v2 API +# For keystone v2 change auth_version to 2 and auth_prefix to /v2.0/ +# And "allow_account_management" should not be set "true" +auth_version = 3 +auth_host = 10.100.100.2 +auth_port = 5000 +auth_ssl = no +auth_prefix = /v3/ + +# Primary functional test account (needs admin access to the account) +account = test1 +username = test1 +password = test1 + +# User on a second account (needs admin access to the account) +account2 = test2 +username2 = test2 +password2 = test2 + +# User on same account as first, but without admin access +username3 = test3 +password3 = test3 + +# Fourth user is required for keystone v3 specific tests. +# Account must be in a non-default domain. +#account4 = test4 +#username4 = test4 +#password4 = test4 +#domain4 = test-domain + +# Fifth user is required for service token-specific tests. +# The account must be different than the primary test account +# The user must not have a group (tempauth) or role (keystoneauth) on +# the primary test account. The user must have a group/role that is unique +# and not given to the primary tester and is specified in the options +# _require_group (tempauth) or _service_roles (keystoneauth). +account5 = test5 +username5 = test5 +password5 = test5 + +# The service_prefix option is used for service token-specific tests. +# If service_prefix or username5 above is not supplied, the tests are skipped. +# To set the value and enable the service token tests, look at the +# reseller_prefix option in /etc/swift/proxy-server.conf. There must be at +# least two prefixes. If not, add a prefix as follows (where we add SERVICE): +# reseller_prefix = AUTH, SERVICE +# The service_prefix must match the used in _require_group +# (tempauth) or _service_roles (keystoneauth); for example: +# SERVICE_require_group = service +# SERVICE_service_roles = service +# Note: Do not enable service token tests if the first prefix in +# reseller_prefix is the empty prefix AND the primary functional test +# account contains an underscore. +service_prefix = SERVICE + +# Sixth user is required for access control tests. +# Account must have a role for reseller_admin_role(keystoneauth). +account6 = test6 +username6 = test6 +password6 = test6 + +collate = C + +# Only necessary if a pre-existing server uses self-signed certificate +insecure = no + +[unit_test] +fake_syslog = False + +[probe_test] +# check_server_timeout = 30 +# validate_rsync = false + +[swift-constraints] +# The functional test runner will try to use the constraint values provided in +# the swift-constraints section of test.conf. +# +# If a constraint value does not exist in that section, or because the +# swift-constraints section does not exist, the constraints values found in +# the /info API call (if successful) will be used. +# +# If a constraint value cannot be found in the /info results, either because +# the /info API call failed, or a value is not present, the constraint value +# used will fall back to those loaded by the constraints module at time of +# import (which will attempt to load /etc/swift/swift.conf, see the +# swift.common.constraints module for more information). +# +# Note that the cluster must have "sane" values for the test suite to pass +# (for some definition of sane). +# +#max_file_size = 5368709122 +#max_meta_name_length = 128 +#max_meta_value_length = 256 +#max_meta_count = 90 +#max_meta_overall_size = 4096 +#max_header_size = 8192 +#extra_header_count = 0 +#max_object_name_length = 1024 +#container_listing_limit = 10000 +#account_listing_limit = 10000 +#max_account_name_length = 256 +#max_container_name_length = 256 + +# Newer swift versions default to strict cors mode, but older ones were the +# opposite. +#strict_cors_mode = true diff --git a/tests/test.yml b/tests/test.yml index 8f68f6f5..81bf212b 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -321,6 +321,10 @@ index: 0 repl_number: 3 default: True + swift_proxy_server_conf_overrides: + "filter:keystoneauth": + reseller_prefix: "AUTH, SERVICE" + "SERVICE_service_roles": "test5" memcached_servers: 10.100.100.2 external_lb_vip_address: 10.100.100.3 internal_lb_vip_address: 10.100.100.3 @@ -347,3 +351,134 @@ memcached_encryption_key: "secrete" debug: true verbose: true + +- name: Setup testing - run Swift functional tests + hosts: swift_proxy[0] + user: root + gather_facts: true + pre_tasks: + - name: Ensure test projects + keystone: + command: "ensure_tenant" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + description: "Testing tenant" + tenant_name: "{{item.project_name }}" + domain_name: "{{ item.domain_name }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + with_items: + - { project_name: "test1", domain_name: "Default" } + - { project_name: "test2", domain_name: "Default" } + - { project_name: "test5", domain_name: "Default" } + - { project_name: "test6", domain_name: "Default" } + register: add_service + run_once: true + until: add_service|success + retries: 5 + delay: 10 + - name: Ensure required roles + keystone: + command: "ensure_role" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + role_name: "{{ item }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + with_items: + - "ResellerAdmin" + - "test-role" + - "test5" + run_once: true + register: add_service + until: add_service|success + retries: 5 + delay: 10 + - name: Add swift users for testing + keystone: + command: "ensure_user" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + user_name: "{{ item.user_name }}" + project_name: "{{ item.project_name }}" + domain_name: "{{ item.domain_name }}" + password: "{{ item.password }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + with_items: + - { user_name: "test1", project_name: "test1", password: "test1", domain_name: "Default" } + - { user_name: "test2", project_name: "test2", password: "test2", domain_name: "Default" } + - { user_name: "test3", project_name: "test1", password: "test3", domain_name: "Default" } + - { user_name: "test5", project_name: "test5", password: "test5", domain_name: "Default" } + - { user_name: "test6", project_name: "test6", password: "test6", domain_name: "Default" } + run_once: true + register: add_service + until: add_service|success + retries: 5 + delay: 10 + - name: Ensure roles for swift test users + keystone: + command: "ensure_user_role" + endpoint: "{{ keystone_service_adminurl }}" + login_user: "{{ keystone_admin_user_name }}" + login_password: "{{ keystone_auth_admin_password }}" + login_project_name: "{{ keystone_admin_tenant_name }}" + user_name: "{{ item.user_name }}" + domain_name: "{{ item.domain_name }}" + project_name: "{{ item.project_name }}" + role_name: "{{ item.role_name }}" + insecure: "{{ keystone_service_adminuri_insecure }}" + with_items: + - { user_name: "test1", project_name: "test1", role_name: "admin", domain_name: "Default" } + - { user_name: "test2", project_name: "test2", role_name: "admin", domain_name: "Default" } + - { user_name: "test3", project_name: "test1", role_name: "test-role", domain_name: "Default" } + - { user_name: "test5", project_name: "test5", role_name: "test5", domain_name: "Default" } + - { user_name: "test6", project_name: "test6", role_name: "ResellerAdmin", domain_name: "Default" } + retries: 5 + run_once: true + register: add_service + until: add_service|success + retries: 5 + delay: 10 + - name: Clone swift repository on proxy-host + git: + repo: "https://git.openstack.org/openstack/swift" + dest: "/opt/swift" + update: yes + clone: yes + version: master + - name: Install requirements for swift + pip: + requirements: "{{ item }}" + virtualenv: "{{ swift_venv_bin | dirname }}" + with_items: + - "/opt/swift/test-requirements.txt" + - "/opt/swift/requirements.txt" + - name: Setup test.conf for testing + template: + src: "swift_test.conf.j2" + dest: "/etc/swift/test.conf" + owner: "swift" + group: "swift" + - name: Run functional tests for swift + shell: "source /openstack/venvs/swift-untagged/bin/activate && ./.functests" + args: + chdir: "/opt/swift/" + executable: "/bin/bash" + vars: + keystone_admin_user_name: admin + keystone_admin_tenant_name: admin + keystone_auth_admin_password: "SuperSecretePassword" + keystone_service_adminuri_insecure: false + keystone_service_internaluri_insecure: false + keystone_service_internaluri: "http://10.100.100.2:5000" + keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" + keystone_service_adminuri: "http://10.100.100.2:35357" + keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" + swift_venv_tag: untagged + swift_venv_bin: "/openstack/venvs/swift-{{ swift_venv_tag }}/bin" + debug: true + verbose: true