[openstack-dev] [qa] Using any username/password to create tempest clients

Udi Kalifon ukalifon at redhat.com
Tue Aug 19 10:34:34 UTC 2014


Hi Andrea,

I tried adding the tenant to the credentials I supply - and it didn't change the results I am getting. I opened a bug on this issue:
https://bugs.launchpad.net/tempest/+bug/1356759

Can you devote some time to this bug, or let me know how to fix it and I will do it myself? 

Thanks a lot for your help,
Udi.

----- Original Message -----
From: "Andrea Frittoli" <andrea.frittoli at gmail.com>
To: "OpenStack Development Mailing List (not for usage questions)" <openstack-dev at lists.openstack.org>
Sent: Wednesday, August 13, 2014 7:24:42 PM
Subject: Re: [openstack-dev] [qa] Using any username/password to create tempest clients

Hello Udi, 

I don't see anything wrong in principle with your code. 
This said, the main use case I had in mind when I wrote the auth providers and credentials classes was to abstract authentication for all tests, so that it is possible to configure and target identity api version to be used for authentication, and all tests will use that to obtain a token. 

Identity tests are a bit different though, because when running an identity tests you typically want to specify which version of the identity API is to be used - like you did in your code. 
Nonetheless you you should be able to use the same code from auth provider and credentials classes - but because identity tests have use more complex scenarios you may find issues or restrictions in the current implementation. 
I see that your credentials do not have a tenant - even though there is a simple unit test for that case, that case is not used in any other test atm, so you may as well have hit a bug. 

I think it would be helpful if you could push a WIP change - it would be easier to see what is going wrong. 

andrea 



On 13 August 2014 10:41, Udi Kalifon < ukalifon at redhat.com > wrote: 


Hello. 

I am writing a tempest scenario for keystone. In this scenario I create a domain, project and a user with admin rights on the project. I then try to instantiate a Manager so I can call keystone using the new user credentials: 

creds = KeystoneV3Credentials(username=dom1proj1admin_name, password=dom1proj1admin_name, domain_name=dom1_name, user_domain_name=dom1_name) 
auth_provider = KeystoneV3AuthProvider(creds) 
creds = auth_provider.fill_credentials() 
admin_client = clients.Manager(interface=self._interface, credentials=creds) 

The problem is that I get "unauthorized" return codes for every call I make with this client. I verified that the user is created properly and has the needed credentials, by manually authenticating and getting a token with his credentials and then using that token. Apparently, in my code I don't create the creds properly or I'm missing another step. How can I use the new user in tempest properly? 

Thanks in advance, 
Udi Kalifon. 

_______________________________________________ 
OpenStack-dev mailing list 
OpenStack-dev at lists.openstack.org 
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev 


_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev



More information about the OpenStack-dev mailing list