<div dir="ltr"><div><div>Hello, community!<br><br></div>I'm trying to use Tempest to run tests on DevStack environment that is set up to use Identity API v3. Keystone uses <a href="https://github.com/openstack/keystone/blob/master/etc/policy.v3cloudsample.json">policy.v3cloudsample.json</a> to enable domain and cloud admins. The environment itself works fine (VMs boot successfully, etc).<br>
<br>However when I run tempest, the <span style="font-family:courier new,monospace">api.identity.admin.v3</span> tests fail with error 403 forbidden which happens during policy enforcement:<br><br><font size="1"><span style="font-family:courier new,monospace">======================================================================<br>
FAIL: tempest.api.identity.admin.v3.test_tokens.UsersTestXML.test_tokens[gate,smoke]<br>----------------------------------------------------------------------<br>Traceback (most recent call last):<br>_StringException: Empty attachments:<br>
stderr<br> stdout<br><br>pythonlogging:'': {{{<br>2014-03-13 16:39:14,225 Request: POST <a href="http://127.0.0.1:5000/v2.0/tokens">http://127.0.0.1:5000/v2.0/tokens</a><br>2014-03-13 16:39:14,717 Response Status: 200<br>
2014-03-13 16:39:14,718 Request: POST <a href="http://127.0.0.1:35357/v3/users">http://127.0.0.1:35357/v3/users</a><br>2014-03-13 16:39:14,736 Response Status: 403<br>}}}<br><br>Traceback (most recent call last):<br> File "/opt/stack/tempest/tempest/api/identity/admin/v3/test_tokens.py", line 37, in test_tokens<br>
email=u_email)<br> File "/opt/stack/tempest/tempest/services/identity/v3/xml/identity_client.py", line 100, in create_user<br> self.headers)<br> File "/opt/stack/tempest/tempest/common/rest_client.py", line 302, in post<br>
return self.request('POST', url, headers, body)<br> File "/opt/stack/tempest/tempest/services/identity/v3/xml/identity_client.py", line 80, in request<br> body=body)<br> File "/opt/stack/tempest/tempest/common/rest_client.py", line 436, in request<br>
resp, resp_body)<br> File "/opt/stack/tempest/tempest/common/rest_client.py", line 478, in _error_checker<br> raise exceptions.Unauthorized()<br>Unauthorized: Unauthorized</span></font><br><br></div>It seems that user credentials passed to policy engine do not contain <span style="font-family:courier new,monospace">domain_id</span> for some reason. Has anyone faced similar problem or can point into the right direction for resolving this?<br>
<br>Thank you.<br clear="all"><div><div><div><div><br>-- <br><div>Sincerely, Ruslan Kiianchuk.</div>
</div></div></div></div></div>