diff options
Diffstat (limited to 'buildscripts/resmokelib/testing/fixtures/tenant_migration.py')
-rw-r--r-- | buildscripts/resmokelib/testing/fixtures/tenant_migration.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/buildscripts/resmokelib/testing/fixtures/tenant_migration.py b/buildscripts/resmokelib/testing/fixtures/tenant_migration.py index e06ea907efe..5fbd20440fe 100644 --- a/buildscripts/resmokelib/testing/fixtures/tenant_migration.py +++ b/buildscripts/resmokelib/testing/fixtures/tenant_migration.py @@ -91,6 +91,7 @@ class TenantMigrationFixture(interface.Fixture): # pylint: disable=too-many-ins # Start up each of the replica sets for replica_set in self.replica_sets: replica_set.setup() + self._create_tenant_migration_donor_and_recipient_roles(replica_set) def await_ready(self): """Block until the fixture can be used for testing.""" @@ -155,3 +156,47 @@ class TenantMigrationFixture(interface.Fixture): # pylint: disable=too-many-ins for replica_set in self.replica_sets: output += replica_set.get_node_info() return output + + @staticmethod + def auth(client, auth_options=None): + """Auth a client connection.""" + if auth_options is not None: + auth_db = client[auth_options["authenticationDatabase"]] + auth_db.authenticate(auth_options["username"], password=auth_options["password"], + mechanism=auth_options["authenticationMechanism"]) + + return client + + def _create_tenant_migration_donor_and_recipient_roles(self, rs): + """Create a role for tenant migration donor and recipient.""" + primary = rs.get_primary() + primary_client = self.auth(primary.mongo_client(), self.auth_options) + + try: + primary_client.admin.command({ + "createRole": "tenantMigrationDonorRole", "privileges": [{ + "resource": {"cluster": True}, "actions": ["runTenantMigration"] + }, {"resource": {"db": "admin", "collection": "system.keys"}, "actions": ["find"]}], + "roles": [] + }) + except: + self.logger.exception( + "Error creating tenant migration donor role on primary on port %d of replica" + + " set '%s'.", primary.port, rs.replset_name) + raise + + try: + primary_client.admin.command({ + "createRole": "tenantMigrationRecipientRole", "privileges": + [{"resource": {"cluster": True}, "actions": ["listDatabases", "useUUID"]}, + {"resource": {"db": "", "collection": ""}, "actions": ["listCollections"]}, + { + "resource": {"anyResource": True}, + "actions": ["dbStats", "collStats", "find", "listIndexes"] + }], "roles": [] + }) + except: + self.logger.exception( + "Error creating tenant migration recipient role on primary on port %d of replica" + + " set '%s'.", primary.port, rs.replset_name) + raise |