Switch legacy Zuul jobs to native Zuul v3 jobs

Replace the 'novaclient-dsvm-functional' legacy Zuul job with
the 'python-novaclient-functional' native Zuul v3 job.

See
https://governance.openstack.org/tc/goals/selected/victoria/native-zuulv3-jobs.html
for more details.

Change-Id: I35b5699b8b0814f2d17a37e024286cd440047ec8
Signed-off-by: Takashi Natsume <takanattie@gmail.com>
Co-Authored-By: Andrey Kurilin <andr.kurilin@gmail.com>

3 files changed, 48 insertions, 60 deletions

diff --git a/novaclient/tests/functional/base.py b/novaclient/tests/functional/base.py
index f5c758be..9497389f 100644
--- a/novaclient/tests/functional/base.py
+++ b/novaclient/tests/functional/base.py
@@ -206,6 +206,8 @@ class ClientTestBase(testtools.TestCase):
             self.insecure = cloud_config.config['insecure']
         else:
             self.insecure = False
+        self.cacert = cloud_config.config['cacert']
+        self.cert = cloud_config.config['cert']
 
         auth = identity.Password(username=user,
                                  password=passwd,
@@ -213,7 +215,11 @@ class ClientTestBase(testtools.TestCase):
                                  auth_url=auth_url,
                                  project_domain_id=self.project_domain_id,
                                  user_domain_id=user_domain_id)
-        session = ksession.Session(auth=auth, verify=(not self.insecure))
+        session = ksession.Session(
+            cert=self.cert,
+            auth=auth,
+            verify=(self.cacert or not self.insecure)
+        )
 
         self.client = self._get_novaclient(session)
 
diff --git a/novaclient/tests/functional/hooks/post_test_hook.sh b/novaclient/tests/functional/hooks/post_test_hook.sh
deleted file mode 100755
index 473393eb..00000000
--- a/novaclient/tests/functional/hooks/post_test_hook.sh
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/bin/bash -xe
-
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-# This script is executed inside post_test_hook function in devstack gate.
-
-function generate_testr_results {
-    if [ -f .testrepository/0 ]; then
-        sudo .tox/functional/bin/testr last --subunit > $WORKSPACE/testrepository.subunit
-        sudo mv $WORKSPACE/testrepository.subunit $BASE/logs/testrepository.subunit
-        sudo /usr/os-testr-env/bin/subunit2html $BASE/logs/testrepository.subunit $BASE/logs/testr_results.html
-        sudo gzip -9 $BASE/logs/testrepository.subunit
-        sudo gzip -9 $BASE/logs/testr_results.html
-        sudo chown $USER:$USER $BASE/logs/testrepository.subunit.gz $BASE/logs/testr_results.html.gz
-        sudo chmod a+r $BASE/logs/testrepository.subunit.gz $BASE/logs/testr_results.html.gz
-    fi
-}
-
-export NOVACLIENT_DIR="$BASE/new/python-novaclient"
-
-sudo chown -R $USER:stack $NOVACLIENT_DIR
-
-# Go to the novaclient dir
-cd $NOVACLIENT_DIR
-
-# Run tests
-echo "Running novaclient functional test suite"
-set +e
-# Preserve env for OS_ credentials
-sudo -E -H -u $USER tox -e ${TOX_ENV:-functional}
-EXIT_CODE=$?
-set -e
-
-# Collect and parse result
-generate_testr_results
-exit $EXIT_CODE
diff --git a/novaclient/tests/functional/test_auth.py b/novaclient/tests/functional/test_auth.py
index 8987c728..c8d2396a 100644
--- a/novaclient/tests/functional/test_auth.py
+++ b/novaclient/tests/functional/test_auth.py
@@ -10,6 +10,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.
 
+import os
 from urllib import parse
 
 import tempest.lib.cli.base
@@ -28,14 +29,19 @@ class TestAuthentication(base.ClientTestBase):
                                  url.fragment))
 
     def nova_auth_with_password(self, action, identity_api_version):
-        flags = ('--os-username %s --os-tenant-name %s --os-password %s '
-                 '--os-auth-url %s --os-endpoint-type publicURL' % (
-                     self.cli_clients.username,
-                     self.cli_clients.tenant_name,
-                     self.cli_clients.password,
-                     self._get_url(identity_api_version)))
+        flags = (
+            f'--os-username {self.cli_clients.username} '
+            f'--os-tenant-name {self.cli_clients.tenant_name} '
+            f'--os-password {self.cli_clients.password} '
+            f'--os-auth-url {self._get_url(identity_api_version)} '
+            f'--os-endpoint-type publicURL'
+        )
+        if self.cacert:
+            flags = f'{flags} --os-cacert {self.cacert}'
+        if self.cert:
+            flags = f'{flags} --os-cert {self.cert}'
         if self.cli_clients.insecure:
-            flags += ' --insecure '
+            flags = f'{flags} --insecure'
 
         return tempest.lib.cli.base.execute(
             "nova", action, flags, cli_dir=self.cli_clients.cli_dir)
@@ -49,15 +55,37 @@ class TestAuthentication(base.ClientTestBase):
         if identity_api_version == "3":
             kw["project_domain_id"] = self.project_domain_id
         nova = client.Client("2", auth_token=token, auth_url=auth_url,
-                             project_name=self.project_name, **kw)
+                             project_name=self.project_name,
+                             cacert=self.cacert, cert=self.cert,
+                             **kw)
         nova.servers.list()
 
-        flags = ('--os-tenant-name %(project_name)s --os-token %(token)s '
-                 '--os-auth-url %(auth_url)s --os-endpoint-type publicURL'
-                 % {"project_name": self.project_name,
-                    "token": token, "auth_url": auth_url})
+        # NOTE(andreykurilin): tempest.lib.cli.base.execute doesn't allow to
+        #   pass 'env' argument to subprocess.Popen for overriding the current
+        #   process' environment.
+        #   When one of OS_AUTH_TYPE or OS_AUTH_PLUGIN environment variables
+        #   presents, keystoneauth1 can load the wrong auth plugin with wrong
+        #   expected cli arguments. To avoid this case, we need to modify
+        #   current environment.
+        # TODO(andreykurilin): tempest.lib.cli.base.execute is quite simple
+        #   method that can be replaced by subprocess.check_output direct call
+        #   with passing env argument to avoid modifying the current process
+        #   environment. or we probably can propose a change to tempest.
+        os.environ.pop("OS_AUTH_TYPE", None)
+        os.environ.pop("OS_AUTH_PLUGIN", None)
+
+        flags = (
+            f'--os-tenant-name {self.project_name} '
+            f'--os-token {token} '
+            f'--os-auth-url {auth_url} '
+            f'--os-endpoint-type publicURL'
+        )
+        if self.cacert:
+            flags = f'{flags} --os-cacert {self.cacert}'
+        if self.cert:
+            flags = f'{flags} --os-cert {self.cert}'
         if self.cli_clients.insecure:
-            flags += ' --insecure '
+            flags = f'{flags} --insecure'
 
         tempest.lib.cli.base.execute(
             "nova", "list", flags, cli_dir=self.cli_clients.cli_dir)