diff options
| author | Pete Zaitcev <zaitcev@kotori.zaitcev.us> | 2013-03-10 18:52:10 -0600 |
|---|---|---|
| committer | Pete Zaitcev <zaitcev@kotori.zaitcev.us> | 2013-03-10 18:52:10 -0600 |
| commit | 35e07e2982e129b2f5d225a1de3fdc36c520053e (patch) | |
| tree | dd06fcfeded775d565d619fe6e878af29cfb6cb0 | |
| parent | 5e427e5e3b41ab2ddb377840f7ea196c1ba7327a (diff) | |
| download | swift-35e07e2982e129b2f5d225a1de3fdc36c520053e.tar.gz | |
Permit functional tests against Swift with Keystone
While poking at such problems with authentication other than swauth
it was useful to allow stock functional tests running back-to-back
at two clusters, with tempauth and Keystone.
When running the legacy tests, this version packs account into user
the way it was down previously. This way we do not need to repack
them before every call to get_auth. The downside is additional work
to be done when setting ACLs.
Change-Id: Ieb1d9227cb88977ecd2c39825039bc4be8afae0b
| -rw-r--r-- | test/functional/swift_test_client.py | 49 | ||||
| -rw-r--r-- | test/functionalnosetests/swift_testing.py | 62 | ||||
| -rwxr-xr-x | test/functionalnosetests/test_container.py | 13 | ||||
| -rwxr-xr-x | test/functionalnosetests/test_object.py | 14 | ||||
| -rw-r--r-- | test/sample.conf | 6 |
5 files changed, 85 insertions, 59 deletions
diff --git a/test/functional/swift_test_client.py b/test/functional/swift_test_client.py index 6c9ee7851..a6d8aece0 100644 --- a/test/functional/swift_test_client.py +++ b/test/functional/swift_test_client.py @@ -26,6 +26,7 @@ import simplejson as json from nose import SkipTest from xml.dom import minidom +from swiftclient import get_auth class AuthenticationFailed(Exception): @@ -94,6 +95,7 @@ class Connection(object): self.auth_port = int(config['auth_port']) self.auth_ssl = config['auth_ssl'] in ('on', 'true', 'yes', '1') self.auth_prefix = config.get('auth_prefix', '/') + self.auth_version = str(config.get('auth_version', '1')) self.account = config.get('account') self.username = config['username'] @@ -116,38 +118,25 @@ class Connection(object): self.storage_token = clone_conn.storage_token return - if self.account: - auth_user = '%s:%s' % (self.account, self.username) + if self.auth_version == "1": + auth_path = '%sv1.0' % (self.auth_prefix) + if self.account: + auth_user = '%s:%s' % (self.account, self.username) + else: + auth_user = self.username else: auth_user = self.username - headers = { - 'x-auth-user': auth_user, - 'x-auth-key': self.password, - } - - path = '%sv1.0' % (self.auth_prefix) - if self.auth_ssl: - connection = httplib.HTTPSConnection(self.auth_host, - port=self.auth_port) - else: - connection = httplib.HTTPConnection(self.auth_host, - port=self.auth_port) - #connection.set_debuglevel(3) - connection.request('GET', path, '', headers) - response = connection.getresponse() - connection.close() - - if response.status == 401: - raise AuthenticationFailed() - - if response.status not in (200, 204): - raise ResponseError(response) - - for hdr in response.getheaders(): - if hdr[0].lower() == "x-storage-url": - storage_url = hdr[1] - elif hdr[0].lower() == "x-auth-token": - storage_token = hdr[1] + auth_path = self.auth_prefix + auth_scheme = 'https://' if self.auth_ssl else 'http://' + auth_netloc = "%s:%d" % (self.auth_host, self.auth_port) + auth_url = auth_scheme + auth_netloc + auth_path + + (storage_url, storage_token) = get_auth(auth_url, + auth_user, self.password, + snet=False, + tenant_name=self.account, + auth_version=self.auth_version, + os_options={}) if not (storage_url and storage_token): raise AuthenticationFailed() diff --git a/test/functionalnosetests/swift_testing.py b/test/functionalnosetests/swift_testing.py index ea9a88a4e..023a753c2 100644 --- a/test/functionalnosetests/swift_testing.py +++ b/test/functionalnosetests/swift_testing.py @@ -33,8 +33,12 @@ normalized_urls = conf.get('normalized_urls', False) swift_test_auth = os.environ.get('SWIFT_TEST_AUTH') swift_test_user = [os.environ.get('SWIFT_TEST_USER'), None, None] swift_test_key = [os.environ.get('SWIFT_TEST_KEY'), None, None] +swift_test_tenant = ['', '', ''] +swift_test_perm = ['', '', ''] if conf: + swift_test_auth_version = str(conf.get('auth_version', '1')) + swift_test_auth = 'http' if conf.get('auth_ssl', 'no').lower() in ('yes', 'true', 'on', '1'): swift_test_auth = 'https' @@ -42,26 +46,48 @@ if conf: conf['auth_prefix'] = '/' try: swift_test_auth += \ - '://%(auth_host)s:%(auth_port)s%(auth_prefix)sv1.0' % conf + '://%(auth_host)s:%(auth_port)s%(auth_prefix)s' % conf except KeyError: pass # skip - if 'account' in conf: - swift_test_user[0] = '%(account)s:%(username)s' % conf + + if swift_test_auth_version == "1": + swift_test_auth += 'v1.0' + + if 'account' in conf: + swift_test_user[0] = '%(account)s:%(username)s' % conf + else: + swift_test_user[0] = '%(username)s' % conf + swift_test_key[0] = conf['password'] + try: + swift_test_user[1] = '%s%s' % \ + ('%s:' % conf['account2'] if 'account2' in conf else '', + conf['username2']) + swift_test_key[1] = conf['password2'] + except KeyError, err: + pass # old conf, no second account tests can be run + try: + swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account' + in conf else '', conf['username3']) + swift_test_key[2] = conf['password3'] + except KeyError, err: + pass # old conf, no third account tests can be run + + for _ in range(3): + swift_test_perm[_] = swift_test_user[_] + else: - swift_test_user[0] = '%(username)s' % conf - swift_test_key[0] = conf['password'] - try: - swift_test_user[1] = '%s%s' % ('%s:' % conf['account2'] if 'account2' - in conf else '', conf['username2']) + swift_test_user[0] = conf['username'] + swift_test_tenant[0] = conf['account'] + swift_test_key[0] = conf['password'] + swift_test_user[1] = conf['username2'] + swift_test_tenant[1] = conf['account2'] swift_test_key[1] = conf['password2'] - except KeyError, err: - pass # old conf, no second account tests can be run - try: - swift_test_user[2] = '%s%s' % ('%s:' % conf['account'] if 'account' - in conf else '', conf['username3']) + swift_test_user[2] = conf['username3'] + swift_test_tenant[2] = conf['account'] swift_test_key[2] = conf['password3'] - except KeyError, err: - pass # old conf, no third account tests can be run + + for _ in range(3): + swift_test_perm[_] = swift_test_tenant[_] + ':' + swift_test_user[_] skip = not all([swift_test_auth, swift_test_user[0], swift_test_key[0]]) if skip: @@ -112,7 +138,11 @@ def retry(func, *args, **kwargs): if not url[use_account] or not token[use_account]: url[use_account], token[use_account] = \ get_auth(swift_test_auth, swift_test_user[use_account], - swift_test_key[use_account]) + swift_test_key[use_account], + snet=False, + tenant_name=swift_test_tenant[use_account], + auth_version=swift_test_auth_version, + os_options={}) parsed[use_account] = conn[use_account] = None if not parsed[use_account] or not conn[use_account]: parsed[use_account], conn[use_account] = \ diff --git a/test/functionalnosetests/test_container.py b/test/functionalnosetests/test_container.py index dd06260fe..e92a86c59 100755 --- a/test/functionalnosetests/test_container.py +++ b/test/functionalnosetests/test_container.py @@ -24,7 +24,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \ MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH from swift_testing import check_response, retry, skip, skip2, skip3, \ - swift_test_user, web_front_end + swift_test_perm, web_front_end class TestContainer(unittest.TestCase): @@ -397,8 +397,8 @@ class TestContainer(unittest.TestCase): # Make the container accessible by the second account def post(url, token, parsed, conn): conn.request('POST', parsed.path + '/' + self.name, '', - {'X-Auth-Token': token, 'X-Container-Read': swift_test_user[1], - 'X-Container-Write': swift_test_user[1]}) + {'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[1], + 'X-Container-Write': swift_test_perm[1]}) return check_response(conn) resp = retry(post) resp.read() @@ -465,7 +465,8 @@ class TestContainer(unittest.TestCase): # Now make the container also writeable by the second account def post(url, token, parsed, conn): conn.request('POST', parsed.path + '/' + self.name, '', - {'X-Auth-Token': token, 'X-Container-Write': swift_test_user[1]}) + {'X-Auth-Token': token, + 'X-Container-Write': swift_test_perm[1]}) return check_response(conn) resp = retry(post) resp.read() @@ -502,7 +503,7 @@ class TestContainer(unittest.TestCase): # Make the container accessible by the third account def post(url, token, parsed, conn): conn.request('POST', parsed.path + '/' + self.name, '', - {'X-Auth-Token': token, 'X-Container-Read': swift_test_user[2]}) + {'X-Auth-Token': token, 'X-Container-Read': swift_test_perm[2]}) return check_response(conn) resp = retry(post) resp.read() @@ -523,7 +524,7 @@ class TestContainer(unittest.TestCase): def post(url, token, parsed, conn): conn.request('POST', parsed.path + '/' + self.name, '', {'X-Auth-Token': token, - 'X-Container-Write': swift_test_user[2]}) + 'X-Container-Write': swift_test_perm[2]}) return check_response(conn) resp = retry(post) resp.read() diff --git a/test/functionalnosetests/test_object.py b/test/functionalnosetests/test_object.py index 82a6a01a0..168375dd5 100755 --- a/test/functionalnosetests/test_object.py +++ b/test/functionalnosetests/test_object.py @@ -23,7 +23,7 @@ from swift.common.constraints import MAX_META_COUNT, MAX_META_NAME_LENGTH, \ MAX_META_OVERALL_SIZE, MAX_META_VALUE_LENGTH from swift_testing import check_response, retry, skip, skip3, \ - swift_test_user, web_front_end + swift_test_perm, web_front_end from test import get_config @@ -220,8 +220,8 @@ class TestObject(unittest.TestCase): conn.request('PUT', '%s/%s' % (parsed.path, shared_container), '', {'X-Auth-Token': token, - 'X-Container-Read': swift_test_user[2], - 'X-Container-Write': swift_test_user[2]}) + 'X-Container-Read': swift_test_perm[2], + 'X-Container-Write': swift_test_perm[2]}) return check_response(conn) resp = retry(put) resp.read() @@ -419,8 +419,8 @@ class TestObject(unittest.TestCase): # Grant access to the third account def post(url, token, parsed, conn): conn.request('POST', '%s/%s' % (parsed.path, self.container), - '', {'X-Auth-Token': token, 'X-Container-Read': - swift_test_user[2]}) + '', {'X-Auth-Token': token, + 'X-Container-Read': swift_test_perm[2]}) return check_response(conn) resp = retry(post) resp.read() @@ -494,8 +494,8 @@ class TestObject(unittest.TestCase): # Grant access to the third account def post(url, token, parsed, conn): conn.request('POST', '%s/%s' % (parsed.path, acontainer), - '', {'X-Auth-Token': token, 'X-Container-Read': - swift_test_user[2]}) + '', {'X-Auth-Token': token, + 'X-Container-Read': swift_test_perm[2]}) return check_response(conn) resp = retry(post) resp.read() diff --git a/test/sample.conf b/test/sample.conf index d40fb0fe4..49a83f709 100644 --- a/test/sample.conf +++ b/test/sample.conf @@ -4,6 +4,12 @@ auth_host = 127.0.0.1 auth_port = 8080 auth_ssl = no auth_prefix = /auth/ +## sample config for Swift with Keystone +#auth_version = 2 +#auth_host = localhost +#auth_port = 5000 +#auth_ssl = no +#auth_prefix = /v2.0/ # Primary functional test account (needs admin access to the account) account = test |