qa/tasks: Addition of new code for session tags in STS

Signed-off-by: Kalpesh Pandya <kapandya@redhat.com>

diff --git a/qa/tasks/keycloak.py b/qa/tasks/keycloak.py
index e1c3a9b8f00d95a046eabb2e1c41547602153a9c..1d89a27a5e18857f759c196870194ac1e3eca75a 100644 (file)
--- a/qa/tasks/keycloak.py
+++ b/qa/tasks/keycloak.py
@@ -76,6 +76,39 @@ def install_packages(ctx, config):
                 args=['rm', '-rf', '{tdir}'.format(tdir=get_keycloak_dir(ctx,config))],
             )
 
+@contextlib.contextmanager
+def download_conf(ctx, config):
+    """
+    Downloads confi.py used in run_admin_cmds
+    """
+    assert isinstance(config, dict)
+    log.info('Downloading conf...')
+    testdir = teuthology.get_testdir(ctx)
+    conf_branch = 'main'
+    conf_repo = 'https://github.com/TRYTOBE8TME/scripts.git'
+    for (client, _) in config.items():
+        ctx.cluster.only(client).run(
+            args=[
+                'git', 'clone',
+                '-b', conf_branch,
+                conf_repo,
+                '{tdir}/scripts'.format(tdir=testdir),
+                ],
+            )
+    try:
+        yield
+    finally:
+        log.info('Removing conf...')
+        testdir = teuthology.get_testdir(ctx)
+        for client in config:
+            ctx.cluster.only(client).run(
+                args=[
+                    'rm',
+                    '-rf',
+                    '{tdir}/scripts'.format(tdir=testdir),
+                    ],
+                )
+
 @contextlib.contextmanager
 def build(ctx,config):
     """
@@ -166,6 +199,7 @@ def run_admin_cmds(ctx,config):
                 'create', 'clients',
                 '-r', realm_name,
                 '-s', client,
+                '-s', 'directAccessGrantsEnabled=true',
                 '-s', 'redirectUris=["http://localhost:8080/myapp/*"]',
             ],
         )
@@ -207,6 +241,74 @@ def run_admin_cmds(ctx,config):
         ans3= 'client_secret={}'.format(out2[15:51])
         clientid='client_id={}'.format(client_name)
 
+        proto_map = pre1+"/protocol-mappers/models"
+        uname = "username=testuser"
+        upass = "password=testuser"
+
+        remote.run(
+            args=[
+                '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)),
+                'create', 'users',
+                '-s', uname,
+                '-s', 'enabled=true',
+                '-s', 'attributes.\"https://aws.amazon.com/tags\"=\"{"principal_tags":{"Department":["Engineering", "Marketing"]}}\"',
+                '-r', realm_name, 
+            ],
+        )
+
+        sample = 'testuser'
+
+        remote.run(
+            args=[
+                '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)),
+                'set-password',
+                '-r', realm_name,
+                '--username', sample,
+                '--new-password', sample,
+            ],
+        )
+
+        file_path = '{tdir}/scripts/confi.py'.format(tdir=teuthology.get_testdir(ctx))
+
+        remote.run(
+            args=[
+                '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)),
+                'create', proto_map,
+                '-r', realm_name,
+                '-f', file_path,
+            ],
+        )
+
+        remote.run(
+            args=[
+                '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)),
+                'config', 'credentials',
+                '--server', 'http://localhost:8080/auth',
+                '--realm', realm_name,
+                '--user', sample,
+                '--password', sample,
+                '--client', 'admin-cli',
+            ],
+        )
+
+        out9= toxvenv_sh(ctx, remote,
+                 [
+                  'curl', '-k', '-v',
+                  '-X', 'POST',
+                  '-H', 'Content-Type:application/x-www-form-urlencoded',
+                  '-d', 'scope=openid',
+                  '-d', 'grant_type=password',
+                  '-d', clientid,
+                  '-d', ans3,
+                  '-d', uname,
+                  '-d', upass,
+                  'http://localhost:8080/auth/realms/'+realm_name+'/protocol/openid-connect/token', run.Raw('|'),
+                  'jq', '-r', '.access_token'
+                 ])
+
+        user_token_pre = out9.rstrip()
+        user_token = '{}'.format(user_token_pre)
+
         out3= toxvenv_sh(ctx, remote, 
                  [
                   'curl', '-k', '-v', 
@@ -294,6 +396,7 @@ def run_admin_cmds(ctx,config):
         os.environ['AUD']=ans6
         os.environ['SUB']=ans7
         os.environ['AZP']=ans8
+        os.environ['USER_TOKEN']=user_token
         os.environ['KC_REALM']=realm_name
 
     try:
@@ -308,6 +411,12 @@ def run_admin_cmds(ctx,config):
                  ],
                  )
 
+            remote.run(
+                 args=['rm', '-f',
+                       '{tdir}/confi.py'.format(tdir=teuthology.get_testdir(ctx)),
+                 ],
+                 )
+
 @contextlib.contextmanager
 def task(ctx,config):
     """
@@ -352,6 +461,7 @@ def task(ctx,config):
         lambda: install_packages(ctx=ctx, config=config),
         lambda: build(ctx=ctx, config=config),
         lambda: run_keycloak(ctx=ctx, config=config),
+        lambda: download_conf(ctx=ctx, config=config),
         lambda: run_admin_cmds(ctx=ctx, config=config),
         ):
         yield

diff --git a/qa/tasks/s3tests.py b/qa/tasks/s3tests.py
index 6882da2d18412ef0afeeb2f39b9d42111ecd8066..2465f97d01c7cef7cfceb48c562d7fa10860dbe1 100644 (file)
--- a/qa/tasks/s3tests.py
+++ b/qa/tasks/s3tests.py
@@ -253,6 +253,7 @@ def create_users(ctx, config):
         s3tests_conf['webidentity'].setdefault('aud',os.environ['AUD'])
         s3tests_conf['webidentity'].setdefault('sub',os.environ['SUB'])
         s3tests_conf['webidentity'].setdefault('azp',os.environ['AZP'])
+        s3tests_conf['webidentity'].setdefault('user_token',os.environ['USER_TOKEN'])
         s3tests_conf['webidentity'].setdefault('thumbprint',os.environ['THUMBPRINT'])
         s3tests_conf['webidentity'].setdefault('KC_REALM',os.environ['KC_REALM'])