From: Casey Bodley <cbodley@redhat.com>
Date: Fri, 4 Aug 2023 16:25:19 +0000 (-0400)
Subject: qa/s3tests: enable testing against keystone users with ec2
X-Git-Tag: v18.2.5~53^2~6
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=16c8a1c0bb0cbcd6c91158950f20e3d3e8e88784;p=ceph.git

qa/s3tests: enable testing against keystone users with ec2

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit fa70c782882a541b5beb1cb8ebfdc2a5119f1d88)
---

diff --git a/qa/tasks/s3tests.py b/qa/tasks/s3tests.py
index bfedf23dceb..69ac3591c84 100644
--- a/qa/tasks/s3tests.py
+++ b/qa/tasks/s3tests.py
@@ -102,8 +102,31 @@ def create_users(ctx, config, s3tests_conf):
         conf = s3tests_conf[client]
         conf.setdefault('fixtures', {})
         conf['fixtures'].setdefault('bucket prefix', 'test-' + client + '-{random}-')
+
+        keystone_users = cconfig.get('keystone users', {})
         for section, user in users.items():
             _config_user(conf, section, '{user}.{client}'.format(user=user, client=client))
+
+            # for keystone users, read ec2 credentials into s3tests.conf instead
+            # of creating a local user
+            keystone_user = keystone_users.get(section)
+            if keystone_user:
+                project_name = keystone_user.pop('project')
+                creds = ctx.keystone.read_ec2_credentials(ctx, **keystone_user)
+                access = creds['Access']
+                secret = creds['Secret']
+                project_id = creds['Project ID']
+
+                conf[section]['access_key'] = access
+                conf[section]['secret_key'] = secret
+                conf[section]['user_id'] = project_id
+                conf[section]['display_name'] = project_name
+
+                log.debug('Using keystone user {kuser} credentials ({access} : {secret}) for {pname}:{pid} on {host}'.format(
+                    kuser=keystone_user['user'], access=access, secret=secret,
+                    pname=project_name, pid=project_id, host=client))
+                continue
+
             log.debug('Creating user {user} on {host}'.format(user=conf[section]['user_id'], host=client))
             cluster_name, daemon_type, client_id = teuthology.split_role(client)
             client_with_id = daemon_type + '.' + client_id
@@ -189,6 +212,9 @@ def create_users(ctx, config, s3tests_conf):
     finally:
         for client in config.keys():
             for user in users.values():
+                # don't need to delete keystone users
+                if not user in keystone_users:
+                    continue
                 uid = '{user}.{client}'.format(user=user, client=client)
                 cluster_name, daemon_type, client_id = teuthology.split_role(client)
                 client_with_id = daemon_type + '.' + client_id
@@ -496,6 +522,31 @@ def task(ctx, config):
               cloudtier_tests: True
               rgw_server: client.0
 
+    To test against Keystone users with EC2 credentials::
+
+        tasks:
+        - ceph:
+        - rgw: [client.0 client.1]
+        - keystone:
+          client.0:
+            projects:
+              - name: myproject
+                description: my project
+            users:
+              - name: myuser
+                password: SECRET
+                project: myproject
+            ec2 credentials:
+              - project: myproject
+                user: myuser
+        - s3tests:
+            client.0:
+              keystone users:
+                s3 main:
+                  client: client.0
+                  project: myproject
+                  user: myuser
+
     """
     assert hasattr(ctx, 'rgw'), 's3tests must run after the rgw task'
     assert hasattr(ctx, 'tox'), 's3tests must run after the tox task'