From: Casey Bodley <cbodley@redhat.com>
Date: Tue, 15 Oct 2019 15:12:10 +0000 (-0400)
Subject: qa/rgw: use config overrides for barbican kms backend
X-Git-Tag: v15.1.0~1233^2~1
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=21526396f6cde64b941e15784145d00fac395c50;p=ceph-ci.git

qa/rgw: use config overrides for barbican kms backend

except for the barbican endpoint, which isn't known until the barbican
task runs

Signed-off-by: Casey Bodley <cbodley@redhat.com>
---

diff --git a/qa/suites/rgw/crypt/2-kms/barbican.yaml b/qa/suites/rgw/crypt/2-kms/barbican.yaml
index 48248943d11..a84a1627bfb 100644
--- a/qa/suites/rgw/crypt/2-kms/barbican.yaml
+++ b/qa/suites/rgw/crypt/2-kms/barbican.yaml
@@ -1,4 +1,11 @@
 overrides:
+  ceph:
+    conf:
+      client:
+        rgw crypt s3 kms backend: barbican
+        rgw keystone barbican tenant: rgwcrypt
+        rgw keystone barbican user: rgwcrypt-user
+        rgw keystone barbican password: rgwcrypt-pass
   rgw:
     client.0:
       use-keystone-role: client.0
diff --git a/qa/tasks/barbican.py b/qa/tasks/barbican.py
index 0b54cbddc70..62fc06371de 100644
--- a/qa/tasks/barbican.py
+++ b/qa/tasks/barbican.py
@@ -245,11 +245,6 @@ def create_secrets(ctx, config):
     (cclient, cconfig) = config.items()[0]
 
     rgw_user = cconfig['rgw_user']
-    ctx.barbican.token[cclient] = {
-        "username": rgw_user["username"],
-        "password": rgw_user["password"],
-        "tenant": rgw_user["tenantName"]
-    }
 
     keystone_role = cconfig.get('use-keystone-role', None)
     keystone_host, keystone_port = ctx.keystone.public_endpoints[keystone_role]
@@ -504,7 +499,6 @@ def task(ctx, config):
 
     ctx.barbican = argparse.Namespace()
     ctx.barbican.endpoints = assign_ports(ctx, config, 9311)
-    ctx.barbican.token = {}
     ctx.barbican.keys = {}
     
     with contextutil.nested(
diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py
index f5648733a64..46beda900ea 100644
--- a/qa/tasks/rgw.py
+++ b/qa/tasks/rgw.py
@@ -131,15 +131,6 @@ def start_rgw(ctx, config, clients):
                 'http://{bhost}:{bport}'.format(bhost=barbican_host,
                                                 bport=barbican_port),
                 ])
-
-            log.info("Barbican access data: %s",ctx.barbican.token[barbican_role])
-            access_data = ctx.barbican.token[barbican_role]
-            rgw_cmd.extend([
-                '--rgw_crypt_s3_kms_backend', 'barbican',
-                '--rgw_keystone_barbican_user', access_data['username'],
-                '--rgw_keystone_barbican_password', access_data['password'],
-                '--rgw_keystone_barbican_tenant', access_data['tenant'],
-                ])
         elif vault_role is not None:
             if not ctx.vault.root_token:
                 raise ConfigError('vault: no "root_token" specified')