From 9c1e5d5c52a06d59100c47863ab7ffe336c66f80 Mon Sep 17 00:00:00 2001 From: Kalpesh Pandya Date: Wed, 28 Jul 2021 11:53:31 +0530 Subject: [PATCH] qa/tasks: Addition of new code for session tags in STS Signed-off-by: Kalpesh Pandya --- qa/tasks/keycloak.py | 110 +++++++++++++++++++++++++++++++++++++++++++ qa/tasks/s3tests.py | 1 + 2 files changed, 111 insertions(+) diff --git a/qa/tasks/keycloak.py b/qa/tasks/keycloak.py index e1c3a9b8f00d9..1d89a27a5e188 100644 --- a/qa/tasks/keycloak.py +++ b/qa/tasks/keycloak.py @@ -76,6 +76,39 @@ def install_packages(ctx, config): args=['rm', '-rf', '{tdir}'.format(tdir=get_keycloak_dir(ctx,config))], ) +@contextlib.contextmanager +def download_conf(ctx, config): + """ + Downloads confi.py used in run_admin_cmds + """ + assert isinstance(config, dict) + log.info('Downloading conf...') + testdir = teuthology.get_testdir(ctx) + conf_branch = 'main' + conf_repo = 'https://github.com/TRYTOBE8TME/scripts.git' + for (client, _) in config.items(): + ctx.cluster.only(client).run( + args=[ + 'git', 'clone', + '-b', conf_branch, + conf_repo, + '{tdir}/scripts'.format(tdir=testdir), + ], + ) + try: + yield + finally: + log.info('Removing conf...') + testdir = teuthology.get_testdir(ctx) + for client in config: + ctx.cluster.only(client).run( + args=[ + 'rm', + '-rf', + '{tdir}/scripts'.format(tdir=testdir), + ], + ) + @contextlib.contextmanager def build(ctx,config): """ @@ -166,6 +199,7 @@ def run_admin_cmds(ctx,config): 'create', 'clients', '-r', realm_name, '-s', client, + '-s', 'directAccessGrantsEnabled=true', '-s', 'redirectUris=["http://localhost:8080/myapp/*"]', ], ) @@ -207,6 +241,74 @@ def run_admin_cmds(ctx,config): ans3= 'client_secret={}'.format(out2[15:51]) clientid='client_id={}'.format(client_name) + proto_map = pre1+"/protocol-mappers/models" + uname = "username=testuser" + upass = "password=testuser" + + remote.run( + args=[ + '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)), + 'create', 'users', + '-s', uname, + '-s', 'enabled=true', + '-s', 'attributes.\"https://aws.amazon.com/tags\"=\"{"principal_tags":{"Department":["Engineering", "Marketing"]}}\"', + '-r', realm_name, + ], + ) + + sample = 'testuser' + + remote.run( + args=[ + '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)), + 'set-password', + '-r', realm_name, + '--username', sample, + '--new-password', sample, + ], + ) + + file_path = '{tdir}/scripts/confi.py'.format(tdir=teuthology.get_testdir(ctx)) + + remote.run( + args=[ + '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)), + 'create', proto_map, + '-r', realm_name, + '-f', file_path, + ], + ) + + remote.run( + args=[ + '{tdir}/bin/kcadm.sh'.format(tdir=get_keycloak_dir(ctx,config)), + 'config', 'credentials', + '--server', 'http://localhost:8080/auth', + '--realm', realm_name, + '--user', sample, + '--password', sample, + '--client', 'admin-cli', + ], + ) + + out9= toxvenv_sh(ctx, remote, + [ + 'curl', '-k', '-v', + '-X', 'POST', + '-H', 'Content-Type:application/x-www-form-urlencoded', + '-d', 'scope=openid', + '-d', 'grant_type=password', + '-d', clientid, + '-d', ans3, + '-d', uname, + '-d', upass, + 'http://localhost:8080/auth/realms/'+realm_name+'/protocol/openid-connect/token', run.Raw('|'), + 'jq', '-r', '.access_token' + ]) + + user_token_pre = out9.rstrip() + user_token = '{}'.format(user_token_pre) + out3= toxvenv_sh(ctx, remote, [ 'curl', '-k', '-v', @@ -294,6 +396,7 @@ def run_admin_cmds(ctx,config): os.environ['AUD']=ans6 os.environ['SUB']=ans7 os.environ['AZP']=ans8 + os.environ['USER_TOKEN']=user_token os.environ['KC_REALM']=realm_name try: @@ -308,6 +411,12 @@ def run_admin_cmds(ctx,config): ], ) + remote.run( + args=['rm', '-f', + '{tdir}/confi.py'.format(tdir=teuthology.get_testdir(ctx)), + ], + ) + @contextlib.contextmanager def task(ctx,config): """ @@ -352,6 +461,7 @@ def task(ctx,config): lambda: install_packages(ctx=ctx, config=config), lambda: build(ctx=ctx, config=config), lambda: run_keycloak(ctx=ctx, config=config), + lambda: download_conf(ctx=ctx, config=config), lambda: run_admin_cmds(ctx=ctx, config=config), ): yield diff --git a/qa/tasks/s3tests.py b/qa/tasks/s3tests.py index 6882da2d18412..2465f97d01c7c 100644 --- a/qa/tasks/s3tests.py +++ b/qa/tasks/s3tests.py @@ -253,6 +253,7 @@ def create_users(ctx, config): s3tests_conf['webidentity'].setdefault('aud',os.environ['AUD']) s3tests_conf['webidentity'].setdefault('sub',os.environ['SUB']) s3tests_conf['webidentity'].setdefault('azp',os.environ['AZP']) + s3tests_conf['webidentity'].setdefault('user_token',os.environ['USER_TOKEN']) s3tests_conf['webidentity'].setdefault('thumbprint',os.environ['THUMBPRINT']) s3tests_conf['webidentity'].setdefault('KC_REALM',os.environ['KC_REALM']) -- 2.39.5