From fffa119424bad6e5c6b5ed436978d4319dd54a6b Mon Sep 17 00:00:00 2001 From: Tobias Urdin Date: Fri, 31 Mar 2023 07:10:20 +0000 Subject: [PATCH] qa: update rgw openstack versions Signed-off-by: Ali Maredia --- .../rgw/tempest/supported-random-distro$ | 1 + qa/suites/rgw/tempest/tasks/rgw_tempest.yaml | 9 +- qa/suites/rgw/tempest/ubuntu_latest.yaml | 1 - qa/tasks/keystone.py | 134 ++++++++++-------- qa/tasks/tempest.py | 2 +- 5 files changed, 84 insertions(+), 63 deletions(-) create mode 100644 qa/suites/rgw/tempest/supported-random-distro$ delete mode 120000 qa/suites/rgw/tempest/ubuntu_latest.yaml diff --git a/qa/suites/rgw/tempest/supported-random-distro$ b/qa/suites/rgw/tempest/supported-random-distro$ new file mode 100644 index 0000000000000..683c85ec1136e --- /dev/null +++ b/qa/suites/rgw/tempest/supported-random-distro$ @@ -0,0 +1 @@ +.qa/distros/supported-random-distro$ diff --git a/qa/suites/rgw/tempest/tasks/rgw_tempest.yaml b/qa/suites/rgw/tempest/tasks/rgw_tempest.yaml index 1413465a36b09..ad9dc9dd50254 100644 --- a/qa/suites/rgw/tempest/tasks/rgw_tempest.yaml +++ b/qa/suites/rgw/tempest/tasks/rgw_tempest.yaml @@ -4,7 +4,7 @@ tasks: - tox: [ client.0 ] - keystone: client.0: - force-branch: stable/xena + force-branch: stable/2023.1 services: - name: swift type: object-store @@ -15,7 +15,7 @@ tasks: use-keystone-role: client.0 - tempest: client.0: - sha1: 30.0.0 + sha1: 34.1.0 force-branch: master use-keystone-role: client.0 auth: @@ -35,6 +35,8 @@ tasks: object-storage-feature-enabled: container_sync: false discoverability: true + # TODO(tobias-urdin): Use sha256 when supported in RadosGW + tempurl_digest_hashlib: sha1 blocklist: - .*test_account_quotas_negative.AccountQuotasNegativeTest.test_user_modify_quota - .*test_container_acl_negative.ObjectACLsNegativeTest.* @@ -48,6 +50,7 @@ tasks: - .*test_container_services.ContainerTest.test_create_container_with_remove_metadata_value - .*test_object_expiry.ObjectExpiryTest.test_get_object_after_expiry_time - .*test_object_expiry.ObjectExpiryTest.test_get_object_at_expiry_time + - .*test_account_services.AccountTest.test_list_no_account_metadata overrides: ceph: @@ -57,7 +60,7 @@ overrides: osd_max_pg_log_entries: 10 client: rgw keystone api version: 3 - rgw keystone accepted roles: admin,Member + rgw keystone accepted roles: admin,member rgw keystone implicit tenants: true rgw keystone accepted admin roles: admin rgw swift enforce content length: true diff --git a/qa/suites/rgw/tempest/ubuntu_latest.yaml b/qa/suites/rgw/tempest/ubuntu_latest.yaml deleted file mode 120000 index 3a09f9abb05ca..0000000000000 --- a/qa/suites/rgw/tempest/ubuntu_latest.yaml +++ /dev/null @@ -1 +0,0 @@ -.qa/distros/supported/ubuntu_latest.yaml \ No newline at end of file diff --git a/qa/tasks/keystone.py b/qa/tasks/keystone.py index ad836006fffc9..7aa785055c21b 100644 --- a/qa/tasks/keystone.py +++ b/qa/tasks/keystone.py @@ -42,9 +42,9 @@ def run_in_keystone_venv(ctx, client, args): run.Raw('&&') ] + args) -def get_keystone_venved_cmd(ctx, cmd, args): +def get_keystone_venved_cmd(ctx, cmd, args, env=[]): kbindir = get_keystone_dir(ctx) + '/.tox/venv/bin/' - return [ kbindir + 'python', kbindir + cmd ] + args + return env + [ kbindir + 'python', kbindir + cmd ] + args @contextlib.contextmanager def download(ctx, config): @@ -143,6 +143,37 @@ def install_packages(ctx, config): for dep in packages[client]: remove_package(dep, remote) +def run_mysql_query(ctx, remote, query): + query_arg = '--execute="{}"'.format(query) + args = ['sudo', 'mysql', run.Raw(query_arg)] + remote.run(args=args) + +@contextlib.contextmanager +def setup_database(ctx, config): + """ + Setup database for Keystone. + """ + assert isinstance(config, dict) + log.info('Setting up database for keystone...') + + for (client, cconf) in config.items(): + (remote,) = ctx.cluster.only(client).remotes.keys() + + # MariaDB on RHEL/CentOS needs service started after package install + # while Ubuntu starts service by default. + if remote.os.name == 'rhel' or remote.os.name == 'centos': + remote.run(args=['sudo', 'systemctl', 'restart', 'mariadb']) + + run_mysql_query(ctx, remote, "CREATE USER 'keystone'@'localhost' IDENTIFIED BY 'SECRET';") + run_mysql_query(ctx, remote, "CREATE DATABASE keystone;") + run_mysql_query(ctx, remote, "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost';") + run_mysql_query(ctx, remote, "FLUSH PRIVILEGES;") + + try: + yield + finally: + pass + @contextlib.contextmanager def setup_venv(ctx, config): """ @@ -151,6 +182,9 @@ def setup_venv(ctx, config): assert isinstance(config, dict) log.info('Setting up virtualenv for keystone...') for (client, _) in config.items(): + run_in_keystone_dir(ctx, client, + ['sed', '-i', 's/usedevelop.*/usedevelop=false/g', 'tox.ini']) + run_in_keystone_dir(ctx, client, [ 'source', '{tvdir}/bin/activate'.format(tvdir=get_toxvenv_dir(ctx)), @@ -173,7 +207,8 @@ def configure_instance(ctx, config): assert isinstance(config, dict) log.info('Configuring keystone...') - keyrepo_dir = '{kdir}/etc/fernet-keys'.format(kdir=get_keystone_dir(ctx)) + kdir = get_keystone_dir(ctx) + keyrepo_dir = '{kdir}/etc/fernet-keys'.format(kdir=kdir) for (client, _) in config.items(): # prepare the config file run_in_keystone_dir(ctx, client, @@ -195,6 +230,12 @@ def configure_instance(ctx, config): '-e', 's^#key_repository =.*^key_repository = {kr}^'.format(kr = keyrepo_dir), '-i', 'etc/keystone.conf' ]) + run_in_keystone_dir(ctx, client, + [ + 'sed', + '-e', 's^#connection =.*^connection = mysql+pymysql://keystone:SECRET@localhost/keystone^', + '-i', 'etc/keystone.conf' + ]) # log to a file that gets archived log_file = '{p}/archive/keystone.{c}.log'.format(p=teuthology.get_testdir(ctx), c=client) run_in_keystone_dir(ctx, client, @@ -209,12 +250,14 @@ def configure_instance(ctx, config): '{}/archive/keystone.{}.conf'.format(teuthology.get_testdir(ctx), client) ]) + conf_file = '{kdir}/etc/keystone.conf'.format(kdir=get_keystone_dir(ctx)) + # prepare key repository for Fetnet token authenticator run_in_keystone_dir(ctx, client, [ 'mkdir', '-p', keyrepo_dir ]) - run_in_keystone_venv(ctx, client, [ 'keystone-manage', 'fernet_setup' ]) + run_in_keystone_venv(ctx, client, [ 'keystone-manage', '--config-file', conf_file, 'fernet_setup' ]) # sync database - run_in_keystone_venv(ctx, client, [ 'keystone-manage', 'db_sync' ]) + run_in_keystone_venv(ctx, client, [ 'keystone-manage', '--config-file', conf_file, 'db_sync' ]) yield @contextlib.contextmanager @@ -222,6 +265,8 @@ def run_keystone(ctx, config): assert isinstance(config, dict) log.info('Configuring keystone...') + conf_file = '{kdir}/etc/keystone.conf'.format(kdir=get_keystone_dir(ctx)) + for (client, _) in config.items(): (remote,) = ctx.cluster.only(client).remotes.keys() cluster_name, _, client_id = teuthology.split_role(client) @@ -238,7 +283,10 @@ def run_keystone(ctx, config): # our other daemons, doesn't quit on stdin.close(). # Teuthology relies on this behaviour. run.Raw('& { read; kill %1; }') - ] + ], + [ + run.Raw('OS_KEYSTONE_CONFIG_FILES={}'.format(conf_file)), + ], ) ctx.daemons.add_daemon( remote, 'keystone', client_public_with_id, @@ -246,27 +294,6 @@ def run_keystone(ctx, config): args=run_cmd, logger=log.getChild(client), stdin=run.PIPE, - cwd=get_keystone_dir(ctx), - wait=False, - check_status=False, - ) - - # start the admin endpoint - client_admin_with_id = 'keystone.admin' + '.' + client_id - - admin_host, admin_port = ctx.keystone.admin_endpoints[client] - run_cmd = get_keystone_venved_cmd(ctx, 'keystone-wsgi-admin', - [ '--host', admin_host, '--port', str(admin_port), - run.Raw('& { read; kill %1; }') - ] - ) - ctx.daemons.add_daemon( - remote, 'keystone', client_admin_with_id, - cluster=cluster_name, - args=run_cmd, - logger=log.getChild(client), - stdin=run.PIPE, - cwd=get_keystone_dir(ctx), wait=False, check_status=False, ) @@ -276,10 +303,6 @@ def run_keystone(ctx, config): try: yield finally: - log.info('Stopping Keystone admin instance') - ctx.daemons.get_daemon('keystone', client_admin_with_id, - cluster_name).stop() - log.info('Stopping Keystone public instance') ctx.daemons.get_daemon('keystone', client_public_with_id, cluster_name).stop() @@ -305,7 +328,7 @@ def dict_to_args(specials, items): def run_section_cmds(ctx, cclient, section_cmd, specials, section_config_list): - admin_host, admin_port = ctx.keystone.admin_endpoints[cclient] + public_host, public_port = ctx.keystone.public_endpoints[cclient] auth_section = [ ( 'os-username', 'admin' ), @@ -314,8 +337,8 @@ def run_section_cmds(ctx, cclient, section_cmd, specials, ( 'os-project-name', 'admin' ), ( 'os-project-domain-id', 'default' ), ( 'os-identity-api-version', '3' ), - ( 'os-auth-url', 'http://{host}:{port}/v3'.format(host=admin_host, - port=admin_port) ), + ( 'os-auth-url', 'http://{host}:{port}/v3'.format(host=public_host, + port=public_port) ), ] for section_item in section_config_list: @@ -344,28 +367,26 @@ def fill_keystone(ctx, config): public_host, public_port = ctx.keystone.public_endpoints[cclient] url = 'http://{host}:{port}/v3'.format(host=public_host, port=public_port) - admin_host, admin_port = ctx.keystone.admin_endpoints[cclient] - admin_url = 'http://{host}:{port}/v3'.format(host=admin_host, - port=admin_port) opts = {'password': 'ADMIN', 'region-id': 'RegionOne', 'internal-url': url, - 'admin-url': admin_url, + 'admin-url': url, 'public-url': url} bootstrap_args = chain.from_iterable(('--bootstrap-{}'.format(k), v) for k, v in opts.items()) + conf_file = '{kdir}/etc/keystone.conf'.format(kdir=get_keystone_dir(ctx)) run_in_keystone_venv(ctx, cclient, - ['keystone-manage', 'bootstrap'] + + ['keystone-manage', '--config-file', conf_file, 'bootstrap'] + list(bootstrap_args)) # configure tenants/projects - run_section_cmds(ctx, cclient, 'domain create', 'name', + run_section_cmds(ctx, cclient, 'domain create --or-show', 'name', cconfig.get('domains', [])) - run_section_cmds(ctx, cclient, 'project create', 'name', + run_section_cmds(ctx, cclient, 'project create --or-show', 'name', cconfig.get('projects', [])) - run_section_cmds(ctx, cclient, 'user create', 'name', + run_section_cmds(ctx, cclient, 'user create --or-show', 'name', cconfig.get('users', [])) - run_section_cmds(ctx, cclient, 'role create', 'name', + run_section_cmds(ctx, cclient, 'role create --or-show', 'name', cconfig.get('roles', [])) run_section_cmds(ctx, cclient, 'role add', 'name', cconfig.get('role-mappings', [])) @@ -410,24 +431,21 @@ def task(ctx, config): client.0: force-branch: master domains: - - name: default - description: Default Domain + - name: custom + description: Custom domain projects: - - name: admin - description: Admin Tenant + - name: custom + description: Custom project users: - - name: admin - password: ADMIN - project: admin - roles: [ name: admin, name: Member ] + - name: custom + password: SECRET + project: custom + roles: [ name: custom ] role-mappings: - - name: admin - user: admin - project: admin + - name: custom + user: custom + project: custom services: - - name: keystone - type: identity - description: Keystone Identity Service - name: swift type: object-store description: Swift Service @@ -450,11 +468,11 @@ def task(ctx, config): ctx.keystone = argparse.Namespace() ctx.keystone.public_endpoints = assign_ports(ctx, config, 5000) - ctx.keystone.admin_endpoints = assign_ports(ctx, config, 35357) with contextutil.nested( lambda: download(ctx=ctx, config=config), lambda: install_packages(ctx=ctx, config=config), + lambda: setup_database(ctx=ctx, config=config), lambda: setup_venv(ctx=ctx, config=config), lambda: configure_instance(ctx=ctx, config=config), lambda: run_keystone(ctx=ctx, config=config), diff --git a/qa/tasks/tempest.py b/qa/tasks/tempest.py index cee942e37e607..142c097cd484c 100644 --- a/qa/tasks/tempest.py +++ b/qa/tasks/tempest.py @@ -179,7 +179,7 @@ def task(ctx, config): conf: client: rgw keystone api version: 3 - rgw keystone accepted roles: admin,Member + rgw keystone accepted roles: admin,member rgw keystone implicit tenants: true rgw keystone accepted admin roles: admin rgw swift enforce content length: true -- 2.39.5