Browse code
Blueprint cli-auth
* Add proper test for swift in client-env.sh
* Remove all VERIFY variables; nothing beyond the 4 OS_ vars is set now
* Update exercises for Keystone 2.0 auth
* swift understands Keystone 2.0 auth now, don't download custom binary
* cleanup uploaded bundle in bundle.sh
Change-Id: I99c818d81534bbf93c0e142513acb80e5fe613ea
Dean Troyer authored on 2012/02/02 09:01:01Showing 5 changed files
| ... | ... |
@@ -52,18 +52,13 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
| 52 | 52 |
if [[ "$SKIP_EXERCISES" =~ "key" ]] ; then |
| 53 | 53 |
STATUS_KEYSTONE="Skipped" |
| 54 | 54 |
else |
| 55 |
- if [[ -n "$VERIFY" ]]; then |
|
| 56 |
- # Save original environment |
|
| 57 |
- xOS_AUTH_URL=$OS_AUTH_URL |
|
| 58 |
- xOS_TENANT_NAME=$OS_TENANT_NAME |
|
| 59 |
- xOS_USERNAME=$OS_USERNAME |
|
| 60 |
- xOS_PASSWORD=$OS_PASSWORD |
|
| 61 |
- # keystone can't handle a trailing '/' |
|
| 62 |
- export OS_AUTH_URL=${OS_AUTH_URL%/}
|
|
| 63 |
- # does any non-admin request work? |
|
| 64 |
- export OS_USERNAME=admin |
|
| 65 |
- export OS_TENANT_NAME=admin |
|
| 66 |
- fi |
|
| 55 |
+ # We need to run the keystone test as admin since there doesn't |
|
| 56 |
+ # seem to be anything to test the cli vars that runs as a user |
|
| 57 |
+ # tenant-list should do that, it isn't implemented (yet) |
|
| 58 |
+ xOS_TENANT_NAME=$OS_TENANT_NAME |
|
| 59 |
+ xOS_USERNAME=$OS_USERNAME |
|
| 60 |
+ export OS_USERNAME=admin |
|
| 61 |
+ export OS_TENANT_NAME=admin |
|
| 67 | 62 |
|
| 68 | 63 |
echo -e "\nTest Keystone" |
| 69 | 64 |
if keystone service-list; then |
| ... | ... |
@@ -72,13 +67,9 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
| 72 | 72 |
STATUS_KEYSTONE="Failed" |
| 73 | 73 |
RETURN=1 |
| 74 | 74 |
fi |
| 75 |
- if [[ -n "$VERIFY" ]]; then |
|
| 76 |
- # Save original environment |
|
| 77 |
- OS_AUTH_URL=$xOS_AUTH_URL |
|
| 78 |
- OS_TENANT_NAME=$xOS_TENANT_NAME |
|
| 79 |
- OS_USERNAME=$xOS_USERNAME |
|
| 80 |
- OS_PASSWORD=$xOS_PASSWORD |
|
| 81 |
- fi |
|
| 75 |
+ |
|
| 76 |
+ OS_TENANT_NAME=$xOS_TENANT_NAME |
|
| 77 |
+ OS_USERNAME=$xOS_USERNAME |
|
| 82 | 78 |
fi |
| 83 | 79 |
fi |
| 84 | 80 |
|
| ... | ... |
@@ -89,12 +80,6 @@ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then |
| 89 | 89 |
if [[ "$SKIP_EXERCISES" =~ "n-api" ]] ; then |
| 90 | 90 |
STATUS_NOVA="Skipped" |
| 91 | 91 |
else |
| 92 |
- if [[ -n "$VERIFY" ]]; then |
|
| 93 |
- # Known novaclient breakage: |
|
| 94 |
- # NOVA_VERSION must be set or nova silently fails |
|
| 95 |
- export NOVA_VERSION=2 |
|
| 96 |
- fi |
|
| 97 |
- |
|
| 98 | 92 |
echo -e "\nTest Nova" |
| 99 | 93 |
if nova flavor-list; then |
| 100 | 94 |
STATUS_NOVA="Succeeded" |
| ... | ... |
@@ -112,14 +97,6 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then |
| 112 | 112 |
if [[ "$SKIP_EXERCISES" =~ "g-api" ]] ; then |
| 113 | 113 |
STATUS_GLANCE="Skipped" |
| 114 | 114 |
else |
| 115 |
- if [[ -n "$VERIFY" ]]; then |
|
| 116 |
- # Known glance client differage: |
|
| 117 |
- export OS_AUTH_TENANT=$OS_TENANT_NAME |
|
| 118 |
- export OS_AUTH_USER=$OS_USERNAME |
|
| 119 |
- export OS_AUTH_KEY=$OS_PASSWORD |
|
| 120 |
- export OS_AUTH_STRATEGY=keystone |
|
| 121 |
- fi |
|
| 122 |
- |
|
| 123 | 115 |
echo -e "\nTest Glance" |
| 124 | 116 |
if glance index; then |
| 125 | 117 |
STATUS_GLANCE="Succeeded" |
| ... | ... |
@@ -138,8 +115,7 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then |
| 138 | 138 |
STATUS_SWIFT="Skipped" |
| 139 | 139 |
else |
| 140 | 140 |
echo -e "\nTest Swift" |
| 141 |
- # FIXME(dtroyer): implement swift test |
|
| 142 |
- if true; then |
|
| 141 |
+ if swift stat; then |
|
| 143 | 142 |
STATUS_SWIFT="Succeeded" |
| 144 | 143 |
else |
| 145 | 144 |
STATUS_SWIFT="Failed" |
| ... | ... |
@@ -48,15 +48,6 @@ DEFAULT_FLOATING_POOL=${DEFAULT_FLOATING_POOL:-nova}
|
| 48 | 48 |
# Additional floating IP pool and range |
| 49 | 49 |
TEST_FLOATING_POOL=${TEST_FLOATING_POOL:-test}
|
| 50 | 50 |
|
| 51 |
-# Get a token for clients that don't support service catalog |
|
| 52 |
-# ========================================================== |
|
| 53 |
- |
|
| 54 |
-# manually create a token by querying keystone (sending JSON data). Keystone |
|
| 55 |
-# returns a token and catalog of endpoints. We use python to parse the token |
|
| 56 |
-# and save it. |
|
| 57 |
- |
|
| 58 |
-TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
|
|
| 59 |
- |
|
| 60 | 51 |
# Launching a server |
| 61 | 52 |
# ================== |
| 62 | 53 |
|
| ... | ... |
@@ -70,10 +61,10 @@ nova list |
| 70 | 70 |
nova image-list |
| 71 | 71 |
|
| 72 | 72 |
# But we recommend using glance directly |
| 73 |
-glance -f -A $TOKEN -H $GLANCE_HOST index |
|
| 73 |
+glance -f index |
|
| 74 | 74 |
|
| 75 | 75 |
# Grab the id of the image to launch |
| 76 |
-IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1` |
|
| 76 |
+IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1` |
|
| 77 | 77 |
|
| 78 | 78 |
# Security Groups |
| 79 | 79 |
# --------------- |
| ... | ... |
@@ -34,15 +34,6 @@ DEFAULT_INSTANCE_TYPE=${DEFAULT_INSTANCE_TYPE:-m1.tiny}
|
| 34 | 34 |
# Boot this image, use first AMi image if unset |
| 35 | 35 |
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
|
| 36 | 36 |
|
| 37 |
-# Get a token for clients that don't support service catalog |
|
| 38 |
-# ========================================================== |
|
| 39 |
- |
|
| 40 |
-# manually create a token by querying keystone (sending JSON data). Keystone |
|
| 41 |
-# returns a token and catalog of endpoints. We use python to parse the token |
|
| 42 |
-# and save it. |
|
| 43 |
- |
|
| 44 |
-TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
|
|
| 45 |
- |
|
| 46 | 37 |
# Launching a server |
| 47 | 38 |
# ================== |
| 48 | 39 |
|
| ... | ... |
@@ -56,10 +47,10 @@ nova list |
| 56 | 56 |
nova image-list |
| 57 | 57 |
|
| 58 | 58 |
# But we recommend using glance directly |
| 59 |
-glance -f -A $TOKEN -H $GLANCE_HOST index |
|
| 59 |
+glance -f index |
|
| 60 | 60 |
|
| 61 | 61 |
# Grab the id of the image to launch |
| 62 |
-IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1` |
|
| 62 |
+IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1` |
|
| 63 | 63 |
|
| 64 | 64 |
# determinine instance type |
| 65 | 65 |
# ------------------------- |
| ... | ... |
@@ -981,12 +981,6 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then |
| 981 | 981 |
# We install the memcache server as this is will be used by the |
| 982 | 982 |
# middleware to cache the tokens auths for a long this is needed. |
| 983 | 983 |
apt_get install memcached |
| 984 |
- |
|
| 985 |
- # We need a special version of bin/swift which understand the |
|
| 986 |
- # OpenStack api 2.0, we download it until this is getting |
|
| 987 |
- # integrated in swift. |
|
| 988 |
- sudo https_proxy=$https_proxy curl -s -o/usr/local/bin/swift \ |
|
| 989 |
- 'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e' |
|
| 990 | 984 |
else |
| 991 | 985 |
swift_auth_server=tempauth |
| 992 | 986 |
fi |