Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 14a0c09001e8e2304eff4918206163cc7e6db1eb^! / . / lib / tempest
commit14a0c09001e8e2304eff4918206163cc7e6db1eb[log] [tgz]
authorSlawek Kaplonski <skaplons@redhat.com>Fri Jan 28 09:44:40 2022 +0100
committerSlawek Kaplonski <skaplons@redhat.com>Fri Jan 28 09:52:20 2022 +0100
treedba1ccbdee2ae5590aa5edd587de0e36c24cdb36
parentbe7b5bf671b4cdc082fb9b7bb73ec55cab0054dd [diff] [blame]
Fix deployment of Neutron with enforced scopes

After patch [1] new RBAC policies changed in the way that SYSTEM_ADMIN
user isn't anymore allowed to e.g. create resources in behalf of some
projects. Now PROJECT_ADMIN needs to create such resources instead.
So this patch basically reverts most of the changes which were done
in [2] some time ago.
It also introduces new entry in the clouds.yaml file -
"devstack-admin-demo" which is "admin" user in the "demo" project as
it's needed to create some resouces in the demo project now.

Additionally, because of bug [3] this patch changes way how IPv6
external gateway IP is found using Neutron API. This change may be
reverted in the future when bug [3] will be fixed.

[1] https://review.opendev.org/c/openstack/neutron/+/821208
[2] https://review.opendev.org/c/openstack/devstack/+/797450
[3] https://bugs.launchpad.net/neutron/+bug/1959332

Depends-On: https://review.opendev.org/c/openstack/neutron/+/826828

Closes-Bug: #1959196
Change-Id: I32a6e8b9b59269a8699644b563657363425f7174

diff --git a/lib/tempest b/lib/tempest
index adffeda..9ca06ac 100644
--- a/lib/tempest
+++ b/lib/tempest

@@ -90,11 +90,6 @@
 # it will run tempest with
 TEMPEST_CONCURRENCY=${TEMPEST_CONCURRENCY:-$(nproc)}
 
-NEUTRON_ADMIN_CLOUD_NAME="devstack-admin"
-if [ "$NEUTRON_ENFORCE_SCOPE" == "True" ]; then
-    NEUTRON_ADMIN_CLOUD_NAME="devstack-system-admin"
-fi
-
 # Functions
 # ---------
 
@@ -293,8 +288,8 @@
     if [[ "$NEUTRON_CREATE_INITIAL_NETWORKS" == "True" ]] && is_networking_extension_supported 'external-net'; then
         public_network_id=$(openstack --os-cloud devstack-admin network show -f value -c id $PUBLIC_NETWORK_NAME)
         # make sure shared network presence does not confuses the tempest tests
-        openstack --os-cloud "$NEUTRON_ADMIN_CLOUD_NAME" --os-region "$REGION_NAME" network create --share shared --project "$admin_project_id"
-        openstack --os-cloud "$NEUTRON_ADMIN_CLOUD_NAME" --os-region "$REGION_NAME" subnet create --description shared-subnet --subnet-range ${TEMPEST_SHARED_POOL:-192.168.233.0/24} --network shared shared-subnet --project "$admin_project_id"
+        openstack --os-cloud devstack-admin --os-region "$REGION_NAME" network create --share shared
+        openstack --os-cloud devstack-admin --os-region "$REGION_NAME" subnet create --description shared-subnet --subnet-range ${TEMPEST_SHARED_POOL:-192.168.233.0/24} --network shared shared-subnet
     fi
 
     iniset $TEMPEST_CONFIG DEFAULT use_syslog $SYSLOG