Adds Ironic test_baremetal_basic_ops scenario test
Adds an Ironic scenario test that validates a full instance
boot using Ironic. In addition to verifying the Nova instance
boots and has connectivity, it monitors power and state transitions
on the Ironic side. It currently validates orchestration of the pxe_ssh
driver but the goal would be to support other drivers, and test them
conditionally based on the driver associated with the configured Ironic
node.
Change-Id: I7a98ab9c771fe17387dfb591df5a40d27194a5c8
diff --git a/tempest/clients.py b/tempest/clients.py
index 7ebd983..ef16081 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -17,6 +17,7 @@
import cinderclient.client
import glanceclient
import heatclient.client
+import ironicclient.client
import keystoneclient.exceptions
import keystoneclient.v2_0.client
import neutronclient.v2_0.client
@@ -456,6 +457,7 @@
NOVACLIENT_VERSION = '2'
CINDERCLIENT_VERSION = '1'
HEATCLIENT_VERSION = '1'
+ IRONICCLIENT_VERSION = '1'
def __init__(self, username, password, tenant_name):
# FIXME(andreaf) Auth provider for client_type 'official' is
@@ -465,6 +467,7 @@
# super cares for credentials validation
super(OfficialClientManager, self).__init__(
username=username, password=password, tenant_name=tenant_name)
+ self.baremetal_client = self._get_baremetal_client()
self.compute_client = self._get_compute_client(username,
password,
tenant_name)
@@ -485,6 +488,22 @@
password,
tenant_name)
+ def _get_roles(self):
+ keystone_admin = self._get_identity_client(
+ CONF.identity.admin_username,
+ CONF.identity.admin_password,
+ CONF.identity.admin_tenant_name)
+
+ username = self.credentials['username']
+ tenant_name = self.credentials['tenant_name']
+ user_id = keystone_admin.users.find(name=username).id
+ tenant_id = keystone_admin.tenants.find(name=tenant_name).id
+
+ roles = keystone_admin.roles.roles_for_user(
+ user=user_id, tenant=tenant_id)
+
+ return [r.name for r in roles]
+
def _get_compute_client(self, username, password, tenant_name):
# Novaclient will not execute operations for anyone but the
# identified user, so a new client needs to be created for
@@ -606,6 +625,34 @@
auth_url=auth_url,
insecure=dscv)
+ def _get_baremetal_client(self):
+ # ironic client is currently intended to by used by admin users
+ roles = self._get_roles()
+ if CONF.identity.admin_role not in roles:
+ return None
+
+ auth_url = CONF.identity.uri
+ api_version = self.IRONICCLIENT_VERSION
+ insecure = CONF.identity.disable_ssl_certificate_validation
+ service_type = CONF.baremetal.catalog_type
+ endpoint_type = CONF.baremetal.endpoint_type
+ creds = {
+ 'os_username': self.credentials['username'],
+ 'os_password': self.credentials['password'],
+ 'os_tenant_name': self.credentials['tenant_name']
+ }
+
+ try:
+ return ironicclient.client.get_client(
+ api_version=api_version,
+ os_auth_url=auth_url,
+ insecure=insecure,
+ os_service_type=service_type,
+ os_endpoint_type=endpoint_type,
+ **creds)
+ except keystoneclient.exceptions.EndpointNotFound:
+ return None
+
def _get_network_client(self):
# The intended configuration is for the network client to have
# admin privileges and indicate for whom resources are being