This patch updates the Designate tempest plugin to accommodate stable
branches that still have keystone scoped tokens. The "Direction
change"[1] means scoped tokens were dropped in the Bobcat (2023.2)
release. However the stable branches back to Wallaby will still have
scoped tokens available as a configuration option.
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#direction-change
Change-Id: Ia57b5126dbc9fbe98cbcaa7ad0e11d36c21a14da
This patch adds a method that allows us to get the current Designate API version under test for use in test classes to skip tests against new features introduced in a specific API version.
This patch also centralizes the "primary" zones client to be instantiated once and updates the tests to use a standardized name for the client.
Finally, it adds a missing requirement of oslo.serialization to requirements.txt.
Change-Id: I240911c0ab9b9bad7851268865d6a8e867627673
This patch adds RBAC testing for allowed and disallowed credentials.
This is one of a series of patches adding testing. This patch covers the
tsigkeys API.
Change-Id: I93973c5dddae13dbb453591f1cb6a9a5a41f9b49
Currently there are intermittent test failures due to inconsistent
management of TLDs across the test classes. This is due to some test
classes using the same TLD and cleaning them up or cases where a TLD is
expected to exist, but may not have been created yet.
This patch established a dedicated TLD for each test class that creates
zones. Inside each test case, a zone name will be created with the test
name and the test class TLD. This creates the required TLD isolation to
allow successful test concurrency.
The patch also changes the base TLD from 'org' to the RFC 2606 reserved 'test'.
This should allow for easier identification of test related resources.
Change-Id: I3509767ec0ce6be6b6f15a1bc15a730a4a144b09
1) test_create_tsigkey_for_zone_invalid_algorithm
Try to create tsigkey using invalid algorithm.
Expected: 400 BadRequest.
2) test_create_tsigkey_for_zone_invalid_name
Try to create tsigkey using invalid name.
Expected: 400 BadRequest.
3) test_create_tsigkey_for_zone_empty_secret
Try to create tsigkey using invalid name.
Expected: 400 BadRequest.
4) test_create_tsigkey_for_zone_invalid_scope
Try to create tsigkey using invalid scope.
Expected: 400 BadRequest.
5) test_create_tsigkey_for_zone_invalid_zone_id
Try to create tsigkey using invalid resource(zone_id).
Expected: 400 BadRequest.
6) test_create_tsigkey_for_pool
Create a tsigkey for a pool.
Expected: should PASS
7) test_create_tsigkey_for_pool_with_scope_zone
Conflict scenario, resource ID used is of a pool, but scope
provided is: "ZONE".
8) test_list_tsigkeys_limit_results
Use "limit" in URL query to limit listed tsigkeys in list API.
9) test_list_tsigkeys_using_marker
Use "marker" in URL query in list API, to get the subsequent tsigkeys.
10) test_list_tsigkey_sort_key_with_sort_direction
Sort listed results using: "sort_key" and "sort_dir"
parameters in URL query of list API.
11) test_list_tsigkey_filter_by_name
Filter listed tsigkeys results by "name" provided in URL query.
12) test_list_tsigkey_filter_by_scope
Filter listed tsigkeys results by "scope" provided in URL query.
13) test_list_tsigkey_filter_by_algorithm
Filter listed tsigkeys results by "algorithm" provided in URL query.
Change-Id: If76296187707b92326a201b0cd3f7d89c4cc064e
This patch makes the API tests compatible with keystone scoped
tokens and the new RBAC defaults.
For example, admin system scoped tokens do not have a project_id associated
with them requiring some tests to be updated to not assume the admin
credential always has a project_id.
This patch also makes some sections consistently ordered across files.
Change-Id: Ie2c7402967f40bb90e0d97dad1c3d59f82cb6d80
All the Designate service clients are registered via the plugin interface[1],
that way Tempest register and create the lazy initialization of registered
clients so that they can be access from there in consistent way.
But designate-tempest-client create a separate instance of those and access
instead of accessing the registered service client in Tempest. This commit
makes all the service clients access from Tempest registry and remove the
separate objects.
[1] https://github.com/openstack/designate-tempest-plugin/blob/master/designate_tempest_plugin/plugin.py#L78
Change-Id: I4b65ca16cd53ff4c6bece642764a4abe2a469c01
these tests create zones as part of the test but do clean them up
afterward slowly. This leads to these and following tests in the thread
to fail with over quota when default zone quota is sufficiently low.
Change-Id: Iebe15ca6d0d3101237a92e011b081c38647a8de6
We need to call set_network_resources() from class with API tests, to
avoid creating network resources. Which are not needed for API tests.
Change-Id: Ia93303390d9887722fa2cfde7757e5e9103ae585
Closes-Bug: #1689415
This reduces the number of smoke tests to < 10. It includes v1 tests, v2
tests and one scenario test to check that a zone goes to active.
Change-Id: I9233a5d783649fe2bfad8e772f4165bdc4e1c619