From e458fab8efdaab327c8f07a0771e4d3571580a41 Mon Sep 17 00:00:00 2001 From: Andrey Kurilin Date: Mon, 7 Mar 2016 16:44:24 +0200 Subject: [PATCH] Add default values for domain related options Keystone V3 requires that the options os_user_domain_id/os_user_domain_name and os_project_domain_id/os_project_domain_name be set. These options do not have default values and novaclient will fail if they are not set by user. This patch adds default values for os_project_domain_id and os_user_domain_id in case of Keystone V3 env. This is consistent with what the OpenStack CLI does. Also, two functional tests are added to check authentication via Keystone V2 and V3. Partial-Bug: #1522402 Change-Id: Ieb41a7fbf24107f7250ef34218604fba96531195 --- novaclient/shell.py | 10 ++++++ novaclient/tests/functional/test_auth.py | 42 ++++++++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 novaclient/tests/functional/test_auth.py diff --git a/novaclient/shell.py b/novaclient/shell.py index 3d38ac99d..cf94e3587 100644 --- a/novaclient/shell.py +++ b/novaclient/shell.py @@ -767,6 +767,16 @@ class OpenStackComputeShell(object): os_auth_url = args.os_auth_url os_region_name = args.os_region_name os_auth_system = args.os_auth_system + + if "v2.0" not in os_auth_url: + # NOTE(andreykurilin): assume that keystone V3 is used and try to + # be more user-friendly, i.e provide default values for domains + if (not args.os_project_domain_id and + not args.os_project_domain_name): + setattr(args, "os_project_domain_id", "default") + if not args.os_user_domain_id and not args.os_user_domain_name: + setattr(args, "os_user_domain_id", "default") + endpoint_type = args.endpoint_type insecure = args.insecure service_type = args.service_type diff --git a/novaclient/tests/functional/test_auth.py b/novaclient/tests/functional/test_auth.py new file mode 100644 index 000000000..e37fc789e --- /dev/null +++ b/novaclient/tests/functional/test_auth.py @@ -0,0 +1,42 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from six.moves.urllib import parse +import tempest_lib.cli.base + +from novaclient.tests.functional import base + + +class TestAuthentication(base.ClientTestBase): + def nova(self, action, identity_api_version): + url = parse.urlparse(self.cli_clients.uri) + url = parse.urlunparse((url.scheme, url.netloc, + '/v%s' % identity_api_version, + url.params, url.query, + url.fragment)) + flags = ('--os-username %s --os-tenant-name %s --os-password %s ' + '--os-auth-url %s --endpoint-type publicURL' % ( + self.cli_clients.username, + self.cli_clients.tenant_name, + self.cli_clients.password, + url)) + if self.cli_clients.insecure: + flags += ' --insecure ' + + return tempest_lib.cli.base.execute( + "nova", action, flags, cli_dir=self.cli_clients.cli_dir) + + def test_auth_via_keystone_v2(self): + self.nova("list", identity_api_version="2.0") + + def test_auth_via_keystone_v3(self): + self.nova("list", identity_api_version="3")