Blueprint cli-auth
* Add proper test for swift in client-env.sh * Remove all VERIFY variables; nothing beyond the 4 OS_ vars is set now * Update exercises for Keystone 2.0 auth * swift understands Keystone 2.0 auth now, don't download custom binary * cleanup uploaded bundle in bundle.sh Change-Id: I99c818d81534bbf93c0e142513acb80e5fe613ea
This commit is contained in:
parent
dd9809305e
commit
80756ea71a
@ -46,3 +46,6 @@ if ! timeout $REGISTER_TIMEOUT sh -c "while euca-describe-images | grep '$AMI' |
|
||||
echo "Image $AMI not available within $REGISTER_TIMEOUT seconds"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Clean up
|
||||
euca-deregister $AMI
|
||||
|
@ -52,18 +52,13 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
||||
if [[ "$SKIP_EXERCISES" =~ "key" ]] ; then
|
||||
STATUS_KEYSTONE="Skipped"
|
||||
else
|
||||
if [[ -n "$VERIFY" ]]; then
|
||||
# Save original environment
|
||||
xOS_AUTH_URL=$OS_AUTH_URL
|
||||
# We need to run the keystone test as admin since there doesn't
|
||||
# seem to be anything to test the cli vars that runs as a user
|
||||
# tenant-list should do that, it isn't implemented (yet)
|
||||
xOS_TENANT_NAME=$OS_TENANT_NAME
|
||||
xOS_USERNAME=$OS_USERNAME
|
||||
xOS_PASSWORD=$OS_PASSWORD
|
||||
# keystone can't handle a trailing '/'
|
||||
export OS_AUTH_URL=${OS_AUTH_URL%/}
|
||||
# does any non-admin request work?
|
||||
export OS_USERNAME=admin
|
||||
export OS_TENANT_NAME=admin
|
||||
fi
|
||||
|
||||
echo -e "\nTest Keystone"
|
||||
if keystone service-list; then
|
||||
@ -72,13 +67,9 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
||||
STATUS_KEYSTONE="Failed"
|
||||
RETURN=1
|
||||
fi
|
||||
if [[ -n "$VERIFY" ]]; then
|
||||
# Save original environment
|
||||
OS_AUTH_URL=$xOS_AUTH_URL
|
||||
|
||||
OS_TENANT_NAME=$xOS_TENANT_NAME
|
||||
OS_USERNAME=$xOS_USERNAME
|
||||
OS_PASSWORD=$xOS_PASSWORD
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -89,12 +80,6 @@ if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then
|
||||
if [[ "$SKIP_EXERCISES" =~ "n-api" ]] ; then
|
||||
STATUS_NOVA="Skipped"
|
||||
else
|
||||
if [[ -n "$VERIFY" ]]; then
|
||||
# Known novaclient breakage:
|
||||
# NOVA_VERSION must be set or nova silently fails
|
||||
export NOVA_VERSION=2
|
||||
fi
|
||||
|
||||
echo -e "\nTest Nova"
|
||||
if nova flavor-list; then
|
||||
STATUS_NOVA="Succeeded"
|
||||
@ -112,14 +97,6 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then
|
||||
if [[ "$SKIP_EXERCISES" =~ "g-api" ]] ; then
|
||||
STATUS_GLANCE="Skipped"
|
||||
else
|
||||
if [[ -n "$VERIFY" ]]; then
|
||||
# Known glance client differage:
|
||||
export OS_AUTH_TENANT=$OS_TENANT_NAME
|
||||
export OS_AUTH_USER=$OS_USERNAME
|
||||
export OS_AUTH_KEY=$OS_PASSWORD
|
||||
export OS_AUTH_STRATEGY=keystone
|
||||
fi
|
||||
|
||||
echo -e "\nTest Glance"
|
||||
if glance index; then
|
||||
STATUS_GLANCE="Succeeded"
|
||||
@ -138,8 +115,7 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
|
||||
STATUS_SWIFT="Skipped"
|
||||
else
|
||||
echo -e "\nTest Swift"
|
||||
# FIXME(dtroyer): implement swift test
|
||||
if true; then
|
||||
if swift stat; then
|
||||
STATUS_SWIFT="Succeeded"
|
||||
else
|
||||
STATUS_SWIFT="Failed"
|
||||
|
@ -48,15 +48,6 @@ DEFAULT_FLOATING_POOL=${DEFAULT_FLOATING_POOL:-nova}
|
||||
# Additional floating IP pool and range
|
||||
TEST_FLOATING_POOL=${TEST_FLOATING_POOL:-test}
|
||||
|
||||
# Get a token for clients that don't support service catalog
|
||||
# ==========================================================
|
||||
|
||||
# manually create a token by querying keystone (sending JSON data). Keystone
|
||||
# returns a token and catalog of endpoints. We use python to parse the token
|
||||
# and save it.
|
||||
|
||||
TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
|
||||
|
||||
# Launching a server
|
||||
# ==================
|
||||
|
||||
@ -70,10 +61,10 @@ nova list
|
||||
nova image-list
|
||||
|
||||
# But we recommend using glance directly
|
||||
glance -f -A $TOKEN -H $GLANCE_HOST index
|
||||
glance -f index
|
||||
|
||||
# Grab the id of the image to launch
|
||||
IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
|
||||
IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
|
||||
|
||||
# Security Groups
|
||||
# ---------------
|
||||
|
@ -34,15 +34,6 @@ DEFAULT_INSTANCE_TYPE=${DEFAULT_INSTANCE_TYPE:-m1.tiny}
|
||||
# Boot this image, use first AMi image if unset
|
||||
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
|
||||
|
||||
# Get a token for clients that don't support service catalog
|
||||
# ==========================================================
|
||||
|
||||
# manually create a token by querying keystone (sending JSON data). Keystone
|
||||
# returns a token and catalog of endpoints. We use python to parse the token
|
||||
# and save it.
|
||||
|
||||
TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$OS_USERNAME\", \"password\": \"$OS_PASSWORD\"}}}" -H "Content-type: application/json" ${OS_AUTH_URL%/}/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`
|
||||
|
||||
# Launching a server
|
||||
# ==================
|
||||
|
||||
@ -56,10 +47,10 @@ nova list
|
||||
nova image-list
|
||||
|
||||
# But we recommend using glance directly
|
||||
glance -f -A $TOKEN -H $GLANCE_HOST index
|
||||
glance -f index
|
||||
|
||||
# Grab the id of the image to launch
|
||||
IMAGE=`glance -f -A $TOKEN -H $GLANCE_HOST index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
|
||||
IMAGE=`glance -f index | egrep $DEFAULT_IMAGE_NAME | head -1 | cut -d" " -f1`
|
||||
|
||||
# determinine instance type
|
||||
# -------------------------
|
||||
|
6
stack.sh
6
stack.sh
@ -981,12 +981,6 @@ if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
|
||||
# We install the memcache server as this is will be used by the
|
||||
# middleware to cache the tokens auths for a long this is needed.
|
||||
apt_get install memcached
|
||||
|
||||
# We need a special version of bin/swift which understand the
|
||||
# OpenStack api 2.0, we download it until this is getting
|
||||
# integrated in swift.
|
||||
sudo https_proxy=$https_proxy curl -s -o/usr/local/bin/swift \
|
||||
'https://review.openstack.org/gitweb?p=openstack/swift.git;a=blob_plain;f=bin/swift;hb=48bfda6e2fdf3886c98bd15649887d54b9a2574e'
|
||||
else
|
||||
swift_auth_server=tempauth
|
||||
fi
|
||||
|
Loading…
Reference in New Issue
Block a user