1
0
Fork 0
mirror of https://github.com/fog/fog.git synced 2022-11-09 13:51:43 -05:00

[openstack] Make sure that Identity v3 authentication uses a v3 endpoint

Also, some IDv3 test refactoring - extract strings to constants and allow OS_AUTH_SERVICE env var
to set the openstack_service_type option (e.g. to identityv3).
This commit is contained in:
Darren Hague 2015-09-28 16:36:56 +01:00
parent 874f465126
commit bb5b280962
5 changed files with 117 additions and 284 deletions

View file

@ -297,7 +297,7 @@ module Fog
token, body = retrieve_tokens_v3 options, connection_options token, body = retrieve_tokens_v3 options, connection_options
service = get_service_v3(body, service_type, service_name, openstack_region) service = get_service_v3(body, service_type, service_name, openstack_region, options)
options[:unscoped_token] = token options[:unscoped_token] = token
@ -359,7 +359,7 @@ module Fog
raise Fog::Errors::NotFound.new("Multiple regions available choose one of these '#{regions.join(',')}'") raise Fog::Errors::NotFound.new("Multiple regions available choose one of these '#{regions.join(',')}'")
end end
identity_service = get_service_v3(body, identity_service_type, nil, nil, :endpoint_path_matches => /\/v3/) if identity_service_type identity_service = get_service_v3(body, identity_service_type, nil, nil, :openstack_endpoint_path_matches => /\/v3/) if identity_service_type
management_url = service['endpoints'].find { |e| e['interface']==endpoint_type }['url'] management_url = service['endpoints'].find { |e| e['interface']==endpoint_type }['url']
identity_url = identity_service['endpoints'].find { |e| e['interface']=='public' }['url'] if identity_service identity_url = identity_service['endpoints'].find { |e| e['interface']=='public' }['url'] if identity_service
@ -532,7 +532,7 @@ module Fog
# Filter the found services by region (if specified) and whether the endpoint path matches the given regex (e.g. /\/v3/) # Filter the found services by region (if specified) and whether the endpoint path matches the given regex (e.g. /\/v3/)
services.find do |s| services.find do |s|
s['endpoints'].any? { |ep| endpoint_region?(ep, region) && endpoint_path_match?(ep, options[:endpoint_path_matches])} s['endpoints'].any? { |ep| endpoint_region?(ep, region) && endpoint_path_match?(ep, options[:openstack_endpoint_path_matches])}
end if services end if services
end end

View file

@ -160,6 +160,7 @@ module Fog
@openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL' @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL'
@openstack_endpoint_path_matches = options[:openstack_endpoint_path_matches] ||= /\/v3/
authenticate authenticate
@persistent = options[:persistent] || false @persistent = options[:persistent] || false

View file

@ -1,187 +0,0 @@
---
http_interactions:
- request:
method: post
uri: http://devstack.openstack.stack:5000/v3/auth/tokens
body:
encoding: UTF-8
string: ! '{"auth":{"identity":{"methods":["password"],"password":{"user":{"password":"password","id":"aa9f25defa6d4cafb48466df83106065"}}}}}'
headers:
User-Agent:
- fog/1.31.0 fog-core/1.31.1
Content-Type:
- application/json
response:
status:
code: 201
message: ''
headers:
Date:
- Tue, 23 Jun 2015 15:09:15 GMT
Server:
- Apache/2.4.7 (Ubuntu)
X-Subject-Token:
- 9f7df72efb3749ed8eb12699d16f56cc
Vary:
- X-Auth-Token
X-Openstack-Request-Id:
- req-77ed8c5d-de40-42ea-b7ac-013eedf72558
Content-Length:
- '297'
Content-Type:
- application/json
body:
encoding: US-ASCII
string: ! '{"token": {"methods": ["password"], "expires_at": "2015-06-23T16:09:15.097008Z",
"extras": {}, "user": {"domain": {"id": "default", "name": "Default"}, "id":
"aa9f25defa6d4cafb48466df83106065", "name": "admin"}, "audit_ids": ["K9N-CugNRDSarC82lwYYHQ"],
"issued_at": "2015-06-23T15:09:15.097078Z"}}'
http_version:
recorded_at: Tue, 23 Jun 2015 15:09:15 GMT
- request:
method: get
uri: http://devstack.openstack.stack:5000/v3/users/aa9f25defa6d4cafb48466df83106065/projects
body:
encoding: US-ASCII
string: ''
headers:
User-Agent:
- fog/1.31.0 fog-core/1.31.1
Content-Type:
- application/json
Accept:
- application/json
X-Auth-Token:
- 9f7df72efb3749ed8eb12699d16f56cc
response:
status:
code: 200
message: ''
headers:
Date:
- Tue, 23 Jun 2015 15:09:15 GMT
Server:
- Apache/2.4.7 (Ubuntu)
Vary:
- X-Auth-Token
X-Openstack-Request-Id:
- req-99d9e960-accc-4943-b647-f0454eb9f9ba
Content-Length:
- '617'
Content-Type:
- application/json
body:
encoding: US-ASCII
string: ! '{"links": {"self": "http://devstack.openstack.stack:5000/v3/users/aa9f25defa6d4cafb48466df83106065/projects",
"previous": null, "next": null}, "projects": [{"description": null, "links":
{"self": "http://devstack.openstack.stack:5000/v3/projects/123ac695d4db400a9001b91bb3b8aa46"},
"enabled": true, "id": "123ac695d4db400a9001b91bb3b8aa46", "parent_id": null,
"domain_id": "default", "name": "admin"}, {"description": null, "links": {"self":
"http://devstack.openstack.stack:5000/v3/projects/3ed7ee0512b641d3bb1fe17fc86d8bff"},
"enabled": true, "id": "3ed7ee0512b641d3bb1fe17fc86d8bff", "parent_id": null,
"domain_id": "default", "name": "demo"}]}'
http_version:
recorded_at: Tue, 23 Jun 2015 15:09:15 GMT
- request:
method: post
uri: http://devstack.openstack.stack:5000/v3/auth/tokens
body:
encoding: UTF-8
string: ! '{"auth":{"identity":{"methods":["token"],"token":{"id":"9f7df72efb3749ed8eb12699d16f56cc"}},"scope":{"project":{"name":"admin","domain":{"id":"default"}}}}}'
headers:
User-Agent:
- fog/1.31.0 fog-core/1.31.1
Content-Type:
- application/json
response:
status:
code: 201
message: ''
headers:
Date:
- Tue, 23 Jun 2015 15:09:15 GMT
Server:
- Apache/2.4.7 (Ubuntu)
X-Subject-Token:
- 6974d4e66dbb47e9a4ca379c14f706f4
Vary:
- X-Auth-Token
X-Openstack-Request-Id:
- req-7111935d-8900-4dff-ba6f-f1f691cb6b48
Content-Length:
- '5909'
Content-Type:
- application/json
body:
encoding: US-ASCII
string: ! '{"token": {"methods": ["token", "password"], "roles": [{"id": "6ead57f8ae124996af8b0beb72ff1007",
"name": "admin"}], "expires_at": "2015-06-23T16:09:15.097008Z", "project":
{"domain": {"id": "default", "name": "Default"}, "id": "123ac695d4db400a9001b91bb3b8aa46",
"name": "admin"}, "catalog": [{"endpoints": [{"region_id": "RegionOne", "url":
"http://devstack.openstack.stack:9292", "region": "RegionOne", "interface": "public",
"id": "6e82c8912d3f49a09df51035681d564c"}, {"region_id": "RegionOne", "url":
"http://devstack.openstack.stack:9292", "region": "RegionOne", "interface": "admin",
"id": "7e44d321ae80457abc3728fa1e6feb32"}, {"region_id": "RegionOne", "url":
"http://devstack.openstack.stack:9292", "region": "RegionOne", "interface": "internal",
"id": "c9a090a4597040849c03bc13588167f6"}], "type": "image", "id": "0d56500210a24c38a3702b6825e24164",
"name": "glance"}, {"endpoints": [{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "internal", "id": "261aaf6239bb49a4a1cfa87c19859138"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "admin", "id": "437d282e0bb94622aaacc4d194c069a9"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "public", "id": "5e78bf7bae7c4ff5b9720b2c2e4da743"}],
"type": "volumev2", "id": "2b92e79c45254516932c633229cd0e8b", "name": "cinderv2"},
{"endpoints": [{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8773/",
"region": "RegionOne", "interface": "admin", "id": "1ce26a6fffd0424bac135b9c68055b6e"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8773/", "region":
"RegionOne", "interface": "public", "id": "98db699b9ffa4dffb027d78163aad8cc"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8773/", "region":
"RegionOne", "interface": "internal", "id": "ece52860cf1e4eb6a8fed05c47a30147"}],
"type": "ec2", "id": "3364a7b95c664bf89a7a8db081576364", "name": "ec2"}, {"endpoints":
[{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "admin", "id": "4442fbd064844a7bbe6a792507d4b8e3"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "internal", "id": "4b4178fd2e3d4f329600cc4ceaaa7e3a"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8776/v1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "public", "id": "90977723dba04ea9a2a184c99565ccff"}],
"type": "volume", "id": "511b94ce0482484ea09028091dd5e9a5", "name": "cinder"},
{"endpoints": [{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "internal", "id": "81c51855280345e9a6c322ca986d4e4b"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "admin", "id": "a0310a37cf6144a6a967cbae9a7959ba"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "public", "id": "f6d38c03b9c04a9e924aaa288ce014b8"}],
"type": "compute", "id": "5b7028751ed045d79467c7845ecb8c58", "name": "nova"},
{"endpoints": [{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2.1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "internal", "id": "2f17e155b0aa47838394e6c4f6fe30e0"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2.1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "public", "id": "9d2555fd27dd44e5acfb5e56127d974b"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:8774/v2.1/123ac695d4db400a9001b91bb3b8aa46",
"region": "RegionOne", "interface": "admin", "id": "e8bdd9403fbb4efa8d77bfd4f6a5e34a"}],
"type": "computev21", "id": "97e665cbada043718180c5a6316df76a", "name": "novav21"},
{"endpoints": [{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:35357/v3",
"region": "RegionOne", "interface": "admin", "id": "185eda94de9340e58245062f75d7f80e"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:5000/v3", "region":
"RegionOne", "interface": "internal", "id": "9abd6797844d455f875af9537325cba4"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:5000/v3", "region":
"RegionOne", "interface": "public", "id": "d3b31f24e4ea40699f731e29e625c187"}],
"type": "identity", "id": "b577d8f7c7074d04a1165fcca638b600", "name": "keystone_v3x"},
{"endpoints": [{"region_id": "europe", "url": "http://devstack.openstack.stack:35357/v3",
"region": "europe", "interface": "admin", "id": "32bb2c6aea944ea6b4956eb24142d2e2"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:5000/v3", "region":
"RegionOne", "interface": "public", "id": "480ea71dc8cf4c959df1c6304be87056"},
{"region_id": "europe", "url": "http://devstack.openstack.stack:5000/v3", "region":
"europe", "interface": "public", "id": "600638643d22494fad4f30e3b22ae124"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:5000/v3", "region":
"RegionOne", "interface": "internal", "id": "8a254651925e4a3e9505c863a00c017e"},
{"region_id": "europe", "url": "http://devstack.openstack.stack:5000/v3", "region":
"europe", "interface": "internal", "id": "b93da6aaba654d8cb451ff8378d7d2a5"},
{"region_id": "RegionOne", "url": "http://devstack.openstack.stack:35357/v3", "region":
"RegionOne", "interface": "admin", "id": "d5f8e0da0f3345529a5fb324d735d4a3"}],
"type": "identity_v3", "id": "cd9002bbadfe495d81b5ee4c50768009", "name": "keystone_v3"}],
"extras": {}, "user": {"domain": {"id": "default", "name": "Default"}, "id":
"aa9f25defa6d4cafb48466df83106065", "name": "admin"}, "audit_ids": ["1yvNE0UcSCWjedTDCBbDsA",
"K9N-CugNRDSarC82lwYYHQ"], "issued_at": "2015-06-23T15:09:15.359531Z"}}'
http_version:
recorded_at: Tue, 23 Jun 2015 15:09:15 GMT
recorded_with: VCR 2.9.3

View file

@ -11,19 +11,32 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
include_context 'OpenStack specs with VCR' include_context 'OpenStack specs with VCR'
before :all do before :all do
VCR_USER_ID='a18abc2039d6493aa7239a42033cc7c9'
VCR_USER_NAME='admin'
VCR_PASSWORD='devstack'
VCR_DOMAIN_ID='default'
VCR_DOMAIN_NAME='Default'
VCR_PROJECT_NAME='admin'
VCR_REGION='RegionOne'
setup_vcr_and_service( setup_vcr_and_service(
:vcr_directory => 'spec/fog/openstack/identity_v3', :vcr_directory => 'spec/fog/openstack/identity_v3',
:service_class => Fog::Identity::OpenStack::V3 :service_class => Fog::Identity::OpenStack::V3,
:username => VCR_USER_NAME,
:password => VCR_PASSWORD,
:project_name => VCR_PROJECT_NAME,
:domain_name => VCR_DOMAIN_NAME,
:region_name => VCR_REGION
) )
end end
it 'authenticates with password, userid and domain_id' do it 'authenticates with password, userid and domain_id' do
VCR.use_cassette('authv3_a') do VCR.use_cassette('authv3_a') do
Fog::Identity::OpenStack::V3.new( Fog::Identity::OpenStack::V3.new(
:openstack_domain_id => ENV['OS_USER_DOMAIN_ID'] || 'default', :openstack_domain_id => ENV['OS_USER_DOMAIN_ID'] || VCR_DOMAIN_ID,
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_userid => ENV['OS_USER_ID'] || 'aa9f25defa6d4cafb48466df83106065', :openstack_userid => ENV['OS_USER_ID'] || VCR_USER_ID,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
end end
end end
@ -31,10 +44,10 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it 'authenticates with password, username and domain_id' do it 'authenticates with password, username and domain_id' do
VCR.use_cassette('authv3_b') do VCR.use_cassette('authv3_b') do
Fog::Identity::OpenStack::V3.new( Fog::Identity::OpenStack::V3.new(
:openstack_domain_id => ENV['OS_USER_DOMAIN_ID'] || 'default', :openstack_domain_id => ENV['OS_USER_DOMAIN_ID'] || VCR_DOMAIN_ID,
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_username => ENV['OS_USERNAME'] || 'admin', :openstack_username => ENV['OS_USERNAME'] || VCR_USER_NAME,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
end end
end end
@ -42,10 +55,10 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it 'authenticates with password, username and domain_name' do it 'authenticates with password, username and domain_name' do
VCR.use_cassette('authv3_c') do VCR.use_cassette('authv3_c') do
Fog::Identity::OpenStack::V3.new( Fog::Identity::OpenStack::V3.new(
:openstack_user_domain => ENV['OS_USER_DOMAIN_NAME'] || 'Default', :openstack_user_domain => ENV['OS_USER_DOMAIN_NAME'] || VCR_DOMAIN_NAME,
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_username => ENV['OS_USERNAME'] || 'admin', :openstack_username => ENV['OS_USERNAME'] || VCR_USER_NAME,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
end end
end end
@ -60,8 +73,8 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
@fog = Fog::Identity::OpenStack::V3.new({ @fog = Fog::Identity::OpenStack::V3.new({
:openstack_region => ENV['OS_REGION_OTHER']||'europe', :openstack_region => ENV['OS_REGION_OTHER']||'europe',
:openstack_auth_url => "#{@os_auth_url}/auth/tokens", :openstack_auth_url => "#{@os_auth_url}/auth/tokens",
:openstack_userid => ENV['OS_USER_ID'] || 'aa9f25defa6d4cafb48466df83106065', :openstack_userid => ENV['OS_USER_ID'] || VCR_USER_ID,
:openstack_api_key => ENV['OS_PASSWORD'] || "password" :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD
}) })
expect(@fog).to_not be_nil expect(@fog).to_not be_nil
end unless endpoints_in_region.empty? end unless endpoints_in_region.empty?
@ -71,15 +84,15 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
VCR.use_cassette('authv3_unscoped_reauth') do VCR.use_cassette('authv3_unscoped_reauth') do
id_v3 = Fog::Identity::OpenStack::V3.new( id_v3 = Fog::Identity::OpenStack::V3.new(
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_userid => ENV['OS_USER_ID'] || 'aa9f25defa6d4cafb48466df83106065', :openstack_userid => ENV['OS_USER_ID'] || VCR_USER_ID,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
auth_params = {:provider => "openstack", auth_params = {:provider => "openstack",
:openstack_auth_token => id_v3.credentials[:openstack_auth_token], :openstack_auth_token => id_v3.credentials[:openstack_auth_token],
:openstack_auth_url => "#{@os_auth_url}/auth/tokens", :openstack_auth_url => "#{@os_auth_url}/auth/tokens",
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne'} :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION}
@fog2 = Fog::Identity::OpenStack::V3.new(auth_params) @fog2 = Fog::Identity::OpenStack::V3.new(auth_params)
expect(@fog2).to_not be_nil expect(@fog2).to_not be_nil
@ -92,11 +105,11 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it 'authenticates with project scope' do it 'authenticates with project scope' do
VCR.use_cassette('authv3_project') do VCR.use_cassette('authv3_project') do
Fog::Identity::OpenStack::V3.new( Fog::Identity::OpenStack::V3.new(
:openstack_project_name => ENV['OS_PROJECT_NAME'] || 'admin', :openstack_project_name => ENV['OS_PROJECT_NAME'] || VCR_PROJECT_NAME,
:openstack_domain_name => ENV['OS_USER_DOMAIN_NAME'] || 'Default', :openstack_domain_name => ENV['OS_USER_DOMAIN_NAME'] || VCR_DOMAIN_NAME,
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_username => ENV['OS_USERNAME'] || 'admin', :openstack_username => ENV['OS_USERNAME'] || VCR_USER_NAME,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
end end
end end
@ -105,18 +118,18 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
VCR.use_cassette('authv3_unscoped') do VCR.use_cassette('authv3_unscoped') do
id_v3 = Fog::Identity::OpenStack::V3.new( id_v3 = Fog::Identity::OpenStack::V3.new(
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || VCR_PASSWORD,
:openstack_userid => ENV['OS_USER_ID']||'aa9f25defa6d4cafb48466df83106065', :openstack_userid => ENV['OS_USER_ID']||VCR_USER_ID,
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
# Exchange it for a project-scoped token # Exchange it for a project-scoped token
auth = Fog::Identity::OpenStack::V3.new( auth = Fog::Identity::OpenStack::V3.new(
:openstack_project_name => ENV['OS_PROJECT_NAME'] || 'admin', :openstack_project_name => ENV['OS_PROJECT_NAME'] || VCR_PROJECT_NAME,
:openstack_domain_name => ENV['OS_USER_DOMAIN_NAME'] || 'Default', :openstack_domain_name => ENV['OS_USER_DOMAIN_NAME'] || VCR_DOMAIN_NAME,
:openstack_tenant => ENV['OS_USERNAME'] || 'admin', :openstack_tenant => ENV['OS_USERNAME'] || VCR_USER_NAME,
:openstack_auth_token => id_v3.credentials[:openstack_auth_token], :openstack_auth_token => id_v3.credentials[:openstack_auth_token],
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || VCR_REGION,
:openstack_auth_url => "#{@os_auth_url}/auth/tokens") :openstack_auth_url => "#{@os_auth_url}/auth/tokens")
token = auth.credentials[:openstack_auth_token] token = auth.credentials[:openstack_auth_token]
@ -135,7 +148,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
expect { nonexistent_user = @service.users.find_by_id 'u-random-blah' }.to raise_error(Fog::Identity::OpenStack::NotFound) expect { nonexistent_user = @service.users.find_by_id 'u-random-blah' }.to raise_error(Fog::Identity::OpenStack::NotFound)
admin_user = @service.users.find_by_name ENV['OS_USERNAME'] || 'admin' admin_user = @service.users.find_by_name ENV['OS_USERNAME'] || VCR_USER_NAME
expect(admin_user.length).to be 1 expect(admin_user.length).to be 1
users = @service.users users = @service.users
@ -271,10 +284,10 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it "gets a token, checks it and then revokes it" do it "gets a token, checks it and then revokes it" do
VCR.use_cassette('idv3_token') do VCR.use_cassette('idv3_token') do
auth = {:auth => {:identity => {:methods => %w{password}, auth = {:auth => {:identity => {:methods => %w{password},
:password => {:user => {:id => ENV['OS_USER_ID']||'aa9f25defa6d4cafb48466df83106065', :password => {:user => {:id => ENV['OS_USER_ID']||VCR_USER_ID,
:password => ENV['OS_PASSWORD']||'password'}}}, :password => ENV['OS_PASSWORD']||VCR_PASSWORD}}},
:scope => {:project => {:domain => {:name => ENV['OS_USER_DOMAIN_NAME']||'Default'}, :scope => {:project => {:domain => {:name => ENV['OS_USER_DOMAIN_NAME']||VCR_DOMAIN_NAME},
:name => ENV['OS_PROJECT_NAME']||'admin'}}}} :name => ENV['OS_PROJECT_NAME']||VCR_PROJECT_NAME}}}}
token = @service.tokens.authenticate(auth) token = @service.tokens.authenticate(auth)
expect(token).to_not be_nil expect(token).to_not be_nil
@ -298,7 +311,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
foobar_user = @service.users.create(:name => 'foobar_385', foobar_user = @service.users.create(:name => 'foobar_385',
:email => 'foobar_demo@example.com', :email => 'foobar_demo@example.com',
:domain_id => ENV['OS_USER_DOMAIN_ID'] || 'default', :domain_id => ENV['OS_USER_DOMAIN_ID'] || VCR_DOMAIN_ID,
:password => 's3cret!') :password => 's3cret!')
foobar_role = @service.roles.create(:name => 'foobar_role390') foobar_role = @service.roles.create(:name => 'foobar_role390')
@ -308,20 +321,20 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
:openstack_domain_id => foobar_user.domain_id, :openstack_domain_id => foobar_user.domain_id,
:openstack_api_key => 's3cret!', :openstack_api_key => 's3cret!',
:openstack_username => 'foobar_385', :openstack_username => 'foobar_385',
:openstack_region => ENV['OS_REGION_NAME']||'europe', :openstack_region => ENV['OS_REGION_NAME']||VCR_REGION,
:openstack_auth_url => auth_url) :openstack_auth_url => auth_url)
# Test - check the token validity by using it to create a new Fog::Identity::OpenStack::V3 instance # Test - check the token validity by using it to create a new Fog::Identity::OpenStack::V3 instance
token_check = Fog::Identity::OpenStack::V3.new( token_check = Fog::Identity::OpenStack::V3.new(
:openstack_auth_token => nonadmin_v3.auth_token, :openstack_auth_token => nonadmin_v3.auth_token,
:openstack_region => ENV['OS_REGION_NAME']||'europe', :openstack_region => ENV['OS_REGION_NAME']||VCR_REGION,
:openstack_auth_url => auth_url) :openstack_auth_url => auth_url)
expect(token_check).to_not be_nil expect(token_check).to_not be_nil
expect { Fog::Identity::OpenStack::V3.new( expect { Fog::Identity::OpenStack::V3.new(
:openstack_auth_token => 'blahblahblah', :openstack_auth_token => 'blahblahblah',
:openstack_region => ENV['OS_REGION_NAME']||'europe', :openstack_region => ENV['OS_REGION_NAME']||VCR_REGION,
:openstack_auth_url => auth_url) }.to raise_error(Excon::Errors::NotFound) :openstack_auth_url => auth_url) }.to raise_error(Excon::Errors::NotFound)
ensure ensure
# Clean up # Clean up
@ -345,7 +358,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
expect(domains_all).to_not be_nil expect(domains_all).to_not be_nil
expect(domains_all.length).to_not be 0 expect(domains_all.length).to_not be 0
default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||'default' default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||VCR_DOMAIN_ID
expect(default_domain).to_not be_nil expect(default_domain).to_not be_nil
expect { @service.domains.find_by_id 'atlantis' }.to raise_error(Fog::Identity::OpenStack::NotFound) expect { @service.domains.find_by_id 'atlantis' }.to raise_error(Fog::Identity::OpenStack::NotFound)
@ -423,7 +436,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
foobar_user.revoke_role(foobar_role.id) foobar_user.revoke_role(foobar_role.id)
expect(foobar_user.check_role(foobar_role.id)).to be false expect(foobar_user.check_role(foobar_role.id)).to be false
ensure ensure
foobar_user = @service.users.find_by_name('u-foobar_role_user').first unless foobar_user foobar_user = @service.users.find_by_name('foobar_role_user').first unless foobar_user
foobar_user.destroy if foobar_user foobar_user.destroy if foobar_user
foobar_role = @service.roles.all.select { |role| role.name == 'foobar_role' }.first unless foobar_role foobar_role = @service.roles.all.select { |role| role.name == 'foobar_role' }.first unless foobar_role
foobar_role.destroy if foobar_role foobar_role.destroy if foobar_role
@ -535,14 +548,19 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
baz_role = @service.roles.find_by_id foobar_id baz_role = @service.roles.find_by_id foobar_id
expect(baz_role).to_not be_nil expect(baz_role).to_not be_nil
expect(baz_role.name).to eq 'baz23' expect(baz_role.name).to eq 'baz23'
ensure baz_role.destroy
# Delete the role baz_role = nil
baz_role.destroy if baz_role
# Check that the deletion worked # Check that the deletion worked
expect { @service.roles.find_by_id foobar_id }.to raise_error(Fog::Identity::OpenStack::NotFound) if foobar_id expect { @service.roles.find_by_id foobar_id }.to raise_error(Fog::Identity::OpenStack::NotFound) if foobar_id
['foobar23', 'baz23'].each do |role_name| ['foobar23', 'baz23'].each do |role_name|
expect(@service.roles.all(:name => role_name).length).to be 0 expect(@service.roles.all(:name => role_name).length).to be 0
end end
ensure
# Delete the roles
foobar_by_name = @service.roles.all(:name => 'foobar23').first
foobar_by_name.destroy if foobar_by_name
baz_by_name = @service.roles.all(:name => 'baz23').first
baz_by_name.destroy if baz_by_name
end end
end end
end end
@ -567,7 +585,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it "CRUD projects" do it "CRUD projects" do
VCR.use_cassette('idv3_project_crud') do VCR.use_cassette('idv3_project_crud') do
default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||'default' default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||VCR_DOMAIN_ID
begin begin
# Create a project called foobar - should not work without domain id? # Create a project called foobar - should not work without domain id?
@ -602,7 +620,7 @@ RSpec.describe Fog::Identity::OpenStack::V3 do
it "CRUD & list hierarchical projects" do it "CRUD & list hierarchical projects" do
VCR.use_cassette('idv3_project_hier_crud_list') do VCR.use_cassette('idv3_project_hier_crud_list') do
default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||'default' default_domain = @service.domains.find_by_id ENV['OS_USER_DOMAIN_ID']||VCR_DOMAIN_ID
begin begin
# Create a project called foobar # Create a project called foobar

View file

@ -76,19 +76,20 @@ RSpec.shared_context 'OpenStack specs with VCR' do
if @service_class == Fog::Identity::OpenStack::V3 || @os_auth_url.end_with?('/v3') if @service_class == Fog::Identity::OpenStack::V3 || @os_auth_url.end_with?('/v3')
options = { options = {
:openstack_auth_url => "#{@os_auth_url}/auth/tokens", :openstack_auth_url => "#{@os_auth_url}/auth/tokens",
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || options[:region_name] || 'RegionOne',
:openstack_api_key => ENV['OS_PASSWORD'] || 'password', :openstack_api_key => ENV['OS_PASSWORD'] || options[:password] || 'password',
:openstack_username => ENV['OS_USERNAME'] || 'admin', :openstack_username => ENV['OS_USERNAME'] || options[:username] || 'admin',
:openstack_domain_name => ENV['OS_USER_DOMAIN_NAME'] || 'Default', :openstack_domain_name => ENV['OS_USER_DOMAIN_NAME']|| options[:domain_name] || 'Default',
:openstack_project_name => ENV['OS_PROJECT_NAME'] || 'admin' :openstack_project_name => ENV['OS_PROJECT_NAME']|| options[:project_name] || 'admin'
} }
options[:openstack_service_type] = [ENV['OS_AUTH_SERVICE']] if ENV['OS_AUTH_SERVICE']
else else
options = { options = {
:openstack_auth_url => "#{@os_auth_url}/tokens", :openstack_auth_url => "#{@os_auth_url}/tokens",
:openstack_region => ENV['OS_REGION_NAME'] || 'RegionOne', :openstack_region => ENV['OS_REGION_NAME'] || options[:region_name] || 'RegionOne',
:openstack_api_key => ENV['OS_PASSWORD'] || 'devstack', :openstack_api_key => ENV['OS_PASSWORD'] || options[:password] || 'devstack',
:openstack_username => ENV['OS_USERNAME'] || 'admin', :openstack_username => ENV['OS_USERNAME'] || options[:username] || 'admin',
:openstack_tenant => ENV['OS_PROJECT_NAME'] || 'admin' :openstack_tenant => ENV['OS_PROJECT_NAME'] || options[:project_name] || 'admin'
# FIXME: Identity V3 not properly supported by other services yet # FIXME: Identity V3 not properly supported by other services yet
# :openstack_user_domain => ENV['OS_USER_DOMAIN_NAME'] || 'Default', # :openstack_user_domain => ENV['OS_USER_DOMAIN_NAME'] || 'Default',
# :openstack_project_domain => ENV['OS_PROJECT_DOMAIN_NAME'] || 'Default', # :openstack_project_domain => ENV['OS_PROJECT_DOMAIN_NAME'] || 'Default',