2 Documentation DockerKeystone library. This library is useful to deal with Openstack Keystone service which provides API client authentication.
4 ... It consists of three main groups of keywords:
6 ... - Start/Stop keystone node in SYSTEM TOOLS VM:
7 ... - Run Docker Keystone
8 ... - Destroy Docker Keystone
9 ... - Check Keystone Log File For String
11 ... - Provision keystone node:
12 ... - Create Keystone session
13 ... - Get Keystone Token
14 ... - Create Keystone Domain
15 ... - Create Keystone User in a Domain
16 ... - Set Domain To False
17 ... - Get Admin Role Id
18 ... - Grant Admin Role
19 ... - Delete Keystone Domain
21 ... - Provision ODL node for secure communication with Keystone node:
22 ... - Set Keystone Certificate into ODL
25 Library RequestsLibrary
30 [Documentation] Get Keystone token for a particular user and domain
31 [Arguments] ${TOOLS_SYSTEM_NAME} ${CREATE_TOKEN_FILE}
32 Set Suite Variable ${CREATE_TOKEN_URI} /v3/auth/tokens/
33 ${body} OperatingSystem.Get File ${CREATE_TOKEN_FILE}
35 ${resp} RequestsLibrary.Post Request
37 ... ${CREATE_TOKEN_URI}
39 ... headers=${HEADERS}
40 ... allow_redirects=${true}
41 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
42 ${token} Get From Dictionary ${resp.headers} x-subject-token
45 Create Keystone session
46 [Documentation] Create a https session with Keystone for provisioning new domains, users, projects ...
47 [Arguments] ${TOOLS_SYSTEM_NAME}
51 ... https://${TOOLS_SYSTEM_NAME}:35357
52 ... auth=${AUTH_ADMIN_SDN}
53 ... headers=${HEADERS}
56 Create Keystone Domain
57 [Documentation] Provision a domain in Keystone
58 [Arguments] ${HEADERS} ${CREATE_DOMAIN_FILE}
59 Set Suite Variable ${CREATE_DOMAIN_URI} /v3/domains/
60 ${body} OperatingSystem.Get File ${CREATE_DOMAIN_FILE}
61 ${resp} RequestsLibrary.Post Request
63 ... ${CREATE_DOMAIN_URI}
65 ... headers=${HEADERS}
66 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
67 ${domain_id} Convert To String ${resp.json()['domain']['id']}
70 Create Keystone User in a Domain
71 [Documentation] Provision an user associated to a domain in \ Keystone
72 [Arguments] ${HEADERS} ${CREATE_USERS_FILE}
73 Set Suite Variable ${CREATE_USERS_URI} /v3/users/
74 ${body} OperatingSystem.Get File ${CREATE_USERS_FILE}
75 ${resp} RequestsLibrary.Post Request
77 ... ${CREATE_USERS_URI}
79 ... headers=${HEADERS}
80 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
81 ${user_id} Convert To String ${resp.json()['user']['id']}
85 [Documentation] Grant a role to an user in a domain in \ Keystone
86 [Arguments] ${domain} ${user} ${roleid} ${HEADERS}
87 Set Suite Variable ${GRANT_ADMIN_ROLE_URI} /v3/domains/${domain}/users/${user}/roles/${roleid}
88 ${resp} RequestsLibrary.Put Request session_keystone ${GRANT_ADMIN_ROLE_URI} headers=${HEADERS}
89 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
92 [Documentation] Get admin role id from Keystone
93 [Arguments] ${HEADERS}
94 Set Suite Variable ${GET_ADMIN_ROLE_URI} /v3/roles?name=admin
95 ${resp} RequestsLibrary.Get Request session_keystone ${GET_ADMIN_ROLE_URI} headers=${HEADERS}
96 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
97 ${admin_role_id} Convert To String ${resp.json()['roles'][0]['id']}
99 RETURN ${admin_role_id}
102 [Documentation] Run Keystone in a docker container hosted in the SYSTEM TOOL server and define "CSC_user" and "CSC_user_no_admin" users, the former with "admin" role and the latter with "user" role
103 ${output} SSHLibrary.Open_Connection ${TOOLS_SYSTEM_IP} timeout=20s
104 SSHKeywords.Flexible_Controller_Login
105 SSHLibrary.Put File ${CURDIR}/../../suites/aaa/keystone/start_keystone.sh
106 ${output} SSHLibrary.Execute Command ./start_keystone.sh
108 ${output} SSHLibrary.Execute Command docker ps --all
110 Wait Until Keyword Succeeds 10x 15 Check Keystone Log File For String GET
111 SSHLibrary.Execute Command
112 ... docker exec -t keystone bash -c "source openrc;openstack user create --password cscuser CSC_user;openstack user set --project admin CSC_user;openstack role add --project admin --user CSC_user admin;openstack role add --domain default --user CSC_user admin;openstack user list"
113 SSHLibrary.Execute Command
114 ... docker exec -t keystone bash -c "source openrc;openstack user create --password cscusernoadmin CSC_user_no_admin;openstack user set --project admin CSC_user_no_admin;openstack role add --project admin --user CSC_user_no_admin user;openstack role add --domain default --user CSC_user_no_admin user"
117 Destroy Docker Keystone
118 [Documentation] Destroy keystone container and remove mysql database
119 ${output} SSHLibrary.Execute Command
120 ... docker stop keystone;docker rm keystone
121 ... return_stdout=True
122 ... return_stderr=True
124 ${output} SSHLibrary.Execute Command
125 ... sudo rm -rf /var/lib/mysql/
126 ... return_stdout=True
127 ... return_stderr=True
132 [Documentation] Disable domain in keystone
133 [Arguments] ${domain} ${HEADERS}
134 Set Suite Variable ${PATCH_DOMAIN_URI} /v3/domains/${domain}
135 Set Suite Variable ${PATCH_DOMAIN_FILE} ${CURDIR}/../../variables/aaa/patch-domain.json
136 ${body} OperatingSystem.Get File ${PATCH_DOMAIN_FILE}
137 ${resp} RequestsLibrary.Patch Request
139 ... ${PATCH_DOMAIN_URI}
141 ... headers=${HEADERS}
142 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
144 Delete Keystone Domain
145 [Documentation] Delete domain in \ Keystone
146 [Arguments] ${domain} ${HEADERS}
147 Set Suite Variable ${DELETE_DOMAIN_URI} /v3/domains/${domain}
148 ${resp} RequestsLibrary.Delete Request session_keystone ${DELETE_DOMAIN_URI} headers=${HEADERS}
149 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
151 Set Keystone Certificate into ODL
152 [Documentation] Install Keystone Certificate into ODL
153 [Arguments] ${PUT_KEYSTONE_CERT_FILE} ${TOOLS_SYSTEM_NAME}
154 SSHLibrary.Get File ${USER_HOME}${/}keystone_cert.pem ${USER_HOME}${/}key_cert.pem
155 ${keystone_certificate} ${rc} SSHLibrary.Execute Command
156 ... cat keystone_cert.pem|grep -v CERTIFICATE|tr -d '\n'
157 ... return_stdout=True
158 ... return_stderr=False
160 Create Session session_admin http://${ODL_SYSTEM_IP}:${RESTCONFPORT} auth=${AUTH} headers=${HEADERS}
161 Set Suite Variable ${PUT_CERTIFICATE_URI} /restconf/operations/aaa-cert-rpc:setNodeCertifcate
162 ${normalized_file} OperatingSystem.Normalize Path ${PUT_KEYSTONE_CERT_FILE}
163 ${output} OperatingSystem.Run
164 ... sed -i 's#\"node-cert\".*#\"node-cert\"\: \"${keystone_certificate}\",#g' ${PUT_KEYSTONE_CERT_FILE}
165 ${output} OperatingSystem.Run
166 ... sed -i 's#\"node-alias\".*#\"node-alias\"\: \"${TOOLS_SYSTEM_NAME}\"#g' ${PUT_KEYSTONE_CERT_FILE}
167 ${body_cert} OperatingSystem.Get File ${PUT_KEYSTONE_CERT_FILE}
168 ${resp} RequestsLibrary.Post Request
170 ... ${PUT_CERTIFICATE_URI}
171 ... data=${body_cert}
172 ... headers=${HEADERS}
173 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
175 Check Keystone Log File For String
176 [Documentation] Check provided log exists in /var/log/nginx-access.log
177 [Arguments] ${string}
178 ${output} SSHLibrary.Execute Command
179 ... docker exec -t keystone bash -c "grep ${string} /var/log/nginx-access.log"
181 BuiltIn.Should Contain ${output} ${string}