2 Documentation DockerKeystone library. This library is useful to deal with Openstack Keystone service which provides API client authentication.
4 ... It consists of three main groups of keywords:
6 ... - Start/Stop keystone node in SYSTEM TOOLS VM:
7 ... - Run Docker Keystone
8 ... - Destroy Docker Keystone
10 ... - Provision keystone node:
11 ... - Create Keystone session
12 ... - Get Keystone Token
13 ... - Create Keystone Domain
14 ... - Create Keystone User in a Domain
15 ... - Set Domain To False
16 ... - Get Admin Role Id
17 ... - Grant Admin Role
18 ... - Delete Keystone Domain
20 ... - Provision ODL node for secure communication with Keystone node:
21 ... - Set Keystone Certificate into ODL
23 Library RequestsLibrary
29 [Arguments] ${TOOLS_SYSTEM_NAME} ${CREATE_TOKEN_FILE}
30 [Documentation] Get Keystone token for a particular user and domain
31 Set Suite Variable ${CREATE_TOKEN_URI} /v3/auth/tokens/
32 ${body} OperatingSystem.Get File ${CREATE_TOKEN_FILE}
34 ${resp}= RequestsLibrary.Post Request session_keystone ${CREATE_TOKEN_URI} data=${body} headers=${HEADERS} allow_redirects=${true}
35 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
36 ${token} Get From Dictionary ${resp.headers} x-subject-token
39 Create Keystone session
40 [Arguments] ${TOOLS_SYSTEM_NAME}
41 [Documentation] Create a https session with Keystone for provisioning new domains, users, projects ...
43 Create Session session_keystone https://${TOOLS_SYSTEM_NAME}:35357 auth=${AUTH_ADMIN_SDN} headers=${HEADERS} debug=3
45 Create Keystone Domain
46 [Arguments] ${HEADERS} ${CREATE_DOMAIN_FILE}
47 [Documentation] Provision a domain in Keystone
48 Set Suite Variable ${CREATE_DOMAIN_URI} /v3/domains/
49 ${body} OperatingSystem.Get File ${CREATE_DOMAIN_FILE}
50 ${resp} RequestsLibrary.Post Request session_keystone ${CREATE_DOMAIN_URI} data=${body} headers=${HEADERS}
51 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
52 ${domain_id} Convert To String ${resp.json()['domain']['id']}
55 Create Keystone User in a Domain
56 [Arguments] ${HEADERS} ${CREATE_USERS_FILE}
57 [Documentation] Provision an user associated to a domain in \ Keystone
58 Set Suite Variable ${CREATE_USERS_URI} /v3/users/
59 ${body} OperatingSystem.Get File ${CREATE_USERS_FILE}
60 ${resp} RequestsLibrary.Post Request session_keystone ${CREATE_USERS_URI} data=${body} headers=${HEADERS}
61 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
62 ${user_id} Convert To String ${resp.json()['user']['id']}
66 [Arguments] ${domain} ${user} ${roleid} ${HEADERS}
67 [Documentation] Grant a role to an user in a domain in \ Keystone
68 Set Suite Variable ${GRANT_ADMIN_ROLE_URI} /v3/domains/${domain}/users/${user}/roles/${roleid}
69 ${resp} RequestsLibrary.Put Request session_keystone ${GRANT_ADMIN_ROLE_URI} headers=${HEADERS}
70 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
73 [Arguments] ${HEADERS}
74 [Documentation] Get admin role id from Keystone
75 Set Suite Variable ${GET_ADMIN_ROLE_URI} /v3/roles?name=admin
76 ${resp}= RequestsLibrary.Get Request session_keystone ${GET_ADMIN_ROLE_URI} headers=${HEADERS}
77 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
78 ${admin_role_id} Convert To String ${resp.json()['roles'][0]['id']}
80 [Return] ${admin_role_id}
83 [Documentation] Run Keystone in a docker container hosted in the SYSTEM TOOL server and define "CSC_user" and "CSC_user_no_admin" users, the former with "admin" role and the latter with "user" role
84 ${output} SSHLibrary.Open_Connection ${TOOLS_SYSTEM_IP} timeout=20s
85 Utils.Flexible_Controller_Login
86 SSHLibrary.Put File ${CURDIR}/../../suites/aaa/keystone/start_keystone.sh
87 SSHLibrary.Execute Command ./start_keystone.sh
88 Wait Until Keyword Succeeds 10x 15 Check Keystone Log File For String GET
89 SSHLibrary.Execute Command docker exec -t keystone bash -c "source openrc;openstack user create --password cscuser CSC_user;openstack user set --project admin CSC_user;openstack role add --project admin --user CSC_user admin;openstack role add --domain default --user CSC_user admin;openstack user list"
90 SSHLibrary.Execute Command docker exec -t keystone bash -c "source openrc;openstack user create --password cscusernoadmin CSC_user_no_admin;openstack user set --project admin CSC_user_no_admin;openstack role add --project admin --user CSC_user_no_admin user;openstack user list"
93 Destroy Docker Keystone
94 [Documentation] Destroy keystone container and remove mysql database
95 ${output} SSHLibrary.Execute Command docker stop keystone;docker rm keystone return_stdout=True return_stderr=True return_rc=True
96 ${output} SSHLibrary.Execute Command sudo rm -rf /var/lib/mysql/ return_stdout=True return_stderr=True return_rc=True
100 [Arguments] ${domain} ${HEADERS}
101 [Documentation] Disable domain in keystone
102 Set Suite Variable ${PATCH_DOMAIN_URI} /v3/domains/${domain}
103 Set Suite Variable ${PATCH_DOMAIN_FILE} ${CURDIR}/../../variables/aaa/patch-domain.json
104 ${body} OperatingSystem.Get File ${PATCH_DOMAIN_FILE}
105 ${resp} RequestsLibrary.Patch Request session_keystone ${PATCH_DOMAIN_URI} data=${body} headers=${HEADERS}
106 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
108 Delete Keystone Domain
109 [Arguments] ${domain} ${HEADERS}
110 [Documentation] Delete domain in \ Keystone
111 Set Suite Variable ${DELETE_DOMAIN_URI} /v3/domains/${domain}
112 ${resp} RequestsLibrary.Delete Request session_keystone ${DELETE_DOMAIN_URI} headers=${HEADERS}
113 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
115 Set Keystone Certificate into ODL
116 [Arguments] ${PUT_KEYSTONE_CERT_FILE} ${TOOLS_SYSTEM_NAME}
117 [Documentation] Install Keystone Certificate into ODL
118 SSHLibrary.Get File ${USER_HOME}${/}keystone_cert.pem ${USER_HOME}${/}key_cert.pem
119 ${keystone_certificate} ${rc} SSHLibrary.Execute Command cat keystone_cert.pem|grep -v CERTIFICATE|tr -d '\n' return_stdout=True return_stderr=False return_rc=True
120 Create Session session_admin http://${ODL_SYSTEM_IP}:${RESTCONFPORT} auth=${AUTH} headers=${HEADERS}
121 Set Suite Variable ${PUT_CERTIFICATE_URI} /restconf/operations/aaa-cert-rpc:setNodeCertifcate
122 ${normalized_file}= OperatingSystem.Normalize Path ${PUT_KEYSTONE_CERT_FILE}
123 ${output} OperatingSystem.Run sed -i 's#\"node-cert\".*#\"node-cert\"\: \"${keystone_certificate}\",#g' ${PUT_KEYSTONE_CERT_FILE}
124 ${output} OperatingSystem.Run sed -i 's#\"node-alias\".*#\"node-alias\"\: \"${TOOLS_SYSTEM_NAME}\"#g' ${PUT_KEYSTONE_CERT_FILE}
125 ${body_cert} OperatingSystem.Get File ${PUT_KEYSTONE_CERT_FILE}
126 ${resp} RequestsLibrary.Post Request session_admin ${PUT_CERTIFICATE_URI} data=${body_cert} headers=${HEADERS}
127 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
129 Check Keystone Log File For String
130 [Arguments] ${string}
131 ${status} SSHLibrary.Execute Command docker exec -t keystone bash -c "grep ${string} /var/log/nginx-access.log"
133 BuiltIn.Should Contain ${status} ${string}