2 Documentation DockerKeystone library. This library is useful to deal with Openstack Keystone service which provides API client authentication.
4 ... It consists of three main groups of keywords:
6 ... - Start/Stop keystone node in SYSTEM TOOLS VM:
7 ... - Run Docker Keystone
8 ... - Destroy Docker Keystone
9 ... - Check Keystone Log File For String
11 ... - Provision keystone node:
12 ... - Create Keystone session
13 ... - Get Keystone Token
14 ... - Create Keystone Domain
15 ... - Create Keystone User in a Domain
16 ... - Set Domain To False
17 ... - Get Admin Role Id
18 ... - Grant Admin Role
19 ... - Delete Keystone Domain
21 ... - Provision ODL node for secure communication with Keystone node:
22 ... - Set Keystone Certificate into ODL
24 Library RequestsLibrary
30 [Arguments] ${TOOLS_SYSTEM_NAME} ${CREATE_TOKEN_FILE}
31 [Documentation] Get Keystone token for a particular user and domain
32 Set Suite Variable ${CREATE_TOKEN_URI} /v3/auth/tokens/
33 ${body} OperatingSystem.Get File ${CREATE_TOKEN_FILE}
35 ${resp}= RequestsLibrary.Post Request session_keystone ${CREATE_TOKEN_URI} data=${body} headers=${HEADERS} allow_redirects=${true}
36 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
37 ${token} Get From Dictionary ${resp.headers} x-subject-token
40 Create Keystone session
41 [Arguments] ${TOOLS_SYSTEM_NAME}
42 [Documentation] Create a https session with Keystone for provisioning new domains, users, projects ...
44 Create Session session_keystone https://${TOOLS_SYSTEM_NAME}:35357 auth=${AUTH_ADMIN_SDN} headers=${HEADERS} debug=3
46 Create Keystone Domain
47 [Arguments] ${HEADERS} ${CREATE_DOMAIN_FILE}
48 [Documentation] Provision a domain in Keystone
49 Set Suite Variable ${CREATE_DOMAIN_URI} /v3/domains/
50 ${body} OperatingSystem.Get File ${CREATE_DOMAIN_FILE}
51 ${resp} RequestsLibrary.Post Request session_keystone ${CREATE_DOMAIN_URI} data=${body} headers=${HEADERS}
52 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
53 ${domain_id} Convert To String ${resp.json()['domain']['id']}
56 Create Keystone User in a Domain
57 [Arguments] ${HEADERS} ${CREATE_USERS_FILE}
58 [Documentation] Provision an user associated to a domain in \ Keystone
59 Set Suite Variable ${CREATE_USERS_URI} /v3/users/
60 ${body} OperatingSystem.Get File ${CREATE_USERS_FILE}
61 ${resp} RequestsLibrary.Post Request session_keystone ${CREATE_USERS_URI} data=${body} headers=${HEADERS}
62 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
63 ${user_id} Convert To String ${resp.json()['user']['id']}
67 [Arguments] ${domain} ${user} ${roleid} ${HEADERS}
68 [Documentation] Grant a role to an user in a domain in \ Keystone
69 Set Suite Variable ${GRANT_ADMIN_ROLE_URI} /v3/domains/${domain}/users/${user}/roles/${roleid}
70 ${resp} RequestsLibrary.Put Request session_keystone ${GRANT_ADMIN_ROLE_URI} headers=${HEADERS}
71 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
74 [Arguments] ${HEADERS}
75 [Documentation] Get admin role id from Keystone
76 Set Suite Variable ${GET_ADMIN_ROLE_URI} /v3/roles?name=admin
77 ${resp}= RequestsLibrary.Get Request session_keystone ${GET_ADMIN_ROLE_URI} headers=${HEADERS}
78 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
79 ${admin_role_id} Convert To String ${resp.json()['roles'][0]['id']}
81 [Return] ${admin_role_id}
84 [Documentation] Run Keystone in a docker container hosted in the SYSTEM TOOL server and define "CSC_user" and "CSC_user_no_admin" users, the former with "admin" role and the latter with "user" role
85 ${output} SSHLibrary.Open_Connection ${TOOLS_SYSTEM_IP} timeout=20s
86 SSHKeywords.Flexible_Controller_Login
87 SSHLibrary.Put File ${CURDIR}/../../suites/aaa/keystone/start_keystone.sh
88 ${output}= SSHLibrary.Execute Command ./start_keystone.sh
90 ${output}= SSHLibrary.Execute Command docker ps --all
92 Wait Until Keyword Succeeds 10x 15 Check Keystone Log File For String GET
93 SSHLibrary.Execute Command docker exec -t keystone bash -c "source openrc;openstack user create --password cscuser CSC_user;openstack user set --project admin CSC_user;openstack role add --project admin --user CSC_user admin;openstack role add --domain default --user CSC_user admin;openstack user list"
94 SSHLibrary.Execute Command docker exec -t keystone bash -c "source openrc;openstack user create --password cscusernoadmin CSC_user_no_admin;openstack user set --project admin CSC_user_no_admin;openstack role add --project admin --user CSC_user_no_admin user;openstack role add --domain default --user CSC_user_no_admin user"
97 Destroy Docker Keystone
98 [Documentation] Destroy keystone container and remove mysql database
99 ${output} SSHLibrary.Execute Command docker stop keystone;docker rm keystone return_stdout=True return_stderr=True return_rc=True
100 ${output} SSHLibrary.Execute Command sudo rm -rf /var/lib/mysql/ return_stdout=True return_stderr=True return_rc=True
104 [Arguments] ${domain} ${HEADERS}
105 [Documentation] Disable domain in keystone
106 Set Suite Variable ${PATCH_DOMAIN_URI} /v3/domains/${domain}
107 Set Suite Variable ${PATCH_DOMAIN_FILE} ${CURDIR}/../../variables/aaa/patch-domain.json
108 ${body} OperatingSystem.Get File ${PATCH_DOMAIN_FILE}
109 ${resp} RequestsLibrary.Patch Request session_keystone ${PATCH_DOMAIN_URI} data=${body} headers=${HEADERS}
110 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
112 Delete Keystone Domain
113 [Arguments] ${domain} ${HEADERS}
114 [Documentation] Delete domain in \ Keystone
115 Set Suite Variable ${DELETE_DOMAIN_URI} /v3/domains/${domain}
116 ${resp} RequestsLibrary.Delete Request session_keystone ${DELETE_DOMAIN_URI} headers=${HEADERS}
117 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
119 Set Keystone Certificate into ODL
120 [Arguments] ${PUT_KEYSTONE_CERT_FILE} ${TOOLS_SYSTEM_NAME}
121 [Documentation] Install Keystone Certificate into ODL
122 SSHLibrary.Get File ${USER_HOME}${/}keystone_cert.pem ${USER_HOME}${/}key_cert.pem
123 ${keystone_certificate} ${rc} SSHLibrary.Execute Command cat keystone_cert.pem|grep -v CERTIFICATE|tr -d '\n' return_stdout=True return_stderr=False return_rc=True
124 Create Session session_admin http://${ODL_SYSTEM_IP}:${RESTCONFPORT} auth=${AUTH} headers=${HEADERS}
125 Set Suite Variable ${PUT_CERTIFICATE_URI} /restconf/operations/aaa-cert-rpc:setNodeCertifcate
126 ${normalized_file}= OperatingSystem.Normalize Path ${PUT_KEYSTONE_CERT_FILE}
127 ${output} OperatingSystem.Run sed -i 's#\"node-cert\".*#\"node-cert\"\: \"${keystone_certificate}\",#g' ${PUT_KEYSTONE_CERT_FILE}
128 ${output} OperatingSystem.Run sed -i 's#\"node-alias\".*#\"node-alias\"\: \"${TOOLS_SYSTEM_NAME}\"#g' ${PUT_KEYSTONE_CERT_FILE}
129 ${body_cert} OperatingSystem.Get File ${PUT_KEYSTONE_CERT_FILE}
130 ${resp} RequestsLibrary.Post Request session_admin ${PUT_CERTIFICATE_URI} data=${body_cert} headers=${HEADERS}
131 Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code}
133 Check Keystone Log File For String
134 [Arguments] ${string}
135 [Documentation] Check provided log exists in /var/log/nginx-access.log
136 ${output} SSHLibrary.Execute Command docker exec -t keystone bash -c "grep ${string} /var/log/nginx-access.log"
138 BuiltIn.Should Contain ${output} ${string}