*** Settings *** Documentation DockerKeystone library. This library is useful to deal with Openstack Keystone service which provides API client authentication. ... ... It consists of three main groups of keywords: ... ... - Start/Stop keystone node in SYSTEM TOOLS VM: ... - Run Docker Keystone ... - Destroy Docker Keystone ... - Check Keystone Log File For String ... ... - Provision keystone node: ... - Create Keystone session ... - Get Keystone Token ... - Create Keystone Domain ... - Create Keystone User in a Domain ... - Set Domain To False ... - Get Admin Role Id ... - Grant Admin Role ... - Delete Keystone Domain ... ... - Provision ODL node for secure communication with Keystone node: ... - Set Keystone Certificate into ODL Library SSHLibrary Library RequestsLibrary *** Keywords *** Get Keystone Token [Documentation] Get Keystone token for a particular user and domain [Arguments] ${TOOLS_SYSTEM_NAME} ${CREATE_TOKEN_FILE} Set Suite Variable ${CREATE_TOKEN_URI} /v3/auth/tokens/ ${body} OperatingSystem.Get File ${CREATE_TOKEN_FILE} Log ${HEADERS} ${resp} RequestsLibrary.Post Request ... session_keystone ... ${CREATE_TOKEN_URI} ... data=${body} ... headers=${HEADERS} ... allow_redirects=${true} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} ${token} Get From Dictionary ${resp.headers} x-subject-token RETURN ${token} Create Keystone session [Documentation] Create a https session with Keystone for provisioning new domains, users, projects ... [Arguments] ${TOOLS_SYSTEM_NAME} Log ${HEADERS} Create Session ... session_keystone ... https://${TOOLS_SYSTEM_NAME}:35357 ... auth=${AUTH_ADMIN_SDN} ... headers=${HEADERS} ... debug=3 Create Keystone Domain [Documentation] Provision a domain in Keystone [Arguments] ${HEADERS} ${CREATE_DOMAIN_FILE} Set Suite Variable ${CREATE_DOMAIN_URI} /v3/domains/ ${body} OperatingSystem.Get File ${CREATE_DOMAIN_FILE} ${resp} RequestsLibrary.Post Request ... session_keystone ... ${CREATE_DOMAIN_URI} ... data=${body} ... headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} ${domain_id} Convert To String ${resp.json()['domain']['id']} RETURN ${domain_id} Create Keystone User in a Domain [Documentation] Provision an user associated to a domain in \ Keystone [Arguments] ${HEADERS} ${CREATE_USERS_FILE} Set Suite Variable ${CREATE_USERS_URI} /v3/users/ ${body} OperatingSystem.Get File ${CREATE_USERS_FILE} ${resp} RequestsLibrary.Post Request ... session_keystone ... ${CREATE_USERS_URI} ... data=${body} ... headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} ${user_id} Convert To String ${resp.json()['user']['id']} RETURN ${user_id} Grant Admin Role [Documentation] Grant a role to an user in a domain in \ Keystone [Arguments] ${domain} ${user} ${roleid} ${HEADERS} Set Suite Variable ${GRANT_ADMIN_ROLE_URI} /v3/domains/${domain}/users/${user}/roles/${roleid} ${resp} RequestsLibrary.Put Request session_keystone ${GRANT_ADMIN_ROLE_URI} headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} Get Admin Role Id [Documentation] Get admin role id from Keystone [Arguments] ${HEADERS} Set Suite Variable ${GET_ADMIN_ROLE_URI} /v3/roles?name=admin ${resp} RequestsLibrary.Get Request session_keystone ${GET_ADMIN_ROLE_URI} headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} ${admin_role_id} Convert To String ${resp.json()['roles'][0]['id']} Log ${admin_role_id} RETURN ${admin_role_id} Run Docker Keystone [Documentation] Run Keystone in a docker container hosted in the SYSTEM TOOL server and define "CSC_user" and "CSC_user_no_admin" users, the former with "admin" role and the latter with "user" role ${output} SSHLibrary.Open_Connection ${TOOLS_SYSTEM_IP} timeout=20s SSHKeywords.Flexible_Controller_Login SSHLibrary.Put File ${CURDIR}/../../suites/aaa/keystone/start_keystone.sh ${output} SSHLibrary.Execute Command ./start_keystone.sh Log ${output} ${output} SSHLibrary.Execute Command docker ps --all Log ${output} Wait Until Keyword Succeeds 10x 15 Check Keystone Log File For String GET SSHLibrary.Execute Command ... docker exec -t keystone bash -c "source openrc;openstack user create --password cscuser CSC_user;openstack user set --project admin CSC_user;openstack role add --project admin --user CSC_user admin;openstack role add --domain default --user CSC_user admin;openstack user list" SSHLibrary.Execute Command ... docker exec -t keystone bash -c "source openrc;openstack user create --password cscusernoadmin CSC_user_no_admin;openstack user set --project admin CSC_user_no_admin;openstack role add --project admin --user CSC_user_no_admin user;openstack role add --domain default --user CSC_user_no_admin user" RETURN ${output} Destroy Docker Keystone [Documentation] Destroy keystone container and remove mysql database ${output} SSHLibrary.Execute Command ... docker stop keystone;docker rm keystone ... return_stdout=True ... return_stderr=True ... return_rc=True ${output} SSHLibrary.Execute Command ... sudo rm -rf /var/lib/mysql/ ... return_stdout=True ... return_stderr=True ... return_rc=True RETURN ${output} Set Domain To False [Documentation] Disable domain in keystone [Arguments] ${domain} ${HEADERS} Set Suite Variable ${PATCH_DOMAIN_URI} /v3/domains/${domain} Set Suite Variable ${PATCH_DOMAIN_FILE} ${CURDIR}/../../variables/aaa/patch-domain.json ${body} OperatingSystem.Get File ${PATCH_DOMAIN_FILE} ${resp} RequestsLibrary.Patch Request ... session_keystone ... ${PATCH_DOMAIN_URI} ... data=${body} ... headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} Delete Keystone Domain [Documentation] Delete domain in \ Keystone [Arguments] ${domain} ${HEADERS} Set Suite Variable ${DELETE_DOMAIN_URI} /v3/domains/${domain} ${resp} RequestsLibrary.Delete Request session_keystone ${DELETE_DOMAIN_URI} headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} Set Keystone Certificate into ODL [Documentation] Install Keystone Certificate into ODL [Arguments] ${PUT_KEYSTONE_CERT_FILE} ${TOOLS_SYSTEM_NAME} SSHLibrary.Get File ${USER_HOME}${/}keystone_cert.pem ${USER_HOME}${/}key_cert.pem ${keystone_certificate} ${rc} SSHLibrary.Execute Command ... cat keystone_cert.pem|grep -v CERTIFICATE|tr -d '\n' ... return_stdout=True ... return_stderr=False ... return_rc=True Create Session session_admin http://${ODL_SYSTEM_IP}:${RESTCONFPORT} auth=${AUTH} headers=${HEADERS} Set Suite Variable ${PUT_CERTIFICATE_URI} /restconf/operations/aaa-cert-rpc:setNodeCertifcate ${normalized_file} OperatingSystem.Normalize Path ${PUT_KEYSTONE_CERT_FILE} ${output} OperatingSystem.Run ... sed -i 's#\"node-cert\".*#\"node-cert\"\: \"${keystone_certificate}\",#g' ${PUT_KEYSTONE_CERT_FILE} ${output} OperatingSystem.Run ... sed -i 's#\"node-alias\".*#\"node-alias\"\: \"${TOOLS_SYSTEM_NAME}\"#g' ${PUT_KEYSTONE_CERT_FILE} ${body_cert} OperatingSystem.Get File ${PUT_KEYSTONE_CERT_FILE} ${resp} RequestsLibrary.Post Request ... session_admin ... ${PUT_CERTIFICATE_URI} ... data=${body_cert} ... headers=${HEADERS} Should Contain ${ALLOWED_STATUS_CODES} ${resp.status_code} Check Keystone Log File For String [Documentation] Check provided log exists in /var/log/nginx-access.log [Arguments] ${string} ${output} SSHLibrary.Execute Command ... docker exec -t keystone bash -c "grep ${string} /var/log/nginx-access.log" Log ${output} BuiltIn.Should Contain ${output} ${string}