ostf(health checks) isn't working with changed default passwords

If user changed password in Horizon, then we can't do anything now, that's true. The right way would be, I assume, to extend functionality of OSTF and to provide updated credentials in Health Check tab.

I'm setting up Medium priority as OSTF can be used before password is changed by the user via Horizon. Also, OpenStack Settings Tab allows to set Admin password beforehand, and overall the situation when user changes password later via Horizon doesn't seem happening that often.

This does happen frequently enough that I've seen support take issues for this and I've discussed this with users on IRC and during customer deployments. I've even created a bug that the openrc file isn't validated https://bugs.launchpad.net/fuel/+bug/1250578.

I think the core problem here is that there is reliance in the cluster between the password stored in nailgundb (for OSFT) the openrc file, and the current passwords for the cluster. We need to test these relationships and all of the OSTF tests fail and imply that the cluster is broken when something as simple as the password changed.

This is related to the cluster lifecycle management. Postponing this issue to the granular deployment for 5.1

> This is related to the cluster lifecycle management. Postponing this issue to the granular deployment for 5.1
How does it correlate to granular deployment?

Please see my & Andrew's comments above. We need:
1) Provide clear message to the user that authorization failed due to possible change of user/pass in Horizon
2) Provide a user with an ability to enter new tenant/user/pass for running OSTF. It should be clear and easy in terms of user experience - ideally somewhere at the top of OSTF tab.

Hi,

We see here several solutions

1) Keep new passwords in OSTF, I don't like this approach because we will send wrong
credentials from nailgun to puppet manifests.

2) Enable user/password field in case of deployed cluster, here user will be able to change password
via UI. And in case of new node deployment we will send right credentials. But in this case user may think
that we can change password which wasn't changed manually in Horizon.

3) Can we create new user especially for OSTF? In this case I think it will be ok to keep/change credentials in OSTF.

as about 3-d solution - we can it create during puppet invocation.

But anyway Naigun should be possible provide data (login/tenant/pwd) for ostf user(If we choose this way)

For 5.0 release we add descriptive message about auth failure

This bug has hit many users. Increasing priority to High. Let's make a fix finally.

Ui part https://review.openstack.org/#/c/101568/

Fix proposed to branch: master
Review: https://review.openstack.org/102507

Reviewed: https://review.openstack.org/102507
Committed: https://git.openstack.org/cgit/stackforge/fuel-ostf/commit/?id=6f514d34870261ca4775ee2d843301965d260303
Submitter: Jenkins
Branch: master

commit 6f514d34870261ca4775ee2d843301965d260303
Author: Artem Roma <email address hidden>
Date: Wed Jun 25 14:52:18 2014 +0300

    OS access credentials processing added

    What is done:
    - os access credentials retriving from POST request body on wsgi
      controller for TestRun entity added;
    - needed environment variables setting added in nose StoragePlugin;
    - settuping process for HealthCheck updated;
    - integration tests for ostf adapter updated;
    - unit tests also updated;
    - change was tested on deployed env.

    Change-Id: I96580e4e59db0314a75c27f2dda49cf268b05b95
    Closes-Bug: #1281838