tempest

  1. Bug #1451987
  2. Comment #2

Comment 2 for bug 1451987

Revision history for this message
Imran Hayder (hayderimran7) wrote :

If you see following errors for all identity api v3 tests, then please be known that its not a a bug in tempest, rather you need to change keystone v3 policy.json and make it more relaxed so tempest can authorize with users created for each test with separate projects(tenants) because we set tenant_isolation to True in tempest.conf ...

=========================================================================

10:20:47 ======================================================================
10:20:47 FAIL: setUpClass (tempest.api.orchestration.stacks.test_templates.TemplateYAMLTestJSON)
10:20:47 ----------------------------------------------------------------------
10:20:47 Traceback (most recent call last):
10:20:47 testtools.testresult.real._StringException: Traceback (most recent call last):
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/test.py", line 255, in setUpClass
10:20:47 cls.setup_credentials()
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/api/orchestration/base.py", line 42, in setup_credentials
10:20:47 super(BaseOrchestrationTest, cls).setup_credentials()
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/test.py", line 338, in setup_credentials
10:20:47 credential_type=credentials_type)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/test.py", line 416, in get_client_manager
10:20:47 identity_version=identity_version
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/common/credentials.py", line 39, in get_isolated_credentials
10:20:47 identity_version=identity_version)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/common/isolated_creds.py", line 160, in __init__
10:20:47 self.identity_admin_client, self.creds_domain_name)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/common/isolated_creds.py", line 134, in get_creds_client
10:20:47 return V3CredsClient(identity_client, project_domain_name)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/common/isolated_creds.py", line 106, in __init__
10:20:47 params={'name': domain_name})[0]
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/tempest/services/identity/v3/json/identity_client.py", line 250, in list_domains
10:20:47 resp, body = self.get(url)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/.venv/lib/python2.7/site-packages/tempest_lib/common/rest_client.py", line 267, in get
10:20:47 return self.request('GET', url, extra_headers, headers)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/.venv/lib/python2.7/site-packages/tempest_lib/common/rest_client.py", line 629, in request
10:20:47 resp, resp_body)
10:20:47 File "/var/lib/jenkins/workspace/tempest_v3/tempest-repo/tempest/.venv/lib/python2.7/site-packages/tempest_lib/common/rest_client.py", line 672, in _error_checker
10:20:47 raise exceptions.Forbidden(resp_body)
10:20:47 tempest_lib.exceptions.Forbidden: Forbidden
10:20:47 Details: {"error": {"message": "You are not authorized to perform the requested action: identity:list_domains (Disable debug mode to suppress these details.)", "code": 403, "title": "Forbidden"}}
 ============================================================

FOR ERRORS LIKE ABOVE, YOU SHOULD CHANGE THE DEFAULT POLICY.JSON OF KEYSTONE V3 so tests can get past this issue..

hope it helps )