2016-12-04 22:02:49 +01:00
|
|
|
{ system ? builtins.currentSystem }:
|
|
|
|
|
|
|
|
with import ../lib/testing.nix { inherit system; };
|
|
|
|
with pkgs.lib;
|
|
|
|
|
|
|
|
let
|
2016-12-10 23:14:50 +01:00
|
|
|
keystoneMysqlPassword = "keystoneMysqlPassword";
|
|
|
|
keystoneMysqlPasswordFile = "/var/run/keystoneMysqlPassword";
|
|
|
|
keystoneAdminPassword = "keystoneAdminPassword";
|
|
|
|
|
2016-12-04 22:02:49 +01:00
|
|
|
createKeystoneDb = pkgs.writeText "create-keystone-db.sql" ''
|
|
|
|
create database keystone;
|
2016-12-10 23:14:50 +01:00
|
|
|
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '${keystoneMysqlPassword}';
|
|
|
|
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '${keystoneMysqlPassword}';
|
2016-12-04 22:02:49 +01:00
|
|
|
'';
|
|
|
|
# The admin keystone account
|
2016-12-10 23:14:50 +01:00
|
|
|
adminOpenstackCmd = "OS_TENANT_NAME=admin OS_USERNAME=admin OS_PASSWORD=${keystoneAdminPassword} OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack";
|
2016-12-04 22:02:49 +01:00
|
|
|
# The created demo keystone account
|
|
|
|
demoOpenstackCmd = "OS_TENANT_NAME=demo OS_USERNAME=demo OS_PASSWORD=demo OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack";
|
|
|
|
|
|
|
|
in makeTest {
|
2016-12-15 13:24:03 +01:00
|
|
|
meta = with pkgs.stdenv.lib.maintainers; {
|
|
|
|
maintainers = [ lewo ];
|
|
|
|
};
|
2016-12-04 22:02:49 +01:00
|
|
|
machine =
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
2016-12-10 23:14:50 +01:00
|
|
|
# This is to simulate nixops deployment process.
|
|
|
|
# https://nixos.org/nixops/manual/#opt-deployment.keys
|
|
|
|
boot.postBootCommands = "echo ${keystoneMysqlPassword} > ${keystoneMysqlPasswordFile}";
|
|
|
|
|
2016-12-04 22:02:49 +01:00
|
|
|
services.mysql.enable = true;
|
|
|
|
services.mysql.initialScript = createKeystoneDb;
|
|
|
|
|
|
|
|
virtualisation = {
|
2016-12-10 23:14:50 +01:00
|
|
|
|
|
|
|
openstack.keystone = {
|
|
|
|
enable = true;
|
|
|
|
# Check if we can get the secret from a file
|
|
|
|
database.password = {
|
|
|
|
value = keystoneMysqlPasswordFile;
|
|
|
|
storage = "fromFile";
|
|
|
|
};
|
|
|
|
adminToken = {
|
|
|
|
value = "adminToken";
|
|
|
|
storage = "fromNixStore";
|
|
|
|
};
|
|
|
|
|
|
|
|
bootstrap.enable = true;
|
|
|
|
# Check if we can get the secret from the store
|
|
|
|
bootstrap.adminPassword = {
|
|
|
|
value = keystoneAdminPassword;
|
|
|
|
storage = "fromNixStore";
|
|
|
|
};
|
|
|
|
};
|
2016-12-04 22:02:49 +01:00
|
|
|
|
|
|
|
memorySize = 2096;
|
|
|
|
diskSize = 4 * 1024;
|
|
|
|
};
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs.pythonPackages; with pkgs; [
|
|
|
|
openstackclient
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
testScript =
|
|
|
|
''
|
|
|
|
$machine->waitForUnit("keystone-all.service");
|
|
|
|
|
|
|
|
# Verify that admin ccount is working
|
|
|
|
$machine->succeed("${adminOpenstackCmd} token issue");
|
|
|
|
|
|
|
|
# Try to create a new user
|
|
|
|
$machine->succeed("${adminOpenstackCmd} project create --domain default --description 'Demo Project' demo");
|
|
|
|
$machine->succeed("${adminOpenstackCmd} user create --domain default --password demo demo");
|
|
|
|
$machine->succeed("${adminOpenstackCmd} role create user");
|
|
|
|
$machine->succeed("${adminOpenstackCmd} role add --project demo --user demo user");
|
|
|
|
|
|
|
|
# Verify this new account is working
|
|
|
|
$machine->succeed("${demoOpenstackCmd} token issue");
|
|
|
|
'';
|
|
|
|
}
|