diff options
| author | Antoine Eiche <lewo@abesis.fr> | 2016-12-04 22:02:49 +0100 |
|---|---|---|
| committer | Jörg Thalheim <joerg@higgsboson.tk> | 2016-12-16 20:53:32 +0100 |
| commit | 415c9ff90b4aa9f6452f618e60aa948ab94a93fb (patch) | |
| tree | 88b9390b29802e28f51139a620ffe64529ba26d3 /nixos/tests/keystone.nix | |
| parent | 656cc3acafcb30e3503f4d3e39694ca996c66015 (diff) | |
| download | nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar.gz nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar.bz2 nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar.lz nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar.xz nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.tar.zst nixlib-415c9ff90b4aa9f6452f618e60aa948ab94a93fb.zip | |
nixos/keystone: init at liberty version
This commit introduces a nixos module for the Openstack Keystone service. It also provides a optional bootstrap step that creates some basic initial resources (tenants, endpoints,...). The provided test starts Keystone by enabling bootstrapping and checks if user creation works well. This commit is based on initial works made by domenkozar.
Diffstat (limited to 'nixos/tests/keystone.nix')
| -rw-r--r-- | nixos/tests/keystone.nix | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/nixos/tests/keystone.nix b/nixos/tests/keystone.nix new file mode 100644 index 000000000000..15e86db381fb --- /dev/null +++ b/nixos/tests/keystone.nix @@ -0,0 +1,53 @@ +{ system ? builtins.currentSystem }: + +with import ../lib/testing.nix { inherit system; }; +with pkgs.lib; + +let + createKeystoneDb = pkgs.writeText "create-keystone-db.sql" '' + create database keystone; + GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone'; + GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone'; + ''; + # The admin keystone account + adminOpenstackCmd = "OS_TENANT_NAME=admin OS_USERNAME=admin OS_PASSWORD=admin OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack"; + # The created demo keystone account + demoOpenstackCmd = "OS_TENANT_NAME=demo OS_USERNAME=demo OS_PASSWORD=demo OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack"; + +in makeTest { + machine = + { config, pkgs, ... }: + { + services.mysql.enable = true; + services.mysql.initialScript = createKeystoneDb; + + virtualisation = { + openstack.keystone.enable = true; + openstack.keystone.bootstrap.enable = true; + + memorySize = 2096; + diskSize = 4 * 1024; + }; + + environment.systemPackages = with pkgs.pythonPackages; with pkgs; [ + openstackclient + ]; + }; + + testScript = + '' + $machine->waitForUnit("keystone-all.service"); + + # Verify that admin ccount is working + $machine->succeed("${adminOpenstackCmd} token issue"); + + # Try to create a new user + $machine->succeed("${adminOpenstackCmd} project create --domain default --description 'Demo Project' demo"); + $machine->succeed("${adminOpenstackCmd} user create --domain default --password demo demo"); + $machine->succeed("${adminOpenstackCmd} role create user"); + $machine->succeed("${adminOpenstackCmd} role add --project demo --user demo user"); + + # Verify this new account is working + $machine->succeed("${demoOpenstackCmd} token issue"); + ''; +} |