nixos/tests/keystone.nix at 17.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / keystone.nix
at 17.09-beta 2.8 kB view raw
 1{ system ? builtins.currentSystem }:
 2
 3with import ../lib/testing.nix { inherit system; };
 4with pkgs.lib;
 5
 6let
 7  keystoneMysqlPassword = "keystoneMysqlPassword";
 8  keystoneMysqlPasswordFile = "/var/run/keystoneMysqlPassword";
 9  keystoneAdminPassword = "keystoneAdminPassword";
10
11  createKeystoneDb = pkgs.writeText "create-keystone-db.sql" ''
12    create database keystone;
13    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '${keystoneMysqlPassword}';
14    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '${keystoneMysqlPassword}';
15  '';
16  # The admin keystone account
17  adminOpenstackCmd = "OS_TENANT_NAME=admin OS_USERNAME=admin OS_PASSWORD=${keystoneAdminPassword} OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack";
18  # The created demo keystone account
19  demoOpenstackCmd = "OS_TENANT_NAME=demo OS_USERNAME=demo OS_PASSWORD=demo OS_AUTH_URL=http://localhost:5000/v3 OS_IDENTITY_API_VERSION=3 openstack";
20
21in makeTest {
22  meta = with pkgs.stdenv.lib.maintainers; {
23    maintainers = [ lewo ];
24  };
25  machine =
26    { config, pkgs, ... }:
27    {
28      # This is to simulate nixops deployment process.
29      # https://nixos.org/nixops/manual/#opt-deployment.keys
30      boot.postBootCommands = "echo ${keystoneMysqlPassword} > ${keystoneMysqlPasswordFile}";
31
32      services.mysql.enable = true;
33      services.mysql.initialScript = createKeystoneDb;
34
35      virtualisation = {
36
37        openstack.keystone = {
38	  enable = true;
39	  # Check if we can get the secret from a file
40	  database.password = {
41	    value = keystoneMysqlPasswordFile;
42	    storage = "fromFile";
43	  };
44	  adminToken = {
45	    value = "adminToken";
46	    storage = "fromNixStore";
47	  };
48
49	  bootstrap.enable = true;
50	  # Check if we can get the secret from the store
51	  bootstrap.adminPassword = {
52	    value = keystoneAdminPassword;
53	    storage = "fromNixStore";
54	  };
55	};
56
57        memorySize = 2096;
58        diskSize = 4 * 1024;
59	};
60
61      environment.systemPackages = with pkgs.pythonPackages; with pkgs; [
62        openstackclient
63      ];
64    };
65
66  testScript =
67    ''
68     $machine->waitForUnit("keystone-all.service");
69
70     # Verify that admin ccount is working
71     $machine->succeed("${adminOpenstackCmd} token issue");
72
73     # Try to create a new user
74     $machine->succeed("${adminOpenstackCmd} project create --domain default --description 'Demo Project' demo");
75     $machine->succeed("${adminOpenstackCmd} user create --domain default --password demo demo");
76     $machine->succeed("${adminOpenstackCmd} role create user");
77     $machine->succeed("${adminOpenstackCmd} role add --project demo --user demo user");
78
79     # Verify this new account is working
80     $machine->succeed("${demoOpenstackCmd} token issue");
81    '';
82}