DataDog
diff --git a/‎openstack_controller/tests/conftest.py
Lines changed: 27 additions & 12 deletions b/‎openstack_controller/tests/conftest.py
Lines changed: 27 additions & 12 deletions
diff --git a/‎openstack_controller/tests/fixtures/POST/identity/v3/auth/tokens/system.json
Lines changed: 142 additions & 0 deletions b/‎openstack_controller/tests/fixtures/POST/identity/v3/auth/tokens/system.json
Lines changed: 142 additions & 0 deletions
diff --git a/‎openstack_controller/tests/test_unit_cinder.py
Lines changed: 4 additions & 4 deletions b/‎openstack_controller/tests/test_unit_cinder.py
Lines changed: 4 additions & 4 deletions
diff --git a/‎openstack_controller/tests/test_unit_glance.py
Lines changed: 8 additions & 8 deletions b/‎openstack_controller/tests/test_unit_glance.py
Lines changed: 8 additions & 8 deletions
diff --git a/‎openstack_controller/tests/test_unit_heat.py
Lines changed: 5 additions & 5 deletions b/‎openstack_controller/tests/test_unit_heat.py
Lines changed: 5 additions & 5 deletions
diff --git a/‎openstack_controller/tests/test_unit_ironic.py
Lines changed: 5 additions & 5 deletions b/‎openstack_controller/tests/test_unit_ironic.py
Lines changed: 5 additions & 5 deletions
@@ -200,30 +200,42 @@ def call(method, url, file='response', headers=None, params=None):
 
 
 @pytest.fixture
-def session_auth(request, mock_responses):
+def openstack_v3_password(request, mock_responses):
     param = request.param if hasattr(request, 'param') and request.param is not None else {}
     catalog = param.get('catalog')
+    password_project_id = None
+    password_system_scope = None
 
     def get_access(session):
-        project_id = session.return_value.project_id if session.return_value.project_id else 'unscoped'
+        project_id = password_project_id if password_project_id else 'system' if password_system_scope else 'unscoped'
         token = mock_responses('POST', '/identity/v3/auth/tokens', project_id)['token']
         return mock.MagicMock(
             service_catalog=mock.MagicMock(catalog=catalog if catalog is not None else token.get('catalog', [])),
             project_id=token.get('project', {}).get('id'),
-            role_names=[role.get('name') for role in token.get('roles', [])],
         )
 
-    return mock.MagicMock(get_access=mock.MagicMock(side_effect=get_access))
+    def password(
+        auth_url, username, password, user_domain_name, system_scope=None, project_id=None, project_domain_name=None
+    ):
+        nonlocal password_system_scope, password_project_id
+        password_system_scope = system_scope
+        password_project_id = project_id
+        return mock.MagicMock(
+            get_access=mock.MagicMock(side_effect=get_access),
+        )
+
+    with mock.patch('keystoneauth1.identity.v3.Password', side_effect=password) as mock_password:
+        yield mock_password
 
 
 @pytest.fixture
-def openstack_session(session_auth, microversion_headers):
+def openstack_session(openstack_v3_password, microversion_headers):
     def session(auth, session):
         microversion_headers[0] = session.headers.get('X-OpenStack-Nova-API-Version')
         microversion_headers[1] = session.headers.get('X-OpenStack-Ironic-API-Version')
         return mock.MagicMock(
-            return_value=mock.MagicMock(project_id=auth.project_id),
-            auth=session_auth,
+            project_id=auth.project_id,
+            auth=auth,
         )
 
     with mock.patch('keystoneauth1.session.Session', side_effect=session) as mock_session:
@@ -1018,11 +1030,14 @@ def post(url, *args, **kwargs):
             return http_error[url]
         if url == '/identity/v3/auth/tokens':
             data = kwargs['json']
-            scope = data.get('auth', {}).get('scope', 'unscoped')
-            if isinstance(scope, dict):
-                scope = scope.get('project', {}).get('id')
-            json_data = mock_http_call(method, url, scope, headers=kwargs.get('headers'))
-            headers = {'X-Subject-Token': f'token_{scope}'}
+            file = data.get('auth', {}).get('scope', 'unscoped')
+            if isinstance(file, dict):
+                if 'system' in file:
+                    file = 'system'
+                else:
+                    file = file.get('project', {}).get('id')
+            json_data = mock_http_call(method, url, file, headers=kwargs.get('headers'))
+            headers = {'X-Subject-Token': f'token_{file}'}
         else:
             json_data = mock_http_call(method, url)
         if replace and url in replace:
 
@@ -0,0 +1,142 @@
+{
+    "token": {
+      "methods": [
+        "password"
+      ],
+      "user": {
+        "domain": {
+          "id": "default",
+          "name": "Default"
+        },
+        "id": "7f88df947ceb4897a49c0b7ceee6f34a",
+        "name": "admin",
+        "password_expires_at": null
+      },
+      "audit_ids": [
+        "iUTq4RXXTb6BbUvd9jnPIQ"
+      ],
+      "expires_at": "2024-06-06T09:21:08.000000Z",
+      "issued_at": "2024-06-06T08:21:08.000000Z",
+      "roles": [
+        {
+          "id": "e827e9cc6a6b42c8be8301624b5a8f69",
+          "name": "admin"
+        },
+        {
+          "id": "38b90b833cf646709c3ae675a1c42839",
+          "name": "member"
+        },
+        {
+          "id": "6b29573632584bf08245bff4a7316bd1",
+          "name": "reader"
+        }
+      ],
+      "system": {
+        "all": true
+      },
+      "catalog": [
+        {
+          "endpoints": [],
+          "id": "1505541a289c4b2299377b8c182a1380",
+          "type": "block-storage",
+          "name": "cinder"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "40c3ec5ef78d41bf84567ce6556c919c",
+              "interface": "public",
+              "region_id": "RegionOne",
+              "url": "http://10.164.0.15/placement",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "5239361cab4b45c3af5140b1b38ca8d8",
+          "type": "placement",
+          "name": "placement"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "bdef52ccccea4a4d9ad92fef26093fd0",
+              "interface": "public",
+              "region_id": "RegionOne",
+              "url": "http://127.0.0.1:8080/identity",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "62e0c75c643844cf86431b7550b5a899",
+          "type": "identity",
+          "name": "keystone"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "ab89d60d58ea4142bf3ce19b00d1e191",
+              "interface": "public",
+              "region_id": "RegionOne",
+              "url": "http://127.0.0.1:9696/networking",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "88b17bd5c9424347ad927621e0569e08",
+          "type": "network",
+          "name": "neutron"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "f0f391c849b9406bbc0ccebd5ea67df2",
+              "interface": "public",
+              "region_id": "RegionOne",
+              "url": "http://127.0.0.1:8774/compute/v2.1",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "a17d707525614d61abe039c4a7de5248",
+          "type": "compute",
+          "name": "nova"
+        },
+        {
+          "endpoints": [],
+          "id": "ac03850889fc4eb7a44f692359840bd3",
+          "type": "volumev3",
+          "name": "cinderv3"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "7e6cdeb2744345b7953d7b356245afec",
+              "interface": "admin",
+              "region_id": "RegionOne",
+              "url": "http://10.164.0.15:8080",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "b69b0ea024814da3849d2b8c7e2dcc6e",
+          "type": "object-store",
+          "name": "swift"
+        },
+        {
+          "endpoints": [
+            {
+              "id": "2b8584df00b4430ebb4ac40b1b8e01b4",
+              "interface": "public",
+              "region_id": "RegionOne",
+              "url": "http://127.0.0.1:9292/image",
+              "region": "RegionOne"
+            }
+          ],
+          "id": "bc4c445268784a7a80da5fb8ce722bd5",
+          "type": "image",
+          "name": "glance"
+        },
+        {
+          "endpoints": [],
+          "id": "e6ac9200b3e4427ba50abf74c95bb2e4",
+          "type": "compute_legacy",
+          "name": "nova_legacy"
+        }
+      ]
+    }
+  }
@@ -91,7 +91,7 @@ def test_disable_block_storage_components_metrics(aggregator, dd_run_check, inst
 
 
 @pytest.mark.parametrize(
-    ('mock_http_post', 'session_auth', 'instance', 'api_type'),
+    ('mock_http_post', 'openstack_v3_password', 'instance', 'api_type'),
     [
         pytest.param(
             {
@@ -112,10 +112,10 @@ def test_disable_block_storage_components_metrics(aggregator, dd_run_check, inst
             id='api sdk',
         ),
     ],
-    indirect=['mock_http_post', 'session_auth'],
+    indirect=['mock_http_post', 'openstack_v3_password'],
 )
 @pytest.mark.usefixtures('mock_http_get', 'mock_http_post', 'openstack_connection')
-def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, session_auth, api_type):
+def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, openstack_connection, api_type):
     with caplog.at_level(logging.DEBUG):
         dd_run_check(check)
 
@@ -140,7 +140,7 @@ def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post,
             args_list += list(args)
         assert args_list.count('http://127.0.0.1:8080/identity/v3/auth/tokens') == 4
     if api_type == ApiType.SDK:
-        assert session_auth.get_access.call_count == 4
+        assert openstack_connection.call_count == 4
     assert '`block-storage` component not found in catalog' in caplog.text
 
 
 
@@ -80,7 +80,7 @@ def test_disable_glance_images_metrics(aggregator, dd_run_check, instance, opens
 
 
 @pytest.mark.parametrize(
-    ('mock_http_post', 'session_auth', 'instance', 'api_type'),
+    ('mock_http_post', 'openstack_v3_password', 'instance', 'api_type'),
     [
         pytest.param(
             {'replace': {'/identity/v3/auth/tokens': lambda d: remove_service_from_catalog(d, ['image'])}},
@@ -97,10 +97,10 @@ def test_disable_glance_images_metrics(aggregator, dd_run_check, instance, opens
             id='api sdk',
         ),
     ],
-    indirect=['mock_http_post', 'session_auth'],
+    indirect=['mock_http_post', 'openstack_v3_password'],
 )
-@pytest.mark.usefixtures('mock_http_get', 'mock_http_post', 'openstack_connection')
-def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, session_auth, api_type):
+@pytest.mark.usefixtures('mock_http_get', 'mock_http_post')
+def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, openstack_connection, api_type):
     with caplog.at_level(logging.DEBUG):
         dd_run_check(check)
 
@@ -125,7 +125,7 @@ def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post,
             args_list += list(args)
         assert args_list.count('http://127.0.0.1:8080/identity/v3/auth/tokens') == 4
     if api_type == ApiType.SDK:
-        assert session_auth.get_access.call_count == 4
+        assert openstack_connection.call_count == 4
     assert '`image` component not found in catalog' in caplog.text
 
 
@@ -161,7 +161,7 @@ def test_response_time_exception(aggregator, check, dd_run_check, mock_http_get)
     for call in mock_http_get.call_args_list:
         args, kwargs = call
         args_list += list(args)
-    assert args_list.count('http://127.0.0.1:9292/image') == 2
+    assert args_list.count('http://127.0.0.1:9292/image') == 3
 
 
 @pytest.mark.parametrize(
@@ -229,9 +229,9 @@ def test_images_exception(aggregator, check, dd_run_check, mock_http_get, connec
         for call in mock_http_get.call_args_list:
             args, _ = call
             args_list += list(args)
-        assert args_list.count('http://127.0.0.1:9292/image/v2/images') == 2
+        assert args_list.count('http://127.0.0.1:9292/image/v2/images') == 3
     if api_type == ApiType.SDK:
-        assert connection_image.images.call_count == 2
+        assert connection_image.images.call_count == 3
 
 
 @pytest.mark.parametrize(
 
@@ -51,7 +51,7 @@ def test_disable_heat_metrics(aggregator, dd_run_check, instance, openstack_cont
 
 
 @pytest.mark.parametrize(
-    ('mock_http_post', 'session_auth', 'instance', 'api_type'),
+    ('mock_http_post', 'openstack_v3_password', 'instance', 'api_type'),
     [
         pytest.param(
             {'replace': {'/identity/v3/auth/tokens': lambda d: remove_service_from_catalog(d, ['orchestration'])}},
@@ -68,10 +68,10 @@ def test_disable_heat_metrics(aggregator, dd_run_check, instance, openstack_cont
             id='api sdk',
         ),
     ],
-    indirect=['mock_http_post', 'session_auth'],
+    indirect=['mock_http_post', 'openstack_v3_password'],
 )
-@pytest.mark.usefixtures('mock_http_get', 'mock_http_post', 'openstack_connection')
-def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, session_auth, api_type):
+@pytest.mark.usefixtures('mock_http_get', 'mock_http_post')
+def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, openstack_connection, api_type):
     with caplog.at_level(logging.DEBUG):
         dd_run_check(check)
 
@@ -96,7 +96,7 @@ def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post,
             args_list += list(args)
         assert args_list.count('http://127.0.0.1:8080/identity/v3/auth/tokens') == 4
     if api_type == ApiType.SDK:
-        assert session_auth.get_access.call_count == 4
+        assert openstack_connection.call_count == 4
     assert '`heat` component not found in catalog' in caplog.text
 
 
 
@@ -624,7 +624,7 @@ def test_disable_ironic_conductor_metrics(aggregator, dd_run_check, instance, op
 
 
 @pytest.mark.parametrize(
-    ('mock_http_post', 'session_auth', 'instance', 'api_type'),
+    ('mock_http_post', 'openstack_v3_password', 'instance', 'api_type'),
     [
         pytest.param(
             {'replace': {'/identity/v3/auth/tokens': lambda d: remove_service_from_catalog(d, ['baremetal'])}},
@@ -641,10 +641,10 @@ def test_disable_ironic_conductor_metrics(aggregator, dd_run_check, instance, op
             id='api sdk',
         ),
     ],
-    indirect=['mock_http_post', 'session_auth'],
+    indirect=['mock_http_post', 'openstack_v3_password'],
 )
-@pytest.mark.usefixtures('mock_http_get', 'mock_http_post', 'openstack_connection')
-def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, session_auth, api_type):
+@pytest.mark.usefixtures('mock_http_get', 'mock_http_post')
+def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post, openstack_connection, api_type):
     with caplog.at_level(logging.DEBUG):
         dd_run_check(check)
 
@@ -669,7 +669,7 @@ def test_not_in_catalog(aggregator, check, dd_run_check, caplog, mock_http_post,
             args_list += list(args)
         assert args_list.count('http://127.0.0.1:8080/identity/v3/auth/tokens') == 4
     if api_type == ApiType.SDK:
-        assert session_auth.get_access.call_count == 4
+        assert openstack_connection.call_count == 4
     assert '`baremetal` component not found in catalog' in caplog.text