Fix more policyd tests so that they can work o-s dashboard

The difference in how openstack-dashboard and every other service uses
policies continues to create special cases.  This set of fixes deals
with some more of those differences.

zaza/openstack/charm_tests/openstack_dashboard/tests.py

@@ -14,6 +14,7 @@
 
 """Encapsulate horizon (openstack-dashboard) charm testing."""
 
+import http.client
 import logging
 import requests
 import tenacity
@@ -315,18 +316,29 @@ class OpenStackDashboardTests(test_utils.OpenStackBaseTest):
         logging.debug('Maybe enabling hardening for apache...')
         _app_config = zaza_model.get_application_config(self.application_name)
         logging.info(_app_config['harden'])
+
+        # NOTE(ajkavanagh): it seems that apache2 doesn't start quickly enough
+        # for the test, and so it gets reset errors; repeat until either that
+        # stops or there is a failure
+        @tenacity.retry(wait=tenacity.wait_exponential(multiplier=1,
+                                                       min=5, max=10),
+                        retry=tenacity.retry_if_exception_type(
+                            http.client.RemoteDisconnected),
+                        reraise=True)
+        def _do_request():
+            return urllib.request.urlopen('http://{}/server-status'
+                                          .format(dashboard_ip))
+
         with self.config_change(
                 {'harden': _app_config['harden'].get('value', '')},
                 {'harden': 'apache'}):
             try:
-                urllib.request.urlopen('http://{}/server-status'
-                                       .format(dashboard_ip))
+                _do_request()
             except urllib.request.HTTPError as e:
-                if e.code == 404:
-                    return
-        # test failed if it didn't return 404
-        msg = "Apache mod_status check failed."
-        assert False, msg
+                # test failed if it didn't return 404
+                msg = "Apache mod_status check failed."
+                self.assertEqual(e.code, 404, msg)
+        logging.info('OK')
 
     def test_501_security_checklist_action(self):
         """Verify expected result on a default install.
@@ -386,6 +398,13 @@ class OpenStackDashboardTests(test_utils.OpenStackBaseTest):
 class OpenStackDashboardPolicydTests(policyd.BasePolicydSpecialization):
     """Test the policyd override using the dashboard."""
 
+    good = {
+        "identity/file1.yaml": "{'rule1': '!'}"
+    }
+    bad = {
+        "identity/file2.yaml": "{'rule': '!}"
+    }
+    path_infix = "keystone_policy.d"
     _rule = {'identity/rule.yaml': yaml.dump({
         'identity:list_domains': '!',
         'identity:get_domain': '!',

zaza/openstack/charm_tests/policyd/tests.py

@@ -62,6 +62,13 @@ class PolicydTest(object):
       policyd:
         service: keystone
     """
+    good = {
+        "file1.yaml": "{'rule1': '!'}"
+    }
+    bad = {
+        "file2.yaml": "{'rule': '!}"
+    }
+    path_infix = ""
 
     @classmethod
     def setUpClass(cls, application_name=None):
@@ -115,9 +122,7 @@ class PolicydTest(object):
 
     def test_001_policyd_good_yaml(self):
         """Test that the policyd with a good zipped yaml file."""
-        good = {
-            'file1.yaml': "{'rule1': '!'}"
-        }
+        good = self.good
         good_zip_path = self._make_zip_file_from('good.zip', good)
         logging.info("Attaching good zip file as a resource.")
         zaza_model.attach_resource(self.application_name,
@@ -127,8 +132,13 @@ class PolicydTest(object):
         logging.debug("Now setting config to true")
         self._set_config(True)
         # check that the file gets to the right location
-        path = os.path.join(
-            "/etc", self._service_name, "policy.d", 'file1.yaml')
+        if self.path_infix:
+            path = os.path.join(
+                "/etc", self._service_name, "policy.d", self.path_infix,
+                'file1.yaml')
+        else:
+            path = os.path.join(
+                "/etc", self._service_name, "policy.d", 'file1.yaml')
         logging.info("Now checking for file contents: {}".format(path))
         zaza_model.block_until_file_has_contents(self.application_name,
                                                  path,
@@ -162,9 +172,7 @@ class PolicydTest(object):
 
     def test_002_policyd_bad_yaml(self):
         """Test bad yaml file in the zip file is handled."""
-        bad = {
-            "file2.yaml": "{'rule': '!}"
-        }
+        bad = self.bad
         bad_zip_path = self._make_zip_file_from('bad.zip', bad)
         logging.info("Attaching bad zip file as a resource")
         zaza_model.attach_resource(self.application_name,
@@ -182,8 +190,13 @@ class PolicydTest(object):
         logging.debug("App status is valid for broken yaml file")
         zaza_model.block_until_all_units_idle()
         # now verify that no file got landed on the machine
-        path = os.path.join(
-            "/etc", self._service_name, "policy.d", 'file2.yaml')
+        if self.path_infix:
+            path = os.path.join(
+                "/etc", self._service_name, "policy.d", self.path_infix,
+                'file2.yaml')
+        else:
+            path = os.path.join(
+                "/etc", self._service_name, "policy.d", 'file2.yaml')
         logging.info("Now checking that file {} is not present.".format(path))
         zaza_model.block_until_file_missing(self.application_name, path)
         self._set_config(False)