Ensure that the ondisk glance passwords change in the conf file

2023-02-21 16:17:55 +00:00
parent 4f1b0fc09f
commit 544d0d5a7c
1 changed files with 18 additions and 3 deletions
--- a/zaza/openstack/charm_tests/keystone/tests.py
+++ b/zaza/openstack/charm_tests/keystone/tests.py
@@ -14,6 +14,7 @@

 """Encapsulate keystone testing."""
 import collections
+import configparser
 import json
 import logging
 import pprint
@@ -195,6 +196,13 @@ class CharmOperationTest(BaseKeystoneTest):
        """Verify action used to rotate a service user (glance) password."""
        GLANCE_PASSWD_KEY = "glance_passwd"
        GLANCE_APP = "glance"
+        GLANCE_CONF_FILE = '/etc/glance/glance-api.conf'
+
+        def _get_password_from_leader():
+            conf = zaza.model.file_contents('glance/leader', GLANCE_CONF_FILE)
+            config = configparser.ConfigParser()
+            config.read(conf)
+            return config['image_format']['password'].strip()

        # Only do the test if glance is in the model.
        applications = zaza.model.sync_deployed(self.model_name)
@@ -203,8 +211,9 @@ class CharmOperationTest(BaseKeystoneTest):
                '{} is not deployed, so not doing password change'
                .format(GLANCE_APP))
        # keep the old password to verify it is changed.
-        old_passwd = juju_utils.leader_get(
+        old_passwd_leader_storage = juju_utils.leader_get(
            self.application_name, GLANCE_PASSWD_KEY)
+        old_passwd_conf = _get_password_from_leader()

        # verify that images can be listed.
        glance_client = openstack_utils.get_glance_session_client(
@@ -219,9 +228,15 @@ class CharmOperationTest(BaseKeystoneTest):
        )

        # verify that the password has changed
-        new_passwd = juju_utils.leader_get(
+        new_passwd_leader_storage = juju_utils.leader_get(
            self.application_name, GLANCE_PASSWD_KEY)
-        self.assertNotEqual(old_passwd, new_passwd)
+        new_passwd_conf = _get_password_from_leader()
+        self.assertNotEqual(old_passwd_leader_storage,
+                            new_passwd_leader_storage)
+        self.assertNotEqual(old_passwd_conf,
+                            new_passwd_conf)
+        self.assertEqual(new_passwd_leader_storage, new_passwd_conf)
+

        # verify that the images can still be listed.
        glance_client = openstack_utils.get_glance_session_client(