1) "test_show_exported_zonefile_impersonate_another_project"
       Admin user is able to impersonate another project
       and to "show" created by tenant exports.
       Note: based on: 'x-auth-sudo-project-id' HTTP header.

    2) "test_show_exported_zonefile_all_projects"
       Use admin client to show zone export file of
       all tenants.
       Note: based on: "x-auth-all-projects" HTTP header.

    3) "test_show_exported_zonefile_any_mime_type"
       Validate that 200 OK and Content-Type: text/dns
       is received when client.
       sends "Accept: */*".

    4) "test_missing_accept_headers"
       Client request is missing Accept header.
       The header will be send with empty dict.
       Expected: {Content-Type: text/dns}

    5) "test_show_zonefile_using_not_existing_zone_export_id"
       "404 Not Found" is expected when not existing
       ID is used by client.

    6)"test_show_zonefile_not_supported_accept_value"
      Client sends 'Accept':'image/jpeg' for ShowZoneFile API.
      Expected: 406 Not Acceptable.

Change-Id: I8aa5dfe12781f21b9f41e0df19afb0e46eab31d8

UPPER_CONSTRAINTS_FILE is old name and deprecated
This allows to use upper-constraints file as more
readable way instead of UPPER_CONSTRAINTS_FILE=<lower-constraints file>.

bumps min version of tox to 3.18.0 in order to replace tox's
whitelist_externals by allowlist_externals option:
https://github.com/tox-dev/tox/blob/master/docs/changelog.rst#v3180-2020-07-23

Change-Id: I4b14b7882fd6806c864d5ac0445e45df450dc218

A previous patch[1] updated the wait_for_zone_404 to raise an execption
when the zone goes to ERROR.
This patch updates the rest of the waiters to also abort waiting if the
resource goes into the ERROR status.

[1] https://review.opendev.org/c/openstack/designate-tempest-plugin/+/820075

Change-Id: I5d1e549ccd75fbda518e8851430f58cfa849bd97

The removal of the envlist list value for unit test lessens the
confusion that the tempest test are tests in themselves and
hence we do not test the tests.

With the presents of the tox envlist, tox tries to run the tempest
tests as unit test, which results in failure and potential confusion.
The scope of tempest tests (Integration test) and unit test are
understandably different.

Change-Id: Ie016eca756c441cf557100c5227d640475885e4a

designate-tempest-plugin is a branchless repository (no stable branches),
so we should have check jobs that make sure new tests don't artificially
fail when run against the stable branches.

Change-Id: I6529af7f4e2222a2cf4a1f937601d7be119e182a

1) test_create_and_delete_records_on_existing_zone
   Extending of the existing test to cover more recordset types.
2) test_create_soa_record_not_permitted
   No user is able to create a SOA record.

Change-Id: If09d793f786de7c2530eb08026afeda76b2df766

Setuptools v54.1.0 introduces a warning that the use of
dash-separated options in 'setup.cfg' will not be supported
in a future version [1].
Get ahead of the issue by replacing the dashes with underscores.
Without this, we see 'UserWarning' messages
like the following on new enough
versions of setuptools:

  UserWarning: Usage of dash-separated 'description-file' will not be
  supported in future versions. Please use the underscore name
  'description_file' instead

[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb

Change-Id: Ie843a199ff119327b65dea8fd208047580430de1

For more detail, see http://lists.openstack.org/pipermail/openstack-discuss/2019-May/006478.html

Change-Id: I2bf2fcc1ddb5fbda4486da439773e4c275376a27

The PTR API tests were not using scoped tokens even though a test
job had scoped tokens enabled. This was not caught because the scoped
token patch for designate has not yet merged.
This patch updates the PTR API tests to use a scoped token for
admin if scoped tokens are enabled in the test run.

Change-Id: I259e7b94aae2e7794dd2514bb50cdc811c518845

This patch enhances the NotFound/404 waiter to not continue to wait
for a 404 if the zone goes into status ERROR.

Change-Id: I27d5d654b2b2b2b4cd8b8e85fdb1d7b1e4162516

Stabilizing
1) The same TLD is used by default for all tests
2) Adding waiters for set/unset PTR records
New test cases
1) test_show_floatingip_ptr_impersonate_another_project
2) test_list_floatingip_ptr_all_projects
3) test_set_floatingip_ptr_not_existing_fip_id
4) test_set_floatingip_ptr_huge_size_description
5) test_set_floatingip_ptr_invalid_name

Note:
This tests also includes refactoring of the existing tests.
Negative logic is now removed from positive test cases and
implemented separatly in DesignatePtrRecordNegative class.

Change-Id: I64483c3d8e1ae44db7712b3e463ae4ea239a613a

The LOG.warn method is deprecated[1] and the LOG.warning method should
be used instead.

[1] https://docs.python.org/3/library/logging.html#logging.warning

Change-Id: Ifb8e1272f8d954250d141cfa09d08bbc554de994

The test_list_enabled_api_versions test was assuming the location of
the dns endpoint, but in some deployment that assumption is not true.
For example, if designate is using a specific port for the endpoint.

This patch corrects the test to use the keystone catalog to find the
proper designate API endpoint.

Change-Id: Ica672983214774d3ba38391d5fca6d42691f8e2a

The blacklist scenario tests were added after the scoped token support
was added to designate-tempest-plugin. Since the scoped token jobs have
not yet merged in designate, we didn't catch that these tests were not
ready for scoped tokens.
This patch updates the test suite to use the system scoped admin token
when the tests are being run with scoped token support.

Change-Id: Ibfa282f6e54856cc9e9d4de1289de2c75e9db676

This patch adds an API test the lists transfer requests using the
x-auth-sudo-project-id header and validates that the correct transfer
request is returned.

Change-Id: Ib4cfd1221f128ec4e37ba32e9118b2f88d924561

The recent patch[1] added a set of blacklist API scenario tests that
used very generic regex when creating the blacklists. This causes
conflicts with other tests[2] that are also using a similar pattern.

This patch changes the blacklist scenario tests to use the test name
in the regex to make it more unique and easier to trace for debugging.

[1] https://review.opendev.org/c/openstack/designate-tempest-plugin/+/798715
[2] https://zuul.opendev.org/t/openstack/build/cbeee8d01c5d4548ab3f57838d33a5ae/log/job-output.txt#25446

Change-Id: Iecc7961980136523a32b9b1e21331540152a051c

Test uses: Admin, Primary and Not Authorized users, to list
all enabled API versions.
Test is PASS if the received version/s list is in:
[['v1'], ['v2'], ['v1', 'v2']]

Change-Id: I829011ef0c13f0fd942c75dce826e550ff9b313d

Test name: test_create_A_recordset_multiply_ips
Note: this patch is also fixes missing cleanups and adds
the existing constants to be used in code.

Change-Id: I0904803f7e3ac5635babfc82f409a0e38685c9fa

This patch unrolls the test_create_all_recordset_types API tests from
using DDT. DDT is not OpenStack aware, so the idempotent_id's end up
being duplicated and the test names can be inconsistent due to value
padding.
This test has a limited number of combinations, so it is easy to unroll
these into stub tests that call a common, private, test method.

Closes-Bug: 1943115
Change-Id: I6d7c9358a336eedb313157ebad666d37d18f03d3

1) test_admin_sets_quota_for_a_project
   Admin client sets quotas for a primary project
2) test_primary_fails_to_set_quota
   Primary user fails to set quotas with: "403 Forbidden"
3) test_admin_sets_invalid_quota_values
   Admin user tries to set quotas that with invalid
   values. Expected: "400 BadRequest"
4) test_alt_reaches_zones_quota
   Alt user tries to create a zones up untill
   "413 RateLimitExceeded" is raised

Change-Id: I47e8371e55f07afe0dbea95f804f3833f42fa1ef

Recordsets types: SOA and NS should be automatically created for a zone.
Test validates this functionality for a Primary type zone.

Change-Id: I217cbabfd6b0330472b43eb5bd1e57020a19d12f

1) test_primary_is_forbidden_to_list_service_statuses
   Make sure that Primary user fails to activate
   "List Services Status" API with 403 Forbidden.

Change-Id: I840b98135017cc7fdee77f51223e0bfe2ae1ae74

1) test_create_blacklist_as_primary_fails
   Primary user is not allowed to create blacklist.
2) test_primary_fails_to_create_zone_matches_blacklist_regex
   Zone is failed to be created if its name matches existing
   blacklist regex.
3) test_primary_fails_to_create_zone_matches_blacklist_name
   Zone is failed to be created if its name is in blacklist.
4) test_admin_creates_zone_matches_blacklist_name_or_regex
   Users with the Admin role bypass the deny list check.
5) test_create_blacklist_invalid_pattern
   Create blacklist using invalid patterns.
6) test_create_blacklist_huge_size_description
   Create blacklist using huge size description string.

Change-Id: I6e924d5ba9b411b427e9eed358a90e9ece56156d