kitchen-openstack 6.2.2 → 7.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2e145e5b685419ee17fde11da435a533c18eb29a656393ccd7abc321e98e8b03
-  data.tar.gz: c29d2ecff3a0a8af2bcdbc2b07f1ac9526594b5b56e4c852f8585315ca3e0ff0
+  metadata.gz: 431a4cae8533390ccb721da8645f872bcf4703cf09b3c4fecdbab3b52bb2050a
+  data.tar.gz: 3e0718cd558cac16cbd62d206a4a701cb64ee178ee5215fbfd37cd3868191cc6
 SHA512:
-  metadata.gz: 0dd4be66fa4af37cda8742b42cd54dc5d38fb793adf8b41295219f7ce352dba3e10a386272385cd6cd0d304a29799c0121b962b04744aa5eb97813b1d5bcfa16
-  data.tar.gz: c4590cc2ab78f8c720085cf9f6767af420d46343d990b264670f3bd6b7ac2354e904608aab25cfab45882351c6d5403943a6255817a70fb0faa797c629bded34
+  metadata.gz: 2e71554edd9c953b862d67a76b05474ceba4ebe5b083051a215301eaad9119484e497be16da6b16096218bdcfc716af6b47921a5823ca3a894227212bfe834dc
+  data.tar.gz: aecfb9894b8d57324b94e388d01d56e92d04c92ec811d3e0a0a977930a2f10ec9932e3e8e068dce03c97577a19121d829608c4f06313a8d4a9209028c75257c5

data/README.md

@@ -1,7 +1,7 @@
 # Kitchen::OpenStack
 
 ![Gem Version](https://img.shields.io/gem/v/kitchen-openstack.svg)
-![CI](https://github.com/test-kitchen/kitchen-openstack/workflows/CI/badge.svg)
+![CI](https://github.com/test-kitchen/kitchen-openstack/actions/workflows/lint.yml/badge.svg)
 
 A Test Kitchen Driver for OpenStack.
 
@@ -11,7 +11,7 @@ Shamelessly copied from [Fletcher Nichol](https://github.com/fnichol)'s awesome
 
 ## Status
 
-This software project is no longer under active development as it has no active maintainers. The software may continue to work for some or all use cases, but issues filed in GitHub will most likely not be triaged. If a new maintainer is interested in working on this project please come chat with us in #test-kitchen on Chef Community Slack.
+This software project is actively maintained by the [OSU Open Source Lab](https://osuosl.org/).
 
 ## Requirements
 
@@ -47,6 +47,125 @@ gem install kitchen-openstack
 
 See <https://kitchen.ci/docs/drivers/openstack/> for documentation.
 
+### Using `clouds.yaml`
+
+This driver supports OpenStack's standard
+[`clouds.yaml`](https://docs.openstack.org/python-openstackclient/latest/configuration/index.html)
+client configuration file. This allows you to use the same credentials and
+endpoint configuration that other OpenStack tools (like the `openstack` CLI)
+already use, instead of duplicating them in `kitchen.yml`.
+
+The driver searches for `clouds.yaml` in the standard locations:
+
+1. `OS_CLIENT_CONFIG_FILE` environment variable (if set)
+2. `clouds_yaml_path` driver config option (if set)
+3. Current directory (`./clouds.yaml`)
+4. `~/.config/openstack/clouds.yaml`
+5. `/etc/openstack/clouds.yaml`
+
+The first file found is used. A `secure.yaml` file in the same search
+locations is also loaded and merged, so you can split secrets out of
+`clouds.yaml` following the
+[standard convention](https://docs.openstack.org/openstacksdk/latest/user/config/configuration.html#splitting-secrets).
+
+#### Selecting a cloud
+
+Specify which cloud entry to use in one of two ways:
+
+- Set `openstack_cloud` in `kitchen.yml` (takes precedence)
+- Set the `OS_CLOUD` environment variable
+
+#### Example `kitchen.yml`
+
+```yaml
+driver:
+  name: openstack
+  openstack_cloud: mycloud
+  image_ref: ubuntu-22.04
+  flavor_ref: m1.small
+  key_name: my-keypair
+```
+
+Or, relying entirely on `OS_CLOUD`:
+
+```bash
+export OS_CLOUD=mycloud
+```
+
+```yaml
+driver:
+  name: openstack
+  image_ref: ubuntu-22.04
+  flavor_ref: m1.small
+  key_name: my-keypair
+```
+
+Settings specified in `kitchen.yml` always take precedence over values from
+`clouds.yaml`. For example, you can override just the region:
+
+```yaml
+driver:
+  name: openstack
+  openstack_cloud: mycloud
+  openstack_region: RegionTwo
+```
+
+#### Using `OS_*` environment variables
+
+The driver recognizes the standard OpenStack `OS_*` environment variables
+(e.g. from an `openrc` file). This means you can source your OpenStack
+credentials and use them directly without any extra configuration in
+`kitchen.yml`:
+
+```bash
+source openrc.sh
+```
+
+```yaml
+driver:
+  name: openstack
+  image_ref: ubuntu-22.04
+  flavor_ref: m1.small
+  key_name: my-keypair
+```
+
+The supported environment variables are:
+
+| Env var | Maps to |
+|---|---|
+| `OS_AUTH_URL` | `openstack_auth_url` |
+| `OS_USERNAME` | `openstack_username` |
+| `OS_PASSWORD` | `openstack_api_key` |
+| `OS_PROJECT_NAME` | `openstack_project_name` |
+| `OS_PROJECT_ID` | `openstack_project_id` |
+| `OS_USER_DOMAIN_NAME` | `openstack_user_domain` |
+| `OS_USER_DOMAIN_ID` | `openstack_user_domain_id` |
+| `OS_PROJECT_DOMAIN_NAME` | `openstack_project_domain` |
+| `OS_PROJECT_DOMAIN_ID` | `openstack_project_domain_id` |
+| `OS_DOMAIN_ID` | `openstack_domain_id` |
+| `OS_DOMAIN_NAME` | `openstack_domain_name` |
+| `OS_REGION_NAME` | `openstack_region` |
+| `OS_INTERFACE` | `openstack_endpoint_type` |
+| `OS_IDENTITY_API_VERSION` | `openstack_identity_api_version` |
+| `OS_APPLICATION_CREDENTIAL_ID` | `openstack_application_credential_id` |
+| `OS_APPLICATION_CREDENTIAL_SECRET` | `openstack_application_credential_secret` |
+| `OS_CACERT` | `ssl_ca_file` |
+
+#### Configuration precedence
+
+The driver follows the upstream OpenStack SDK precedence order:
+
+1. **`kitchen.yml`** — explicit driver config always wins
+2. **`OS_*` env vars** — override `clouds.yaml` values
+3. **`clouds.yaml`** (merged with `secure.yaml`) — base configuration
+
+#### New driver config options
+
+| Option | Default | Description |
+|---|---|---|
+| `openstack_cloud` | `nil` | Name of the cloud entry in `clouds.yaml`. Falls back to the `OS_CLOUD` env var. |
+| `clouds_yaml_path` | `nil` | Explicit path to a `clouds.yaml` file, inserted into the search path. |
+
 ## Development
 
 Pull requests are very welcome! Make sure your patches are well tested.

data/lib/kitchen/driver/openstack/clouds.rb

@@ -0,0 +1,195 @@
+# frozen_string_literal: true
+
+#
+# Author:: Lance Albertson (<lance@osuosl.org>)
+#
+# Copyright:: (C) 2026, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "yaml"
+
+module Kitchen
+  module Driver
+    class Openstack < Kitchen::Driver::Base
+      # Support for OpenStack clouds.yaml client configuration
+      module Clouds
+        # Mapping of clouds.yaml auth keys to Fog OpenStack config keys
+        CLOUDS_YAML_AUTH_MAP = {
+          "auth_url" => :openstack_auth_url,
+          "username" => :openstack_username,
+          "password" => :openstack_api_key,
+          "project_name" => :openstack_project_name,
+          "project_id" => :openstack_project_id,
+          "user_domain_name" => :openstack_user_domain,
+          "user_domain_id" => :openstack_user_domain_id,
+          "project_domain_name" => :openstack_project_domain,
+          "project_domain_id" => :openstack_project_domain_id,
+          "domain_id" => :openstack_domain_id,
+          "domain_name" => :openstack_domain_name,
+          "application_credential_id" => :openstack_application_credential_id,
+          "application_credential_secret" => :openstack_application_credential_secret,
+        }.freeze
+
+        # Mapping of clouds.yaml top-level keys to Fog OpenStack config keys
+        CLOUDS_YAML_TOP_MAP = {
+          "region_name" => :openstack_region,
+          "interface" => :openstack_endpoint_type,
+          "identity_api_version" => :openstack_identity_api_version,
+        }.freeze
+
+        # Mapping of OS_* environment variables to Fog OpenStack config keys
+        ENV_VAR_MAP = {
+          "OS_AUTH_URL" => :openstack_auth_url,
+          "OS_USERNAME" => :openstack_username,
+          "OS_PASSWORD" => :openstack_api_key,
+          "OS_PROJECT_NAME" => :openstack_project_name,
+          "OS_PROJECT_ID" => :openstack_project_id,
+          "OS_USER_DOMAIN_NAME" => :openstack_user_domain,
+          "OS_USER_DOMAIN_ID" => :openstack_user_domain_id,
+          "OS_PROJECT_DOMAIN_NAME" => :openstack_project_domain,
+          "OS_PROJECT_DOMAIN_ID" => :openstack_project_domain_id,
+          "OS_DOMAIN_ID" => :openstack_domain_id,
+          "OS_DOMAIN_NAME" => :openstack_domain_name,
+          "OS_REGION_NAME" => :openstack_region,
+          "OS_INTERFACE" => :openstack_endpoint_type,
+          "OS_IDENTITY_API_VERSION" => :openstack_identity_api_version,
+          "OS_APPLICATION_CREDENTIAL_ID" => :openstack_application_credential_id,
+          "OS_APPLICATION_CREDENTIAL_SECRET" => :openstack_application_credential_secret,
+          "OS_CACERT" => :ssl_ca_file,
+        }.freeze
+
+        private
+
+        # Merges external config sources into the driver config hash.
+        # Precedence: kitchen.yml > OS_* env vars > clouds.yaml
+        # Only sets keys that are currently nil so that kitchen.yml
+        # values always take precedence.
+        def apply_clouds_config
+          cc = load_clouds_config
+          env = load_env_vars
+
+          # env vars override clouds.yaml per upstream openstacksdk precedence
+          merged = cc.merge(env)
+          return if merged.empty?
+
+          merged.each do |key, value|
+            config[key] = value if config[key].nil?
+          end
+
+          # Apply SSL settings: env vars or clouds.yaml disabling verification
+          ssl_verify = env.key?(:ssl_verify_peer) ? env[:ssl_verify_peer] : cc[:ssl_verify_peer]
+          return unless ssl_verify == false && !config[:disable_ssl_validation]
+
+          config[:disable_ssl_validation] = true
+        end
+
+        # Reads OS_* environment variables and maps them to Fog config keys.
+        # Returns a hash of fog config symbols for any set env vars.
+        def load_env_vars
+          result = {}
+          ENV_VAR_MAP.each do |env_var, fog_key|
+            value = ENV[env_var]
+            result[fog_key] = value if value && !value.empty?
+          end
+          result
+        end
+
+        # Resolves the cloud name from config or the OS_CLOUD environment variable
+        def cloud_name
+          config[:openstack_cloud] || ENV["OS_CLOUD"]
+        end
+
+        # Loads and merges clouds.yaml with secure.yaml, then translates the
+        # named cloud entry into Fog-compatible config keys.
+        # Returns a hash of fog config symbols, or empty hash if no cloud configured.
+        def load_clouds_config
+          name = cloud_name
+          return {} unless name
+
+          clouds_data = load_yaml_file("clouds.yaml", "OS_CLIENT_CONFIG_FILE")
+          secure_data = load_yaml_file("secure.yaml", "OS_CLIENT_SECURE_FILE")
+
+          cloud = extract_cloud(clouds_data, name)
+          secure = extract_cloud(secure_data, name)
+
+          cloud = deep_merge(cloud, secure)
+          translate_cloud_config(cloud)
+        end
+
+        # Search standard OpenStack config file locations for the given filename
+        def load_yaml_file(filename, env_var)
+          paths = clouds_yaml_search_paths(filename, env_var)
+          path = paths.find { |p| File.exist?(p) }
+          return {} unless path
+
+          debug "Loading #{filename} from #{path}"
+          YAML.safe_load(File.read(path), permitted_classes: [Date]) || {} # rubocop: disable Style/YAMLFileRead
+        end
+
+        def clouds_yaml_search_paths(filename, env_var)
+          paths = []
+          paths << ENV[env_var] if ENV[env_var]
+          paths << config[:clouds_yaml_path] if config[:clouds_yaml_path] && filename == "clouds.yaml"
+          paths << File.join(Dir.pwd, filename)
+          paths << File.join(Dir.home, ".config", "openstack", filename)
+          paths << File.join("/etc/openstack", filename)
+          paths
+        end
+
+        def extract_cloud(data, name)
+          clouds = data["clouds"] || {}
+          cloud = clouds[name]
+          return {} unless cloud
+
+          cloud
+        end
+
+        # Deep merge two hashes (secure overrides clouds)
+        def deep_merge(base, override)
+          result = base.dup
+          override.each do |key, value|
+            result[key] = if result[key].is_a?(Hash) && value.is_a?(Hash)
+                            deep_merge(result[key], value)
+                          else
+                            value
+                          end
+          end
+          result
+        end
+
+        # Convert a clouds.yaml cloud entry into Fog-compatible config keys
+        def translate_cloud_config(cloud)
+          result = {}
+
+          # Map auth section
+          auth = cloud["auth"] || {}
+          CLOUDS_YAML_AUTH_MAP.each do |yaml_key, fog_key|
+            result[fog_key] = auth[yaml_key] if auth[yaml_key]
+          end
+
+          # Map top-level keys
+          CLOUDS_YAML_TOP_MAP.each do |yaml_key, fog_key|
+            result[fog_key] = cloud[yaml_key] if cloud[yaml_key]
+          end
+
+          # SSL settings
+          result[:ssl_verify_peer] = cloud["verify"] if cloud.key?("verify")
+          result[:ssl_ca_file] = cloud["cacert"] if cloud["cacert"]
+
+          result
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/driver/openstack/config.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+#
+# Author:: Jonathan Hartman (<j@p4nt5.com>)
+# Author:: JJ Asghar (<jj@chef.io>)
+# Author:: Lance Albertson (<lance@osuosl.org>)
+#
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2026, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Kitchen
+  module Driver
+    class Openstack < Kitchen::Driver::Base
+      # Server naming and configuration helpers
+      module Config
+        # Set the proper server name in the config
+        def config_server_name
+          return if config[:server_name]
+
+          config[:server_name] = if config[:server_name_prefix]
+                                   server_name_prefix(config[:server_name_prefix])
+                                 else
+                                   default_name
+                                 end
+        end
+
+        private
+
+        # Generate what should be a unique server name up to 63 total chars
+        # Base name:    15
+        # Username:     15
+        # Hostname:     23
+        # Random string: 7
+        # Separators:    3
+        # ================
+        # Total:        63
+        def default_name
+          [
+            instance.name.gsub(/\W/, "")[0..14],
+            ((Etc.getpwuid ? Etc.getpwuid.name : Etc.getlogin) || "nologin").gsub(/\W/, "")[0..14],
+            Socket.gethostname.gsub(/\W/, "")[0..22],
+            Array.new(7) { rand(36).to_s(36) }.join,
+          ].join("-")
+        end
+
+        def server_name_prefix(server_name_prefix)
+          # Generate what should be a unique server name with given prefix
+          # of up to 63 total chars
+          #
+          # Provided prefix:  variable, max 54
+          # Separator:        1
+          # Random string:    8
+          # ===================
+          # Max:              63
+          #
+          if server_name_prefix.length > 54
+            warn "Server name prefix too long, truncated to 54 characters"
+            server_name_prefix = server_name_prefix[0..53]
+          end
+
+          server_name_prefix.gsub!(/\W/, "")
+
+          if server_name_prefix.empty?
+            warn "Server name prefix empty or invalid; using fully generated name"
+            default_name
+          else
+            random_suffix = ("a".."z").to_a.sample(8).join
+            server_name_prefix + "-" + random_suffix
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/driver/openstack/helpers.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+#
+# Author:: Jonathan Hartman (<j@p4nt5.com>)
+# Author:: JJ Asghar (<jj@chef.io>)
+# Author:: Lance Albertson (<lance@osuosl.org>)
+#
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2026, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "ohai" unless defined?(Ohai::System)
+
+module Kitchen
+  module Driver
+    class Openstack < Kitchen::Driver::Base
+      # Ohai hints, SSL handling, and server wait helpers
+      module Helpers
+        private
+
+        def add_ohai_hint(state)
+          if bourne_shell?
+            info "Adding OpenStack hint for ohai"
+            mkdir_cmd = "sudo mkdir -p #{hints_path}"
+            touch_cmd = "sudo bash -c 'echo {} > #{hints_path}/openstack.json'"
+            instance.transport.connection(state).execute(
+              "#{mkdir_cmd} && #{touch_cmd}"
+            )
+          elsif windows_os?
+            info "Adding OpenStack hint for ohai"
+            touch_cmd = "New-Item #{hints_path}\\openstack.json"
+            touch_cmd_args = "-Value '{}' -Force -Type file"
+            instance.transport.connection(state).execute(
+              "#{touch_cmd} #{touch_cmd_args}"
+            )
+          end
+        end
+
+        def hints_path
+          Ohai.config[:hints_path][0]
+        end
+
+        def disable_ssl_validation
+          require "excon" unless defined?(Excon)
+          Excon.defaults[:ssl_verify_peer] = false
+        end
+
+        def wait_for_server(state)
+          if config[:server_wait]
+            info "Sleeping for #{config[:server_wait]} seconds to let your server start up..."
+            countdown(config[:server_wait])
+          end
+          info "Waiting for server to be ready..."
+          instance.transport.connection(state).wait_until_ready
+        rescue
+          error "Server #{state[:hostname]} (#{state[:server_id]}) not reachable. Destroying server..."
+          destroy(state)
+          raise
+        end
+
+        def countdown(seconds)
+          date1 = Time.now + seconds
+          while Time.now < date1
+            Kernel.print "."
+            sleep 10
+          end
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/driver/openstack/networking.rb

@@ -0,0 +1,129 @@
+# frozen_string_literal: true
+
+#
+# Author:: Jonathan Hartman (<j@p4nt5.com>)
+# Author:: JJ Asghar (<jj@chef.io>)
+# Author:: Lance Albertson (<lance@osuosl.org>)
+#
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2026, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "ipaddr" unless defined?(IPAddr)
+
+module Kitchen
+  module Driver
+    class Openstack < Kitchen::Driver::Base
+      # Floating IP allocation and IP address resolution
+      module Networking
+        IP_POOL_LOCK = Mutex.new
+
+        private
+
+        def attach_ip_from_pool(server, pool)
+          IP_POOL_LOCK.synchronize do
+            info "Attaching floating IP from <#{pool}> pool"
+            if config[:allocate_floating_ip]
+              network_id = network
+                .list_networks(
+                  name: pool
+                ).body["networks"][0]["id"]
+              resp = network.create_floating_ip(network_id)
+              ip = resp.body["floatingip"]["floating_ip_address"]
+              info "Created floating IP <#{ip}> from <#{pool}> pool"
+              config[:floating_ip] = ip
+            else
+              free_addrs = compute.addresses.map do |i|
+                i.ip if i.fixed_ip.nil? && i.instance_id.nil? && i.pool == pool
+              end.compact
+              if free_addrs.empty?
+                raise ActionFailed, "No available IPs in pool <#{pool}>"
+              end
+
+              config[:floating_ip] = free_addrs[0]
+            end
+            attach_ip(server, config[:floating_ip])
+          end
+        end
+
+        def attach_ip(server, ip)
+          info "Attaching floating IP <#{ip}>"
+          server.associate_address ip
+        end
+
+        def get_public_private_ips(server)
+          begin
+            pub = server.public_ip_addresses
+            priv = server.private_ip_addresses
+          rescue Fog::OpenStack::Compute::NotFound, Excon::Errors::Forbidden
+            # See Fog issue: https://github.com/fog/fog/issues/2160
+            addrs = server.addresses
+            addrs["public"] && pub = addrs["public"].map { |i| i["addr"] }
+            addrs["private"] && priv = addrs["private"].map { |i| i["addr"] }
+          end
+          [pub, priv]
+        end
+
+        def get_ip(server)
+          if config[:floating_ip]
+            debug "Using floating ip: #{config[:floating_ip]}"
+            return config[:floating_ip]
+          end
+
+          # make sure we have the latest info
+          info "Waiting for network information to be available..."
+          begin
+            w = server.wait_for { !addresses.empty? }
+            debug "Waited #{w[:duration]} seconds for network information."
+          rescue Fog::Errors::TimeoutError
+            raise ActionFailed, "Could not get network information (timed out)"
+          end
+
+          # should also work for private networks
+          if config[:openstack_network_name]
+            debug "Using configured net: #{config[:openstack_network_name]}"
+            return filter_ips(server.addresses[config[:openstack_network_name]]).first["addr"]
+          end
+
+          pub, priv = get_public_private_ips(server)
+          priv = server.ip_addresses if Array(pub).empty? && Array(priv).empty?
+          pub, priv = parse_ips(pub, priv)
+          pub[config[:public_ip_order].to_i] ||
+            priv[config[:private_ip_order].to_i] ||
+            raise(ActionFailed, "Could not find an IP")
+        end
+
+        def filter_ips(addresses)
+          if config[:use_ipv6]
+            addresses.select { |i| IPAddr.new(i["addr"]).ipv6? }
+          else
+            addresses.select { |i| IPAddr.new(i["addr"]).ipv4? }
+          end
+        end
+
+        def parse_ips(pub, priv)
+          pub = Array(pub)
+          priv = Array(priv)
+          if config[:use_ipv6]
+            [pub, priv].each { |n| n.select! { |i| IPAddr.new(i).ipv6? } }
+          else
+            [pub, priv].each { |n| n.select! { |i| IPAddr.new(i).ipv4? } }
+          end
+          [pub, priv]
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/driver/openstack/server_helper.rb

@@ -0,0 +1,137 @@
+# frozen_string_literal: true
+
+#
+# Author:: Jonathan Hartman (<j@p4nt5.com>)
+# Author:: JJ Asghar (<jj@chef.io>)
+# Author:: Lance Albertson (<lance@osuosl.org>)
+#
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2026, Oregon State University
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Kitchen
+  module Driver
+    class Openstack < Kitchen::Driver::Base
+      # Server creation and resource finders (image, flavor, network)
+      module ServerHelper
+        private
+
+        def create_server
+          server_def = init_configuration
+          raise(ActionFailed, "Cannot specify both network_ref and network_id") if config[:network_id] && config[:network_ref]
+
+          if config[:network_id]
+            networks = [].push(config[:network_id])
+            server_def[:nics] = networks.flatten.map do |net_id|
+              { "net_id" => net_id }
+            end
+          elsif config[:network_ref]
+            networks = [].push(config[:network_ref])
+            server_def[:nics] = networks.flatten.map do |net|
+              { "net_id" => find_network(net).id }
+            end
+          end
+
+          if config[:block_device_mapping]
+            server_def[:block_device_mapping] = get_bdm(config)
+          end
+
+          %i{
+            security_groups
+            key_name
+            user_data
+            config_drive
+            metadata
+          }.each do |c|
+            server_def[c] = optional_config(c) if config[c]
+          end
+
+          if config[:cloud_config]
+            raise(ActionFailed, "Cannot specify both cloud_config and user_data") if config[:user_data]
+
+            server_def[:user_data] = YAML.dump(Kitchen::Util.stringified_hash(config[:cloud_config])).gsub(/^---\n/, "#cloud-config\n")
+          end
+
+          # Can't use the Fog bootstrap and/or setup methods here; they require a
+          # public IP address that can't be guaranteed to exist across all
+          # OpenStack deployments (e.g. TryStack ARM only has private IPs).
+          compute.servers.create(server_def)
+        end
+
+        def init_configuration
+          raise(ActionFailed, "Cannot specify both image_ref and image_id") if config[:image_id] && config[:image_ref]
+          raise(ActionFailed, "Cannot specify both flavor_ref and flavor_id") if config[:flavor_id] && config[:flavor_ref]
+
+          {
+            name: config[:server_name],
+            image_ref: config[:image_id] || find_image(config[:image_ref]).id,
+            flavor_ref: config[:flavor_id] || find_flavor(config[:flavor_ref]).id,
+            availability_zone: config[:availability_zone],
+          }
+        end
+
+        def optional_config(c)
+          case c
+          when :security_groups
+            config[c] if config[c].is_a?(Array)
+          when :user_data
+            File.read(config[c]) if File.exist?(config[c])
+          else
+            config[c]
+          end
+        end
+
+        def find_image(image_ref)
+          image = find_matching(compute.images, image_ref)
+          raise(ActionFailed, "Image not found") unless image
+
+          debug "Selected image: #{image.id} #{image.name}"
+          image
+        end
+
+        def find_flavor(flavor_ref)
+          flavor = find_matching(compute.flavors, flavor_ref)
+          raise(ActionFailed, "Flavor not found") unless flavor
+
+          debug "Selected flavor: #{flavor.id} #{flavor.name}"
+          flavor
+        end
+
+        def find_network(network_ref)
+          net = find_matching(network.networks.all, network_ref)
+          raise(ActionFailed, "Network not found") unless net
+
+          debug "Selected net: #{net.id} #{net.name}"
+          net
+        end
+
+        def find_matching(collection, name)
+          name = name.to_s
+          if name.start_with?("/") && name.end_with?("/")
+            regex = Regexp.new(name[1...-1])
+            # check for regex name match
+            collection.each { |single| return single if regex&.match?(single.name) }
+          else
+            # check for exact id match
+            collection.each { |single| return single if single.id == name }
+            # check for exact name match
+            collection.each { |single| return single if single.name == name }
+          end
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/kitchen/driver/openstack/volume.rb

@@ -3,7 +3,7 @@
 #
 # Author:: Jonathan Hartman (<j@p4nt5.com>)
 #
-# Copyright (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2013-2015, Jonathan Hartman
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -28,7 +28,7 @@ module Kitchen
       #
       # @author Liam Haworth <liam.haworth@bluereef.com.au>
       class Volume
-        @@default_creation_timeout = 60
+        DEFAULT_CREATION_TIMEOUT = 60
 
         def initialize(logger)
           @logger = logger
@@ -60,7 +60,7 @@ module Kitchen
           vol_model = volume(os).volumes.first { |x| x.id == vol_id }
 
           # Use default creation timeout or user supplied
-          creation_timeout = @@default_creation_timeout
+          creation_timeout = DEFAULT_CREATION_TIMEOUT
           if bdm.key?(:creation_timeout)
             creation_timeout = bdm[:creation_timeout]
           end

data/lib/kitchen/driver/openstack.rb

@@ -3,9 +3,11 @@
 #
 # Author:: Jonathan Hartman (<j@p4nt5.com>)
 # Author:: JJ Asghar (<jj@chef.io>)
+# Author:: Lance Albertson (<lance@osuosl.org>)
 #
-# Copyright (C) 2013-2015, Jonathan Hartman
-# Copyright (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2020, Chef Software Inc.
+# Copyright:: (C) 2026, Oregon State University
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -21,21 +23,39 @@
 
 require "kitchen"
 require "fog/openstack"
-require "ohai" unless defined?(Ohai::System)
 require "yaml"
 require_relative "openstack_version"
+require_relative "openstack/clouds"
+require_relative "openstack/config"
+require_relative "openstack/helpers"
+require_relative "openstack/networking"
+require_relative "openstack/server_helper"
 require_relative "openstack/volume"
 
 module Kitchen
   module Driver
     # This takes from the Base Class and creates the OpenStack driver.
     class Openstack < Kitchen::Driver::Base
-      @@ip_pool_lock = Mutex.new
+      include Clouds
+      include Config
+      include Helpers
+      include Networking
+      include ServerHelper
 
       kitchen_driver_api_version 2
       plugin_version Kitchen::Driver::OPENSTACK_VERSION
 
+      default_config :openstack_cloud, nil
+      default_config :clouds_yaml_path, nil
       default_config :server_name, nil
+
+      # Merge clouds.yaml values into config so they are visible in
+      # `kitchen diagnose` and available to all driver methods.
+      def finalize_config!(instance)
+        super
+        apply_clouds_config
+        self
+      end
       default_config :server_name_prefix, nil
       default_config :key_name, nil
       default_config :port, "22"
@@ -62,17 +82,6 @@ module Kitchen
       default_config :write_timeout, 60
       default_config :metadata, nil
 
-      # Set the proper server name in the config
-      def config_server_name
-        return if config[:server_name]
-
-        config[:server_name] = if config[:server_name_prefix]
-                                 server_name_prefix(config[:server_name_prefix])
-                               else
-                                 default_name
-                               end
-      end
-
       def create(state)
         config_server_name
         if state[:server_id]
@@ -87,7 +96,10 @@ module Kitchen
         debug "Waiting for a max time of:#{config[:glance_cache_wait_timeout]} seconds for OpenStack server to be in ACTIVE state"
         server.wait_for(config[:glance_cache_wait_timeout]) do
           sleep(1)
-          raise(Kitchen::InstanceFailure, "OpenStack server ID <#{state[:server_id]}> build failed to ERROR state") if failed?
+          if failed?
+            raise(Kitchen::InstanceFailure,
+              "OpenStack server ID <#{state[:server_id]}> build failed to ERROR state")
+          end
 
           ready?
         end
@@ -101,8 +113,8 @@ module Kitchen
         state[:hostname] = get_ip(server)
         wait_for_server(state)
         add_ohai_hint(state)
-      rescue Fog::Errors::Error, Excon::Errors::Error => ex
-        raise ActionFailed, ex.message
+      rescue Fog::Errors::Error, Excon::Errors::Error => e
+        raise ActionFailed, e.message
       end
 
       def destroy(state)
@@ -172,293 +184,6 @@ module Kitchen
       def get_bdm(config)
         volume.get_bdm(config, openstack_server)
       end
-
-      def create_server
-        server_def = init_configuration
-        raise(ActionFailed, "Cannot specify both network_ref and network_id") if config[:network_id] && config[:network_ref]
-
-        if config[:network_id]
-          networks = [].push(config[:network_id])
-          server_def[:nics] = networks.flatten.map do |net_id|
-            { "net_id" => net_id }
-          end
-        elsif config[:network_ref]
-          networks = [].push(config[:network_ref])
-          server_def[:nics] = networks.flatten.map do |net|
-            { "net_id" => find_network(net).id }
-          end
-        end
-
-        if config[:block_device_mapping]
-          server_def[:block_device_mapping] = get_bdm(config)
-        end
-
-        %i{
-          security_groups
-          key_name
-          user_data
-          config_drive
-          metadata
-        }.each do |c|
-          server_def[c] = optional_config(c) if config[c]
-        end
-
-        if config[:cloud_config]
-          raise(ActionFailed, "Cannot specify both cloud_config and user_data") if config[:user_data]
-
-          server_def[:user_data] = Kitchen::Util.stringified_hash(config[:cloud_config]).to_yaml.gsub(/^---\n/, "#cloud-config\n")
-        end
-
-        # Can't use the Fog bootstrap and/or setup methods here; they require a
-        # public IP address that can't be guaranteed to exist across all
-        # OpenStack deployments (e.g. TryStack ARM only has private IPs).
-        compute.servers.create(server_def)
-      end
-
-      def init_configuration
-        raise(ActionFailed, "Cannot specify both image_ref and image_id") if config[:image_id] && config[:image_ref]
-        raise(ActionFailed, "Cannot specify both flavor_ref and flavor_id") if config[:flavor_id] && config[:flavor_ref]
-
-        {
-          name: config[:server_name],
-          image_ref: config[:image_id] || find_image(config[:image_ref]).id,
-          flavor_ref: config[:flavor_id] || find_flavor(config[:flavor_ref]).id,
-          availability_zone: config[:availability_zone],
-        }
-      end
-
-      def optional_config(c)
-        case c
-        when :security_groups
-          config[c] if config[c].is_a?(Array)
-        when :user_data
-          File.open(config[c], &:read) if File.exist?(config[c])
-        else
-          config[c]
-        end
-      end
-
-      def find_image(image_ref)
-        image = find_matching(compute.images, image_ref)
-        raise(ActionFailed, "Image not found") unless image
-
-        debug "Selected image: #{image.id} #{image.name}"
-        image
-      end
-
-      def find_flavor(flavor_ref)
-        flavor = find_matching(compute.flavors, flavor_ref)
-        raise(ActionFailed, "Flavor not found") unless flavor
-
-        debug "Selected flavor: #{flavor.id} #{flavor.name}"
-        flavor
-      end
-
-      def find_network(network_ref)
-        net = find_matching(network.networks.all, network_ref)
-        raise(ActionFailed, "Network not found") unless net
-
-        debug "Selected net: #{net.id} #{net.name}"
-        net
-      end
-
-      # Generate what should be a unique server name up to 63 total chars
-      # Base name:    15
-      # Username:     15
-      # Hostname:     23
-      # Random string: 7
-      # Separators:    3
-      # ================
-      # Total:        63
-      def default_name
-        [
-          instance.name.gsub(/\W/, "")[0..14],
-          ((Etc.getpwuid ? Etc.getpwuid.name : Etc.getlogin) || "nologin").gsub(/\W/, "")[0..14],
-          Socket.gethostname.gsub(/\W/, "")[0..22],
-          Array.new(7) { rand(36).to_s(36) }.join,
-        ].join("-")
-      end
-
-      def server_name_prefix(server_name_prefix)
-        # Generate what should be a unique server name with given prefix
-        # of up to 63 total chars
-        #
-        # Provided prefix:  variable, max 54
-        # Separator:        1
-        # Random string:    8
-        # ===================
-        # Max:              63
-        #
-        if server_name_prefix.length > 54
-          warn "Server name prefix too long, truncated to 54 characters"
-          server_name_prefix = server_name_prefix[0..53]
-        end
-
-        server_name_prefix.gsub!(/\W/, "")
-
-        if server_name_prefix.empty?
-          warn "Server name prefix empty or invalid; using fully generated name"
-          default_name
-        else
-          random_suffix = ("a".."z").to_a.sample(8).join
-          server_name_prefix + "-" + random_suffix
-        end
-      end
-
-      def attach_ip_from_pool(server, pool)
-        @@ip_pool_lock.synchronize do
-          info "Attaching floating IP from <#{pool}> pool"
-          if config[:allocate_floating_ip]
-            network_id = network
-              .list_networks(
-                name: pool
-              ).body["networks"][0]["id"]
-            resp = network.create_floating_ip(network_id)
-            ip = resp.body["floatingip"]["floating_ip_address"]
-            info "Created floating IP <#{ip}> from <#{pool}> pool"
-            config[:floating_ip] = ip
-          else
-            free_addrs = compute.addresses.map do |i|
-              i.ip if i.fixed_ip.nil? && i.instance_id.nil? && i.pool == pool
-            end.compact
-            if free_addrs.empty?
-              raise ActionFailed, "No available IPs in pool <#{pool}>"
-            end
-
-            config[:floating_ip] = free_addrs[0]
-          end
-          attach_ip(server, config[:floating_ip])
-        end
-      end
-
-      def attach_ip(server, ip)
-        info "Attaching floating IP <#{ip}>"
-        server.associate_address ip
-      end
-
-      def get_public_private_ips(server)
-        begin
-          pub = server.public_ip_addresses
-          priv = server.private_ip_addresses
-        rescue Fog::OpenStack::Compute::NotFound, Excon::Errors::Forbidden
-          # See Fog issue: https://github.com/fog/fog/issues/2160
-          addrs = server.addresses
-          addrs["public"] && pub = addrs["public"].map { |i| i["addr"] }
-          addrs["private"] && priv = addrs["private"].map { |i| i["addr"] }
-        end
-        [pub, priv]
-      end
-
-      def get_ip(server)
-        if config[:floating_ip]
-          debug "Using floating ip: #{config[:floating_ip]}"
-          return config[:floating_ip]
-        end
-
-        # make sure we have the latest info
-        info "Waiting for network information to be available..."
-        begin
-          w = server.wait_for { !addresses.empty? }
-          debug "Waited #{w[:duration]} seconds for network information."
-        rescue Fog::Errors::TimeoutError
-          raise ActionFailed, "Could not get network information (timed out)"
-        end
-
-        # should also work for private networks
-        if config[:openstack_network_name]
-          debug "Using configured net: #{config[:openstack_network_name]}"
-          return filter_ips(server.addresses[config[:openstack_network_name]]).first["addr"]
-        end
-
-        pub, priv = get_public_private_ips(server)
-        priv = server.ip_addresses if Array(pub).empty? && Array(priv).empty?
-        pub, priv = parse_ips(pub, priv)
-        pub[config[:public_ip_order].to_i] ||
-          priv[config[:private_ip_order].to_i] ||
-          raise(ActionFailed, "Could not find an IP")
-      end
-
-      def filter_ips(addresses)
-        if config[:use_ipv6]
-          addresses.select { |i| IPAddr.new(i["addr"]).ipv6? }
-        else
-          addresses.select { |i| IPAddr.new(i["addr"]).ipv4? }
-        end
-      end
-
-      def parse_ips(pub, priv)
-        pub = Array(pub)
-        priv = Array(priv)
-        if config[:use_ipv6]
-          [pub, priv].each { |n| n.select! { |i| IPAddr.new(i).ipv6? } }
-        else
-          [pub, priv].each { |n| n.select! { |i| IPAddr.new(i).ipv4? } }
-        end
-        [pub, priv]
-      end
-
-      def add_ohai_hint(state)
-        if bourne_shell?
-          info "Adding OpenStack hint for ohai"
-          mkdir_cmd = "sudo mkdir -p #{hints_path}"
-          touch_cmd = "sudo bash -c 'echo {} > #{hints_path}/openstack.json'"
-          instance.transport.connection(state).execute(
-            "#{mkdir_cmd} && #{touch_cmd}"
-          )
-        elsif windows_os?
-          info "Adding OpenStack hint for ohai"
-          touch_cmd = "New-Item #{hints_path}\\openstack.json"
-          touch_cmd_args = "-Value '{}' -Force -Type file"
-          instance.transport.connection(state).execute(
-            "#{touch_cmd} #{touch_cmd_args}"
-          )
-        end
-      end
-
-      def hints_path
-        Ohai.config[:hints_path][0]
-      end
-
-      def disable_ssl_validation
-        require "excon" unless defined?(Excon)
-        Excon.defaults[:ssl_verify_peer] = false
-      end
-
-      def wait_for_server(state)
-        if config[:server_wait]
-          info "Sleeping for #{config[:server_wait]} seconds to let your server start up..."
-          countdown(config[:server_wait])
-        end
-        info "Waiting for server to be ready..."
-        instance.transport.connection(state).wait_until_ready
-      rescue
-        error "Server #{state[:hostname]} (#{state[:server_id]}) not reachable. Destroying server..."
-        destroy(state)
-        raise
-      end
-
-      def countdown(seconds)
-        date1 = Time.now + seconds
-        while Time.now < date1
-          Kernel.print "."
-          sleep 10
-        end
-      end
-
-      def find_matching(collection, name)
-        name = name.to_s
-        if name.start_with?("/") && name.end_with?("/")
-          regex = Regexp.new(name[1...-1])
-          # check for regex name match
-          collection.each { |single| return single if regex&.match?(single.name) }
-        else
-          # check for exact id match
-          collection.each { |single| return single if single.id == name }
-          # check for exact name match
-          collection.each { |single| return single if single.name == name }
-        end
-        nil
-      end
     end
   end
 end

data/lib/kitchen/driver/openstack_version.rb

@@ -3,8 +3,8 @@
 #
 # Author:: Jonathan Hartman (<j@p4nt5.com>)
 #
-# Copyright (C) 2013-2015, Jonathan Hartman
-# Copyright (C) 2015-2021, Chef Software Inc
+# Copyright:: (C) 2013-2015, Jonathan Hartman
+# Copyright:: (C) 2015-2021, Chef Software Inc
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -23,6 +23,6 @@ module Kitchen
   #
   # @author Jonathan Hartman <j@p4nt5.com>
   module Driver
-    OPENSTACK_VERSION = "6.2.2"
+    OPENSTACK_VERSION = "7.0.0"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-openstack
 version: !ruby/object:Gem::Version
-  version: 6.2.2
+  version: 7.0.0
 platform: ruby
 authors:
 - Jonathan Hartman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-01-24 00:00:00.000000000 Z
+date: 2026-04-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: test-kitchen
@@ -69,6 +69,11 @@ extra_rdoc_files: []
 files:
 - README.md
 - lib/kitchen/driver/openstack.rb
+- lib/kitchen/driver/openstack/clouds.rb
+- lib/kitchen/driver/openstack/config.rb
+- lib/kitchen/driver/openstack/helpers.rb
+- lib/kitchen/driver/openstack/networking.rb
+- lib/kitchen/driver/openstack/server_helper.rb
 - lib/kitchen/driver/openstack/volume.rb
 - lib/kitchen/driver/openstack_version.rb
 homepage: https://github.com/test-kitchen/kitchen-openstack