Convert gate_hook to devstack-tools

Conflicts:
	neutronclient/tests/functional/hooks/gate_hook.sh

Mitaka changes: added vpnaas hook and use load_rc_hook to load it
instead of setting DEVSTACK_LOCAL_CONFIG.

Change-Id: I2387bc9778a77b1673751bc4c1ff50f8d4826a5d
Co-Authored-By: Ihar Hrachyshka <ihrachys@redhat.com>
Co-Authored-By: Sean Dague <sean@dague.net>
Original-Commit: Ibd0f67f9131e7f67f3a4a62cb6ad28bf80e11bbf
(cherry picked from commit e516b8230c)

.gitreview

@@ -2,3 +2,4 @@
 host=review.openstack.org
 port=29418
 project=openstack/python-neutronclient.git
+defaultbranch=stable/mitaka

neutronclient/common/utils.py

@@ -19,6 +19,7 @@
 
 import argparse
 import functools
+import hashlib
 import logging
 import netaddr
 import os
@@ -30,6 +31,8 @@ import six
 from neutronclient._i18n import _
 from neutronclient.common import exceptions
 
+SENSITIVE_HEADERS = ('X-Auth-Token',)
+
 
 def env(*vars, **kwargs):
     """Returns the first environment variable set.
@@ -167,8 +170,13 @@ def http_log_req(_logger, args, kwargs):
         else:
             string_parts.append(' %s' % element)
 
-    for element in kwargs['headers']:
-        header = ' -H "%s: %s"' % (element, kwargs['headers'][element])
+    for (key, value) in six.iteritems(kwargs['headers']):
+        if key in SENSITIVE_HEADERS:
+            v = value.encode('utf-8')
+            h = hashlib.sha1(v)
+            d = h.hexdigest()
+            value = "{SHA1}%s" % d
+        header = ' -H "%s: %s"' % (key, value)
         string_parts.append(header)
 
     if 'body' in kwargs and kwargs['body']:

neutronclient/neutron/v2_0/quota.py

@@ -184,6 +184,12 @@ class UpdateQuota(neutronV20.NeutronCommand, show.ShowOne):
         parser.add_argument(
             '--health-monitor', metavar='health_monitors',
             help=_('The limit of health monitors.'))
+        parser.add_argument(
+            '--loadbalancer', metavar='loadbalancers',
+            help=_('The limit of load balancers.'))
+        parser.add_argument(
+            '--listener', metavar='listeners',
+            help=_('The limit of listeners.'))
         parser.add_argument(
             'pos_tenant_id',
             help=argparse.SUPPRESS, nargs='?')
@@ -203,7 +209,8 @@ class UpdateQuota(neutronV20.NeutronCommand, show.ShowOne):
         quota = {}
         for resource in ('network', 'subnet', 'port', 'router', 'floatingip',
                          'security_group', 'security_group_rule',
-                         'vip', 'pool', 'member', 'health_monitor'):
+                         'vip', 'pool', 'member', 'health_monitor',
+                         'loadbalancer', 'listener'):
             if getattr(parsed_args, resource):
                 quota[resource] = self._validate_int(
                     resource,

neutronclient/neutron/v2_0/router.py

@@ -220,6 +220,9 @@ class SetGatewayRouter(neutronV20.NeutronCommand):
         parser.add_argument(
             'external_network', metavar='EXTERNAL-NETWORK',
             help=_('ID or name of the external network for the gateway.'))
+        parser.add_argument(
+            '--enable-snat', action='store_true',
+            help=_('Enable source NAT on the router gateway.'))
         parser.add_argument(
             '--disable-snat', action='store_true',
             help=_('Disable source NAT on the router gateway.'))
@@ -242,6 +245,8 @@ class SetGatewayRouter(neutronV20.NeutronCommand):
         _ext_net_id = neutronV20.find_resourceid_by_name_or_id(
             neutron_client, 'network', parsed_args.external_network)
         router_dict = {'network_id': _ext_net_id}
+        if parsed_args.enable_snat:
+            router_dict['enable_snat'] = True
         if parsed_args.disable_snat:
             router_dict['enable_snat'] = False
         if parsed_args.fixed_ip:

neutronclient/neutron/v2_0/subnetpool.py

@@ -26,7 +26,7 @@ def _format_prefixes(subnetpool):
         return subnetpool['prefixes']
 
 
-def add_updatable_arguments(parser):
+def add_updatable_arguments(parser, for_create=False):
     parser.add_argument(
         '--min-prefixlen', type=int,
         help=_('Subnetpool minimum prefix length.'))
@@ -39,6 +39,7 @@ def add_updatable_arguments(parser):
     parser.add_argument(
         '--pool-prefix',
         action='append', dest='prefixes',
+        required=for_create,
         help=_('Subnetpool prefixes (This option can be repeated).'))
     utils.add_boolean_argument(
         parser, '--is-default',
@@ -46,7 +47,7 @@ def add_updatable_arguments(parser):
                '(True meaning default).'))
 
 
-def updatable_args2body(parsed_args, body, for_create=True):
+def updatable_args2body(parsed_args, body):
     neutronV20.update_dict(parsed_args, body,
                            ['name', 'prefixes', 'default_prefixlen',
                             'min_prefixlen', 'max_prefixlen', 'is_default'])
@@ -75,7 +76,7 @@ class CreateSubnetPool(neutronV20.CreateCommand):
     resource = 'subnetpool'
 
     def add_known_arguments(self, parser):
-        add_updatable_arguments(parser)
+        add_updatable_arguments(parser, for_create=True)
         parser.add_argument(
             '--shared',
             action='store_true',
@@ -135,7 +136,7 @@ class UpdateSubnetPool(neutronV20.UpdateCommand):
 
     def args2body(self, parsed_args):
         body = {}
-        updatable_args2body(parsed_args, body, for_create=False)
+        updatable_args2body(parsed_args, body)
 
         # Parse and update for "address-scope" option/s
         if parsed_args.no_address_scope:

neutronclient/shell.py

@@ -896,7 +896,8 @@ class NeutronShell(app.App):
         """
         cloud_config = os_client_config.OpenStackConfig().get_one_cloud(
             cloud=self.options.os_cloud, argparse=self.options,
-            network_api_version=self.api_version)
+            network_api_version=self.api_version,
+            verify=not self.options.insecure)
         verify, cert = cloud_config.get_requests_verify_args()
 
         # TODO(singhj): Remove dependancy on HTTPClient
@@ -930,6 +931,7 @@ class NeutronShell(app.App):
             service_name=cloud_config.get_service_name('network'),
             endpoint_type=interface,
             auth=auth,
+            insecure=not verify,
             log_credentials=True)
         return
 

neutronclient/tests/functional/hooks/fwaas

@@ -0,0 +1,2 @@
+enable_plugin neutron-fwaas git://git.openstack.org/openstack/neutron-fwaas
+enable_service q-fwaas

neutronclient/tests/functional/hooks/gate_hook.sh

@@ -4,9 +4,42 @@ set -ex
 
 VENV=${1:-"functional"}
 
-if [ "$VENV" == "functional-adv-svcs" ]
+GATE_DEST=$BASE/new
+NEUTRONCLIENT_PATH=$GATE_DEST/python-neutronclient
+GATE_HOOKS=$NEUTRONCLIENT_PATH/neutronclient/tests/functional/hooks
+DEVSTACK_PATH=$GATE_DEST/devstack
+LOCAL_CONF=$DEVSTACK_PATH/late-local.conf
+DSCONF=/tmp/devstack-tools/bin/dsconf
+
+# Install devstack-tools used to produce local.conf; we can't rely on
+# test-requirements.txt because the gate hook is triggered before neutronclient
+# is installed
+sudo -H pip install virtualenv
+virtualenv /tmp/devstack-tools
+/tmp/devstack-tools/bin/pip install -U devstack-tools==0.4.0
+
+# Inject config from hook into localrc
+function load_rc_hook {
+    local hook="$1"
+    local tmpfile
+    local config
+    tmpfile=$(tempfile)
+    config=$(cat $GATE_HOOKS/$hook)
+    echo "[[local|localrc]]" > $tmpfile
+    $DSCONF setlc_raw $tmpfile "$config"
+    $DSCONF merge_lc $LOCAL_CONF $tmpfile
+    rm -f $tmpfile
+}
+
+if [ "$VENV" == "functional" ]
 then
-    export DEVSTACK_LOCAL_CONFIG="enable_plugin neutron-vpnaas git://git.openstack.org/openstack/neutron-vpnaas"
+    load_rc_hook fwaas
 fi
 
+if [ "$VENV" == "functional-adv-svcs" ]
+then
+    load_rc_hook vpnaas
+fi
+
+export DEVSTACK_LOCALCONF=$(cat $LOCAL_CONF)
 $BASE/new/devstack-gate/devstack-vm-gate.sh

neutronclient/tests/functional/hooks/vpnaas

@@ -0,0 +1 @@
+enable_plugin neutron-vpnaas git://git.openstack.org/openstack/neutron-vpnaas

neutronclient/tests/unit/test_cli20.py

@@ -18,7 +18,7 @@ import contextlib
 import itertools
 import sys
 
-import fixtures
+import mock
 from mox3 import mox
 from oslo_utils import encodeutils
 from oslotest import base
@@ -182,9 +182,6 @@ class CLITestV20Base(base.BaseTestCase):
                          cmd_resource=None, parent_id=None):
         return name_or_id
 
-    def _get_attr_metadata(self):
-        return self.metadata
-
     def setUp(self, plurals=None):
         """Prepare the test environment."""
         super(CLITestV20Base, self).setUp()
@@ -195,16 +192,14 @@ class CLITestV20Base(base.BaseTestCase):
         self.mox = mox.Mox()
         self.endurl = ENDURL
         self.fake_stdout = FakeStdout()
-        self.useFixture(fixtures.MonkeyPatch('sys.stdout', self.fake_stdout))
-        self.useFixture(fixtures.MonkeyPatch(
-            'neutronclient.neutron.v2_0.find_resourceid_by_name_or_id',
-            self._find_resourceid))
-        self.useFixture(fixtures.MonkeyPatch(
-            'neutronclient.neutron.v2_0.find_resourceid_by_id',
-            self._find_resourceid))
-        self.useFixture(fixtures.MonkeyPatch(
-            'neutronclient.v2_0.client.Client.get_attr_metadata',
-            self._get_attr_metadata))
+
+        self.addCleanup(mock.patch.stopall)
+        mock.patch('sys.stdout', new=self.fake_stdout).start()
+        mock.patch('neutronclient.neutron.v2_0.find_resourceid_by_name_or_id',
+                   new=self._find_resourceid).start()
+        mock.patch('neutronclient.neutron.v2_0.find_resourceid_by_id',
+                   new=self._find_resourceid).start()
+
         self.client = client.Client(token=TOKEN, endpoint_url=self.endurl)
         self.client.format = self.format
 

neutronclient/tests/unit/test_cli20_router.py

@@ -345,6 +345,18 @@ class CLITestV20RouterJSON(test_cli20.CLITestV20Base):
                                     {"network_id": "externalid"}}
                                    )
 
+    def test_set_gateway_enable_snat(self):
+        # enable external gateway for router: myid externalid.
+        resource = 'router'
+        cmd = router.SetGatewayRouter(test_cli20.MyApp(sys.stdout), None)
+        args = ['myid', 'externalid', '--enable-snat']
+        self._test_update_resource(resource, cmd, 'myid',
+                                   args,
+                                   {"external_gateway_info":
+                                    {"network_id": "externalid",
+                                     "enable_snat": True}}
+                                   )
+
     def test_set_gateway_disable_snat(self):
         # set external gateway for router: myid externalid.
         resource = 'router'

neutronclient/tests/unit/test_cli20_subnetpool.py

@@ -118,6 +118,19 @@ class CLITestV20SubnetPoolJSON(test_cli20.CLITestV20Base):
         self._test_create_resource(resource, cmd, name, myid, args,
                                    position_names, position_values)
 
+    def test_create_subnetpool_no_poolprefix(self):
+        # Should raise an error because --pool-prefix is required
+        resource = 'subnetpool'
+        cmd = subnetpool.CreateSubnetPool(test_cli20.MyApp(sys.stdout), None)
+        name = 'myname'
+        myid = 'myid'
+        args = [name]
+        position_names = ['name']
+        position_values = [name]
+        self.assertRaises(SystemExit, self._test_create_resource, resource,
+                          cmd, name, myid, args, position_names,
+                          position_values)
+
     def test_list_subnetpool_pagination(self):
         cmd = subnetpool.ListSubnetPool(test_cli20.MyApp(sys.stdout), None)
         self.mox.StubOutWithMock(subnetpool.ListSubnetPool, "extend_list")

neutronclient/tests/unit/test_client_extension.py

@@ -34,15 +34,9 @@ class CLITestV20ExtensionJSON(test_cli20.CLITestV20Base):
         self._mock_extension_loading()
         super(CLITestV20ExtensionJSON, self).setUp(plurals={'tags': 'tag'})
 
-    def _create_patch(self, name, func=None):
-        patcher = mock.patch(name)
-        thing = patcher.start()
-        self.addCleanup(patcher.stop)
-        return thing
-
     def _mock_extension_loading(self):
         ext_pkg = 'neutronclient.common.extension'
-        contrib = self._create_patch(ext_pkg + '._discover_via_entry_points')
+        contrib = mock.patch(ext_pkg + '._discover_via_entry_points').start()
         contrib.return_value = [("_fox_sockets", fox_sockets)]
         return contrib
 
@@ -134,15 +128,9 @@ class CLITestV20ExtensionJSONAlternatePlurals(test_cli20.CLITestV20Base):
         self._mock_extension_loading()
         super(CLITestV20ExtensionJSONAlternatePlurals, self).setUp()
 
-    def _create_patch(self, name, func=None):
-        patcher = mock.patch(name)
-        thing = patcher.start()
-        self.addCleanup(patcher.stop)
-        return thing
-
     def _mock_extension_loading(self):
         ext_pkg = 'neutronclient.common.extension'
-        contrib = self._create_patch(ext_pkg + '._discover_via_entry_points')
+        contrib = mock.patch(ext_pkg + '._discover_via_entry_points').start()
         ip_address = mock.MagicMock()
         ip_address.IPAddress = self.IPAddress
         ip_address.IPAddressesList = self.IPAddressesList
@@ -193,15 +181,9 @@ class CLITestV20ExtensionJSONChildResource(test_cli20.CLITestV20Base):
         self._mock_extension_loading()
         super(CLITestV20ExtensionJSONChildResource, self).setUp()
 
-    def _create_patch(self, name, func=None):
-        patcher = mock.patch(name)
-        thing = patcher.start()
-        self.addCleanup(patcher.stop)
-        return thing
-
     def _mock_extension_loading(self):
         ext_pkg = 'neutronclient.common.extension'
-        contrib = self._create_patch(ext_pkg + '._discover_via_entry_points')
+        contrib = mock.patch(ext_pkg + '._discover_via_entry_points').start()
         child = mock.MagicMock()
         child.Child = self.Child
         child.ChildrenList = self.ChildrenList

neutronclient/tests/unit/test_shell.py

@@ -20,11 +20,14 @@ import re
 import sys
 
 import fixtures
+from keystoneauth1 import session
+import mock
 from mox3 import mox
 import six
 import testtools
 from testtools import matchers
 
+from neutronclient.common import clientmanager
 from neutronclient import shell as openstack_shell
 
 
@@ -35,6 +38,13 @@ DEFAULT_TENANT_NAME = 'tenant_name'
 DEFAULT_AUTH_URL = 'http://127.0.0.1:5000/v2.0/'
 DEFAULT_TOKEN = '3bcc3d3a03f44e3d8377f9247b0ad155'
 DEFAULT_URL = 'http://quantum.example.org:9696/'
+DEFAULT_REGION = 'regionOne'
+DEFAULT_ENDPOINT_TYPE = 'public'
+DEFAULT_API_VERSION = '2.0'
+DEFAULT_SERVICE_TYPE = 'network'
+DEFAULT_SERVICE_NAME = 'neutron'
+DEFAULT_RETRIES = 3
+DEFAULT_TIMEOUT = 3.0
 
 
 class ShellTest(testtools.TestCase):
@@ -225,3 +235,128 @@ class ShellTest(testtools.TestCase):
         search_str = "Try 'neutron help port-create' for more information"
         self.assertTrue(any(search_str in string for string
                             in stderr.split('\n')))
+
+    def _test_authenticate_user(self, expect_verify, expect_insecure,
+                                **options):
+        base_options = {'os_cloud': None,
+                        'http_timeout': DEFAULT_TIMEOUT,
+                        'region_name': DEFAULT_REGION,
+                        'network_service_name': DEFAULT_SERVICE_NAME,
+                        'neutron_service_type': DEFAULT_SERVICE_TYPE}
+
+        options.update(base_options)
+        if options.get('os_token'):
+            options.update({'os_token': 'token', 'os_url': 'url'})
+        else:
+            options.update({'os_token': None, 'os_url': None})
+
+        with mock.patch.object(openstack_shell.NeutronShell,
+                               'run_subcommand'), \
+                mock.patch.object(session, 'Session') as session_mock, \
+                mock.patch.object(clientmanager, 'ClientManager') as cmgr_mock:
+
+            shell = openstack_shell.NeutronShell(DEFAULT_API_VERSION)
+            shell.options = mock.Mock(spec=options.keys())
+            for k, v in options.items():
+                setattr(shell.options, k, v)
+            shell.options.os_endpoint_type = DEFAULT_ENDPOINT_TYPE
+            shell.options.retries = DEFAULT_RETRIES
+
+            if not (options.get('os_token') and options.get('os_url')):
+                auth = mock.ANY
+                auth_session = mock.sentinel.session
+                session_mock.return_value = auth_session
+            else:
+                auth = None
+                auth_session = None
+
+            shell.authenticate_user()
+
+        if not (options.get('os_token') and options.get('os_url')):
+            session_mock.assert_called_once_with(
+                auth=mock.ANY, verify=expect_verify,
+                cert=options.get('cert'),
+                timeout=DEFAULT_TIMEOUT)
+        else:
+            self.assertFalse(session_mock.called)
+
+        cmgr_mock.assert_called_once_with(
+            retries=DEFAULT_RETRIES,
+            raise_errors=False,
+            session=auth_session,
+            url=options.get('os_url'),
+            token=options.get('os_token'),
+            region_name=DEFAULT_REGION,
+            api_version=DEFAULT_API_VERSION,
+            service_type=DEFAULT_SERVICE_TYPE,
+            service_name=DEFAULT_SERVICE_NAME,
+            endpoint_type=DEFAULT_ENDPOINT_TYPE,
+            auth=auth,
+            insecure=expect_insecure,
+            log_credentials=True)
+
+    def test_authenticate_secure_with_cacert_with_cert(self):
+        self._test_authenticate_user(
+            insecure=False, cacert='cacert', cert='cert',
+            expect_verify='cacert', expect_insecure=False)
+
+    def test_authenticate_secure_with_cacert_with_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=False, cacert='cacert', cert='cert',
+            expect_verify='cacert', expect_insecure=False)
+
+    def test_authenticate_insecure_with_cacert_with_cert(self):
+        self._test_authenticate_user(
+            insecure=True, cacert='cacert', cert='cert',
+            expect_verify=False, expect_insecure=True)
+
+    def test_authenticate_insecure_with_cacert_with_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=True, cacert='cacert', cert='cert',
+            expect_verify=False, expect_insecure=True)
+
+    def test_authenticate_secure_without_cacert_with_cert(self):
+        self._test_authenticate_user(
+            insecure=False, cert='cert',
+            expect_verify=True, expect_insecure=False)
+
+    def test_authenticate_secure_without_cacert_with_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=False, cert='cert',
+            expect_verify=True, expect_insecure=False)
+
+    def test_authenticate_insecure_without_cacert_with_cert(self):
+        self._test_authenticate_user(
+            insecure=True, cert='cert',
+            expect_verify=False, expect_insecure=True)
+
+    def test_authenticate_insecure_without_cacert_with_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=True, cert='cert',
+            expect_verify=False, expect_insecure=True)
+
+    def test_authenticate_secure_with_cacert_without_cert(self):
+        self._test_authenticate_user(
+            insecure=False, cacert='cacert',
+            expect_verify='cacert', expect_insecure=False)
+
+    def test_authenticate_secure_with_cacert_without_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=False, cacert='cacert',
+            expect_verify='cacert', expect_insecure=False)
+
+    def test_authenticate_insecure_with_cacert_without_cert(self):
+        self._test_authenticate_user(
+            insecure=True, cacert='cacert',
+            expect_verify=False, expect_insecure=True)
+
+    def test_authenticate_insecure_with_cacert_without_cert_with_token(self):
+        self._test_authenticate_user(
+            os_token='token',
+            insecure=True, cacert='cacert',
+            expect_verify=False, expect_insecure=True)

releasenotes/notes/quota-update-for-LB-b21e7bc9e4a10f3e.yaml

@@ -0,0 +1,4 @@
+---
+features:
+   - |
+     Quota of Loadbalancers and listeners can now be updated.

requirements.txt

@@ -2,7 +2,7 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
 pbr>=1.6 # Apache-2.0
-cliff!=1.16.0,>=1.15.0 # Apache-2.0
+cliff!=1.16.0,!=1.17.0,>=1.15.0 # Apache-2.0
 debtcollector>=1.2.0 # Apache-2.0
 iso8601>=0.1.9 # MIT
 netaddr!=0.7.16,>=0.7.12 # BSD
@@ -14,4 +14,4 @@ keystoneauth1>=2.1.0 # Apache-2.0
 requests!=2.9.0,>=2.8.1 # Apache-2.0
 simplejson>=2.2.0 # MIT
 six>=1.9.0 # MIT
-Babel>=1.3 # BSD
+Babel!=2.3.0,!=2.3.1,!=2.3.2,!=2.3.3,>=1.3 # BSD

test-requirements.txt

@@ -5,7 +5,7 @@ hacking<0.11,>=0.10.0
 
 coverage>=3.6 # Apache-2.0
 discover # BSD
-fixtures>=1.3.1 # Apache-2.0/BSD
+fixtures<2.0,>=1.3.1 # Apache-2.0/BSD
 mox3>=0.7.0 # Apache-2.0
 mock>=1.2 # BSD
 oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0

tools/tox_install.sh

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+
+# Client constraint file contains this client version pin that is in conflict
+# with installing the client from source. We should replace the version pin in
+# the constraints file before applying it for from-source installation.
+
+ZUUL_CLONER=/usr/zuul-env/bin/zuul-cloner
+BRANCH_NAME=stable/mitaka
+CLIENT_NAME=python-neutronclient
+requirements_installed=$(echo "import openstack_requirements" | python 2>/dev/null ; echo $?)
+
+set -e
+
+CONSTRAINTS_FILE=$1
+shift
+
+install_cmd="pip install"
+if [ $CONSTRAINTS_FILE != "unconstrained" ]; then
+
+    mydir=$(mktemp -dt "$CLIENT_NAME-tox_install-XXXXXXX")
+    localfile=$mydir/upper-constraints.txt
+    if [[ $CONSTRAINTS_FILE != http* ]]; then
+        CONSTRAINTS_FILE=file://$CONSTRAINTS_FILE
+    fi
+    curl $CONSTRAINTS_FILE -k -o $localfile
+    install_cmd="$install_cmd -c$localfile"
+
+    if [ $requirements_installed -eq 0 ]; then
+        echo "ALREADY INSTALLED" > /tmp/tox_install.txt
+        echo "Requirements already installed; using existing package"
+    elif [ -x "$ZUUL_CLONER" ]; then
+        export ZUUL_BRANCH=${ZUUL_BRANCH-$BRANCH}
+        echo "ZUUL CLONER" > /tmp/tox_install.txt
+        pushd $mydir
+        $ZUUL_CLONER --cache-dir \
+            /opt/git \
+            --branch $BRANCH_NAME \
+            git://git.openstack.org \
+            openstack/requirements
+        cd openstack/requirements
+        $install_cmd -e .
+        popd
+    else
+        echo "PIP HARDCODE" > /tmp/tox_install.txt
+        if [ -z "$REQUIREMENTS_PIP_LOCATION" ]; then
+            REQUIREMENTS_PIP_LOCATION="git+https://git.openstack.org/openstack/requirements@$BRANCH_NAME#egg=requirements"
+        fi
+        $install_cmd -U -e ${REQUIREMENTS_PIP_LOCATION}
+    fi
+
+    edit-constraints $localfile -- $CLIENT_NAME "-e file://$PWD#egg=$CLIENT_NAME"
+fi
+
+$install_cmd -U $*
+exit $?

tox.ini

@@ -10,7 +10,8 @@ setenv = VIRTUAL_ENV={envdir}
          LANGUAGE=en_US:en
          LC_ALL=C
 usedevelop = True
-install_command = pip install -U {opts} {packages}
+install_command =
+    {toxinidir}/tools/tox_install.sh {env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/mitaka} {opts} {packages}
 deps = -r{toxinidir}/requirements.txt
        -r{toxinidir}/test-requirements.txt
 # Delete bytecodes from normal directories before running tests.