Import upstream component version inspection tool

This patch adds utility to check versions of binaries available in Docker containers run on Kubernetes cluster. It has been contributed by: kkkk-k <kkkk.k@samsung.com> Several minor changes were made to comply with ONAP CI linter rules. Issue-ID: INT-1571 Change-Id: Id0e4b557212dec1bf8d2bac580968d69e2cf5595 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
author: Pawel Wieczorek <p.wieczorek2@samsung.com> 2020-07-16 16:15:06 +0200
committer: Pawel Wieczorek <p.wieczorek2@samsung.com> 2020-07-28 15:06:43 +0200
commit: 30e199a70b32a6256c2a148eec870800ef1fbefc (patch)
tree: 148c814d55b920f04a1fa0ce5f4a68896f51ef6f /test/security/check_versions/env
parent: 3301d5325c59d3e721fd2ec341318c5a0ede0b0c (diff)
6 files changed, 224 insertions, 0 deletions
diff --git a/test/security/check_versions/env/Vagrantfile b/test/security/check_versions/env/Vagrantfile
new file mode 100644
index 000000000..28abbc504
--- /dev/null
+++ b/test/security/check_versions/env/Vagrantfile
@@ -0,0 +1,35 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+Vagrant.configure("2") do |config|
+	
+	config.vm.provider :libvirt do |libvirt|
+		libvirt.default_prefix = "k8s_bin_versions_inspector";
+		libvirt.driver         = "kvm";
+		libvirt.cpus           = 6;
+		libvirt.memory         = 12288;
+	end
+	
+	config.vm.box = "generic/ubuntu1804";
+	config.vm.hostname = "k8s-bin-versions-inspector";
+	config.vm.synced_folder ".",  "/vagrant", disabled: true;
+	config.vm.synced_folder "..", "/home/vagrant/k8s_bin_versions_inspector", type: :sshfs;
+	
+	config.vm.provision "shell", inline: <<-end
+		export DEBIAN_FRONTEND=noninteractive &&\
+		apt-get update &&\
+		apt-get upgrade -y &&\
+		apt-get dist-upgrade -y &&\
+		apt-get install -y python3 python3-pip snap git vim net-tools htop &&\
+		pip3 install --system -r /home/vagrant/k8s_bin_versions_inspector/env/requirements-dev.txt &&\
+		snap install --classic microk8s &&\
+		usermod -a -G microk8s vagrant
+	end
+	config.vm.provision :reload;
+	config.vm.provision "shell", privileged: false, inline: <<-end
+		microk8s reset &&\
+		microk8s config > /home/vagrant/.kube/config &&\
+		microk8s kubectl apply -f /home/vagrant/k8s_bin_versions_inspector/env/configuration
+	end
+end
+
diff --git a/test/security/check_versions/env/configuration/namespaces.yaml b/test/security/check_versions/env/configuration/namespaces.yaml
new file mode 100644
index 000000000..f300cc7da
--- /dev/null
+++ b/test/security/check_versions/env/configuration/namespaces.yaml
@@ -0,0 +1,45 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: ingress-nginx
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-ingress-nginx
+  namespace: ingress-nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-ingress-nginx
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-ingress-nginx
+    spec:
+      containers:
+      - name: echo-server
+        image: jmalloc/echo-server
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-kube-system
+  namespace: kube-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-kube-system
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-kube-system
+    spec:
+      containers:
+      - name: echo-server
+        image: jmalloc/echo-server
diff --git a/test/security/check_versions/env/configuration/terminated.yaml b/test/security/check_versions/env/configuration/terminated.yaml
new file mode 100644
index 000000000..dd6ce829d
--- /dev/null
+++ b/test/security/check_versions/env/configuration/terminated.yaml
@@ -0,0 +1,17 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-terminated
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-terminated
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-terminated
+    spec:
+      containers:
+      - name: python
+        image: python
diff --git a/test/security/check_versions/env/configuration/versions.yaml b/test/security/check_versions/env/configuration/versions.yaml
new file mode 100644
index 000000000..75b7f7b85
--- /dev/null
+++ b/test/security/check_versions/env/configuration/versions.yaml
@@ -0,0 +1,112 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-python-jupyter
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-python-jupyter
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-python-jupyter
+    spec:
+      containers:
+      - name: jupyter
+        image: jupyter/base-notebook
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-python-jupyter-old
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-python-jupyter-old
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-python-jupyter-old
+    spec:
+      containers:
+      - name: jupyter-old
+        image: jupyter/base-notebook:ff922f8f533a
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-python-stderr-filebeat
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-python-stderr-filebeat
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-python-stderr-filebeat
+    spec:
+      containers:
+      - name: filebeat
+        image: docker.elastic.co/beats/filebeat:5.5.0
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-java-keycloak
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-java-keycloak
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-java-keycloak
+    spec:
+      containers:
+      - name: keycloak
+        image: jboss/keycloak
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-java-keycloak-old
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-java-keycloak-old
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-java-keycloak-old
+    spec:
+      containers:
+      - name: keycloak-old
+        image: jboss/keycloak:8.0.0
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kbvi-test-java-keycloak-very-old
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kbvi-test-java-keycloak-very-old
+  template:
+    metadata:
+      labels:
+        app: kbvi-test-java-keycloak-very-old
+    spec:
+      containers:
+      - name: keycloak-very-old
+        image: jboss/keycloak:2.0.0.Final
diff --git a/test/security/check_versions/env/requirements-dev.txt b/test/security/check_versions/env/requirements-dev.txt
new file mode 100644
index 000000000..1ced42c04
--- /dev/null
+++ b/test/security/check_versions/env/requirements-dev.txt
@@ -0,0 +1,9 @@
+cerberus
+dataclasses
+kubernetes
+pyyaml
+tabulate
+black
+pylint
+pytest
+
diff --git a/test/security/check_versions/env/requirements.txt b/test/security/check_versions/env/requirements.txt
new file mode 100644
index 000000000..e81358f72
--- /dev/null
+++ b/test/security/check_versions/env/requirements.txt
@@ -0,0 +1,6 @@
+cerberus
+dataclasses
+kubernetes
+pyyaml
+tabulate
+
author	Pawel Wieczorek <p.wieczorek2@samsung.com>	2020-07-16 16:15:06 +0200
committer	Pawel Wieczorek <p.wieczorek2@samsung.com>	2020-07-28 15:06:43 +0200
commit	30e199a70b32a6256c2a148eec870800ef1fbefc (patch)
tree	148c814d55b920f04a1fa0ce5f4a68896f51ef6f /test/security/check_versions/env
parent	3301d5325c59d3e721fd2ec341318c5a0ede0b0c (diff)