aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2020-04-20netconf-pnp-simulator: fix sysrepod crash on TLS reconfigebo21-20/+527
The crash was caused by: - the '--permanent' option while updating the ietf-keystore by sysrepocfg - missing some Yang modules on sysrepo installation Other changes: 1. Added TLS integration tests, including reconfiguration 2. reconfigure-*.sh are now synchronous, only returnig after restart is completed Issue-ID: INT-1516 Change-Id: Iddc03fc968aaab60931596045437ba0c78448b08 Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-04-18Fix link in RST file for Scale Out docMarco Platania27-44/+63
Issue-ID: INT-1536 Signed-off-by: Marco Platania <platania@research.att.com> Change-Id: Ic16b339332033cd487cf19458464c1dc86c61d65 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-04-16Add test to verify bad API prefix handling by the serviceBartek Grzybowski2-0/+33
Functional test for verifying that the service handles bad API prefix in URI string properly and returns appropriate response to the client. Change-Id: I5e5e8a9dcd6fe05bd2b4536790d16e825aa21679 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-16Add test to verify bad MOI handling by the serviceBartek Grzybowski2-0/+30
Functional test for verifying that the service handles bad MOI class in URI string properly and returns appropriate response to the client. Change-Id: I606aaba5c400f81e8142a34f250bc249251feaf7 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-16Add test to verify unauthorized requestsBartek Grzybowski3-1/+27
Functional test for verifying that the service forbids API access with proper http code and message should the client provide wrong auth credentials. Change-Id: I78d5f050e99c23fd7116468ff007078b3cd56987 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-16Fix invalid prefix check handlingBartek Grzybowski1-20/+28
Should the URI prefix length in the request be incorrect and not contain two "/" the service would fail with "empty response" on client side due to unhandled "list index out of range" in the server process while trying to get the idName from pathlist[4] which throws IndexError. Prefix validation, id and class variable assignment are wrapped up in try-except clause to evaluate the prefix check correctly, catch the exception and return appropriate response to the client. Change-Id: If6333228fbdd3a8075ade55436c3ca9bb8a97caa Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-16Return http 404 for wrong prefix, not 401Bartek Grzybowski1-4/+8
The correct http code for wrong REST API url should be http "404 Not Found", not "401 Unauthorized". Change-Id: I78710fcd4c43926dbba3227c4099bf6239095f19 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-15Move tests to their own directoryBartek Grzybowski9-24/+30
File layout was also restructured for better readability. Change-Id: Id1cba755127319c45ec50b08d12daa543c8c9ae5 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-15Add tox runner for pytest in prov-mns-providerBartek Grzybowski2-0/+12
Pytest setup as entrypoint to gating job in CI. Change-Id: If052af0f7c8272844f644cb3789dbc3a8451c629 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-15Extend unit tests for provisioning management serviceBartek Grzybowski1-0/+25
This adds additional unit tests for the service provider for PATCH and DELETE request methods. Change-Id: If0cce9c713f2999c859910661308c24ac68f04d6 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-15Add unit tests for provisioning management serviceBartek Grzybowski1-0/+49
This adds pytest based unit tests for the service provider. Testing PUT and GET requests is covered within this patch. Change-Id: Id9bcb870b032c6fce64985a5fd501bbd44031f50 Issue-ID: INT-1529 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-15Fix rst errorsmrichomme18-70/+76
- Modify the linter to use sphinx linters (no coala bean) - Fix all broken links - fix minor rst issue - Add regex in ignore link (for ONAP URL and frankfurt doc) The rst target defined in tox will execute 3 steps: - local build of the documentation - check of the url Note 1: for the moment the Warning have not been turned into Error Note 2: frankfurt exeption shall be removed when frankfurt branch is available Issue-ID: INT-1523 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I6d7ad9d293a1b5c01f05a021d9a6f3767d04e62f Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-04-15netconf-pnp-simulator: enable NETCONF send/recv message loggingebo20-77/+717
to aid troubleshooting integration with OpenDaylight - Add more integration tests - Defaults to generic subscriber Issue-ID: INT-1516 Change-Id: Ib5bbf4cdbba6cdfee901f6c07dfa195a21cd8bbb Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-04-15Upgrade netconf-pnp-simulator image tag to 2.8.2Bartek Grzybowski4-4/+4
Change-Id: I430b3c8743d103f5e4bb6396a151495cc31843d6 Issue-ID: INT-1508 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-14Fix integration markdown errors for lintermrichomme19-364/+371
Issue-ID: INT-1523 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I2be0865395b12e1f277834b0c096f5d183cb5056 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-04-14netconf-pnp-simulator: normalized image referenceebo2-4/+2
Required change for the forthcoming fix on tox execution in ci-management/jjb/integration/integration-docker.yaml Issue-ID: INT-1124 Change-Id: I70c3351e5cf691a9eaeb7b49ec276d825016e0fa Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-04-14netconf-pnp-simulator: fix invalid ref to libssh v0.8.8ebo2-6/+5
This version was upgraded to 0.8.9 on 2020-04-09. Fortunately the new 0.9.4 fixes the bug that was forcing us to use the old 0.8.x Issue-ID: INT-1124 Change-Id: I6dacac8925af047d2e5342a76da6eb221074ddd9 Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-04-10WIP: Add rst and md linters in toxmrichomme2-1/+28
Issue-ID: INT-1523 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: Ifcce4fa5985df52fd66414f5842f50e21a79006a Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-04-10Update A1 Adaptor section to user guideDongho Kim2-0/+56
Change-Id: I6b1d1173bcb2c9e190584445fde561b204e8664c Signed-off-by: Dongho Kim <dk5913@att.com> Issue-ID: INT-1503
2020-04-10remove CLI from https xfail listmrichomme1-2/+0
Even if CLI got a NO GO for frankfurt, docker update is planned to fix security issues for frankfurt As a consequence, CLI must be removed from the xfail list Issue-ID: INT-1480 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I78dccd2bdabe05515ff8ab64d30e9e5d6f97e74b
2020-04-10Update pnf-sw-upgrade module to latest engine v2.8.1ebo4-12/+13
- Using loguru to follow new recommend standard - Renamed Yang model filename to comply with https://tools.ietf.org/html/rfc6020#section-5.2 - Renamed initialization data to reflect the target datastore Issue-ID: INT-1516 Signed-off-by: ebo <eliezio.oliveira@est.tech> Change-Id: Ifde9e832b6a308dc918e3a84e03bfd43ad0f9b63
2020-04-09Automation adds docs_postman.rstAric Gardner1-1/+1
Issue-ID: CIMAN-376 Signed-off-by: Jessica Wagantall <jwagantall@linuxfoundation.org> Change-Id: I253073cc5d5a589b4225a489906588cedd8c49e3
2020-04-09Remove orphaned entry for pnfsimulator from Coala configBartek Grzybowski1-2/+0
Change-Id: Ib506dbc82e86ec02f8b1b118c3b9dfcf3209e7c2 Issue-ID: INT-1517 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-09Remove old PNF simulatorBartosz Gardziejewski238-16902/+0
Issue-ID: INT-1517 Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> Change-Id: I235b0fdf12b265a256c371126e218826e74a9133
2020-04-08Automation adds release-notes.rstLF Jenkins CI1-0/+1
Add _release_notes hook to allow automation. Fix non valid release notes characters in content. Issue-ID: CIMAN-376 Change-Id: If2f0b5ae09d97a282d9acfd3c32971148d674a79 Signed-off-by: lf-jobbuilder <releng+lf-jobbuilder@linuxfoundation.org>
2020-04-08Automation adds index.rstLF Jenkins CI1-0/+1
Issue-ID: CIMAN-376 Change-Id: I1d2fc58d6f559471fffeb23c398d9903923d2eeb Signed-off-by: lf-jobbuilder <releng+lf-jobbuilder@linuxfoundation.org>
2020-04-08netconf-pnp-simulator: convenient TLS and SSH configurationebo25-485/+936
- Simple SSH and TLS configuration. Instead of specific Netopeer2 XML configuration files, the user only needs to provide: For SSH: id_XXX.pub For TLS: server_key.pem, server_cert.pem, and ca.pem - SSH and TLS can be reconfigured at runtime by running /opt/bin/reconfigure-ssh.sh and /opt/bin/reconfigure-tls.sh respectively - Improved log readability by using zlog (on C applications) and loguru for Python See the updated documentation under ../docs for more information. Issue-ID: INT-1516 Change-Id: I21052d2524f0610c6197875a544113cce1a02787 Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-04-06Remove deprecated options from virtualenv invocationBartek Grzybowski2-3/+3
--no-site-packages and --distribute are marked DEPRECATED and retained only for backward compatibility so removing. Change-Id: I3cc66b5c09363d5b982537cc28b8f66609743121 Issue-ID: INT-1508 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-03Add docs for PNF Software upgradewangyaoguang2-4/+54
It contains documentation for two sub-scenarios of PNF Software upgrade, enhancement on PNF SW upgrade using ansible and with netconf/yang interface with EM. Issue-ID: INT-1209 Signed-off-by: wangyaoguang <sunshine.wang@huawei.com> Change-Id: I6e1ad2464d9f0d607d5f7f14d8fb1c51afc90814
2020-04-02Update SO and VID docker versionMarco Platania1-11/+11
Issue-ID: INT-1462 Signed-off-by: Marco Platania <platania@research.att.com> Change-Id: I49d3fc837e58c9e2f8b879c04c84317e8bd320ba
2020-04-02add docs for 5G NRM Configurationwangyaoguang2-0/+43
Documentation for 5G NRM CM Issue-ID: INT-1514 Signed-off-by: wangyaoguang <sunshine.wang@huawei.com> Change-Id: I56b579abaf18897961b1eefa4aa4b8490979bf87
2020-04-02Upgrade netconf-pnp-simulator tag to 2.6.2 for netconf-pnp-pmshBartek Grzybowski1-1/+1
Tag 2.6.1 is no longer available. Change-Id: I5a2cb51d21b4c6d75aff387e87976ede184a92b2 Issue-ID: INT-1508 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-04-01Update SDC and Portal docker image versionMarco Platania1-12/+12
Issue-ID: INT-1462 Signed-off-by: Marco Platania <platania@research.att.com> Change-Id: Ib50de36def25dd4b4330c8a5bcccf453b767efe8
2020-04-01Upgrade netconf-pnp-simulator tag to 2.6.2 for ems-netconf-swmBartek Grzybowski1-1/+1
Tag 2.6.1 is no longer available. Change-Id: Ia2ce3f2d1d25e5f941cd2b49ed213445960e8a04 Issue-ID: INT-1508 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-31Grant a waiver for SO 30277Krzysztof Opasiak1-0/+2
As discussed during SECCOM call on 31.03.2020 SO team pushed hard to finialize AAF integration in F but failed due to AAF issues. Per TSC decision they should be granted a waiver as a project which has been impacted by AAF Issue-ID: OJSI-138 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I46028f2d3de80f5ca7dc274cf6af26000b766f32
2020-03-31fix integration doc warningmrichomme12-198/+197
Issue-ID: INT-1490 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I9153da660ae469c0bd3ed51cfebd912b6e4b9bf2 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-03-30Update BBS use case documentationPérez Caparrós David, INI-ONE-MBL-MEE2-121/+81
BBS use case documentation needs additional updates in Frankfurt release Issue-ID: INT-1444 Signed-off-by: Pérez Caparrós David, INI-ONE-MBL-MEE <David.PerezCaparros@swisscom.com> Change-Id: I5d44898f4e7d7d628181a0140b7b13d8b57a8170
2020-03-27Set SKIP_LINT=TRUE to speed up installationMarco Platania1-1/+1
Issue-ID: OOM-2335 Signed-off-by: Marco Platania <platania@research.att.com> Change-Id: I803781947a9fe84e153cdbd6f94d9f21b8bcdb6f
2020-03-25[INT-1450] : Documentation of PNF Software UpgradeDarraghEgan2-3/+11
This contains documentation for PNF Software Upgrade using Ansible protocol with EM Issue-ID: INT-1450 Signed-off-by: Darragh Egan <darragh.egan@est.tech> Change-Id: Ib5385e690c9f6cff7fc2b2251181054dacba777f
2020-03-25[INT-1450] : Documentation of PNF Software UpgradeDarraghEgan1-0/+8
This contains documentation for PNF Software Upgrade using Netconf/Yang interface with EM Issue-ID: INT-1450 Signed-off-by: Darragh Egan <darragh.egan@est.tech> Change-Id: I8a225b5a4b08de2004ff327148fadfff8976c5de
2020-03-25Add 'build' target for 'sslendpoints' projectBartek Grzybowski1-0/+5
To follow a common protocol of testing Golang based applications in CI we need a 'build' target for doing a local (non-docker) build to verify 'go build' routine. It's however not added to "all" target as that one already references docker based build by default. Change-Id: I2e380ef09a1ae18456d7288f853d085617149338 Issue-ID: SECCOM-261 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-25corrected the hardcoded DB pod-namesandreasgeissler1-3/+3
Issue-ID: INT-1484 Signed-off-by: andreasgeissler <andreas-geissler@telekom.de> Change-Id: I7f1670a79db751087f722a1196e2de23448f7a2a
2020-03-25Reduce cyclomatic complexityPawel Wieczorek3-17/+132
Moving CSV data conversion and "expected failure" filtering away from main function made testing these features easier. Utility behaviour remained unchanged. Issue-ID: SECCOM-261 Change-Id: I4cabfc7b352434c84a613c02f44af3c9630be970 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add "expected failure" support to non-SSL NodePort scannerPawel Wieczorek2-3/+61
This patch makes scanner compatible with its shell predecessor. The same "expected failure" list format is used i.e. # Comment line; will be ignored SERVICE1 NODEPORT1 SERVICE2 NODEPORT2 Single space character is used as a field separator. Issue-ID: SECCOM-261 Change-Id: Ieedd4e98a83ffe242c695133fdf7342e17efa9a2 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Run port scanPawel Wieczorek4-2/+78
Issue-ID: SECCOM-261 Change-Id: I465282a8793191c45d288284a127e80e1fecf513 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add IP addresses filteringPawel Wieczorek3-0/+148
Each node might be described with 3 types of addresses [1]. Some providers also use node annotations [2] for assigned addresses. This patch filters out all IP addresses from nodes list. External IPs take precedence over internal ones. The first address on the extracted slice will be later used to run the scan on. This behaviour could be later modified to e.g. loop over all extracted IP addresses (if scan fails). [1] https://kubernetes.io/docs/concepts/architecture/nodes/#addresses [2] https://github.com/rancher/rke/blob/master/k8s/node.go#L18 Issue-ID: SECCOM-261 Change-Id: Ifd094447f778da378dfe1aee765f552b6ebd669f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add temporary "make" target for automated testing compatibilityPawel Wieczorek1-0/+4
Utility "sslendpoints" and related packages make use of idiomatic Go testing commands, i.e. go test [./...]. Thanks to Go Modules [1] nothing else is needed to run internal tests for this tool. Unfortunately it's not the case for all Go-based Integration tools. In order to use a single automated verification script in CI additional "make" target is required. It will provide temporary compatibility layer with utilities setting up test environment on their own with "make test" target. This patch should be reverted upon removal of such cases (currently: after dropping "../k8s/check" tool in favour of Aquasec solution). [1] https://blog.golang.org/using-go-modules (see "Adding a dependency" test execution explanation) Issue-ID: INT-1498 Change-Id: I14c83f7f193c7688590366db988ff02c13c036a4 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add NodePorts filtering with development environment basisPawel Wieczorek11-5/+592
This patch has not made "sslendpoints" fully compatible with "check_for_nonssl_endpoints.sh" script yet. It sets up basic development environment for Golang-based checkers, though. Tool output will be added to the README after reaching full compatibility with previous (script) version. Development environment brought by this patch is heavily based on: https://github.com/SamsungSLAV/boruta Issue-ID: SECCOM-261 Change-Id: I8f035b63bea13785c40971ede5fdbbc9b6810168 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Increase verifiability of security checksPawel Wieczorek2-0/+45
This patch introduces a series of patches that will provide tools which will succeed current security check scripts. Its two main reasons are: * increasing tools verifiability by providing internal tests, * improving "expected failure" support by suppressing carefully selected set of special cases. Each tool will use following directory structure (generated with "tree -a --charset=ascii" command): . `-- check_module |-- Dockerfile |-- .dockerignore |-- .gitignore |-- go.mod |-- main.go |-- Makefile |-- README |-- README.rst -> README `-- submodule |-- submodule.go `-- submodule_test.go This will allow using Go Modules mechanism within its limitations [1] for "non-go-get-able modules" [2][3][4] - also in case of separating code into several modules used by multiple "check modules", e.g. . |-- common | |-- common.go | |-- common_test.go | `-- go.mod `-- check_module |-- go.mod `-- ... It would require migration from separate Dockerfiles to a single one (multi-stage), though. Provided Makefiles are intended to simplify local development (Docker-less building) and container images preparation. READMEs clarify utility requirements and usage - file without extension is for VCS reference, symlink for proper syntax rendering. [1] https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository [2] https://github.com/golang/go/wiki/Modules#can-i-work-entirely-outside-of-vcs-on-my-local-filesystem [3] https://github.com/golang/go/issues/26645#issuecomment-408572701 [4] https://www.dim13.org/go-get-cgit Issue-ID: SECCOM-261 Change-Id: I48eeeda66bd5570d249e96e101e431e6bab75cb3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-24misnaming of pap componentjhh1-1/+1
Issue-ID: POLICY-2296 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I3addd7de51fa2ca4b1e76e95a9f0e91d1e1ca3e9 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>