aboutsummaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2019-07-31k8s: Make operator machine destruction gracefulPawel Wieczorek1-0/+5
Issue-ID: SECCOM-235 Change-Id: I9913d9a8f525b4b9582bf821008dd567258a719c Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-31k8s: Add post-up message for actual cluster creationPawel Wieczorek1-0/+4
Issue-ID: SECCOM-235 Change-Id: I8f9d4362da50a8b3f2aa1baf3633d818da2ed3a5 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-30Issue-ID: INT-1178Rene_Robert12-1860/+4393
updated Postman collection for Dublin Signed-off-by: Rene_Robert <rene.robert@orange.com> Change-Id: I94b9180e86b96f75780854211da67d85acc90d48
2019-07-29k8s: Allow Dublin cluster creation using RKEPawel Wieczorek2-6/+75
This patch adds sample cluster.yml which is based on Dublin cluster configuration file [1]. Main difference is in avoiding repetition by using anchors and alias nodes. Actual cluster creation provisioner is disabled by default because 'control' and 'worker' nodes might not be ready yet. [1] https://docs.onap.org/en/dublin/_downloads/27934fe702048777f312d77dc30cd05a/cluster.yml Issue-ID: SECCOM-235 Change-Id: Ibba0e754ba87e334cdaa61de83e48107f91083d9 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Extract hardcoded synced folder for dotfilesPawel Wieczorek1-4/+13
Issue-ID: SECCOM-235 Change-Id: I85efb88476cb1d6bfaee44b6bcd6275477e77ba5 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Use named provisionersPawel Wieczorek1-11/+11
This not only makes testing easier, but also allows better control over VM provisioning after its creation. Issue-ID: SECCOM-235 Change-Id: I29ab3ed46976267e1043c2f61f56578f2c5d7a57 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Add simple logging to provisioning scriptsPawel Wieczorek1-1/+9
Issue-ID: SECCOM-235 Change-Id: Iaeb4b3e621f09ea14b9576126223e4df4b8682f3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Unify provisioning scriptsPawel Wieczorek1-11/+19
This patch: * removes remaining string interpolation (for future script reuse), * makes DNS replacement provisioner always run. This way VM definition is more concise and resilient. Issue-ID: SECCOM-235 Change-Id: I382dae5e256b46577c4c8af3aa45ab4d64d1b2b9 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Remove repetition from provisioning scriptsPawel Wieczorek1-2/+7
Issue-ID: SECCOM-235 Change-Id: If286ba074ee74c43705197a30c50322d5162e6fc Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Remove hardcoded password for 'vagrant' userPawel Wieczorek1-6/+19
Password for 'vagrant' user is now passed through exported environmental variable. This patch also: * removes the assumption of having 'vagrant' user on cluster nodes (for future scripts reuse), * removes mixed string interpolation and passing shell variables, * replaces '~' with '$HOME' for proper substitiution. Issue-ID: SECCOM-235 Change-Id: Id9e7b6acccd902de4c414cd8a0f095ac135fee5a Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-26k8s: Silence download utilitiesPawel Wieczorek3-0/+21
This patch intends to make virtual environment creation logs more readable. Parameters were chosen in a way errors will still be shown the operator. This patch might also prove itself useful in other virtual environment creation tools such as 'devtool' [1] (unless maintainers insist on having full logs). [1] https://git.onap.org/integration/devtool Issue-ID: SECCOM-235 Change-Id: I5e07b1b1ed37d36470c18ba0cfe653e40eff300b Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-24k8s: Change virtual environment utility scripts privilege requirementsPawel Wieczorek2-4/+37
This patch also extends in-file comment on scripts' requirements and suggested usage. Issue-ID: SECCOM-235 Change-Id: I0dddbad79fb3392ffe35c3e06d4006cd499d9923 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-24k8s: Add "vagrant" user to "docker" group in virtual environmentPawel Wieczorek1-0/+2
Node customization scripts do that for "ubuntu" user only (added by default on OpenStack images). Vagrant boxes use "vagrant" user [1] instead. [1] https://www.vagrantup.com/docs/boxes/base.html#quot-vagrant-quot-user Issue-ID: SECCOM-235 Change-Id: Ic4f832aa9a37230503e3c5bd29f8ae5fcd3883db Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-22Get rid of binary files in pnfsimulator repoPiotr Darosz3-3/+8
Remove usage of binary files in pnfsimulator vcs Issue-ID: INT-1134 Signed-off-by: Piotr Darosz <piotr.darosz@nokia.com> Change-Id: I23b8f01a099b7e80542d258b2e0bcd34742d3684
2019-07-21k8s: Add virtual environment for DublinPawel Wieczorek5-0/+164
Default cluster nodes customization scripts were extracted in the same manner as those for Casablanca release [1]. Constraints still apply. [1] SHA-1: ea8bc1a719a36c89e7eae42080b1835e5ef0c28d (Change-Id: I57f9f3caac0e8b391e9ed480f6bebba98e006882) Issue-ID: SECCOM-235 Change-Id: I54ada5fade3b984dedd1715f20579e3ce901faa3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-21k8s: Extract all remaining hardcoded constantsPawel Wieczorek1-2/+5
Vagrant VM definition no longer contains hardcoded values in cluster definition. Issue-ID: SECCOM-235 Change-Id: Id9f2d9878a7d788a62d5a12ccd47dfafe9f39fe3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-19k8s: Replace default DNS to work in corporate networksPawel Wieczorek1-0/+3
Default DNS addresses used in "generic/ubuntu1604" box (4.2.2.1, 4.2.2.2, 208.67.220.220) might not work properly in corporate environment. To deal with this, host machine DNS configuration can be used instead. Issue-ID: SECCOM-235 Change-Id: Ic8a5553f01989e1a2b00228fa0449a680f11d452 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-19Opensourcing new version of SimulatorWojciech Sliwka304-6349/+19706
Additional info in README.md Issue-ID: INT-1134 Signed-off-by: Wojciech Sliwka <wojciech.sliwka@nokia.com> Change-Id: I06d41fd3f361b7a451b30b702882810e4136a129
2019-07-19SDC alignment SOL004 2.6.1bilal.iqbal1-1/+1
Updating TOSCA.meta metadata Created-by key to Created-By Issue-ID: SDC-2402 Change-Id: I15ce47d3d97b5809ad5baa34a366c0d10333cb00 Signed-off-by: bilal.iqbal <bilal.iqbal@est.tech>
2019-07-17modify the configuration in consul for dfcYongchaoWu10-116/+240
modify the configuration in consul in order to support dfc to fetch the merged configuration Issue-ID: INT-1155 Change-Id: I6d73987183851ed38225796c9f426a1010376fd3 Signed-off-by: YongchaoWu <yongchao.wu@est.tech>
2019-07-17Added support for Consul/CBS and multiple DFCsBjornMagnussonXA83-1555/+5628
Issue-ID: INT-1155 Change-Id: I3c1ed2f6072655c4396e406ddfd490d3786fe4d6 Signed-off-by: BjornMagnussonXA <bjorn.magnusson@est.tech>
2019-07-16Update NBI Postman based on changes in Dublin Releaseaosull011-58/+4
Issue-ID: EXTAPI-245 Signed-off-by: aosull01 <adrian.osullivan@huawei.com> Change-Id: Ia60be462bf4980b341f54ad9797640dba549db91
2019-07-15k8s: Fix mismatching names in Rancher CLI downloaderPawel Wieczorek1-1/+1
Issue-ID: SECCOM-235 Change-Id: Iab0086634bcfaba772852352c72e03a3d6833801 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-15k8s: Move release-specific files to separate directoryPawel Wieczorek5-3/+3
Kubernetes cluster deployment procedure changed with Dublin release (Rancher to RKE). In order to prepare for further adjustments, incompatible content will be moved to separate directories. Once Casablanca becomes obsolete (by the time of El Alto), files specific to that release will be removed completely. Issue-ID: SECCOM-235 Change-Id: Iaa0fc2f6ad330ec09dcfdf8a2d27b8a4dc433a0f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-11Mass PNF-sim unique VSFTPD PASV portsTamasBakai4-11/+30
Issue-ID: DCAEGEN2-1660 Change-Id: Ib742755f6a924ee9c5babe8e411311e7fe0e6802 Signed-off-by: TamasBakai <tamas.bakai@est.tech>
2019-07-08k8s: Make convenience targets CI-friendlyPawel Wieczorek1-2/+2
Previously "clean" target failed if there were no build artifacts. Now their absence is ignored. Issue-ID: SECCOM-235 Change-Id: I47beb2754a893e8b7453611116b4da2e516cca90 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add tests for API server validatorsPawel Wieczorek4-1/+194
This patch also adds convenience target to the Makefile and updates documentation on relevant dependencies. Issue-ID: SECCOM-235 Change-Id: I57e00af3cd4c60af3128e3094607cc61bc1e5dbe Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Relax kublet HTTPS connection requirementPawel Wieczorek2-6/+7
According to kube-apiserver documentation [1] and CIS guideline 1.1.4 option "--kubelet-https=" might be absent in API server configuration. It has secure configuration (being set to "true") by default. [1] https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ Issue-ID: SECCOM-235 Change-Id: I604cdcace03f65185aab6a0b34d48cfec94277ab Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Make Rancher CLI provisioner configurablePawel Wieczorek1-5/+20
Apparently Linux AMD64 machines are not the only ones used for ONAP development (author meant no harm). Issue-ID: SECCOM-235 Change-Id: Ia78a02fb82dc5752d6b8fd2cef8e6ef583fd3ca6 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Make Rancher CLI provisioner reusablePawel Wieczorek2-9/+14
Having Rancher CLI proves itself useful on development machines as well. Issue-ID: SECCOM-235 Change-Id: I0de3109e1236cf6dc9cbc825342593041dcfdf2c Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add Rancher CLI to test environmentPawel Wieczorek1-0/+9
Issue-ID: SECCOM-235 Change-Id: I46e2f8d61c3a82613b665fb6d9b57431bb2a1868 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add virtual environment for testingPawel Wieczorek4-0/+143
This patch adds simplified ONAP deployment environment (Kubernetes cluster managed by Rancher). Its purpose is to provide cluster defaults for inspection without the need to access actual ONAP application deployment. Default node customization scripts were extracted ("tools/get_customization_scripts.sh" run within "tools/imported/" directory) from official documentation [1] and imported here in order not to introduce runtime online dependencies. This environment should probably be migrated in future to more appropriate place like devtool [2] (or at least use the same Vagrant boxes). [1] https://docs.onap.org/en/casablanca/submodules/oom.git/docs/oom_setup_kubernetes_rancher.html [2] https://git.onap.org/integration/devtool Issue-ID: SECCOM-235 Change-Id: I57f9f3caac0e8b391e9ed480f6bebba98e006882 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Validate API server address and port flagsPawel Wieczorek2-2/+37
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.6 and 1.1.7). Issue-ID: SECCOM-235 Change-Id: I5f215a6642b177e85d7e1c70860ba0c7e558ec4e Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Validate API server boolean flagsPawel Wieczorek2-1/+107
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.1 - 1.1.5, 1.1.8, 1.1.9, 1.1.20 and 1.1.23). Issue-ID: SECCOM-235 Change-Id: Ib964b5111b616a891c3963ef9695af660810e8ba Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add documentation on runtime dependenciesPawel Wieczorek1-0/+12
Issue-ID: SECCOM-235 Change-Id: I370636220151a5755f467055418f866afe11d5d9 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-26Clean up vCPE scriptYang Xu8-71/+23
Signed-off-by: Yang Xu <yang.xu@futurewei.com> Issue-ID: INT-847 Change-Id: I1158442cd73c6e0d943e9cc111cb12dae1381d36
2019-06-24k8s: Obtain relevant information from RancherPawel Wieczorek2-0/+95
This patch introduces Rancher queries using its CLI client. It depends on having utility binary located in PATH and providing configuration file prior first use. Issue-ID: SECCOM-235 Change-Id: Idb011e27b4801c5700b4482656463849736298da Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-21Move teardown script to RKE script directoryGary Wu1-126/+1
Also rename various Integration tenants Issue-ID: INT-1117 Signed-off-by: Gary Wu <gary.wu@futurewei.com> Change-Id: I7422088bdcb9ae8fbbf76bab0517f466d1279df3
2019-06-20k8s: Add basic structure for validation toolPawel Wieczorek5-0/+58
This patch introduces CLI utility for checking if Kubernetes cluster follows security recommendations. Provided Makefile simplifies setup process by setting appropriate environment variables for the build. Further information can be found in README. Provided symlink allows proper document rendering on VCS hosting site. Issue-ID: SECCOM-235 Change-Id: I4a1337c9834322ee4fd742a9ccb979b9bc505f75 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-13Improve vCPE test automationYang Xu5-6/+27
Signed-off-by: Yang Xu <yang.xu@futurewei.com> Issue-ID: INT-847 Change-Id: Ib5b0a547f1c228de4cee02f3526401028c10bff0
2019-06-10ONAP audit script detailing pods, docker images, tags and digestsAndyWalshe1-0/+236
Change-Id: Ia8d369c978f3d1da0e98af91415cc50cd36b03a2 Issue-ID: INT-1101 Signed-off-by: AndyWalshe <andy.walshe@est.tech>
2019-06-06Fixed Bugs in automtion scriptItohan2-3/+14
Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I45e5e09940378c8223ae36b8af3fc5e1b8b836bc
2019-06-04Add help informationHaibin Huang5-44/+289
Issue-ID: INT-795 Change-Id: If06ef6faa69c942385e4fa1c15eb8f25c3d19f40 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-06-03Modified hpa automation scriptItohan2-17/+63
Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I931289fffa5b9821259eff6f015adf3dd414aef8
2019-05-29Modified hpa_automation.py scriptItohan11-32/+269
-Added more files required to run this script -Added a README file -Added sample hpa polices Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I5c77924863a9517ecaf7caaeb860c3c113a7b9d2
2019-05-29Search endpoint script fail silentlyLucjan Bryndza1-0/+11
When nmap or other commands are not installed on the system script fail silently without any information Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Change-Id: I599b987e223f88617aefa2c0de6cdcbbf3ff50b7 Issue-ID: SECCOM-231
2019-05-23Automatically add default policiesHaibin Huang6-16/+40
Change-Id: I38fcd336e7eca90264590d4174c8cf65e89c60a1 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-22Add Policy model automationHaibin Huang1-37/+105
Change-Id: I127063df8261859b1a0f11a57e49ce3d337afcf5 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-22Add SDC automatioinHaibin Huang2-7/+217
Attention, maybe you can't use it because we call internal SDC API SDC PTL said that they will change internal SDC API without any notice. Change-Id: Ic1a34bb6f9d3a879f8d5580c803431059ca43c26 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-21Add automately upload packageHaibin Huang2-34/+125
Change-Id: I778bfd0b12afd929066a7dc5ccd8bcc5c1e0dafe Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>