aboutsummaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2020-03-25Add 'build' target for 'sslendpoints' projectBartek Grzybowski1-0/+5
To follow a common protocol of testing Golang based applications in CI we need a 'build' target for doing a local (non-docker) build to verify 'go build' routine. It's however not added to "all" target as that one already references docker based build by default. Change-Id: I2e380ef09a1ae18456d7288f853d085617149338 Issue-ID: SECCOM-261 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-25Reduce cyclomatic complexityPawel Wieczorek3-17/+132
Moving CSV data conversion and "expected failure" filtering away from main function made testing these features easier. Utility behaviour remained unchanged. Issue-ID: SECCOM-261 Change-Id: I4cabfc7b352434c84a613c02f44af3c9630be970 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add "expected failure" support to non-SSL NodePort scannerPawel Wieczorek2-3/+61
This patch makes scanner compatible with its shell predecessor. The same "expected failure" list format is used i.e. # Comment line; will be ignored SERVICE1 NODEPORT1 SERVICE2 NODEPORT2 Single space character is used as a field separator. Issue-ID: SECCOM-261 Change-Id: Ieedd4e98a83ffe242c695133fdf7342e17efa9a2 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Run port scanPawel Wieczorek4-2/+78
Issue-ID: SECCOM-261 Change-Id: I465282a8793191c45d288284a127e80e1fecf513 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add IP addresses filteringPawel Wieczorek3-0/+148
Each node might be described with 3 types of addresses [1]. Some providers also use node annotations [2] for assigned addresses. This patch filters out all IP addresses from nodes list. External IPs take precedence over internal ones. The first address on the extracted slice will be later used to run the scan on. This behaviour could be later modified to e.g. loop over all extracted IP addresses (if scan fails). [1] https://kubernetes.io/docs/concepts/architecture/nodes/#addresses [2] https://github.com/rancher/rke/blob/master/k8s/node.go#L18 Issue-ID: SECCOM-261 Change-Id: Ifd094447f778da378dfe1aee765f552b6ebd669f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add temporary "make" target for automated testing compatibilityPawel Wieczorek1-0/+4
Utility "sslendpoints" and related packages make use of idiomatic Go testing commands, i.e. go test [./...]. Thanks to Go Modules [1] nothing else is needed to run internal tests for this tool. Unfortunately it's not the case for all Go-based Integration tools. In order to use a single automated verification script in CI additional "make" target is required. It will provide temporary compatibility layer with utilities setting up test environment on their own with "make test" target. This patch should be reverted upon removal of such cases (currently: after dropping "../k8s/check" tool in favour of Aquasec solution). [1] https://blog.golang.org/using-go-modules (see "Adding a dependency" test execution explanation) Issue-ID: INT-1498 Change-Id: I14c83f7f193c7688590366db988ff02c13c036a4 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Add NodePorts filtering with development environment basisPawel Wieczorek11-5/+592
This patch has not made "sslendpoints" fully compatible with "check_for_nonssl_endpoints.sh" script yet. It sets up basic development environment for Golang-based checkers, though. Tool output will be added to the README after reaching full compatibility with previous (script) version. Development environment brought by this patch is heavily based on: https://github.com/SamsungSLAV/boruta Issue-ID: SECCOM-261 Change-Id: I8f035b63bea13785c40971ede5fdbbc9b6810168 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-25Increase verifiability of security checksPawel Wieczorek2-0/+45
This patch introduces a series of patches that will provide tools which will succeed current security check scripts. Its two main reasons are: * increasing tools verifiability by providing internal tests, * improving "expected failure" support by suppressing carefully selected set of special cases. Each tool will use following directory structure (generated with "tree -a --charset=ascii" command): . `-- check_module |-- Dockerfile |-- .dockerignore |-- .gitignore |-- go.mod |-- main.go |-- Makefile |-- README |-- README.rst -> README `-- submodule |-- submodule.go `-- submodule_test.go This will allow using Go Modules mechanism within its limitations [1] for "non-go-get-able modules" [2][3][4] - also in case of separating code into several modules used by multiple "check modules", e.g. . |-- common | |-- common.go | |-- common_test.go | `-- go.mod `-- check_module |-- go.mod `-- ... It would require migration from separate Dockerfiles to a single one (multi-stage), though. Provided Makefiles are intended to simplify local development (Docker-less building) and container images preparation. READMEs clarify utility requirements and usage - file without extension is for VCS reference, symlink for proper syntax rendering. [1] https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository [2] https://github.com/golang/go/wiki/Modules#can-i-work-entirely-outside-of-vcs-on-my-local-filesystem [3] https://github.com/golang/go/issues/26645#issuecomment-408572701 [4] https://www.dim13.org/go-get-cgit Issue-ID: SECCOM-261 Change-Id: I48eeeda66bd5570d249e96e101e431e6bab75cb3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-24Add the provisioning management service provider for 5G NRM CMHuang Cheng9-0/+392
Issue-ID: INT-1387 Signed-off-by: Huang Cheng <duke.huangcheng@huawei.com> Change-Id: I23bda3ec2a31569d4857b2f16b9a607c64abd9f0
2020-03-23Add script and patch to build CBA file to support PNF SW upgradeEnbo Wang9-0/+530
Change-Id: I8b0155a0a6022d7b6d172c1b46d1b7d189fcbe8a Issue-ID: INT-1210 Signed-off-by: Enbo Wang <wangenbo@huawei.com>
2020-03-20Set of fixes for pnfsimulator startupTomasz Golabek3-1/+4
* v0.7.7 of netopeer used * SSLAuthenticationHelper marked as primary bean to avoid duplicated-bean exception * spring props properly mounted into container Change-Id: Ib6bb32f32a7f60786901ffbf592b1a26b5cb1cbf Issue-ID: INT-1320 Signed-off-by: Tomasz Golabek <tomasz.golabek@nokia.com>
2020-03-19Add services with waiver to expected failures list for non-SSL endpoints testsPawel Wieczorek1-0/+6
Issue-ID: INT-1480 Change-Id: Iabd7932e0eb8f8981d064aee0f4d8c44df65a379 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-19Filter out only open non-SSL portsPawel Wieczorek1-1/+1
This patch ignores closed and filtered ports from scan results. It is intended to keep "expected failure" list minimal. Issue-ID: INT-1480 Change-Id: Idb93cf4e19284bc121aa45ea950d28405c29e222 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-14EMS simulator extension to support netconf interaction with CDSYaoguang Wang7-0/+364
Issue-ID: INT-1211 Signed-off-by: Yaoguang Wang <sunshine.wang@huawei.com> Change-Id: I5a7724e6cbfab81eeb3299c88f995c3cf9ea71ec
2020-03-12Fix regex for http xfail listmrichomme1-1/+1
in CI we got an error sed: unsupported command o due to space management in the sed command Issue-ID: INT-1480 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I44c6ecd7c47ec02b76c7932bb86de0a58726d93d
2020-03-12Unify expected failures lists naming conventionPawel Wieczorek1-1/+1
List of expected failures for non-SSL services test has not been renamed together with corresponding check script and might have been confusing. Issue-ID: INT-1480 Change-Id: I4f88a09ddb90a14500498892f1fda99e1c3febf0 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-12Add upstream services to expected failures list for non-SSL endpoints testsPawel Wieczorek1-0/+4
Issue-ID: INT-1480 Change-Id: I755a3e65897f94e3f42f27bbf798c9bcd9c2868f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-12Added python3 and Updated netopeer imagerajendrajaiswal4-5/+10
Change-Id: Ib7c21353cff267b847a4d1d7fdcb322e22772062 Issue-ID: INT-1312 Signed-off-by: rajendrajaiswal <rajendra.jaiswal@ericsson.com>
2020-03-11netconf-pnp-simulator: make PYTHONPATH always globally definedebo12-4/+359
Add IT using ncclient and tox Issue-ID: INT-1124 Change-Id: I560d4fd2468ac93f8ead36062b2e316821af8d07 Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-03-11Rename white list to xfail list to clarify the role of the listmrichomme1-1/+1
to be consistent with xfail lists introduced in security tests by Pawel Wieczorek [1] Issue-ID: INT-1435 [1]: https://gerrit.onap.org/r/c/integration/+/103444 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: I5345607931e443f3335f34823c5cd80290425a45 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-03-10Drop filtering out services recognized as HTTPPawel Wieczorek1-9/+9
This patch extends tool used to detect plain HTTP ports to report all non-SSL endpoints. Previously it omitted services not recognized as HTTP. Naming changes were made to reflect purpose of this tool better. Issue-ID: INT-1480 Change-Id: I58a152022d48121bf4b9c6180ddc820dd4a79805 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-10Add expected failures list for HTTP endpoints testsPawel Wieczorek2-11/+55
This patch is heavily based on previous work by Morgan Richomme <morgan.richomme@orange.com> (Change-Id: Ibaed4c5c0e5ae179af0ae317e543c1efdc9ddef2) It is intended to suppress failure reports on known plain HTTP endpoints. Introduced list of "expected failures" (or "xfail" for short) will be shrunk after resolving tickets related to INT-1480 and this patch will be eventually reverted. Issue-ID: INT-1480 Change-Id: I4edbf3efaf66bfa2dbe2f265983eb0a27048ed4e Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-03-10Add a white list for jdwp testsmrichomme2-42/+95
The port scanned can be the default redis port. A white list must be included to avoid false positive. Open quesiton, should this list be passed as argument? It is relatively static so for the moment, I created a list to exclude through grep -V the false positive Issue-ID: INT-1435 Signed-off-by: mrichomme <morgan.richomme@orange.com> Change-Id: Ibaed4c5c0e5ae179af0ae317e543c1efdc9ddef2 Signed-off-by: mrichomme <morgan.richomme@orange.com>
2020-03-06Fix linter issues in soutils.py vcp librabryBartek Grzybowski1-10/+10
Change-Id: I6adaa992fe9c2411025eb28edafef83b506bac29 Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-06Fix Python linting issues in Python scriptsBartek Grzybowski4-50/+46
Fixed pylint issues for categories trailing-whitespace, trailing-newlines, syntax-error, unused-import. Change-Id: Iccbdb0c9538a6b8299c0517bafa1ec1be30f07cd Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-05Fix Python linting issues in Python scriptsBartek Grzybowski8-17/+16
Fixed pylint issues for categories len-as-condition, using-constant-test, undefined-variable and reimported. Change-Id: Idad710958c3ca0ac6da78fb4709da03e5f079b34 Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-05Fix linting issues in check_for_ingress_and_nodeports.pyBartek Grzybowski1-6/+6
Change-Id: Ic0d2a32a964a4cf5ff1580ffd06103c450a0e8b0 Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-05Supress pylint warnings for undefined variablesBartek Grzybowski5-8/+8
'cmp', 'file' and 'unicode' functions are Python 2 specific. Change-Id: I30fa091ef157453a328ab40e4186c30e5ed1b3a1 Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-05Fix indentation and whitespace issues in Python scriptsBartek Grzybowski14-54/+51
Reported by pylint. Change-Id: I9d5ee152f3587bb2d7e8abee919e4ffe47d8ae85 Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-05EMS simulator extension for PNF SW UpgradeEnbo Wang19-637/+1060
Change-Id: I3a8c706373f4004850c2403f4aee0d1f28aad464 Issue-ID: INT-1208 Signed-off-by: Enbo Wang <wangenbo@huawei.com>
2020-03-04Fix pylint trailing whitespaces issues in vcpe python scriptsBartek Grzybowski5-19/+10
Change-Id: I8b1dbdb7bf5d2d12d0104dcabc200b8827b6fb8a Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-04Remove unused imports in mass-pnf-sim.pyBartek Grzybowski1-2/+0
Change-Id: Idf48efd38395afc4fcb85d42e79a26f94f59a02b Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-04Remove unused imports in vcpe python scriptsBartek Grzybowski9-26/+7
Unused imports are removed according to pylint report or ignore rules are added where applicable. Change-Id: I8c32b5c3f456f0444f8ec8980910d470b7238a7d Issue-ID: INT-1427 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-04Fixed the SSH configuration of user 'netconf'ebo8-11/+50
The actual SSH configuration is stored in Sysrepo and not as ordinary ~netconf/.ssh files. Issue-ID: INT-1124 Change-Id: I7e16e09a20ac6f2d52c8958550603935b6790283 Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-03-02Fix JSON files linter issues in test/mocks/pmsh-pnf-simBartek Grzybowski1-1/+34
This is needed prior to adding job for JSON files linting in CI. Change-Id: I7e7885840cfc51b4a556fe245fa2d69b88383216 Issue-ID: INT-1451 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-02Fix JSON files linter issues in test/hpa_automationBartek Grzybowski3-572/+509
This is needed prior to adding job for JSON files linting in CI. Change-Id: I86f68c5d25f5f521656995574bc516607f2160f4 Issue-ID: INT-1451 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-02Fix JSON files linter issues in test/mocks/datafilecollector-testharnessBartek Grzybowski12-57/+57
This is needed prior to adding job for JSON files linting in CI. Change-Id: I144873a8511f38a4336b73ac19276b213207a9fa Issue-ID: INT-1451 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-02Fix JSON files linter issues in test/mocks/emssimulatorBartek Grzybowski4-37/+37
This is needed prior to adding job for JSON files linting in CI. Change-Id: I15ae608c0b88b8eced6c9f53914bf42355c82c50 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-03-02Fix JSON files linter issues in test/mocks/mass-pnf-simBartek Grzybowski5-2404/+2711
This is needed prior to adding job for JSON files linting in CI. Change-Id: Ia71dd28061b5e84c36c81bc1432ccd39ca8cc73a Issue-ID: INT-1451 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-02Fix JSON files linter issues in test/mocks/pnfsimulatorBartek Grzybowski18-61/+68
This is needed prior to adding job for JSON files linting in CI. Change-Id: Ia5fadb693a74bc307d24c9de89131efcbb133ebe Issue-ID: INT-1451 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com>
2020-03-02Fix JSON files linter issues in test/postmanBartek Grzybowski18-9946/+9946
This is needed prior to adding job for JSON files linting in CI. Change-Id: I6dfa144478c31702f5b306d9e2dad9bf0713a0fe Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-03-02Fix JSON files linter issues in test/vcpeBartek Grzybowski14-1594/+1619
This is needed prior to adding job for JSON files linting in CI. Change-Id: I408107e0dc58648f833b8d585acf0e414882c7dc Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-28Add PNF SW Upgrade moduleebo5-0/+327
This change contains only the module for the PNF SW Upgrade use case and a sample docker-compose.yml showing how to start the new simulator with this module attached. Issue-ID: INT-1124 Change-Id: Ic4cd07a3b1020fd4b6195bf2bc9fc95e4157baaf Signed-off-by: ebo <eliezio.oliveira@est.tech>
2020-02-28Add NETCONF PNF Simulator Engineebo23-0/+872
Issue-ID: INT-1124 Signed-off-by: ebo <eliezio.oliveira@est.tech> Change-Id: Ifb50a749992cbd662d579e1cb861bd8f55b3f808
2020-02-21Fix YAML linter indentation errors in yaml filesBartek Grzybowski8-71/+71
Change-Id: I5548de0d7afb0e249ab8b6dbc93c102a2a2ac648 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-21Fix YAML files linter errors for duplicated keysBartek Grzybowski1-1/+0
Change-Id: I77bcf667d4a639b001258d026f2633fce2bfb0e6 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-21Fix YAML files linter errors for superfluous spaces/new linesBartek Grzybowski8-161/+156
Change-Id: Id2b6b0966e07104b32c98053de04bd359dfef803 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-21Fix YAML files linter errors for trailing-spaces ruleBartek Grzybowski6-185/+185
Fixed files that had trailing spaces. Change-Id: I40782bc3a934846372653a0086f1c1fe50bc02c3 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-20Fix YAML files linter errors for new-line-at-end-of-file ruleBartek Grzybowski8-8/+8
Fixed files that lacked the end of file new line. Change-Id: I552f408b88a3a529e25236b7118be3b5a5741c7e Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1451
2020-02-20Fix invalid escape sequence causing JSON validation failureBartek Grzybowski1-2/+2
Change-Id: I7f7cef9bb30ce19f21e0c8d308bfdf0a04427630 Signed-off-by: Bartek Grzybowski <b.grzybowski@partner.samsung.com> Issue-ID: INT-1437