aboutsummaryrefslogtreecommitdiffstats
path: root/test
AgeCommit message (Collapse)AuthorFilesLines
2019-07-15k8s: Move release-specific files to separate directoryPawel Wieczorek5-3/+3
Kubernetes cluster deployment procedure changed with Dublin release (Rancher to RKE). In order to prepare for further adjustments, incompatible content will be moved to separate directories. Once Casablanca becomes obsolete (by the time of El Alto), files specific to that release will be removed completely. Issue-ID: SECCOM-235 Change-Id: Iaa0fc2f6ad330ec09dcfdf8a2d27b8a4dc433a0f Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-11Mass PNF-sim unique VSFTPD PASV portsTamasBakai4-11/+30
Issue-ID: DCAEGEN2-1660 Change-Id: Ib742755f6a924ee9c5babe8e411311e7fe0e6802 Signed-off-by: TamasBakai <tamas.bakai@est.tech>
2019-07-08k8s: Make convenience targets CI-friendlyPawel Wieczorek1-2/+2
Previously "clean" target failed if there were no build artifacts. Now their absence is ignored. Issue-ID: SECCOM-235 Change-Id: I47beb2754a893e8b7453611116b4da2e516cca90 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add tests for API server validatorsPawel Wieczorek4-1/+194
This patch also adds convenience target to the Makefile and updates documentation on relevant dependencies. Issue-ID: SECCOM-235 Change-Id: I57e00af3cd4c60af3128e3094607cc61bc1e5dbe Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Relax kublet HTTPS connection requirementPawel Wieczorek2-6/+7
According to kube-apiserver documentation [1] and CIS guideline 1.1.4 option "--kubelet-https=" might be absent in API server configuration. It has secure configuration (being set to "true") by default. [1] https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/ Issue-ID: SECCOM-235 Change-Id: I604cdcace03f65185aab6a0b34d48cfec94277ab Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Make Rancher CLI provisioner configurablePawel Wieczorek1-5/+20
Apparently Linux AMD64 machines are not the only ones used for ONAP development (author meant no harm). Issue-ID: SECCOM-235 Change-Id: Ia78a02fb82dc5752d6b8fd2cef8e6ef583fd3ca6 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Make Rancher CLI provisioner reusablePawel Wieczorek2-9/+14
Having Rancher CLI proves itself useful on development machines as well. Issue-ID: SECCOM-235 Change-Id: I0de3109e1236cf6dc9cbc825342593041dcfdf2c Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add Rancher CLI to test environmentPawel Wieczorek1-0/+9
Issue-ID: SECCOM-235 Change-Id: I46e2f8d61c3a82613b665fb6d9b57431bb2a1868 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add virtual environment for testingPawel Wieczorek4-0/+143
This patch adds simplified ONAP deployment environment (Kubernetes cluster managed by Rancher). Its purpose is to provide cluster defaults for inspection without the need to access actual ONAP application deployment. Default node customization scripts were extracted ("tools/get_customization_scripts.sh" run within "tools/imported/" directory) from official documentation [1] and imported here in order not to introduce runtime online dependencies. This environment should probably be migrated in future to more appropriate place like devtool [2] (or at least use the same Vagrant boxes). [1] https://docs.onap.org/en/casablanca/submodules/oom.git/docs/oom_setup_kubernetes_rancher.html [2] https://git.onap.org/integration/devtool Issue-ID: SECCOM-235 Change-Id: I57f9f3caac0e8b391e9ed480f6bebba98e006882 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Validate API server address and port flagsPawel Wieczorek2-2/+37
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.6 and 1.1.7). Issue-ID: SECCOM-235 Change-Id: I5f215a6642b177e85d7e1c70860ba0c7e558ec4e Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Validate API server boolean flagsPawel Wieczorek2-1/+107
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.1 - 1.1.5, 1.1.8, 1.1.9, 1.1.20 and 1.1.23). Issue-ID: SECCOM-235 Change-Id: Ib964b5111b616a891c3963ef9695af660810e8ba Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-07-08k8s: Add documentation on runtime dependenciesPawel Wieczorek1-0/+12
Issue-ID: SECCOM-235 Change-Id: I370636220151a5755f467055418f866afe11d5d9 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-26Clean up vCPE scriptYang Xu8-71/+23
Signed-off-by: Yang Xu <yang.xu@futurewei.com> Issue-ID: INT-847 Change-Id: I1158442cd73c6e0d943e9cc111cb12dae1381d36
2019-06-24k8s: Obtain relevant information from RancherPawel Wieczorek2-0/+95
This patch introduces Rancher queries using its CLI client. It depends on having utility binary located in PATH and providing configuration file prior first use. Issue-ID: SECCOM-235 Change-Id: Idb011e27b4801c5700b4482656463849736298da Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-21Move teardown script to RKE script directoryGary Wu1-126/+1
Also rename various Integration tenants Issue-ID: INT-1117 Signed-off-by: Gary Wu <gary.wu@futurewei.com> Change-Id: I7422088bdcb9ae8fbbf76bab0517f466d1279df3
2019-06-20k8s: Add basic structure for validation toolPawel Wieczorek5-0/+58
This patch introduces CLI utility for checking if Kubernetes cluster follows security recommendations. Provided Makefile simplifies setup process by setting appropriate environment variables for the build. Further information can be found in README. Provided symlink allows proper document rendering on VCS hosting site. Issue-ID: SECCOM-235 Change-Id: I4a1337c9834322ee4fd742a9ccb979b9bc505f75 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-06-13Improve vCPE test automationYang Xu5-6/+27
Signed-off-by: Yang Xu <yang.xu@futurewei.com> Issue-ID: INT-847 Change-Id: Ib5b0a547f1c228de4cee02f3526401028c10bff0
2019-06-10ONAP audit script detailing pods, docker images, tags and digestsAndyWalshe1-0/+236
Change-Id: Ia8d369c978f3d1da0e98af91415cc50cd36b03a2 Issue-ID: INT-1101 Signed-off-by: AndyWalshe <andy.walshe@est.tech>
2019-06-06Fixed Bugs in automtion scriptItohan2-3/+14
Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I45e5e09940378c8223ae36b8af3fc5e1b8b836bc
2019-06-04Add help informationHaibin Huang5-44/+289
Issue-ID: INT-795 Change-Id: If06ef6faa69c942385e4fa1c15eb8f25c3d19f40 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-06-03Modified hpa automation scriptItohan2-17/+63
Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I931289fffa5b9821259eff6f015adf3dd414aef8
2019-05-29Modified hpa_automation.py scriptItohan11-32/+269
-Added more files required to run this script -Added a README file -Added sample hpa polices Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com> Change-Id: I5c77924863a9517ecaf7caaeb860c3c113a7b9d2
2019-05-29Search endpoint script fail silentlyLucjan Bryndza1-0/+11
When nmap or other commands are not installed on the system script fail silently without any information Signed-off-by: Lucjan Bryndza <l.bryndza@samsung.com> Change-Id: I599b987e223f88617aefa2c0de6cdcbbf3ff50b7 Issue-ID: SECCOM-231
2019-05-23Automatically add default policiesHaibin Huang6-16/+40
Change-Id: I38fcd336e7eca90264590d4174c8cf65e89c60a1 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-22Add Policy model automationHaibin Huang1-37/+105
Change-Id: I127063df8261859b1a0f11a57e49ce3d337afcf5 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-22Add SDC automatioinHaibin Huang2-7/+217
Attention, maybe you can't use it because we call internal SDC API SDC PTL said that they will change internal SDC API without any notice. Change-Id: Ic1a34bb6f9d3a879f8d5580c803431059ca43c26 Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-21Add automately upload packageHaibin Huang2-34/+125
Change-Id: I778bfd0b12afd929066a7dc5ccd8bcc5c1e0dafe Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-16Add vnfm register for vfcHaibin Huang2-8/+39
Change-Id: I942c5740b30c7ca9fdd9af2c8cfa7f38af258cbf Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-10Don't treat error reply as a proper JDWP handshakeKrzysztof Opasiak1-1/+2
As it turned out thanks to Yan Yang some ONAP services tend to return a propr JDWP handshake as a part of their error message. Let's filter out those services by checking number of lines returned by the server. We expect that proper JDWP handshake won't be longer than a single line. Issue-ID: SECCOM-231 Change-Id: I4b8950ebdf5fe118ec5f2dd5f4de583211784fb2 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-05-09Add E2E automation test vcpeHaibin Huang4-0/+322
Change-Id: I73ab75ee9321c8b360745a963f28b0a869a279ea Issue-ID: INT-795 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
2019-05-07Merge "Don't wait forever for jdwp response"Gary Wu1-1/+2
2019-05-06Fixed Bugs in hpa automation scriptItohan2-10/+23
Change-Id: Ib777f42de09687ee4c72c12da893c0f75633998f Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com>
2019-05-06Don't wait forever for jdwp responseKrzysztof Opasiak1-1/+2
Some of web services do not send any data when challenged with JDWP challenge. This makes the script waiting forever for response. To fix that let's introduce 10s timeout (experimental value) and replace empty string with a new line to avoid bash warnings. Issue-ID: SECCOM-231 Change-Id: I35546c001c5c54f298e8a4e346c2cf5d41e230ac Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-05-04Fixed Bugs in hpa automation scriptItohan2-39/+42
Change-Id: Ibeb04ddf9939b98ff4dec99a10973d4553e215d5 Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com>
2019-05-03Pass typefileserver as parameter in mass-pnf-simRehanRaza6-31/+38
Change-Id: I1168a5f10cce9b7d17324504a57d90dd9ee7790d Issue-ID: DCAEGEN2-1434 Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>
2019-05-02Unit test instability fixTamasBakai1-6/+6
simulator_should_send_fileready_message test was failing in maven, but working well in eclipse. Duration and Interval are now equal, and exactly 1 trigger should occur regardless of the execution environment. Change-Id: I9f283364d4717c6e4aa45b88ee7e9da393fa11c4 Issue-ID: DCAEGEN2-1434 Signed-off-by: TamasBakai <tamas.bakai@est.tech>
2019-05-01HPA Automation scriptroot@rancher2-0/+645
Python script to automate deployment of vFW and VDNS use cases using SO Change-Id: Ie232a47d03659daa7b4b869bff842a6c7c4848b3 Issue-ID: INT-905 INT-904 INT-794 Signed-off-by: Itohan Ukponmwan <itohan.ukponmwan@intel.com>
2019-05-01Update expired image in manifest-stagingYang Xu1-0/+0
Change-Id: I5353d2a3053245d0df24d89ba5290370c85fdf16 Issue-ID: INT-1052 Signed-off-by: Yang Xu <yang.xu3@huawei.com>
2019-04-30Merge "Add allotted resource subcategory BRG in SDC"Gary Wu3-15/+69
2019-04-30Add allotted resource subcategory BRG in SDCYang Xu3-15/+69
Change-Id: I1c361215ba086afe7444a5c457ba08aedf9fddcd Issue-ID: INT-847 Signed-off-by: Yang Xu <yang.xu3@huawei.com>
2019-04-30Certificate expiry date for signed onboarding test PNF packages inadequateAndyWalshe5-94/+94
Change-Id: I87c5c4eac8aa3b427e70882237b0434c6ca282af Issue-ID: INT-1054 Signed-off-by: AndyWalshe <andy.walshe@est.tech>
2019-04-29Merge "Update postman to collection to match v4"Gary Wu2-17/+17
2019-04-29Update postman to collection to match v4Matthieu Geerebaert2-17/+17
Update endpoints of nbi postman collection ( remove /nbi/api/v3 ) Update url with http in environment integration file ( for all endpoint variables, fix ko on nbi.api.simpledemo.onap.org:30274/nbi/api/v3/status for instance ) Update nbi url in environment integration file ( add /nbi/api/v4 ) Change-Id: I42d1585ed4f458f74cf34927f2f853404e7f92e1 Issue-ID: EXTAPI-235 Signed-off-by: MatthieuGeerebaert <matthieu.geerebaert@orange.com>
2019-04-29Download vCPE service csar from SDCYang Xu4-2/+74
Clean up import Change-Id: I1a1be9b0528858fc30106978153e0af132675f93 Issue-ID: INT-847 Signed-off-by: Yang Xu <yang.xu3@huawei.com>
2019-04-26DFC automated testsBjornMagnussonXA52-146/+4164
Test cases and suites for DFC automated test Issue-ID: DCAEGEN2-1434 Change-Id: Ibe2200f7dad358520d78217bad4ca6d3b514a3c3 Signed-off-by: BjornMagnussonXA <bjorn.magnusson@est.tech>
2019-04-25Make the script working on Dublin releaseKrzysztof Opasiak1-1/+1
With the introduction of RKE instead of rancher format of pod description has slightly changed (annotations). Let's addjust our security tests to work correctly with recent ONAP release. Issue-ID: SECCOM-231 Change-Id: I49cdfcae9ce41a2b4bd4969958eddfaffe75b437 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-04-25User first node for port scanning instead of last oneKrzysztof Opasiak1-1/+1
It is more obvious to use first node in cluster instead of last one. Additionally in some cases nodes listed in the end may not expose all open ports (like it is in integration lab). Issue-ID: SECCOM-231 Change-Id: I200998b2e7b3a6de9b5f464e59e3b7dbbc0a656c Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2019-04-23Add an EMS simulatorEnbo Wang41-0/+1056
Change-Id: I4fedf9a812e19033e7f9a1bff55eae264bc5122f Issue-ID: INT-1041 Signed-off-by: Enbo Wang <wangenbo@huawei.com>
2019-04-17Provide Sample Signed PNF Package for Integration Test with certificateSzabolcs Hutvagner3-37/+91
inside signature This can be used for integration test of Pre-Onboarding and Onboarding of a PNF package. Issue-ID: INT-1017 Change-Id: I01f6ebdf4498bd3aac028d8ce6fa510287999d65 Signed-off-by: Szabolcs Hutvagner <szabolcs.hutvagner@ericsson.com>
2019-04-15Merge "Mass-pnf-sim selective trigger"Gary Wu2-0/+34