From 30e199a70b32a6256c2a148eec870800ef1fbefc Mon Sep 17 00:00:00 2001
From: Pawel Wieczorek <p.wieczorek2@samsung.com>
Date: Thu, 16 Jul 2020 16:15:06 +0200
Subject: Import upstream component version inspection tool

This patch adds utility to check versions of binaries available in
Docker containers run on Kubernetes cluster. It has been contributed by:
kkkk-k <kkkk.k@samsung.com>

Several minor changes were made to comply with ONAP CI linter rules.

Issue-ID: INT-1571
Change-Id: Id0e4b557212dec1bf8d2bac580968d69e2cf5595
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
---
 .../tests/test_list_all_containers.py              | 52 ++++++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 test/security/check_versions/tests/test_list_all_containers.py

(limited to 'test/security/check_versions/tests/test_list_all_containers.py')

diff --git a/test/security/check_versions/tests/test_list_all_containers.py b/test/security/check_versions/tests/test_list_all_containers.py
new file mode 100644
index 000000000..4178077c3
--- /dev/null
+++ b/test/security/check_versions/tests/test_list_all_containers.py
@@ -0,0 +1,52 @@
+#!/usr/bin/env python3
+
+import k8s_bin_versions_inspector as kbvi
+import kubernetes
+
+
+def exec_list_all_containers(pod_name_trimmer, field_selector):
+    kubernetes.config.load_kube_config()
+    api = kubernetes.client.CoreV1Api()
+    containers = kbvi.list_all_containers(api, field_selector)
+    extracted = ((c.namespace, c.pod, c.container) for c in containers)
+    trimmed = ((n, pod_name_trimmer(p), c) for n, p, c in extracted)
+    result = sorted(trimmed)
+    return result
+
+
+def test_list_all_containers(pod_name_trimmer):
+    result = exec_list_all_containers(pod_name_trimmer, "")
+    assert result == [
+        ("default", "kbvi-test-java-keycloak", "keycloak"),
+        ("default", "kbvi-test-java-keycloak-old", "keycloak-old"),
+        ("default", "kbvi-test-java-keycloak-very-old", "keycloak-very-old"),
+        ("default", "kbvi-test-python-jupyter", "jupyter"),
+        ("default", "kbvi-test-python-jupyter-old", "jupyter-old"),
+        ("default", "kbvi-test-python-stderr-filebeat", "filebeat"),
+        ("default", "kbvi-test-terminated", "python"),
+        ("ingress-nginx", "kbvi-test-ingress-nginx", "echo-server"),
+        ("kube-system", "kbvi-test-kube-system", "echo-server"),
+    ]
+
+
+def test_list_all_containers_not_default(pod_name_trimmer):
+    field_selector = "metadata.namespace!=default"
+    result = exec_list_all_containers(pod_name_trimmer, field_selector)
+    assert result == [
+        ("ingress-nginx", "kbvi-test-ingress-nginx", "echo-server"),
+        ("kube-system", "kbvi-test-kube-system", "echo-server"),
+    ]
+
+
+def test_list_all_containers_conjunction(pod_name_trimmer):
+    field_selector = "metadata.namespace!=kube-system,metadata.namespace!=ingress-nginx"
+    result = exec_list_all_containers(pod_name_trimmer, field_selector)
+    assert result == [
+        ("default", "kbvi-test-java-keycloak", "keycloak"),
+        ("default", "kbvi-test-java-keycloak-old", "keycloak-old"),
+        ("default", "kbvi-test-java-keycloak-very-old", "keycloak-very-old"),
+        ("default", "kbvi-test-python-jupyter", "jupyter"),
+        ("default", "kbvi-test-python-jupyter-old", "jupyter-old"),
+        ("default", "kbvi-test-python-stderr-filebeat", "filebeat"),
+        ("default", "kbvi-test-terminated", "python"),
+    ]
-- 
cgit 1.2.3-korg