From 30e199a70b32a6256c2a148eec870800ef1fbefc Mon Sep 17 00:00:00 2001 From: Pawel Wieczorek Date: Thu, 16 Jul 2020 16:15:06 +0200 Subject: Import upstream component version inspection tool This patch adds utility to check versions of binaries available in Docker containers run on Kubernetes cluster. It has been contributed by: kkkk-k Several minor changes were made to comply with ONAP CI linter rules. Issue-ID: INT-1571 Change-Id: Id0e4b557212dec1bf8d2bac580968d69e2cf5595 Signed-off-by: Pawel Wieczorek --- .../tests/test_sync_post_namespaced_pod_exec.py | 74 ++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 test/security/check_versions/tests/test_sync_post_namespaced_pod_exec.py (limited to 'test/security/check_versions/tests/test_sync_post_namespaced_pod_exec.py') diff --git a/test/security/check_versions/tests/test_sync_post_namespaced_pod_exec.py b/test/security/check_versions/tests/test_sync_post_namespaced_pod_exec.py new file mode 100644 index 000000000..50620d3a7 --- /dev/null +++ b/test/security/check_versions/tests/test_sync_post_namespaced_pod_exec.py @@ -0,0 +1,74 @@ +#!/usr/bin/env python3 + +import k8s_bin_versions_inspector as kbvi +import kubernetes + + +def exec_sync_post_namespaced_pod_exec(pod, command): + kubernetes.config.load_kube_config() + api = kubernetes.client.CoreV1Api() + containers = kbvi.list_all_containers(api, "") + container = next(c for c in containers if c.pod.startswith(pod)) + result = kbvi.sync_post_namespaced_pod_exec(api, container, command) + return result + + +def test_sync_post_namespaced_pod_exec(): + pod = "kbvi-test-python-jupyter" + result = exec_sync_post_namespaced_pod_exec(pod, "id") + assert result == { + "stdout": "uid=1000(jovyan) gid=100(users) groups=100(users)\n", + "stderr": "", + "error": {"status": "Success", "metadata": {}}, + "code": 0, + } + + +def test_sync_post_namespaced_pod_exec_not_running(): + pod = "kbvi-test-terminated" + result = exec_sync_post_namespaced_pod_exec(pod, "id") + assert result == {"stdout": "", "stderr": "", "error": {}, "code": -1} + + +def test_sync_post_namespaced_pod_exec_not_found(): + pod = "kbvi-test-python-jupyter" + command = "/command/not/found" + result = exec_sync_post_namespaced_pod_exec(pod, command) + assert result["stdout"] == "" + assert result["stderr"] == "" + assert result["error"]["status"] == "Failure" + assert result["error"]["reason"] == "InternalError" + assert result["code"] == -2 + + +def test_sync_post_namespaced_pod_exec_exit_code(): + pod = "kbvi-test-python-jupyter" + command = ["python3", "--invalid-attribute"] + result = exec_sync_post_namespaced_pod_exec(pod, command) + assert result == { + "stdout": "", + "stderr": "unknown option --invalid-attribute\n" + "usage: python3 [option] ... [-c cmd | -m mod | file | -] [arg] ...\n" + "Try `python -h' for more information.\n", + "error": { + "status": "Failure", + "reason": "NonZeroExitCode", + "message": "command terminated with non-zero exit code: error " + "executing command [python3 --invalid-attribute], exit code 2", + "details": {"causes": [{"message": "2", "reason": "ExitCode"}]}, + "metadata": {}, + }, + "code": 2, + } + + +def test_sync_post_namespaced_pod_exec_stderr(): + pod = "kbvi-test-python-stderr-filebeat" + command = ["python", "--version"] + result = exec_sync_post_namespaced_pod_exec(pod, command) + assert result == { + "stdout": "", + "stderr": "Python 2.7.5\n", + "error": {"status": "Success", "metadata": {}}, + "code": 0, + } -- cgit 1.2.3-korg