aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--infra-healthcheck/docker/Dockerfile4
-rw-r--r--infra-healthcheck/docker/testcases.yaml9
-rw-r--r--infra-healthcheck/infra_healthcheck/k8stest.py14
-rw-r--r--infra-healthcheck/setup.cfg2
4 files changed, 24 insertions, 5 deletions
diff --git a/infra-healthcheck/docker/Dockerfile b/infra-healthcheck/docker/Dockerfile
index 87d177c..b433387 100644
--- a/infra-healthcheck/docker/Dockerfile
+++ b/infra-healthcheck/docker/Dockerfile
@@ -17,7 +17,7 @@ COPY upper-constraints.txt .
RUN set -x && \
apk --no-cache add --update curl ca-certificates && \
apk --no-cache add --virtual .build-deps --update \
- gcc python3-dev musl-dev && \
+ gcc python3-dev musl-dev openssl-dev libffi-dev && \
chmod +x /usr/local/bin/kubectl && \
adduser kubectl -Du 2342 -h /config && \
wget https://storage.googleapis.com/kubernetes-helm/helm-${HELM_VERSION}-linux-amd64.tar.gz -O - | tar -xzO linux-amd64/helm > /usr/local/bin/helm && \
@@ -28,6 +28,8 @@ RUN set -x && \
pip3 install --no-cache-dir -r upper-constraints.txt && \
pip3 install --no-cache-dir \
git+https://gitlab.com/Orange-OpenSource/lfn/onap/integration/xtesting.git@$ONAP_TESTS_TAG#subdirectory=infra-healthcheck && \
+ pip3 install --no-cache-dir \
+ git+https://git.onap.org/integration.git@$ONAP_TESTS_TAG#subdirectory=test/security/check_certificates && \
apk del .build-deps
COPY docker/testcases.yaml /usr/lib/python3.8/site-packages/xtesting/ci/testcases.yaml
diff --git a/infra-healthcheck/docker/testcases.yaml b/infra-healthcheck/docker/testcases.yaml
index 346daf5..ba035c2 100644
--- a/infra-healthcheck/docker/testcases.yaml
+++ b/infra-healthcheck/docker/testcases.yaml
@@ -39,3 +39,12 @@ tiers:
- DEPLOY_SCENARIO: 'ingress'
run:
name: 'nodeport_ingress'
+ -
+ case_name: nodeport_check_certs
+ project_name: integration
+ criteria: 100
+ blocking: false
+ description: >-
+ Check certificates associated with node ports
+ run:
+ name: 'nodeport_check_certs'
diff --git a/infra-healthcheck/infra_healthcheck/k8stest.py b/infra-healthcheck/infra_healthcheck/k8stest.py
index da1d764..a22bcda 100644
--- a/infra-healthcheck/infra_healthcheck/k8stest.py
+++ b/infra-healthcheck/infra_healthcheck/k8stest.py
@@ -109,8 +109,6 @@ class K8sTesting(testcase.TestCase):
class OnapHelmTest(K8sTesting):
"""Kubernetes conformance test suite"""
def __init__(self, **kwargs):
- if "case_name" not in kwargs:
- kwargs.get("case_name", 'onap-helm')
super(OnapHelmTest, self).__init__(**kwargs)
self.cmd = ['/check_onap_helm.sh']
self.criteria_string = "Nb Failed Helm Charts"
@@ -119,9 +117,17 @@ class OnapHelmTest(K8sTesting):
class OnapSecurityNodePortsIngress(K8sTesting):
"""Check that there is no NodePort without corresponding Ingress port."""
def __init__(self, **kwargs):
- if "case_name" not in kwargs:
- kwargs.get("case_name", 'nodeport_ingress')
super(OnapSecurityNodePortsIngress, self).__init__(**kwargs)
self.cmd = ['python3', '/check_for_ingress_and_nodeports.py',
'--conf', '/root/.kube/config']
self.criteria_string = "NodePort without corresponding Ingress found"
+
+class OnapSecurityNodePortsCerts(K8sTesting):
+ """Check the cerfificates fot he nodeports."""
+ def __init__(self, **kwargs):
+ super(OnapSecurityNodePortsCerts, self).__init__(**kwargs)
+ os.chdir('/usr/lib/python3.8/site-packages/check_certificates')
+ self.cmd = ['python3', 'check_certificates_validity.py',
+ '--mode','nodeport','--namespace','onap','--dir',
+ '/var/lib/xtesting/results/nodeport_check_certs']
+ self.criteria_string = ">>> Test Check certificates PASS"
diff --git a/infra-healthcheck/setup.cfg b/infra-healthcheck/setup.cfg
index a3ec3db..4664552 100644
--- a/infra-healthcheck/setup.cfg
+++ b/infra-healthcheck/setup.cfg
@@ -10,3 +10,5 @@ xtesting.testcase =
onap_k8s = kubernetes_status.status:Status
onap_helm = infra_healthcheck.k8stest:OnapHelmTest
nodeport_ingress = infra_healthcheck.k8stest:OnapSecurityNodePortsIngress
+ nodeport_check_certs = infra_healthcheck.k8stest:OnapSecurityNodePortsCerts
+