diff options
| -rw-r--r-- | infra-healthcheck/docker/Dockerfile | 4 | ||||
| -rw-r--r-- | infra-healthcheck/docker/testcases.yaml | 9 | ||||
| -rw-r--r-- | infra-healthcheck/infra_healthcheck/k8stest.py | 14 | ||||
| -rw-r--r-- | infra-healthcheck/setup.cfg | 2 |
4 files changed, 24 insertions, 5 deletions
diff --git a/infra-healthcheck/docker/Dockerfile b/infra-healthcheck/docker/Dockerfile index 87d177c..b433387 100644 --- a/infra-healthcheck/docker/Dockerfile +++ b/infra-healthcheck/docker/Dockerfile @@ -17,7 +17,7 @@ COPY upper-constraints.txt . RUN set -x && \ apk --no-cache add --update curl ca-certificates && \ apk --no-cache add --virtual .build-deps --update \ - gcc python3-dev musl-dev && \ + gcc python3-dev musl-dev openssl-dev libffi-dev && \ chmod +x /usr/local/bin/kubectl && \ adduser kubectl -Du 2342 -h /config && \ wget https://storage.googleapis.com/kubernetes-helm/helm-${HELM_VERSION}-linux-amd64.tar.gz -O - | tar -xzO linux-amd64/helm > /usr/local/bin/helm && \ @@ -28,6 +28,8 @@ RUN set -x && \ pip3 install --no-cache-dir -r upper-constraints.txt && \ pip3 install --no-cache-dir \ git+https://gitlab.com/Orange-OpenSource/lfn/onap/integration/xtesting.git@$ONAP_TESTS_TAG#subdirectory=infra-healthcheck && \ + pip3 install --no-cache-dir \ + git+https://git.onap.org/integration.git@$ONAP_TESTS_TAG#subdirectory=test/security/check_certificates && \ apk del .build-deps COPY docker/testcases.yaml /usr/lib/python3.8/site-packages/xtesting/ci/testcases.yaml diff --git a/infra-healthcheck/docker/testcases.yaml b/infra-healthcheck/docker/testcases.yaml index 346daf5..ba035c2 100644 --- a/infra-healthcheck/docker/testcases.yaml +++ b/infra-healthcheck/docker/testcases.yaml @@ -39,3 +39,12 @@ tiers: - DEPLOY_SCENARIO: 'ingress' run: name: 'nodeport_ingress' + - + case_name: nodeport_check_certs + project_name: integration + criteria: 100 + blocking: false + description: >- + Check certificates associated with node ports + run: + name: 'nodeport_check_certs' diff --git a/infra-healthcheck/infra_healthcheck/k8stest.py b/infra-healthcheck/infra_healthcheck/k8stest.py index da1d764..a22bcda 100644 --- a/infra-healthcheck/infra_healthcheck/k8stest.py +++ b/infra-healthcheck/infra_healthcheck/k8stest.py @@ -109,8 +109,6 @@ class K8sTesting(testcase.TestCase): class OnapHelmTest(K8sTesting): """Kubernetes conformance test suite""" def __init__(self, **kwargs): - if "case_name" not in kwargs: - kwargs.get("case_name", 'onap-helm') super(OnapHelmTest, self).__init__(**kwargs) self.cmd = ['/check_onap_helm.sh'] self.criteria_string = "Nb Failed Helm Charts" @@ -119,9 +117,17 @@ class OnapHelmTest(K8sTesting): class OnapSecurityNodePortsIngress(K8sTesting): """Check that there is no NodePort without corresponding Ingress port.""" def __init__(self, **kwargs): - if "case_name" not in kwargs: - kwargs.get("case_name", 'nodeport_ingress') super(OnapSecurityNodePortsIngress, self).__init__(**kwargs) self.cmd = ['python3', '/check_for_ingress_and_nodeports.py', '--conf', '/root/.kube/config'] self.criteria_string = "NodePort without corresponding Ingress found" + +class OnapSecurityNodePortsCerts(K8sTesting): + """Check the cerfificates fot he nodeports.""" + def __init__(self, **kwargs): + super(OnapSecurityNodePortsCerts, self).__init__(**kwargs) + os.chdir('/usr/lib/python3.8/site-packages/check_certificates') + self.cmd = ['python3', 'check_certificates_validity.py', + '--mode','nodeport','--namespace','onap','--dir', + '/var/lib/xtesting/results/nodeport_check_certs'] + self.criteria_string = ">>> Test Check certificates PASS" diff --git a/infra-healthcheck/setup.cfg b/infra-healthcheck/setup.cfg index a3ec3db..4664552 100644 --- a/infra-healthcheck/setup.cfg +++ b/infra-healthcheck/setup.cfg @@ -10,3 +10,5 @@ xtesting.testcase = onap_k8s = kubernetes_status.status:Status onap_helm = infra_healthcheck.k8stest:OnapHelmTest nodeport_ingress = infra_healthcheck.k8stest:OnapSecurityNodePortsIngress + nodeport_check_certs = infra_healthcheck.k8stest:OnapSecurityNodePortsCerts + |