From 682b993848db69e54eb01a8745eb2cb98ed40ceb Mon Sep 17 00:00:00 2001 From: mrichomme Date: Thu, 7 Jan 2021 11:00:09 +0100 Subject: [SECURITY] Include cert check of the internal ports A test dealing with the verification of the ports exposed as nodeports is already integrated. The goal of the patch is to compelte with a test dealing with all the internal ports retrieved from k8s on the ONAP namespace. Unlike nodeport_check_certs, this test must be executed from inside the cluster. As a consequence a dependency is added in testcases.yaml - TEST_ENVIRONMENT: 'internal_job' In order to avoir triggerring the test when executing all the infra tests of this xtesting dockers. A kubernetes job consuming the image shall be created in xtesting-onap to execute the test. Issue-ID: INT-1818 Signed-off-by: mrichomme Change-Id: I16bb55fb784bd67f8a2b59f9f895fb754da8e3d0 --- infra-healthcheck/infra_healthcheck/k8stest.py | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'infra-healthcheck/infra_healthcheck/k8stest.py') diff --git a/infra-healthcheck/infra_healthcheck/k8stest.py b/infra-healthcheck/infra_healthcheck/k8stest.py index e1c4213..1d69fac 100644 --- a/infra-healthcheck/infra_healthcheck/k8stest.py +++ b/infra-healthcheck/infra_healthcheck/k8stest.py @@ -108,3 +108,13 @@ class OnapSecurityNodePortsCerts(K8sTesting): '--mode','nodeport','--namespace','onap','--dir', '/var/lib/xtesting/results/nodeport_check_certs'] self.criteria_string = ">>> Test Check certificates PASS" + +class OnapSecurityInternalPortsCerts(K8sTesting): + """Check the cerfificates for the internal ports.""" + def __init__(self, **kwargs): + super(OnapSecurityInternalPortsCerts, self).__init__(**kwargs) + os.chdir('/usr/lib/python3.8/site-packages/check_certificates') + self.cmd = ['python3', 'check_certificates_validity.py', + '--mode','internal','--namespace','onap','--dir', + '/var/lib/xtesting/results/internal_check_certs'] + self.criteria_string = ">>> Test Check certificates PASS" -- cgit 1.2.3-korg