diff options
| author |   Pawel Wieczorek <p.wieczorek2@samsung.com> | 2019-11-25 15:40:04 +0100 |
|---|---|---|
| committer | Pawel Wieczorek <p.wieczorek2@samsung.com> | 2019-11-25 15:49:54 +0100 |
| commit | c3563bc93ebf7df6a4802f07123163516ebf1057 (patch) | |
| tree | 3648a83690fa9722ac7e371509c6434e7a41e31a /scripts/etescript/security-etescript.sh | |
| parent | 31450dcb11d18b81098b43d0d0b7ecdb0d69e238 (diff) | |
Adjust ETE runner for security tests
This patch adds gathering data which cannot be easily obtained from
within "robot" pod (without granting it access to "kubectl" tool and as
a side effect - cluster modifications).
It introduces dependency to python3 on operator's machine (to convert
"kubectl" tool filtered output to JSON).
Issue-ID: SECCOM-261
Change-Id: Ie5057f65f79337896191b51cfad1b3e06623f80b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'scripts/etescript/security-etescript.sh')
| -rwxr-xr-x | scripts/etescript/security-etescript.sh | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/scripts/etescript/security-etescript.sh b/scripts/etescript/security-etescript.sh new file mode 100755 index 0000000..1cd911c --- /dev/null +++ b/scripts/etescript/security-etescript.sh @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +# Copyright 2019 Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# +# Gather information on ONAP cluster required by security tests. +# Copy results to Robot pod. +# + + +TMPDIR='/tmp' +TMPTPL='onap_security' +CSV2JSON='import csv; import json; import sys; print(json.dumps({i[0]: i[1] for i in csv.reader(sys.stdin)}))' +FILTER="$(tr -d [:space:] <<TEMPLATE +{{range .items}} + {{range.spec.ports}} + {{if .nodePort}} + {{.nodePort}}{{','}}{{.name}}{{'\n'}} + {{end}} + {{end}} +{{end}} +TEMPLATE)" + + +setup () { + export NODEPORTS_FILE="$(mktemp -p ${TMPDIR} ${TMPTPL}XXX)" +} + +create_actual_nodeport_json () { + kubectl get svc -n $NAMESPACE -o go-template="$FILTER" | python3 -c "$CSV2JSON" > "$NODEPORTS_FILE" +} + +copy_actual_nodeport_json_to_robot () { + kubectl cp "$1" "$2/$3:$4" +} + +cleanup () { + rm "$NODEPORTS_FILE" +} + + +setup +create_actual_nodeport_json +copy_actual_nodeport_json_to_robot "$NODEPORTS_FILE" "$NAMESPACE" "$POD" "$TMPDIR" +cleanup |