1 # ============LICENSE_START=======================================================
3 # ================================================================================
4 # Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved.
5 # Copyright (c) 2020 Pantheon.tech. All rights reserved.
6 # Copyright (c) 2020-2021 Nokia. All rights reserved.
7 # ================================================================================
8 # Licensed under the Apache License, Version 2.0 (the "License");
9 # you may not use this file except in compliance with the License.
10 # You may obtain a copy of the License at
12 # http://www.apache.org/licenses/LICENSE-2.0
14 # Unless required by applicable law or agreed to in writing, software
15 # distributed under the License is distributed on an "AS IS" BASIS,
16 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 # See the License for the specific language governing permissions and
18 # limitations under the License.
19 # ============LICENSE_END=========================================================
21 # Common functions for unit testing
22 def _set_k8s_configuration():
23 ''' Set up the basic k8s configuration '''
25 "image_pull_secrets": ["secret0", "secret1"],
27 "log_path": "/var/log/onap",
28 "data_path": "/usr/share/filebeat/data",
29 "config_path": "/usr/share/filebeat/filebeat.yml",
30 "config_subpath": "filebeat.yml",
31 "image": "filebeat-repo/filebeat:latest",
32 "config_map": "dcae-filebeat-configmap"
35 "cert_path": "/opt/certs",
36 "image": "tlsrepo/tls-init-container:1.2.3",
37 "component_cert_dir": "/opt/dcae/cacert"
40 "image_tag": "repo/oom-certservice-client:2.1.0",
41 "request_url": "https://request:1010/url",
44 "organization": "Linux-Foundation",
45 "state": "California",
46 "organizational_unit": "ONAP",
47 "location": "San-Francisco",
48 "keystore_password": "secret1",
49 "truststore_password": "secret2"
51 "cert_post_processor": {
52 "image_tag": "repo/oom-cert-post-processor:2.1.0"
55 "base_url": "https://config-binding-service:10443/service_component_all/test-component"
74 def _set_common_kwargs(config_map=None):
75 ''' Set kwargs common to all test cases '''
78 {"host": {"path": "/path/on/host"}, "container": {"bind": "/path/on/container", "mode": "rw"}}
81 "ports": ["80:0", "443:0"],
82 "env": {"NAME0": "value0", "NAME1": "value1"},
83 "log_info": {"log_directory": "/path/to/container/log/directory"},
84 "readiness": {"type": "http", "endpoint": "/ready"}
86 if config_map is not None:
87 common_kwargs["volumes"].append(config_map)
91 def _get_item_by_name(list, name):
92 """ Search a list of k8s API objects with the specified name """
99 def check_env_var(env_list, name, value):
100 e = _get_item_by_name(env_list, name)
101 assert e and e.value == value
104 def verify_common(dep, deployment_description):
105 """ Check results common to all test cases """
106 assert deployment_description["deployment"] == "dep-testcomponent"
107 assert deployment_description["namespace"] == "k8stest"
108 assert deployment_description["services"][0] == "testcomponent"
110 # For unit test purposes, we want to make sure that the deployment object
111 # we're passing to the k8s API is correct
112 app_container = dep.spec.template.spec.containers[0]
113 assert app_container.image == "example.com/testcomponent:1.4.3"
114 assert app_container.image_pull_policy == "IfNotPresent"
115 assert len(app_container.ports) == 2
116 assert app_container.ports[0].container_port == 80
117 assert app_container.ports[1].container_port == 443
118 assert app_container.readiness_probe.http_get.path == "/ready"
119 assert app_container.readiness_probe.http_get.scheme == "HTTP"
120 assert len(app_container.volume_mounts) >= 2
121 assert app_container.volume_mounts[0].mount_path == "/path/on/container"
122 assert app_container.volume_mounts[-2].mount_path == "/path/to/container/log/directory"
124 # Check environment variables
125 env = app_container.env
126 check_env_var(env, "NAME0", "value0")
127 check_env_var(env, "NAME1", "value1")
129 # Should have a log container with volume mounts
130 log_container = dep.spec.template.spec.containers[1]
131 assert log_container.image == "filebeat-repo/filebeat:latest"
132 assert log_container.volume_mounts[0].mount_path == "/var/log/onap/testcomponent"
133 assert log_container.volume_mounts[0].name == "component-log"
134 assert log_container.volume_mounts[1].mount_path == "/usr/share/filebeat/data"
135 assert log_container.volume_mounts[1].name == "filebeat-data"
136 assert log_container.volume_mounts[2].mount_path == "/usr/share/filebeat/filebeat.yml"
137 assert log_container.volume_mounts[2].name == "filebeat-conf"
139 # Needs to be correctly labeled so that the Service can find it
140 assert dep.spec.template.metadata.labels["app"] == "testcomponent"
143 def verify_external_cert(dep):
144 cert_container = dep.spec.template.spec.init_containers[1]
145 print(cert_container)
146 assert cert_container.image == "repo/oom-certservice-client:2.1.0"
147 assert cert_container.name == "cert-service-client"
148 assert len(cert_container.volume_mounts) == 2
149 assert cert_container.volume_mounts[0].name == "tls-info"
150 assert cert_container.volume_mounts[0].mount_path == "/path/to/container/cert/directory/"
151 assert cert_container.volume_mounts[1].name == "tls-volume"
152 assert cert_container.volume_mounts[1].mount_path == "/etc/onap/oom/certservice/certs/"
155 "REQUEST_URL": "https://request:1010/url",
156 "REQUEST_TIMEOUT": "30000",
157 "OUTPUT_PATH": "/path/to/container/cert/directory/external",
158 "OUTPUT_TYPE": "P12",
160 "COMMON_NAME": "mycommonname",
161 "ORGANIZATION": "Linux-Foundation",
162 "ORGANIZATION_UNIT": "ONAP",
163 "LOCATION": "San-Francisco",
164 "STATE": "California",
167 "KEYSTORE_PATH": "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks",
168 "KEYSTORE_PASSWORD": "secret1",
169 "TRUSTSTORE_PATH": "/etc/onap/oom/certservice/certs/truststore.jks",
170 "TRUSTSTORE_PASSWORD": "secret2"}
172 envs = {k.name: k.value for k in cert_container.env}
173 for k in expected_envs:
174 assert (k in envs and expected_envs[k] == envs[k])
177 def verify_cert_post_processor(dep):
178 cert_container = dep.spec.template.spec.init_containers[2]
179 print(cert_container)
180 assert cert_container.image == "repo/oom-cert-post-processor:2.1.0"
181 assert cert_container.name == "cert-post-processor"
182 assert len(cert_container.volume_mounts) == 1
183 assert cert_container.volume_mounts[0].name == "tls-info"
184 assert cert_container.volume_mounts[0].mount_path == "/opt/dcae/cacert/"
187 "TRUSTSTORES_PATHS": "/opt/dcae/cacert/trust.jks:/opt/dcae/cacert/external/truststore.p12",
188 "TRUSTSTORES_PASSWORDS_PATHS": "/opt/dcae/cacert/trust.pass:/opt/dcae/cacert/external/truststore.pass",
189 "KEYSTORE_SOURCE_PATHS": "/opt/dcae/cacert/external/keystore.p12:/opt/dcae/cacert/external/keystore.pass",
190 "KEYSTORE_DESTINATION_PATHS": "/opt/dcae/cacert/cert.p12:/opt/dcae/cacert/p12.pass"
193 envs = {k.name: k.value for k in cert_container.env}
194 for k in expected_envs:
195 assert (k in envs and expected_envs[k] == envs[k])
198 def do_deploy(config_map=None, tls_info=None, ext_tls_info=None):
199 """ Common deployment operations """
200 import k8sclient.k8sclient
202 k8s_test_config = _set_k8s_configuration()
204 kwargs = _set_common_kwargs(config_map)
205 kwargs['resources'] = _set_resources()
208 kwargs["tls_info"] = tls_info
210 kwargs["external_cert"] = ext_tls_info
212 dep, deployment_description = k8sclient.k8sclient.deploy(k8s_ctx(), "k8stest", "testcomponent",
213 "example.com/testcomponent:1.4.3", 1, False,
214 k8s_test_config, **kwargs)
216 # Make sure all of the basic k8s parameters are correct
217 verify_common(dep, deployment_description)
219 return dep, deployment_description
223 def info(self, text):
228 logger = k8s_logger()