summaryrefslogtreecommitdiffstats
path: root/testing/robot/lib
diff options
context:
space:
mode:
authorTomas Cechvala <tcechval@cisco.com>2017-02-10 15:48:05 +0100
committerTomas Cechvala <tcechval@cisco.com>2017-03-10 09:14:14 +0000
commit32f101bf3a3e2a17b834f2e17f9976eb7fd03960 (patch)
tree97b85ff5a19f2deca8a92599bff069f2a53c660d /testing/robot/lib
parent3ce8b6143a2eac2de4df17cab3e2c7ad9ea2acb6 (diff)
Security groups smoke test in FDS
Security group rules are applied to L2 traffic. - creates infrastructure - applies policy rules - makes MM send icmp and http traffic - changes policy rules - rechecks the traffic - clears infrastructure Change-Id: I7b73f7ff22bb3fc59c5e873818bdb5d5ad88c12d Signed-off-by: Tomas Cechvala <tcechval@cisco.com>
Diffstat (limited to 'testing/robot/lib')
-rw-r--r--testing/robot/lib/FDSLibrary.py38
-rw-r--r--testing/robot/lib/Keywords.robot109
2 files changed, 143 insertions, 4 deletions
diff --git a/testing/robot/lib/FDSLibrary.py b/testing/robot/lib/FDSLibrary.py
index 786cee6..32c18eb 100644
--- a/testing/robot/lib/FDSLibrary.py
+++ b/testing/robot/lib/FDSLibrary.py
@@ -124,11 +124,33 @@ class FDSLibrary():
time.sleep(5)
return False
- def create_security_group(self):
- pass
+ def create_security_group(self, name):
+ body = {'security_group': {
+ 'name': name
+ }}
+ response = self.neutron_client.create_security_group(body=body)
+ return response
- def create_security_rule(self):
- pass
+ def create_security_rule(self, sg_id, dir, eth, desc=None, proto=None, port_min=None, port_max=None, r_sg_id=None, r_prefix=None):
+ body = {'security_group_rule': {
+ 'security_group_id': sg_id,
+ 'ethertype': eth,
+ 'direction': dir
+ }}
+ if desc is not None:
+ body['security_group_rule']['description'] = desc
+ if proto is not None:
+ body['security_group_rule']['protocol'] = proto
+ if port_min is not None:
+ body['security_group_rule']['port_range_min'] = port_min
+ if port_max is not None:
+ body['security_group_rule']['port_range_max'] = port_max
+ if r_sg_id is not None:
+ body['security_group_rule']['remote_group_id'] = r_sg_id
+ if r_prefix is not None:
+ body['security_group_rule']['remote_ip_prefix'] = r_prefix
+ response = self.neutron_client.create_security_group_rule(body=body)
+ return response
def poll_server(self, vm_id, status, timeout=300):
try:
@@ -167,6 +189,14 @@ class FDSLibrary():
response = self.neutron_client.delete_network(net_id)
return response
+ def delete_security_group(self, sg_id):
+ response = self.neutron_client.delete_security_group(sg_id)
+ return response
+
+ def delete_security_rule(self, rule_id):
+ response = self.neutron_client.delete_security_group_rule(rule_id)
+ return response
+
def ping_vm(self, ip_address):
try:
output = subprocess.check_output(['ping', '-c', '4', ip_address])
diff --git a/testing/robot/lib/Keywords.robot b/testing/robot/lib/Keywords.robot
new file mode 100644
index 0000000..36136a1
--- /dev/null
+++ b/testing/robot/lib/Keywords.robot
@@ -0,0 +1,109 @@
+##############################################################################
+# Copyright (c) 2016 Juraj Linkes (Cisco) and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+*** Settings ***
+Library OperatingSystem
+Library FDSLibrary.py
+Variables ../data/test_data.py
+
+*** Keywords ***
+
+Ensure Flavor
+ ${result} = Check Flavor Exists ${vm_flavor}
+ Return From Keyword If '${result}' == 'True'
+ Create Flavor ${vm_flavor} ram=768
+ ${result} = Check Flavor Exists ${vm_flavor}
+ Should be True ${result}
+
+Ensure Image
+ ${result} = Check Image Exists ${vm_image}
+ Return From Keyword If '${result}' == 'True'
+ Create Image ${vm_image} /home/opnfv/functest/data/cirros-0.3.4-x86_64-disk.img
+ ${result} = Check Image Exists ${vm_image}
+ Should be True ${result}
+
+Create tenant network
+ &{response} = create network ${network_name}
+ log many &{response}
+ Set Suite Variable ${network_id} ${response.network['id']}
+ log ${network_id}
+
+Create subnet without dhcp
+ &{response} = create subnet ${subnet_name} ${network_id} ${subnet_cidr} dhcp=False
+ log many &{response}
+ Set Suite Variable ${subnet_id} ${response.subnet['id']}
+ log ${subnet_id}
+
+Create subnet with dhcp
+ &{response} = create subnet ${subnet_name} ${network_id} ${subnet_cidr} dhcp=True
+ log many &{response}
+ Set Suite Variable ${subnet_id} ${response.subnet['id']}
+ log ${subnet_id}
+
+Create security group no default rules
+ [Arguments] ${name}
+ &{response} = create security group ${name}
+ log many &{response}
+ : FOR ${rule} IN @{response.security_group['security_group_rules']}
+ \ log ${rule}
+ \ log ${rule['id']}
+ \ delete security rule ${rule['id']}
+ [Return] ${response.security_group['id']}
+
+Create security group rules
+ #def create_security_rule(self, sg_id, dir, eth, desc=None, proto=None, port_min=None, port_max=None, r_sg_id=None, r_prefix=None):
+ &{response} = create security rule ${sg_client} ingress ipv4
+ log many &{response}
+ &{response} = create security rule ${sg_client} egress' ipv4
+ log many &{response}
+ &{response} = create security rule ${sg_server} egress ipv4
+ log many &{response}
+ &{response} = create security rule ${sg_server} ingress ipv4 icmp
+ log many &{response}
+
+Create port with ip
+ [Arguments] ${port_name} ${ip_address}
+ &{response} = create port ${port_name} ${network_id} ${subnet_id} ${ip_address}
+ log many &{response}
+ log ${response.port['id']}
+ [Return] ${response.port['id']}
+
+Create vm
+ [Arguments] ${vm_name} ${port_ids} ${security_groups}=${None} ${userdata}=${None}
+ Log Many ${vm_name} ${vm_image} ${vm_flavor} ${port_ids} ${userdata}
+ ${response} = create server ${vm_name} ${vm_image} ${vm_flavor} ${port_ids} ${security_groups}
+ ... ${userdata}
+ log many ${response}
+ log ${response.id}
+ [Return] ${response.id}
+
+Check vm console
+ [Arguments] ${vm_id} ${string}
+ ${response} = check server console ${vm_id} ${string}
+ [Return] ${response}
+
+Poll vm
+ [Arguments] ${id} ${state}
+ poll server ${id} ${state}
+
+Delete vm
+ [Arguments] ${id}
+ ${response} = delete server ${id}
+ log ${response}
+ Poll vm ${id} ${None}
+
+Delete ports
+ [Arguments] ${id}
+ ${response} = delete port ${id}
+ log ${response}
+
+Delete network
+ [Arguments] ${id}
+ ${response} = delete net ${id}
+ log ${response}