From 32f101bf3a3e2a17b834f2e17f9976eb7fd03960 Mon Sep 17 00:00:00 2001
From: Tomas Cechvala <tcechval@cisco.com>
Date: Fri, 10 Feb 2017 15:48:05 +0100
Subject: Security groups smoke test in FDS

Security group rules are applied to L2 traffic.

 - creates infrastructure
 - applies policy rules
 - makes MM send icmp and http traffic
 - changes policy rules
 - rechecks the traffic
 - clears infrastructure

Change-Id: I7b73f7ff22bb3fc59c5e873818bdb5d5ad88c12d
Signed-off-by: Tomas Cechvala <tcechval@cisco.com>
---
 testing/robot/sec_groups_and_l2-smoke.robot | 97 +++++++++++++++++++++++++++++
 1 file changed, 97 insertions(+)
 create mode 100644 testing/robot/sec_groups_and_l2-smoke.robot

(limited to 'testing/robot/sec_groups_and_l2-smoke.robot')

diff --git a/testing/robot/sec_groups_and_l2-smoke.robot b/testing/robot/sec_groups_and_l2-smoke.robot
new file mode 100644
index 0000000..17c5a42
--- /dev/null
+++ b/testing/robot/sec_groups_and_l2-smoke.robot
@@ -0,0 +1,97 @@
+##############################################################################
+# Copyright (c) 2017 Tomas Cechvala (Cisco) and others.
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+*** Settings ***
+Library         OperatingSystem
+Library         lib/FDSLibrary.py
+Variables       data/test_data.py
+Resource        lib/Keywords.robot
+Suite Setup     Setup Suite
+Suite Teardown  Teardown Suite
+
+*** Variables ***
+
+*** Test Cases ***
+
+Create network for VMs
+    Create tenant network
+
+Create subnet with dhcp for VMs
+    Create subnet with dhcp
+
+Create sec groups
+    ${result} =    Create security group no default rules    ${sg_server}
+    Set Suite Variable  ${SEC_GR_SERVER}   ${result}
+    ${result} =    Create security group no default rules    ${sg_client}
+    Set Suite Variable  ${SEC_GR_CLIENT}   ${result}
+
+Create sec rules
+    Wait Until Keyword Succeeds  3x  3s  create security rule  ${SEC_GR_CLIENT}  egress  ipv4
+    Wait Until Keyword Succeeds  3x  3s  create security rule  ${SEC_GR_CLIENT}  ingress  ipv4
+    Wait Until Keyword Succeeds  3x  3s  create security rule  ${SEC_GR_SERVER}  egress  ipv4
+    Wait Until Keyword Succeeds  3x  3s  create security rule  ${SEC_GR_SERVER}  ingress  ipv4  proto=icmp
+
+Create port for VM1
+    ${result} =     Create port with ip     ${port1_name}   ${vm1_address}
+    Set Suite Variable  ${port1_id}     ${result}
+
+Create port for VM2
+    ${result} =     Create port with ip     ${port2_name}   ${vm2_address}
+    Set Suite Variable  ${port2_id}     ${result}
+
+Create VM1
+    ${port_ids} =   Create List     ${port1_id}
+    ${result} =     Create vm       ${vm1_name}     ${port_ids}     userdata=${userdata1}
+    Set Suite Variable  ${vm1_id}   ${result}
+
+Wait for VM1 to be active
+    Should Be True  $vm1_id is not $None
+    Poll vm     ${vm1_id}   active
+
+Create VM2
+    ${port_ids} =   Create List     ${port2_id}
+    ${result} =     Create vm       ${vm2_name}     ${port_ids}     userdata=${userdata2}
+    Set Suite Variable  ${vm2_id}   ${result}
+
+Wait for VM2 to be active
+    Should Be True  $vm2_id is not $None
+    Poll vm     ${vm2_id}   active
+
+Check VM2 userdata
+    ${result} =     Check vm console    ${vm2_id}   PASSED
+    Should Be True  ${result}
+
+Modify policy
+    Wait Until Keyword Succeeds  3x  3s  create security rule  ${SEC_GR_SERVER}  ingress  ipv4  proto=tcp  port_min=80  port_max=80
+
+Check VM2 userdata again
+    ${result} =     Check vm console    ${vm2_id}   curl_passed
+    Should Be True  ${result}
+
+*** Keywords ***
+Setup Suite
+    Set Suite Variable  ${network_id}   ${None}
+    Set Suite Variable  ${subnet_id}    ${None}
+    Set Suite Variable  ${port1_id}     ${None}
+    Set Suite Variable  ${port2_id}     ${None}
+    Set Suite Variable  ${vm1_id}       ${None}
+    Set Suite Variable  ${vm2_id}       ${None}
+    Set Suite Variable  ${SEC_GR_SERVER}       ${None}
+    Set Suite Variable  ${SEC_GR_CLIENT}       ${None}
+    Ensure Image
+    Ensure Flavor
+
+Teardown Suite
+    Run Keyword If  $vm1_id is not $None        Delete vm       ${vm1_id}
+    Run Keyword If  $vm2_id is not $None        Delete vm       ${vm2_id}
+    Run Keyword If  $port1_id is not $None      Delete ports    ${port1_id}
+    Run Keyword If  $port2_id is not $None      Delete ports    ${port2_id}
+    Run Keyword If  $network_id is not $None    Delete network  ${network_id}
+    Run Keyword If  $SEC_GR_SERVER is not $None      delete security group  ${SEC_GR_SERVER}
+    Run Keyword If  $SEC_GR_CLIENT is not $None      delete security group  ${SEC_GR_CLIENT}
-- 
cgit 1.2.3-korg