diff options
Diffstat (limited to 'moon_authz/tests/unit_python')
-rw-r--r-- | moon_authz/tests/unit_python/conftest.py | 29 | ||||
-rw-r--r-- | moon_authz/tests/unit_python/mock_pods.py | 545 | ||||
-rw-r--r-- | moon_authz/tests/unit_python/requirements.txt | 5 | ||||
-rw-r--r-- | moon_authz/tests/unit_python/test_authz.py | 116 | ||||
-rw-r--r-- | moon_authz/tests/unit_python/utilities.py | 182 |
5 files changed, 0 insertions, 877 deletions
diff --git a/moon_authz/tests/unit_python/conftest.py b/moon_authz/tests/unit_python/conftest.py deleted file mode 100644 index a6e62078..00000000 --- a/moon_authz/tests/unit_python/conftest.py +++ /dev/null @@ -1,29 +0,0 @@ -import pytest -import requests_mock -import mock_pods -import os -from utilities import CONTEXT - - -@pytest.fixture -def context(): - return CONTEXT - - -def set_env_variables(): - os.environ['UUID'] = "1111111111" - os.environ['TYPE'] = "authz" - os.environ['PORT'] = "8081" - os.environ['PDP_ID'] = "b3d3e18abf3340e8b635fd49e6634ccd" - os.environ['META_RULE_ID'] = "f8f49a779ceb47b3ac810f01ef71b4e0" - os.environ['KEYSTONE_PROJECT_ID'] = CONTEXT['project_id'] - - -@pytest.fixture(autouse=True) -def no_requests(monkeypatch): - """ Modify the response from Requests module - """ - set_env_variables() - with requests_mock.Mocker(real_http=True) as m: - mock_pods.register_pods(m) - yield m diff --git a/moon_authz/tests/unit_python/mock_pods.py b/moon_authz/tests/unit_python/mock_pods.py deleted file mode 100644 index 39223a57..00000000 --- a/moon_authz/tests/unit_python/mock_pods.py +++ /dev/null @@ -1,545 +0,0 @@ -from utilities import CONF, get_b64_conf, COMPONENTS - -pdp_mock = { - "b3d3e18abf3340e8b635fd49e6634ccd": { - "description": "test", - "security_pipeline": [ - "f8f49a779ceb47b3ac810f01ef71b4e0" - ], - "name": "pdp_rbac", - "keystone_project_id": "a64beb1cc224474fb4badd43173e7101" - }, - "pdp_id1": { - "name": "pdp_id1", - "security_pipeline": ["policy_id_1", "policy_id_2"], - "keystone_project_id": "keystone_project_id1", - "description": "...", - }, - "pdp_id12": { - "name": "pdp_id2", - "security_pipeline": ["policy_id_1", "policy_id_2"], - "keystone_project_id": "keystone_project_id2", - "description": "...", - } -} - -meta_rules_mock = { - "f8f49a779ceb47b3ac810f01ef71b4e0": { - "subject_categories": [ - "14e6ae0ba34d458b876c791b73aa17bd" - ], - "action_categories": [ - "241a2a791554421a91c9f1bc564aa94d" - ], - "description": "", - "name": "rbac", - "object_categories": [ - "6d48500f639d4c2cab2b1f33ef93a1e8" - ] - }, - "meta_rule_id1": { - "name": "meta_rule1", - "algorithm": "name of the meta rule algorithm", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - }, - "meta_rule_id2": { - "name": "name of the meta rules2", - "algorithm": "name of the meta rule algorithm", - "subject_categories": ["subject_category_id1", - "subject_category_id2"], - "object_categories": ["object_category_id1"], - "action_categories": ["action_category_id1"] - } -} - -policies_mock = { - "f8f49a779ceb47b3ac810f01ef71b4e0": { - "name": "RBAC policy example", - "model_id": "cd923d8633ff4978ab0e99938f5153d6", - "description": "test", - "genre": "authz" - }, - "policy_id_1": { - "name": "test_policy1", - "model_id": "model_id_1", - "genre": "authz", - "description": "test", - }, - "policy_id_2": { - "name": "test_policy2", - "model_id": "model_id_2", - "genre": "authz", - "description": "test", - } -} - -subject_mock = { - "f8f49a779ceb47b3ac810f01ef71b4e0": { - "89ba91c18dd54abfbfde7a66936c51a6": { - "description": "test", - "policy_list": [ - "f8f49a779ceb47b3ac810f01ef71b4e0", - "636cd473324f4c0bbd9102cb5b62a16d" - ], - "name": "testuser", - "email": "mail", - "id": "89ba91c18dd54abfbfde7a66936c51a6", - "extra": {} - } - }, - "policy_id_1": { - "subject_id": { - "name": "subject_name", - "keystone_id": "keystone_project_id1", - "description": "a description" - } - }, - "policy_id_2": { - "subject_id": { - "name": "subject_name", - "keystone_id": "keystone_project_id2", - "description": "a description" - } - } -} - -subject_assignment_mock = { - "826c1156d0284fc9b4b2ddb279f63c52": { - "category_id": "14e6ae0ba34d458b876c791b73aa17bd", - "assignments": [ - "24ea95256c5f4c888c1bb30a187788df", - "6b227b77184c48b6a5e2f3ed1de0c02a", - "31928b17ec90438ba5a2e50ae7650e63", - "4e60f554dd3147af87595fb6b37dcb13", - "7a5541b63a024fa88170a6b59f99ccd7", - "dd2af27812f742029d289df9687d6126" - ], - "id": "826c1156d0284fc9b4b2ddb279f63c52", - "subject_id": "89ba91c18dd54abfbfde7a66936c51a6", - "policy_id": "f8f49a779ceb47b3ac810f01ef71b4e0" - }, - "7407ffc1232944279b0cbcb0847c86f7": { - "category_id": "315072d40d774c43a89ff33937ed24eb", - "assignments": [ - "6b227b77184c48b6a5e2f3ed1de0c02a", - "31928b17ec90438ba5a2e50ae7650e63", - "7a5541b63a024fa88170a6b59f99ccd7", - "dd2af27812f742029d289df9687d6126" - ], - "id": "7407ffc1232944279b0cbcb0847c86f7", - "subject_id": "89ba91c18dd54abfbfde7a66936c51a6", - "policy_id": "3e65256389b448cb9897917ea235f0bb" - } -} - -object_mock = { - "f8f49a779ceb47b3ac810f01ef71b4e0": { - "9089b3d2ce5b4e929ffc7e35b55eba1a": { - "name": "vm1", - "description": "test", - "id": "9089b3d2ce5b4e929ffc7e35b55eba1a", - "extra": {}, - "policy_list": [ - "f8f49a779ceb47b3ac810f01ef71b4e0", - "636cd473324f4c0bbd9102cb5b62a16d" - ] - }, - }, - "policy_id_1": { - "object_id": { - "name": "object_name", - "description": "a description" - } - }, - "policy_id_2": { - "object_id": { - "name": "object_name", - "description": "a description" - } - } -} - -object_assignment_mock = { - "201ad05fd3f940948b769ab9214fe295": { - "object_id": "9089b3d2ce5b4e929ffc7e35b55eba1a", - "assignments": [ - "030fbb34002e4236a7b74eeb5fd71e35", - "06bcb8655b9d46a9b90e67ef7c825b50", - "34eb45d7f46d4fb6bc4965349b8e4b83", - "4b7793dbae434c31a77da9d92de9fa8c" - ], - "id": "201ad05fd3f940948b769ab9214fe295", - "category_id": "6d48500f639d4c2cab2b1f33ef93a1e8", - "policy_id": "f8f49a779ceb47b3ac810f01ef71b4e0" - }, - "90c5e86f8be34c0298fbd1973e4fb043": { - "object_id": "67b8008a3f8d4f8e847eb628f0f7ca0e", - "assignments": [ - "a098918e915b4b12bccb89f9a3f3b4e4", - "06bcb8655b9d46a9b90e67ef7c825b50", - "7dc76c6142af47c88b60cc2b0df650ba", - "4b7793dbae434c31a77da9d92de9fa8c" - ], - "id": "90c5e86f8be34c0298fbd1973e4fb043", - "category_id": "33aece52d45b4474a20dc48a76800daf", - "policy_id": "3e65256389b448cb9897917ea235f0bb" - } -} - -action_mock = { - "f8f49a779ceb47b3ac810f01ef71b4e0": { - "cdb3df220dc05a6ea3334b994827b068": { - "name": "boot", - "description": "test", - "id": "cdb3df220dc04a6ea3334b994827b068", - "extra": {}, - "policy_list": [ - "f8f49a779ceb47b3ac810f01ef71b4e0", - "636cd473324f4c0bbd9102cb5b62a16d" - ] - }, - "cdb3df220dc04a6ea3334b994827b068": { - "name": "stop", - "description": "test", - "id": "cdb3df220dc04a6ea3334b994827b068", - "extra": {}, - "policy_list": [ - "f8f49a779ceb47b3ac810f01ef71b4e0", - "636cd473324f4c0bbd9102cb5b62a16d" - ] - }, - "9f5112afe9b34a6c894eb87246ccb7aa": { - "name": "start", - "description": "test", - "id": "9f5112afe9b34a6c894eb87246ccb7aa", - "extra": {}, - "policy_list": [ - "f8f49a779ceb47b3ac810f01ef71b4e0", - "636cd473324f4c0bbd9102cb5b62a16d" - ] - } - }, - "policy_id_1": { - "action_id": { - "name": "action_name", - "description": "a description" - } - }, - "policy_id_2": { - "action_id": { - "name": "action_name", - "description": "a description" - } - } -} - -action_assignment_mock = { - "2128e3ffbd1c4ef5be515d625745c2d4": { - "category_id": "241a2a791554421a91c9f1bc564aa94d", - "action_id": "cdb3df220dc05a6ea3334b994827b068", - "policy_id": "f8f49a779ceb47b3ac810f01ef71b4e0", - "id": "2128e3ffbd1c4ef5be515d625745c2d4", - "assignments": [ - "570c036781e540dc9395b83098c40ba7", - "7fe17d7a2e3542719f8349c3f2273182", - "015ca6f40338422ba3f692260377d638", - "23d44c17bf88480f83e8d57d2aa1ea79" - ] - }, - "cffb98852f3a4110af7a0ddfc4e19201": { - "category_id": "4a2c5abaeaf644fcaf3ca8df64000d53", - "action_id": "cdb3df220dc04a6ea3334b994827b068", - "policy_id": "3e65256389b448cb9897917ea235f0bb", - "id": "cffb98852f3a4110af7a0ddfc4e19201", - "assignments": [ - "570c036781e540dc9395b83098c40ba7", - "7fe17d7a2e3542719f8349c3f2273182", - "015ca6f40338422ba3f692260377d638", - "23d44c17bf88480f83e8d57d2aa1ea79" - ] - } -} - -models_mock = { - "cd923d8633ff4978ab0e99938f5153d6": { - "name": "RBAC", - "meta_rules": [ - "f8f49a779ceb47b3ac810f01ef71b4e0" - ], - "description": "test" - }, - "model_id_1": { - "name": "test_model", - "description": "test", - "meta_rules": ["meta_rule_id1"] - }, - "model_id_2": { - "name": "test_model", - "description": "test", - "meta_rules": ["meta_rule_id2"] - }, -} - -rules_mock = { - "policy_id": "f8f49a779ceb47b3ac810f01ef71b4e0", - "rules": [ - { - "policy_id": "f8f49a779ceb47b3ac810f01ef71b4e0", - "rule": [ - "24ea95256c5f4c888c1bb30a187788df", - "030fbb34002e4236a7b74eeb5fd71e35", - "570c036781e540dc9395b83098c40ba7" - ], - "enabled": True, - "id": "0201a2bcf56943c1904dbac016289b71", - "instructions": [ - { - "decision": "grant" - } - ], - "meta_rule_id": "f8f49a779ceb47b3ac810f01ef71b4e0" - }, - { - "policy_id": "ecc2451c494e47b5bca7250cd324a360", - "rule": [ - "54f574cd2043468da5d65e4f6ed6e3c9", - "6559686961a3490a978f246ac9f85fbf", - "ac0d1f600bf447e8bd2f37b7cc47f2dc" - ], - "enabled": True, - "id": "a83fed666af8436192dfd8b3c83a6fde", - "instructions": [ - { - "decision": "grant" - } - ], - "meta_rule_id": "f8f49a779ceb47b3ac810f01ef71b4e0" - } - ] -} - - -def register_pods(m): - """ Modify the response from Requests module - """ - register_consul(m) - register_pdp(m) - register_meta_rules(m) - register_policies(m) - register_models(m) - register_orchestrator(m) - register_policy_subject(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - # register_policy_subject(m, "policy_id_2") - register_policy_object(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - # register_policy_object(m, "policy_id_2") - register_policy_action(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - # register_policy_action(m, "policy_id_2") - register_policy_subject_assignment(m, "f8f49a779ceb47b3ac810f01ef71b4e0", "89ba91c18dd54abfbfde7a66936c51a6") - register_policy_subject_assignment_list(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - register_policy_subject_assignment(m, "policy_id_2", "subject_id") - # register_policy_subject_assignment_list(m1, "policy_id_2") - register_policy_object_assignment(m, "f8f49a779ceb47b3ac810f01ef71b4e0", "9089b3d2ce5b4e929ffc7e35b55eba1a") - register_policy_object_assignment_list(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - register_policy_object_assignment(m, "policy_id_2", "object_id") - # register_policy_object_assignment_list(m1, "policy_id_2") - register_policy_action_assignment(m, "f8f49a779ceb47b3ac810f01ef71b4e0", "cdb3df220dc05a6ea3334b994827b068") - register_policy_action_assignment_list(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - register_policy_action_assignment(m, "policy_id_2", "action_id") - # register_policy_action_assignment_list(m1, "policy_id_2") - register_rules(m, "f8f49a779ceb47b3ac810f01ef71b4e0") - register_rules(m, "policy_id_1") - register_rules(m, "policy_id_2") - - -def register_consul(m): - for component in COMPONENTS: - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/{}'.format(component), - json=[{'Key': component, 'Value': get_b64_conf(component)}] - ) - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/components_port_start', - json=[ - { - "LockIndex": 0, - "Key": "components_port_start", - "Flags": 0, - "Value": "MzEwMDE=", - "CreateIndex": 9, - "ModifyIndex": 9 - } - ], - ) - m.register_uri( - 'PUT', 'http://consul:8500/v1/kv/components_port_start', - json=[], - ) - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/plugins?recurse=true', - json=[ - { - "LockIndex": 0, - "Key": "plugins/authz", - "Flags": 0, - "Value": "eyJjb250YWluZXIiOiAid3Vrb25nc3VuL21vb25fYXV0aHo6djQuMyIsICJwb3J0IjogODA4MX0=", - "CreateIndex": 14, - "ModifyIndex": 656 - } - ], - ) - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/components?recurse=true', - json=[ - {"Key": key, "Value": get_b64_conf(key)} for key in COMPONENTS - ], - ) - m.register_uri( - 'GET', 'http://consul:8500/v1/kv/plugins/authz', - json=[ - { - "LockIndex": 0, - "Key": "plugins/authz", - "Flags": 0, - "Value": "eyJjb250YWluZXIiOiAid3Vrb25nc3VuL21vb25fYXV0aHo6djQuMyIsICJwb3J0IjogODA4MX0=", - "CreateIndex": 14, - "ModifyIndex": 656 - } - ], - ) - - -def register_orchestrator(m): - m.register_uri( - 'GET', 'http://orchestrator:8083/pods', - json={ - "pods": { - "1234567890": [ - {"name": "wrapper-quiet", "port": 8080, - "container": "wukongsun/moon_wrapper:v4.3.1", - "namespace": "moon"}]}} - ) - - -def register_pdp(m): - m.register_uri( - 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'pdp'), - json={'pdps': pdp_mock} - ) - - -def register_meta_rules(m): - m.register_uri( - 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'meta_rules'), - json={'meta_rules': meta_rules_mock} - ) - - -def register_policies(m): - m.register_uri( - 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies'), - json={'policies': policies_mock} - ) - - -def register_models(m): - m.register_uri( - 'GET', 'http://{}:{}/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'models'), - json={'models': models_mock} - ) - - -def register_policy_subject(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/subjects'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', policy_id), - json={'subjects': subject_mock[policy_id]} - ) - - -def register_policy_object(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/objects'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', policy_id), - json={'objects': object_mock[policy_id]} - ) - - -def register_policy_action(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/actions'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', policy_id), - json={'actions': action_mock[policy_id]} - ) - - -def register_policy_subject_assignment(m, policy_id, subj_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/subject_assignments/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id, - subj_id), - json={'subject_assignments': subject_assignment_mock} - ) - - -def register_policy_subject_assignment_list(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/subject_assignments'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id), - json={'subject_assignments': subject_assignment_mock} - ) - - -def register_policy_object_assignment(m, policy_id, obj_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/object_assignments/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id, - obj_id), - json={'object_assignments': object_assignment_mock} - ) - - -def register_policy_object_assignment_list(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/object_assignments'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id), - json={'object_assignments': object_assignment_mock} - ) - - -def register_policy_action_assignment(m, policy_id, action_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/action_assignments/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id, - action_id), - json={'action_assignments': action_assignment_mock} - ) - - -def register_policy_action_assignment_list(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/action_assignments'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id), - json={'action_assignments': action_assignment_mock} - ) - - -def register_rules(m, policy_id): - m.register_uri( - 'GET', 'http://{}:{}/{}/{}/{}'.format(CONF['components']['manager']['hostname'], - CONF['components']['manager']['port'], 'policies', - policy_id, 'rules'), - json={'rules': rules_mock} - )
\ No newline at end of file diff --git a/moon_authz/tests/unit_python/requirements.txt b/moon_authz/tests/unit_python/requirements.txt deleted file mode 100644 index 21975ce3..00000000 --- a/moon_authz/tests/unit_python/requirements.txt +++ /dev/null @@ -1,5 +0,0 @@ -flask -flask_cors -flask_restful -python_moondb -python_moonutilities
\ No newline at end of file diff --git a/moon_authz/tests/unit_python/test_authz.py b/moon_authz/tests/unit_python/test_authz.py deleted file mode 100644 index 2352fe06..00000000 --- a/moon_authz/tests/unit_python/test_authz.py +++ /dev/null @@ -1,116 +0,0 @@ -import json -import pickle -import pytest - - -def get_data(data): - return pickle.loads(data) - - -def get_json(data): - return json.loads(data.decode("utf-8")) - - -def run(component_data, cache, context): - from moon_authz.api.authorization import Authz - authz = Authz(component_data=component_data, cache=cache) - authz.context = context - authz.run() - - -def test_authz_true(context): - import moon_authz.server - from python_moonutilities.context import Context - from python_moonutilities.cache import Cache - server = moon_authz.server.create_server() - client = server.app.test_client() - CACHE = Cache() - CACHE.update() - print(CACHE.pdp) - _context = Context(context, CACHE) - req = client.post("/authz", data=pickle.dumps(_context)) - assert req.status_code == 200 - data = get_data(req.data) - assert data - assert isinstance(data, Context) - policy_id = data.headers[0] - assert policy_id - assert "effect" in data.pdp_set[policy_id] - assert data.pdp_set[policy_id]['effect'] == "grant" - - -def test_user_not_allowed(context): - import moon_authz.server - from python_moonutilities.context import Context - from python_moonutilities.cache import Cache - server = moon_authz.server.create_server() - client = server.app.test_client() - CACHE = Cache() - CACHE.update() - context['subject_name'] = "user_not_allowed" - _context = Context(context, CACHE) - req = client.post("/authz", data=pickle.dumps(_context)) - assert req.status_code == 400 - data = get_json(req.data) - assert data - assert isinstance(data, dict) - assert "message" in data - assert data["message"] == "Cannot find subject user_not_allowed" - - -def test_object_not_allowed(context): - import moon_authz.server - from python_moonutilities.context import Context - from python_moonutilities.cache import Cache - server = moon_authz.server.create_server() - client = server.app.test_client() - CACHE = Cache() - CACHE.update() - context['subject_name'] = "testuser" - context['object_name'] = "invalid" - _context = Context(context, CACHE) - req = client.post("/authz", data=pickle.dumps(_context)) - assert req.status_code == 400 - data = get_json(req.data) - assert data - assert isinstance(data, dict) - assert "message" in data - assert data["message"] == "Cannot find object invalid" - - -def test_action_not_allowed(context): - import moon_authz.server - from python_moonutilities.context import Context - from python_moonutilities.cache import Cache - server = moon_authz.server.create_server() - client = server.app.test_client() - CACHE = Cache() - CACHE.update() - context['subject_name'] = "testuser" - context['object_name'] = "vm1" - context['action_name'] = "invalid" - _context = Context(context, CACHE) - req = client.post("/authz", data=pickle.dumps(_context)) - assert req.status_code == 400 - data = get_json(req.data) - assert data - assert isinstance(data, dict) - assert "message" in data - assert data["message"] == "Cannot find action invalid" - - -def test_authz_with_empty_pdp_set(context): - from python_moonutilities.context import Context - from python_moonutilities.cache import Cache - CACHE = Cache() - CACHE.update() - _context = Context(context, CACHE) - component_data = { - 'component_id': 'component_id1', - 'pdp_id': 'pdp_id1', - 'meta_rule_id': 'meta_rule_id1', - 'keystone_project_id': 'keystone_project_id1', - } - with pytest.raises(Exception) as exception_info: - run(component_data, CACHE, _context) - assert str(exception_info.value) == '400: Pdp Unknown' diff --git a/moon_authz/tests/unit_python/utilities.py b/moon_authz/tests/unit_python/utilities.py deleted file mode 100644 index e3a111bd..00000000 --- a/moon_authz/tests/unit_python/utilities.py +++ /dev/null @@ -1,182 +0,0 @@ -import base64 -import json -import pytest -from uuid import uuid4 - - -CONF = { - "openstack": { - "keystone": { - "url": "http://keystone:5000/v3", - "user": "admin", - "check_token": False, - "password": "p4ssw0rd", - "domain": "default", - "certificate": False, - "project": "admin" - } - }, - "components": { - "wrapper": { - "bind": "0.0.0.0", - "port": 8080, - "container": "wukongsun/moon_wrapper:v4.3", - "timeout": 5, - "hostname": "wrapper" - }, - "manager": { - "bind": "0.0.0.0", - "port": 8082, - "container": "wukongsun/moon_manager:v4.3", - "hostname": "manager" - }, - "port_start": 31001, - "orchestrator": { - "bind": "0.0.0.0", - "port": 8083, - "container": "wukongsun/moon_orchestrator:v4.3", - "hostname": "orchestrator" - }, - "pipeline": { - "interface": { - "bind": "0.0.0.0", - "port": 8080, - "container": "wukongsun/moon_interface:v4.3", - "hostname": "interface" - }, - "authz": { - "bind": "0.0.0.0", - "port": 8081, - "container": "wukongsun/moon_authz:v4.3", - "hostname": "authz" - } - } - }, - "plugins": { - "session": { - "port": 8082, - "container": "asteroide/session:latest" - }, - "authz": { - "port": 8081, - "container": "wukongsun/moon_authz:v4.3" - } - }, - "logging": { - "handlers": { - "file": { - "filename": "/tmp/moon.log", - "class": "logging.handlers.RotatingFileHandler", - "level": "DEBUG", - "formatter": "custom", - "backupCount": 3, - "maxBytes": 1048576 - }, - "console": { - "class": "logging.StreamHandler", - "formatter": "brief", - "level": "INFO", - "stream": "ext://sys.stdout" - } - }, - "formatters": { - "brief": { - "format": "%(levelname)s %(name)s %(message)-30s" - }, - "custom": { - "format": "%(asctime)-15s %(levelname)s %(name)s %(message)s" - } - }, - "root": { - "handlers": [ - "console" - ], - "level": "ERROR" - }, - "version": 1, - "loggers": { - "moon": { - "handlers": [ - "console", - "file" - ], - "propagate": False, - "level": "DEBUG" - } - } - }, - "slave": { - "name": None, - "master": { - "url": None, - "login": None, - "password": None - } - }, - "docker": { - "url": "tcp://172.88.88.1:2376", - "network": "moon" - }, - "database": { - "url": "sqlite:///database.db", - # "url": "mysql+pymysql://moon:p4sswOrd1@db/moon", - "driver": "sql" - }, - "messenger": { - "url": "rabbit://moon:p4sswOrd1@messenger:5672/moon" - } -} - - -CONTEXT = { - "project_id": "a64beb1cc224474fb4badd43173e7101", - "subject_name": "testuser", - "object_name": "vm1", - "action_name": "boot", - "request_id": uuid4().hex, - "interface_name": "interface", - "manager_url": "http://{}:{}".format( - CONF["components"]["manager"]["hostname"], - CONF["components"]["manager"]["port"] - ), - "cookie": uuid4().hex, - "pdp_id": "b3d3e18abf3340e8b635fd49e6634ccd", - "security_pipeline": ["f8f49a779ceb47b3ac810f01ef71b4e0"] - } - - -COMPONENTS = ( - "logging", - "openstack/keystone", - "database", - "slave", - "components/manager", - "components/orchestrator", - "components/pipeline", - - "components/wrapper", -) - - -def get_b64_conf(component=None): - if component == "components": - return base64.b64encode( - json.dumps(CONF["components"]).encode('utf-8')+b"\n").decode('utf-8') - elif component in CONF: - return base64.b64encode( - json.dumps( - CONF[component]).encode('utf-8')+b"\n").decode('utf-8') - elif not component: - return base64.b64encode( - json.dumps(CONF).encode('utf-8')+b"\n").decode('utf-8') - elif "/" in component: - key1, _, key2 = component.partition("/") - return base64.b64encode( - json.dumps( - CONF[key1][key2]).encode('utf-8')+b"\n").decode('utf-8') - - -def get_json(data): - return json.loads(data.decode("utf-8")) - - |