diff options
Diffstat (limited to 'moonv4')
| -rw-r--r-- | moonv4/bin/delete_orchestrator.sh | 63 | ||||
| -rw-r--r-- | moonv4/moon_db/tests/unit_python/configure_db.sh (renamed from moonv4/moon_db/tests/configure_db.sh) | 0 | ||||
| -rw-r--r-- | moonv4/moon_db/tests/unit_python/test_intraextension.py (renamed from moonv4/moon_db/tests/test_intraextension.py) | 0 | ||||
| -rw-r--r-- | moonv4/moon_db/tests/unit_python/test_tenant.py (renamed from moonv4/moon_db/tests/test_tenant.py) | 0 | ||||
| -rw-r--r-- | moonv4/moon_gui/README.md (renamed from moonv4/moon_gui/readme.md) | 0 | ||||
| -rw-r--r-- | moonv4/moon_gui/run.sh | 2 | ||||
| -rw-r--r-- | moonv4/moon_manager/moon_manager/__main__.py | 3 | ||||
| -rw-r--r-- | moonv4/moon_manager/moon_manager/api/generic.py | 6 | ||||
| -rw-r--r-- | moonv4/moon_orchestrator/delete_orchestrator.sh | 60 | ||||
| -rw-r--r-- | moonv4/moon_wrapper/moon_wrapper/api/wrapper.py | 11 | ||||
| -rw-r--r-- | moonv4/tests/send_authz.py | 113 |
11 files changed, 160 insertions, 98 deletions
diff --git a/moonv4/bin/delete_orchestrator.sh b/moonv4/bin/delete_orchestrator.sh new file mode 100644 index 00000000..95fcfddd --- /dev/null +++ b/moonv4/bin/delete_orchestrator.sh @@ -0,0 +1,63 @@ +#!/usr/bin/env bash + +set +x + +kubectl delete -n moon -f kubernetes/templates/moon_orchestrator.yaml +for i in $(kubectl get deployments -n moon | grep wrapper | cut -d " " -f 1 | xargs); do + kubectl delete deployments/$i -n moon; +done +for i in $(kubectl get deployments -n moon | grep interface | cut -d " " -f 1 | xargs); do + kubectl delete deployments/$i -n moon; +done +for i in $(kubectl get deployments -n moon | grep authz | cut -d " " -f 1 | xargs); do + kubectl delete deployments/$i -n moon; +done +for i in $(kubectl get services -n moon | grep wrapper | cut -d " " -f 1 | xargs); do + kubectl delete services/$i -n moon; +done +for i in $(kubectl get services -n moon | grep interface | cut -d " " -f 1 | xargs); do + kubectl delete services/$i -n moon; +done +for i in $(kubectl get services -n moon | grep authz | cut -d " " -f 1 | xargs); do + kubectl delete services/$i -n moon; +done + +if [ "$1" = "build" ]; then + + DOCKER_ARGS="" + + cd moon_manager + docker build -t wukongsun/moon_manager:v4.3.1 . ${DOCKER_ARGS} + if [ "$2" = "push" ]; then + docker push wukongsun/moon_manager:v4.3.1 + fi + cd - + + cd moon_orchestrator + docker build -t wukongsun/moon_orchestrator:v4.3 . ${DOCKER_ARGS} + if [ "$2" = "push" ]; then + docker push wukongsun/moon_orchestrator:v4.3 + fi + cd - + + cd moon_interface + docker build -t wukongsun/moon_interface:v4.3 . ${DOCKER_ARGS} + if [ "$2" = "push" ]; then + docker push wukongsun/moon_interface:v4.3 + fi + cd - + + cd moon_authz + docker build -t wukongsun/moon_authz:v4.3 . ${DOCKER_ARGS} + if [ "$2" = "push" ]; then + docker push wukongsun/moon_authz:v4.3 + fi + cd - + + cd moon_wrapper + docker build -t wukongsun/moon_wrapper:v4.3 . ${DOCKER_ARGS} + if [ "$2" = "push" ]; then + docker push wukongsun/moon_wrapper:v4.3 + fi + cd - +fi diff --git a/moonv4/moon_db/tests/configure_db.sh b/moonv4/moon_db/tests/unit_python/configure_db.sh index bdc259fe..bdc259fe 100644 --- a/moonv4/moon_db/tests/configure_db.sh +++ b/moonv4/moon_db/tests/unit_python/configure_db.sh diff --git a/moonv4/moon_db/tests/test_intraextension.py b/moonv4/moon_db/tests/unit_python/test_intraextension.py index a2267214..a2267214 100644 --- a/moonv4/moon_db/tests/test_intraextension.py +++ b/moonv4/moon_db/tests/unit_python/test_intraextension.py diff --git a/moonv4/moon_db/tests/test_tenant.py b/moonv4/moon_db/tests/unit_python/test_tenant.py index 7e6cfa82..7e6cfa82 100644 --- a/moonv4/moon_db/tests/test_tenant.py +++ b/moonv4/moon_db/tests/unit_python/test_tenant.py diff --git a/moonv4/moon_gui/readme.md b/moonv4/moon_gui/README.md index ff6e5a97..ff6e5a97 100644 --- a/moonv4/moon_gui/readme.md +++ b/moonv4/moon_gui/README.md diff --git a/moonv4/moon_gui/run.sh b/moonv4/moon_gui/run.sh index fc3d87a0..94bc8360 100644 --- a/moonv4/moon_gui/run.sh +++ b/moonv4/moon_gui/run.sh @@ -8,7 +8,7 @@ sed "s/{{KEYSTONE_HOST}}/$KEYSTONE_HOST/g" -i /root/static/app/moon.constants.js sed "s/{{KEYSTONE_PORT}}/$KEYSTONE_PORT/g" -i /root/static/app/moon.constants.js echo "--------------------------" -grep varuna /root/static/app/moon.constants.js +cat /root/static/app/moon.constants.js echo "--------------------------" gulp delivery diff --git a/moonv4/moon_manager/moon_manager/__main__.py b/moonv4/moon_manager/moon_manager/__main__.py index 0b264ce6..7d97f003 100644 --- a/moonv4/moon_manager/moon_manager/__main__.py +++ b/moonv4/moon_manager/moon_manager/__main__.py @@ -1,3 +1,4 @@ from moon_manager.server import main -main() +server = main() +server.run() diff --git a/moonv4/moon_manager/moon_manager/api/generic.py b/moonv4/moon_manager/moon_manager/api/generic.py index ac4f8f1e..9ff285c8 100644 --- a/moonv4/moon_manager/moon_manager/api/generic.py +++ b/moonv4/moon_manager/moon_manager/api/generic.py @@ -107,18 +107,18 @@ class API(Resource): api_desc = dict() for api_name in api_list: api_desc[api_name] = {} - group_api_obj = eval("moon_interface.api.{}".format(api_name)) + group_api_obj = eval("moon_manager.api.{}".format(api_name)) api_desc[api_name]["description"] = group_api_obj.__doc__ if "__version__" in dir(group_api_obj): api_desc[api_name]["version"] = group_api_obj.__version__ object_list = list(filter(lambda x: "__" not in x, dir(group_api_obj))) - for obj in map(lambda x: eval("moon_interface.api.{}.{}".format(api_name, x)), object_list): + for obj in map(lambda x: eval("moon_manager.api.{}.{}".format(api_name, x)), object_list): if "__urls__" in dir(obj): api_desc[api_name][obj.__name__] = dict() api_desc[api_name][obj.__name__]["urls"] = obj.__urls__ api_desc[api_name][obj.__name__]["methods"] = dict() for _method in filter(lambda x: x in __methods, dir(obj)): - docstring = eval("moon_interface.api.{}.{}.{}.__doc__".format(api_name, obj.__name__, _method)) + docstring = eval("moon_manager.api.{}.{}.{}.__doc__".format(api_name, obj.__name__, _method)) api_desc[api_name][obj.__name__]["methods"][_method] = docstring api_desc[api_name][obj.__name__]["description"] = str(obj.__doc__) if group_id in api_desc: diff --git a/moonv4/moon_orchestrator/delete_orchestrator.sh b/moonv4/moon_orchestrator/delete_orchestrator.sh deleted file mode 100644 index d99f3590..00000000 --- a/moonv4/moon_orchestrator/delete_orchestrator.sh +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/bin/env bash - -set +x - -kubectl delete -n moon -f kubernetes/templates/moon_orchestrator.yaml -for i in $(kubectl get deployments -n moon | grep wrapper | cut -d " " -f 1 | xargs); do - kubectl delete deployments/$i -n moon; -done -for i in $(kubectl get deployments -n moon | grep interface | cut -d " " -f 1 | xargs); do - kubectl delete deployments/$i -n moon; -done -for i in $(kubectl get deployments -n moon | grep authz | cut -d " " -f 1 | xargs); do - kubectl delete deployments/$i -n moon; -done -for i in $(kubectl get services -n moon | grep wrapper | cut -d " " -f 1 | xargs); do - kubectl delete services/$i -n moon; -done -for i in $(kubectl get services -n moon | grep interface | cut -d " " -f 1 | xargs); do - kubectl delete services/$i -n moon; -done -for i in $(kubectl get services -n moon | grep authz | cut -d " " -f 1 | xargs); do - kubectl delete services/$i -n moon; -done - -DOCKER_ARGS="" - -cd moon_manager -docker build -t wukongsun/moon_manager:v4.3 . ${DOCKER_ARGS} -if [ "$1" = "push" ]; then - docker push wukongsun/moon_manager:v4.3 -fi -cd - - -cd moon_orchestrator -docker build -t wukongsun/moon_orchestrator:v4.3 . ${DOCKER_ARGS} -if [ "$1" = "push" ]; then - docker push wukongsun/moon_orchestrator:v4.3 -fi -cd - - -cd moon_interface -docker build -t wukongsun/moon_interface:v4.3 . ${DOCKER_ARGS} -if [ "$1" = "push" ]; then - docker push wukongsun/moon_interface:v4.3 -fi -cd - - -cd moon_authz -docker build -t wukongsun/moon_authz:v4.3 . ${DOCKER_ARGS} -if [ "$1" = "push" ]; then - docker push wukongsun/moon_authz:v4.3 -fi -cd - - -cd moon_wrapper -docker build -t wukongsun/moon_wrapper:v4.3 . ${DOCKER_ARGS} -if [ "$1" = "push" ]; then - docker push wukongsun/moon_wrapper:v4.3 -fi -cd - diff --git a/moonv4/moon_wrapper/moon_wrapper/api/wrapper.py b/moonv4/moon_wrapper/moon_wrapper/api/wrapper.py index 99ac248b..0033e78f 100644 --- a/moonv4/moon_wrapper/moon_wrapper/api/wrapper.py +++ b/moonv4/moon_wrapper/moon_wrapper/api/wrapper.py @@ -97,14 +97,17 @@ class Wrapper(Resource): "to a PDP.".format(project_id)) def manage_data(self): - target = json.loads(request.form.get('target', {})) - credentials = json.loads(request.form.get('credentials', {})) - rule = request.form.get('rule', "") + data = request.form + if not dict(request.form): + data = json.loads(request.data.decode("utf-8")) + target = json.loads(data.get('target', {})) + credentials = json.loads(data.get('credentials', {})) + rule = data.get('rule', "") _subject = self.__get_subject(target, credentials) _object = self.__get_object(target, credentials) _project_id = self.__get_project_id(target, credentials) LOG.debug("POST with args project={} / " - "subject={} - object={} - action={}".format( + "subject={} - object={} - action={}".format( _project_id, _subject, _object, rule)) interface_url = self.get_interface_url(_project_id) LOG.debug("interface_url={}".format(interface_url)) diff --git a/moonv4/tests/send_authz.py b/moonv4/tests/send_authz.py index c21c8bca..a307a5c3 100644 --- a/moonv4/tests/send_authz.py +++ b/moonv4/tests/send_authz.py @@ -27,36 +27,55 @@ def init(): global logger, HOST, PORT, HOST_AUTHZ, PORT_AUTHZ, HOST_KEYSTONE, PORT_KEYSTONE parser = argparse.ArgumentParser() parser.add_argument('filename', help='scenario filename', nargs=1) - parser.add_argument("--verbose", "-v", action='store_true', help="verbose mode") - parser.add_argument("--debug", "-d", action='store_true', help="debug mode") - parser.add_argument("--dry-run", "-n", action='store_true', help="Dry run", dest="dry_run") + parser.add_argument("--verbose", "-v", action='store_true', + help="verbose mode") + parser.add_argument("--debug", "-d", action='store_true', + help="debug mode") + parser.add_argument("--dry-run", "-n", action='store_true', + help="Dry run", dest="dry_run") + parser.add_argument("--destination", + help="Set the type of output needed " + "(default: wrapper, other possible type: " + "interface).", + default="wrapper") parser.add_argument("--host", - help="Set the name of the host to test (default: 172.18.0.11).", + help="Set the name of the host to test " + "(default: 172.18.0.11).", default="127.0.0.1") parser.add_argument("--port", "-p", - help="Set the port of the host to test (default: 8082).", + help="Set the port of the host to test " + "(default: 8082).", default="8082") parser.add_argument("--host-authz", - help="Set the name of the host to test authorization (default: 172.18.0.11).", + help="Set the name of the host to test authorization " + "(default: 172.18.0.11).", default="127.0.0.1", dest="host_authz") parser.add_argument("--port-authz", - help="Set the port of the host to test authorization (default: 8081).", + help="Set the port of the host to test authorization " + "(default: 8081).", default="8081", dest="port_authz") parser.add_argument("--host-keystone", - help="Set the name of the Keystone host (default: 172.18.0.11).", + help="Set the name of the Keystone host " + "(default: 172.18.0.11).", default="127.0.0.1") parser.add_argument("--port-keystone", - help="Set the port of the Keystone host (default: 5000).", + help="Set the port of the Keystone host " + "(default: 5000).", default="5000") - parser.add_argument("--stress-test", "-s", action='store_true', dest='stress_test', - help="Execute stressing tests (warning delta measures will be false, implies -t)") - parser.add_argument("--write", "-w", help="Write test data to a JSON file", default="/tmp/data.json") + parser.add_argument("--stress-test", "-s", action='store_true', + dest='stress_test', + help="Execute stressing tests (warning delta measures " + "will be false, implies -t)") + parser.add_argument("--write", "-w", help="Write test data to a JSON file", + default="/tmp/data.json") parser.add_argument("--pdp", help="Test on pdp PDP") - parser.add_argument("--request-per-second", help="Number of requests per seconds", + parser.add_argument("--request-per-second", + help="Number of requests per seconds", type=int, dest="request_second", default=-1) - parser.add_argument("--limit", help="Limit request to LIMIT", type=int, default=500) + parser.add_argument("--limit", help="Limit request to LIMIT", type=int, + default=500) args = parser.parse_args() FORMAT = '%(asctime)-15s %(levelname)s %(message)s' @@ -115,7 +134,28 @@ def get_keystone_id(pdp_name): return keystone_project_id -def _send(url, stress_test=False): +def _construct_payload(creds, current_rule, enforcer, target): + # Convert instances of object() in target temporarily to + # empty dict to avoid circular reference detection + # errors in jsonutils.dumps(). + temp_target = copy.deepcopy(target) + for key in target.keys(): + element = target.get(key) + if type(element) is object: + temp_target[key] = {} + _data = _json = None + if enforcer: + _data = {'rule': json.dumps(current_rule), + 'target': json.dumps(temp_target), + 'credentials': json.dumps(creds)} + else: + _json = {'rule': current_rule, + 'target': temp_target, + 'credentials': creds} + return _data, _json + + +def _send(url, data=None, stress_test=False): current_request = dict() current_request['url'] = url try: @@ -128,7 +168,13 @@ def _send(url, stress_test=False): else: with lock: current_request['start'] = time.time() - res = requests.get(url) + if data: + data, _ = _construct_payload(data['credentials'], data['rule'], True, data['target']) + res = requests.post(url, json=data, + headers={'content-type': "application/x-www-form-urlencode"} + ) + else: + res = requests.get(url) current_request['end'] = time.time() current_request['delta'] = current_request["end"] - current_request["start"] except requests.exceptions.ConnectionError: @@ -160,7 +206,7 @@ def _send(url, stress_test=False): class AsyncGet(threading.Thread): - def __init__(self, url, semaphore=None, *args, **kwargs): + def __init__(self, url, semaphore=None, **kwargs): threading.Thread.__init__(self) self.url = url self.kwargs = kwargs @@ -170,27 +216,36 @@ class AsyncGet(threading.Thread): self.index = kwargs.get("index", 0) def run(self): - self.result = _send(self.url, self.kwargs.get("stress_test", False)) + self.result = _send(self.url, + data=self.kwargs.get("data"), + stress_test=self.kwargs.get("stress_test", False)) self.result['index'] = self.index def send_requests(scenario, keystone_project_id, request_second=1, limit=500, - dry_run=None, stress_test=False): - # sema = threading.BoundedSemaphore(value=request_second) + dry_run=None, stress_test=False, destination="wrapper"): backgrounds = [] time_data = list() start_timing = time.time() request_cpt = 0 - indexes = [] - # rules = itertools.product(scenario.subjects.keys(), scenario.objects.keys(), scenario.actions.keys()) SUBJECTS = tuple(scenario.subjects.keys()) OBJECTS = tuple(scenario.objects.keys()) ACTIONS = tuple(scenario.actions.keys()) - # for rule in rules: while request_cpt < limit: rule = (random.choice(SUBJECTS), random.choice(OBJECTS), random.choice(ACTIONS)) - url = "http://{}:{}/authz/{}/{}".format(HOST_AUTHZ, PORT_AUTHZ, keystone_project_id, "/".join(rule)) - indexes.append(url) + if destination.lower() == "wrapper": + url = "http://{}:{}/authz".format(HOST_AUTHZ, PORT_AUTHZ, keystone_project_id, "/".join(rule)) + data = { + 'target': { + "user_id": random.choice(SUBJECTS), + "target": {"name": random.choice(OBJECTS)} + }, + 'credentials': None, + 'rule': random.choice(ACTIONS) + } + else: + url = "http://{}:{}/authz/{}/{}".format(HOST_AUTHZ, PORT_AUTHZ, keystone_project_id, "/".join(rule)) + data = None if dry_run: logger.info(url) continue @@ -198,11 +253,10 @@ def send_requests(scenario, keystone_project_id, request_second=1, limit=500, if stress_test: time_data.append(copy.deepcopy(_send(url, stress_test=stress_test))) else: - background = AsyncGet(url, stress_test=stress_test, index=request_cpt) + background = AsyncGet(url, stress_test=stress_test, data=data, + index=request_cpt) backgrounds.append(background) background.start() - # if limit and limit < request_cpt: - # break if request_second > 0: if request_cpt % request_second == 0: if time.time()-start_timing < 1: @@ -242,7 +296,8 @@ def main(): request_second=args.request_second, limit=args.limit, dry_run=args.dry_run, - stress_test=args.stress_test + stress_test=args.stress_test, + destination=args.destination ) if not args.dry_run: save_data(args.write, time_data) |