summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexandru Muresan <amuresan@cloudbasesolutions.com>2017-07-25 13:59:09 +0300
committerAlexandru Muresan <amuresan@cloudbasesolutions.com>2017-09-04 14:17:48 +0300
commit4f383d68432b6f36b3002acd329dddc78389c780 (patch)
tree0e9cdb4791499e36fe5df7ff5a18bdb9f2872bb1
parent3cc5f94ac9a4bfb4c3f2a2c3cf1d1fe05ddfc688 (diff)
Add secure boot optional feature test
This test checks if secure boot feature can be turned on or off for booting a machine with secure boot capabilities. Change-Id: I22be6d01edb5428f612e838fde6289a2c1319caf
Notes
Notes (review): Code-Review+2: Claudiu Belu <cbelu@cloudbasesolutions.com> Code-Review+2: Lucian Petrut <lpetrut@cloudbasesolutions.com> Workflow+1: Lucian Petrut <lpetrut@cloudbasesolutions.com> Verified+2: Jenkins Submitted-by: Jenkins Submitted-at: Wed, 06 Sep 2017 10:37:21 +0000 Reviewed-on: https://review.openstack.org/489242 Project: openstack/oswin-tempest-plugin Branch: refs/heads/master
-rw-r--r--oswin_tempest_plugin/config.py5
-rw-r--r--oswin_tempest_plugin/tests/scenario/test_secure_boot.py70
-rw-r--r--oswin_tempest_plugin/tests/test_base.py14
3 files changed, 85 insertions, 4 deletions
diff --git a/oswin_tempest_plugin/config.py b/oswin_tempest_plugin/config.py
index 8870636..630be2e 100644
--- a/oswin_tempest_plugin/config.py
+++ b/oswin_tempest_plugin/config.py
@@ -37,6 +37,11 @@ HyperVGroup = [
37 cfg.StrOpt('gen2_image_ref', 37 cfg.StrOpt('gen2_image_ref',
38 help="Valid Generation 2 VM VHDX image reference to be used " 38 help="Valid Generation 2 VM VHDX image reference to be used "
39 "in tests."), 39 "in tests."),
40 cfg.StrOpt('secure_boot_image_ref',
41 help="Valid secure boot VM VHDX image reference to be used "
42 "in tests."),
43 cfg.StrOpt('secure_boot_image_ssh_user',
44 help='User for secure boot image to be used in tests.'),
40 cfg.BoolOpt('cluster_enabled', 45 cfg.BoolOpt('cluster_enabled',
41 default=False, 46 default=False,
42 help="The compute nodes are joined into a Hyper-V Cluster."), 47 help="The compute nodes are joined into a Hyper-V Cluster."),
diff --git a/oswin_tempest_plugin/tests/scenario/test_secure_boot.py b/oswin_tempest_plugin/tests/scenario/test_secure_boot.py
new file mode 100644
index 0000000..5199410
--- /dev/null
+++ b/oswin_tempest_plugin/tests/scenario/test_secure_boot.py
@@ -0,0 +1,70 @@
1# Copyright 2017 Cloudbase Solutions SRL
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
16from oswin_tempest_plugin import config
17from oswin_tempest_plugin.tests._mixins import optional_feature
18from oswin_tempest_plugin.tests import test_base
19
20CONF = config.CONF
21
22
23class SecureBootTestCase(test_base.TestBase,
24 optional_feature._OptionalFeatureMixin):
25 """Secure boot test suite.
26
27 This test suite will spawn instances requiring secure boot to be
28 enabled.
29
30 This test suite will require a Generation 2 VHDX image, with a
31 Linux guest OS (it tests connectivity via SSH).
32
33 The configured image must contain the following properties:
34 * os_type=linux
35 * hw_machine_type=hyperv-gen2
36
37 Hyper-V Secure Boot was first introduced in Windows / Hyper-V Server 2012
38 R2, but support for Linux guests was introduced in Windows / Hyper-V
39 Server 2016, which is why this test suite will require compute nodes
40 with the OS version 10.0 or newer.
41 """
42
43 _MIN_HYPERV_VERSION = 10000
44
45 # NOTE(amuresan):Images supporting secure boot usually require more disk
46 # space. We're trying to use the largest of the configured
47 # flavors.
48
49 _FLAVOR_REF = CONF.compute.flavor_ref_alt
50 _IMAGE_REF = CONF.hyperv.secure_boot_image_ref
51 _IMAGE_SSH_USER = CONF.hyperv.secure_boot_image_ssh_user
52 _FEATURE_FLAVOR = {'extra_specs': {'os:secure_boot': 'required'}}
53
54 # TODO(amuresan): the secure_boot_image_ref should be reused in
55 # more than one test case so we don't have to add a different
56 # image for every test.
57
58 @classmethod
59 def skip_checks(cls):
60 super(SecureBootTestCase, cls).skip_checks()
61 # check if the needed image ref has been configured.
62 if not cls._IMAGE_REF:
63 msg = ('The config option "hyperv.secure_boot_image_ref" '
64 'has not been set. Skipping secure boot tests.')
65 raise cls.skipException(msg)
66
67 if not cls._IMAGE_SSH_USER:
68 msg = ('The config option "hyperv.secure_boot_image_ssh_user" '
69 'has not been set. Skipping.')
70 raise cls.skipException(msg)
diff --git a/oswin_tempest_plugin/tests/test_base.py b/oswin_tempest_plugin/tests/test_base.py
index c99dd9e..efa91bb 100644
--- a/oswin_tempest_plugin/tests/test_base.py
+++ b/oswin_tempest_plugin/tests/test_base.py
@@ -46,6 +46,12 @@ class TestBase(tempest.test.BaseTestCase):
46 # Inheriting TestCases should change this image ref if needed. 46 # Inheriting TestCases should change this image ref if needed.
47 _IMAGE_REF = CONF.compute.image_ref 47 _IMAGE_REF = CONF.compute.image_ref
48 48
49 # Inheriting TestCases should change this flavor ref if needed.
50 _FLAVOR_REF = CONF.compute.flavor_ref
51
52 # Inheriting TestCases should change this ssh User if needed.
53 _IMAGE_SSH_USER = CONF.validation.image_ssh_user
54
49 # suffix to use for the newly created flavors. 55 # suffix to use for the newly created flavors.
50 _FLAVOR_SUFFIX = '' 56 _FLAVOR_SUFFIX = ''
51 57
@@ -144,7 +150,7 @@ class TestBase(tempest.test.BaseTestCase):
144 return new_flavor 150 return new_flavor
145 151
146 def _get_flavor_ref(self): 152 def _get_flavor_ref(self):
147 return CONF.compute.flavor_ref 153 return self._FLAVOR_REF
148 154
149 def _create_server(self, flavor=None): 155 def _create_server(self, flavor=None):
150 """Wrapper utility that returns a test server. 156 """Wrapper utility that returns a test server.
@@ -155,7 +161,7 @@ class TestBase(tempest.test.BaseTestCase):
155 clients = self.os_primary 161 clients = self.os_primary
156 name = data_utils.rand_name(self.__class__.__name__ + "-server") 162 name = data_utils.rand_name(self.__class__.__name__ + "-server")
157 image_id = self._get_image_ref() 163 image_id = self._get_image_ref()
158 flavor = flavor or self._get_flavor_ref() 164 flavor = flavor or self._FLAVOR_REF or self._get_flavor_ref()
159 keypair = self.create_keypair() 165 keypair = self.create_keypair()
160 tenant_network = self.get_tenant_network() 166 tenant_network = self.get_tenant_network()
161 security_group = self._create_security_group() 167 security_group = self._create_security_group()
@@ -261,8 +267,8 @@ class TestBase(tempest.test.BaseTestCase):
261 ip_address = server_tuple.floating_ip['ip'] 267 ip_address = server_tuple.floating_ip['ip']
262 private_key = server_tuple.keypair['private_key'] 268 private_key = server_tuple.keypair['private_key']
263 269
264 # ssh into the VM. 270 # ssh into the VM
265 username = CONF.validation.image_ssh_user 271 username = self._IMAGE_SSH_USER
266 linux_client = remote_client.RemoteClient( 272 linux_client = remote_client.RemoteClient(
267 ip_address, username, pkey=private_key, password=None, 273 ip_address, username, pkey=private_key, password=None,
268 server=server, servers_client=self.servers_client) 274 server=server, servers_client=self.servers_client)