diff --git a/tests/sec/remote.go b/tests/sec/remote.go deleted file mode 100644 index c259a3af9..000000000 --- a/tests/sec/remote.go +++ /dev/null @@ -1,88 +0,0 @@ -package sec_test - -import ( - "fmt" - "io" - "os" - "strings" - - "github.com/lf-edge/eden/pkg/defaults" - "github.com/lf-edge/eden/pkg/openevec" - "github.com/lf-edge/eden/pkg/utils" -) - -type remoteNode struct { - openEVEC *openevec.OpenEVEC -} - -func getOpenEVEC() *openevec.OpenEVEC { - edenConfigEnv := os.Getenv(defaults.DefaultConfigEnv) - configName := utils.GetConfig(edenConfigEnv) - - viperCfg, err := openevec.FromViper(configName, "debug") - if err != nil { - return nil - } - - return openevec.CreateOpenEVEC(viperCfg) -} - -func createRemoteNode() *remoteNode { - evec := getOpenEVEC() - if evec == nil { - return nil - } - - return &remoteNode{openEVEC: evec} -} - -func (node *remoteNode) runCommand(command string) ([]byte, error) { - realStdout := os.Stdout - r, w, err := os.Pipe() - if err != nil { - return nil, err - } - - os.Stdout = w - - // unfortunately, we can't capture command return value from SSHEve - err = node.openEVEC.SSHEve(command) - - os.Stdout = realStdout - w.Close() - - if err != nil { - return nil, err - } - - out, _ := io.ReadAll(r) - return out, nil -} - -func (node *remoteNode) fileExists(fileName string) (bool, error) { - command := fmt.Sprintf("if stat \"%s\"; then echo \"1\"; else echo \"0\"; fi", fileName) - out, err := node.runCommand(command) - if err != nil { - return false, err - } - - if strings.TrimSpace(string(out)) == "0" { - return false, nil - } - - return true, nil -} - -func (node *remoteNode) readFile(fileName string) ([]byte, error) { - exist, err := node.fileExists(fileName) - if err != nil { - return nil, err - } - - if !exist { - return nil, fmt.Errorf("file %s does not exist", fileName) - } - - command := fmt.Sprintf("cat %s", fileName) - return node.runCommand(command) -} diff --git a/tests/sec/sec_test.go b/tests/sec/sec_test.go index 537606930..9da0c122e 100644 --- a/tests/sec/sec_test.go +++ b/tests/sec/sec_test.go @@ -1,92 +1,30 @@ package sec_test import ( - "fmt" "os" "strings" "testing" - "time" + tk "github.com/lf-edge/eden/pkg/evetestkit" log "github.com/sirupsen/logrus" - - "github.com/lf-edge/eden/pkg/device" - "github.com/lf-edge/eden/pkg/projects" - "github.com/lf-edge/eden/pkg/tests" ) -var ( - tc *projects.TestContext - rnode *remoteNode -) +const projectName = "security-test" +const appArmorStatus = "/sys/module/apparmor/parameters/enabled" + +var eveNode *tk.EveNode -// TestMain is used to provide setup and teardown for the rest of the -// tests. As part of setup we make sure that context has a slice of -// EVE instances that we can operate on. For any action, if the instance -// is not specified explicitly it is assumed to be the first one in the slice func TestMain(m *testing.M) { log.Println("Security Test Suite started") + defer log.Println("Security Test Suite finished") - tests.TestArgsParse() - - tc = projects.NewTestContext() - - projectName := fmt.Sprintf("%s_%s", "TestSecurity", time.Now()) - - // Registering our own project namespace with controller for easy cleanup - tc.InitProject(projectName) - - // Create representation of EVE instances (based on the names - // or UUIDs that were passed in) in the context. This is the first place - // where we're using zcli-like API: - for _, node := range tc.GetNodeDescriptions() { - edgeNode := node.GetEdgeNode(tc) - if edgeNode == nil { - // Couldn't find existing edgeNode record in the controller. - // Need to create it from scratch now: - // this is modeled after: zcli edge-node create - // --project= --model= [--title=] - // ([--edge-node-certificate=<certificate>] | - // [--onboarding-certificate=<certificate>] | - // [(--onboarding-key=<key> --serial=<serial-number>)]) - // [--network=<network>...] - // - // XXX: not sure if struct (giving us optional fields) would be better - edgeNode = tc.NewEdgeNode(tc.WithNodeDescription(node), tc.WithCurrentProject()) - } else { - // make sure to move EdgeNode to the project we created, again - // this is modeled after zcli edge-node update <name> [--title=<title>] - // [--lisp-mode=experimental|default] [--project=<project>] - // [--clear-onboarding-certs] [--config=<key:value>...] [--network=<network>...] - edgeNode.SetProject(projectName) - } - - tc.ConfigSync(edgeNode) - - // finally we need to make sure that the edgeNode is in a state that we need - // it to be, before the test can run -- this could be multiple checks on its - // status, but for example: - if edgeNode.GetState() == device.NotOnboarded { - log.Fatal("Node is not onboarded now") - } - - // this is a good node -- lets add it to the test context - tc.AddNode(edgeNode) - } - - tc.StartTrackingState(false) - - // create a remote node - rnode = createRemoteNode() - if rnode == nil { - log.Fatal("Can't initlize the remote node") + node, err := tk.InitilizeTest(projectName, tk.WithControllerVerbosity("debug")) + if err != nil { + log.Fatalf("Failed to initialize test: %v", err) } - // we now have a situation where TestContext has enough EVE nodes known - // for the rest of the tests to run. So run them: + eveNode = node res := m.Run() - - // Finally, we need to cleanup whatever objects may be in in the - // project we created and then we can exit os.Exit(res) } @@ -95,10 +33,7 @@ func TestAppArmorEnabled(t *testing.T) { defer log.Println("TestAppArmorEnabled finished") t.Parallel() - edgeNode := tc.GetEdgeNode(tc.WithTest(t)) - tc.WaitForState(edgeNode, 60) - - out, err := rnode.readFile("/sys/module/apparmor/parameters/enabled") + out, err := eveNode.EveReadFile(appArmorStatus) if err != nil { t.Fatal(err) }