[16881] Secure DS test suite #62
Conversation
Signed-off-by: Mario Dominguez <[email protected]>
…pantQoS Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Mario Dominguez <[email protected]>
…s.txt Signed-off-by: Mario Dominguez <[email protected]>
Signed-off-by: Mario Dominguez <[email protected]>
|
Tests running here |
…n_test.py Signed-off-by: Mario Dominguez <[email protected]>
|
New run here |
| } | ||
| else | ||
| { | ||
| ret = false; |
There was a problem hiding this comment.
Maybe we could be a little more specific on what the failure is with a LOG_ERROR (missing name/value)
| <topic_rule> | ||
| <topic_expression>*</topic_expression> | ||
| <enable_discovery_protection>true</enable_discovery_protection> | ||
| <enable_liveliness_protection>true</enable_liveliness_protection> | ||
| <enable_read_access_control>true</enable_read_access_control> | ||
| <enable_write_access_control>true</enable_write_access_control> | ||
| <metadata_protection_kind>ENCRYPT</metadata_protection_kind> | ||
| <data_protection_kind>ENCRYPT</data_protection_kind> | ||
| </topic_rule> | ||
| <topic_rule> | ||
| <topic_expression>topic*</topic_expression> | ||
| <enable_discovery_protection>true</enable_discovery_protection> | ||
| <enable_liveliness_protection>true</enable_liveliness_protection> | ||
| <enable_read_access_control>false</enable_read_access_control> | ||
| <enable_write_access_control>false</enable_write_access_control> | ||
| <metadata_protection_kind>ENCRYPT</metadata_protection_kind> | ||
| <data_protection_kind>ENCRYPT</data_protection_kind> | ||
| </topic_rule> |
There was a problem hiding this comment.
Wha's the rationale behind this distinction? Why disable access control for reading and writing on topic* ?
There was a problem hiding this comment.
The second topic rule makes no sense. The idea is to have all the protections enabled for all topics
test/run_test.py
Outdated
| props_file = open(config_params['properties']['SECURITY'], "r+") | ||
| data = props_file.read() | ||
| #Replace all occurrences of the required label | ||
| data = data.replace('<CERTS_RELATIVE_PATH>', args.certs_path) |
There was a problem hiding this comment.
I think we should add some sanity check to test that the provided certs_path location is actually a valid directory before using it here.
Signed-off-by: Mario Dominguez <[email protected]>
Mario-DL
force-pushed
the
feature/secure-ds-test-suite
branch
from
fc85255
to
6387ec5
Compare
test/run_test.py
Outdated
| props_file.truncate() | ||
| props_file.close() | ||
| else: | ||
| logger.error('Certs file not found at ' + args.certs_path) |
There was a problem hiding this comment.
It's a folder instead of a file
Signed-off-by: Mario Dominguez <[email protected]>
Mario-DL
force-pushed
the
feature/secure-ds-test-suite
branch
from
6387ec5
to
018f817
Compare
Signed-off-by: Mario Dominguez <[email protected]>
|
|
||
| if("${TEST}" IN_LIST FAIL_TEST_CASES) | ||
| set_property(TEST ${TEST_NAME} PROPERTY LABELS xfail) | ||
| if(SECURITY) |
There was a problem hiding this comment.
Doesn't this need a matching OPTION statement detailing the default value and what it does?
There was a problem hiding this comment.
As it is the first time SECURITY is included in the repo, maybe it would be a good idea
Signed-off-by: Mario Dominguez <[email protected]>
This PR intends to add the Secure Discovery Server (with all security protections enabled a.k.a Sv2.1_SP;Cv2.1_SP) Test Suite, which basically runs all the existing test-case scenarios with a new properties.xml file in which properties (including security ones) can be defined.
This properties.xml file extends the previously defined properties in each XML test-case scenario.