Add skips for KMIP functional tests

In preparation for adding a KMIP gate, adds the ability to skip functional tests that are not compatible with a KMIP device. Some tests are skipped because invalid algorithms or bit lengths are passed to the device. Other tests are skipped because the tested feature doesn't exist for the PyKMIP software server yet. To enable skipping the non-compatible functional tests for a KMIP back end, set the environment variable using: export KMIP_PLUGIN_ENABLED=1 Co-authored-by: Nathan Reller <nathan.reller@jhuapl.edu> Change-Id: Id908bf57233af84bff56d90c75d175b04ccd4373
2016-04-08 14:17:57 -04:00 · 2016-04-08 14:17:57 -04:00 · d590380e20
commit d590380e20
parent 6d1ea0a9d4
3 changed files with 22 additions and 3 deletions
--- a/barbican/tests/utils.py
+++ b/barbican/tests/utils.py
@ -14,6 +14,7 @@
 # limitations under the License.
 import datetime
 import functools
+import os
 from os import path
 import time
 import types
@ -309,7 +310,8 @@ def construct_new_test_function(original_func, name, build_params):
        six.get_function_code(original_func),
        six.get_function_globals(original_func),
        name=name,
-        argdefs=six.get_function_defaults(original_func)
+        argdefs=six.get_function_defaults(original_func),
+        closure=six.get_function_closure(original_func)
    )

    for key, val in original_func.__dict__.items():
@ -478,5 +480,9 @@ def is_public_key_valid(expected, observed):
    return True


+def is_kmip_enabled():
+    return os.environ.get('KMIP_PLUGIN_ENABLED') is not None
+
+
 class DummyClassForTesting(object):
    pass
--- a/functionaltests/api/v1/functional/test_rsa.py
+++ b/functionaltests/api/v1/functional/test_rsa.py
@ -16,6 +16,7 @@ import base64

 from Crypto.PublicKey import RSA
 from OpenSSL import crypto
+import testtools
 from testtools import testcase

 from barbican.tests import keys
@ -218,6 +219,8 @@ class RSATestCase(base.TestCase):
        self.verify_container_keys_equal(secrets)

    @testcase.attr('positive')
+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "PyKMIP does not support this operation")
    def test_rsa_store_and_get_container_with_passphrase(self):
        """Post and Get for container with passphrase"""
        public_ref = self.store_public_key()
@ -238,6 +241,8 @@ class RSATestCase(base.TestCase):
        self.verify_container_keys_valid(secrets)

    @testcase.attr('positive')
+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "PyKMIP does not support this operation")
    def test_rsa_order_container_with_passphrase(self):
        """Post an order for a container with a passphrase"""
        order_ref = self.order_container(with_passphrase=True)
@ -268,6 +273,8 @@ class RSATestCase(base.TestCase):
        self.verify_certificate_order_status(order_status)

    @testcase.attr('positive')
+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "PyKMIP does not support this operation")
    def test_rsa_order_certificate_from_ordered_container_with_pass(self):
        """Post an order for a certificate"""
        order_ref = self.order_container(with_passphrase=True)
@ -293,6 +300,8 @@ class RSATestCase(base.TestCase):
        self.verify_certificate_order_status(order_status)

    @testcase.attr('positive')
+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "PyKMIP does not support this operation")
    def test_rsa_order_certificate_from_stored_container_with_pass(self):
        """Post an order for a certificate"""
        public_ref = self.store_public_key()
--- a/functionaltests/api/v1/functional/test_secrets.py
+++ b/functionaltests/api/v1/functional/test_secrets.py
@ -17,6 +17,7 @@ import base64
 import binascii
 import json
 import sys
+import testtools
 import time

 from testtools import testcase
@ -580,6 +581,8 @@ class SecretsTestCase(base.TestCase):
        self.assertEqual(resp.status_code, 400)

    @testcase.attr('positive', 'non-standard-algorithm')
+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "KMIP does not support invalid algorithms")
    def test_secret_create_valid_algorithms(self):
        """Creates secrets with various valid algorithms."""
        algorithm = 'invalid'
@ -603,6 +606,8 @@ class SecretsTestCase(base.TestCase):
        resp, secret_ref = self.behaviors.create_secret(test_model)
        self.assertEqual(resp.status_code, 400)

+    @testtools.skipIf(utils.is_kmip_enabled(),
+                      "KMIP does not support non-standard bit lengths")
    @utils.parameterized_dataset({
        'sixteen': [16],
        'fifteen': [15],
@ -624,8 +629,7 @@ class SecretsTestCase(base.TestCase):
    @utils.parameterized_dataset({
        '128': [128],
        '192': [192],
-        '256': [256],
-        '512': [512]
+        '256': [256]
    })
    @testcase.attr('positive')
    def test_secret_create_with_valid_bit_length(self, bit_length):