Policy enforcement - add cleaning action rules
Simulation purges data populated by murano driver in congress. Test creates rules as its prerequisites. Change-Id: Ia002b60ad5ba0d831e73b69f660a38c4f5e35f20 Closes-Bug: #1439595
This commit is contained in:
parent
5f545f413f
commit
eea9b5a631
|
@ -66,9 +66,14 @@ class ModelPolicyEnforcer(object):
|
|||
rules = congress_rules.CongressRulesManager().convert(
|
||||
model, class_loader, self._environment.tenant_id)
|
||||
|
||||
rules_str = " ".join(map(str, rules))
|
||||
rules_str = map(str, rules)
|
||||
env_id = model['?']['id']
|
||||
# cleanup of data populated by murano driver
|
||||
rules_str.insert(0, 'deleteEnv("{0}")'.format(env_id))
|
||||
|
||||
rules_line = " ".join(rules_str)
|
||||
LOG.debug('Congress rules: \n ' +
|
||||
'\n '.join(map(str, rules)))
|
||||
'\n '.join(rules_str))
|
||||
|
||||
validation_result = client.execute_policy_action(
|
||||
"murano_system",
|
||||
|
@ -76,12 +81,11 @@ class ModelPolicyEnforcer(object):
|
|||
False,
|
||||
False,
|
||||
{'query': 'predeploy_errors(eid, oid, msg)',
|
||||
'action_policy': 'action',
|
||||
'sequence': rules_str})
|
||||
'action_policy': 'murano_action',
|
||||
'sequence': rules_line})
|
||||
|
||||
if validation_result["result"]:
|
||||
|
||||
env_id = model['?']['id']
|
||||
messages = self._parse_messages(env_id,
|
||||
validation_result["result"])
|
||||
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
action("deleteEnv")
|
||||
|
||||
murano:states-(eid,st) :- deleteEnv(eid), murano:states( eid, st)
|
||||
|
||||
murano:parent_types-(tid, type) :- deleteEnv(eid), murano:connected(eid, tid),murano:parent_types(tid,type)
|
||||
murano:parent_types-(eid, type) :- deleteEnv(eid), murano:parent_types(eid,type)
|
||||
|
||||
murano:properties-(oid, pn, pv) :- deleteEnv(eid), murano:connected( eid, oid),murano:properties(oid, pn, pv)
|
||||
murano:properties-(eid, pn, pv) :- deleteEnv(eid), murano:properties(eid, pn, pv)
|
||||
|
||||
murano:objects-(oid, pid, ot) :- deleteEnv(eid), murano:connected(eid, oid), murano:objects(oid, pid, ot)
|
||||
murano:objects-(eid, tnid, ot) :- deleteEnv(eid), murano:objects(eid, tnid, ot)
|
||||
|
||||
murano:relationships-(sid,tid, rt) :- deleteEnv(eid), murano:connected( eid, sid), murano:relationships( sid, tid, rt)
|
||||
murano:relationships-(eid,tid, rt) :- deleteEnv(eid), murano:relationships( eid, tid, rt)
|
||||
|
||||
murano:connected-(tid, tid2) :- deleteEnv(eid), murano:connected(eid, tid), murano:connected(tid,tid2)
|
||||
murano:connected-(eid,tid) :- deleteEnv(eid), murano:connected(eid,tid)
|
|
@ -0,0 +1,4 @@
|
|||
missing_key("")
|
||||
invalid_flavor_name("really.bad.flavor")
|
||||
predeploy_errors(eid, obj_id, msg) :- murano:objects(obj_id, eid, type), murano:properties(obj_id, "flavor", flavor_name), invalid_flavor_name(flavor_name), murano:properties(obj_id, "name", obj_name), concat(obj_name, ": bad flavor", msg)
|
||||
predeploy_errors(eid, obj_id, msg) :- murano:objects(obj_id, eid, type), murano:properties(obj_id, "keyname", key_name), missing_key(key_name), murano:properties(obj_id, "name", obj_name), concat(obj_name, ": missing key", msg)
|
|
@ -23,26 +23,6 @@ import testtools
|
|||
import murano.tests.functional.common.tempest_utils as tempest_utils
|
||||
import murano.tests.functional.common.utils as common_utils
|
||||
|
||||
CONGRESS_RULES = ['invalid_flavor_name("really.bad.flavor")',
|
||||
'murano_env_of_object(oid,eid):-'
|
||||
'murano:connected(eid,oid),'
|
||||
'murano:objects(eid,tid,"io.murano.Environment")',
|
||||
'predeploy_errors(eid, obj_id, msg):-'
|
||||
'murano:objects(obj_id, pid, type),'
|
||||
'murano_env_of_object(obj_id, eid),'
|
||||
'murano:properties(obj_id, "flavor", flavor_name),'
|
||||
'invalid_flavor_name(flavor_name),'
|
||||
'murano:properties(obj_id, "name", obj_name),'
|
||||
'concat(obj_name, ": bad flavor", msg)',
|
||||
'predeploy_errors(eid, obj_id, msg):-'
|
||||
'murano:objects(obj_id, pid, type),'
|
||||
'murano_env_of_object(obj_id, eid),'
|
||||
'murano:properties(obj_id, "keyname", key_name),'
|
||||
'missing_key(key_name),'
|
||||
'murano:properties(obj_id, "name", obj_name),'
|
||||
'concat(obj_name, ": missing key", msg)',
|
||||
'missing_key("")']
|
||||
|
||||
|
||||
class PolicyEnforcement(testtools.TestCase,
|
||||
tempest_utils.TempestDeployTestMixin):
|
||||
|
@ -57,21 +37,18 @@ class PolicyEnforcement(testtools.TestCase,
|
|||
def setUpClass(cls):
|
||||
super(PolicyEnforcement, cls).setUpClass()
|
||||
|
||||
with common_utils.ignored(Exception):
|
||||
cls.congress_client().create_policy(
|
||||
cls.create_policy_req('murano_system'))
|
||||
cls.congress_client().create_policy(
|
||||
cls.create_policy_req('murano'))
|
||||
cls._create_policy(["murano", "murano_system"])
|
||||
cls._create_policy(["murano_action"], kind="action")
|
||||
|
||||
with common_utils.ignored(murano_exceptions.HTTPInternalServerError):
|
||||
cls.upload_policy_enf_app()
|
||||
cls._upload_policy_enf_app()
|
||||
|
||||
@classmethod
|
||||
def tearDownClass(cls):
|
||||
cls.purge_uploaded_packages()
|
||||
|
||||
@classmethod
|
||||
def upload_policy_enf_app(cls):
|
||||
def _upload_policy_enf_app(cls):
|
||||
app_dir = 'io.murano.apps.test.PolicyEnforcementTestApp'
|
||||
zip_file_path = cls.zip_dir(os.path.dirname(__file__), app_dir)
|
||||
cls.init_list("_package_files")
|
||||
|
@ -81,24 +58,32 @@ class PolicyEnforcement(testtools.TestCase,
|
|||
{"categories": ["Web"], "tags": ["tag"]},
|
||||
zip_file_path)
|
||||
|
||||
def setUp(self):
|
||||
super(PolicyEnforcement, self).setUp()
|
||||
self.rules = []
|
||||
|
||||
rule_posts = [{"rule": rule} for rule in CONGRESS_RULES]
|
||||
for rule_post in rule_posts:
|
||||
with common_utils.ignored(keystone_exceptions.Conflict):
|
||||
self.rules.append(self.congress_client().create_policy_rule(
|
||||
'murano_system',
|
||||
rule_post))
|
||||
|
||||
def tearDown(self):
|
||||
super(PolicyEnforcement, self).tearDown()
|
||||
self.purge_environments()
|
||||
|
||||
for rule in self.rules:
|
||||
self.congress_client().delete_policy_rule(
|
||||
"murano_system", rule["id"])
|
||||
@classmethod
|
||||
def _create_policy(cls, policy_names, kind=None):
|
||||
for name in policy_names:
|
||||
policy_req = {"name": name}
|
||||
if kind:
|
||||
policy_req["kind"] = kind
|
||||
with common_utils.ignored(keystone_exceptions.Conflict):
|
||||
cls.congress_client().create_policy(policy_req)
|
||||
|
||||
rules = []
|
||||
rules_file = os.path.join(
|
||||
os.path.dirname(__file__),
|
||||
"rules_" + name + ".txt")
|
||||
|
||||
if os.path.isfile(rules_file):
|
||||
with open(rules_file) as f:
|
||||
rules = [rule.strip() for rule in f.readlines()
|
||||
if rule.strip()]
|
||||
for rule in rules:
|
||||
with common_utils.ignored(keystone_exceptions.Conflict):
|
||||
cls.congress_client().create_policy_rule(name,
|
||||
{'rule': rule})
|
||||
|
||||
def _create_test_app(self, flavor, key):
|
||||
"""Application create request body
|
||||
|
|
Loading…
Reference in New Issue