openstack
/
nova
Code Issues Proposed changes

Merge "Moves trusted filter unit tests into own file"

This commit is contained in:
Jenkins 2014-10-24 23:12:44 +00:00 committed by Gerrit Code Review
parent 49acbb2980 f388ac5e8f
commit 6d7f07cc7b
2 changed files with 203 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

203
nova/tests/scheduler/filters/test_trusted_filters.py Normal file
View File

@ -0,0 +1,203 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import mock
from oslo.config import cfg
from oslo.utils import timeutils
import requests
from nova.scheduler.filters import trusted_filter
from nova import test
from nova.tests.scheduler import fakes
CONF = cfg.CONF
@mock.patch.object(trusted_filter.AttestationService, '_request')
class TestTrustedFilter(test.NoDBTestCase):
def setUp(self):
super(TestTrustedFilter, self).setUp()
# TrustedFilter's constructor creates the attestation cache, which
# calls to get a list of all the compute nodes.
fake_compute_nodes = [
{'hypervisor_hostname': 'node1',
'service': {'host': 'host1'},
}
]
with mock.patch('nova.db.compute_node_get_all') as mocked:
mocked.return_value = fake_compute_nodes
self.filt_cls = trusted_filter.TrustedFilter()
def test_trusted_filter_default_passes(self, req_mock):
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(self.filt_cls.host_passes(host, filter_properties))
self.assertFalse(req_mock.called)
def test_trusted_filter_trusted_and_trusted_passes(self, req_mock):
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "trusted",
"vtime": timeutils.isotime()}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(self.filt_cls.host_passes(host, filter_properties))
req_mock.assert_called_once_with("POST", "PollHosts", ["node1"])
def test_trusted_filter_trusted_and_untrusted_fails(self, req_mock):
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertFalse(self.filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_untrusted_and_trusted_fails(self, req_mock):
oat_data = {"hosts": [{"host_name": "node",
"trust_lvl": "trusted",
"vtime": timeutils.isotime()}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertFalse(self.filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_untrusted_and_untrusted_passes(self, req_mock):
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(self.filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_update_cache(self, req_mock):
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.filt_cls.host_passes(host, filter_properties) # Fill the caches
req_mock.reset_mock()
self.filt_cls.host_passes(host, filter_properties)
self.assertFalse(req_mock.called)
req_mock.reset_mock()
timeutils.set_time_override(timeutils.utcnow())
timeutils.advance_time_seconds(
CONF.trusted_computing.attestation_auth_timeout + 80)
self.filt_cls.host_passes(host, filter_properties)
self.assertTrue(req_mock.called)
timeutils.clear_time_override()
def test_trusted_filter_update_cache_timezone(self, req_mock):
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": "2012-09-09T05:10:40-04:00"}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
timeutils.set_time_override(
timeutils.normalize_time(
timeutils.parse_isotime("2012-09-09T09:10:40Z")))
self.filt_cls.host_passes(host, filter_properties) # Fill the caches
req_mock.reset_mock()
self.filt_cls.host_passes(host, filter_properties)
self.assertFalse(req_mock.called)
req_mock.reset_mock()
timeutils.advance_time_seconds(
CONF.trusted_computing.attestation_auth_timeout - 10)
self.filt_cls.host_passes(host, filter_properties)
self.assertFalse(req_mock.called)
timeutils.clear_time_override()
def test_trusted_filter_combine_hosts(self, req_mock):
fake_compute_nodes = [
{'hypervisor_hostname': 'node1',
'service': {'host': 'host1'},
},
{'hypervisor_hostname': 'node2',
'service': {'host': 'host2'},
},
]
with mock.patch('nova.db.compute_node_get_all') as mocked:
mocked.return_value = fake_compute_nodes
self.filt_cls = trusted_filter.TrustedFilter()
oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": "2012-09-09T05:10:40-04:00"}]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.filt_cls.host_passes(host, filter_properties) # Fill the caches
req_mock.assert_called_once_with("POST", "PollHosts",
["node1", "node2"])
def test_trusted_filter_trusted_and_locale_formated_vtime_passes(self,
req_mock):
oat_data = {"hosts": [{"host_name": "host1",
"trust_lvl": "trusted",
"vtime": timeutils.strtime(fmt="%c")},
{"host_name": "host2",
"trust_lvl": "trusted",
"vtime": timeutils.strtime(fmt="%D")},
# This is just a broken date to ensure that
# we're not just arbitrarily accepting any
# date format.
]}
req_mock.return_value = requests.codes.OK, oat_data
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': mock.sentinel.ctx,
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'host1', {})
bad_host = fakes.FakeHostState('host2', 'host2', {})
self.assertTrue(self.filt_cls.host_passes(host, filter_properties))
self.assertFalse(self.filt_cls.host_passes(bad_host,
filter_properties))

180
nova/tests/scheduler/test_host_filters.py
View File

@ -15,12 +15,8 @@
Tests For Scheduler Host Filters.
"""
import mock
from oslo.config import cfg
from oslo.serialization import jsonutils
from oslo.utils import timeutils
import requests
import stubout
from nova import context
from nova import db
@ -28,7 +24,6 @@ from nova import objects
from nova.objects import base as obj_base
from nova.pci import stats as pci_stats
from nova.scheduler import filters
from nova.scheduler.filters import trusted_filter
from nova import servicegroup
from nova import test
from nova.tests import fake_instance
@ -53,19 +48,8 @@ class HostFiltersTestCase(test.NoDBTestCase):
# the testing of the DB API code from the host-filter code.
USES_DB = True
def fake_oat_request(self, *args, **kwargs):
"""Stubs out the response from OAT service."""
self.oat_attested = True
self.oat_hosts = args[2]
return requests.codes.OK, self.oat_data
def setUp(self):
super(HostFiltersTestCase, self).setUp()
self.oat_data = ''
self.oat_attested = False
self.stubs = stubout.StubOutForTesting()
self.stubs.Set(trusted_filter.AttestationService, '_request',
self.fake_oat_request)
self.context = context.RequestContext('fake', 'fake')
filter_handler = filters.HostFilterHandler()
classes = filter_handler.get_matching_classes(
@ -252,170 +236,6 @@ class HostFiltersTestCase(test.NoDBTestCase):
self.assertFalse(self._do_test_isolated_hosts(False, True, True,
False))
def test_trusted_filter_default_passes(self):
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_trusted_and_trusted_passes(self):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "trusted",
"vtime": timeutils.isotime()}]}
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_trusted_and_untrusted_fails(self):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertFalse(filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_untrusted_and_trusted_fails(self):
self.oat_data = {"hosts": [{"host_name": "node",
"trust_lvl": "trusted",
"vtime": timeutils.isotime()}]}
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertFalse(filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_untrusted_and_untrusted_passes(self):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
self.assertTrue(filt_cls.host_passes(host, filter_properties))
def test_trusted_filter_update_cache(self):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": timeutils.isotime()}]}
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
filt_cls.host_passes(host, filter_properties) # Fill the caches
self.oat_attested = False
filt_cls.host_passes(host, filter_properties)
self.assertFalse(self.oat_attested)
self.oat_attested = False
timeutils.set_time_override(timeutils.utcnow())
timeutils.advance_time_seconds(
CONF.trusted_computing.attestation_auth_timeout + 80)
filt_cls.host_passes(host, filter_properties)
self.assertTrue(self.oat_attested)
timeutils.clear_time_override()
def test_trusted_filter_update_cache_timezone(self):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": "2012-09-09T05:10:40-04:00"}]}
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'untrusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
timeutils.set_time_override(
timeutils.normalize_time(
timeutils.parse_isotime("2012-09-09T09:10:40Z")))
filt_cls.host_passes(host, filter_properties) # Fill the caches
self.oat_attested = False
filt_cls.host_passes(host, filter_properties)
self.assertFalse(self.oat_attested)
self.oat_attested = False
timeutils.advance_time_seconds(
CONF.trusted_computing.attestation_auth_timeout - 10)
filt_cls.host_passes(host, filter_properties)
self.assertFalse(self.oat_attested)
timeutils.clear_time_override()
@mock.patch('nova.db.compute_node_get_all')
def test_trusted_filter_combine_hosts(self, mockdb):
self.oat_data = {"hosts": [{"host_name": "node1",
"trust_lvl": "untrusted",
"vtime": "2012-09-09T05:10:40-04:00"}]}
fake_compute_nodes = [
{'hypervisor_hostname': 'node1',
'service': {'host': 'host1'},
},
{'hypervisor_hostname': 'node2',
'service': {'host': 'host2'},
}, ]
mockdb.return_value = fake_compute_nodes
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'node1', {})
filt_cls.host_passes(host, filter_properties) # Fill the caches
self.assertEqual(set(self.oat_hosts), set(['node1', 'node2']))
def test_trusted_filter_trusted_and_locale_formated_vtime_passes(self):
self.oat_data = {"hosts": [{"host_name": "host1",
"trust_lvl": "trusted",
"vtime": timeutils.strtime(fmt="%c")},
{"host_name": "host2",
"trust_lvl": "trusted",
"vtime": timeutils.strtime(fmt="%D")},
# This is just a broken date to ensure that
# we're not just arbitrarily accepting any
# date format.
]}
self._stub_service_is_up(True)
filt_cls = self.class_map['TrustedFilter']()
extra_specs = {'trust:trusted_host': 'trusted'}
filter_properties = {'context': self.context.elevated(),
'instance_type': {'memory_mb': 1024,
'extra_specs': extra_specs}}
host = fakes.FakeHostState('host1', 'host1', {})
bad_host = fakes.FakeHostState('host2', 'host2', {})
self.assertTrue(filt_cls.host_passes(host, filter_properties))
self.assertFalse(filt_cls.host_passes(bad_host, filter_properties))
def test_core_filter_passes(self):
filt_cls = self.class_map['CoreFilter']()
filter_properties = {'instance_type': {'vcpus': 1}}