Browse Source

Add secure boot optional feature test

This test checks if secure boot feature can be turned on or off for
booting a machine with secure boot capabilities.

Change-Id: I22be6d01edb5428f612e838fde6289a2c1319caf
tags/0.1.0
Alexandru Muresan 2 years ago
parent
commit
4f383d6843

+ 5
- 0
oswin_tempest_plugin/config.py View File

@@ -37,6 +37,11 @@ HyperVGroup = [
37 37
     cfg.StrOpt('gen2_image_ref',
38 38
                help="Valid Generation 2 VM VHDX image reference to be used "
39 39
                     "in tests."),
40
+    cfg.StrOpt('secure_boot_image_ref',
41
+               help="Valid secure boot VM VHDX image reference to be used "
42
+                    "in tests."),
43
+    cfg.StrOpt('secure_boot_image_ssh_user',
44
+               help='User for secure boot image to be used in tests.'),
40 45
     cfg.BoolOpt('cluster_enabled',
41 46
                 default=False,
42 47
                 help="The compute nodes are joined into a Hyper-V Cluster."),

+ 70
- 0
oswin_tempest_plugin/tests/scenario/test_secure_boot.py View File

@@ -0,0 +1,70 @@
1
+# Copyright 2017 Cloudbase Solutions SRL
2
+# All Rights Reserved.
3
+#
4
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
+#    not use this file except in compliance with the License. You may obtain
6
+#    a copy of the License at
7
+#
8
+#         http://www.apache.org/licenses/LICENSE-2.0
9
+#
10
+#    Unless required by applicable law or agreed to in writing, software
11
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
+#    License for the specific language governing permissions and limitations
14
+#    under the License.
15
+
16
+from oswin_tempest_plugin import config
17
+from oswin_tempest_plugin.tests._mixins import optional_feature
18
+from oswin_tempest_plugin.tests import test_base
19
+
20
+CONF = config.CONF
21
+
22
+
23
+class SecureBootTestCase(test_base.TestBase,
24
+                         optional_feature._OptionalFeatureMixin):
25
+    """Secure boot test suite.
26
+
27
+    This test suite will spawn instances requiring secure boot to be
28
+    enabled.
29
+
30
+    This test suite will require a Generation 2 VHDX image, with a
31
+    Linux guest OS (it tests connectivity via SSH).
32
+
33
+    The configured image must contain the following properties:
34
+    * os_type=linux
35
+    * hw_machine_type=hyperv-gen2
36
+
37
+    Hyper-V Secure Boot was first introduced in Windows / Hyper-V Server 2012
38
+    R2, but support for Linux guests was introduced in Windows / Hyper-V
39
+    Server 2016, which is why this test suite will require compute nodes
40
+    with the OS version 10.0 or newer.
41
+    """
42
+
43
+    _MIN_HYPERV_VERSION = 10000
44
+
45
+    # NOTE(amuresan):Images supporting secure boot usually require more disk
46
+    #                space. We're trying to use the largest of the configured
47
+    #                flavors.
48
+
49
+    _FLAVOR_REF = CONF.compute.flavor_ref_alt
50
+    _IMAGE_REF = CONF.hyperv.secure_boot_image_ref
51
+    _IMAGE_SSH_USER = CONF.hyperv.secure_boot_image_ssh_user
52
+    _FEATURE_FLAVOR = {'extra_specs': {'os:secure_boot': 'required'}}
53
+
54
+    # TODO(amuresan): the secure_boot_image_ref should be reused in
55
+    # more than one test case so we don't have to add a different
56
+    # image for every test.
57
+
58
+    @classmethod
59
+    def skip_checks(cls):
60
+        super(SecureBootTestCase, cls).skip_checks()
61
+        # check if the needed image ref has been configured.
62
+        if not cls._IMAGE_REF:
63
+            msg = ('The config option "hyperv.secure_boot_image_ref" '
64
+                   'has not been set. Skipping secure boot tests.')
65
+            raise cls.skipException(msg)
66
+
67
+        if not cls._IMAGE_SSH_USER:
68
+            msg = ('The config option "hyperv.secure_boot_image_ssh_user" '
69
+                   'has not been set. Skipping.')
70
+            raise cls.skipException(msg)

+ 10
- 4
oswin_tempest_plugin/tests/test_base.py View File

@@ -46,6 +46,12 @@ class TestBase(tempest.test.BaseTestCase):
46 46
     # Inheriting TestCases should change this image ref if needed.
47 47
     _IMAGE_REF = CONF.compute.image_ref
48 48
 
49
+    # Inheriting TestCases should change this flavor ref if needed.
50
+    _FLAVOR_REF = CONF.compute.flavor_ref
51
+
52
+    # Inheriting TestCases should change this ssh User if needed.
53
+    _IMAGE_SSH_USER = CONF.validation.image_ssh_user
54
+
49 55
     # suffix to use for the newly created flavors.
50 56
     _FLAVOR_SUFFIX = ''
51 57
 
@@ -144,7 +150,7 @@ class TestBase(tempest.test.BaseTestCase):
144 150
         return new_flavor
145 151
 
146 152
     def _get_flavor_ref(self):
147
-        return CONF.compute.flavor_ref
153
+        return self._FLAVOR_REF
148 154
 
149 155
     def _create_server(self, flavor=None):
150 156
         """Wrapper utility that returns a test server.
@@ -155,7 +161,7 @@ class TestBase(tempest.test.BaseTestCase):
155 161
         clients = self.os_primary
156 162
         name = data_utils.rand_name(self.__class__.__name__ + "-server")
157 163
         image_id = self._get_image_ref()
158
-        flavor = flavor or self._get_flavor_ref()
164
+        flavor = flavor or self._FLAVOR_REF or self._get_flavor_ref()
159 165
         keypair = self.create_keypair()
160 166
         tenant_network = self.get_tenant_network()
161 167
         security_group = self._create_security_group()
@@ -261,8 +267,8 @@ class TestBase(tempest.test.BaseTestCase):
261 267
         ip_address = server_tuple.floating_ip['ip']
262 268
         private_key = server_tuple.keypair['private_key']
263 269
 
264
-        # ssh into the VM.
265
-        username = CONF.validation.image_ssh_user
270
+        # ssh into the VM
271
+        username = self._IMAGE_SSH_USER
266 272
         linux_client = remote_client.RemoteClient(
267 273
             ip_address, username, pkey=private_key, password=None,
268 274
             server=server, servers_client=self.servers_client)

Loading…
Cancel
Save