Browse Source

Merge "Add barbican scenarios for orders"

changes/54/677954/1
Zuul 1 month ago
parent
commit
25f17ce17f

+ 40
- 0
rally-jobs/barbican.yaml View File

@@ -147,3 +147,43 @@
147 147
             users:
148 148
               tenants: 1
149 149
               users_per_tenant: 1
150
+    -
151
+      title: BarbicanOrders.create_asymmetric_and_delete
152
+      workloads:
153
+        -
154
+          scenario:
155
+            BarbicanOrders.create_asymmetric_and_delete: {}
156
+          runner:
157
+            constant:
158
+              times: 4
159
+              concurrency: 2
160
+    -
161
+      title: BarbicanOrders.create_key_and_delete
162
+      workloads:
163
+        -
164
+          scenario:
165
+            BarbicanOrders.create_key_and_delete: {}
166
+          runner:
167
+            constant:
168
+              times: 4
169
+              concurrency: 2
170
+    -
171
+      title: BarbicanOrders.create_certificate_and_delete
172
+      workloads:
173
+        -
174
+          scenario:
175
+            BarbicanOrders.create_certificate_and_delete: {}
176
+          runner:
177
+            constant:
178
+              times: 4
179
+              concurrency: 2
180
+    -
181
+      title: BarbicanOrders.list
182
+      workloads:
183
+        -
184
+          scenario:
185
+            BarbicanOrders.list: {}
186
+          runner:
187
+            constant:
188
+              times: 4
189
+              concurrency: 2

+ 6
- 0
rally_openstack/cleanup/resources.py View File

@@ -1171,3 +1171,9 @@ class BarbicanSecrets(base.ResourceManager):
1171 1171
                perform_for_admin_only=True)
1172 1172
 class BarbicanContainers(base.ResourceManager):
1173 1173
     pass
1174
+
1175
+
1176
+@base.resource("barbican", "orders", order=1500, admin_required=True,
1177
+               perform_for_admin_only=True)
1178
+class BarbicanOrders(base.ResourceManager):
1179
+    pass

+ 60
- 0
rally_openstack/scenarios/barbican/orders.py View File

@@ -0,0 +1,60 @@
1
+# Copyright 2018 Red Hat, Inc. <http://www.redhat.com>
2
+#
3
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
4
+#    not use this file except in compliance with the License. You may obtain
5
+#    a copy of the License at
6
+#
7
+#         http://www.apache.org/licenses/LICENSE-2.0
8
+#
9
+#    Unless required by applicable law or agreed to in writing, software
10
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12
+#    License for the specific language governing permissions and limitations
13
+#    under the License.
14
+
15
+from rally.task import validation
16
+
17
+from rally_openstack import consts
18
+from rally_openstack import scenario
19
+from rally_openstack.scenarios.barbican import utils
20
+
21
+"""Scenarios for Barbican orders."""
22
+
23
+
24
+@validation.add("required_services", services=[consts.Service.BARBICAN])
25
+@validation.add("required_platform", platform="openstack", admin=True)
26
+@scenario.configure(name="BarbicanOrders.list")
27
+class BarbicanOrdersList(utils.BarbicanBase):
28
+    def run(self):
29
+        """List secrets."""
30
+        self.admin_barbican.orders_list()
31
+
32
+
33
+@validation.add("required_services", services=[consts.Service.BARBICAN])
34
+@validation.add("required_platform", platform="openstack", admin=True)
35
+@scenario.configure(name="BarbicanOrders.create_key_and_delete")
36
+class BarbicanOrdersCreateKeyAndDelete(utils.BarbicanBase):
37
+    def run(self):
38
+        """Create and delete key orders"""
39
+        keys = self.admin_barbican.create_key()
40
+        self.admin_barbican.orders_delete(keys.order_ref)
41
+
42
+
43
+@validation.add("required_services", services=[consts.Service.BARBICAN])
44
+@validation.add("required_platform", platform="openstack", admin=True)
45
+@scenario.configure(name="BarbicanOrders.create_certificate_and_delete")
46
+class BarbicanOrdersCreateCertificateAndDelete(utils.BarbicanBase):
47
+    def run(self):
48
+        """Create and delete certificate orders"""
49
+        certificate = self.admin_barbican.create_certificate()
50
+        self.admin_barbican.orders_delete(certificate.order_ref)
51
+
52
+
53
+@validation.add("required_services", services=[consts.Service.BARBICAN])
54
+@validation.add("required_platform", platform="openstack", admin=True)
55
+@scenario.configure(name="BarbicanOrders.create_asymmetric_and_delete")
56
+class BarbicanOrdersCreateAsymmetricAndDelete(utils.BarbicanBase):
57
+    def run(self):
58
+        """Create and delete asymmetric order."""
59
+        certificate = self.admin_barbican.create_asymmetric()
60
+        self.admin_barbican.orders_delete(certificate.order_ref)

+ 91
- 0
rally_openstack/services/key_manager/barbican.py View File

@@ -141,3 +141,94 @@ class BarbicanService(service.Service):
141 141
             private_key=private_key, private_key_passphrase=None)
142 142
         val.store()
143 143
         return val
144
+
145
+    @atomic.action_timer("barbican.orders_list")
146
+    def orders_list(self):
147
+        """list orders"""
148
+        return self._clients.barbican().orders.list()
149
+
150
+    @atomic.action_timer("barbican.orders_delete")
151
+    def orders_delete(self, order_ref):
152
+        """Delete the order
153
+
154
+        :param order_ref: The order reference
155
+        """
156
+        return self._clients.barbican().orders.delete(order_ref)
157
+
158
+    @atomic.action_timer("barbican.orders_get")
159
+    def orders_get(self, order_ref):
160
+        """Get the order
161
+
162
+        :param order_ref: The order reference
163
+        """
164
+        return self._clients.barbican().orders.get(order_ref)
165
+
166
+    @atomic.action_timer("barbican.create_key")
167
+    def create_key(self, name=None, algorithm="aes", bit_length=256, mode=None,
168
+                   payload_content_type=None, expiration=None):
169
+        """Create a key order object
170
+
171
+        :param name: A friendly name for the secret to be created
172
+        :param algorithm: The algorithm associated with this secret key
173
+        :param bit_length: The bit length of this secret key
174
+        :param mode: The algorithm mode used with this secret key
175
+        :param payload_content_type: The format/type of the secret data
176
+        :param expiration: The expiration time of the secret
177
+            in ISO 8601 format
178
+        :returns: KeyOrder
179
+        """
180
+        name = name or self.generate_random_name()
181
+        order = self._clients.barbican().orders.create_key(
182
+            name=name, algorithm=algorithm, bit_length=bit_length,
183
+            mode=mode, payload_content_type=payload_content_type,
184
+            expiration=expiration)
185
+        order.submit()
186
+        return order
187
+
188
+    @atomic.action_timer("barbican.create_asymmetric")
189
+    def create_asymmetric(self, name=None, algorithm="aes", bit_length=256,
190
+                          pass_phrase=None, payload_content_type=None,
191
+                          expiration=None):
192
+        """Create an asymmetric order object
193
+
194
+        :param name: A friendly name for the container to be created
195
+        :param algorithm: The algorithm associated with this secret key
196
+        :param bit_length: The bit length of this secret key
197
+        :param pass_phrase: Optional passphrase
198
+        :param payload_content_type: The format/type of the secret data
199
+        :param expiration: The expiration time of the secret
200
+            in ISO 8601 format
201
+        :returns: AsymmetricOrder
202
+        """
203
+        name = name or self.generate_random_name()
204
+        order = self._clients.barbican().orders.create_asymmetric(
205
+            name=name, algorithm=algorithm, bit_length=bit_length,
206
+            pass_phrase=pass_phrase, payload_content_type=payload_content_type,
207
+            expiration=expiration)
208
+        order.submit()
209
+        return order
210
+
211
+    @atomic.action_timer("barbican.create_certificate")
212
+    def create_certificate(self, name=None, request_type=None, subject_dn=None,
213
+                           source_container_ref=None, ca_id=None, profile=None,
214
+                           request_data=None):
215
+        """Create a certificate order object
216
+
217
+        :param name: A friendly name for the container to be created
218
+        :param request_type: The type of the certificate request
219
+        :param subject_dn: A subject for the certificate
220
+        :param source_container_ref: A container with a
221
+            public/private key pair to use as source for stored-key
222
+            requests
223
+        :param ca_id: The identifier of the CA to use
224
+        :param profile: The profile of certificate to use
225
+        :param request_data: The CSR content
226
+        :returns: CertificateOrder
227
+        """
228
+        name = name or self.generate_random_name()
229
+        order = self._clients.barbican().orders.create_certificate(
230
+            name=name, request_type=request_type, subject_dn=subject_dn,
231
+            source_container_ref=source_container_ref, ca_id=ca_id,
232
+            profile=profile, request_data=request_data)
233
+        order.submit()
234
+        return order

+ 22
- 0
samples/tasks/scenarios/barbican/create-and-delete-asymmetric.json View File

@@ -0,0 +1,22 @@
1
+{
2
+    "BarbicanOrders.create_asymmetric_and_delete": [
3
+        {
4
+            "runner": {
5
+                "type": "constant",
6
+                "times": 2,
7
+                "concurrency": 1
8
+            },
9
+            "context": {
10
+                "users": {
11
+                    "tenants": 1,
12
+                    "users_per_tenant": 1
13
+                }
14
+            },
15
+            "sla": {
16
+                "failure_rate": {
17
+                    "max": 0
18
+                }
19
+            }
20
+        }
21
+    ]
22
+}

+ 15
- 0
samples/tasks/scenarios/barbican/create-and-delete-asymmetric.yaml View File

@@ -0,0 +1,15 @@
1
+---
2
+  BarbicanOrders.create_asymmetric_and_delete:
3
+    -
4
+      runner:
5
+        type: "constant"
6
+        times: 2
7
+        concurrency: 1
8
+      context:
9
+        users:
10
+          tenants: 1
11
+          users_per_tenant: 1
12
+      sla:
13
+        failure_rate:
14
+          max: 0
15
+

+ 22
- 0
samples/tasks/scenarios/barbican/create-and-delete-keys.json View File

@@ -0,0 +1,22 @@
1
+{
2
+    "BarbicanOrders.create_key_and_delete": [
3
+        {
4
+            "runner": {
5
+                "type": "constant",
6
+                "times": 2,
7
+                "concurrency": 1
8
+            },
9
+            "context": {
10
+                "users": {
11
+                    "tenants": 1,
12
+                    "users_per_tenant": 1
13
+                }
14
+            },
15
+            "sla": {
16
+                "failure_rate": {
17
+                    "max": 0
18
+                }
19
+            }
20
+        }
21
+    ]
22
+}

+ 15
- 0
samples/tasks/scenarios/barbican/create-and-delete-keys.yaml View File

@@ -0,0 +1,15 @@
1
+---
2
+  BarbicanOrders.create_key_and_delete:
3
+    -
4
+      runner:
5
+        type: "constant"
6
+        times: 2
7
+        concurrency: 1
8
+      context:
9
+        users:
10
+          tenants: 1
11
+          users_per_tenant: 1
12
+      sla:
13
+        failure_rate:
14
+          max: 0
15
+

+ 22
- 0
samples/tasks/scenarios/barbican/create-and-delete-order-certificate.json View File

@@ -0,0 +1,22 @@
1
+{
2
+    "BarbicanOrders.create_certificate_and_delete": [
3
+        {
4
+            "runner": {
5
+                "type": "constant",
6
+                "times": 2,
7
+                "concurrency": 1
8
+            },
9
+            "context": {
10
+                "users": {
11
+                    "tenants": 1,
12
+                    "users_per_tenant": 1
13
+                }
14
+            },
15
+            "sla": {
16
+                "failure_rate": {
17
+                    "max": 0
18
+                }
19
+            }
20
+        }
21
+    ]
22
+}

+ 15
- 0
samples/tasks/scenarios/barbican/create-and-delete-order-certificate.yaml View File

@@ -0,0 +1,15 @@
1
+---
2
+  BarbicanOrders.create_certificate_and_delete:
3
+    -
4
+      runner:
5
+        type: "constant"
6
+        times: 2
7
+        concurrency: 1
8
+      context:
9
+        users:
10
+          tenants: 1
11
+          users_per_tenant: 1
12
+      sla:
13
+        failure_rate:
14
+          max: 0
15
+

+ 22
- 0
samples/tasks/scenarios/barbican/list-orders.json View File

@@ -0,0 +1,22 @@
1
+{
2
+    "BarbicanOrders.list": [
3
+        {
4
+            "runner": {
5
+                "type": "constant",
6
+                "times": 2,
7
+                "concurrency": 1
8
+            },
9
+            "context": {
10
+                "users": {
11
+                    "tenants": 1,
12
+                    "users_per_tenant": 1
13
+                }
14
+            },
15
+            "sla": {
16
+                "failure_rate": {
17
+                    "max": 0
18
+                }
19
+            }
20
+        }
21
+    ]
22
+}

+ 15
- 0
samples/tasks/scenarios/barbican/list-orders.yaml View File

@@ -0,0 +1,15 @@
1
+---
2
+  BarbicanOrders.list:
3
+    -
4
+      runner:
5
+        type: "constant"
6
+        times: 2
7
+        concurrency: 1
8
+      context:
9
+        users:
10
+          tenants: 1
11
+          users_per_tenant: 1
12
+      sla:
13
+        failure_rate:
14
+          max: 0
15
+

+ 82
- 0
tests/unit/scenarios/barbican/test_orders.py View File

@@ -0,0 +1,82 @@
1
+# Copyright 2018 Red Hat Inc
2
+# All Rights Reserved.
3
+#
4
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
5
+#    not use this file except in compliance with the License. You may obtain
6
+#    a copy of the License at
7
+#
8
+#         http://www.apache.org/licenses/LICENSE-2.0
9
+#
10
+#    Unless required by applicable law or agreed to in writing, software
11
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13
+#    License for the specific language governing permissions and limitations
14
+#    under the License.
15
+
16
+import mock
17
+
18
+from rally_openstack.scenarios.barbican import orders
19
+from tests.unit import test
20
+
21
+
22
+class BarbicanOrdersTestCase(test.ScenarioTestCase):
23
+
24
+    def get_test_context(self):
25
+        context = super(BarbicanOrdersTestCase, self).get_test_context()
26
+        context.update({
27
+            "admin": {
28
+                "user_id": "fake",
29
+                "credential": mock.MagicMock()
30
+            },
31
+            "user": {
32
+                "user_id": "fake",
33
+                "credential": mock.MagicMock()
34
+            },
35
+            "tenant": {"id": "fake"}
36
+        })
37
+        return context
38
+
39
+    def setUp(self):
40
+        super(BarbicanOrdersTestCase, self).setUp()
41
+        patch = mock.patch(
42
+            "rally_openstack.services.key_manager.barbican.BarbicanService")
43
+        self.addCleanup(patch.stop)
44
+        self.mock_secrets = patch.start()
45
+
46
+    def test_list_orders(self):
47
+        barbican_service = self.mock_secrets.return_value
48
+        scenario = orders.BarbicanOrdersList(self.context)
49
+        scenario.run()
50
+        barbican_service.orders_list.assert_called_once_with()
51
+
52
+    def test_key_create_and_delete(self):
53
+        keys = {"order_ref": "fake-key"}
54
+        barbican_service = self.mock_secrets.return_value
55
+        scenario = orders.BarbicanOrdersCreateKeyAndDelete(self.context)
56
+        scenario.run()
57
+        keys = barbican_service.create_key.return_value
58
+        barbican_service.create_key.assert_called_once_with()
59
+        barbican_service.orders_delete.assert_called_once_with(
60
+            keys.order_ref)
61
+
62
+    def test_certificate_create_and_delete(self):
63
+        certificate = {"order_ref": "fake-certificate"}
64
+        barbican_service = self.mock_secrets.return_value
65
+        scenario = orders.BarbicanOrdersCreateCertificateAndDelete(
66
+            self.context)
67
+        scenario.run()
68
+        certificate = barbican_service.create_certificate.return_value
69
+        barbican_service.create_certificate.assert_called_once_with()
70
+        barbican_service.orders_delete.assert_called_once_with(
71
+            certificate.order_ref)
72
+
73
+    def test_asymmetric_create_and_delete(self):
74
+        certificate = {"order_ref": "fake-certificate"}
75
+        barbican_service = self.mock_secrets.return_value
76
+        scenario = orders.BarbicanOrdersCreateAsymmetricAndDelete(
77
+            self.context)
78
+        scenario.run()
79
+        certificate = barbican_service.create_asymmetric.return_value
80
+        barbican_service.create_asymmetric.assert_called_once_with()
81
+        barbican_service.orders_delete.assert_called_once_with(
82
+            certificate.order_ref)

+ 53
- 0
tests/unit/services/barbican/test_secrets.py View File

@@ -100,3 +100,56 @@ class BarbicanServiceTestCase(test.TestCase):
100 100
                 certificate=None, intermediates=None,
101 101
                 name="container", private_key=None,
102 102
                 private_key_passphrase=None)
103
+
104
+    def test__list_orders(self):
105
+        self.assertEqual(
106
+            self.service.orders_list(),
107
+            self.service._clients.barbican().orders.list.return_value)
108
+        self._test_atomic_action_timer(
109
+            self.atomic_actions(), "barbican.orders_list")
110
+
111
+    def test__orders_get(self):
112
+        self.service.orders_get("fake_order")
113
+        self.service._clients.barbican().orders.get \
114
+            .assert_called_once_with("fake_order")
115
+
116
+    def test__orders_delete(self):
117
+        self.service.orders_delete("fake_order")
118
+        self.service._clients.barbican().orders.delete \
119
+            .assert_called_once_with("fake_order")
120
+        self._test_atomic_action_timer(
121
+            self.atomic_actions(), "barbican.orders_delete")
122
+
123
+    def test__create_key(self):
124
+        self.service.generate_random_name = mock.MagicMock(
125
+            return_value="key")
126
+        self.service.create_key()
127
+        self.service._clients.barbican().orders.create_key \
128
+            .assert_called_once_with(
129
+                name="key", algorithm="aes", bit_length=256, mode=None,
130
+            payload_content_type=None, expiration=None)
131
+        self._test_atomic_action_timer(
132
+            self.atomic_actions(), "barbican.create_key")
133
+
134
+    def test__create_asymmetric(self):
135
+        self.service.generate_random_name = mock.MagicMock(
136
+            return_value="key")
137
+        self.service.create_asymmetric()
138
+        self.service._clients.barbican().orders.create_asymmetric \
139
+            .assert_called_once_with(
140
+                algorithm="aes", bit_length=256, expiration=None, name="key",
141
+                pass_phrase=None, payload_content_type=None)
142
+        self._test_atomic_action_timer(
143
+            self.atomic_actions(), "barbican.create_asymmetric")
144
+
145
+    def test_create_certificate(self):
146
+        self.service.generate_random_name = mock.MagicMock(
147
+            return_value="key")
148
+        self.service.create_certificate()
149
+        self.service._clients.barbican().orders.create_certificate \
150
+            .assert_called_once_with(
151
+                name="key", request_type=None, subject_dn=None,
152
+                source_container_ref=None, ca_id=None, profile=None,
153
+                request_data=None)
154
+        self._test_atomic_action_timer(
155
+            self.atomic_actions(), "barbican.create_certificate")

Loading…
Cancel
Save