1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
<!--
Copyright 2017 Lars Wirzenius
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
-->
# Scenario step implementations for locally managed ick
## Authentication setup
IMPLEMENTS GIVEN an RSA key pair for token signing
argv = [
os.path.join(srcdir, 'generate-rsa-key'),
'token.key',
]
cliapp.runcmd(argv, stdout=None, stderr=None)
IMPLEMENTS GIVEN an access token for (\S+) with scopes (.+)
user = get_next_match()
scopes = get_next_match()
key = open('token.key').read()
argv = [
os.path.join(srcdir, 'create-token'),
scopes,
]
token = cliapp.runcmd(argv, feed_stdin=key)
store_token(user, token)
vars['issuer'] = 'localhost'
vars['audience'] = 'localhost'
## Controller configuration
IMPLEMENTS GIVEN controller config uses (\S+) at the state directory
vars['statedir'] = get_next_match()
## Start and stop the controller
IMPLEMENTS GIVEN a running ick controller
import os, time, cliapp, yaml
vars['controller.log'] = 'ick_controller.log'
vars['gunicorn3.log'] = 'gunicorn3.log'
vars['port'] = random_free_port()
vars['url'] = 'http://127.0.0.1:{}'.format(vars['port'])
config = {
'token-issuer': vars['issuer'],
'token-audience': vars['audience'],
'token-public-key': cat('token.key.pub'),
'log': [
{
'filename': vars['controller.log'],
},
],
'statedir': vars['statedir'],
}
env = dict(os.environ)
env['ICK_CONTROLLER_CONFIG'] = 'ick_controller.yaml'
yaml.safe_dump(config, open('ick_controller.yaml', 'w'))
argv = [
'gunicorn3',
'--daemon',
'--bind', '127.0.0.1:{}'.format(vars['port']),
'--log-file', vars['gunicorn3.log'],
'--log-level', 'debug',
'-p', 'pid',
'ick_controller:app',
]
cliapp.runcmd(argv, env=env)
vars['pid'] = int(cat('pid'))
wait_for_port(vars['port'])
IMPLEMENTS WHEN user stops ick controller
import os, signal
os.kill(int(vars['pid']), signal.SIGTERM)
IMPLEMENTS FINALLY stop ick controller
import os, signal
os.kill(vars['pid'], signal.SIGTERM)
## Controller state inspection
IMPLEMENTS THEN controller state directory contains project (\S+)
name = get_next_match()
filename = os.path.join(vars['statedir'], 'projects', name + '.yaml')
assertTrue(os.path.exists(filename))
IMPLEMENTS THEN controller state directory contains worker (\S+)
name = get_next_match()
filename = os.path.join(vars['statedir'], 'workers', name + '.yaml')
assertTrue(os.path.exists(filename))
|