Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

License Enforcement Application #3929

Merged
merged 9 commits into from
Nov 18, 2024
Merged

License Enforcement Application #3929

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
da534d7
Implementation of license enforcement application
jashaik Sep 19, 2024
b65ffa7
Fixing pipeline issues
jashaik Sep 25, 2024
bf8ae1c
Fixing pipeline issues
jashaik Sep 25, 2024
2d2412d
License Caching and Add license enforcement to all APIs (#3919)
jashaik Oct 9, 2024
966755e
Modified error message for license expiry case (#3926)
jashaik Oct 23, 2024
255de1e
Updated chef-server-ctl to handle invalid license + Added grace perio…
jashaik Nov 11, 2024
33e06e0
Change for customer Name (#3939)
talktovikas Nov 14, 2024
cebbc5e
Pedant test for the case if automate license is expired (#3941)
talktovikas Nov 14, 2024
2df3a3a
fixing the sonarQube issue.
talktovikas Nov 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 35 additions & 11 deletions .expeditor/verify.pipeline.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,7 @@ steps:
- USE_OMNIBUS_FILES=0
- PEDANT_OPTS="--skip-oc_id"
- BUNDLE_GEMFILE=/workdir/oc-chef-pedant/Gemfile
- IS_AUTOMATE=false

- label: With ChefFS=1
command:
Expand All @@ -174,6 +175,7 @@ steps:
- PEDANT_OPTS="--skip-oc_id"
- CHEF_FS=1
- BUNDLE_GEMFILE=/workdir/oc-chef-pedant/Gemfile
- IS_AUTOMATE=false

- label: automate_build
command:
Expand Down Expand Up @@ -214,39 +216,61 @@ steps:
- label: "chef server"
command:
- .expeditor/chef_server.sh
env:
IS_AUTOMATE: true
timeout_in_minutes: 30 # longer timeout for chef-server
expeditor:
executor:
linux:
privileged: true
secrets:
A2_LICENSE:
path: secret/a2/license
field: license
A2_EXPIRED_LICENSE:
path: secret/a2/license
field: expLicense
executor:
linux:
privileged: true
environment:
- IS_AUTOMATE=true

- label: "chef server only"
command:
- .expeditor/chef_server_only.sh
env:
IS_AUTOMATE: true
timeout_in_minutes: 20
expeditor:
executor:
linux:
privileged: true
secrets:
A2_LICENSE:
path: secret/a2/license
field: license
A2_EXPIRED_LICENSE:
path: secret/a2/license
field: expLicense
executor:
linux:
privileged: true
environment:
- IS_AUTOMATE=true


- label: "ha chef server"
command:
- .expeditor/ha_chef_server.sh
env:
IS_AUTOMATE: true
timeout_in_minutes: 35
expeditor:
executor:
linux:
single-use: true
privileged: true
secrets:
A2_LICENSE:
path: secret/a2/license
field: license
field: license
A2_EXPIRED_LICENSE:
path: secret/a2/license
field: expLicense
executor:
linux:
privileged: true
single-use: true
environment:
- IS_AUTOMATE=true
61 changes: 61 additions & 0 deletions oc-chef-pedant/spec/api/server_license_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
# -*- coding: utf-8 -*-
require 'pedant/rspec/common'

describe "server license testing", :license do

# Pedant has configurable test users.
# Selects Pedant users that are marked as associated
let(:default_pedant_user_names) { platform.users.select(&:associate).map(&:name).sort }
let(:default_users_body) { default_pedant_user_names.map { |user| {"user" => {"username" => user} } } }

# context "/users endpoint", automate: true do
context "/users endpoint" do
let(:request_url) { "#{platform.server}/users" }
let(:status_url) { "#{platform.server}/_status" }

let(:users_body) do
{
# There are other users, but these are ours, so they should always be
# somewhere in the userspace soup.
"pivotal" => "#{request_url}/pivotal",
platform.bad_user.name => "#{request_url}/#{platform.bad_user.name}",
platform.admin_user.name => "#{request_url}/#{platform.admin_user.name}",
platform.non_admin_user.name => "#{request_url}/#{platform.non_admin_user.name}",
}
end

context "when having valid license" do
it "can get all users and since the license is valid, they should show 200 as return", :smoke do
get(request_url, platform.superuser).should look_like({
:status => 200,
:body => users_body
})
end
end

# In case of Embedded chef-server in Automate, If the license of automate is Expired in that case all requests reaching to chef-server should return 403
context "when not having valid license", if: ENV["IS_AUTOMATE"] == "true" do
before(:all) do
puts "applying expired license"
puts ENV['A2_EXPIRED_LICENSE']
system("chef-automate license apply -f \"${A2_EXPIRED_LICENSE}\"")
system("sleep 50")
puts "expired license applied"
puts system("chef-automate license status")
end
after(:all) do
system("chef-automate license apply \"$A2_LICENSE\"")
system("sleep 50")
puts "valid license applied"
puts system("chef-automate license status")
end

it "returns 403", :smoke do
puts get(request_url, platform.superuser)
get(request_url, platform.superuser).should look_like({
:status => 403
})
end
end
end # context /users/<name> endpoint
end # describe users
Loading
Loading