def check_reset_status_after_reboot(reboot_type, pre_reboot_status,
post_reboot_status, duthost, localhost,
construct_url):
logger.info("Checking for RESTAPI reset status after " + reboot_type +
" reboot")
params = '{"reset_status":"false"}'
r = restapi.post_reset_status(construct_url, params)
pytest_assert(r.status_code == 200)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == pre_reboot_status)
# Add extra wait for warm-reboot to ensure warmboot-finalizer is done
# Otherwise, the warmboot-finalizer will write the testing vnet and vlan config
# into config_db.json and cause unrecoverable errors
wait_warmboot_finalizer = False
if reboot_type == 'warm':
wait_warmboot_finalizer = True
reboot(duthost,
localhost,
reboot_type,
wait_warmboot_finalizer=wait_warmboot_finalizer)
apply_cert_config(duthost)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == post_reboot_status)
def test_check_reset_status(construct_url, duthosts, rand_one_dut_hostname, localhost):
duthost = duthosts[rand_one_dut_hostname]
# Set reset status
logger.info("Checking for RESTAPI reset status")
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == "true")
logger.info("Setting RESTAPI reset status")
params = '{"reset_status":"false"}'
r = restapi.post_reset_status(construct_url, params)
pytest_assert(r.status_code == 200)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == "false")
# Check reset status post config reload
logger.info("Checking for RESTAPI reset status after config reload")
config_reload(duthost)
apply_cert_config(duthost)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == "true")
# Check reset status post fast reboot
check_reset_status_after_reboot('fast', "false", "true", duthost, localhost, construct_url)
# Check reset status post cold reboot
check_reset_status_after_reboot('cold', "false", "true", duthost, localhost, construct_url)
# Check reset status post warm reboot
check_reset_status_after_reboot('warm', "false", "false", duthost, localhost, construct_url)
def check_reset_status_after_reboot(reboot_type, pre_reboot_status, post_reboot_status, duthost, localhost, construct_url):
logger.info("Checking for RESTAPI reset status after "+reboot_type+" reboot")
params = '{"reset_status":"false"}'
r = restapi.post_reset_status(construct_url, params)
pytest_assert(r.status_code == 200)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == pre_reboot_status)
reboot(duthost, localhost, reboot_type)
apply_cert_config(duthost)
r = restapi.get_reset_status(construct_url)
pytest_assert(r.status_code == 200)
logger.info(r.json())
response = r.json()
pytest_assert(response['reset_status'] == post_reboot_status)
def setup_restapi_server(duthosts, rand_one_dut_hostname, localhost):
'''
Create RESTAPI client certificates and copy the subject names to the config DB
'''
duthost = duthosts[rand_one_dut_hostname]
# Check if RESTAPI is enabled on the device
pyrequire(
check_container_state(duthost,
RESTAPI_CONTAINER_NAME,
should_be_running=True),
"Test was not supported on devices which do not support RESTAPI!")
# Create Root key
local_command = "openssl genrsa -out restapiCA.key 2048"
localhost.shell(local_command)
# Create Root cert
local_command = "openssl req \
-x509 \
-new \
-nodes \
-key restapiCA.key \
-sha256 \
-days 1825 \
-subj '/CN=test.restapi.sonic' \
-out restapiCA.pem"
localhost.shell(local_command)
# Create server key
local_command = "openssl genrsa -out restapiserver.key 2048"
localhost.shell(local_command)
# Create server CSR
local_command = "openssl req \
-new \
-key restapiserver.key \
-subj '/CN=test.server.restapi.sonic' \
-out restapiserver.csr"
localhost.shell(local_command)
# Sign server certificate
local_command = "openssl x509 \
-req \
-in restapiserver.csr \
-CA restapiCA.pem \
-CAkey restapiCA.key \
-CAcreateserial \
-out restapiserver.crt \
-days 825 \
-sha256"
localhost.shell(local_command)
# Create client key
local_command = "openssl genrsa -out restapiclient.key 2048"
localhost.shell(local_command)
# Create client CSR
local_command = "openssl req \
-new \
-key restapiclient.key \
-subj '/CN=test.client.restapi.sonic' \
-out restapiclient.csr"
localhost.shell(local_command)
# Sign client certificate
local_command = "openssl x509 \
-req \
-in restapiclient.csr \
-CA restapiCA.pem \
-CAkey restapiCA.key \
-CAcreateserial \
-out restapiclient.crt \
-days 825 \
-sha256"
localhost.shell(local_command)
# Copy CA certificate and server certificate over to the DUT
duthost.copy(src='restapiCA.pem', dest='/etc/sonic/credentials/')
duthost.copy(src='restapiserver.crt',
dest='/etc/sonic/credentials/testrestapiserver.crt')
duthost.copy(src='restapiserver.key',
dest='/etc/sonic/credentials/testrestapiserver.key')
apply_cert_config(duthost)
urllib3.disable_warnings()
yield
# Perform a config load_minigraph to ensure config_db is not corrupted
config_reload(duthost, config_source='minigraph')
# Delete all created certs
local_command = "rm \
restapiCA.* \
restapiserver.* \
restapiclient.*"
localhost.shell(local_command)
