def test_multi_tenancy_deployment_aborting(self): """ Simply make sure we are able to run the multi tenancy setup and bootstrap 2 different devices to different tenants """ auth.reset_auth_token() users = [ { "email": "*****@*****.**", "password": "******", "username": "******", "container": "mender-client-deployment-aborting-1", } ] for user in users: auth.new_tenant(user["username"], user["email"], user["password"]) t = auth.current_tenant["tenant_token"] new_tenant_client(user["container"], t) adm.accept_devices(1) for user in users: deployment_id, _ = common_update_procedure(install_image=conftest.get_valid_image()) deploy.abort(deployment_id) deploy.check_expected_statistics(deployment_id, "aborted", 1) execute(self.mender_log_contains_aborted_string, hosts=get_mender_client_by_container_name(user["container"]))
def test_multi_tenancy_deployment(self): """ Simply make sure we are able to run the multi tenancy setup and bootstrap 2 different devices to different tenants """ auth.reset_auth_token() users = [ { "email": "*****@*****.**", "password": "******", "username": "******", "container": "mender-client-deployment-1", "fail": False }, { "email": "*****@*****.**", "password": "******", "username": "******", "container": "mender-client-deployment-2", "fail": True } ] for user in users: auth.new_tenant(user["username"], user["email"], user["password"]) t = auth.current_tenant["tenant_token"] new_tenant_client(user["container"], t) adm.accept_devices(1) for user in users: auth.new_tenant(user["username"], user["email"], user["password"]) assert len(inv.get_devices()) == 1 self.perform_update(mender_client_container=user["container"], fail=user["fail"])
def test_multi_tenancy_deployment_s3(self): def verify_object_id_and_tagging(): from boto3 import client tenant = auth.get_tenant_id() conn = client('s3') artifacts = deploy.get_artifacts() assert len(artifacts) == 1 artifact_id = artifacts[0]["id"] # verify object ID of proper MT format for key in conn.list_objects( Bucket='mender-artifacts-int-testing-us')['Contents']: if key['Key'].startswith(tenant): expectedObject = "%s/%s" % (tenant, artifact_id) assert key['Key'] == expectedObject # verify tagging is working tags = conn.get_object_tagging( Bucket='mender-artifacts-int-testing-us', Key=expectedObject)["TagSet"][0] assert tags["Value"] == tenant assert tags["Key"] == "tenant_id" # Delete artifact and make sure it's really gone conn.delete_object(Bucket="mender-artifacts-int-testing-us", Key=expectedObject) deploy.delete_artifact(artifact_id) conn.list_objects(Bucket='mender-artifacts-int-testing-us') for key in conn.list_objects( Bucket='mender-artifacts-int-testing-us').get( 'Contents', []): if key['Key'].startswith(tenant): pytest.fail("failed to delete artifact from s3") auth.reset_auth_token() users = [{ "email": "*****@*****.**", "password": "******", "username": "******", "container": "mender-client-mt-s3", }] for user in users: auth.new_tenant(user["username"], user["email"], user["password"]) t = auth.current_tenant["tenant_token"] new_tenant_client(user["container"], t) adm.accept_devices(1) self.perform_update(mender_client_container=user["container"]) verify_object_id_and_tagging()
def test_token_validity(self): """ verify that only devices with valid tokens can bootstrap successfully to a multitenancy setup """ wrong_token = "wrong-token" def wait_until_bootstrap_attempt(): if not env.host_string: return execute(wait_until_bootstrap_attempt, hosts=get_mender_clients()) ssh_is_opened() for i in range(1, 20): with settings(hide('everything'), warn_only=True): out = run( 'journalctl -u mender | grep "bootstrapped -> authorize-wait"' ) if out.succeeded: return True time.sleep(20 / i) return False def set_correct_tenant_token(token): if not env.host_string: return execute(set_correct_tenant_token, token, hosts=get_mender_clients()) run("sed -i 's/%s/%s/g' /etc/mender/mender.conf" % (wrong_token, token)) run("systemctl restart mender") auth.reset_auth_token() auth.new_tenant("*****@*****.**", "hunter2hunter2") token = auth.current_tenant["tenant_token"] # create a new client with an incorrect token set new_tenant_client("mender-client", wrong_token) if wait_until_bootstrap_attempt(): for _ in range(5): time.sleep(5) adm.get_devices( expected_devices=0) # make sure device not seen else: pytest.fail("failed to bootstrap device") # setting the correct token makes the client visible to the backend set_correct_tenant_token(token) adm.get_devices(expected_devices=1)
def test_multi_tenancy_setup(self): """ Simply make sure we are able to run the multi tenancy setup and bootstrap 2 different devices to different tenants """ auth.reset_auth_token() users = [ { "email": "*****@*****.**", "password": "******", "container": "mender-client" }, { "email": "*****@*****.**", "password": "******", "container": "client2" }, ] for user in users: auth.new_tenant(user["email"], user["password"]) t = auth.current_tenant["tenant_token"] new_tenant_client(user["container"], t) print "sleeping" time.sleep(1000) adm.accept_devices(1) print adm.get_devices() self.perform_update() # deploy to each device for user in users: auth.set_tenant(user["email"], user["password"]) t = auth.current_tenant["tenant_token"] adm.accept_devices(1)