def test_multi_tenancy_deployment_aborting(self):
""" Simply make sure we are able to run the multi tenancy setup and
bootstrap 2 different devices to different tenants """
auth.reset_auth_token()
users = [
{
"email": "*****@*****.**",
"password": "******",
"username": "******",
"container": "mender-client-deployment-aborting-1",
}
]
for user in users:
auth.new_tenant(user["username"], user["email"], user["password"])
t = auth.current_tenant["tenant_token"]
new_tenant_client(user["container"], t)
adm.accept_devices(1)
for user in users:
deployment_id, _ = common_update_procedure(install_image=conftest.get_valid_image())
deploy.abort(deployment_id)
deploy.check_expected_statistics(deployment_id, "aborted", 1)
execute(self.mender_log_contains_aborted_string,
hosts=get_mender_client_by_container_name(user["container"]))
def test_multi_tenancy_deployment(self):
""" Simply make sure we are able to run the multi tenancy setup and
bootstrap 2 different devices to different tenants """
auth.reset_auth_token()
users = [
{
"email": "*****@*****.**",
"password": "******",
"username": "******",
"container": "mender-client-deployment-1",
"fail": False
},
{
"email": "*****@*****.**",
"password": "******",
"username": "******",
"container": "mender-client-deployment-2",
"fail": True
}
]
for user in users:
auth.new_tenant(user["username"], user["email"], user["password"])
t = auth.current_tenant["tenant_token"]
new_tenant_client(user["container"], t)
adm.accept_devices(1)
for user in users:
auth.new_tenant(user["username"], user["email"], user["password"])
assert len(inv.get_devices()) == 1
self.perform_update(mender_client_container=user["container"],
fail=user["fail"])
def test_multi_tenancy_deployment_s3(self):
def verify_object_id_and_tagging():
from boto3 import client
tenant = auth.get_tenant_id()
conn = client('s3')
artifacts = deploy.get_artifacts()
assert len(artifacts) == 1
artifact_id = artifacts[0]["id"]
# verify object ID of proper MT format
for key in conn.list_objects(
Bucket='mender-artifacts-int-testing-us')['Contents']:
if key['Key'].startswith(tenant):
expectedObject = "%s/%s" % (tenant, artifact_id)
assert key['Key'] == expectedObject
# verify tagging is working
tags = conn.get_object_tagging(
Bucket='mender-artifacts-int-testing-us',
Key=expectedObject)["TagSet"][0]
assert tags["Value"] == tenant
assert tags["Key"] == "tenant_id"
# Delete artifact and make sure it's really gone
conn.delete_object(Bucket="mender-artifacts-int-testing-us",
Key=expectedObject)
deploy.delete_artifact(artifact_id)
conn.list_objects(Bucket='mender-artifacts-int-testing-us')
for key in conn.list_objects(
Bucket='mender-artifacts-int-testing-us').get(
'Contents', []):
if key['Key'].startswith(tenant):
pytest.fail("failed to delete artifact from s3")
auth.reset_auth_token()
users = [{
"email": "*****@*****.**",
"password": "******",
"username": "******",
"container": "mender-client-mt-s3",
}]
for user in users:
auth.new_tenant(user["username"], user["email"], user["password"])
t = auth.current_tenant["tenant_token"]
new_tenant_client(user["container"], t)
adm.accept_devices(1)
self.perform_update(mender_client_container=user["container"])
verify_object_id_and_tagging()
def test_token_validity(self):
""" verify that only devices with valid tokens can bootstrap
successfully to a multitenancy setup """
wrong_token = "wrong-token"
def wait_until_bootstrap_attempt():
if not env.host_string:
return execute(wait_until_bootstrap_attempt,
hosts=get_mender_clients())
ssh_is_opened()
for i in range(1, 20):
with settings(hide('everything'), warn_only=True):
out = run(
'journalctl -u mender | grep "bootstrapped -> authorize-wait"'
)
if out.succeeded:
return True
time.sleep(20 / i)
return False
def set_correct_tenant_token(token):
if not env.host_string:
return execute(set_correct_tenant_token,
token,
hosts=get_mender_clients())
run("sed -i 's/%s/%s/g' /etc/mender/mender.conf" %
(wrong_token, token))
run("systemctl restart mender")
auth.reset_auth_token()
auth.new_tenant("*****@*****.**", "hunter2hunter2")
token = auth.current_tenant["tenant_token"]
# create a new client with an incorrect token set
new_tenant_client("mender-client", wrong_token)
if wait_until_bootstrap_attempt():
for _ in range(5):
time.sleep(5)
adm.get_devices(
expected_devices=0) # make sure device not seen
else:
pytest.fail("failed to bootstrap device")
# setting the correct token makes the client visible to the backend
set_correct_tenant_token(token)
adm.get_devices(expected_devices=1)
def test_multi_tenancy_setup(self):
""" Simply make sure we are able to run the multi tenancy setup and
bootstrap 2 different devices to different tenants """
auth.reset_auth_token()
users = [
{
"email": "*****@*****.**",
"password": "******",
"container": "mender-client"
},
{
"email": "*****@*****.**",
"password": "******",
"container": "client2"
},
]
for user in users:
auth.new_tenant(user["email"], user["password"])
t = auth.current_tenant["tenant_token"]
new_tenant_client(user["container"], t)
print "sleeping"
time.sleep(1000)
adm.accept_devices(1)
print adm.get_devices()
self.perform_update()
# deploy to each device
for user in users:
auth.set_tenant(user["email"], user["password"])
t = auth.current_tenant["tenant_token"]
adm.accept_devices(1)