diff --git a/.github/build-image-comment-template.md b/.github/build-image-comment-template.md
new file mode 100644
index 0000000..d73defa
--- /dev/null
+++ b/.github/build-image-comment-template.md
@@ -0,0 +1,50 @@
+
+👋 Hey! Here is the image we built for you ([Artifactory Link](https://artifactory.algol60.net/ui/repos/tree/General/csm-docker%2F{{ .stableString }}%2F{{ .imageName }}%2F{{ .imageTag }})):
+
+```bash
+{{ .image }}
+```
+
+Use podman or docker to pull it down and inspect locally:
+
+```bash
+podman pull {{ .image }}
+```
+
+Or, use this script to pull the image from the build server to a dev system:
+
+
+Dev System Pull Script
+
+
+> **Note** the following script only applies to systems running CSM 1.2 or later.
+
+```bash
+#!/usr/bin/env bash
+export REMOTE_IMAGE={{ .image }}
+export LOCAL_IMAGE={{ .imageName }}:{{ .imageTag }}
+
+skopeo copy --dest-tls-verify=false docker://${REMOTE_IMAGE} docker://registry.local/csm-docker/stable/${LOCAL_IMAGE}
+```
+
+
+
+Snyk Report
+
+
+_Coming soon_
+
+
+
+
+Software Bill of Materials
+
+
+```bash
+cosign download sbom {{ .image }} > container_image.spdx
+```
+
+If you don't have cosign, then you can get it [here](https://github.com/sigstore/cosign#installation).
+
+
+*Note*: this SHA is the merge of {{ .PRHeadSha }} and the PR base branch. Good luck and make rocket go now! 🌮 🚀
\ No newline at end of file
diff --git a/.github/workflows/build_and_release_ct_image.yaml b/.github/workflows/build_and_release_ct_image.yaml
new file mode 100644
index 0000000..399ad8d
--- /dev/null
+++ b/.github/workflows/build_and_release_ct_image.yaml
@@ -0,0 +1,20 @@
+name: Build and Publish CT Docker Images
+on:
+ - push # Perform a build of the contents from the branch
+ - pull_request # Perform a build after merging with the target branch
+ - workflow_dispatch
+jobs:
+ build_and_release:
+ uses: Cray-HPE/hms-build-image-workflows/.github/workflows/build_and_release_image.yaml@v1
+ with:
+ image-name: cray-scsd-test
+ docker-build-file: test/ct/Dockerfile #the tests/ct/Dockerfile is what we want!
+ docker-build-context: test/ct
+ enable-pr-comment: true
+ secrets:
+ artifactory-username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+ artifactory-token: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+ snyk-token: ${{ secrets.SNYK_TOKEN }}
+ cosign-gcp-project-id: ${{ secrets.COSIGN_GCP_PROJECT_ID }}
+ cosign-gcp-sa-key: ${{ secrets.COSIGN_GCP_SA_KEY }}
+ cosign-key: ${{ secrets.COSIGN_KEY }}
diff --git a/.github/workflows/build_and_release_image.yaml b/.github/workflows/build_and_release_image.yaml
new file mode 100644
index 0000000..9bc99f8
--- /dev/null
+++ b/.github/workflows/build_and_release_image.yaml
@@ -0,0 +1,18 @@
+name: Build and Publish Service Docker Images
+on:
+ - push # Perform a build of the contents from the branch
+ - pull_request # Perform a build after merging with the target branch
+ - workflow_dispatch
+jobs:
+ build_and_release:
+ uses: Cray-HPE/hms-build-image-workflows/.github/workflows/build_and_release_image.yaml@v1
+ with:
+ image-name: cray-scsd
+ enable-pr-comment: true
+ secrets:
+ artifactory-username: ${{ secrets.ARTIFACTORY_ALGOL60_USERNAME }}
+ artifactory-token: ${{ secrets.ARTIFACTORY_ALGOL60_TOKEN }}
+ snyk-token: ${{ secrets.SNYK_TOKEN }}
+ cosign-gcp-project-id: ${{ secrets.COSIGN_GCP_PROJECT_ID }}
+ cosign-gcp-sa-key: ${{ secrets.COSIGN_GCP_SA_KEY }}
+ cosign-key: ${{ secrets.COSIGN_KEY }}
diff --git a/.github/workflows/run_ct_test.yaml b/.github/workflows/run_ct_test.yaml
new file mode 100644
index 0000000..85ce7d8
--- /dev/null
+++ b/.github/workflows/run_ct_test.yaml
@@ -0,0 +1,7 @@
+name: Run CT Tests
+on: [push, pull_request, workflow_dispatch]
+jobs:
+ run_ct_test:
+ uses: Cray-HPE/hms-build-image-workflows/.github/workflows/run_ct_test.yaml@v1
+ with:
+ runs-on: ubuntu-latest
\ No newline at end of file
diff --git a/.github/workflows/run_integration_test.yaml b/.github/workflows/run_integration_test.yaml
new file mode 100644
index 0000000..dc40225
--- /dev/null
+++ b/.github/workflows/run_integration_test.yaml
@@ -0,0 +1,7 @@
+name: Run Integration Tests
+on: [push, pull_request, workflow_dispatch]
+jobs:
+ run_integration_test:
+ uses: Cray-HPE/hms-build-image-workflows/.github/workflows/run_integration_test.yaml@v1
+ with:
+ runs-on: ubuntu-latest
diff --git a/.github/workflows/run_unit_test.yaml b/.github/workflows/run_unit_test.yaml
new file mode 100644
index 0000000..f79f446
--- /dev/null
+++ b/.github/workflows/run_unit_test.yaml
@@ -0,0 +1,7 @@
+name: Run Unit Tests
+on: [push, pull_request, workflow_dispatch]
+jobs:
+ run_unit_test:
+ uses: Cray-HPE/hms-build-image-workflows/.github/workflows/run_unit_test.yaml@v1
+ with:
+ runs-on: ubuntu-latest
diff --git a/.gitignore b/.gitignore
index 0d5249e..8d9b8f9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,12 +5,6 @@ kubernetes/.packaged/
kubernetes/cray-hms-scsd/charts/
# runIntegration.sh creates the following soft links to the real files under Test/
-Dockerfile.fake-hsm
-Dockerfile.fake-rfep
-Dockerfile.fake-vault
-Dockerfile.scsd_functest
-Dockerfile.testscsd
-docker-compose-functest.yaml
# runIntegration.sh generates these log files
scsdtest_scsd_*.logs*
diff --git a/.version b/.version
index 81c871d..1cac385 100644
--- a/.version
+++ b/.version
@@ -1 +1 @@
-1.10.0
+1.11.0
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4ca1047..4c56fef 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).\
+## [1.11.0] - 2022-05-16
+
+### Changed
+
+- Builds with github actions - removed Jenkins builds
+
## [1.10.0] - 2021-11-16
### Added
diff --git a/Dockerfile b/Dockerfile
index 646330c..3ff199a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,7 +24,7 @@
### Build Base Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS build-base
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS build-base
RUN set -ex \
&& apk -U upgrade \
@@ -50,11 +50,12 @@ RUN set -ex \
### Final Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/alpine:3.13
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
LABEL maintainer="Hewlett Packard Enterprise"
STOPSIGNAL SIGTERM
EXPOSE 25309
STOPSIGNAL SIGTERM
+COPY configs configs
RUN set -ex \
&& apk -U upgrade \
diff --git a/Dockerfile.testing b/Dockerfile.testing
index 46d4d5b..57af2c8 100644
--- a/Dockerfile.testing
+++ b/Dockerfile.testing
@@ -22,7 +22,7 @@
### Build Base Stage ###
# Build base has the packages installed that we need.
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS build-base
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS build-base
RUN set -ex \
&& apk -U upgrade \
diff --git a/Test/Dockerfile.testscsd b/Dockerfile.testscsd
similarity index 94%
rename from Test/Dockerfile.testscsd
rename to Dockerfile.testscsd
index dd610fd..f45079d 100644
--- a/Test/Dockerfile.testscsd
+++ b/Dockerfile.testscsd
@@ -22,7 +22,7 @@
# Dockerfile for testing HMS SCSD.
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS build-base
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS build-base
RUN set -ex \
&& apk update \
@@ -46,7 +46,7 @@ RUN set -ex \
### Final Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/alpine:3.13
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
LABEL maintainer="Hewlett Packard Enterprise"
STOPSIGNAL SIGTERM
EXPOSE 25309
diff --git a/Jenkinsfile.github b/Jenkinsfile.github
deleted file mode 100644
index d4efff6..0000000
--- a/Jenkinsfile.github
+++ /dev/null
@@ -1,62 +0,0 @@
-@Library('csm-shared-library') _
-
-pipeline {
- agent {
- label "metal-gcp-builder"
- }
-
- options {
- buildDiscarder(logRotator(numToKeepStr: "10"))
- timestamps()
- }
-
- environment {
- NAME = "cray-scsd"
- DESCRIPTION = "Cray System Config Service"
- IS_STABLE = getBuildIsStable()
- VERSION = getDockerBuildVersion(isStable: env.IS_STABLE)
- DOCKER_ARGS = getDockerBuildArgs(name: "hms-scsd", description: env.DESCRIPTION, version: env.VERSION)
- NO_CACHE = "--no-cache"
- TEST_NAME = "hms-scsd-ct-test"
- TEST_SPEC_FILE = "hms-scsd-ct-test.spec"
- BUILD_METADATA = getRpmRevision(isStable: env.IS_STABLE)
- }
-
- stages {
- stage("Image") {
- steps {
- sh "make image"
- }
- }
-
- stage("Run Unit Tests") {
- steps {
- sh "make unittest"
- }
- }
-
- stage("Integration") {
- steps {
- sh "make integration"
- }
- }
-
- stage("Test Rpm") {
- steps {
- echo "RPM build metadata is: ${env.BUILD_METADATA}"
- runLibraryScript("addRpmMetaData.sh", env.TEST_SPEC_FILE)
- sh "make test_rpm"
- }
- }
-
- stage("Publish") {
- steps {
- script {
- publishCsmDockerImage(image: env.NAME, tag: env.VERSION, isStable: env.IS_STABLE)
- publishCsmRpms(component: env.TEST_NAME, pattern: "dist/scsd-ct-test-rpmbuild/RPMS/x86_64/*.rpm", arch: "x86_64", isStable: env.IS_STABLE)
- publishCsmRpms(component: env.TEST_NAME, pattern: "dist/scsd-ct-test-rpmbuild/SRPMS/*.rpm", arch: "src", isStable: env.IS_STABLE)
- }
- }
- }
- }
-}
diff --git a/Makefile b/Makefile
index d4b7f31..65fcd9d 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
# MIT License
#
-# (C) Copyright 2021 Hewlett Packard Enterprise Development LP
+# (C) Copyright [2021-2022] Hewlett Packard Enterprise Development LP
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"),
@@ -14,7 +14,7 @@
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
@@ -24,18 +24,8 @@
NAME ?= cray-scsd
VERSION ?= $(shell cat .version)
-# Common RPM variable
-BUILD_METADATA ?= "1~development~$(shell git rev-parse --short HEAD)"
-# CT Test RPM
-TEST_SPEC_NAME ?= hms-scsd-ct-test
-TEST_RPM_VERSION ?= $(shell cat .version)
-TEST_SPEC_FILE ?= ${TEST_SPEC_NAME}.spec
-TEST_SOURCE_NAME ?= ${TEST_SPEC_NAME}-${TEST_RPM_VERSION}
-TEST_BUILD_DIR ?= $(PWD)/dist/scsd-ct-test-rpmbuild
-TEST_SOURCE_PATH := ${TEST_BUILD_DIR}/SOURCES/${TEST_SOURCE_NAME}.tar.bz2
-
-all: image unittest integration test_rpm
+all : image unittest integration ct snyk ct_image
image:
docker build ${NO_CACHE} --pull ${DOCKER_ARGS} --tag '${NAME}:${VERSION}' .
@@ -46,23 +36,11 @@ unittest:
integration:
./runIntegration.sh
-test_rpm: test_rpm_prepare test_rpm_package_source test_rpm_build_source test_rpm_build
-
-test_rpm_prepare:
- rm -rf $(TEST_BUILD_DIR)
- mkdir -p $(TEST_BUILD_DIR)/SPECS $(TEST_BUILD_DIR)/SOURCES
- cp $(TEST_SPEC_FILE) $(TEST_BUILD_DIR)/SPECS/
-
-test_rpm_package_source:
- tar --transform 'flags=r;s,^,/$(TEST_SOURCE_NAME)/,' --exclude .git --exclude dist -cvjf $(TEST_SOURCE_PATH) ./${TEST_SPEC_FILE} ./Test/CT ./LICENSE
-
-test_rpm_build_source:
- BUILD_METADATA=$(BUILD_METADATA) rpmbuild -ts $(TEST_SOURCE_PATH) --define "_topdir $(TEST_BUILD_DIR)"
+snyk:
+ ./runSnyk.sh
-test_rpm_build:
- BUILD_METADATA=$(BUILD_METADATA) rpmbuild -ba $(TEST_SPEC_FILE) --define "_topdir $(TEST_BUILD_DIR)" --nodeps
+ct:
+ ./runCT.sh
-clean:
- # Remove files generated by runIntegation.sh
- rm -f Dockerfile.fake-hsm Dockerfile.fake-rfep Dockerfile.fake-vault Dockerfile.scsd_functest Dockerfile.testscsd docker-compose-functest.yaml
- rm -f scsdtest_scsd_*.logs*
+ct_image:
+ docker build --no-cache -f test/ct/Dockerfile test/ct/ --tag hms-scsd-test:${VERSION}
diff --git a/Test/CT/test_bmc_redfish_account_service_password.tavern.yaml b/Test/CT/test_bmc_redfish_account_service_password.tavern.yaml
deleted file mode 100644
index ed2423f..0000000
--- a/Test/CT/test_bmc_redfish_account_service_password.tavern.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-# Copyright 2020 Hewlett Packard Enterprise Development LP
-
-# Tavern test cases for BMC Redfish Account Service passwords
-# Author: Mitch Schooler
-# Service: System Configuration Service
-
-# HMS test metrics test cases: 3
-# 1. GET HSM /State/Components compute node API response code
-# 2. GET HSM /State/Components compute node API response body
-# 3. GET /{xname}/redfish/v1/AccountService API default password response code
----
-test_name: Ensure that the default Redfish Service Account password is configured for node BMCs
-
-stages:
- # 1. GET HSM /State/Components compute node API response code
- # 2. GET HSM /State/Components compute node API response body
- - name: Get a compute NodeBMC xname from the HSM Components collection to use in the following stages
- request:
- url: "{base_url}/smd/hsm/v1/State/Components?type=Node&role=Compute&state=Ready"
- method: GET
- headers:
- Authorization: "Bearer {access_token}"
- verify: !bool "{verify}"
- response:
- status_code: 200
- save:
- $ext:
- # convert the compute node xname to its BMC's xname (example: x3000c0s7b0n0 -> x3000c0s7b0)
- function: hms_ct_test_lib_ncn-resources_remote-resources:get_bmc_xname_from_first_node_xname
- body:
- xname: Components
-
- # 3. GET /{xname}/redfish/v1/AccountService API default password response code
- - name: Verify the Redfish Account Service for the compute NodeBMC can be accessed with the default password
- request:
- url: "https://{xname}/redfish/v1/AccountService"
- method: GET
- headers:
- # Authorization: "Basic $(echo -n user:password | base64)"
- Authorization: "Basic {bmc_basic_auth_orig}"
- # needed for BMC Redfish communication
- verify: False
- response:
- status_code: 200
diff --git a/Test/CT/test_scsd_creds_bmc_redfish_account_service_password.tavern.yaml b/Test/CT/test_scsd_creds_bmc_redfish_account_service_password.tavern.yaml
deleted file mode 100644
index 49fbadf..0000000
--- a/Test/CT/test_scsd_creds_bmc_redfish_account_service_password.tavern.yaml
+++ /dev/null
@@ -1,141 +0,0 @@
-# Copyright 2020 Hewlett Packard Enterprise Development LP
-
-# Tavern test cases for the System Configuration Service (SCSD) creds API
-# and Redfish Account Service password
-# Author: Mitch Schooler
-# Service: System Configuration Service
-
-# HMS test metrics test cases: 7
-# 1. GET HSM /State/Components compute node API response code
-# 2. GET HSM /State/Components compute node API response body
-# 3. GET /{xname}/redfish/v1/AccountService API default password response code
-# 4. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API incorrect password response code
-# 5. POST SCSD /bmc/creds/{xname} API new password response code
-# 6. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API original password response code
-# 7. GET /{xname}/redfish/v1/AccountService API new password response code
-# 8. POST SCSD /bmc/creds/{xname} API restore original password response code
-# 9. GET /{xname}/redfish/v1/AccountService API original password response code
-# 10. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API incorrect password response code
----
-test_name: Ensure that we can update the Redfish Service Account password for compute node BMCs
-
-stages:
- # 1. GET HSM /State/Components compute node API response code
- # 2. GET HSM /State/Components compute node API response body
- - name: Get a compute NodeBMC xname from the HSM Components collection to use in the following stages
- request:
- url: "{base_url}/smd/hsm/v1/State/Components?type=Node&role=Compute&state=Ready"
- method: GET
- headers:
- Authorization: "Bearer {access_token}"
- verify: !bool "{verify}"
- response:
- status_code: 200
- save:
- $ext:
- # convert the compute node xname to its BMC's xname (example: x3000c0s7b0n0 -> x3000c0s7b0)
- function: hms_ct_test_lib_ncn-resources_remote-resources:get_bmc_xname_from_first_node_xname
- body:
- xname: Components
-
- # 3. GET /{xname}/redfish/v1/AccountService API default password response code
- - name: Verify the Redfish Account Service for the compute NodeBMC can be accessed with the default password
- request:
- url: "https://{xname}/redfish/v1/AccountService"
- method: GET
- headers:
- # Authorization: "Basic $(echo -n user:password | base64)"
- Authorization: "Basic {bmc_basic_auth_orig}"
- # needed for BMC Redfish communication
- verify: False
- response:
- status_code: 200
-
- ## 4. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API incorrect password response code
- #- name: Verify the Redfish Account Service for the compute NodeBMC cannot be accessed with an incorrect password
- # request:
- # url: "https://{xname}/redfish/v1/AccountService"
- # method: GET
- # headers:
- # # Authorization: "Basic $(echo -n user:password | base64)"
- # Authorization: "Basic {bmc_basic_auth_new}"
- # # needed for BMC Redfish communication
- # verify: False
- # response:
- # status_code: 401
-
- # 5. POST SCSD /bmc/creds/{xname} API new password response code
- - name: Verify that we can set a new Redfish Account Service password for the compute NodeBMC using SCSD
- request:
- url: "{base_url}/scsd/v1/bmc/creds/{xname}"
- json: {"Force":false,"Creds":{"Username":"root","Password":"{bmc_password_new}"}}
- method: POST
- headers:
- Authorization: "Bearer {access_token}"
- verify: !bool "{verify}"
- response:
- status_code: 200
-
- ## 6. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API original password response code
- #- name: Verify the Redfish Account Service for the compute NodeBMC can no longer be accessed with the original password
- # request:
- # url: "https://{xname}/redfish/v1/AccountService"
- # method: GET
- # headers:
- # # Authorization: "Basic $(echo -n user:password | base64)"
- # Authorization: "Basic {bmc_basic_auth_orig}"
- # # needed for BMC Redfish communication
- # verify: False
- # response:
- # status_code: 401
-
- # 7. GET /{xname}/redfish/v1/AccountService API new password response code
- - name: Verify the Redfish Account Service for the compute NodeBMC can be accessed with the new password
- request:
- url: "https://{xname}/redfish/v1/AccountService"
- method: GET
- headers:
- # Authorization: "Basic $(echo -n user:password | base64)"
- Authorization: "Basic {bmc_basic_auth_new}"
- # needed for BMC Redfish communication
- verify: False
- response:
- status_code: 200
-
- # 8. POST SCSD /bmc/creds/{xname} API restore original password response code
- - name: Verify that we can restore the original Redfish Account Service password for the compute NodeBMC using SCSD
- request:
- url: "{base_url}/scsd/v1/bmc/creds/{xname}"
- json: {"Force":false,"Creds":{"Username":"root","Password":"{bmc_password_orig}"}}
- method: POST
- headers:
- Authorization: "Bearer {access_token}"
- verify: !bool "{verify}"
- response:
- status_code: 200
-
- # 9. GET /{xname}/redfish/v1/AccountService API original password response code
- - name: Verify the Redfish Account Service for the compute NodeBMC can be accessed with the original password again
- request:
- url: "https://{xname}/redfish/v1/AccountService"
- method: GET
- headers:
- # Authorization: "Basic $(echo -n user:password | base64)"
- Authorization: "Basic {bmc_basic_auth_orig}"
- # needed for BMC Redfish communication
- verify: False
- response:
- status_code: 200
-
- ## 10. Disabled (BMC Lockout Issues CASMHMS-3447/CASMHMS-3448) - GET /{xname}/redfish/v1/AccountService API incorrect password response code
- #- name: Verify the Redfish Account Service for the compute NodeBMC can no longer be accessed with the previously set password
- # request:
- # url: "https://{xname}/redfish/v1/AccountService"
- # method: GET
- # headers:
- # # Authorization: "Basic $(echo -n user:password | base64)"
- # Authorization: "Basic {bmc_basic_auth_new}"
- # # needed for BMC Redfish communication
- # verify: False
- # response:
- # status_code: 401
diff --git a/cmd/scsd/scsd.go b/cmd/scsd/scsd.go
index d279071..c770957 100644
--- a/cmd/scsd/scsd.go
+++ b/cmd/scsd/scsd.go
@@ -1,6 +1,6 @@
// MIT License
//
-// (C) Copyright [2020-2021] Hewlett Packard Enterprise Development LP
+// (C) Copyright [2020-2022] Hewlett Packard Enterprise Development LP
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the "Software"),
@@ -69,7 +69,7 @@ const (
var appParams = opParams{LogLevel: LOGLVL_ERROR,
LocalMode: true,
KafkaURL: "",
- SmdURL: "http://cray-smd/hsm/v1",
+ SmdURL: "http://cray-smd/hsm/v2",
HTTPListenPort: ":25309",
HTTPRetries: 5,
HTTPTimeout: 15,
diff --git a/configs/namespace b/configs/namespace
new file mode 100644
index 0000000..f690789
--- /dev/null
+++ b/configs/namespace
@@ -0,0 +1 @@
+namespace
diff --git a/configs/token b/configs/token
new file mode 100644
index 0000000..8d865be
--- /dev/null
+++ b/configs/token
@@ -0,0 +1 @@
+token
diff --git a/Test/docker-compose-functest.yaml b/docker-compose-functest.yaml
similarity index 89%
rename from Test/docker-compose-functest.yaml
rename to docker-compose-functest.yaml
index f6871e5..73ffca4 100644
--- a/Test/docker-compose-functest.yaml
+++ b/docker-compose-functest.yaml
@@ -14,7 +14,7 @@ services:
# This is used instead of the real State Manager for simplicity.
fakesm:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-hsm
image: fake-hsm:${HTAG}_${HSUFFIX}
hostname: ${FAKE_SM_HOST}
@@ -23,7 +23,7 @@ services:
- "${FAKE_SM_PORT}:${FAKE_SM_PORT}"
environment:
- PORT=:${FAKE_SM_PORT}
- networks:
+ networks:
- ttest
# A collection of 8 fake Redfish endpoints
@@ -31,7 +31,7 @@ services:
# x_s0 (mountain)
x_s0:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S0_HOST}
@@ -43,14 +43,14 @@ services:
- XNAME=${X_S0_HOST}
- NACCTS=1
- GOODACCT=1
- - VENDOR=cray
- networks:
+ - VENDOR=cray
+ networks:
- ttest
# x_s1 (mountain)
x_s1:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S1_HOST}
@@ -65,13 +65,13 @@ services:
- ETAGACCT=2
- BMCURL=1
- VENDOR=HPE
- networks:
+ networks:
- ttest
# x_s2 (mountain)
x_s2:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S2_HOST}
@@ -84,14 +84,14 @@ services:
- NACCTS=2
- GOODACCT=1
- ETAGACCT=1
- - VENDOR=cray
- networks:
+ - VENDOR=cray
+ networks:
- ttest
# x_s3 (mountain)
x_s3:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S3_HOST}
@@ -104,14 +104,14 @@ services:
- NACCTS=3
- GOODACCT=3
- ETAGACCT=3
- - VENDOR=cray
- networks:
+ - VENDOR=cray
+ networks:
- ttest
# x_s6 (mountain, part of bmcgroup)
x_s6:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S6_HOST}
@@ -123,14 +123,14 @@ services:
- XNAME=${X_S6_HOST}
- NACCTS=4
- GOODACCT=2
- - VENDOR=cray
- networks:
+ - VENDOR=cray
+ networks:
- ttest
# x_s7 (mountain, part of bmcgroup)
x_s7:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-rfep
image: fake-rfep:${HTAG}_${HSUFFIX}
hostname: ${X_S7_HOST}
@@ -143,14 +143,14 @@ services:
- NACCTS=2
- GOODACCT=1
- ETAGACCT=1
- - VENDOR=cray
- networks:
+ - VENDOR=cray
+ networks:
- ttest
# Fake vault daemon
vault:
build:
- context: ./
+ context: test/integration
dockerfile: Dockerfile.fake-vault
image: fake-vault:${HTAG}_${HSUFFIX}
hostname: ${VAULT_HOST}
@@ -161,7 +161,7 @@ services:
# SCSD
scsd:
build:
- context: ./
+ context: .
dockerfile: Dockerfile.testscsd
args:
IN_CRAY_VAULT_JWT_FILE: ${CRAY_VAULT_JWT_FILE}
@@ -185,6 +185,5 @@ services:
- IN_SCSD_TEST_K8S_AUTH_URL=:${SCSD_TEST_K8S_AUTH_URL}
- IN_SCSD_TEST_VAULT_PKI_URL=:${SCSD_TEST_VAULT_PKI_URL}
- IN_SCSD_TEST_VAULT_CA_URL=:${SCSD_TEST_VAULT_CA_URL}
- networks:
+ networks:
- ttest
-
diff --git a/docker-compose.test.ct.yaml b/docker-compose.test.ct.yaml
new file mode 100644
index 0000000..03bb555
--- /dev/null
+++ b/docker-compose.test.ct.yaml
@@ -0,0 +1,202 @@
+version: '3.7'
+#THIS environment sets up all of FAS
+# All dependencies -> HSM (vault, hm-collector, kafka), RTS (red fish sims) are all setup and active.
+# The FAS binary is active
+# NO poscsd are exposed to the local system.
+# This will be used for ct testing
+networks:
+ scsd:
+
+services:
+ ct-tests-functional-wait-for-smd:
+ build:
+ context: test/ct/
+ dockerfile: Dockerfile.wait-for-smd.Dockerfile
+ depends_on:
+ - cray-scsd
+ - cray-smd
+ networks:
+ - scsd
+ ct-tests-functional:
+ build:
+ context: test/ct/
+ dockerfile: Dockerfile
+ depends_on:
+ - cray-scsd
+ - cray-smd
+ entrypoint: entrypoint.sh functional -c /src/app/tavern_global_config_ct_test.yaml -p /src/app
+ networks:
+ - scsd
+ ct-tests-smoke:
+ build:
+ context: test/ct/
+ dockerfile: Dockerfile
+ depends_on:
+ - cray-scsd
+ entrypoint: entrypoint.sh smoke -f smoke.json -u http://cray-scsd:25309
+ networks:
+ - scsd
+ vault:
+ hostname: vault
+ image: artifactory.algol60.net/docker.io/library/vault:1.5.5
+ environment:
+ - VAULT_DEV_ROOT_TOKEN_ID=hms
+ - VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200
+ - VAULT_ADDR=http://127.0.0.1:8200
+ cap_add:
+ - IPC_LOCK
+ networks:
+ - scsd
+ vault-kv-enabler:
+ image: artifactory.algol60.net/csm-docker/stable/vault-kv-enabler:1.13.4
+ environment:
+ - VAULT_ADDR=http://vault:8200
+ - VAULT_TOKEN=hms
+ - KV_STORES=hms-creds
+ depends_on:
+ - vault
+ networks:
+ - scsd
+ redis:
+ image: artifactory.algol60.net/docker.io/library/redis:5.0-alpine3.12
+ hostname: hms-redfish-redis
+ networks:
+ - scsd
+ cray-scsd:
+ build:
+ context: .
+ dockerfile: Dockerfile
+ environment:
+ - SCSD_SMD_URL=http://cray-smd:27779/hsm/v2
+ - SCSD_HTTP_LISTEN_PORT=25309
+ - SCSD_LOCAL_MODE=true
+ - CRAY_VAULT_AUTH_PATH=auth/token/create
+ - CRAY_VAULT_ROLE_FILE=configs/namespace
+ - CRAY_VAULT_JWT_FILE=configs/token
+ - VAULT_ADDR=http://vault:8200
+ - VAULT_TOKEN=hms
+ - VAULT_KEYPATH=hms-creds
+ networks:
+ - scsd
+ ports:
+ - "25309:25309"
+ depends_on:
+ - cray-smd
+ - cray-hms-hmcollector
+ - redfish-simulator
+ - vault-kv-enabler
+ hmsds-postgres:
+ hostname: hmsds-postgres
+ image: artifactory.algol60.net/docker.io/library/postgres:11-alpine
+ environment:
+ - POSTGRES_PASSWORD=hmsdsuser
+ - POSTGRES_USER=hmsdsuser
+ - POSTGRES_DB=hmsds
+ networks:
+ - scsd
+ cray-smd-init:
+ image: artifactory.algol60.net/csm-docker/stable/cray-smd:1.48.0
+ environment:
+ - SMD_DBHOST=hmsds-postgres
+ - SMD_DBPORT=5432
+ depends_on:
+ - hmsds-postgres
+ networks:
+ - scsd
+ command: /entrypoint.sh smd-init
+ cray-smd:
+ image: artifactory.algol60.net/csm-docker/stable/cray-smd:1.48.0
+ environment:
+ - POSTGRES_HOST=hmsds-postgres
+ - POSTGRES_PORT=5432
+ - RF_MSG_HOST=kafka:9092:cray-dmtf-resource-event
+ - CRAY_VAULT_AUTH_PATH=auth/token/create
+ - CRAY_VAULT_ROLE_FILE=configs/namespace
+ - CRAY_VAULT_JWT_FILE=configs/token
+ - VAULT_ADDR=http://vault:8200
+ - VAULT_TOKEN=hms
+ - VAULT_KEYPATH=hms-creds
+ - SMD_WVAULT=true
+ - SMD_RVAULT=true
+ hostname: cray-smd
+ depends_on:
+ - cray-smd-init
+ - vault
+ networks:
+ - scsd
+ zookeeper:
+ image: artifactory.algol60.net/docker.io/confluentinc/cp-zookeeper:6.1.1
+ hostname: zookeeper
+ environment:
+ ZOOKEEPER_CLIENT_PORT: 2181
+ ZOOKEEPER_TICK_TIME: 2000
+ networks:
+ - scsd
+ kafka:
+ image: artifactory.algol60.net/docker.io/confluentinc/cp-kafka:6.1.1
+ hostname: kafka
+ depends_on:
+ - zookeeper
+ environment:
+ KAFKA_BROKER_ID: 1
+ KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181'
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
+ KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: 0
+ networks:
+ - scsd
+ cray-hms-hmcollector:
+ image: artifactory.algol60.net/csm-docker/stable/hms-hmcollector:2.12.4
+ environment:
+ - LOG_LEVEL=TRACE
+ - SM_URL=http://cray-smd:27779
+ - POLLING_ENABLED=false
+ - RF_SUBSCRIBE_ENABLED=false
+ - REST_PORT=80
+ - VAULT_TOKEN=hms
+ - CRAY_VAULT_JWT_FILE=configs/token
+ - CRAY_VAULT_ROLE_FILE=configs/namespace
+ - CRAY_VAULT_AUTH_PATH=auth/token/create
+ - VAULT_ADDR=http://vault:8200
+ volumes:
+ - ./configs/kafka_brokers.json:/configs/kafka_brokers.json
+ - ./configs/namespace:/configs/namespace
+ - ./configs/token:/configs/token
+ networks:
+ - scsd
+ depends_on:
+ - kafka
+ redfish-simulator:
+ image: artifactory.algol60.net/csm-docker/stable/hms-redfish-translation-service:1.13.3
+ environment:
+ - SCHEMA_VERSION=2019.1
+ - LOG_LEVEL=TRACE
+ - PRIVILEGE_REGISTRY_VERSION=1.0.4
+ - SCRIPT_DIR_PREFIX=/tmp/redfish
+ - VAULT_TOKEN=hms
+ - REDIS_HOSTNAME=redis
+ - REDIS_PORT=6379
+ - VAULT_ADDR=http://vault:8200
+ - CRAY_VAULT_JWT_FILE=configs/token
+ - CRAY_VAULT_ROLE_FILE=configs/namespace
+ - CRAY_VAULT_AUTH_PATH=auth/token/create
+ - HTTPS_CERT=configs/rts.crt
+ - HTTPS_KEY=configs/rts.key
+ - BACKEND_HELPER=RFSimulator
+ - PERIODIC_SLEEP=120
+ - COLLECTOR_URL=http://cray-hms-hmcollector
+ - HSM_URL=http://cray-smd:27779
+ - HMS_VAULT_KEYPATH=hms-creds
+ - RF_USERNAME=root
+ - RF_PASSWORD=testpassword
+ - RF_SIMULATOR_XNAMES=x0c0s1b0,x0c0s2b0
+ depends_on:
+ - redis
+ - vault
+ - cray-smd
+ networks:
+ scsd:
+ aliases:
+ - x0c0s1b0
+ - x0c0s2b0
diff --git a/runCT.sh b/runCT.sh
new file mode 100755
index 0000000..c079b2a
--- /dev/null
+++ b/runCT.sh
@@ -0,0 +1,73 @@
+#!/usr/bin/env bash
+
+#
+# MIT License
+#
+# (C) Copyright [2022] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+#
+set -x
+
+
+# Configure docker compose
+export COMPOSE_PROJECT_NAME=$RANDOM
+export COMPOSE_FILE=docker-compose.test.ct.yaml
+
+echo "COMPOSE_PROJECT_NAME: ${COMPOSE_PROJECT_NAME}"
+echo "COMPOSE_FILE: $COMPOSE_FILE"
+
+
+function cleanup() {
+ docker-compose down
+ if ! [[ $? -eq 0 ]]; then
+ echo "Failed to decompose environment!"
+ exit 1
+ fi
+ exit $1
+}
+
+
+# Get the base containers running
+echo "Starting containers..."
+docker-compose build --no-cache
+docker-compose up -d cray-scsd #this will stand up everything except for the integration test container
+docker-compose up -d ct-tests-functional-wait-for-smd
+docker wait ${COMPOSE_PROJECT_NAME}_ct-tests-functional-wait-for-smd_1
+docker logs ${COMPOSE_PROJECT_NAME}_ct-tests-functional-wait-for-smd_1
+docker-compose up --exit-code-from ct-tests-smoke ct-tests-smoke
+test_result=$?
+echo "Cleaning up containers..."
+if [[ $test_result -ne 0 ]]; then
+ echo "CT smoke tests FAILED!"
+ cleanup 1
+fi
+
+#docker-compose up --exit-code-from ct-tests-functional ct-tests-functional
+#test_result=$?
+# Clean up
+#echo "Cleaning up containers..."
+#if [[ $test_result -ne 0 ]]; then
+# echo "CT functional tests FAILED!"
+# cleanup 1
+#fi
+
+# Cleanup
+echo "CT tests PASSED!"
+cleanup 0
diff --git a/runIntegration.sh b/runIntegration.sh
index 10e1479..f292b1e 100755
--- a/runIntegration.sh
+++ b/runIntegration.sh
@@ -26,7 +26,7 @@
# containing a fake HSM, 6 fake Redfish endpoints, and SCSD itself.
#
# Once created, a container will be created which contains test scripts.
-# The scripts use CURL calls into SCSD to perform the various endpoint
+# The scripts use CURL calls into SCSD to perform the various endpoint
# operations.
#
# Once complete, the results of the test suite is printed to stdout and this
@@ -114,7 +114,7 @@ start_marker_container () {
--label "scsd_integration_project=$PROJ" \
--label "scsd_run_id=$SCSD_RUN_ID" \
--name "scsd-test-$PROJ" \
- arti.dev.cray.com/baseos-docker-master-local/alpine:3.13 \
+ artifactory.algol60.net/docker.io/alpine:3.15 \
sleep $max_expected_run_time
)
}
@@ -199,21 +199,22 @@ if [ $# -ge 1 -a "$1" == "down" ]; then
exit 0
fi
-echo " "
-echo "=============> Building sym links..."
-echo " "
-
-for fff in Dockerfile.testscsd Dockerfile.fake-hsm Dockerfile.fake-rfep Dockerfile.scsd_functest Dockerfile.fake-vault docker-compose-functest.yaml; do
- echo "Linking: ${fff}..."
- ln -s Test/${fff}
-done
+#echo " "
+#echo "=============> Building sym links..."
+#echo " "
+#
+#for fff in Dockerfile.testscsd Dockerfile.fake-hsm Dockerfile.fake-rfep Dockerfile.scsd_functest Dockerfile.fake-vault docker-compose-functest.yaml; do
+# echo "Linking: ${fff}..."
+# ln -s test/integration/${fff}
+#done
echo " "
echo "=============> Building docker composed environment..."
echo " "
-${DCOMPOSE} build > ${logfilename}.dcbuild 2>&1
+#${DCOMPOSE} build > ${logfilename}.dcbuild 2>&1
+${DCOMPOSE} build
if [[ $? -ne 0 ]]; then
echo "Docker compose build FAILED, exiting."
exit 1
@@ -230,7 +231,7 @@ fi
container_network=`docker network ls --filter "name=${HSUFFIX}_${brnet_suffix}" --format "{{.Name}}"`
echo "Bridge network name: ${container_network}"
-addhosts=`docker network inspect ${container_network} | Test/getnets.py`
+addhosts=`docker network inspect ${container_network} | test/integration/getnets.py`
if [[ "${addhosts}" == "" ]]; then
${DCOMPOSE} logs > ${logfilename} 2>&1
@@ -250,7 +251,7 @@ echo " "
echo "=============> Building test script container..."
echo " "
-DOCKER_BUILDKIT=0 docker build --no-cache -f Dockerfile.scsd_functest \
+DOCKER_BUILDKIT=0 docker build --no-cache -f test/integration/Dockerfile.scsd_functest \
--tag scsd_functest:runme \
--network=scsd_${HSUFFIX}_${brnet_suffix} \
$addhosts \
@@ -271,7 +272,8 @@ DOCKER_BUILDKIT=0 docker build --no-cache -f Dockerfile.scsd_functest \
--build-arg X_S3_HOST=${X_S3_HOST} \
--build-arg X_S6_HOST=${X_S6_HOST} \
--build-arg X_S7_HOST=${X_S7_HOST} \
- --build-arg SCSD_VERSION=`cat .version` . > ${logfilename}.buildit 2>&1
+ --build-arg SCSD_VERSION=`cat .version` .
+ #--build-arg SCSD_VERSION=`cat .version` . > ${logfilename}.buildit 2>&1
docker run --rm --attach STDOUT --attach STDERR \
--network=scsd_${HSUFFIX}_${brnet_suffix} \
@@ -292,7 +294,8 @@ docker run --rm --attach STDOUT --attach STDERR \
--env X_S3_HOST=${X_S3_HOST} \
--env X_S6_HOST=${X_S6_HOST} \
--env X_S7_HOST=${X_S7_HOST} \
- --env SCSD_VERSION=`cat .version` scsd_functest:runme > ${logfilename}.runit 2>&1
+ --env SCSD_VERSION=`cat .version` scsd_functest:runme
+ #--env SCSD_VERSION=`cat .version` scsd_functest:runme > ${logfilename}.runit 2>&1
test_rslt=$?
@@ -329,4 +332,3 @@ fi
echo "================================================="
exit ${test_rslt}
-
diff --git a/test/ct/Dockerfile b/test/ct/Dockerfile
new file mode 100644
index 0000000..59bdd8b
--- /dev/null
+++ b/test/ct/Dockerfile
@@ -0,0 +1,15 @@
+FROM artifactory.algol60.net/csm-docker/stable/hms-test:3.0.0
+
+COPY smoke/ /src/app
+#COPY functional/ /src/app
+#COPY tavern_global_config_ct_test.yaml /src/app/tavern_global_config_ct_test.yaml
+
+ENV PATH="/src/libs:${PATH}"
+ENV PATH="/src/app:${PATH}"
+
+USER root
+RUN chown -R 65534:65534 /src
+USER 65534:65534
+
+# this is inherited from the hms-test container
+ENTRYPOINT [ "entrypoint.sh" ]
diff --git a/test/ct/Dockerfile.wait-for-smd.Dockerfile b/test/ct/Dockerfile.wait-for-smd.Dockerfile
new file mode 100644
index 0000000..51fbe58
--- /dev/null
+++ b/test/ct/Dockerfile.wait-for-smd.Dockerfile
@@ -0,0 +1,18 @@
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
+
+RUN set -x \
+ && apk -U upgrade \
+ && apk add --no-cache \
+ bash \
+ curl \
+ jq
+
+COPY wait-for.sh /src/app/wait-for.sh
+
+WORKDIR /src/app
+# Run as nobody
+RUN chown -R 65534:65534 /src
+USER 65534:65534
+
+# this is inherited from the hms-test container
+CMD [ "/src/app/wait-for.sh" ]
diff --git a/test/ct/smoke/smoke.json b/test/ct/smoke/smoke.json
new file mode 100644
index 0000000..a73b797
--- /dev/null
+++ b/test/ct/smoke/smoke.json
@@ -0,0 +1,27 @@
+{
+ "smoke_test_name": "SCSD-smoke-tests",
+ "default_base_url": "http://cray-scsd/",
+ "test_paths": [
+ {
+ "path": "v1/version",
+ "expected_status_code": 200,
+ "method": "GET",
+ "body": null,
+ "headers": {}
+ },
+ {
+ "path": "v1/liveness",
+ "expected_status_code": 204,
+ "method": "GET",
+ "body": null,
+ "headers": {}
+ },
+ {
+ "path": "v1/readiness",
+ "expected_status_code": 204,
+ "method": "GET",
+ "body": null,
+ "headers": {}
+ }
+ ]
+}
diff --git a/test/ct/tavern_global_config_ct_test.yaml b/test/ct/tavern_global_config_ct_test.yaml
new file mode 100644
index 0000000..acf826c
--- /dev/null
+++ b/test/ct/tavern_global_config_ct_test.yaml
@@ -0,0 +1,8 @@
+# This file contains the base common configurations for running pytest tavern tests. It is statically generated,
+# because we anticipate the same settings for all ct-test containers that inherit from it.
+name: tavern_global_configuration #is this needed, used?
+description: common configuration for all tavern invocations
+variables:
+ verify: false #should ssl verification happen in tavern tests? its hard coded everywhere to false (partially because the PIT would complain)
+ scsd_base_url: http://cray-scsd:25309
+ hsm_base_url: http://cray-smd:27779
diff --git a/test/ct/wait-for.sh b/test/ct/wait-for.sh
new file mode 100644
index 0000000..24bbddd
--- /dev/null
+++ b/test/ct/wait-for.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# MIT License
+#
+# (C) Copyright [2022] Hewlett Packard Enterprise Development LP
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the "Software"),
+# to deal in the Software without restriction, including without limitation
+# the rights to use, copy, modify, merge, publish, distribute, sublicense,
+# and/or sell copies of the Software, and to permit persons to whom the
+# Software is furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+# OTHER DEALINGS IN THE SOFTWARE.
+
+# wait-for.sh; used by runCT.sh to make sure HSM has been populated with data before running.
+echo "Initiating..."
+URL="http://cray-smd:27779/hsm/v2/State/Components"
+sentry=1
+limit=200
+while :; do
+ length=$(curl --silent ${URL} | jq '.Components | length')
+
+ if [ ! -z "$length" ] && [ "$length" -gt "0" ]; then
+ echo $URL" is available"
+ break
+ fi
+
+ if [ "$sentry" -gt "$limit" ]; then
+ echo "Failed to connect for $limit, exiting"
+ exit 1
+ fi
+
+ ((sentry++))
+
+ echo $URL" is unavailable - sleeping"
+ sleep 1
+
+done
diff --git a/Test/Dockerfile.fake-hsm b/test/integration/Dockerfile.fake-hsm
similarity index 86%
rename from Test/Dockerfile.fake-hsm
rename to test/integration/Dockerfile.fake-hsm
index 4f6ae91..f6c7830 100644
--- a/Test/Dockerfile.fake-hsm
+++ b/test/integration/Dockerfile.fake-hsm
@@ -25,17 +25,18 @@
# Date: 26-February 2020
# Base image contains everything needed for Go building, just build.
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS builder
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS builder
RUN go env -w GO111MODULE=auto
-COPY Test/fake-hsm.go ${GOPATH}/src/fake-hsm/
+COPY fake-hsm.go ${GOPATH}/src/fake-hsm/
RUN set -ex && go build -v -i -o /usr/local/bin/fake-hsm fake-hsm
+RUN ls -la /usr/local/bin/fake-hsm
### Final Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/alpine:3.13
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
LABEL maintainer="Hewlett Packard Enterprise"
STOPSIGNAL SIGTERM
@@ -44,6 +45,7 @@ ENV PORT=27999
# Copy the final binary.
COPY --from=builder /usr/local/bin/fake-hsm /usr/local/bin
+RUN ls -la /usr/local/bin/fake-hsm
# Run the fake State Mgr daemon
diff --git a/Test/Dockerfile.fake-rfep b/test/integration/Dockerfile.fake-rfep
similarity index 89%
rename from Test/Dockerfile.fake-rfep
rename to test/integration/Dockerfile.fake-rfep
index 048cff9..3cf36cc 100644
--- a/Test/Dockerfile.fake-rfep
+++ b/test/integration/Dockerfile.fake-rfep
@@ -25,17 +25,17 @@
# Date: 26-February 2020
# Base image contains everything needed for Go building, just build.
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS builder
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS builder
RUN go env -w GO111MODULE=auto
-COPY Test/fake-rfep.go ${GOPATH}/src/fake-rfep/
+COPY fake-rfep.go ${GOPATH}/src/fake-rfep/
RUN set -ex && go build -v -i -o /usr/local/bin/fake-rfep fake-rfep
### Final Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/alpine:3.13
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
LABEL maintainer="Hewlett Packard Enterprise"
STOPSIGNAL SIGTERM
diff --git a/Test/Dockerfile.fake-vault b/test/integration/Dockerfile.fake-vault
similarity index 89%
rename from Test/Dockerfile.fake-vault
rename to test/integration/Dockerfile.fake-vault
index a6d64e2..6bd6b3b 100644
--- a/Test/Dockerfile.fake-vault
+++ b/test/integration/Dockerfile.fake-vault
@@ -26,17 +26,17 @@
# Base image contains everything needed for Go building, just build.
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS builder
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS builder
RUN go env -w GO111MODULE=auto
-COPY Test/fake-vault.go ${GOPATH}/src/fake-vault/
+COPY fake-vault.go ${GOPATH}/src/fake-vault/
RUN set -ex && go build -v -i -o /usr/local/bin/fake-vault fake-vault
### Final Stage ###
-FROM arti.dev.cray.com/baseos-docker-master-local/alpine:3.13
+FROM artifactory.algol60.net/csm-docker/stable/docker.io/library/alpine:3.15
LABEL maintainer="Hewlett Packard Enterprise"
STOPSIGNAL SIGTERM
@@ -47,4 +47,3 @@ COPY --from=builder /usr/local/bin/fake-vault /usr/local/bin
# Run the fake Vault daemon
CMD ["sh", "-c", "fake-vault"]
-
diff --git a/Test/Dockerfile.scsd_functest b/test/integration/Dockerfile.scsd_functest
similarity index 94%
rename from Test/Dockerfile.scsd_functest
rename to test/integration/Dockerfile.scsd_functest
index f5ba27c..95b1a3d 100644
--- a/Test/Dockerfile.scsd_functest
+++ b/test/integration/Dockerfile.scsd_functest
@@ -25,12 +25,12 @@
# Author: mpkelly
# Date: 26-February 2020
-FROM arti.dev.cray.com/baseos-docker-master-local/golang:1.16-alpine3.13 AS build-base
+FROM artifactory.algol60.net/docker.io/library/golang:1.16-alpine AS builder
LABEL maintainer="Hewlett Packard Enterprise"
RUN go env -w GO111MODULE=auto
-COPY Test/*.sh /usr/local/bin/
+COPY test/integration/*.sh /usr/local/bin/
# Run the main test script
@@ -64,4 +64,3 @@ ENV X_S6_PORT=${IN_X_S6_PORT}
ENV X_S7_PORT=${IN_X_S7_PORT}
CMD ["sh", "-c", "runit.sh"]
-
diff --git a/Test/certsCreateCab.sh b/test/integration/certsCreateCab.sh
similarity index 100%
rename from Test/certsCreateCab.sh
rename to test/integration/certsCreateCab.sh
diff --git a/Test/certsCreateList.sh b/test/integration/certsCreateList.sh
similarity index 100%
rename from Test/certsCreateList.sh
rename to test/integration/certsCreateList.sh
diff --git a/Test/certsDelete.sh b/test/integration/certsDelete.sh
similarity index 100%
rename from Test/certsDelete.sh
rename to test/integration/certsDelete.sh
diff --git a/Test/certsFetch.sh b/test/integration/certsFetch.sh
similarity index 100%
rename from Test/certsFetch.sh
rename to test/integration/certsFetch.sh
diff --git a/Test/certsRFPost.sh b/test/integration/certsRFPost.sh
similarity index 100%
rename from Test/certsRFPost.sh
rename to test/integration/certsRFPost.sh
diff --git a/Test/certsRFPostSingle.sh b/test/integration/certsRFPostSingle.sh
similarity index 100%
rename from Test/certsRFPostSingle.sh
rename to test/integration/certsRFPostSingle.sh
diff --git a/Test/credsGlobal.sh b/test/integration/credsGlobal.sh
similarity index 100%
rename from Test/credsGlobal.sh
rename to test/integration/credsGlobal.sh
diff --git a/Test/credsMulti.sh b/test/integration/credsMulti.sh
similarity index 100%
rename from Test/credsMulti.sh
rename to test/integration/credsMulti.sh
diff --git a/Test/credsSingle.sh b/test/integration/credsSingle.sh
similarity index 100%
rename from Test/credsSingle.sh
rename to test/integration/credsSingle.sh
diff --git a/Test/dump1cfg.sh b/test/integration/dump1cfg.sh
similarity index 100%
rename from Test/dump1cfg.sh
rename to test/integration/dump1cfg.sh
diff --git a/Test/dumpcfg.sh b/test/integration/dumpcfg.sh
similarity index 100%
rename from Test/dumpcfg.sh
rename to test/integration/dumpcfg.sh
diff --git a/Test/dumpcfgGP.sh b/test/integration/dumpcfgGP.sh
similarity index 100%
rename from Test/dumpcfgGP.sh
rename to test/integration/dumpcfgGP.sh
diff --git a/Test/fake-hsm.go b/test/integration/fake-hsm.go
similarity index 100%
rename from Test/fake-hsm.go
rename to test/integration/fake-hsm.go
diff --git a/Test/fake-rfep.go b/test/integration/fake-rfep.go
similarity index 100%
rename from Test/fake-rfep.go
rename to test/integration/fake-rfep.go
diff --git a/Test/fake-vault.go b/test/integration/fake-vault.go
similarity index 100%
rename from Test/fake-vault.go
rename to test/integration/fake-vault.go
diff --git a/Test/getnets.py b/test/integration/getnets.py
similarity index 100%
rename from Test/getnets.py
rename to test/integration/getnets.py
diff --git a/Test/groupTest.sh b/test/integration/groupTest.sh
similarity index 100%
rename from Test/groupTest.sh
rename to test/integration/groupTest.sh
diff --git a/Test/health.sh b/test/integration/health.sh
similarity index 100%
rename from Test/health.sh
rename to test/integration/health.sh
diff --git a/Test/hsmLoad.sh b/test/integration/hsmLoad.sh
similarity index 100%
rename from Test/hsmLoad.sh
rename to test/integration/hsmLoad.sh
diff --git a/Test/load1cfg.sh b/test/integration/load1cfg.sh
similarity index 100%
rename from Test/load1cfg.sh
rename to test/integration/load1cfg.sh
diff --git a/Test/loadcfg.sh b/test/integration/loadcfg.sh
similarity index 100%
rename from Test/loadcfg.sh
rename to test/integration/loadcfg.sh
diff --git a/Test/loadcfg2.sh b/test/integration/loadcfg2.sh
similarity index 100%
rename from Test/loadcfg2.sh
rename to test/integration/loadcfg2.sh
diff --git a/Test/portFix.sh b/test/integration/portFix.sh
old mode 100644
new mode 100755
similarity index 100%
rename from Test/portFix.sh
rename to test/integration/portFix.sh
diff --git a/Test/runit.sh b/test/integration/runit.sh
similarity index 100%
rename from Test/runit.sh
rename to test/integration/runit.sh
diff --git a/Test/CT/scsd_smoke_test_ncn-smoke.sh b/test_old/CT/scsd_smoke_test_ncn-smoke.sh
old mode 100755
new mode 100644
similarity index 100%
rename from Test/CT/scsd_smoke_test_ncn-smoke.sh
rename to test_old/CT/scsd_smoke_test_ncn-smoke.sh
diff --git a/Test/CT/scsd_smoke_test_remote-smoke.sh b/test_old/CT/scsd_smoke_test_remote-smoke.sh
old mode 100755
new mode 100644
similarity index 100%
rename from Test/CT/scsd_smoke_test_remote-smoke.sh
rename to test_old/CT/scsd_smoke_test_remote-smoke.sh
diff --git a/Test/CT/scsd_tavern_api_test_ncn-no-deploy-destructive.sh b/test_old/CT/scsd_tavern_api_test_ncn-no-deploy-destructive.sh
similarity index 100%
rename from Test/CT/scsd_tavern_api_test_ncn-no-deploy-destructive.sh
rename to test_old/CT/scsd_tavern_api_test_ncn-no-deploy-destructive.sh
diff --git a/Test/CT/scsd_tavern_api_test_ncn-no-deploy-functional.sh b/test_old/CT/scsd_tavern_api_test_ncn-no-deploy-functional.sh
similarity index 100%
rename from Test/CT/scsd_tavern_api_test_ncn-no-deploy-functional.sh
rename to test_old/CT/scsd_tavern_api_test_ncn-no-deploy-functional.sh
diff --git a/Test/CT/scsd_tavern_api_test_remote-no-deploy-destructive.sh b/test_old/CT/scsd_tavern_api_test_remote-no-deploy-destructive.sh
similarity index 100%
rename from Test/CT/scsd_tavern_api_test_remote-no-deploy-destructive.sh
rename to test_old/CT/scsd_tavern_api_test_remote-no-deploy-destructive.sh
diff --git a/Test/CT/scsd_tavern_api_test_remote-no-deploy-functional.sh b/test_old/CT/scsd_tavern_api_test_remote-no-deploy-functional.sh
similarity index 100%
rename from Test/CT/scsd_tavern_api_test_remote-no-deploy-functional.sh
rename to test_old/CT/scsd_tavern_api_test_remote-no-deploy-functional.sh