From 4d06492e9ed3511128d29b68e1db94e3954ce17e Mon Sep 17 00:00:00 2001 From: oviner Date: Thu, 16 May 2024 13:59:32 +0300 Subject: [PATCH 1/8] GSS bz-2274193 noobaa db cleartext postgres password Signed-off-by: oviner --- ...t_noobaa_db_cleartext_postgres_password.py | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py diff --git a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py new file mode 100644 index 00000000000..f1cf0f54bd5 --- /dev/null +++ b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py @@ -0,0 +1,36 @@ +import logging + +from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla + +from ocs_ci.framework import config +from ocs_ci.ocs.resources import pod + + +log = logging.getLogger(__name__) + + +@tier2 +@bugzilla("2274193") +class TestNoobaaSecurity(BaseTest): + """ + Test Noobaa Security + """ + + @bugzilla("2274193") + def test_noobaa_db_cleartext_postgres_password(self): + """ + 1.Get noobaa deb pod + 2.Get logs from all containers in pod oc logs "noobaa-db-pg-0 --all-containers" + 3.Verify postgres password does not exist in noobaa-db pod logs + """ + nooobaa_db_pod_obj = pod.get_noobaa_db_pod() + log.info( + "Get logs from all containers in pod 'oc logs noobaa-db-pg-0 --all-containers'" + ) + nooobaa_db_pod_logs = pod.get_pod_logs( + pod_name=nooobaa_db_pod_obj.name, + namespace=config.ENV_DATA["cluster_namespace"], + all_containers=True, + ) + log.info("Verify postgres password does not exist in noobaa-db pod logs") + assert "set=password" not in nooobaa_db_pod_logs From 6c889cc2142ec01d9738659a96e62e5bcdfe61ce Mon Sep 17 00:00:00 2001 From: oviner Date: Thu, 16 May 2024 16:39:33 +0300 Subject: [PATCH 2/8] added squad decorator Signed-off-by: oviner --- .../test_noobaa_db_cleartext_postgres_password.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py index f1cf0f54bd5..5dc65e3a918 100644 --- a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py @@ -1,6 +1,7 @@ import logging from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla +from ocs_ci.framework.pytest_customization.marks import green_squad from ocs_ci.framework import config from ocs_ci.ocs.resources import pod @@ -16,6 +17,7 @@ class TestNoobaaSecurity(BaseTest): Test Noobaa Security """ + @green_squad @bugzilla("2274193") def test_noobaa_db_cleartext_postgres_password(self): """ From 567f89a7ada168581ecf006b421ee96ffd1c94fe Mon Sep 17 00:00:00 2001 From: oviner Date: Thu, 16 May 2024 16:40:22 +0300 Subject: [PATCH 3/8] fix code Signed-off-by: oviner --- .../test_noobaa_db_cleartext_postgres_password.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py index 5dc65e3a918..3763bb7d3ae 100644 --- a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py @@ -2,7 +2,6 @@ from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla from ocs_ci.framework.pytest_customization.marks import green_squad - from ocs_ci.framework import config from ocs_ci.ocs.resources import pod From 9087271ac99fb2518791d0aaec9c33a3be7a386c Mon Sep 17 00:00:00 2001 From: oviner Date: Thu, 16 May 2024 19:34:50 +0300 Subject: [PATCH 4/8] added logs for failure Signed-off-by: oviner --- .../test_noobaa_db_cleartext_postgres_password.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py index 3763bb7d3ae..3efec36d4dc 100644 --- a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py @@ -20,7 +20,7 @@ class TestNoobaaSecurity(BaseTest): @bugzilla("2274193") def test_noobaa_db_cleartext_postgres_password(self): """ - 1.Get noobaa deb pod + 1.Get noobaa db pod 2.Get logs from all containers in pod oc logs "noobaa-db-pg-0 --all-containers" 3.Verify postgres password does not exist in noobaa-db pod logs """ @@ -34,4 +34,6 @@ def test_noobaa_db_cleartext_postgres_password(self): all_containers=True, ) log.info("Verify postgres password does not exist in noobaa-db pod logs") - assert "set=password" not in nooobaa_db_pod_logs + assert ( + "set=password" not in nooobaa_db_pod_logs + ), f"noobaa-db pod logs include password logs:{nooobaa_db_pod_logs}" From f9f9296b0c62ce83e29d9f7b5fe5ca765a2a59ff Mon Sep 17 00:00:00 2001 From: oviner Date: Fri, 17 May 2024 16:41:36 +0300 Subject: [PATCH 5/8] move test location to mcg dir Signed-off-by: oviner --- .../mcg}/test_noobaa_db_cleartext_postgres_password.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename tests/functional/{pod_and_daemons => object/mcg}/test_noobaa_db_cleartext_postgres_password.py (93%) diff --git a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py similarity index 93% rename from tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py rename to tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py index 3efec36d4dc..eabc8ceb020 100644 --- a/tests/functional/pod_and_daemons/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py @@ -1,7 +1,7 @@ import logging from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla -from ocs_ci.framework.pytest_customization.marks import green_squad +from ocs_ci.framework.pytest_customization.marks import red_squad from ocs_ci.framework import config from ocs_ci.ocs.resources import pod @@ -16,7 +16,7 @@ class TestNoobaaSecurity(BaseTest): Test Noobaa Security """ - @green_squad + @red_squad @bugzilla("2274193") def test_noobaa_db_cleartext_postgres_password(self): """ From 6077cd5e1d5c3a43160e3c9469573dacbbef49f0 Mon Sep 17 00:00:00 2001 From: oviner Date: Sun, 19 May 2024 14:16:02 +0300 Subject: [PATCH 6/8] added mcg decorator Signed-off-by: oviner --- .../object/mcg/test_noobaa_db_cleartext_postgres_password.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py index eabc8ceb020..707caf759d0 100644 --- a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py @@ -1,7 +1,7 @@ import logging from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla -from ocs_ci.framework.pytest_customization.marks import red_squad +from ocs_ci.framework.pytest_customization.marks import red_squad, mcg from ocs_ci.framework import config from ocs_ci.ocs.resources import pod @@ -16,6 +16,7 @@ class TestNoobaaSecurity(BaseTest): Test Noobaa Security """ + @mcg @red_squad @bugzilla("2274193") def test_noobaa_db_cleartext_postgres_password(self): From 596f8fb25f771363fc268e12e0b6a0d26349ede8 Mon Sep 17 00:00:00 2001 From: oviner Date: Mon, 20 May 2024 14:25:56 +0300 Subject: [PATCH 7/8] add polrio id Signed-off-by: oviner --- .../mcg/test_noobaa_db_cleartext_postgres_password.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py index 707caf759d0..8ef913514cd 100644 --- a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py @@ -1,6 +1,6 @@ import logging -from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla +from ocs_ci.framework.testlib import tier2, BaseTest, bugzilla, polarion_id from ocs_ci.framework.pytest_customization.marks import red_squad, mcg from ocs_ci.framework import config from ocs_ci.ocs.resources import pod @@ -14,13 +14,19 @@ class TestNoobaaSecurity(BaseTest): """ Test Noobaa Security + """ @mcg @red_squad @bugzilla("2274193") + @polarion_id("OCS-5787") def test_noobaa_db_cleartext_postgres_password(self): """ + Verify postgres password is not clear text + + Test Process: + 1.Get noobaa db pod 2.Get logs from all containers in pod oc logs "noobaa-db-pg-0 --all-containers" 3.Verify postgres password does not exist in noobaa-db pod logs From fbfee4a8648f8056647be861fc7185b2af796488 Mon Sep 17 00:00:00 2001 From: oviner Date: Mon, 20 May 2024 16:56:10 +0300 Subject: [PATCH 8/8] delete bugzilla decorator Signed-off-by: oviner --- .../object/mcg/test_noobaa_db_cleartext_postgres_password.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py index 8ef913514cd..0f26415caad 100644 --- a/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py +++ b/tests/functional/object/mcg/test_noobaa_db_cleartext_postgres_password.py @@ -10,7 +10,6 @@ @tier2 -@bugzilla("2274193") class TestNoobaaSecurity(BaseTest): """ Test Noobaa Security