diff --git a/tests/suite/ap_resources_utils.py b/tests/suite/ap_resources_utils.py new file mode 100644 index 0000000000..e53d3a68c4 --- /dev/null +++ b/tests/suite/ap_resources_utils.py @@ -0,0 +1,220 @@ +"""Describe methods to utilize the AppProtect resources.""" + +from kubernetes.client import CustomObjectsApi, ApiextensionsV1Api, CoreV1Api +from suite.resources_utils import ensure_item_removal, get_file_contents +from kubernetes import client +from kubernetes.client.rest import ApiException +import pytest +import time +import yaml +import logging + + +def read_ap_custom_resource(custom_objects: CustomObjectsApi, namespace, plural, name) -> object: + """ + Get AppProtect CRD information (kubectl describe output) + :param custom_objects: CustomObjectsApi + :param namespace: The custom resource's namespace + :param plural: the custom resource's plural name + :param name: the custom object's name + :return: object + """ + print(f"Getting info for {name} in namespace {namespace}") + try: + response = custom_objects.get_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, plural, name + ) + return response + + except ApiException: + logging.exception(f"Exception occurred while reading CRD") + raise + + + +def create_ap_waf_policy_from_yaml( + custom_objects: CustomObjectsApi, + yaml_manifest, + namespace, + ap_namespace, + waf_enable, + log_enable, + appolicy, + aplogconf, + logdest, +) -> None: + """ + Create a Policy based on yaml file. + + :param custom_objects: CustomObjectsApi + :param yaml_manifest: an absolute path to file + :param namespace: namespace for test resources + :param ap_namespace: namespace for AppProtect resources + :param waf_enable: true/false + :param log_enable: true/false + :param appolicy: AppProtect policy name + :param aplogconf: Logconf name + :param logdest: AP log destination (syslog) + :return: None + """ + with open(yaml_manifest) as f: + dep = yaml.safe_load(f) + try: + dep["spec"]["waf"]["enable"] = waf_enable + dep["spec"]["waf"]["apPolicy"] = f"{ap_namespace}/{appolicy}" + dep["spec"]["waf"]["securityLog"]["enable"] = log_enable + dep["spec"]["waf"]["securityLog"]["apLogConf"] = f"{ap_namespace}/{aplogconf}" + dep["spec"]["waf"]["securityLog"]["logDest"] = f"{logdest}" + + custom_objects.create_namespaced_custom_object( + "k8s.nginx.org", "v1", namespace, "policies", dep + ) + print(f"Policy created: {dep}") + except ApiException: + logging.exception(f"Exception occurred while creating Policy: {dep['metadata']['name']}") + raise + +def create_ap_logconf_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: + """ + Create a logconf for AppProtect based on yaml file. + :param custom_objects: CustomObjectsApi + :param yaml_manifest: an absolute path to file + :param namespace: + :return: str + """ + print("Create Ap logconf:") + with open(yaml_manifest) as f: + dep = yaml.safe_load(f) + custom_objects.create_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "aplogconfs", dep + ) + print(f"AP logconf created with name '{dep['metadata']['name']}'") + return dep["metadata"]["name"] + + +def create_ap_policy_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: + """ + Create a policy for AppProtect based on yaml file. + :param custom_objects: CustomObjectsApi + :param yaml_manifest: an absolute path to file + :param namespace: + :return: str + """ + print("Create AP Policy:") + with open(yaml_manifest) as f: + dep = yaml.safe_load(f) + custom_objects.create_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "appolicies", dep + ) + print(f"AP Policy created with name '{dep['metadata']['name']}'") + return dep["metadata"]["name"] + + +def create_ap_usersig_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: + """ + Create a UserSig for AppProtect based on yaml file. + :param custom_objects: CustomObjectsApi + :param yaml_manifest: an absolute path to file + :param namespace: + :return: str + """ + print("Create AP UserSig:") + with open(yaml_manifest) as f: + dep = yaml.safe_load(f) + custom_objects.create_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "apusersigs", dep + ) + print(f"AP UserSig created with name '{dep['metadata']['name']}'") + return dep["metadata"]["name"] + + +def delete_and_create_ap_policy_from_yaml( + custom_objects: CustomObjectsApi, name, yaml_manifest, namespace +) -> None: + """ + Patch a AP Policy based on yaml manifest + :param custom_objects: CustomObjectsApi + :param name: + :param yaml_manifest: an absolute path to file + :param namespace: + :return: + """ + print(f"Update an AP Policy: {name}") + + try: + delete_ap_policy(custom_objects, name, namespace) + create_ap_policy_from_yaml(custom_objects, yaml_manifest, namespace) + except ApiException: + logging.exception(f"Failed with exception while patching AP Policy: {name}") + raise + + +def delete_ap_usersig(custom_objects: CustomObjectsApi, name, namespace) -> None: + """ + Delete a AppProtect usersig. + :param custom_objects: CustomObjectsApi + :param namespace: namespace + :param name: + :return: + """ + print(f"Delete AP UserSig: {name}") + custom_objects.delete_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "apusersigs", name + ) + ensure_item_removal( + custom_objects.get_namespaced_custom_object, + "appprotect.f5.com", + "v1beta1", + namespace, + "apusersigs", + name, + ) + print(f"AP UserSig was removed with name: {name}") + + +def delete_ap_logconf(custom_objects: CustomObjectsApi, name, namespace) -> None: + """ + Delete a AppProtect logconf. + :param custom_objects: CustomObjectsApi + :param namespace: namespace + :param name: + :return: + """ + print(f"Delete AP logconf: {name}") + custom_objects.delete_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "aplogconfs", name + ) + ensure_item_removal( + custom_objects.get_namespaced_custom_object, + "appprotect.f5.com", + "v1beta1", + namespace, + "aplogconfs", + name, + ) + print(f"AP logconf was removed with name: {name}") + + +def delete_ap_policy(custom_objects: CustomObjectsApi, name, namespace) -> None: + """ + Delete a AppProtect policy. + :param custom_objects: CustomObjectsApi + :param namespace: namespace + :param name: + :return: + """ + print(f"Delete a AP policy: {name}") + custom_objects.delete_namespaced_custom_object( + "appprotect.f5.com", "v1beta1", namespace, "appolicies", name + ) + ensure_item_removal( + custom_objects.get_namespaced_custom_object, + "appprotect.f5.com", + "v1beta1", + namespace, + "appolicies", + name, + ) + time.sleep(3) + print(f"AP policy was removed with name: {name}") + diff --git a/tests/suite/custom_resources_utils.py b/tests/suite/custom_resources_utils.py index 3b656573a6..b998df221a 100644 --- a/tests/suite/custom_resources_utils.py +++ b/tests/suite/custom_resources_utils.py @@ -134,27 +134,6 @@ def read_policy(custom_objects: CustomObjectsApi, namespace, name) -> object: """ return read_custom_resource(custom_objects, namespace, "policies", name) -def read_ap_custom_resource(custom_objects: CustomObjectsApi, namespace, plural, name) -> object: - """ - Get AppProtect CRD information (kubectl describe output) - :param custom_objects: CustomObjectsApi - :param namespace: The custom resource's namespace - :param plural: the custom resource's plural name - :param name: the custom object's name - :return: object - """ - print(f"Getting info for {name} in namespace {namespace}") - try: - response = custom_objects.get_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, plural, name - ) - return response - - except ApiException: - logging.exception(f"Exception occurred while reading CRD") - raise - - def create_policy_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: """ Create a Policy based on yaml file. @@ -177,50 +156,6 @@ def create_policy_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, nam logging.exception(f"Exception occurred while creating Policy: {dep['metadata']['name']}") raise - -def create_ap_waf_policy_from_yaml( - custom_objects: CustomObjectsApi, - yaml_manifest, - namespace, - ap_namespace, - waf_enable, - log_enable, - appolicy, - aplogconf, - logdest, -) -> None: - """ - Create a Policy based on yaml file. - - :param custom_objects: CustomObjectsApi - :param yaml_manifest: an absolute path to file - :param namespace: namespace for test resources - :param ap_namespace: namespace for AppProtect resources - :param waf_enable: true/false - :param log_enable: true/false - :param appolicy: AppProtect policy name - :param aplogconf: Logconf name - :param logdest: AP log destination (syslog) - :return: None - """ - with open(yaml_manifest) as f: - dep = yaml.safe_load(f) - try: - dep["spec"]["waf"]["enable"] = waf_enable - dep["spec"]["waf"]["apPolicy"] = f"{ap_namespace}/{appolicy}" - dep["spec"]["waf"]["securityLog"]["enable"] = log_enable - dep["spec"]["waf"]["securityLog"]["apLogConf"] = f"{ap_namespace}/{aplogconf}" - dep["spec"]["waf"]["securityLog"]["logDest"] = f"{logdest}" - - custom_objects.create_namespaced_custom_object( - "k8s.nginx.org", "v1", namespace, "policies", dep - ) - print(f"Policy created: {dep}") - except ApiException: - logging.exception(f"Exception occurred while creating Policy: {dep['metadata']['name']}") - raise - - def delete_policy(custom_objects: CustomObjectsApi, name, namespace) -> None: """ Delete a Policy. @@ -398,152 +333,6 @@ def delete_resource(custom_objects: CustomObjectsApi, resource, namespace, plura ) print(f"Resource '{kind}' was removed with name '{name}'") - -def create_ap_logconf_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: - """ - Create a logconf for AppProtect based on yaml file. - :param custom_objects: CustomObjectsApi - :param yaml_manifest: an absolute path to file - :param namespace: - :return: str - """ - print("Create Ap logconf:") - with open(yaml_manifest) as f: - dep = yaml.safe_load(f) - custom_objects.create_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "aplogconfs", dep - ) - print(f"AP logconf created with name '{dep['metadata']['name']}'") - return dep["metadata"]["name"] - - -def create_ap_policy_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: - """ - Create a policy for AppProtect based on yaml file. - :param custom_objects: CustomObjectsApi - :param yaml_manifest: an absolute path to file - :param namespace: - :return: str - """ - print("Create AP Policy:") - with open(yaml_manifest) as f: - dep = yaml.safe_load(f) - custom_objects.create_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "appolicies", dep - ) - print(f"AP Policy created with name '{dep['metadata']['name']}'") - return dep["metadata"]["name"] - - -def create_ap_usersig_from_yaml(custom_objects: CustomObjectsApi, yaml_manifest, namespace) -> str: - """ - Create a UserSig for AppProtect based on yaml file. - :param custom_objects: CustomObjectsApi - :param yaml_manifest: an absolute path to file - :param namespace: - :return: str - """ - print("Create AP UserSig:") - with open(yaml_manifest) as f: - dep = yaml.safe_load(f) - custom_objects.create_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "apusersigs", dep - ) - print(f"AP UserSig created with name '{dep['metadata']['name']}'") - return dep["metadata"]["name"] - - -def delete_and_create_ap_policy_from_yaml( - custom_objects: CustomObjectsApi, name, yaml_manifest, namespace -) -> None: - """ - Patch a AP Policy based on yaml manifest - :param custom_objects: CustomObjectsApi - :param name: - :param yaml_manifest: an absolute path to file - :param namespace: - :return: - """ - print(f"Update an AP Policy: {name}") - - try: - delete_ap_policy(custom_objects, name, namespace) - create_ap_policy_from_yaml(custom_objects, yaml_manifest, namespace) - except ApiException: - logging.exception(f"Failed with exception while patching AP Policy: {name}") - raise - - -def delete_ap_usersig(custom_objects: CustomObjectsApi, name, namespace) -> None: - """ - Delete a AppProtect usersig. - :param custom_objects: CustomObjectsApi - :param namespace: namespace - :param name: - :return: - """ - print(f"Delete AP UserSig: {name}") - custom_objects.delete_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "apusersigs", name - ) - ensure_item_removal( - custom_objects.get_namespaced_custom_object, - "appprotect.f5.com", - "v1beta1", - namespace, - "apusersigs", - name, - ) - print(f"AP UserSig was removed with name: {name}") - - -def delete_ap_logconf(custom_objects: CustomObjectsApi, name, namespace) -> None: - """ - Delete a AppProtect logconf. - :param custom_objects: CustomObjectsApi - :param namespace: namespace - :param name: - :return: - """ - print(f"Delete AP logconf: {name}") - custom_objects.delete_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "aplogconfs", name - ) - ensure_item_removal( - custom_objects.get_namespaced_custom_object, - "appprotect.f5.com", - "v1beta1", - namespace, - "aplogconfs", - name, - ) - print(f"AP logconf was removed with name: {name}") - - -def delete_ap_policy(custom_objects: CustomObjectsApi, name, namespace) -> None: - """ - Delete a AppProtect policy. - :param custom_objects: CustomObjectsApi - :param namespace: namespace - :param name: - :return: - """ - print(f"Delete a AP policy: {name}") - custom_objects.delete_namespaced_custom_object( - "appprotect.f5.com", "v1beta1", namespace, "appolicies", name - ) - ensure_item_removal( - custom_objects.get_namespaced_custom_object, - "appprotect.f5.com", - "v1beta1", - namespace, - "appolicies", - name, - ) - time.sleep(3) - print(f"AP policy was removed with name: {name}") - - def delete_virtual_server(custom_objects: CustomObjectsApi, name, namespace) -> None: """ Delete a VirtualServer. diff --git a/tests/suite/test_app_protect.py b/tests/suite/test_app_protect.py index e35cdf5321..055ec23bec 100644 --- a/tests/suite/test_app_protect.py +++ b/tests/suite/test_app_protect.py @@ -2,7 +2,7 @@ import pytest, json from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_resources_utils import ( +from suite.ap_resources_utils import ( create_ap_logconf_from_yaml, create_ap_policy_from_yaml, delete_ap_policy, diff --git a/tests/suite/test_app_protect_grpc.py b/tests/suite/test_app_protect_grpc.py index f4d5cc2408..224d4b4825 100644 --- a/tests/suite/test_app_protect_grpc.py +++ b/tests/suite/test_app_protect_grpc.py @@ -1,7 +1,7 @@ import grpc import pytest from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_resources_utils import ( +from suite.ap_resources_utils import ( create_ap_logconf_from_yaml, create_ap_policy_from_yaml, delete_ap_policy, diff --git a/tests/suite/test_app_protect_integration.py b/tests/suite/test_app_protect_integration.py index 605fabcf56..edf9487b3c 100644 --- a/tests/suite/test_app_protect_integration.py +++ b/tests/suite/test_app_protect_integration.py @@ -4,12 +4,6 @@ import json from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_resources_utils import ( - create_ap_logconf_from_yaml, - create_ap_policy_from_yaml, - delete_ap_policy, - delete_ap_logconf, -) from suite.resources_utils import ( wait_before_test, create_example_app, @@ -32,7 +26,11 @@ scale_deployment, get_pods_amount, ) -from suite.custom_resources_utils import ( +from suite.ap_resources_utils import ( + create_ap_logconf_from_yaml, + create_ap_policy_from_yaml, + delete_ap_policy, + delete_ap_logconf, read_ap_custom_resource, create_ap_usersig_from_yaml, delete_and_create_ap_policy_from_yaml, diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py index 70147b2cff..f62df87eda 100644 --- a/tests/suite/test_app_protect_waf_policies.py +++ b/tests/suite/test_app_protect_waf_policies.py @@ -2,13 +2,6 @@ import pytest, json from settings import TEST_DATA, DEPLOYMENTS -from suite.custom_resources_utils import ( - create_ap_logconf_from_yaml, - create_ap_policy_from_yaml, - delete_ap_policy, - delete_ap_logconf, - create_ap_waf_policy_from_yaml, -) from suite.resources_utils import ( wait_before_test, create_items_from_yaml, @@ -17,12 +10,8 @@ get_service_endpoint, ) from suite.custom_resources_utils import ( - read_ap_custom_resource, create_crd_from_yaml, delete_crd, - create_ap_usersig_from_yaml, - delete_ap_usersig, - delete_and_create_ap_policy_from_yaml, delete_virtual_server, create_virtual_server_from_yaml, patch_virtual_server_from_yaml, @@ -33,6 +22,17 @@ delete_policy, read_policy, ) +from suite.ap_resources_utils import ( + create_ap_usersig_from_yaml, + delete_ap_usersig, + delete_and_create_ap_policy_from_yaml, + read_ap_custom_resource, + create_ap_logconf_from_yaml, + create_ap_policy_from_yaml, + delete_ap_policy, + delete_ap_logconf, + create_ap_waf_policy_from_yaml, +) from suite.yaml_utils import get_first_ingress_host_from_yaml, get_name_from_yaml ap_pol_name = "" diff --git a/tests/suite/test_batch_startup_times.py b/tests/suite/test_batch_startup_times.py index 71b316f89d..f615bb9f8c 100644 --- a/tests/suite/test_batch_startup_times.py +++ b/tests/suite/test_batch_startup_times.py @@ -4,11 +4,14 @@ import pytest import yaml -from suite.custom_resources_utils import ( +from suite.ap_resources_utils import ( + create_ap_usersig_from_yaml, + delete_ap_usersig, create_ap_logconf_from_yaml, create_ap_policy_from_yaml, delete_ap_policy, delete_ap_logconf, + create_ap_waf_policy_from_yaml, ) from suite.resources_utils import ( ensure_connection_to_public_endpoint, @@ -33,11 +36,8 @@ from suite.custom_resources_utils import ( create_virtual_server_from_yaml, delete_virtual_server, - create_ap_usersig_from_yaml, - delete_ap_usersig, patch_virtual_server_from_yaml, create_policy_from_yaml, - create_ap_waf_policy_from_yaml, delete_policy, create_virtual_server, create_v_s_route,