-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
Done
-
Completed
Test Cases
Policy Filtering Testing Notes
Step 1: Bash into api pod
kubectl get pods -n onap -o wide | grep policy-api
kubectl exec -it dev-policy-api-c94c48f6c-k9bb8 -n onap bash
Healthcheck:
curl -i -k --user 'healthcheck:zb!XztG34' -X GET "https://policy-api:6969/policy/api/v1/healthcheck" -H "Content-Type: application/json"
Create Filter Policies:
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-api:6969/policy/api/v1/policies" -H "Content-Type: application/yaml" --data-binary @filters.yaml
Step 2: Bash into pap pod
kubectl get pods -n onap -o wide | grep policy-pap
kubectl exec -it dev-policy-pap-6b5b6f58d6-8m9xk -n onap bash
Healthcheck:
curl -i -k --user 'healthcheck:zb!XztG34' -X GET "https://policy-pap:6969/policy/pap/v1/healthcheck" -H "Content-Type: application/json"
Deploy the Filter Policies to XACML:
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-pap:6969/policy/pap/v1/pdps/policies” -H “Content-Type: application/json” -d@deployfilter.json
Step 3: Bash into xccml pod
Healthcheck:
curl -i -k --user 'healthcheck:zb!XztG34' -X GET "https://policy-xacml-pdp:6969/policy/pdpx/v1/healthcheck" -H "Content-Type: application/json"
Check the policies are there:
bash-5.0$ cd ../apps/guard
bash-5.0$ ls -l
total 12
rw-rr- 1 policy policy 2834 Oct 19 11:41 filter.allow.region.block.one.vnf_1.0.0.xml
rw-rr- 1 policy policy 2835 Oct 19 11:41 filter.block.region.allow.one.vnf_1.0.0.xml
rw-rw-r- 1 policy policy 2182 Oct 19 11:41 xacml.properties
Can also check the statistics:
curl -i -k --user 'healthcheck:zb!XztG34' -X GET "https://policy-xacml-pdp:6969/policy/pdpx/v1/statistics" -H "Content-Type: application/json"
{"code":200,"totalPolicyTypesCount":18,"totalPoliciesCount":3,"totalErrorCount":0,"permitDecisionsCount":0,"denyDecisionsCount":0,"indeterminantDecisionsCount":0,"notApplicableDecisionsCount":0}
totalPoliciesCount should be 3 (assuming a clean startup environment in which only the SDNC naming policy is pre-loaded)
Step 4: Test the decision API
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_1.permit.json
{"status":"Permit"}
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_2.deny.json
{"status":"Deny"}
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_3.permit.json
{"status":"Permit"}
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_4.deny.json
{"status":"Deny"}
Step 5: Undeploy the policies
From the pap pod:
curl -i -k --user 'healthcheck:zb!XztG34' -X DELETE "https://policy-pap:6969/policy/pap/v1/pdps/policies/filter.allow.region.block.one.vnf"
curl -i -k --user 'healthcheck:zb!XztG34' -X DELETE "https://policy-pap:6969/policy/pap/v1/pdps/policies/filter.block.region.allow.one.vnf"
Step 6: Now all decision should return permit, as there are no filters in place
curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_1.permit.json
HTTP/1.1 200 OK
Date: Mon, 19 Oct 2020 12:21:31 GMT
X-MinorVersion: 0
X-PatchVersion: 0
X-LatestVersion: 1.0.0
X-ONAP-RequestID: 124f2688-02c4-415a-bd04-134738a1691c
Content-Type: application/json
Content-Length: 19
Server: Jetty(9.4.30.v20200611)
{"status":"Permit"}
bash-5.0$ curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_2.deny.json
HTTP/1.1 200 OK
Date: Mon, 19 Oct 2020 12:21:38 GMT
X-MinorVersion: 0
X-PatchVersion: 0
X-LatestVersion: 1.0.0
X-ONAP-RequestID: 4fbc24e2-0cc0-4e8b-87b0-cea0f452bda1
Content-Type: application/json
Content-Length: 19
Server: Jetty(9.4.30.v20200611)
{"status":"Permit"}
bash-5.0$ curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_3.permit.json
HTTP/1.1 200 OK
Date: Mon, 19 Oct 2020 12:21:45 GMT
X-MinorVersion: 0
X-PatchVersion: 0
X-LatestVersion: 1.0.0
X-ONAP-RequestID: a85c9726-fce5-4fa9-8f70-229a357f0c94
Content-Type: application/json
Content-Length: 19
Server: Jetty(9.4.30.v20200611)
{"status":"Permit"}
bash-5.0$ curl -i -k --user 'healthcheck:zb!XztG34' -X POST "https://policy-xacml-pdp:6969/policy/pdpx/v1/decision" -H "Content-Type: application/json" -d @decision_4.deny.json
HTTP/1.1 200 OK
Date: Mon, 19 Oct 2020 12:21:52 GMT
X-MinorVersion: 0
X-PatchVersion: 0
X-LatestVersion: 1.0.0
X-ONAP-RequestID: 74f5a61f-3a70-4c11-a4e7-546a383cfb09
Content-Type: application/json
Content-Length: 19
Server: Jetty(9.4.30.v20200611)
{"status":"Permit"}
Lab
SB00
Integration Test Lead(s)
Pamela Dragosh
Components Involved
Policy
Documentation
URL:
Reviewers: