Record project continuation changes
This commit is contained in:
@@ -0,0 +1,153 @@
|
||||
param(
|
||||
[string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1",
|
||||
[string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa",
|
||||
[string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700",
|
||||
[string]$EntryNodeName = "test-1",
|
||||
[string]$ExitNodeName = "test-2",
|
||||
[string]$EntryBaseUrl = "http://192.168.200.61:19131",
|
||||
[string]$DockerSSH = "test-docker",
|
||||
[string]$ExpectedBackendImage = "rap-backend:fabric-service-channel-0.2.233",
|
||||
[string]$ExpectedNodeAgentImage = "rap-node-agent:0.2.232",
|
||||
[string]$ResultPath = "artifacts\c18z50-service-channel-durable-introspection-smoke-result.json"
|
||||
)
|
||||
|
||||
Set-StrictMode -Version Latest
|
||||
$ErrorActionPreference = "Stop"
|
||||
|
||||
$scriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
|
||||
$repoRoot = (Resolve-Path (Join-Path $scriptDir "..\..")).ProviderPath
|
||||
|
||||
function Invoke-ApiGet {
|
||||
param([string]$Path, [int]$TimeoutSec = 30)
|
||||
Invoke-RestMethod -Method Get -Uri "$ApiBaseUrl$Path" -TimeoutSec $TimeoutSec
|
||||
}
|
||||
|
||||
function Wait-Api {
|
||||
for ($i = 0; $i -lt 30; $i++) {
|
||||
try {
|
||||
Invoke-ApiGet -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID" -TimeoutSec 3 | Out-Null
|
||||
return
|
||||
} catch {
|
||||
Start-Sleep -Seconds 1
|
||||
}
|
||||
}
|
||||
throw "API did not become ready after backend restart"
|
||||
}
|
||||
|
||||
function Invoke-RawPost {
|
||||
param(
|
||||
[string]$Url,
|
||||
[hashtable]$Headers,
|
||||
[string]$Body = "packet"
|
||||
)
|
||||
try {
|
||||
return Invoke-WebRequest -Method Post -Uri $Url -Headers $Headers -Body ([System.Text.Encoding]::UTF8.GetBytes($Body)) -ContentType "application/octet-stream" -TimeoutSec 30
|
||||
} catch {
|
||||
if ($_.Exception.Response -and $_.Exception.Response.StatusCode) {
|
||||
return [pscustomobject]@{ StatusCode = [int]$_.Exception.Response.StatusCode; Headers = @{} }
|
||||
}
|
||||
throw
|
||||
}
|
||||
}
|
||||
|
||||
function Invoke-RemoteSqlScalar {
|
||||
param([string]$Sql)
|
||||
$encoded = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($Sql))
|
||||
(& ssh $DockerSSH "printf '%s' '$encoded' | base64 -d | docker exec -i rap_test_postgres psql -U rap_user -d remote_access_platform -t -A -v ON_ERROR_STOP=1") | Out-String
|
||||
}
|
||||
|
||||
$nodes = @((Invoke-ApiGet -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes)
|
||||
$entryNode = $nodes | Where-Object { $_.name -eq $EntryNodeName } | Select-Object -First 1
|
||||
$exitNode = $nodes | Where-Object { $_.name -eq $ExitNodeName } | Select-Object -First 1
|
||||
if ($null -eq $entryNode -or $null -eq $exitNode) {
|
||||
throw "Entry or exit node not found: $EntryNodeName / $ExitNodeName"
|
||||
}
|
||||
|
||||
$resourceID = "c18z50-vpn-smoke"
|
||||
$leaseBody = @{
|
||||
actor_user_id = $ActorUserID
|
||||
organization_id = "smoke-org"
|
||||
user_id = "smoke-user"
|
||||
resource_id = $resourceID
|
||||
service_class = "vpn_packets"
|
||||
entry_node_ids = @([string]$entryNode.id)
|
||||
exit_node_ids = @([string]$exitNode.id)
|
||||
preferred_entry_node_id = [string]$entryNode.id
|
||||
preferred_exit_node_id = [string]$exitNode.id
|
||||
allowed_channels = @("vpn_packet", "fabric_control")
|
||||
ttl_seconds = 120
|
||||
} | ConvertTo-Json -Depth 20
|
||||
$lease = (Invoke-RestMethod -Method Post -Uri "$ApiBaseUrl/clusters/$ClusterID/fabric/service-channels/leases" -ContentType "application/json" -Body $leaseBody -TimeoutSec 30).fabric_service_channel_lease
|
||||
|
||||
$storedTokenValue = (Invoke-RemoteSqlScalar -Sql "SELECT COALESCE(lease #>> '{token,token}', '<null>') FROM fabric_service_channel_leases WHERE cluster_id = '$ClusterID'::uuid AND channel_id = '$($lease.channel_id)'::uuid;").Trim()
|
||||
|
||||
& ssh $DockerSSH "docker restart rap_test_backend >/dev/null"
|
||||
Wait-Api
|
||||
|
||||
$packetPath = $lease.entry_http.path_template.
|
||||
Replace("{cluster_id}", $ClusterID).
|
||||
Replace("{channel_id}", [string]$lease.channel_id).
|
||||
Replace("{resource_id}", $resourceID)
|
||||
$packetUrl = $EntryBaseUrl.TrimEnd("/") + $packetPath
|
||||
$headers = @{
|
||||
"X-RAP-Service-Channel-Token" = [string]$lease.token.token
|
||||
"X-RAP-Fabric-Channel-ID" = [string]$lease.channel_id
|
||||
"X-RAP-Service-Class" = "vpn_packets"
|
||||
"X-RAP-Channel-Class" = "vpn_packet"
|
||||
}
|
||||
$badHeaders = $headers.Clone()
|
||||
$badHeaders["X-RAP-Service-Channel-Token"] = "rap_fsc_wrong"
|
||||
|
||||
$acceptedResponse = Invoke-RawPost -Url $packetUrl -Headers $headers -Body "packet-after-backend-restart"
|
||||
$badResponse = Invoke-RawPost -Url $packetUrl -Headers $badHeaders -Body "bad-token"
|
||||
$backendLine = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_backend '") | Out-String
|
||||
$nodeLines = (& ssh $DockerSSH "docker ps --format '{{.Names}} {{.Image}} {{.Status}}' | grep '^rap_test_node_test_'") | Out-String
|
||||
|
||||
$result = [ordered]@{
|
||||
schema_version = "c18z50.service_channel_durable_introspection_smoke.v1"
|
||||
cluster_id = $ClusterID
|
||||
entry_node_id = [string]$entryNode.id
|
||||
exit_node_id = [string]$exitNode.id
|
||||
channel_id = [string]$lease.channel_id
|
||||
passed = [bool](
|
||||
$backendLine.Contains($ExpectedBackendImage) -and
|
||||
$nodeLines.Contains($ExpectedNodeAgentImage) -and
|
||||
[int]$acceptedResponse.StatusCode -eq 202 -and
|
||||
[string]$acceptedResponse.Headers["X-RAP-Service-Channel-Accepted-By"] -eq "introspection" -and
|
||||
[int]$badResponse.StatusCode -eq 403 -and
|
||||
$storedTokenValue -eq ""
|
||||
)
|
||||
checks = [ordered]@{
|
||||
backend_expected_image_deployed = $backendLine.Contains($ExpectedBackendImage)
|
||||
node_agent_expected_image_deployed = $nodeLines.Contains($ExpectedNodeAgentImage)
|
||||
durable_introspection_after_backend_restart = ([int]$acceptedResponse.StatusCode -eq 202)
|
||||
accepted_by_header_is_introspection = ([string]$acceptedResponse.Headers["X-RAP-Service-Channel-Accepted-By"] -eq "introspection")
|
||||
bad_token_rejected = ([int]$badResponse.StatusCode -eq 403)
|
||||
durable_lease_omits_raw_token = ($storedTokenValue -eq "")
|
||||
}
|
||||
summary = [ordered]@{
|
||||
backend_container = $backendLine.Trim()
|
||||
node_containers = $nodeLines.Trim()
|
||||
packet_url = $packetUrl
|
||||
accepted_status = [int]$acceptedResponse.StatusCode
|
||||
accepted_by = [string]$acceptedResponse.Headers["X-RAP-Service-Channel-Accepted-By"]
|
||||
bad_token_status = [int]$badResponse.StatusCode
|
||||
stored_token_value = $storedTokenValue
|
||||
lease_status = [string]$lease.status
|
||||
selected_route = $lease.primary_route
|
||||
}
|
||||
}
|
||||
|
||||
$resultFullPath = Join-Path $repoRoot $ResultPath
|
||||
$resultDir = Split-Path -Parent $resultFullPath
|
||||
if (-not (Test-Path $resultDir)) {
|
||||
New-Item -ItemType Directory -Path $resultDir | Out-Null
|
||||
}
|
||||
$result | ConvertTo-Json -Depth 100 | Set-Content -Path $resultFullPath -Encoding UTF8
|
||||
|
||||
if (-not $result.passed) {
|
||||
throw "C18Z50 service-channel durable introspection smoke failed. Result: $resultFullPath"
|
||||
}
|
||||
|
||||
Write-Host "C18Z50 service-channel durable introspection smoke passed. Result: $resultFullPath"
|
||||
$result
|
||||
Reference in New Issue
Block a user