param( [string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1", [string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa", [string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700", [string]$EntryNodeName = "test-1", [string]$ExitNodeName = "test-2", [string]$ResultPath = "artifacts\c19c-remote-workspace-service-channel-lease-smoke-result.json" ) Set-StrictMode -Version Latest $ErrorActionPreference = "Stop" $repoRoot = (Resolve-Path (Join-Path $PSScriptRoot "..\..")).ProviderPath $runId = "c19c-" + (Get-Date -Format "yyyyMMdd-HHmmss") function Invoke-Api { param( [string]$Method, [string]$Path, [object]$Body = $null ) $uri = "$ApiBaseUrl$Path" try { if ($null -eq $Body) { return Invoke-RestMethod -Method $Method -Uri $uri -TimeoutSec 30 } return Invoke-RestMethod -Method $Method -Uri $uri -ContentType "application/json" -Body ($Body | ConvertTo-Json -Depth 80) -TimeoutSec 30 } catch { $statusCode = $null if ($_.Exception.Response) { $statusCode = [int]$_.Exception.Response.StatusCode } $details = $_.ErrorDetails.Message if (-not $details) { $details = $_.Exception.Message } throw "$Method $Path failed with HTTP $statusCode`: $details" } } function Get-PropertyValue { param([object]$Item, [string]$Name, [object]$Default = $null) if ($null -eq $Item) { return $Default } $property = $Item.PSObject.Properties[$Name] if ($null -eq $property) { return $Default } return $property.Value } function Get-NodeByName { param([string]$Name) $nodes = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes $node = @($nodes | Where-Object { $_.name -eq $Name }) | Select-Object -First 1 if ($null -eq $node) { throw "Node '$Name' was not found in cluster $ClusterID" } return $node } function Disable-ExistingRemoteWorkspaceRoutes { param([string]$SourceNodeID, [string]$DestinationNodeID) $items = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/mesh/route-intents?actor_user_id=$ActorUserID").route_intents foreach ($item in @($items)) { if ([string](Get-PropertyValue -Item $item -Name "status" -Default "") -ne "active") { continue } if ([string](Get-PropertyValue -Item $item -Name "service_class" -Default "") -ne "remote_workspace") { continue } $sourceSelector = Get-PropertyValue -Item $item -Name "source_selector" -Default $null $destinationSelector = Get-PropertyValue -Item $item -Name "destination_selector" -Default $null if ([string](Get-PropertyValue -Item $sourceSelector -Name "node_id" -Default "") -ne $SourceNodeID) { continue } if ([string](Get-PropertyValue -Item $destinationSelector -Name "node_id" -Default "") -ne $DestinationNodeID) { continue } [void](Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$($item.id)/disable" -Body @{ actor_user_id = $ActorUserID reason = "c19c isolate remote workspace service-channel lease smoke" }) } } function New-RemoteWorkspaceRouteIntent { param([string]$SourceNodeID, [string]$DestinationNodeID) $expiresAt = (Get-Date).ToUniversalTime().AddMinutes(5).ToString("o") return Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents" -Body @{ actor_user_id = $ActorUserID source_selector = @{ node_id = $SourceNodeID } destination_selector = @{ node_id = $DestinationNodeID } service_class = "remote_workspace" priority = 2100000000 policy = @{ synthetic_enabled = $true route_version = "$runId-remote-workspace" policy_version = "$runId-remote-workspace" peer_directory_version = "$runId-remote-workspace" hops = @($SourceNodeID, $DestinationNodeID) allowed_channels = @("control", "interactive", "reliable", "bulk", "droppable") max_ttl = 8 max_hops = 8 expires_at = $expiresAt metadata = @{ smoke = "c19c_remote_workspace_service_channel_lease" run_id = $runId } } } } $entryNode = Get-NodeByName -Name $EntryNodeName $exitNode = Get-NodeByName -Name $ExitNodeName Disable-ExistingRemoteWorkspaceRoutes -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id $route = (New-RemoteWorkspaceRouteIntent -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id).route_intent $routeID = [string]$route.id $leaseResponse = Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases" -Body @{ actor_user_id = $ActorUserID organization_id = "org-home" user_id = "user-m" resource_id = "$runId-remote-workspace" service_class = "remote_workspace" entry_node_ids = @([string]$entryNode.id) exit_node_ids = @([string]$exitNode.id) preferred_entry_node_id = [string]$entryNode.id preferred_exit_node_id = [string]$exitNode.id ttl_seconds = 120 metadata = @{ smoke = "c19c_remote_workspace_service_channel_lease" run_id = $runId } } $lease = $leaseResponse.fabric_service_channel_lease $dataPlane = Get-PropertyValue -Item $lease -Name "data_plane" -Default $null $entryHTTP = Get-PropertyValue -Item $lease -Name "entry_http" -Default $null $authorityPayload = Get-PropertyValue -Item $lease -Name "authority_payload" -Default $null $decodedAuthority = $null if ($authorityPayload -is [string] -and $authorityPayload.Length -gt 0) { $decodedAuthority = $authorityPayload | ConvertFrom-Json } elseif ($null -ne $authorityPayload) { $decodedAuthority = $authorityPayload } $authorityDataPlane = Get-PropertyValue -Item $decodedAuthority -Name "data_plane" -Default $null $introspection = Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/$($lease.channel_id)/introspect" -Body @{ token = [string]$lease.token.token resource_id = [string]$lease.resource_id service_class = "remote_workspace" channel_class = "interactive" entry_node_id = [string]$entryNode.id } $introspectionResult = Get-PropertyValue -Item $introspection -Name "fabric_service_channel_introspection" -Default $introspection $introspectionDataPlane = Get-PropertyValue -Item $introspectionResult -Name "data_plane" -Default $null $maintenance = Invoke-Api -Method GET -Path "/clusters/$ClusterID/fabric/service-channels/leases?actor_user_id=$ActorUserID&service_class=remote_workspace&limit=20" $listedLease = @($maintenance.fabric_service_channel_lease_maintenance.leases | Where-Object { [string](Get-PropertyValue -Item $_ -Name "channel_id" -Default "") -eq [string]$lease.channel_id }) | Select-Object -First 1 $listedDataPlane = Get-PropertyValue -Item $listedLease -Name "data_plane" -Default $null $checks = [ordered]@{ lease_ready = ([string]$lease.status -eq "ready") lease_service_class_remote_workspace = ([string]$lease.service_class -eq "remote_workspace") lease_uses_requested_route = ([string]$lease.primary_route.route_id -eq $routeID) allowed_channels_are_remote_workspace = (@($lease.allowed_channels | Where-Object { [string]$_ -eq "interactive" }).Count -gt 0 -and @($lease.allowed_channels | Where-Object { [string]$_ -eq "vpn_packet" }).Count -eq 0) required_role_is_rdp_worker = (@($lease.required_roles | Where-Object { [string]$_ -eq "rdp-worker" }).Count -gt 0) entry_path_is_remote_workspace = ($null -ne $entryHTTP -and [string]$entryHTTP.path_template -like "*remote-workspaces*" -and [string]$entryHTTP.path_template -notlike "*vpn-connections*") entry_ws_is_remote_workspace = ($null -ne $entryHTTP -and [string]$entryHTTP.websocket_path_template -like "*remote-workspaces*" -and [string]$entryHTTP.websocket_path_template -like "*streams/ws*") frame_batch_media_type = ($null -ne $entryHTTP -and [string]$entryHTTP.packet_batch_format -eq "application/vnd.rap.remote-workspace-frame-batch.v1") data_plane_remote_workspace_contract = ($null -ne $dataPlane -and [string]$dataPlane.schema_version -eq "rap.fabric_service_channel_data_plane.v1" -and [string]$dataPlane.stable_contract_for_service_class -eq "remote_workspace") data_plane_fabric_primary = ($null -ne $dataPlane -and [string]$dataPlane.mode -eq "fabric_primary" -and [string]$dataPlane.working_data_transport -eq "fabric_service_channel" -and [string]$dataPlane.steady_state_transport -eq "fabric_route") data_plane_service_neutral = ($null -ne $dataPlane -and [bool]$dataPlane.service_neutral -and [bool]$dataPlane.protocol_agnostic) flow_isolation_has_interactive = ($null -ne $dataPlane -and @($dataPlane.required_flow_isolation_classes | Where-Object { [string]$_ -eq "interactive" }).Count -gt 0) flow_isolation_has_no_vpn_packet = ($null -ne $dataPlane -and @($dataPlane.required_flow_isolation_classes | Where-Object { [string]$_ -eq "vpn_packet" }).Count -eq 0) authority_payload_has_remote_workspace_data_plane = ($null -ne $authorityDataPlane -and [string]$authorityDataPlane.stable_contract_for_service_class -eq "remote_workspace") introspection_allows_interactive_channel = ([bool]$introspectionResult.allowed -and [string]$introspectionResult.service_class -eq "remote_workspace" -and @($introspectionResult.allowed_channels | Where-Object { [string]$_ -eq "interactive" }).Count -gt 0) introspection_returns_data_plane = ($null -ne $introspectionDataPlane -and [string]$introspectionDataPlane.stable_contract_for_service_class -eq "remote_workspace") maintenance_lists_remote_workspace_data_plane = ($null -ne $listedDataPlane -and [string]$listedDataPlane.stable_contract_for_service_class -eq "remote_workspace") } $failed = @($checks.GetEnumerator() | Where-Object { -not $_.Value } | ForEach-Object { $_.Key }) $result = [ordered]@{ schema_version = "c19c.remote_workspace_service_channel_lease_smoke.v1" run_id = $runId base_url = $ApiBaseUrl cluster_id = $ClusterID entry_node = [ordered]@{ id = $entryNode.id; name = $entryNode.name } exit_node = [ordered]@{ id = $exitNode.id; name = $exitNode.name } channel_id = [string]$lease.channel_id route_id = $routeID lease = $lease introspection = $introspectionResult listed_lease = $listedLease checks = $checks failed_checks = $failed passed = ($failed.Count -eq 0) } $fullResultPath = Join-Path $repoRoot $ResultPath $resultDir = Split-Path -Parent $fullResultPath if ($resultDir) { New-Item -ItemType Directory -Force -Path $resultDir | Out-Null } $result | ConvertTo-Json -Depth 80 | Set-Content -Encoding UTF8 -Path $fullResultPath try { if ($routeID) { Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$routeID/expire" -Body @{ actor_user_id = $ActorUserID } | Out-Null } } catch { Write-Warning "Failed to expire smoke route intent $routeID`: $($_.Exception.Message)" } if (-not $result.passed) { throw "C19C remote workspace service-channel lease smoke failed. Result: $fullResultPath Failed: $($failed -join ', ')" } Write-Host "C19C remote workspace service-channel lease smoke passed. Result: $fullResultPath" $result