m/rdp-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
rdp-proxy/scripts/fabric/c19d-remote-workspace-entry-ingress-smoke.ps1
T
m 8f69d53193 Record project continuation changes
2026-05-12 21:02:29 +03:00

235 lines
11 KiB
PowerShell
Raw Permalink Blame History

param(
[string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1",
[string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa",
[string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700",
[string]$EntryNodeName = "test-1",
[string]$ExitNodeName = "test-2",
[string]$EntryBaseUrl = "http://192.168.200.61:19131",
[string]$ResultPath = "artifacts\c19d-remote-workspace-entry-ingress-smoke-result.json"
)
Set-StrictMode -Version Latest
$ErrorActionPreference = "Stop"
$repoRoot = (Resolve-Path (Join-Path $PSScriptRoot "..\..")).ProviderPath
$runId = "c19d-" + (Get-Date -Format "yyyyMMdd-HHmmss")
function Invoke-Api {
param(
[string]$Method,
[string]$Path,
[object]$Body = $null
)
$uri = "$ApiBaseUrl$Path"
try {
if ($null -eq $Body) {
return Invoke-RestMethod -Method $Method -Uri $uri -TimeoutSec 30
}
return Invoke-RestMethod -Method $Method -Uri $uri -ContentType "application/json" -Body ($Body | ConvertTo-Json -Depth 80) -TimeoutSec 30
}
catch {
$statusCode = $null
if ($_.Exception.Response) {
$statusCode = [int]$_.Exception.Response.StatusCode
}
$details = $_.ErrorDetails.Message
if (-not $details) {
$details = $_.Exception.Message
}
throw "$Method $Path failed with HTTP $statusCode`: $details"
}
}
function Get-PropertyValue {
param([object]$Item, [string]$Name, [object]$Default = $null)
if ($null -eq $Item) { return $Default }
$property = $Item.PSObject.Properties[$Name]
if ($null -eq $property) { return $Default }
return $property.Value
}
function ConvertTo-Base64UrlJson {
param([object]$Value)
if ($Value -is [string]) {
$json = $Value
} else {
$json = $Value | ConvertTo-Json -Depth 80 -Compress
}
$bytes = [System.Text.Encoding]::UTF8.GetBytes($json)
return [Convert]::ToBase64String($bytes).TrimEnd("=").Replace("+", "-").Replace("/", "_")
}
function Get-NodeByName {
param([string]$Name)
$nodes = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes
$node = @($nodes | Where-Object { $_.name -eq $Name }) | Select-Object -First 1
if ($null -eq $node) {
throw "Node '$Name' was not found in cluster $ClusterID"
}
return $node
}
function Disable-ExistingRemoteWorkspaceRoutes {
param([string]$SourceNodeID, [string]$DestinationNodeID)
$items = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/mesh/route-intents?actor_user_id=$ActorUserID").route_intents
foreach ($item in @($items)) {
if ([string](Get-PropertyValue -Item $item -Name "status" -Default "") -ne "active") { continue }
if ([string](Get-PropertyValue -Item $item -Name "service_class" -Default "") -ne "remote_workspace") { continue }
$sourceSelector = Get-PropertyValue -Item $item -Name "source_selector" -Default $null
$destinationSelector = Get-PropertyValue -Item $item -Name "destination_selector" -Default $null
if ([string](Get-PropertyValue -Item $sourceSelector -Name "node_id" -Default "") -ne $SourceNodeID) { continue }
if ([string](Get-PropertyValue -Item $destinationSelector -Name "node_id" -Default "") -ne $DestinationNodeID) { continue }
[void](Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$($item.id)/disable" -Body @{
actor_user_id = $ActorUserID
reason = "c19d isolate remote workspace entry ingress smoke"
})
}
}
function New-RemoteWorkspaceRouteIntent {
param([string]$SourceNodeID, [string]$DestinationNodeID)
$expiresAt = (Get-Date).ToUniversalTime().AddMinutes(5).ToString("o")
return Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents" -Body @{
actor_user_id = $ActorUserID
source_selector = @{ node_id = $SourceNodeID }
destination_selector = @{ node_id = $DestinationNodeID }
service_class = "remote_workspace"
priority = 2100000000
policy = @{
synthetic_enabled = $true
route_version = "$runId-remote-workspace"
policy_version = "$runId-remote-workspace"
peer_directory_version = "$runId-remote-workspace"
hops = @($SourceNodeID, $DestinationNodeID)
allowed_channels = @("control", "interactive", "reliable", "bulk", "droppable")
max_ttl = 8
max_hops = 8
expires_at = $expiresAt
metadata = @{
smoke = "c19d_remote_workspace_entry_ingress"
run_id = $runId
}
}
}
}
$entryNode = Get-NodeByName -Name $EntryNodeName
$exitNode = Get-NodeByName -Name $ExitNodeName
Disable-ExistingRemoteWorkspaceRoutes -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id
$route = (New-RemoteWorkspaceRouteIntent -SourceNodeID $entryNode.id -DestinationNodeID $exitNode.id).route_intent
$routeID = [string]$route.id
$leaseResponse = Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases" -Body @{
actor_user_id = $ActorUserID
organization_id = "org-home"
user_id = "user-m"
resource_id = "$runId-remote-workspace"
service_class = "remote_workspace"
entry_node_ids = @([string]$entryNode.id)
exit_node_ids = @([string]$exitNode.id)
preferred_entry_node_id = [string]$entryNode.id
preferred_exit_node_id = [string]$exitNode.id
ttl_seconds = 120
metadata = @{
smoke = "c19d_remote_workspace_entry_ingress"
run_id = $runId
}
}
$lease = $leaseResponse.fabric_service_channel_lease
$authorityPayload = Get-PropertyValue -Item $lease -Name "authority_payload" -Default $null
if ($authorityPayload -is [string] -and $authorityPayload.Length -gt 0) {
$decodedAuthority = $authorityPayload | ConvertFrom-Json
} else {
$decodedAuthority = $authorityPayload
}
$ingressUrl = "$EntryBaseUrl/api/v1/clusters/$ClusterID/fabric/service-channels/$($lease.channel_id)/remote-workspaces/$($lease.resource_id)/streams/interactive"
$ingressResponse = Invoke-WebRequest -Method POST -Uri $ingressUrl -Headers @{
"X-RAP-Service-Channel-Token" = [string]$lease.token.token
"X-RAP-Fabric-Channel-ID" = [string]$lease.channel_id
"X-RAP-Service-Channel-Authority-Payload" = ConvertTo-Base64UrlJson -Value $decodedAuthority
"X-RAP-Service-Channel-Authority-Signature" = ConvertTo-Base64UrlJson -Value (Get-PropertyValue -Item $lease -Name "authority_signature" -Default $null)
"X-RAP-Service-Class" = "remote_workspace"
"X-RAP-Channel-Class" = "interactive"
} -Body "" -ContentType "application/vnd.rap.remote-workspace-frame-batch.v1" -TimeoutSec 30
$ingressBody = $ingressResponse.Content | ConvertFrom-Json
$acceptedBy = [string]$ingressResponse.Headers["X-RAP-Service-Channel-Accepted-By"]
$accessTelemetry = $null
$activeChannel = $null
for ($i = 0; $i -lt 10; $i++) {
Start-Sleep -Seconds 5
$response = Invoke-Api -Method GET -Path "/clusters/$ClusterID/fabric/service-channels/access-telemetry?actor_user_id=$ActorUserID&limit=50"
$accessTelemetry = $response.fabric_service_channel_access_telemetry
$activeChannel = @($accessTelemetry.active_channels | Where-Object { [string](Get-PropertyValue -Item $_ -Name "channel_id" -Default "") -eq [string]$lease.channel_id }) | Select-Object -First 1
if ($null -ne $activeChannel -and [int](Get-PropertyValue -Item $activeChannel -Name "entry_node_data_plane_contract_count" -Default 0) -ge 1) {
break
}
}
$checks = [ordered]@{
lease_ready = ([string]$lease.status -eq "ready")
lease_service_class_remote_workspace = ([string]$lease.service_class -eq "remote_workspace")
lease_uses_requested_route = ([string]$lease.primary_route.route_id -eq $routeID)
ingress_accepts_signed_authority = ([int]$ingressResponse.StatusCode -eq 202 -and $acceptedBy -eq "signed")
ingress_response_is_probe_contract = ([bool]$ingressBody.accepted -and [string]$ingressBody.schema_version -eq "rap.remote_workspace_service_channel_ingress_probe.v1")
ingress_response_service_class = ([string]$ingressBody.service_class -eq "remote_workspace")
ingress_response_channel_class = ([string]$ingressBody.channel_class -eq "interactive")
ingress_response_data_plane_validated = ([string]$ingressBody.data_plane -eq "validated")
ingress_response_payload_flow_not_implemented = ([string]$ingressBody.payload_flow -eq "not_implemented")
access_telemetry_reports_data_plane_contract = ($null -ne $accessTelemetry -and [int](Get-PropertyValue -Item $accessTelemetry -Name "data_plane_contract_count" -Default 0) -ge 1)
active_channel_reports_data_plane_contract = ($null -ne $activeChannel -and [int](Get-PropertyValue -Item $activeChannel -Name "entry_node_data_plane_contract_count" -Default 0) -ge 1)
active_channel_reports_fabric_data_plane = ($null -ne $activeChannel -and [string](Get-PropertyValue -Item $activeChannel -Name "entry_node_last_working_data_transport" -Default "") -eq "fabric_service_channel" -and [string](Get-PropertyValue -Item $activeChannel -Name "entry_node_last_steady_state_transport" -Default "") -eq "fabric_route")
}
$failed = @($checks.GetEnumerator() | Where-Object { -not $_.Value } | ForEach-Object { $_.Key })
$result = [ordered]@{
schema_version = "c19d.remote_workspace_entry_ingress_smoke.v1"
run_id = $runId
base_url = $ApiBaseUrl
entry_base_url = $EntryBaseUrl
cluster_id = $ClusterID
entry_node = [ordered]@{ id = $entryNode.id; name = $entryNode.name }
exit_node = [ordered]@{ id = $exitNode.id; name = $exitNode.name }
channel_id = [string]$lease.channel_id
route_id = $routeID
ingress = [ordered]@{
url = $ingressUrl
status_code = [int]$ingressResponse.StatusCode
accepted_by = $acceptedBy
body = $ingressBody
}
access_telemetry = $accessTelemetry
active_channel = $activeChannel
checks = $checks
failed_checks = $failed
passed = ($failed.Count -eq 0)
}
$fullResultPath = Join-Path $repoRoot $ResultPath
$resultDir = Split-Path -Parent $fullResultPath
if ($resultDir) {
New-Item -ItemType Directory -Force -Path $resultDir | Out-Null
}
$result | ConvertTo-Json -Depth 80 | Set-Content -Encoding UTF8 -Path $fullResultPath
try {
if ($routeID) {
Invoke-Api -Method POST -Path "/clusters/$ClusterID/mesh/route-intents/$routeID/expire" -Body @{ actor_user_id = $ActorUserID } | Out-Null
}
Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases/cleanup" -Body @{
actor_user_id = $ActorUserID
limit = 100
} | Out-Null
} catch {
Write-Warning "cleanup failed after c19d smoke: $($_.Exception.Message)"
}
if (-not $result.passed) {
throw "C19D remote workspace entry ingress smoke failed. Result: $fullResultPath Failed: $($failed -join ', ')"
}
Write-Host "C19D remote workspace entry ingress smoke passed. Result: $fullResultPath"
$result
Reference in New Issue View Git Blame Copy Permalink