139 lines
5.3 KiB
PowerShell
139 lines
5.3 KiB
PowerShell
param(
|
|
[string]$ApiBaseUrl = "http://192.168.200.61:18121/api/v1",
|
|
[string]$ClusterID = "cfc0743d-d960-49fb-9de8-96e063d5e4aa",
|
|
[string]$ActorUserID = "f67d943f-5397-4b3a-a229-695fe67ad700",
|
|
[string]$EntryNodeName = "test-1",
|
|
[string]$ExitNodeName = "test-3",
|
|
[string]$ResultPath = "artifacts\c18z73-service-channel-pool-policy-remediation-guard-smoke-result.json"
|
|
)
|
|
|
|
Set-StrictMode -Version Latest
|
|
$ErrorActionPreference = "Stop"
|
|
|
|
$scriptDir = Split-Path -Parent $MyInvocation.MyCommand.Path
|
|
$repoRoot = (Resolve-Path (Join-Path $scriptDir "..\..")).ProviderPath
|
|
|
|
function Invoke-Api {
|
|
param(
|
|
[string]$Method,
|
|
[string]$Path,
|
|
[object]$Body = $null
|
|
)
|
|
$params = @{
|
|
Method = $Method
|
|
Uri = "$ApiBaseUrl$Path"
|
|
TimeoutSec = 30
|
|
}
|
|
if ($null -ne $Body) {
|
|
$params.ContentType = "application/json"
|
|
$params.Body = ($Body | ConvertTo-Json -Depth 30)
|
|
}
|
|
return Invoke-RestMethod @params
|
|
}
|
|
|
|
function Select-NodeByName {
|
|
param([object[]]$Nodes, [string]$Name)
|
|
$node = @($Nodes | Where-Object { $_.name -eq $Name }) | Select-Object -First 1
|
|
if ($null -eq $node) {
|
|
throw "node '$Name' not found"
|
|
}
|
|
return $node
|
|
}
|
|
|
|
function Get-PropertyValue {
|
|
param([object]$Item, [string]$Name, [object]$Default = $null)
|
|
if ($null -eq $Item) { return $Default }
|
|
$property = $Item.PSObject.Properties[$Name]
|
|
if ($null -eq $property) { return $Default }
|
|
return $property.Value
|
|
}
|
|
|
|
$nodes = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/nodes?actor_user_id=$ActorUserID").nodes
|
|
$entryNode = Select-NodeByName -Nodes $nodes -Name $EntryNodeName
|
|
$exitNode = Select-NodeByName -Nodes $nodes -Name $ExitNodeName
|
|
|
|
$policy = (Invoke-Api -Method PUT -Path "/clusters/$ClusterID/fabric/service-channels/pool-policy" -Body @{
|
|
actor_user_id = $ActorUserID
|
|
entry_pool_node_ids = @($entryNode.id)
|
|
exit_pool_node_ids = @($exitNode.id)
|
|
preferred_entry_node_id = $entryNode.id
|
|
preferred_exit_node_id = $exitNode.id
|
|
selection_strategy = "preferred_first"
|
|
route_rebuild = "automatic"
|
|
entry_failover = "automatic"
|
|
exit_failover = "automatic"
|
|
backend_fallback_allowed = $true
|
|
sticky_session = $true
|
|
}).fabric_service_channel_pool_policy
|
|
|
|
$lease = (Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases" -Body @{
|
|
actor_user_id = $ActorUserID
|
|
organization_id = "c18z73-org"
|
|
user_id = "c18z73-user"
|
|
resource_id = "c18z73-pool-policy-remediation-guard-smoke"
|
|
service_class = "vpn_packets"
|
|
entry_node_ids = @($entryNode.id)
|
|
exit_node_ids = @($exitNode.id)
|
|
allowed_channels = @("vpn_packet", "fabric_control")
|
|
ttl_seconds = 5
|
|
}).fabric_service_channel_lease
|
|
|
|
$accessTelemetry = (Invoke-Api -Method GET -Path "/clusters/$ClusterID/fabric/service-channels/access-telemetry?actor_user_id=$ActorUserID&limit=50").fabric_service_channel_access_telemetry
|
|
$channel = @($accessTelemetry.active_channels | Where-Object { $_.channel_id -eq $lease.channel_id }) | Select-Object -First 1
|
|
|
|
$checks = [ordered]@{
|
|
policy_fingerprint_persisted = ([string]$policy.fingerprint).Length -gt 0
|
|
lease_has_policy_fingerprint = ($null -ne $lease.pool_policy -and [string]$lease.pool_policy.fingerprint -eq [string]$policy.fingerprint)
|
|
access_channel_found = ($null -ne $channel)
|
|
access_channel_projects_policy_fingerprint = ($null -ne $channel -and [string](Get-PropertyValue -Item $channel -Name "pool_policy_fingerprint" -Default "") -eq [string]$policy.fingerprint)
|
|
remediation_guard_absent_on_healthy_route = ($null -ne $channel -and ([string](Get-PropertyValue -Item $channel -Name "remediation_guard_status" -Default "")).Length -eq 0)
|
|
}
|
|
$failed = @($checks.GetEnumerator() | Where-Object { -not $_.Value } | ForEach-Object { $_.Key })
|
|
|
|
$result = [ordered]@{
|
|
schema_version = "c18z73.service_channel_pool_policy_remediation_guard_smoke.v1"
|
|
run_id = "c18z73-" + (Get-Date -Format "yyyyMMdd-HHmmss")
|
|
cluster_id = $ClusterID
|
|
passed = ($failed.Count -eq 0)
|
|
checks = $checks
|
|
failed_checks = $failed
|
|
summary = [ordered]@{
|
|
policy = $policy
|
|
lease = $lease
|
|
access_channel = $channel
|
|
}
|
|
}
|
|
|
|
$target = Join-Path $repoRoot $ResultPath
|
|
$result | ConvertTo-Json -Depth 60 | Set-Content -Path $target -Encoding UTF8
|
|
|
|
try {
|
|
Start-Sleep -Seconds 6
|
|
Invoke-Api -Method POST -Path "/clusters/$ClusterID/fabric/service-channels/leases/cleanup" -Body @{
|
|
actor_user_id = $ActorUserID
|
|
limit = 50
|
|
} | Out-Null
|
|
Invoke-Api -Method PUT -Path "/clusters/$ClusterID/fabric/service-channels/pool-policy" -Body @{
|
|
actor_user_id = $ActorUserID
|
|
entry_pool_node_ids = @()
|
|
exit_pool_node_ids = @()
|
|
preferred_entry_node_id = ""
|
|
preferred_exit_node_id = ""
|
|
selection_strategy = "fastest_healthy"
|
|
route_rebuild = "automatic"
|
|
entry_failover = "automatic"
|
|
exit_failover = "automatic"
|
|
backend_fallback_allowed = $true
|
|
sticky_session = $true
|
|
} | Out-Null
|
|
} catch {
|
|
Write-Warning "failed to restore default pool policy after smoke: $($_.Exception.Message)"
|
|
}
|
|
|
|
if (-not $result.passed) {
|
|
throw "C18Z73 pool-policy remediation guard smoke failed: $($failed -join ', ')"
|
|
}
|
|
|
|
Write-Host "C18Z73 service-channel pool-policy remediation guard smoke passed. Result: $target"
|
|
$result
|