Skip to content

Commit

Permalink
create vars for each PKI suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@nqb
nqb committed Oct 21, 2021
1 parent 9ee2ec2 commit f2de72a
Show file tree
Hide file tree
Showing 19 changed files with 351 additions and 282 deletions.
6 changes: 3 additions & 3 deletions t/venom/pfservers/global_config_multi_tenant/10_create_roles.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,17 +61,17 @@ testcases:
assertions:
- result.statuscode ShouldEqual 201

- name: create_wired_dot1x_eap_tls_role
- name: create_wired_dot1x_eap_tls_manual.role
steps:
- type: http
method: POST
url: '{{.pfserver_webadmin_url}}/api/v1/config/roles'
ignore_verify_ssl: true
body: >-
{
"id":"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}",
"id":"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}",
"max_nodes_per_pid":0,
"notes":"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.notes}}"
"notes":"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.notes}}"
}
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand Down
8 changes: 4 additions & 4 deletions t/venom/pfservers/global_config_multi_tenant/15_create_network_devices.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,10 +107,10 @@ testcases:
"{{.wired_mac_auth.roles.headless_device.id}}Role": null,
"{{.wired_mac_auth.roles.headless_device.id}}Url": null,
"{{.wired_mac_auth.roles.headless_device.id}}Vlan": "{{.wired_mac_auth.roles.headless_device.vlan_id}}",
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}AccessList": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Role": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Url": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Vlan": "{{.dot1x_eap_tls_pfpki.roles.dot1x_eap_tls.vlan_id}}",
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}AccessList": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Role": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Url": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Vlan": "{{.dot1x_eap_tls_pfpki.roles.dot1x_eap_tls.vlan_id}}",
"voiceAccessList": null,
"voiceRole": null,
"voiceUrl": null,
Expand Down
2 changes: 1 addition & 1 deletion t/venom/switches/common/check_dot1x_int_status.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ testcases:
"Content-Type": "application/json"
assertions:
# we didn't check MAC address on port to make this testcase reusable
- result.body ShouldContainSubstring "{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.vlan_id}}"
- result.body ShouldContainSubstring "{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.vlan_id}}"
- result.body ShouldContainSubstring TLS
- result.body ShouldContainSubstring AUTHORIZED
- result.statuscode ShouldEqual 200
6 changes: 3 additions & 3 deletions t/venom/test_suites/global_config/00_create_roles.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,17 +61,17 @@ testcases:
assertions:
- result.statuscode ShouldEqual 201

- name: create_wired_dot1x_eap_tls_role
- name: create_wired_dot1x_eap_tls_manual.role
steps:
- type: http
method: POST
url: '{{.pfserver_webadmin_url}}/api/v1/config/roles'
ignore_verify_ssl: true
body: >-
{
"id":"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}",
"id":"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}",
"max_nodes_per_pid":0,
"notes":"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.notes}}"
"notes":"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.notes}}"
}
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand Down
8 changes: 4 additions & 4 deletions t/venom/test_suites/global_config/15_create_network_devices.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,10 +106,10 @@ testcases:
"{{.wired_mac_auth.roles.headless_device.id}}Role": null,
"{{.wired_mac_auth.roles.headless_device.id}}Url": null,
"{{.wired_mac_auth.roles.headless_device.id}}Vlan": "{{.wired_mac_auth.roles.headless_device.vlan_id}}",
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}AccessList": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Role": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Url": null,
"{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}Vlan": "{{.dot1x_eap_tls_pfpki.roles.dot1x_eap_tls.vlan_id}}",
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}AccessList": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Role": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Url": null,
"{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}Vlan": "{{.dot1x_eap_tls_pfpki.roles.dot1x_eap_tls.vlan_id}}",
"voiceAccessList": null,
"voiceRole": null,
"voiceUrl": null,
Expand Down
158 changes: 79 additions & 79 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/05_create_pki.yml
View file

Large diffs are not rendered by default.

16 changes: 8 additions & 8 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/10_enable_ocsp.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,13 @@ testcases:
ignore_verify_ssl: true
body: >-
{
"id": "{{.wired_dot1x_eap_tls.ocsp.id}}",
"ocsp_enable": "{{.wired_dot1x_eap_tls.ocsp.enable}}",
"ocsp_url": "{{.wired_dot1x_eap_tls.ocsp.url}}",
"ocsp_override_cert_url": "{{.wired_dot1x_eap_tls.ocsp.override_cert_url}}",
"ocsp_softfail": "{{.wired_dot1x_eap_tls.ocsp.softfail}}",
"ocsp_timeout": "{{.wired_dot1x_eap_tls.ocsp.timeout}}",
"ocsp_use_nonce": "{{.wired_dot1x_eap_tls.ocsp.use_nonce}}"
"id": "{{.wired_dot1x_eap_tls_manual.ocsp.id}}",
"ocsp_enable": "{{.wired_dot1x_eap_tls_manual.ocsp.enable}}",
"ocsp_url": "{{.wired_dot1x_eap_tls_manual.ocsp.url}}",
"ocsp_override_cert_url": "{{.wired_dot1x_eap_tls_manual.ocsp.override_cert_url}}",
"ocsp_softfail": "{{.wired_dot1x_eap_tls_manual.ocsp.softfail}}",
"ocsp_timeout": "{{.wired_dot1x_eap_tls_manual.ocsp.timeout}}",
"ocsp_use_nonce": "{{.wired_dot1x_eap_tls_manual.ocsp.use_nonce}}"
}
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand All @@ -35,7 +35,7 @@ testcases:
body: >-
{
"id": "tls-common",
"ocsp": "{{.wired_dot1x_eap_tls.ocsp.id}}"
"ocsp": "{{.wired_dot1x_eap_tls_manual.ocsp.id}}"
}
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand Down
10 changes: 5 additions & 5 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/45_create_eaptls_source.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,24 +21,24 @@ testcases:
"actions": [
{
"type": "set_role",
"value": "{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}"
"value": "{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}"
},
{
"type": "set_access_duration",
"value": "{{.wired_dot1x_eap_tls.sources.eaptls.access_duration}}"
"value": "{{.wired_dot1x_eap_tls_manual.sources.eaptls.access_duration}}"
}
],
"conditions": [
{
"attribute": "radius_request.TLS-Client-Cert-Issuer",
"operator": "equals",
"value": "{{.wired_dot1x_eap_tls.certs.ca.issuer}}"
"value": "{{.wired_dot1x_eap_tls_manual.certs.ca.issuer}}"
}
]
}
],
"description": "{{.wired_dot1x_eap_tls.sources.eaptls.description}}",
"id": "{{.wired_dot1x_eap_tls.sources.eaptls.name}}",
"description": "{{.wired_dot1x_eap_tls_manual.sources.eaptls.description}}",
"id": "{{.wired_dot1x_eap_tls_manual.sources.eaptls.name}}",
"realms": "",
"set_access_durations_action": null,
"type": "EAPTLS"
Expand Down
12 changes: 6 additions & 6 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/50_create_connection_profile.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,22 +22,22 @@ testcases:
"unit": "m"
},
"default_psk_key": null,
"description": "{{.wired_dot1x_eap_tls.profiles.wired.description}}",
"description": "{{.wired_dot1x_eap_tls_manual.profiles.wired.description}}",
"dot1x_recompute_role_from_portal": "enabled",
"dot1x_unset_on_unmatch": "disabled",
"dpsk": "disabled",
"filter": [
{
"type": "connection_type",
"match": "{{.wired_dot1x_eap_tls.profiles.wired.filters.connection_type}}"
"match": "{{.wired_dot1x_eap_tls_manual.profiles.wired.filters.connection_type}}"
},
{
"type": "connection_sub_type",
"match": "{{.wired_dot1x_eap_tls.profiles.wired.filters.connection_sub_type}}"
"match": "{{.wired_dot1x_eap_tls_manual.profiles.wired.filters.connection_sub_type}}"
}
],
"filter_match_style": "all",
"id": "{{.wired_dot1x_eap_tls.profiles.wired.id}}",
"id": "{{.wired_dot1x_eap_tls_manual.profiles.wired.id}}",
"locale": null,
"login_attempt_limit": 0,
"logo": null,
Expand All @@ -54,10 +54,10 @@ testcases:
"sms_pin_retry_limit": 0,
"sms_request_limit": 0,
"sources": [
"{{.wired_dot1x_eap_tls.sources.eaptls.name}}"
"{{.wired_dot1x_eap_tls_manual.sources.eaptls.name}}"
],
"status": "enabled",
"unreg_on_acct_stop": "{{.wired_dot1x_eap_tls.profiles.wired.unreg_on_acct_stop}}",
"unreg_on_acct_stop": "{{.wired_dot1x_eap_tls_manual.profiles.wired.unreg_on_acct_stop}}",
"vlan_pool_technique": "username_hash"
}
headers:
Expand Down
2 changes: 1 addition & 1 deletion t/venom/test_suites/wired_dot1x_eap_tls_manual/75_deploy_certificates_on_node01.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ testcases:
host: '{{.node01_mgmt_ip}}'
user: '{{.ssh_user}}'
command: |
sudo cp -v /home/vagrant/{{.wired_dot1x_eap_tls.certs.user.cn}}/* /etc/wpa_supplicant/eap_tls/
sudo cp -v /home/vagrant/{{.wired_dot1x_eap_tls_manual.certs.user.cn}}/* /etc/wpa_supplicant/eap_tls/
6 changes: 3 additions & 3 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/91_check_radius_audit_log.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ testcases:
{
"field": "connection_type",
"op": "equals",
"value": "{{.wired_dot1x_eap_tls.profiles.wired.filters.connection_type}}"
"value": "{{.wired_dot1x_eap_tls_manual.profiles.wired.filters.connection_type}}"
}
]
},
Expand Down Expand Up @@ -99,5 +99,5 @@ testcases:
"Content-Type": "application/json"
assertions:
- result.statuscode ShouldEqual 200
- result.bodyjson.item.radius_reply ShouldContainSubstring 'Tunnel-Private-Group-Id = "{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.vlan_id}}"'
- result.bodyjson.item.profile ShouldEqual "{{.wired_dot1x_eap_tls.profiles.wired.id}}"
- result.bodyjson.item.radius_reply ShouldContainSubstring 'Tunnel-Private-Group-Id = "{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.vlan_id}}"'
- result.bodyjson.item.profile ShouldEqual "{{.wired_dot1x_eap_tls_manual.profiles.wired.id}}"
6 changes: 3 additions & 3 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/95_check_autoregister_node.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ testcases:
assertions:
- result.statuscode ShouldEqual 200
- result.bodyjson.item.autoreg ShouldEqual yes
- result.bodyjson.item.category ShouldEqual "{{.wired_dot1x_eap_tls.roles.dot1x_eap_tls.id}}"
- result.bodyjson.item.pid ShouldEqual "{{.wired_dot1x_eap_tls.certs.user.cn}}"
- result.bodyjson.item.category ShouldEqual "{{.wired_dot1x_eap_tls_manual.roles.dot1x_eap_tls.id}}"
- result.bodyjson.item.pid ShouldEqual "{{.wired_dot1x_eap_tls_manual.certs.user.cn}}"
- result.bodyjson.item.status ShouldEqual reg
vars:
regdate:
Expand All @@ -33,7 +33,7 @@ testcases:
# - type: exec
# script: |
# perl -I/usr/local/pf/lib -I/usr/local/pf/lib_perl/lib/perl5 -Mpf::config::util \
# -e 'my @times = get_translatable_time("{{.wired_dot1x_eap_tls.sources.eaptls.access_duration}}"); print("$times[2]$times[1]");'
# -e 'my @times = get_translatable_time("{{.wired_dot1x_eap_tls_manual.sources.eaptls.access_duration}}"); print("$times[2]$times[1]");'
# vars:
# translatable_time:
# from: result.systemout
Expand Down
6 changes: 3 additions & 3 deletions t/venom/test_suites/wired_dot1x_eap_tls_manual/teardown/90_teardown.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ testcases:
steps:
- type: http
method: DELETE
url: '{{.pfserver_webadmin_url}}/api/v1/config/connection_profile/{{.wired_dot1x_eap_tls.profiles.wired.id}}'
url: '{{.pfserver_webadmin_url}}/api/v1/config/connection_profile/{{.wired_dot1x_eap_tls_manual.profiles.wired.id}}'
ignore_verify_ssl: true
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand All @@ -20,7 +20,7 @@ testcases:
steps:
- type: http
method: DELETE
url: '{{.pfserver_webadmin_url}}/api/v1/config/source/{{.wired_dot1x_eap_tls.sources.eaptls.name}}'
url: '{{.pfserver_webadmin_url}}/api/v1/config/source/{{.wired_dot1x_eap_tls_manual.sources.eaptls.name}}'
ignore_verify_ssl: true
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand Down Expand Up @@ -50,7 +50,7 @@ testcases:
steps:
- type: http
method: DELETE
url: '{{.pfserver_webadmin_url}}/api/v1/config/radiusd/ocsp_profile/{{.wired_dot1x_eap_tls.ocsp.id}}'
url: '{{.pfserver_webadmin_url}}/api/v1/config/radiusd/ocsp_profile/{{.wired_dot1x_eap_tls_manual.ocsp.id}}'
ignore_verify_ssl: true
headers:
"Authorization": "{{.get_login_token.json.result.token}}"
Expand Down
Loading

0 comments on commit f2de72a

Please sign in to comment.