-
Notifications
You must be signed in to change notification settings - Fork 94
Expand file tree
/
Copy pathamwa-test.yml
More file actions
210 lines (186 loc) · 9.3 KB
/
amwa-test.yml
File metadata and controls
210 lines (186 loc) · 9.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
- name: install wsl
if: runner.os == 'Windows'
run: |
& curl -L https://aka.ms/wsl-ubuntu-1804 -o ubuntu-1804.appx
Rename-Item .\ubuntu-1804.appx .\ubuntu-1804.zip
Expand-Archive .\ubuntu-1804.zip .\ubuntu-1804
cd ubuntu-1804
.\ubuntu1804.exe install --root
- name: AMWA test suite
shell: bash
working-directory: ${{ env.RUNNER_WORKSPACE }}
run:
|
set -x
root_dir=`pwd`
# Install AMWA NMOS Testing Tool
git clone https://github.com/AMWA-TV/nmos-testing.git
cd nmos-testing
# Configure the Testing Tool so all APIs are tested with TLS and authorization
printf "from . import Config as CONFIG\nCONFIG.ENABLE_HTTPS = True\nCONFIG.MOCK_SERVICES_WARM_UP_DELAY = 30\nCONFIG.HTTP_TIMEOUT = 2\n" > nmostesting/UserConfig.py
# Set the DNS-SD mode
printf 'CONFIG.DNS_SD_MODE = "'${{ matrix.dns_sd_mode }}'"\n' >> nmostesting/UserConfig.py
# Set the client JWKS_URI for mock Authorization Server to obtain the client JSON Web Key Set (public keys) to verify the client_assertion, when the client is requesting the access token
if [[ "${{ matrix.dns_sd_mode }}" == "multicast" ]]; then
hostname=nmos-api.local
else
hostname=api.testsuite.nmos.tv
fi
printf 'CONFIG.JWKS_URI = "https://'${hostname}':1080/x-authorization/jwks"\n' >> nmostesting/UserConfig.py
if [[ "${{matrix.enable_authorization}}" == "true" ]]; then
printf 'CONFIG.ENABLE_AUTH = True\n' >> nmostesting/UserConfig.py
else
printf 'CONFIG.ENABLE_AUTH = False\n' >> nmostesting/UserConfig.py
fi
# Set config for control protocol testing
printf 'CONFIG.MS05_INVASIVE_TESTING = True\n' >> nmostesting/UserConfig.py
printf 'CONFIG.MAX_TEST_ITERATIONS = 2\n' >> nmostesting/UserConfig.py
# Download testssl
cd testssl
curl -L https://github.com/drwetter/testssl.sh/archive/v3.0.7.tar.gz -s | tar -xvzf - --strip-components=1 > /dev/null
cd ..
# Create output directories
mkdir results
mkdir badges
if [[ "${{ env.DOCKER_TEST_SUITE }}" == "true" ]]; then
# run test suite in amwa/nmos-testing docker container
docker pull amwa/nmos-testing
docker run -d --name "nmos_testing" --entrypoint="/usr/bin/tail" -v `pwd`/results:/home/nmos-testing/results amwa/nmos-testing -f /dev/null
run_python="docker exec -i nmos_testing python3"
elif [[ "${{ env.VAGRANT_TEST_SUITE }}" == "true" ]]; then
# run test suite in vagrant VM
cp ${{ env.GITHUB_WORKSPACE_BASH }}/.github/workflows/mac_Vagrantfile ./Vagrantfile
vagrant plugin install vagrant-scp
vagrant up
vagrant ssh -- mkdir results
run_python="vagrant ssh -- python3"
elif [[ "${{ runner.os }}" == "Linux" && "${{ matrix.dns_sd_mode }}" == "unicast" ]]; then
# run test suite directly
sudo pip install --upgrade -r requirements.txt
# install SDPoker
npm install -g git+https://git@github.com/AMWA-TV/sdpoker.git
run_python="sudo python"
else
# run test suite directly
pip install -r requirements.txt
# install SDPoker
npm install -g git+https://git@github.com/AMWA-TV/sdpoker.git
run_python="python"
fi
pip install -r utilities/run-test-suites/gsheetsImport/requirements.txt
# PyOpenSSL 26.2+ removed OpenSSL.crypto.X509Extension; nmos-testing still uses it for certificate tests.
$run_python -m pip install 'pyOpenSSL<26.2'
if [[ "${{ runner.os }}" == "Windows" ]]; then
# install certificates
certutil -enterprise -addstore -user root test_data\\BCP00301\\ca\\certs\\ca.cert.pem
certutil -enterprise -addstore -user ca test_data\\BCP00301\\ca\\intermediate\\certs\\intermediate.cert.pem
certutil -importpfx -enterprise test_data\\BCP00301\\ca\\intermediate\\certs\\ecdsa.api.testsuite.nmos.tv.cert.chain.pfx
certutil -importpfx -enterprise test_data\\BCP00301\\ca\\intermediate\\certs\\rsa.api.testsuite.nmos.tv.cert.chain.pfx
# RSA
netsh http add sslcert ipport=0.0.0.0:1080 certhash=021d50df2177c07095485184206ee2297e50b65c appid="{00000000-0000-0000-0000-000000000000}"
# ECDSA
#netsh http add sslcert ipport=0.0.0.0:1080 certhash=875eca592c49120254b32bb8bed90ac3679015a5 appid="{00000000-0000-0000-0000-000000000000}"
# RSA
netsh http add sslcert ipport=0.0.0.0:8088 certhash=021d50df2177c07095485184206ee2297e50b65c appid="{00000000-0000-0000-0000-000000000000}"
# ECDSA
#netsh http add sslcert ipport=0.0.0.0:8088 certhash=875eca592c49120254b32bb8bed90ac3679015a5 appid="{00000000-0000-0000-0000-000000000000}"
fi
if [[ "${{ runner.os }}" == "macOS" ]]; then
# force DNS lookups to IPv4 as mDNS lookups on macos seem to wait for the IPv6 lookup to timeout before returning the IPv4 result
mv nmostesting/GenericTest.py nmostesting/GenericTest.py.old
printf 'import socket\nold_getaddrinfo = socket.getaddrinfo\ndef new_getaddrinfo(host, port, family=0, type=0, proto=0, flags=0):\n return old_getaddrinfo(host, port, socket.AF_INET, type, proto, flags)\nsocket.getaddrinfo = new_getaddrinfo\n' > nmostesting/GenericTest.py
cat nmostesting/GenericTest.py.old >> nmostesting/GenericTest.py
fi
if [[ "${{ runner.os }}" == "Linux" && "${{ matrix.use_conan }}" == "false" ]]; then
# ubuntu 14 non-conan build uses boost 1.54.0 which doesn't support disabling TLS 1.1
mkdir -p ${{ env.GITHUB_WORKSPACE_BASH }}/Sandbox/nmos-testing-options/
echo "--ignore test_01" > ${{ env.GITHUB_WORKSPACE_BASH }}/Sandbox/nmos-testing-options/BCP-003-01.txt
echo "1" > ${{ env.GITHUB_WORKSPACE_BASH }}/Sandbox/nmos-testing-options/BCP-003-01_max_disabled.txt
fi
if [[ "${{ runner.os }}" == "Linux" ]]; then
if [[ "${{ matrix.install_mdns }}" == "true" ]]; then
echo "Stopping mdnsd"
sudo /etc/init.d/mdns stop
else
echo "Stopping avahi-daemon"
sudo systemctl stop avahi-daemon
fi
fi
if [[ "${{ matrix.dns_sd_mode }}" == "multicast" ]]; then
domain=local
else
domain=testsuite.nmos.tv
if [[ "${{ runner.os }}" == "Linux" ]]; then
# add host names
echo -e "${{ env.HOST_IP_ADDRESS }} api.$domain\n${{ env.HOST_IP_ADDRESS }} mocks.$domain" | sudo tee -a /etc/hosts > /dev/null
# force testing tool to cache specification repos before changing the resolver configuration
$run_python nmos-test.py suite IS-04-01 --selection auto --host ${{ env.HOST_IP_ADDRESS }} --port 444 --version v1.3 || true
# change the resolver configuration to use only the testing tool's mock DNS server
# and instead configure the mock DNS server to use an upstream DNS server
# as unicast DNS-SD test results are inconsistent if other servers are also configured
dns_upstream_ip=$(cat /etc/resolv.conf | grep ^nameserver | tr -s [:space:] ' ' | cut -f2 -d ' ' -s)
if [[ ! -z "$dns_upstream_ip" ]]; then
printf 'CONFIG.DNS_UPSTREAM_IP = "'${dns_upstream_ip}'"\n' >> nmostesting/UserConfig.py
fi
sudo cp /etc/resolv.conf /etc/resolv.conf.bak
echo -e "nameserver ${{ env.HOST_IP_ADDRESS }}" | sudo tee /etc/resolv.conf > /dev/null
else
echo "Unicast DNS-SD testing not yet supported on ${{ runner.os }}" && false
fi
fi
if [[ "${{ runner.os }}" == "Linux" ]]; then
if [[ "${{ matrix.install_mdns }}" == "true" ]]; then
echo "Restarting mdnsd"
sudo /etc/init.d/mdns start
#sudo /usr/sbin/mdnsd -debug &
sleep 2
dns-sd -V
else
echo "Restarting avahi-daemon"
sudo systemctl start avahi-daemon
sleep 2
ps -e | grep avahi-daemon
avahi-daemon -V
fi
fi
if [[ "${{ runner.os }}" == "Linux" && "${{ matrix.install_mdns }}" == "false" ]]; then
# nmos-cpp-node doesn't currently support advertising hostnames to Avahi
avahi-publish -a -R nmos-api.local ${{ env.HOST_IP_ADDRESS }} &
fi
${{ env.GITHUB_WORKSPACE_BASH }}/Sandbox/run_nmos_testing.sh "$run_python" ${domain} ${root_dir}/build/nmos-cpp-node ${root_dir}/build/nmos-cpp-registry results badges $GITHUB_STEP_SUMMARY ${{ env.HOST_IP_ADDRESS }} "${{ env.GITHUB_COMMIT }}-${{ env.BUILD_NAME }}-"
if [[ "${{ runner.os }}" == "Linux" ]]; then
if [[ "${{ matrix.install_mdns }}" == "true" ]]; then
ps -e | grep mdnsd || true
else
ps -e | grep avahi-daemon || true
fi
fi
if [[ "${{ matrix.dns_sd_mode }}" == "unicast" ]]; then
if [[ "${{ runner.os }}" == "Linux" ]]; then
# restore DNS Server
if [[ "${{ matrix.install_mdns }}" == "true" ]]; then
echo "Stopping mdnsd"
sudo /etc/init.d/mdns stop
else
echo "Stopping avahi-daemon"
sudo systemctl stop avahi-daemon
fi
cat /etc/resolv.conf.bak | sudo tee /etc/resolv.conf > /dev/null
if [[ "${{ matrix.install_mdns }}" == "true" ]]; then
echo "Restarting mdnsd"
sudo /etc/init.d/mdns start
else
echo "Restarting avahi-daemon"
sudo systemctl start avahi-daemon
fi
fi
fi
if [[ "${{ env.DOCKER_TEST_SUITE }}" == "true" ]]; then
docker stop nmos_testing
docker rm nmos_testing
fi
if [[ "${{ env.VAGRANT_TEST_SUITE }}" == "true" ]]; then
vagrant scp :results/* results/
vagrant destroy -f
fi
exit 0