If you are in the IT industry, I hope you have heard about chef automation framework. which we commonly used for deployment automation. So In this blog post, I'm going to talk about the Inspec Train plugin that I have written for Openshift platform. Inspec is released by the Chef Developers. which is an automated testing tool for integration, compliance, security, and other policy requirements. but (When I'm writing this blog post) there wasn't an inspec train transport to communicate with the Openshift platform, because we can't use ssh to connect with the Openshift nodes. OC client needs to be used to connect with the openshift pods. So I thought of writing a train plugin for Openshift.
After running the aforesaid command successfully, A file will be created as ~/.kube/config in the machine's home directory.
✋Important
If someone fails to perform the above steps, the following error would encounter in test runs,
ocPath: /home/madhawa/test/openshift-origin/openshift-origin-client-tools-v3.6.0-alpha.2-3c221d5-linux-64bit
serverUrl: https://console.xxxxxxxxxxx:443
token: DfJ_V1eSxz8gtK8rRGWBiqKUczvuuke_-o8vSlDtPhs
project: project-test
OC Path : Openshift client path
Server URL : Openshift login url
Token : Openshift login token
Project : Openshift project name
Instructions to install the plugin :
Prerequisite: inspec and ruby should be installed in the os.
1. Build the plugin: gem build train-openshift.gemspec
2. Install the plugin : inspec plugin install train-openshift-0.0.1.gem
./oc project
./oc project project-test
#List pod names
./oc get pods
After running the above commands tests can be executed with the defined pod in decided openshift
project in openshift-properties.yml and provide the pod id in test run command. (as shown
below).
inspec exec #{testfile} -t openshift://#{pod}
1. copy this file openshift-properties.yml
2. Run the inspec tests by following command
inspec exec test_xpath.rb -t openshift://project-esb-deployment-2-mz5jz
inspec exec #{testfile} -t openshift://#{pod}
1. Execute the inspec exec command with variable names
PROJECT="project-dev" POD="project-esb-deployment-2-mz5jz"
OC_PATH="/home/madhawa/xiges/openshift-origin/openshift-origin-client-tools-v3.6.0-al
pha.2-3c221d5-linux-64bit"
SERVER="https://console.org-env-0.org.innovateuk.ukri.org:443"
TOKEN="D4BYR3zg9GqK16hUGfwQq7NzYmlfhyPv0vswObSEtjU" inspec exec
test_xpath.rb -t openshift://project-esb-deployment-2-mz5jz --attrs ../profile-attribute.yml
use -l debug to enable debug logs
Happy testing with inspec and Openshift
[1] https://github.com/madhawa-gunasekara/train-openshift
[2] https://github.com/openshift/origin/releases
Openshift train plugin
Custom openshift train plugin supports to execute inspec test cases in openshift pods. The source code of the openshift train plugin can be found [1]. To build the openshift train plugin, Ruby gems should be installed in your operating system. After installing the train plugin, openshift client distribution should be set up in the file system. Openshift client distribution can be downloaded from here [2]Configuring openshift-origin-client-tools
TOKEN=VtEZif0g4N6SPB56__rxcw5jEMMMB0eYI5yZMHFbqI (A valid token)
./oc login https://console.org-env-0.org.innovateuk.ukri.org --token=$TOKEN
--insecure-skip-tls-verify=true
After running the aforesaid command successfully, A file will be created as ~/.kube/config in the machine's home directory.
✋Important
If someone fails to perform the above steps, the following error would encounter in test runs,
[2019-05-13T19:43:15.223504 #6828] DEBUG -- : [Openshift] Parameter erroutput error: Missing or incomplete configuration info. Please login or point to an existing, complete config file: 1. Via the command-line flag --config 2. Via the KUBECONFIG environment variable 3. In your home directory as ~/.kube/config To view or setup config directly use the 'config' command.
Openshift Properties YAML file
Properties file path can be defined by using this environment variable name “OPENSHIFT_CRED_FILE“ and also if it is not defined, by default train plugin will search for the “openshift-properties.yml “ in the test command execution folder path.ocPath: /home/madhawa/test/openshift-origin/openshift-origin-client-tools-v3.6.0-alpha.2-3c221d5-linux-64bit
serverUrl: https://console.xxxxxxxxxxx:443
token: DfJ_V1eSxz8gtK8rRGWBiqKUczvuuke_-o8vSlDtPhs
project: project-test
OC Path : Openshift client path
Server URL : Openshift login url
Token : Openshift login token
Project : Openshift project name
Instructions to install the plugin :
Prerequisite: inspec and ruby should be installed in the os.
1. Build the plugin: gem build train-openshift.gemspec
2. Install the plugin : inspec plugin install train-openshift-0.0.1.gem
Obtaining pod-name (Where tests need to run on)
#Select project./oc project
Execute the test cases with the properties file
Execute the test cases with environment variables
Happy testing with inspec and Openshift
[1] https://github.com/madhawa-gunasekara/train-openshift
[2] https://github.com/openshift/origin/releases
