openshift-origin-controller 1.3.2

data/test/cucumber/support/unused.rb

@@ -0,0 +1,27 @@
+# Copyright (c) 2010, Nathaniel Ritmeyer. All rights reserved.
+#
+# http://www.natontesting.com
+#
+# Save this in a file called 'unused.rb' in your 'features/support' directory. Then, to list
+# all the unused steps in your project, run the following command:
+#
+#   cucumber -d -f Cucumber::Formatter::Unused
+#
+# or...
+#
+#   cucumber -d -f Unused
+
+require 'cucumber/formatter/stepdefs'
+
+class Unused < Cucumber::Formatter::Stepdefs
+  def print_summary(features)
+    add_unused_stepdefs
+    keys = @stepdef_to_match.keys.sort {|a,b| a.regexp_source <=> b.regexp_source}
+    puts "The following steps are unused...\n---------"
+    keys.each do |stepdef_key|
+      if @stepdef_to_match[stepdef_key].none?
+        puts "#{stepdef_key.regexp_source}\n#{stepdef_key.file_colon_line}\n---"
+      end
+    end
+  end
+end

data/test/cucumber/support/user_helper.rb

@@ -0,0 +1,37 @@
+#require '/var/www/openshift/broker/config/environment'
+
+module UserHelper
+  #
+  # Obtain a unique username from S3.
+  #
+  #   reserved_usernames = A list of reserved names that may
+  #     not be in the global store
+  #
+  def get_unique_username(reserved_usernames=[])
+    result={}
+
+    loop do
+      # Generate a random username
+      chars = ("1".."9").to_a
+      namespace = "unit" + Array.new(8, '').collect{chars[rand(chars.size)]}.join
+      login = "cucumber-test+#{namespace}@example.com"
+      #has_txt = !OpenShift::DnsService.instance.namespace_available?(namespace)
+      has_txt = namespace_available?(namespace)
+
+      unless has_txt or reserved_usernames.index(login)
+        result[:login] = login
+        result[:namespace] = namespace
+        break
+      end
+    end
+
+    return result
+  end
+
+  def register_user(login, password)
+    command = $user_register_script_format % [login, password]
+    run command
+  end
+
+end
+World(UserHelper)

data/test/cucumber/trap-user-extended.feature

@@ -0,0 +1,53 @@
+@runtime_extended2
+@runtime_extended3
+Feature: Trap User Shell
+  Scenario Outline: Use ctl_all to start and stop a simple application
+    Given a new <type> type application
+    And the application is made publicly accessible
+
+    When I stop the application using ctl_all via rhcsh
+    Then a <proc_name> process will not be running
+
+    When I start the application using ctl_all via rhcsh
+    Then a <proc_name> process will be running
+
+  Scenarios:
+    | type         | proc_name |
+    | jbossas-7    | java      |
+    | jbosseap-6.0 | java      |
+    | jbossews-1.0 | java      |
+    | nodejs-0.6   | node      |
+    | perl-5.10    | httpd     |
+    | php-5.3      | httpd     |
+    | python-2.6   | httpd     |
+    | ruby-1.8     | httpd     |
+    | ruby-1.9     | httpd     |
+
+  Scenario Outline: Use ctl_all to start and stop an application with an embedded database
+    Given a new <type> type application
+    And I embed a <db_type> cartridge into the application
+    And I embed a <management_app> cartridge into the application
+    And the application is made publicly accessible
+
+    When I stop the application using ctl_all via rhcsh
+    Then a <proc_name> process for <type> will not be running
+    And a <db_proc_name> process will not be running 
+    And a httpd process for <management_app> will not be running
+
+    When I start the application using ctl_all via rhcsh
+    Then a <proc_name> process for <type> will be running
+    And a <db_proc_name> process will be running
+    And a httpd process for <management_app> will be running
+
+  Scenarios:
+    | type         | proc_name | db_type     | db_proc_name | management_app |
+    | perl-5.10    | httpd     | mongodb-2.2 | mongod       | rockmongo-1.1  |
+    | perl-5.10    | httpd     | mysql-5.1   | mysqld       | phpmyadmin-3.4 |
+    | php-5.3      | httpd     | mongodb-2.2 | mongod       | rockmongo-1.1  |
+    | php-5.3      | httpd     | mysql-5.1   | mysqld       | phpmyadmin-3.4 |
+    | ruby-1.8     | httpd     | mongodb-2.2 | mongod       | rockmongo-1.1  |
+    | ruby-1.8     | httpd     | mysql-5.1   | mysqld       | phpmyadmin-3.4 |
+    | ruby-1.9     | httpd     | mongodb-2.2 | mongod       | rockmongo-1.1  |
+    | ruby-1.9     | httpd     | mysql-5.1   | mysqld       | phpmyadmin-3.4 |
+
+    

data/test/cucumber/trap-user.feature

@@ -0,0 +1,34 @@
+@runtime
+@runtime3
+Feature: Trap User Shell
+
+  As a system designer
+  I should be able to limit user login to a defined set of commands
+  So that I can ensure the security of the system
+
+  Scenario: Running commands via rhcsh
+    Given a new php-5.3 type application
+    And the application is made publicly accessible
+
+    Then I can run "ls / > /dev/null" with exit code: 0
+    And I can run "this_should_fail" with exit code: 127
+    And I can run "true" with exit code: 0
+    And I can run "java -version" with exit code: 0
+    And I can run "scp" with exit code: 1
+
+  Scenario: Tail Logs
+    Given a new php-5.3 type application
+    And the application is made publicly accessible
+    Then a tail process will not be running
+
+    When I tail the logs via ssh
+    Then a tail process will be running
+
+    When I stop tailing the logs
+    Then a tail process will not be running
+    
+  Scenario: Access Quota
+    Given a new php-5.3 type application
+    And the application is made publicly accessible
+    Then I can obtain disk quota information via SSH
+  

data/test/ddns/1.168.192-rev.db.init

@@ -0,0 +1,13 @@
+$TTL 300 ; short for testing
+$ORIGIN 1.168.192.IN-ADDR.ARPA.
+@ 	300	IN	SOA	ns1.example.com. hostmaster.example.com. (
+	2011112902 ; serial
+	300 ; refresh
+	15 ; retry
+	1800 ; expire
+	10 ; minimum
+	)
+
+	IN	NS	ns1.example.com.
+
+1	IN	PTR     master.example.com.

data/test/ddns/HOWTO.txt

@@ -0,0 +1,207 @@
+This document describes how to create a small self-contained DNS service
+suitable for testing dynamic DNS operations.
+
+The idea is to run a local DNS server as a non-root user on a
+non-standard port for testing purposes.  This configuration will not
+forward requests and will not interact with regular system DNS
+lookups.
+
+With a little modification this service can act as a local DNS service
+for development as well.  You would switch the port back to the
+default (53), enable recursion, use the nameserver values in the
+initial resolv.conf to set forwarders, and then replace the
+resolv.conf with one which points to localhost.
+
+## Install required software
+# Install BIND daemon and tools
+sudo yum install bind
+
+## create a workspace for the daemon and control files
+# Create a space to run the local service
+mkdir ~/ddns
+
+# Create a space for temporary files and logs
+mkdir ~/ddns/tmp
+
+# Copy the stock/default named configuration files
+cd ~/ddns
+sudo cp /etc/named.* .
+sudo cp /var/named/named.{ca,empty,localhost,loopback} .
+sudo chown `id -u`:`id -g` *
+
+# comment IPv6 root servers (unless you have IPv6 configured)
+perl -p  -i -e '/AAAA/ && s/^/;;/' named.*
+
+## Enable secure updates
+# generate update keys: may need enough randomness.  Log in and type stuff
+dnssec-keygen -a HMAC-MD5 -b 512 -n USER example.com
+
+# extract the key value
+perl -n -e '/Key: / && s/Key: // && print' Kexample.com.*.private
+
+-- example.com.key --
+key example.com {
+  algorithm HMAC-MD5;
+  secret "H6NDDnTbNpcBrUM5c4BJtohyK2uuZ5Oi6jxg3ME+RJsNl5Wl2B87oL12 YxWUR3Gp7FdZQojTKBSfs5ZjghYxGw==";
+};
+--
+
+# Create the test configuration file
+# 
+# This file is a limited configuration.  It runs on a non-standard
+# high-numbered port.  It runs from a single directory and stores
+# run-time files in a temporary directory so they can be cleaned up
+# and repopulated easily
+
+-- named.conf --
+// named.conf
+
+options {
+	// listen-on port 53 { 127.0.0.1; }; // low port requires root
+	listen-on port 10053 { 127.0.0.1; }; // avoid possible conflict
+	directory 	".";                 // assume start from CWD
+	allow-query     { localhost; };
+        recursion no;
+
+	pid-file "tmp/named.pid";
+	session-keyfile "tmp/named.session.key";
+        managed-keys-directory "tmp";
+
+	// uncomment and replace the marker with a nameserver IP address
+	// forward first ; forwarders { __NAMESERVER__ ; } ;
+	// then replace nameserver line in /etc/resolv.conf with 127.0.0.1
+};
+
+// disable remote controls
+controls {};
+
+logging {
+        channel default_debug {
+                file "tmp/named.log";
+                severity dynamic;
+        };
+};
+
+// define the root zone
+zone "." IN {
+	type hint;
+	file "named.ca";
+};
+
+// define standard loopback zones
+// uses: named.localhost, named.loopback, named.empty
+include "named.rfc1912.zones";
+
+//
+// Local customization
+//
+
+// load the update key
+include "example.com.key";
+
+zone "example.com" IN {
+     type master;
+     file "tmp/example.com.db";
+     allow-update { key example.com ; };
+}; 
+
+zone "1.168.192.in-addr.arpa" {
+     type master;
+     file "tmp/1.168.192-rev.db";
+     allow-update { key example.com ; } ;
+};
+--
+
+== Zone files ==
+
+Create the template zone files in the main directory.  You will copy them to
+the tmp directory for test runs.  Changes to the running service will
+cause changes to the zone files.
+
+--- example.com.db ---
+; initial data for testing DDNS using BIND
+$ORIGIN .
+$TTL 1	; 1 seconds (for testing only)
+example.com		IN SOA	ns1.example.com. hostmaster.example.com. (
+				2011112904 ; serial
+				60         ; refresh (1 minute)
+				15         ; retry (15 seconds)
+				1800       ; expire (30 minutes)
+				10         ; minimum (10 seconds)
+				)
+			NS	ns1.example.com.
+			MX	10 mail.example.com.
+$ORIGIN example.com.
+mail			A	127.0.0.1
+master			A	192.168.1.1
+ns1			A	127.0.0.1
+node                    A       192.168.1.10
+
+; test records
+testns1			TXT	"reserved namespace testns1"
+;testns2		TXT	"to be added by tests"
+testns3                 TXT     "reserved to add apps"
+testns4                 TXT     "reserved to delete apps"
+testapp4-testns4        CNAME   node.example.com.
+---
+
+--- 1.168.192-rev.db.init ---
+$TTL 1 ; short for testing
+$ORIGIN 1.168.192.IN-ADDR.ARPA.
+@ 	1	IN	SOA	ns1.example.com. hostmaster.example.com. (
+	2011112902 ; serial
+	300 ; refresh
+	15 ; retry
+	1800 ; expire
+	10 ; minimum
+	)
+
+	IN	NS	ns1.example.com.
+
+1	IN	PTR     master.example.com.
+---
+
+== testing ==
+
+# Go to the ddns working directory:
+
+cd ~/ddns
+
+# Clear the tmp directory: 
+rm -f tmp/*
+
+# copy the initial zone files
+for FILE in  *.init ; do cp $FILE tmp/`basename $FILE .init` ; done
+
+# start the named: log to stdout, no fork
+/usr/sbin/named -c named.conf -g
+
+# add an A record and try to retrieve it
+nsupdate -y HMAC-MD5:example.com:`perl -n -e '/secret "([^"]+)"/ && print $1;' example.com.key` <<EOF
+server localhost 10053
+update add foo.example.com 1 A 192.168.1.2
+send
+EOF
+
+# check the logs for the entry record
+grep foo tmp/named.log
+
+# check that the named returns the new record
+dig -p 10053 @localhost foo.example.com
+
+# stop the named
+kill `cat tmp/named.pid`
+
+
+== References ==
+
+http://linux.yyz.us/dns/ - sample DDNS setup
+
+== See Also ==
+
+ named(8)
+ named.conf(5)
+ nsupdate(1)
+ dig(1)
+ host(1)
+

data/test/ddns/Kexample.com.+157+06142.key

@@ -0,0 +1 @@
+example.com. IN KEY 0 3 157 H6NDDnTbNpcBrUM5c4BJtohyK2uuZ5Oi6jxg3ME+RJsNl5Wl2B87oL12 YxWUR3Gp7FdZQojTKBSfs5ZjghYxGw==

data/test/ddns/Kexample.com.+157+06142.private

@@ -0,0 +1,7 @@
+Private-key-format: v1.3
+Algorithm: 157 (HMAC_MD5)
+Key: H6NDDnTbNpcBrUM5c4BJtohyK2uuZ5Oi6jxg3ME+RJsNl5Wl2B87oL12YxWUR3Gp7FdZQojTKBSfs5ZjghYxGw==
+Bits: AAA=
+Created: 20120208182548
+Publish: 20120208182548
+Activate: 20120208182548

data/test/ddns/authconfig.rb

@@ -0,0 +1,14 @@
+
+$config = {
+  :dns => {
+    :server => '127.0.0.1',
+    :port => '10053',
+    :keyname => 'example.com',
+    :keyvalue => 'H6NDDnTbNpcBrUM5c4BJtohyK2uuZ5Oi6jxg3ME+RJsNl5Wl2B87oL12YxWUR3Gp7FdZQojTKBSfs5ZjghYxGw==',
+    :zone => "example.com"
+  },
+
+  :ss => {
+    :domain_suffix => "example.com"
+  }
+}

data/test/ddns/example.com.db.init

@@ -0,0 +1,23 @@
+$ORIGIN .
+$TTL 1	; 1 seconds (for testing only)
+example.com		IN SOA	ns1.example.com. hostmaster.example.com. (
+				2011112904 ; serial
+				60         ; refresh (1 minute)
+				15         ; retry (15 seconds)
+				1800       ; expire (30 minutes)
+				10         ; minimum (10 seconds)
+				)
+			NS	ns1.example.com.
+			MX	10 mail.example.com.
+$ORIGIN example.com.
+mail			A	127.0.0.1
+master			A	192.168.1.1
+ns1			A	127.0.0.1
+node                    A       192.168.1.10
+
+; test records
+testns1			TXT	"reserved namespace testns1"
+;testns2		TXT	"to be added by tests"
+testns3                 TXT     "reserved to add apps"
+testns4                 TXT     "reserved to delete apps"
+testapp4-testns4        CNAME   node.example.com.

data/test/ddns/example.com.key

@@ -0,0 +1,4 @@
+key example.com {
+  algorithm HMAC-MD5;
+  secret "H6NDDnTbNpcBrUM5c4BJtohyK2uuZ5Oi6jxg3ME+RJsNl5Wl2B87oL12YxWUR3Gp7FdZQojTKBSfs5ZjghYxGw==";
+};

data/test/ddns/named.ca

@@ -0,0 +1,52 @@
+; <<>> DiG 9.5.0b2 <<>> +bufsize=1200 +norec NS . @a.root-servers.net
+;; global options:  printcmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34420
+;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 20
+
+;; OPT PSEUDOSECTION:
+; EDNS: version: 0, flags:; udp: 4096
+;; QUESTION SECTION:
+;.				IN	NS
+
+;; ANSWER SECTION:
+.			518400	IN	NS	M.ROOT-SERVERS.NET.
+.			518400	IN	NS	A.ROOT-SERVERS.NET.
+.			518400	IN	NS	B.ROOT-SERVERS.NET.
+.			518400	IN	NS	C.ROOT-SERVERS.NET.
+.			518400	IN	NS	D.ROOT-SERVERS.NET.
+.			518400	IN	NS	E.ROOT-SERVERS.NET.
+.			518400	IN	NS	F.ROOT-SERVERS.NET.
+.			518400	IN	NS	G.ROOT-SERVERS.NET.
+.			518400	IN	NS	H.ROOT-SERVERS.NET.
+.			518400	IN	NS	I.ROOT-SERVERS.NET.
+.			518400	IN	NS	J.ROOT-SERVERS.NET.
+.			518400	IN	NS	K.ROOT-SERVERS.NET.
+.			518400	IN	NS	L.ROOT-SERVERS.NET.
+
+;; ADDITIONAL SECTION:
+A.ROOT-SERVERS.NET.	3600000	IN	A	198.41.0.4
+;;A.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:503:ba3e::2:30
+B.ROOT-SERVERS.NET.	3600000	IN	A	192.228.79.201
+C.ROOT-SERVERS.NET.	3600000	IN	A	192.33.4.12
+D.ROOT-SERVERS.NET.	3600000	IN	A	128.8.10.90
+E.ROOT-SERVERS.NET.	3600000	IN	A	192.203.230.10
+F.ROOT-SERVERS.NET.	3600000	IN	A	192.5.5.241
+;;F.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:500:2f::f
+G.ROOT-SERVERS.NET.	3600000	IN	A	192.112.36.4
+H.ROOT-SERVERS.NET.	3600000	IN	A	128.63.2.53
+;;H.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:500:1::803f:235
+I.ROOT-SERVERS.NET.	3600000	IN	A	192.36.148.17
+J.ROOT-SERVERS.NET.	3600000	IN	A	192.58.128.30
+;;J.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:503:c27::2:30
+K.ROOT-SERVERS.NET.	3600000	IN	A	193.0.14.129
+;;K.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:7fd::1
+L.ROOT-SERVERS.NET.	3600000	IN	A	199.7.83.42
+M.ROOT-SERVERS.NET.	3600000	IN	A	202.12.27.33
+;;M.ROOT-SERVERS.NET.	3600000	IN	AAAA	2001:dc3::35
+
+;; Query time: 147 msec
+;; SERVER: 198.41.0.4#53(198.41.0.4)
+;; WHEN: Mon Feb 18 13:29:18 2008
+;; MSG SIZE  rcvd: 615
+