mirror of https://github.com/OpenKMIP/PyKMIP.git
Update the Travis CI config to add policies for integration tests
This change updates the files used by Travis CI to set up the PyKMIP server used for integration testing, specifically adding in support for custom operation policies.
This commit is contained in:
parent
4df9273bae
commit
ba746775d3
|
@ -0,0 +1,188 @@
|
||||||
|
{
|
||||||
|
"policy_A": {
|
||||||
|
"groups": {
|
||||||
|
"group_A": {
|
||||||
|
"CERTIFICATE": {
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"CERTIFICATE": {
|
||||||
|
"LOCATE": "ALLOW_ALL",
|
||||||
|
"CHECK": "ALLOW_ALL",
|
||||||
|
"GET": "ALLOW_ALL",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_ALL",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_ALL",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"SYMMETRIC_KEY": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"PUBLIC_KEY": {
|
||||||
|
"LOCATE": "ALLOW_ALL",
|
||||||
|
"CHECK": "ALLOW_ALL",
|
||||||
|
"GET": "ALLOW_ALL",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_ALL",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_ALL",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_ALL",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"PRIVATE_KEY": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"SPLIT_KEY": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"TEMPLATE": {
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"SECRET_DATA": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"OPAQUE_DATA": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
},
|
||||||
|
"PGP_KEY": {
|
||||||
|
"REKEY": "ALLOW_OWNER",
|
||||||
|
"REKEY_KEY_PAIR": "ALLOW_OWNER",
|
||||||
|
"DERIVE_KEY": "ALLOW_OWNER",
|
||||||
|
"LOCATE": "ALLOW_OWNER",
|
||||||
|
"CHECK": "ALLOW_OWNER",
|
||||||
|
"GET": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTES": "ALLOW_OWNER",
|
||||||
|
"GET_ATTRIBUTE_LIST": "ALLOW_OWNER",
|
||||||
|
"ADD_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"MODIFY_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"DELETE_ATTRIBUTE": "ALLOW_OWNER",
|
||||||
|
"OBTAIN_LEASE": "ALLOW_OWNER",
|
||||||
|
"GET_USAGE_ALLOCATION": "ALLOW_OWNER",
|
||||||
|
"ACTIVATE": "ALLOW_OWNER",
|
||||||
|
"REVOKE": "ALLOW_OWNER",
|
||||||
|
"DESTROY": "ALLOW_OWNER",
|
||||||
|
"ARCHIVE": "ALLOW_OWNER",
|
||||||
|
"RECOVER": "ALLOW_OWNER"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -5,11 +5,13 @@ set -x
|
||||||
|
|
||||||
if [[ "${RUN_INTEGRATION_TESTS}" == "1" ]]; then
|
if [[ "${RUN_INTEGRATION_TESTS}" == "1" ]]; then
|
||||||
sudo mkdir -p /etc/pykmip/certs
|
sudo mkdir -p /etc/pykmip/certs
|
||||||
|
sudo mkdir -p /etc/pykmip/policies
|
||||||
cd /etc/pykmip/certs
|
cd /etc/pykmip/certs
|
||||||
sudo openssl req -x509 -subj "/CN=test" -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
sudo openssl req -x509 -subj "/CN=test" -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
|
||||||
cd -
|
cd -
|
||||||
sudo cp ./.travis/pykmip.conf /etc/pykmip/pykmip.conf
|
sudo cp ./.travis/pykmip.conf /etc/pykmip/pykmip.conf
|
||||||
sudo cp ./.travis/server.conf /etc/pykmip/server.conf
|
sudo cp ./.travis/server.conf /etc/pykmip/server.conf
|
||||||
|
sudo cp ./.travis/policy.json /etc/pykmip/policies/policy.json
|
||||||
sudo mkdir /var/log/pykmip
|
sudo mkdir /var/log/pykmip
|
||||||
sudo chmod 777 /var/log/pykmip
|
sudo chmod 777 /var/log/pykmip
|
||||||
python ./bin/run_server.py &
|
python ./bin/run_server.py &
|
||||||
|
@ -17,4 +19,3 @@ if [[ "${RUN_INTEGRATION_TESTS}" == "1" ]]; then
|
||||||
else
|
else
|
||||||
tox
|
tox
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -6,3 +6,4 @@ key_path=/etc/pykmip/certs/key.pem
|
||||||
ca_path=/etc/pykmip/certs/cert.pem
|
ca_path=/etc/pykmip/certs/cert.pem
|
||||||
auth_suite=Basic
|
auth_suite=Basic
|
||||||
enable_tls_client_auth=False
|
enable_tls_client_auth=False
|
||||||
|
policy_path=/etc/pykmip/policies/
|
||||||
|
|
Loading…
Reference in New Issue