+
+# ODL username/password tests
+def username_password_tests(username, password)
+
+ it {
+ should contain_odl_user(username).with(
+ :password => password
+ )
+ }
+end
+
+# ODL websocket address tests
+def odl_websocket_address_tests(options = {})
+ # Extract params
+ # NB: This default value should be the same as one in opendaylight::params
+ # TODO: Remove this possible source of bugs^^
+ odl_bind_ip = options.fetch(:odl_bind_ip, '0.0.0.0')
+ # Confirm properties of ODL REST port config file
+ # NB: These hashes don't work with Ruby 1.8.7, but we
+ # don't support 1.8.7 so that's okay. See issue #36.
+
+ if not odl_bind_ip.eql? '0.0.0.0'
+ it {
+ should contain_file('/opt/opendaylight/etc/org.opendaylight.restconf.cfg').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ )
+ }
+ it {
+ should contain_file_line('websocket-address').with(
+ 'path' => '/opt/opendaylight/etc/org.opendaylight.restconf.cfg',
+ 'line' => "websocket-address=#{odl_bind_ip}",
+ 'match' => '^websocket-address=.*$',
+ )
+ }
+ else
+ it {
+ should_not contain_file_line('websocket-address')
+ }
+ end
+end
+
+def odl_tls_tests(options = {})
+ enable_tls = options.fetch(:enable_tls, false)
+ tls_keystore_password = options.fetch(:tls_keystore_password, nil)
+ tls_trusted_certs = options.fetch(:tls_trusted_certs, [])
+ tls_keystore_password = options.fetch(:tls_keystore_password, nil)
+ tls_key_file = options.fetch(:tls_key_file, nil)
+ tls_cert_file = options.fetch(:tls_cert_file, nil)
+ tls_ca_cert_file = options.fetch(:tls_ca_cert_file, nil)
+ odl_rest_port = options.fetch(:odl_rest_port, 8181)
+
+ if enable_tls
+ if tls_keystore_password.nil?
+ it { expect { should contain_class('opendaylight::config') }.to raise_error(Puppet::PreformattedError) }
+ return
+ end
+
+ if tls_key_file or tls_cert_file
+ if tls_key_file and tls_cert_file
+ it {
+ should contain_odl_keystore('controller')
+ }
+ else
+ it { expect { should contain_class('opendaylight::config') }.to raise_error(Puppet::PreformattedError) }
+ end
+ end
+ it {
+ should contain_augeas('Remove HTTP ODL REST Port')
+ should contain_augeas('ODL SSL REST Port')
+ should contain_file_line('set pax TLS port').with(
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => "org.osgi.service.http.port.secure = #{odl_rest_port}",
+ 'match' => '^#?org.osgi.service.http.port.secure.*$',
+ )
+ should contain_file_line('set pax TLS keystore location').with(
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => 'org.ops4j.pax.web.ssl.keystore = configuration/ssl/ctl.jks',
+ 'match' => '^#?org.ops4j.pax.web.ssl.keystore.*$',
+ )
+ should contain_file_line('set pax TLS keystore integrity password').with(
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => "org.ops4j.pax.web.ssl.password = #{tls_keystore_password}",
+ 'match' => '^#?org.ops4j.pax.web.ssl.password.*$',
+ )
+ should contain_file_line('set pax TLS keystore password').with(
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => "org.ops4j.pax.web.ssl.keypassword = #{tls_keystore_password}",
+ 'match' => '^#?org.ops4j.pax.web.ssl.keypassword.*$',
+ )
+ should contain_file('aaa-cert-config.xml').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/aaa-cert-config.xml',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ )
+ should contain_file('org.opendaylight.ovsdb.library.cfg').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ 'content' => /use-ssl = true/
+ )
+ should contain_file('/opt/opendaylight/configuration/ssl').with(
+ 'ensure' => 'directory',
+ 'path' => '/opt/opendaylight/configuration/ssl',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ 'mode' => '0755'
+ )
+ should contain_file_line('enable pax TLS').with(
+ 'ensure' => 'present',
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => 'org.osgi.service.http.secure.enabled = true',
+ 'match' => '^#?org.osgi.service.http.secure.enabled.*$',
+ )
+ should contain_file_line('disable pax HTTP').with(
+ 'ensure' => 'present',
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'line' => 'org.osgi.service.http.enabled = false',
+ 'match' => '^#?org.osgi.service.http.enabled.*$',
+ )
+ should contain_file('org.ops4j.pax.web.cfg').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/org.ops4j.pax.web.cfg',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ )
+ should contain_file('default-openflow-connection-config.xml').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ 'content' => /<transport-protocol>TLS<\/transport-protocol>/
+ )
+ }
+ end
+end
+
+def stats_polling_enablement_tests(options = {})
+ # Extract params
+ # NB: This default value should be the same as one in opendaylight::params
+ # TODO: Remove this possible source of bugs^^
+ stats_polling_enabled = options.fetch(:stats_polling_enabled, false)
+ # Confirm properties of ODL REST port config file
+ # NB: These hashes don't work with Ruby 1.8.7, but we
+ # don't support 1.8.7 so that's okay. See issue #36.
+ it {
+ should contain_file('openflowplugin.cfg').with(
+ 'ensure' => 'file',
+ 'path' => '/opt/opendaylight/etc/org.opendaylight.openflowplugin.cfg',
+ 'owner' => 'odl',
+ 'group' => 'odl',
+ )
+ should contain_file_line('stats-polling').with(
+ 'ensure' => 'present',
+ 'path' => '/opt/opendaylight/etc/org.opendaylight.openflowplugin.cfg',
+ 'line' => "is-statistics-polling-on=#{stats_polling_enabled}",
+ 'match' => '^is-statistics-polling-on=.*$',
+ )
+ }
+end