-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test: --fail-with-body will also print data
Signed-off-by: Boris Glimcher <[email protected]>
- Loading branch information
Showing
1 changed file
with
15 additions
and
15 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -34,15 +34,15 @@ SERIAL_NUMBER=third-serial-number | |
| CREDENTIALS=(--user "${SERIAL_NUMBER}":my-secret) | ||
|
|
||
| # TODO: remove --insecure | ||
| docker-compose run -T agent curl --insecure --fail "${CERTIFICATES[@]}" --output /tmp/first-boot-image.tst "https://web:443/first-boot-image.img" | ||
| docker-compose run -T agent curl --insecure --fail "${CERTIFICATES[@]}" --output /tmp/second-boot-image.tst "https://web:443/second-boot-image.img" | ||
| docker-compose run -T agent curl --insecure --fail "${CERTIFICATES[@]}" --output /tmp/third-boot-image.tst "https://web:443/third-boot-image.img" | ||
| docker-compose run -T agent curl --insecure --fail-with-body "${CERTIFICATES[@]}" --output /tmp/first-boot-image.tst "https://web:443/first-boot-image.img" | ||
| docker-compose run -T agent curl --insecure --fail-with-body "${CERTIFICATES[@]}" --output /tmp/second-boot-image.tst "https://web:443/second-boot-image.img" | ||
| docker-compose run -T agent curl --insecure --fail-with-body "${CERTIFICATES[@]}" --output /tmp/third-boot-image.tst "https://web:443/third-boot-image.img" | ||
|
|
||
| # read back to check configuration was set | ||
| docker-compose exec -T redirecter curl --include --fail --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://redirecter:7070/restconf/ds/ietf-datastores:running | ||
| docker-compose exec -T redirecter curl --include --fail-with-body --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://redirecter:7070/restconf/ds/ietf-datastores:running | ||
|
|
||
| # request onboarding info (like a DPU or IPU device would) and see it is redirect | ||
| docker-compose run -T agent curl --request POST --fail --data '{"ietf-sztp-bootstrap-server:input":{"hw-model":"model-x","os-name":"vendor-os","os-version":"17.3R2.1","signed-data-preferred":[null],"nonce":"BASE64VALUE="}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${REDIRECT}" | tee /tmp/post_rpc_input.json | ||
| docker-compose run -T agent curl --request POST --fail-with-body --data '{"ietf-sztp-bootstrap-server:input":{"hw-model":"model-x","os-name":"vendor-os","os-version":"17.3R2.1","signed-data-preferred":[null],"nonce":"BASE64VALUE="}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${REDIRECT}" | tee /tmp/post_rpc_input.json | ||
|
|
||
| # parse the redirect reply | ||
| jq -r .\"ietf-sztp-bootstrap-server:output\".\"conveyed-information\" /tmp/post_rpc_input.json | base64 --decode | tail -n +2 | sed '1i {' | jq . | tee /tmp/post_rpc_fixed.json | ||
|
|
@@ -54,22 +54,22 @@ port=$(jq -r .\"ietf-sztp-conveyed-info:redirect-information\".\"bootstrap-serve | |
| BOOTSTRAP="${REDIRECT//redirecter:8080/$addr:$port}" | ||
|
|
||
| # read back to check configuration was set | ||
| docker-compose exec -T bootstrap curl --include --fail --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:running | ||
| docker-compose exec -T bootstrap curl --include --fail-with-body --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:running | ||
|
|
||
| # request onboarding info (like a DPU or IPU device would) | ||
| docker-compose run -T agent curl --request POST --fail --data '{"ietf-sztp-bootstrap-server:input":{"hw-model":"model-x","os-name":"vendor-os","os-version":"17.3R2.1","signed-data-preferred":[null],"nonce":"BASE64VALUE="}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP}" | tee /tmp/post_rpc_input.json | ||
| docker-compose run -T agent curl --request POST --fail-with-body --data '{"ietf-sztp-bootstrap-server:input":{"hw-model":"model-x","os-name":"vendor-os","os-version":"17.3R2.1","signed-data-preferred":[null],"nonce":"BASE64VALUE="}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP}" | tee /tmp/post_rpc_input.json | ||
|
|
||
| # parse the reply | ||
| jq -r .\"ietf-sztp-bootstrap-server:output\".\"conveyed-information\" /tmp/post_rpc_input.json | base64 --decode | tail -n +2 | sed '1i {' | jq . | tee /tmp/post_rpc_fixed.json | ||
|
|
||
| # send progress | ||
| docker-compose run -T agent curl --request POST --fail --data '{"ietf-sztp-bootstrap-server:input":{"progress-type":"bootstrap-initiated","message":"message sent via JSON"}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP//get-bootstrapping-data/report-progress}" | ||
| docker-compose run -T agent curl --request POST --fail-with-body --data '{"ietf-sztp-bootstrap-server:input":{"progress-type":"bootstrap-initiated","message":"message sent via JSON"}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP//get-bootstrapping-data/report-progress}" | ||
|
|
||
| # check audit log | ||
| docker-compose exec -T bootstrap curl --include --fail -X GET --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:audit-log | ||
| docker-compose exec -T bootstrap curl --include --fail-with-body -X GET --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:audit-log | ||
|
|
||
| # check bootstrapping log | ||
| docker-compose exec -T bootstrap curl --include --fail -X GET --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | ||
| docker-compose exec -T bootstrap curl --include --fail-with-body -X GET --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | ||
|
|
||
| # parse the reply some more | ||
| jq -r .\"ietf-sztp-conveyed-info:onboarding-information\".\"configuration\" /tmp/post_rpc_fixed.json | base64 --decode | ||
|
|
@@ -89,14 +89,14 @@ jq -r .\"ietf-sztp-conveyed-info:onboarding-information\".\"boot-image\".\"image | |
| # actually go and download the image from the web server | ||
| URL=$(jq -r .\"ietf-sztp-conveyed-info:onboarding-information\".\"boot-image\".\"download-uri\"[0] /tmp/post_rpc_fixed.json) | ||
| BASENAME=$(basename "${URL}") | ||
| docker-compose run -T agent curl --insecure --fail "${CERTIFICATES[@]}" --output "/tmp/${BASENAME}" "${URL}" | ||
| docker-compose run -T agent curl --insecure --fail-with-body "${CERTIFICATES[@]}" --output "/tmp/${BASENAME}" "${URL}" | ||
|
|
||
| # Validate signature | ||
| SIGNATURE=$(docker-compose run -T agent ash -c "openssl dgst -sha256 -c \"/tmp/${BASENAME}\" | awk '{print \$2}'") | ||
| jq -r .\"ietf-sztp-conveyed-info:onboarding-information\".\"boot-image\".\"image-verification\"[] /tmp/post_rpc_fixed.json | grep "${SIGNATURE}" | ||
|
|
||
| # send progress | ||
| docker-compose run -T agent curl --request POST --fail --data '{"ietf-sztp-bootstrap-server:input":{"progress-type":"bootstrap-complete","message":"message sent via JSON"}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP//get-bootstrapping-data/report-progress}" | ||
| docker-compose run -T agent curl --request POST --fail-with-body --data '{"ietf-sztp-bootstrap-server:input":{"progress-type":"bootstrap-complete","message":"message sent via JSON"}}' -H "Content-Type:application/yang-data+json" "${CREDENTIALS[@]}" "${CERTIFICATES[@]}" "${BOOTSTRAP//get-bootstrapping-data/report-progress}" | ||
|
|
||
| # print for debug | ||
| docker-compose ps | ||
|
|
@@ -111,8 +111,8 @@ if [ "${rc}" != "0" ]; then | |
| fi | ||
|
|
||
| # check bootstrapping log | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | grep -zqv ietf-restconf:errors | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | grep bootstrap-complete | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail-with-body --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail-with-body --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | grep -zqv ietf-restconf:errors | ||
| docker-compose exec -T bootstrap curl --include --request GET --fail-with-body --user [email protected]:my-secret -H "Accept:application/yang-data+json" http://bootstrap:7080/restconf/ds/ietf-datastores:operational/wn-sztpd-1:devices/device="${SERIAL_NUMBER}"/bootstrapping-log | grep bootstrap-complete | ||
|
|
||
| echo "DONE" | ||