output: Add test name before and after the test execution

Ref: cnti-testcatalog#1958
Add information of which test is starting to the console output
Add test name to test result console output

Signed-off-by: Konstantin Yarovoy <konstantin.yarovoy@tietoevry.com>

Author: Konstantin Yarovoy

spec/5g/core_spec.cr

@@ -17,7 +17,7 @@ describe "Core" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite smf_upf_heartbeat verbose`
       Log.info {"response: #{response_s}"}
-      (/PASSED: Chaos service degradation is less than 50%/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Chaos service degradation is less than 50%)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample_open5gs/cnf-testsuite.yml`}
       $?.success?.should be_true
@@ -30,7 +30,7 @@ describe "Core" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite smf_upf_heartbeat verbose baseline_count=300`
       Log.info {"response: #{response_s}"}
-      (/FAILED: Chaos service degradation is more than 50%/ =~ response_s).should_not be_nil
+      (/(FAILED).*(Chaos service degradation is more than 50%)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample_open5gs/cnf-testsuite.yml`}
       $?.success?.should be_true
@@ -43,7 +43,7 @@ describe "Core" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite suci_enabled verbose`
       Log.info {"response: #{response_s}"}
-      (/PASSED: Core uses SUCI 5g authentication/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Core uses SUCI 5g authentication)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample_open5gs/cnf-testsuite.yml`}
       $?.success?.should be_true
@@ -56,7 +56,7 @@ describe "Core" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite suci_enabled verbose`
       Log.info {"response: #{response_s}"}
-      (/FAILED: Core does not use SUCI 5g authentication/ =~ response_s).should_not be_nil
+      (/(FAILED).*(Core does not use SUCI 5g authentication)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample_open5gs_no_auth/cnf-testsuite.yml`}
       $?.success?.should be_true

spec/5g/ran_spec.cr

@@ -21,7 +21,7 @@ describe "5g" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite oran_e2_connection verbose`
       Log.info {"response: #{response_s}"}
-      (/PASSED: RAN connects to a RIC using the e2 standard interface/ =~ response_s).should_not be_nil
+      (/(PASSED).*(RAN connects to a RIC using the e2 standard interface)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample-oran-ric/cnf-testsuite.yml`}
       $?.success?.should be_true
@@ -38,7 +38,7 @@ describe "5g" do
       $?.success?.should be_true
       response_s = `./cnf-testsuite oran_e2_connection verbose`
       Log.info {"response: #{response_s}"}
-      (/FAILED: RAN does not connect to a RIC using the e2 standard interface/ =~ response_s).should_not be_nil
+      (/(FAILED).*(RAN does not connect to a RIC using the e2 standard interface)/ =~ response_s).should_not be_nil
     ensure
       Log.info {`./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample_open5gs/cnf-testsuite.yml`}
       $?.success?.should be_true

spec/platform/hardware_and_scheduler_spec.cr

@@ -15,7 +15,7 @@ describe "Platform" do
   it "'oci_compliant' should pass if all runtimes are oci_compliant", tags: ["platform:oci_compliant"] do
       response_s = `./cnf-testsuite platform:oci_compliant`
       LOGGING.info response_s
-      (/(PASSED){1}.*(which are OCI compliant runtimes){1}/ =~ response_s).should_not be_nil
+      (/(PASSED).*(which are OCI compliant runtimes)/ =~ response_s).should_not be_nil
   end
 end
 

spec/platform/observability_spec.cr

@@ -21,7 +21,7 @@ describe "Platform Observability" do
 
       response_s = `./cnf-testsuite platform:kube_state_metrics poc`
       LOGGING.info response_s
-      (/(PASSED){1}.*(Your platform is using the){1}.*(release for kube state metrics){1}/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Your platform is using the).*(release for kube state metrics)/ =~ response_s).should_not be_nil
   ensure
       resp = `#{helm} delete kube-state-metrics`
       LOGGING.info resp
@@ -47,7 +47,7 @@ describe "Platform Observability" do
       response_s = `./cnf-testsuite platform:node_exporter poc`
       LOGGING.info response_s
       if check_containerd
-        (/(PASSED){1}.*(Your platform is using the node exporter){1}/ =~ response_s).should_not be_nil
+        (/(PASSED).*(Your platform is using the node exporter)/ =~ response_s).should_not be_nil
       else
         (/skipping node_exporter: This test only supports the Containerd Runtime./ =~ response_s).should_not be_nil
       end
@@ -71,7 +71,7 @@ describe "Platform Observability" do
 
     response_s = `./cnf-testsuite platform:prometheus_adapter poc`
     Log.info { response_s }
-    (/(PASSED){1}.*(Your platform is using the prometheus adapter){1}/ =~ response_s).should_not be_nil
+    (/(PASSED).*(Your platform is using the prometheus adapter)/ =~ response_s).should_not be_nil
   ensure
     resp = Helm.uninstall("prometheus-adapter")
   end
@@ -90,7 +90,7 @@ describe "Platform Observability" do
 		  KubectlClient::Get.wait_for_install(deployment_name: "metrics-server")
       response_s = `./cnf-testsuite platform:metrics_server poc`
       LOGGING.info response_s
-      (/(PASSED){1}.*(Your platform is using the metrics server){1}/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Your platform is using the metrics server)/ =~ response_s).should_not be_nil
   ensure
       resp = Helm.uninstall("metrics-server")
       LOGGING.info resp

spec/platform/platform_spec.cr

@@ -36,7 +36,7 @@ describe "Platform" do
   it "'k8s_conformance' should pass if the sonobuoy tests pass", tags: ["platform"] do
     response_s = `./cnf-testsuite k8s_conformance`
     LOGGING.info response_s
-    (/PASSED: K8s conformance test has no failures/ =~ response_s).should_not be_nil
+    (/(PASSED).*(K8s conformance test has no failures)/ =~ response_s).should_not be_nil
   end
 
   it "individual tasks like 'platform:control_plane_hardening' should not require an installed cnf to run", tags: ["platform"] do

spec/platform/resilience_spec.cr

@@ -12,7 +12,7 @@ describe "Platform" do
       puts "Tests running in destructive mode".colorize(:red)
       response_s = `./cnf-testsuite platform:worker_reboot_recovery destructive`
       LOGGING.info response_s
-      (/(PASSED: Node came back online)/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Node came back online)/ =~ response_s).should_not be_nil
     else
       response_s = `./cnf-testsuite platform:worker_reboot_recovery`
       LOGGING.info response_s

spec/platform/security_spec.cr

@@ -11,7 +11,7 @@ describe "Platform" do
   it "'control_plane_hardening' should pass if the control plane has been hardened", tags: ["platform:security"] do
     response_s = `./cnf-testsuite platform:control_plane_hardening`
     Log.info { response_s }
-    (/(PASSED: Insecure port of Kubernetes API server is not enabled)/ =~ response_s).should_not be_nil
+    (/(PASSED).*(Insecure port of Kubernetes API server is not enabled)/ =~ response_s).should_not be_nil
   end
 
   it "'cluster_admin' should fail on a cnf that uses a cluster admin binding", tags: ["platform:security"] do
@@ -21,18 +21,57 @@ describe "Platform" do
       response_s = `./cnf-testsuite platform:cluster_admin`
       LOGGING.info response_s
       $?.success?.should be_true
-      (/FAILED: Users with cluster-admin RBAC permissions found/ =~ response_s).should_not be_nil
+      (/(FAILED).*(Users with cluster-admin RBAC permissions found)/ =~ response_s).should_not be_nil
     # ensure
     #   `./cnf-testsuite cnf_cleanup cnf-config=./sample-cnfs/sample-privilege-escalation/cnf-testsuite.yml`
     end
   end
 
+  it "'exposed_dashboard' should fail when the Kubernetes dashboard is exposed", tags: ["platform:security"] do
+    dashboard_install_url = "https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml"
+    begin
+      # Run the exposed_dashboard test to confirm no vulnerability before dashboard is installed
+      response_s = `./cnf-testsuite platform:exposed_dashboard`
+      (/(PASSED).*(No exposed dashboard found in the cluster)/ =~ response_s).should_not be_nil
+
+      # Install the dashboard version 2.0.0.
+      # According to the kubescape rule, anything less than v2.0.1 would fail.
+      KubectlClient::Apply.file(dashboard_install_url)
+
+      # Construct patch spec to expose Kubernetes Dashboard on a Node Port
+      patch_spec = {
+        spec: {
+          type: "NodePort",
+          ports: [
+            {
+              nodePort: 30500,
+              port: 443,
+              protocol: "TCP",
+              targetPort: 8443
+            }
+          ]
+        }
+      }
+      # Apply the patch to expose the dashboard on the NodePort
+      result = KubectlClient::Patch.spec("service", "kubernetes-dashboard", patch_spec.to_json, "kubernetes-dashboard")
+
+      # Run the test again to confirm vulnerability with an exposed dashboard
+      response_s = `./cnf-testsuite platform:exposed_dashboard`
+      Log.info { response_s }
+      $?.success?.should be_true
+      (/(FAILED).*(Found exposed dashboard in the cluster)/ =~ response_s).should_not be_nil
+    ensure
+      # Ensure to remove the Kubectl dashboard after the test
+      KubectlClient::Delete.file(dashboard_install_url)
+    end
+  end
+
   it "'helm_tiller' should fail if Helm Tiller is running in the cluster", tags: ["platform:security"] do
     ShellCmd.run("kubectl run tiller --image=rancher/tiller:v2.11.0", "create_tiller")
     KubectlClient::Get.resource_wait_for_install("pod", "tiller")
     response_s = `./cnf-testsuite platform:helm_tiller`
     $?.success?.should be_true
-    (/FAILED: Containers with the Helm Tiller image are running/ =~ response_s).should_not be_nil
+    (/(FAILED).*(Containers with the Helm Tiller image are running)/ =~ response_s).should_not be_nil
   ensure
     KubectlClient::Delete.command("pod/tiller")
     KubectlClient::Get.resource_wait_for_uninstall("pod", "tiller")
@@ -42,6 +81,6 @@ describe "Platform" do
     # By default we have nothing to setup for this task to pass since Helm v3 does not use Tiller.
     response_s = `./cnf-testsuite platform:helm_tiller`
     $?.success?.should be_true
-    (/PASSED: No Helm Tiller containers are running/ =~ response_s).should_not be_nil
+    (/(PASSED).*(No Helm Tiller containers are running)/ =~ response_s).should_not be_nil
   end
 end

spec/workload/compatibility_spec.cr

@@ -26,7 +26,7 @@ describe "Compatibility" do
         retries = retries + 1
       end
       Log.info {"Status:  #{response_s}"}
-      (/PASSED: CNF compatible with both Calico and Cilium/ =~ response_s).should_not be_nil
+      (/(PASSED).*(CNF compatible with both Calico and Cilium)/ =~ response_s).should_not be_nil
     ensure
       `./cnf-testsuite cnf_cleanup cnf-config=sample-cnfs/sample-coredns-cnf/cnf-testsuite.yml`
       $?.success?.should be_true
@@ -40,7 +40,7 @@ describe "Compatibility" do
       response_s = `./cnf-testsuite increase_decrease_capacity verbose`
       LOGGING.info response_s
       $?.success?.should be_true
-      (/PASSED: Replicas increased to/ =~ response_s).should_not be_nil
+      (/(PASSED).*(Replicas increased to)/ =~ response_s).should_not be_nil
     ensure
       `./cnf-testsuite cnf_cleanup cnf-config=./sample-cnfs/sample_coredns/cnf-testsuite.yml`
     end