orb-community · manrodrigues · Dec 28, 2022 · Dec 21, 2022 · Dec 22, 2022 · Dec 28, 2022
diff --git a/python-test/README.md b/python-test/README.md
@@ -59,10 +59,10 @@ Then fill in the correct values:
 - **remote_prometheus_endpoint**
   - Mandatory!
   - base URL to send Prometheus metrics to Grafana Cloud> `(ex. prometheus-prod-10-prod-us-central-0.grafana.net)`
-- **ignore_ssl_and_certificate_errors**:
+- **verify_ssl**:
   - Bool
-  - Replaces HTTPS connections with HTTP and disables SSL certificate validation in MQTT connections.
-  - Default value: `False`
+  - When it is False, replaces HTTPS connections with HTTP and disables SSL certificate validation in MQTT connections.
+  - Default value: `True`
 - **is_credentials_registered**:
   - Bool
   - If false, register an account with credentials (email and password) used
@@ -80,14 +80,24 @@ Then fill in the correct values:
   - Bool
   - Referred to UI tests. If True, run chromedriver in headless mode
   - Default value: `true`
--  **include_otel_env_var**:
+- **include_otel_env_var**:
   - Bool
   - If true, use the environmental variable "ORB_OTEL_ENABLE" on agent provisioning commands
   - Default value: `false`
--  **enable_otel**:
+- **enable_otel**:
   - Bool
   - Value to be used in variable "ORB_OTEL_ENABLE". Note that `include_otel_env_var` parameter must be `true` if this variable is true.
   - Default value: `false`
+- **use_orb_live_address_pattern**:
+  - Bool
+  - If true, uses orb_address as base to api and mqtt address using orb.live pattern. If false, requires you to add the corresponding addresses.
+  - Default value: `true`
+- **orb_cloud_api_address**:
+  - Required if `use_orb_live_address_pattern` is false
+  - URL of the Orb deployment API. Obs: You MUST include the protocol.
+- **orb_cloud_mqtt_address**:
+  - Required if `use_orb_live_address_pattern` is false
+  - URL of the Orb deployment mqtt. Obs: You MUST include the protocol and the port.
 
 ## Run behave
 Simply run `behave`, optionally passing the feature file as follows:

diff --git a/python-test/features/steps/control_plane_agent_groups.py b/python-test/features/steps/control_plane_agent_groups.py
@@ -15,6 +15,7 @@
 agent_group_name_prefix = 'test_group_name_'
 agent_group_description = "This is an agent group"
 orb_url = configs.get('orb_url')
+verify_ssl_bool = eval(configs.get('verify_ssl').title())
 
 
 @step("{amount_of_agent_groups} Agent Group(s) is created with {amount_of_tags} tags contained in the agent")
@@ -261,7 +262,8 @@ def create_agent_group(token, name, description, tags, expected_status_code=201)
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
     if expected_status_code == 201:
         assert_that(len(tags), greater_than(0), f"Tags is required to created a group. Json used: {json_request}")
-    response = requests.post(orb_url + '/api/v1/agent_groups', json=json_request, headers=headers_request)
+    response = requests.post(orb_url + '/api/v1/agent_groups', json=json_request, headers=headers_request,
+                             verify=verify_ssl_bool)
     try:
         response_json = response.json()
     except ValueError:
@@ -283,7 +285,7 @@ def get_agent_group(token, agent_group_id):
     """
 
     get_groups_response = requests.get(orb_url + '/api/v1/agent_groups/' + agent_group_id,
-                                       headers={'Authorization': f'Bearer {token}'})
+                                       headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     assert_that(get_groups_response.status_code, equal_to(200),
                 'Request to get agent group id=' + agent_group_id + ' failed with status=' + str(
@@ -324,7 +326,7 @@ def list_up_to_limit_agent_groups(token, limit=100, offset=0):
     """
 
     response = requests.get(orb_url + '/api/v1/agent_groups', headers={'Authorization': f'Bearer {token}'},
-                            params={"limit": limit, "offset": offset})
+                            params={"limit": limit, "offset": offset}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(200),
                 'Request to list agent groups failed with status=' + str(response.status_code))
@@ -354,7 +356,7 @@ def delete_agent_group(token, agent_group_id):
     """
 
     response = requests.delete(orb_url + '/api/v1/agent_groups/' + agent_group_id,
-                               headers={'Authorization': f'Bearer {token}'})
+                               headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(204), 'Request to delete agent group id='
                 + agent_group_id + ' failed with status=' + str(response.status_code))
@@ -402,7 +404,7 @@ def edit_agent_group(token, agent_group_id, name, description, tags, expected_st
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
 
     group_edited_response = requests.put(orb_url + '/api/v1/agent_groups/' + agent_group_id, json=json_request,
-                                         headers=headers_request)
+                                         headers=headers_request, verify=verify_ssl_bool)
 
     if name is None or tags is None:
         expected_status_code = 400

diff --git a/python-test/features/steps/control_plane_agents.py b/python-test/features/steps/control_plane_agents.py
@@ -19,6 +19,7 @@
 configs = TestConfig.configs()
 agent_name_prefix = "test_agent_name_"
 orb_url = configs.get('orb_url')
+verify_ssl_bool = eval(configs.get('verify_ssl').title())
 
 
 @given("that an agent with {orb_tags} orb tag(s) already exists and is {status}")
@@ -396,7 +397,8 @@ def provision_agent_using_config_file(context, input_type, settings, provision,
 def reset_agent_remotely(context):
     context.considered_timestamp_reset = datetime.now().timestamp()
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {context.token}'}
-    response = requests.post(f"{orb_url}/api/v1/agents/{context.agent['id']}/rpc/reset", headers=headers_request)
+    response = requests.post(f"{orb_url}/api/v1/agents/{context.agent['id']}/rpc/reset", headers=headers_request,
+                             verify=verify_ssl_bool)
     logs = get_orb_agent_logs(context.container_id)
     assert_that(response.status_code, equal_to(200),
                 f"Request to restart agent failed with status= {str(response.status_code)}. \n Agent: {context.agent}\n"
@@ -413,7 +415,7 @@ def check_agent_backend_pktvisor_routes(context, route):
                             "handlers": "backends/pktvisor/handlers"}
 
     response = requests.get(orb_url + '/api/v1/agents/' + agent_backend_routes[route],
-                            headers={'Authorization': f'Bearer {context.token}'})
+                            headers={'Authorization': f'Bearer {context.token}'}, verify=verify_ssl_bool)
     assert_that(response.status_code, equal_to(200),
                 f"Request to get {route} route failed with status =" + str(response.status_code))
     local_orb_path = configs.get("local_orb_path")
@@ -590,7 +592,7 @@ def get_agent(token, agent_id, status_code=200):
     """
 
     get_agents_response = requests.get(orb_url + '/api/v1/agents/' + agent_id,
-                                       headers={'Authorization': f'Bearer {token}'})
+                                       headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
     try:
         response_json = get_agents_response.json()
     except ValueError:
@@ -636,7 +638,7 @@ def list_up_to_limit_agents(token, limit=100, offset=0):
     """
 
     response = requests.get(orb_url + '/api/v1/agents', headers={'Authorization': f'Bearer {token}'},
-                            params={"limit": limit, "offset": offset})
+                            params={"limit": limit, "offset": offset}, verify=verify_ssl_bool)
     assert_that(response.status_code, equal_to(200),
                 f"Request to list agents failed with status= {str(response.status_code)}:{str(response.json())}")
     agents_as_json = response.json()
@@ -664,7 +666,7 @@ def delete_agent(token, agent_id):
     """
 
     response = requests.delete(orb_url + '/api/v1/agents/' + agent_id,
-                               headers={'Authorization': f'Bearer {token}'})
+                               headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(204), 'Request to delete agent id='
                 + agent_id + ' failed with status=' + str(response.status_code))
@@ -676,7 +678,7 @@ def wait_until_agent_being_created(token, name, tags, expected_status_code=201,
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*',
                        'Authorization': f'Bearer {token}'}
 
-    response = requests.post(orb_url + '/api/v1/agents', json=json_request, headers=headers_request)
+    response = requests.post(orb_url + '/api/v1/agents', json=json_request, headers=headers_request, verify=verify_ssl_bool)
     try:
         response_json = response.json()
     except ValueError:
@@ -717,7 +719,8 @@ def edit_agent(token, agent_id, name, tags, expected_status_code=200):
     json_request = {"name": name, "orb_tags": tags, "validate_only": False}
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*',
                        'Authorization': f'Bearer {token}'}
-    response = requests.put(orb_url + '/api/v1/agents/' + agent_id, json=json_request, headers=headers_request)
+    response = requests.put(orb_url + '/api/v1/agents/' + agent_id, json=json_request, headers=headers_request,
+                            verify=verify_ssl_bool)
     assert_that(response.status_code, equal_to(expected_status_code),
                 'Request to edit agent failed with status=' + str(response.status_code) + ":" + str(response.json()))
 
@@ -826,8 +829,8 @@ def create_agent_config_file(token, agent_name, iface, agent_tags, orb_url, base
         tags = {"tags": create_tags_set(agent_tags)}
     include_otel_env_var = configs.get('include_otel_env_var')
     enable_otel = configs.get('enable_otel')
-    if configs.get('ignore_ssl_and_certificate_errors', 'false').lower() == 'true':
-        mqtt_url = f"agents.{base_orb_address}:1883"
+    mqtt_url = configs.get('mqtt_url')
+    if configs.get('verify_ssl') == 'false':
         agent_config_file, tap = FleetAgent.config_file_of_orb_agent(agent_name, token, iface, orb_url, mqtt_url,
                                                                      tap_name,
                                                                      tls_verify=False, auto_provision=auto_provision,
@@ -840,7 +843,6 @@ def create_agent_config_file(token, agent_name, iface, agent_tags, orb_url, base
                                                                      enable_otel=enable_otel,
                                                                      overwrite_default=overwrite_default)
     else:
-        mqtt_url = "tls://agents." + base_orb_address + ":8883"
         agent_config_file, tap = FleetAgent.config_file_of_orb_agent(agent_name, token, iface, orb_url, mqtt_url,
                                                                      tap_name,
                                                                      auto_provision=auto_provision,

diff --git a/python-test/features/steps/control_plane_datasets.py b/python-test/features/steps/control_plane_datasets.py
@@ -12,6 +12,7 @@
 
 orb_url = TestConfig.configs().get('orb_url')
 configs = TestConfig.configs()
+verify_ssl_bool = eval(configs.get('verify_ssl').title())
 
 
 @step("a new dataset is requested to be created with the same name as an existent one")
@@ -177,7 +178,8 @@ def create_dataset(token, name_label, policy_id, agent_group_id, sink_id, expect
                     "sink_ids": sink_id}
     header_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
 
-    response = requests.post(orb_url + '/api/v1/policies/dataset', json=json_request, headers=header_request)
+    response = requests.post(orb_url + '/api/v1/policies/dataset', json=json_request, headers=header_request,
+                             verify=verify_ssl_bool)
     try:
         response_json = response.json()
     except ValueError:
@@ -207,7 +209,7 @@ def edit_dataset(token, dataset_id, name_label, policy_id, agent_group_id, sink_
     header_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
 
     response = requests.put(f"{orb_url}/api/v1/policies/dataset/{dataset_id}", json=json_request,
-                            headers=header_request)
+                            headers=header_request, verify=verify_ssl_bool)
     assert_that(response.status_code, equal_to(expected_status_code),
                 'Request to edit dataset failed with status=' + str(response.status_code) + ': ' + str(response.json()))
 
@@ -259,7 +261,7 @@ def list_up_to_limit_datasets(token, limit=100, offset=0):
     """
 
     response = requests.get(orb_url + '/api/v1/policies/dataset', headers={'Authorization': f'Bearer {token}'},
-                            params={"limit": limit, "offset": offset})
+                            params={"limit": limit, "offset": offset}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(200),
                 'Request to list datasets failed with status=' + str(response.status_code) + ':' + str(response.json()))
@@ -289,7 +291,7 @@ def delete_dataset(token, dataset_id):
     """
 
     response = requests.delete(orb_url + '/api/v1/policies/dataset/' + dataset_id,
-                               headers={'Authorization': f'Bearer {token}'})
+                               headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(204), 'Request to delete dataset id='
                 + dataset_id + ' failed with status=' + str(response.status_code))
@@ -306,7 +308,7 @@ def get_dataset(token, dataset_id, expected_status_code=200):
     """
 
     get_dataset_response = requests.get(orb_url + '/api/v1/policies/dataset/' + dataset_id,
-                                        headers={'Authorization': f'Bearer {token}'})
+                                        headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     try:
         response_json = get_dataset_response.json()

diff --git a/python-test/features/steps/control_plane_policies.py b/python-test/features/steps/control_plane_policies.py
@@ -13,7 +13,9 @@
 import ciso8601
 
 policy_name_prefix = "test_policy_name_"
-orb_url = TestConfig.configs().get('orb_url')
+configs = TestConfig.configs()
+orb_url = configs.get('orb_url')
+verify_ssl_bool = eval(configs.get('verify_ssl').title())
 
 
 @step("a new policy is requested to be created with the same name as an existent one and: {kwargs}")
@@ -477,7 +479,7 @@ def create_duplicated_policy(token, policy_id, new_policy_name=None, status_code
     headers_request = {'Content-type': 'application/json', 'Accept': 'application/json',
                        'Authorization': f'Bearer {token}'}
     post_url = f"{orb_url}/api/v1/policies/agent/{policy_id}/duplicate"
-    response = requests.post(post_url, json=json_request, headers=headers_request)
+    response = requests.post(post_url, json=json_request, headers=headers_request, verify=verify_ssl_bool)
     assert_that(response.status_code, equal_to(status_code),
                 'Request to create duplicated policy failed with status=' + str(response.status_code) + ': '
                 + str(response.json()))
@@ -516,7 +518,8 @@ def create_policy(token, json_request, expected_status_code=201):
 
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
 
-    response = requests.post(orb_url + '/api/v1/policies/agent', json=json_request, headers=headers_request)
+    response = requests.post(orb_url + '/api/v1/policies/agent', json=json_request, headers=headers_request,
+                             verify=verify_ssl_bool)
     try:
         response_json = response.json()
     except ValueError:
@@ -541,7 +544,7 @@ def edit_policy(token, policy_id, json_request, expected_status_code=200):
     headers_request = {'Content-type': 'application/json', 'Accept': '*/*', 'Authorization': f'Bearer {token}'}
 
     response = requests.put(orb_url + f"/api/v1/policies/agent/{policy_id}", json=json_request,
-                            headers=headers_request)
+                            headers=headers_request, verify=verify_ssl_bool)
     try:
         response_json = response.json()
     except ValueError:
@@ -743,7 +746,7 @@ def get_policy(token, policy_id, expected_status_code=200):
     """
 
     get_policy_response = requests.get(orb_url + '/api/v1/policies/agent/' + policy_id,
-                                       headers={'Authorization': f'Bearer {token}'})
+                                       headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
     try:
         response_json = get_policy_response.json()
     except ValueError:
@@ -788,7 +791,7 @@ def list_up_to_limit_policies(token, limit=100, offset=0):
     """
 
     response = requests.get(orb_url + '/api/v1/policies/agent', headers={'Authorization': f'Bearer {token}'},
-                            params={'limit': limit, 'offset': offset})
+                            params={'limit': limit, 'offset': offset}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(200),
                 'Request to list policies failed with status=' + str(response.status_code) + ': '
@@ -819,7 +822,7 @@ def delete_policy(token, policy_id):
     """
 
     response = requests.delete(orb_url + '/api/v1/policies/agent/' + policy_id,
-                               headers={'Authorization': f'Bearer {token}'})
+                               headers={'Authorization': f'Bearer {token}'}, verify=verify_ssl_bool)
 
     assert_that(response.status_code, equal_to(204), 'Request to delete policy id='
                 + policy_id + ' failed with status=' + str(response.status_code))