Adding support for RADIUS test cases in sonic-mgmt #16475
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run |
|
Azure Pipelines successfully started running 1 pipeline(s). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of PR
Add RADIUS test cases to sonic-mgmt and add a RADIUS Server to the pft docker image. The following situations are covered
Testing a user with Privl 15 is allowed access
Testing a user with Priv 1 is allowed access
Testing that a user added to the correct Linux groups based on Priv level provided by RADIUS server
Testing that a user is only able to run commands that they have access to based on Priv level
Testing RADIUS statistics
Testing setting source-interface
Testing that an unauthorized user is not permitted access
Added needed fixures to:
Spin up RADIUS server on ptf
Add/Remove required RADIUS configuration needed for tests
Fixes #16471
Type of change
Bug fix
Testbed and Framework(new/improvement)
Test case(new/improvement)
Back port request
202012
202205
202305
202311
[X ] 202405
Approach
What is the motivation for this PR?
There are currently no RADIUS tests in sonic-mgmt; this helps close that gap.
How did you do it?
The PRs to add the freeRADIUS package to ptf is covered in these PRs:
sonic-net/sonic-buildimage#21307
How did you verify/test it?
Running this test suite on both T0 and T1 topologies:
radius/test_radius_auth.py::test_radius_rw_user[usschq-eswdut-t001-None] PASSED [ 16%]
radius/test_radius_auth.py::test_radius_ro_user[usschq-eswdut-t001-None] PASSED [ 33%]
radius/test_radius_auth.py::test_radius_command_auth[usschq-eswdut-t001-None] PASSED [ 50%]
radius/test_radius_auth.py::test_radius_fallback[usschq-eswdut-t001-None] PASSED [ 66%]
radius/test_radius_auth.py::test_radius_failed_auth[usschq-eswdut-t001-None] PASSED [ 83%]
radius/test_radius_auth.py::test_radius_source_ip[usschq-eswdut-t001-None] FAILED [100%]
The last test case is failing due to:
sonic-net/sonic-buildimage#21386
The PRs to add the freeRADIUS package to ptf is covered in these PRs:
sonic-net/sonic-buildimage#21307
Any platform specific information?
None
Supported testbed topology if it's a new test case?
Any