Fuel for OpenStack

Need dedicated Jenkins slave for Security tests

Bug #1482211 reported by Egor Kotko
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Fuel for OpenStack
Fix Released
High
Fuel DevOps
Fuel for OpenStack 8.0

Bug Description

For preparing the security test necessary do several steps:
1. Preparation the qcow2 image with activated Nessus license.
Should be done only on host machine that will be used for executing this image.
Limitation due to Nessus license. (Will be done from QA side after getting access on the server)
2. Each time for new test environment Nessus VM should use "fresh" qcow2 image - can be done via:
 - #virsh vol-clone ...
- #qemu-img -b .... (need to test)
3. Job with the security test should run only on this server.

Revision history for this message
Pawel Brzozowski (pbrzozowski) wrote :

Egor, do you have any special hardware requirements?

tags: added: devops
Revision history for this message
Egor Kotko (ykotko) wrote :

Nothing special just as usual server for executing system tests: SSD, usual volume of RAM would be preferred.

Igor Shishkin (teran)
Changed in fuel:
assignee: Fuel DevOps (fuel-devops) → Fuel CI team (fuel-ci)
Revision history for this message
Aleksandra Fedorova (bookwar) wrote :

I've set srv16 for this task: http://jenkins-product.srt.mirantis.net:8080/computer/srv16-msk.msk.mirantis.net/
Please use label 'security' for securoty-related jenkins jobs.

We don't have SSD on generic Jenkins slaves, there will be just usual HDD

Changed in fuel:
status: New → Fix Committed
Aleksandra Fedorova (bookwar)
tags: added: hwrequest non-release
removed: fuel-ci
Changed in fuel:
assignee: Fuel CI team (fuel-ci) → Fuel DevOps (fuel-devops)
milestone: 7.0 → 8.0
Revision history for this message
Mateusz Matuszkowiak (mmatuszkowiak) wrote :

As i see Egor will need that srv16 to be connected to the new product-ci or use for that purpose already connected slave on new jenkins prod. Egor - please confirm/verify.

Revision history for this message
Egor Kotko (ykotko) wrote :

Yes, we need to use this dedicated server on new Jenkins because the job is already there:
https://product-ci.infra.mirantis.net/job/7.0.nessus_security_scan/

Mateusz Matuszkowiak (mmatuszkowiak)
Changed in fuel:
status: Fix Committed → Confirmed
Revision history for this message
Mateusz Matuszkowiak (mmatuszkowiak) wrote :

Ci-team please choose a slave on product-ci for this task or disconnect srv16 from old jenkins product and connect it to new instance. Note, that srv16 has the both necessary ssh keys: the one from old jenkins product and a new one from product-ci.

Revision history for this message
Egor Kotko (ykotko) wrote :

We need only srv16 because there is special prepared image with Nessus license.

Revision history for this message
Mateusz Matuszkowiak (mmatuszkowiak) wrote :

Egor, ACK. Assigning to ci-team.

Changed in fuel:
assignee: Fuel DevOps (fuel-devops) → Fuel CI team (fuel-ci)
Revision history for this message
Aleksandra Fedorova (bookwar) wrote :

This ticket is a tracking ticket for hardware request. PLease leave in in Fix Commited state assigned to Devops team

Aleksandra Fedorova (bookwar)
Changed in fuel:
assignee: Fuel CI team (fuel-ci) → Fuel DevOps (fuel-devops)
status: Confirmed → Fix Committed
Revision history for this message
Egor Kotko (ykotko) wrote :

The job was executed on appropriate server:
https://product-ci.infra.mirantis.net/view/7.0_swarm/job/7.0.nessus_security_scan/1/consoleFull

Changed in fuel:
status: Fix Committed → Fix Released
Dmitry Pyzhov (dpyzhov)
tags: added: area-devops
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.