Testing Setup and Configuration for Customer¶
This section explains the setup and testing of three tenants: qvstnt7
, qvstnt9
and qvstnt10
. It covers configuration files, user roles and authentication via ADFS. Encrypted credentials and Helm settings ensure secure access. Testing includes running cases like QAGP-TestAppAssignment and validating results via logs and URLs. Key parameters such as platform, envName, and routingAppUrl enable deployment and testing workflows.
Prerequisites¶
The following configuration must be set up to proceed with testing.
Preparing and configuring authentication for testing¶
-
Provision the following tenants:
- qvstnt7
- qvstnt9
- qvstnt10
-
Update the configuration file by editing
values.yaml
.automation_config_filename: 'automation_config_rancher.json' imdata_config_filename: 'imdata_config_rancher.json'
-
Update the file
automation_config_rancher.json
.{ "qvstnt7": { "offering": 91200, "admin": "<admin-email-address>", "soldToId": "MDSP_qvnt1", "quota": "20501:500,20503:1,20506:500,20507:500,20508:500", "thirdpartyapp": "", "pack": "20200,20420" }, "qvstnt9": { "offering": 91200, "admin": "<admin-email-address>", "soldToId": "MDSP_qvnt2", "quota": "20501:500,20506:500,20507:500,20508:500", "thirdpartyapp": "", "pack": "20200,20420" }, "qvstnt10": { "offering": 91200, "admin": "<admin-email-address>", "soldToId": "MDSP_qvnt3", "quota": "20501:500,20506:500,20507:500,20508:500", "thirdpartyapp": "", "pack": "20200,20420" } }
-
Update the file
imdata_config_rancher.json
to ensure that thesupertenantadmin
user has the "core tenant" and "mdspadmin, OperatorAdmi" roles.{ "admin": { "familyName":"isb", "givenName":"admin", "roles":["TenantAdmin","DeveloperAdmin","routingapp","MdspAdmin","OperatorAdmin"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"<admin-email-address>" }, "endcustomer3": { "familyName":"isb", "givenName":"endcustomer3", "roles":["TenantAdmin","DeveloperAdmin","routingapp","MdspAdmin","OperatorAdmin"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"isb.endcustomer3@<domain-email-address>" }, "endCustomer1": { "familyName":"Isb", "givenName":"endCustomer1", "roles":["StandardUser"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"Isb.endCustomer1@<domain-email-address>" }, "endCustomer": { "familyName":"isb", "givenName":"endCustomer", "roles":["SubTenantUser"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"isb.endCustomer@<domain-email-address>" }, "superUser": { "familyName":"isb", "givenName":"superUser", "roles":["TenantAdmin","OperatorAdmin","MdspAdmin"], "tenants":["core","qvstnt7","qvstnt9","qvstnt10"], "Email":"Isb.superUser@<domain-email-address>" }, "advanceUser": { "familyName":"isb", "givenName":"advanceUser", "roles":["DeveloperAdmin"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"Isb.advanceUser@<domain-email-address>" }, "endcustomer2": { "familyName":"isb", "givenName":"endcustomer2", "roles":["Developer"], "tenants":["qvstnt7","qvstnt9","qvstnt10"], "Email":"isb.endcustomer2@<domain-email-address>" } }
-
Create users in ADFS using the user information provided below:
User ID User name isb.endcustomer2@domain.com Endcustomer2 Isb.advanceUser@domain.com advanceUser Isb.superUser@domain.com superUser Isb.endCustomer1@domain.com endCustomer1 isb.endCustomer@domain.com endCustomer isb.adminstrator@domain.com admin isb.endcustomer3@domain.com endcustomer3 -
Assign trust for the newly created tenant's domains in ADFS.
-
Encrypt the passwords of new users using the "test staff struct," and configure them along with the tenant in the Helm values using
values.yaml
.devtenant1: qvstnt7 devtenant2: qvstnt7 iottenant1: qvstnt7 iottenant2: qvstnt7 iottenant3: qvstnt7 optenant1: qvstnt7 optenant2: qvstnt9 supertenantadmin: mdsp\\superUser supertenantadminpassword: xxxxxx supertenantadminemail: Isb.superUser@domain.com tenantadmin: mdsp\\admin tenantadminpassword: xxxxxx tenantadminemail: isb.adminstrator@domain.com operatoradmin: mdsp\\admin operatoradminpassword: xxxxxx operatoradminremail: isb.adminstrator@domain.com developeradmin: mdsp\\admin developeradminpassword: xxxxxx developeradminremail: isb.adminstrator@domain.com standarduser: mdsp\\endCustomer1 standarduserpassword: xxxxxx standarduseremail: Isb.endCustomer1@domain.com subtenantuser: mdsp\\endCustomer subtenantuserpassword: xxxxxx subtenantuseremail: isb.endCustomer@domain.com developeruser: mdsp\\endcustomer2 developerpassword: xxxxxx developeremail: isb.endcustomer2@domain.com
Testing configuration¶
Note
Run TestAppAssignment
during the first execution of testing.
-
Configure and validate test app assignments.
tag: "rancherpocv145.2" platform: comac envName: prod routingAppUrl: https://backendrouting-app.mdsp.xxx.xx testcase: QAGP-TestAppAssignment routingapptenants: '{"devtenant":"qvstnt7","optenant":"qvstnt9","othertenants":"qvstnt10"}'
You get the successful content
App role assignment completed for tenant: qvstnt7
in the pod logs, which indicates that this case has succeeded. -
Access the tenant URL and validate the status as a
superuser
.Info: The tenant of other tenants may not be set up successfully due to the image issue. If access fails, assign the
devtenant
for this tenant separately.For example: run the following command and rerun the test
QAGP-TestAppAssignment
.routingapptenants: '{\"devtenant\":\"qvstnt10\",\"optenant\":\"\",\"othertenants\":\"\"}',
Testing RoutingApp
creation¶
Note
Ensure that the developer app manager is deployed correctly and set the test to QAGP-RoutingAppCreationPNP
.
-
Set the
routingapptenants
forqvstnt10
.'{\"devtenant\":\"qvstnt10\",\"optenant\":\"\",\"othertenants\":\"\"}'
-
After running the test, use the
superuser
to validate if the bearer token can be retrieved.Use the following URL to check the bearer token for
qvstnt10
:https://qvstnt10-routingapp6-qvstnt10.mdsp.comac.cc/routing/getBearerToken
-
Set
routingapptenants
forqvstnt9
.'{\"devtenant\":\"qvstnt9\",\"optenant\":\"\",\"othertenants\":\"\"}'
-
After running the test, use the
superuser
to validate if the bearer token can be retrieved.Use the following URL to check the bearer token for
qvstnt9
:https://qvstnt9-routingapp6-qvstnt9.mdsp.comac.cc/routing/getBearerToken
-
Set
routingapptenants
forqvstnt7
'{\"devtenant\":\"qvstnt7\",\"optenant\":\"\",\"othertenants\":\"\"}'
-
After running the test, use the superuser to validate if the bearer token can be retrieved.
Use the following URL to check the bearer token for
qvstnt7
:https://qvstnt7-routingapp6-qvstnt7.mdsp.comac.cc/routing/getBearerToken
-
Configure the provider information with the following settings:
test: QAGP-ConfigureProviderInformation routingapptenants: '{\"devtenant\":\"qvstnt7\",\"optenant\":\"qvstnt9\",\"othertenants\":\"qvstnt10\"}'
Redeploy the PNP test after configuring the provider.
-
Set the following test case IDs to be executed:
QAGP-108,QAGP-14218,QAGP-147394,QAGP-152,QAGP-179557,QAGP-180854,QAGP-180912,QAGP-181001,QAGP-185093,QAGP-185094,QAGP-185095,QAGP-185648,QAGP-197398,QAGP-200877,QAGP-204428,QAGP-212339,QAGP-212499,QAGP-223389,QAGP-228408,QAGP-233962,QAGP-236141,QAGP-255345,QAGP-271007,QAGP-2977,QAGP-53872,QAGP-53883,QAGP-5548,QAGP-5561,QAGP-5874,QAGP-60010,QAGP-62,QAGP-63800,QAGP-71647,QAGP-79428,QAGP-799,QAGP-801,QAGP-803,QAGP-893,QAGP-894,QAGP-95418
- Deploy the test setup again after configuring the test cases.
-
Copy the logs from the pod for analysis:
kubectl -n mindsphere-qa cp containername:/usr/share/nginx/html/reports/logs /tmp/logs
Testing rationale and architecture¶
Parameters and Values¶
Name | Meaning | Optional/Required | Available Values (List) |
---|---|---|---|
platform | Required | comac, RANCHERLOCAL | TestAppAssignment, RoutingAppCreationPNP, QAGP-[0-9]+ |
envName | prod, INTEG | ||
test | |||
parallelThreadCount | |||
routingappname | |||
retryFailedTests | |||
isLongRunTest | |||
testPlanID | |||
exportToXray | |||
comment | |||
isDocker | |||
isEncryptedPassword | |||
devtenant1, devtenant2 | |||
iottenant1, iottenant2, iottenant3 | |||
optenant1, optenant2 | |||
supertenantadmin | |||
supertenantadminpassword | |||
supertenantadminemail | |||
tenantadmin | |||
tenantadminpassword | |||
tenantadminemail | |||
operatoradmin | |||
operatoradminpassword | |||
operatoradminremail | |||
developeradmin | |||
developeradminpassword | |||
developeradminremail | |||
standarduser | |||
standarduserpassword | |||
standarduseremail | |||
subtenantuser | |||
subtenantuserpassword | |||
subtenantuseremail | |||
developeruser | |||
developerpassword | |||
developeremail | |||
routingapptenants | TestAppAssignment, RoutingAppCreationPNP | ||
routingAppUrl | TestAppAssignment, RoutingAppCreationPNP | ||
DECRYPT_KEY |
Run the following commands to check if ports are open and if not, forward them to Kubernetes (K8s):
ss -lntup|grep 8090
if [ $? -ne 0 ];then
/usr/bin/kubectl -n mindsphere-qa port-forward --address 0.0.0.0 svc/automationtestsuite-pnp-svc 8090:80 &
fi
ss -lntup|grep 8091
if [ $? -ne 0 ];then
/usr/bin/kubectl -n mindsphere-qa port-forward --address 0.0.0.0 svc/qa-apps-automationtestsuite 8091:8080 &
fi
ss -lntup|grep 8092
if [ $? -ne 0 ];then
/usr/bin/kubectl -n mindsphere-qa port-forward --address 0.0.0.0 svc/qa-apps-nfttestsuite 8092:8080 &
fi