Update 5G auth test to use templated configuration to setup ueransim …

…cncf/cnf-testsuite#1803
cnti-testcatalog · Aug 16, 2023 · 0fc65cb · 0fc65cb
1 parent d9e5a12
commit 0fc65cb
Show file tree

Hide file tree

Showing 10 changed files with 300 additions and 92 deletions.
diff --git a/embedded_files/ue.yaml b/embedded_files/ue.yaml
@@ -0,0 +1,84 @@
+# IMSI number of the UE. IMSI = [MCC|MNC|MSISDN] (In total 15 or 16 digits)
+
+supi: 'imsi-{{ .Values.mcc }}{{ .Values.mnc }}{{ .Values.ues.initialMSISDN }}'
+mcc: '{{ .Values.mcc }}'
+mnc: '{{ .Values.mnc }}'
+
+# SUCI Protection Config
+{{ if .Values.protectionScheme }}
+protectionScheme: '{{ .Values.protectionScheme }}'
+{{ end }}
+{{ if .Values.publicKey }}
+homeNetworkPublicKey: '{{ .Values.publicKey  }}'
+{{ end }}
+{{ if .Values.publicKeyId }}
+homeNetworkPublicKeyId: '{{ .Values.publicKeyId }}'
+{{ end }}
+{{ if .Values.routingIndicator }}
+routingIndicator: '{{ .Values.routingIndicator }}'
+{{ end }}
+
+
+# Permanent subscription key
+key: '{{ .Values.ues.key }}'
+# Operator code (OP or OPC) of the UE
+op: '{{ .Values.ues.op }}'
+# This value specifies the OP type and it can be either 'OP' or 'OPC'
+opType: '{{ .Values.ues.opType }}'
+# Authentication Management Field (AMF) value
+amf: '8000'
+# IMEI number of the device. It is used if no SUPI is provided
+imei: '356938035643803'
+# IMEISV number of the device. It is used if no SUPI and IMEI is provided
+imeiSv: '4370816125816151'
+
+# List of gNB IP addresses for Radio Link Simulation
+gnbSearchList:
+  - ${GNB_IP}
+
+  # UAC Access Identities Configuration
+uacAic:
+  mps: false
+  mcs: false
+
+# UAC Access Control Class
+uacAcc:
+  normalClass: 0
+  class11: false
+  class12: false
+  class13: false
+  class14: false
+  class15: false
+
+# Initial PDU sessions to be established
+sessions:
+  {{- range .Values.ues.apnList }}
+  - {{- toYaml . | nindent 4 }}
+  {{- end }}
+
+# Configured NSSAI for this UE by HPLMN
+configured-nssai:
+  - sst: {{ .Values.sst }}
+    sd: {{ .Values.sd }}
+
+# Default Configured NSSAI for this UE
+default-nssai:
+  - sst: {{ .Values.sst }}
+    sd: {{ .Values.sd }}
+
+# Supported encryption algorithms by this UE
+integrity:
+  IA1: true
+  IA2: true
+  IA3: true
+
+# Supported integrity algorithms by this UE
+ciphering:
+  EA1: true
+  EA2: true
+  EA3: true
+
+# Integrity protection maximum data rate for user plane
+integrityMaxRate:
+  uplink: 'full'
+  downlink: 'full'
diff --git a/embedded_files/ues-values.yml b/embedded_files/ues-values.yml
diff --git a/sample-cnfs/sample_open5gs/cnf-testsuite.yml b/sample-cnfs/sample_open5gs/cnf-testsuite.yml
@@ -2,3 +2,5 @@
 helm_directory: open5gs
 release_name: open5gs
 allowlist_helm_chart_container_names: []
+#optional 5gcore tag
+core: app.kubernetes.io/name=amf  
diff --git a/src/tasks/constants.cr b/src/tasks/constants.cr
@@ -38,7 +38,7 @@ EmbeddedFileManager.constraint_template
 EmbeddedFileManager.disable_cni
 EmbeddedFileManager.fluentd_values
 EmbeddedFileManager.fluentbit_values
-EmbeddedFileManager.ues_values
+EmbeddedFileManager.ueransim_helmconfig
 
 EXCLUDE_NAMESPACES = [
   "kube-system",

diff --git a/src/tasks/utils/config.cr b/src/tasks/utils/config.cr
@@ -13,6 +13,7 @@ module CNFManager
       @cnf_config = cnf_config
       @airgapped = airgapped
     end
+    #when addeding to this you must add to task.cr's CNFManager::Config.new(
     property cnf_config : NamedTuple(destination_cnf_dir: String,
                                      source_cnf_file: String,
                                      source_cnf_dir: String,
@@ -33,6 +34,8 @@ module CNFManager
                                      container_names: Array(Hash(String, String )) | Nil,
                                      white_list_container_names: Array(String),
                                      docker_insecure_registries: Array(String) | Nil,
+                                     #todo change this to an array of labels that capture all of 5g core nodes
+                                     core: String,
                                      image_registry_fqdns: Hash(String, String ) | Nil)
 
     def self.parse_config_yml(config_yml_path : String, airgapped=false, generate_tar_mode=false) : CNFManager::Config
@@ -70,6 +73,7 @@ module CNFManager
       helm_directory = optional_key_as_string(config, "helm_directory")
       source_helm_directory = optional_key_as_string(config, "helm_directory")
       helm_install_namespace = optional_key_as_string(config, "helm_install_namespace")
+      core  = optional_key_as_string(config, "core")
       if helm_directory.empty?
         working_chart_directory = "exported_chart"
         Log.info { "USING EXPORTED CHART PATH" } 
@@ -147,6 +151,7 @@ module CNFManager
                                container_names: container_names,
                                white_list_container_names: white_list_container_names,
                                docker_insecure_registries: docker_insecure_registries,
+                               core: core,
                                image_registry_fqdns: image_registry_fqdns,})
 
     end

diff --git a/src/tasks/utils/embedded_file_manager.cr b/src/tasks/utils/embedded_file_manager.cr
@@ -40,8 +40,8 @@ module EmbeddedFileManager
   macro fluentbit_values
     FLUENTBIT_VALUES = Base64.decode_string("{{ `cat ./embedded_files/fluentbit-config.yml | base64`}}")
   end
-  macro ues_values
-    UES_VALUES = Base64.decode_string("{{ `cat ./embedded_files/ues-values.yml | base64`}}")
+  macro ueransim_helmconfig
+    UERANSIM_HELMCONFIG = Base64.decode_string("{{ `cat ./embedded_files/ue.yaml | base64`}}")
   end
   def self.points_yml_write_file
     File.write("points.yml", POINTSFILE)

diff --git a/src/tasks/utils/task.cr b/src/tasks/utils/task.cr
@@ -82,6 +82,7 @@ module CNFManager
                                             container_names: [{"name" =>  "", "rolling_update_test_tag" => ""}],
                                             white_list_container_names: [""],
                                             docker_insecure_registries: [] of String,
+                                            core: "",
                                             image_registry_fqdns: Hash(String, String).new} )
         end
         ret = yield args, config

diff --git a/src/tasks/utils/ueransim.cr b/src/tasks/utils/ueransim.cr
@@ -17,6 +17,34 @@ module UERANSIM
     KubectlClient::Get.resource_wait_for_install("Pod", "ueransim")
   end
 
+  class Template 
+    # The argument for insecure_registries is a string
+    # because the template only writes the content
+    # and expects a list of comma separated strings.
+    def initialize(@amf_pod_name : String,
+                   @mmc : String,
+                   @mnc : String,
+                   @sst : String,
+                   @sd : String,
+                   @tac : String,
+                   @protectionScheme : String,
+                   @publicKey : String,
+                   @publicKeyId : String,
+                   @routingIndicator : String,
+                   @enabled : String,
+                   @count : String,
+                   @initialMSISDN : String,
+                   @key : String,
+                   @op : String,
+                   @opType : String,
+                   @type : String,
+                   @apn : String,
+                   @emergency : String
+                  )
+    end
+    ECR.def_to_s("src/templates/ues-values-template.yml.ecr")
+  end
+
 
 end