Skip to content

Fix hiba_authentication, host_certificate test for Nokia #5267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ram-mac merged 2 commits into from
Mar 26, 2026
Merged

Fix hiba_authentication, host_certificate test for Nokia #5267

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
791b461
Fix hiba_authentication, host_certificate test for Nokia
ram-mac Mar 26, 2026
3b8f068
Fixed static errors
ram-mac Mar 26, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 20 additions & 18 deletions feature/gnsi/credentialz/tests/hiba_authentication/hiba_authentication_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,13 @@ import (
)

const (
username = "testuser"
maxSSHRetryTime = 30 // Unit is seconds.
username = "testuser"
maxSSHRetryTime = 30 // Unit is seconds.
hostCertificateVersion = "v1.0"
)

var (
hostCertificateCreatedOn = time.Now().Unix()
hostCertificateVersion = credz.GenerateVersion()
)

func TestMain(m *testing.M) {
Expand Down Expand Up @@ -134,21 +134,23 @@ func TestCredentialz(t *testing.T) {
}

// Verify host certificate telemetry.
sshServer := gnmi.Get(t, dut, gnmi.OC().System().SshServer().State())
gotHostCertificateVersion := sshServer.GetActiveHostCertificateVersion()
if !cmp.Equal(gotHostCertificateVersion, hostCertificateVersion) {
t.Fatalf(
"Telemetry reports host certificate version is not correct\n\tgot: %s\n\twant: %s",
gotHostCertificateVersion, hostCertificateVersion,
)
}
gotHostCertificateCreatedOn := sshServer.GetActiveHostCertificateCreatedOn()
// if !cmp.Equal(time.Unix(0, int64(gotHostCertificateCreatedOn)), time.Unix(hostCertificateCreatedOn, 0)) {
if !cmp.Equal(time.Unix(int64(gotHostCertificateCreatedOn), 0), time.Unix(hostCertificateCreatedOn, 0)) {
t.Fatalf(
"Telemetry reports host certificate created on is not correct\n\tgot: %d\n\twant: %d",
gotHostCertificateCreatedOn, hostCertificateCreatedOn,
)
if !deviations.SSHServerHostCertificateTelemetryUnsupported(dut) {
sshServer := gnmi.Get(t, dut, gnmi.OC().System().SshServer().State())
gotHostCertificateVersion := sshServer.GetActiveHostCertificateVersion()
if !cmp.Equal(gotHostCertificateVersion, hostCertificateVersion) {
t.Fatalf(
"Telemetry reports host certificate version is not correct\n\tgot: %s\n\twant: %s",
gotHostCertificateVersion, hostCertificateVersion,
)
}
gotHostCertificateCreatedOn := sshServer.GetActiveHostCertificateCreatedOn()
// if !cmp.Equal(time.Unix(0, int64(gotHostCertificateCreatedOn)), time.Unix(hostCertificateCreatedOn, 0)) {
if !cmp.Equal(time.Unix(int64(gotHostCertificateCreatedOn), 0), time.Unix(hostCertificateCreatedOn, 0)) {
t.Fatalf(
"Telemetry reports host certificate created on is not correct\n\tgot: %d\n\twant: %d",
gotHostCertificateCreatedOn, hostCertificateCreatedOn,
)
}
}
})

Expand Down
1 change: 1 addition & 0 deletions feature/gnsi/credentialz/tests/hiba_authentication/metadata.textproto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ platform_exceptions: {
}
deviations: {
ssh_server_counters_unsupported: true
ssh_server_host_certificate_telemetry_unsupported: true
}
}

Expand Down
34 changes: 18 additions & 16 deletions feature/gnsi/credentialz/tests/host_certificates/host_certificates_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,12 @@ import (
"time"

"github.com/google/go-cmp/cmp"
"github.com/openconfig/ondatra/gnmi"

"github.com/openconfig/featureprofiles/internal/args"
"github.com/openconfig/featureprofiles/internal/deviations"
"github.com/openconfig/featureprofiles/internal/fptest"
"github.com/openconfig/featureprofiles/internal/security/credz"
"github.com/openconfig/ondatra"
"github.com/openconfig/ondatra/gnmi"
"golang.org/x/crypto/ssh"
)

Expand Down Expand Up @@ -92,20 +92,22 @@ func TestCredentialz(t *testing.T) {
}

// Verify host certificate telemetry values.
sshServer := gnmi.Get(t, dut, gnmi.OC().System().SshServer().State())
gotHostCertificateVersion := sshServer.GetActiveHostCertificateVersion()
if !cmp.Equal(gotHostCertificateVersion, hostCertificateVersion) {
t.Errorf(
"Telemetry reports host certificate version is not correct\n\tgot: %s\n\twant: %s",
gotHostCertificateVersion, hostCertificateVersion,
)
}
gotHostCertificateCreatedOn := sshServer.GetActiveHostCertificateCreatedOn()
if got, want := gotHostCertificateCreatedOn, hostCertificateCreatedOn; got != want {
t.Errorf(
"Telemetry reports host certificate created on is not correct\n\twant: %d\n\tgot: %d",
want, got,
)
if !deviations.SSHServerHostCertificateTelemetryUnsupported(dut) {
sshServer := gnmi.Get(t, dut, gnmi.OC().System().SshServer().State())
gotHostCertificateVersion := sshServer.GetActiveHostCertificateVersion()
if !cmp.Equal(gotHostCertificateVersion, hostCertificateVersion) {
t.Errorf(
"Telemetry reports host certificate version is not correct\n\tgot: %s\n\twant: %s",
gotHostCertificateVersion, hostCertificateVersion,
)
}
gotHostCertificateCreatedOn := sshServer.GetActiveHostCertificateCreatedOn()
if got, want := gotHostCertificateCreatedOn, hostCertificateCreatedOn; got != want {
t.Errorf(
"Telemetry reports host certificate created on is not correct\n\twant: %d\n\tgot: %d",
want, got,
)
}
}
})
}
8 changes: 8 additions & 0 deletions feature/gnsi/credentialz/tests/host_certificates/metadata.textproto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,11 @@ uuid: "91120b0a-91ea-493c-8046-f52176ec2029"
plan_id: "Credentialz-3"
description: "Host Certificates"
testbed: TESTBED_DUT
platform_exceptions: {
platform: {
vendor: NOKIA
}
deviations: {
ssh_server_host_certificate_telemetry_unsupported: true
}
}
7 changes: 7 additions & 0 deletions internal/deviations/deviations.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2011,3 +2011,10 @@ func ArpFT(dut *ondatra.DUTDevice) string {
func PrefixLimitConfigUnsupported(dut *ondatra.DUTDevice) bool {
return lookupDUTDeviations(dut).GetPrefixLimitConfigUnsupported()
}

// SSHServerHostCertificateTelemetryUnsupported returns true if /system/ssh-server/state/active-host-certificate-version
// is not supported.
// Nokia: https://partnerissuetracker.corp.google.com/issues/494777653
func SSHServerHostCertificateTelemetryUnsupported(dut *ondatra.DUTDevice) bool {
return lookupDUTDeviations(dut).GetSshServerHostCertificateTelemetryUnsupported()
}
6 changes: 6 additions & 0 deletions proto/metadata.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1207,7 +1207,13 @@ message Metadata {
// Device does not support configuring prefix limit received paths through OC
// Cisco: https://partnerissuetracker.corp.google.com/issues/447509237
bool prefix_limit_config_unsupported = 393;

// SSHServerHostCertificateTelemetryUnsupported returns true if /system/ssh-server/state/active-host-certificate-version
// is not supported.
// Nokia: https://partnerissuetracker.corp.google.com/issues/494777653
bool ssh_server_host_certificate_telemetry_unsupported = 394;


// Reserved field numbers and identifiers.
reserved 84, 9, 28, 20, 38, 43, 90, 97, 55, 89, 19, 36, 35, 40, 113, 131, 141, 173, 234, 254, 231, 300, 241;
}
Expand Down
Loading
Loading