Versions Compared

Old Version 48

changes.mady.by.user Colin Peters

Saved on

compared with

New Version Current

changes.mady.by.user Colin Peters

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This document describes the blueprint test environment for the Smart Data Transaction for CPS blueprint. The test results and logs are posted in the Akraino Nexus at the link below:

https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/

Akarino Test Group Information

...

The test script will start the registry, pull upstream images and populate the registry, clean images left over from the pull process, stop the registry, and remove the registry. The robot command should report success for all test cases.

Test Results

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/lfedge-docker/1/

Pass (5/5 test cases)

CI/CD Regression Tests: Node Setup

...

The test scripts will initialize the master and edge nodes and verify the required software is installed. The robot command should report success for all test cases.

Test Results

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/lfedge-install/1/

Pass (2/2 test cases)

CI/CD Regression Tests: Cluster Setup & Teardown

...

The test scripts will start the cluster, add all configured edge nodes, remove the edge nodes, and reset the cluster. The robot command should report success for all test cases.

Test Results

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/lfedge-cluster/7/

Pass (4/4 test cases)

CI/CD Regression Tests: EdgeX Services

...

The test scripts will start the EdgeX micro-services on all edge nodes, confirm that MQTT messages are being delivered from the edge nodes, and stop the EdgeX micro-services. The robot command should report success for all test cases.

Test Results

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/edgex-install/7/

Pass (8/8 test cases)

CI/CD Regression Tests: LoRa Device Service

...

The Robot Framework should report success for all test cases.

Test Results

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/edgex-lora/3/

Pass (2/2 test cases)

Feature Project Tests

...

Vuls results (manual) Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-vuls/2/

Lynis results (manual) Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-lynis/3/

Kube-Hunter results Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-bluval/2/

Vuls

Nexus URL: https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-vuls/2/

There are 17 CVEs with a CVSS score >= 9.0. These are exceptions requested here:

Release 56: Akraino CVE and KHV Vulnerability Exception Request

CVE-IDCVSSNVDFix/Notes
CVE-2016-15859.8https://nvd.nist.gov/vuln/detail/CVE-2016-1585No fix available
CVE-2021-202369.8https://nvd.nist.gov/vuln/detail/CVE-2021-20236No fix available (latest release of ZeroMQ for Ubuntu 20.04 is 4.3.2-2ubuntu1)
CVE-2021-318709.8https://nvd.nist.gov/vuln/detail/CVE-2021-31870No fix available (latest release of klibc for Ubuntu 20.04 is 2.0.7-1ubuntu5)
CVE-2021-318729.8https://nvd.nist.gov/vuln/detail/CVE-2021-31872No fix available (latest release of klibc for Ubuntu 20.04 is 2.0.7-1ubuntu5)
CVE-2021-318739.8https://nvd.nist.gov/vuln/detail/CVE-2021-31873No fix available (latest release of klibc for Ubuntu 20.04 is 2.0.7-1ubuntu5)
CVE-2021-335749.8https://nvd.nist.gov/vuln/detail/CVE-2021-33574Will not be fixed in Ubuntu stable releases
CVE-2021-459519.8https://nvd.nist.gov/vuln/detail/CVE-2021-45951No fix available (vendor disputed)
CVE-2021-459529.8https://nvd.nist.gov/vuln/detail/CVE-2021-45952No fix available (vendor disputed)
CVE-2021-459539.8https://nvd.nist.gov/vuln/detail/CVE-2021-45953No fix available (vendor disputed)
CVE-2021-459549.8https://nvd.nist.gov/vuln/detail/CVE-2021-45954No fix available (vendor disputed)
CVE-2021-459559.8https://nvd.nist.gov/vuln/detail/CVE-2021-45955No fix available (vendor disputed)
CVE-2021-459569.8https://nvd.nist.gov/vuln/detail/CVE-2021-45956No fix available (vendor disputed)
CVE-2021-459579.8https://nvd.nist.gov/vuln/detail/CVE-2021-45957No fix available (vendor disputed)
CVE-2022-232189.8https://nvd.nist.gov/vuln/detail/CVE-2022-23218Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls
CVE-2022-232199.8https://nvd.nist.gov/vuln/detail/CVE-2022-23219Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls
CVE-2016-91809.1https://nvd.nist.gov/vuln/detail/CVE-2016-9180No fix available
CVE-2021-359429.1https://nvd.nist.gov/vuln/detail/CVE-2021-35942Reported fixed in 2.31-0ubuntu9.7 (installed), but still reported by Vuls

...

Nexus URL (run via Bluval, without fixes): https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-bluval/2/

Nexus URL (manual run, with fixes): https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-lynis/2/

The initial results compare with the Lynis Incubation: PASS/FAIL Criteria, v1.0 as follows.

...

The post-fix manual logs can be found at https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt/r6/sdt-lynis/3/.

Kube-Hunter

Nexus URL (initial run without with fixes): https://nexus.akraino.org/content/sites/logs/fujitsu/job/sdt-bluval/1/Nexus URL (with fixes): https://nexus.akraino.org/content/sites/logs/fujitsu/job/r6/sdt-bluval/2/

There are 5 Vulnerabilities.

...