[Openstack-security] Fuzzy test framework in Tempest

Koderer, Marc m.koderer at telekom.de
Fri Feb 14 08:29:50 UTC 2014 

Hi folks,

I wanted to discuss the blueprint in the QA meeting before opening it.

Here it is:

https://blueprints.launchpad.net/tempest/+spec/fuzzy-test

I will collect work items in Etherpad during the day:
https://etherpad.openstack.org/p/bp_fuzzy_test

GSoC sound awesome, pls keep me updated on that.
Don't hesitate to contact me directly on IRC (freenode / mkoderer)

I am already working on the first patch that allows multiple record generators. My plan is to allow make it configurable whether it's simply a random generator or a pattern based generator.

Regards
Marc


Von: Sriram Subramanian [mailto:sriram at sriramhere.com]
Gesendet: Freitag, 14. Februar 2014 08:51
An: Bryan D. Payne
Cc: Koderer, Marc; openstack-security at lists.openstack.org; dkranz at redhat.com
Betreff: Re: [Openstack-security] Fuzzy test framework in Tempest

FYI: I felt fuzzing could be an interesting project for GSoC<https://wiki.openstack.org/wiki/GSoC2014#Mentors>, so proposed it as one of the project ideas. I am not sure how many of those projects would get selected; in case it gets selected, hey, we get an intern!

Marc - would look for your bp!

Thanks!

On Thu, Feb 13, 2014 at 11:43 PM, Sriram Subramanian <sriram at sriramhere.com<mailto:sriram at sriramhere.com>> wrote:
Thanks Bryan!

On Thu, Feb 13, 2014 at 9:35 PM, Bryan D. Payne <bdpayne at acm.org<mailto:bdpayne at acm.org>> wrote:
We left it with Marc needing to take the next step, which will be to put together a blueprint for this.  Once he has that in place, he'll let OSSG know and we can help him drive it forward.

Marc, please let us know if I missed something.

Cheers,
-bryan


On Thu, Feb 13, 2014 at 8:08 PM, Sriram Subramanian <sriram at sriramhere.com<mailto:sriram at sriramhere.com>> wrote:
Bryan/ Marc,

Apologies I missed the OSSG meeting. Looks like this was discussed last week, but I didn't see any action items or updates in the logs. Could one of you update please?

thanks,
-Sriram

On Wed, Feb 5, 2014 at 9:57 AM, Bryan D. Payne <bdpayne at acm.org<mailto:bdpayne at acm.org>> wrote:
Marc,

This is certainly of interest to OSSG.  There were some people talking about doing security testing before the last summit, but I haven't heard much about that recently.  Please do join us for the meeting tomorrow and we can discuss in some more detail.  I'll see if I can encourage the other parties to participate as well.

Cheers,
-bryan



On Wed, Feb 5, 2014 at 6:54 AM, Koderer, Marc <m.koderer at telekom.de<mailto:m.koderer at telekom.de>> wrote:
Hello Security Team,

David and I are currently working on an automated framework for negative
testing in Tempest. This frameworks generates tests out of json schema
definitions (see https://review.openstack.org/#/c/64733/ and
https://blueprints.launchpad.net/tempest/+spec/negative-tests).

During discussion we came to the idea that it would be quite easy to build a
security fuzzy test framework out of existing pieces in Tempest. If we'd run
the negative tests in our stress test framework that launches a certain number
of concurrent worker processes. At the end of a run we could use Tempest again
to validate that all services are up and running.

Is this topic potentially interesting for this group?
I saw on your launchpad task board that your are planning something similar:
 "Develop stress tests that can be integrated with current testing"
Did somebody already spend some effort in that area?

I'd like to join your meeting tomorrow and discuss about it.

Regards
Marc

DEUTSCHE TELEKOM AG
Digital Business Unit, Cloud Services (P&I)
Marc Koderer
Cloud Technology Software Developer
T-Online-Allee 1, 64211 Darmstadt
E-Mail: m.koderer at telekom.de<mailto:m.koderer at telekom.de>
www.telekom.com<http://www.telekom.com>

LIFE IS FOR SHARING.

DEUTSCHE TELEKOM AG
Supervisory Board: Prof. Dr. Ulrich Lehner (Chairman)
Board of Management: René Obermann (Chairman),
Reinhard Clemens, Niek Jan van Damme, Timotheus Höttges,
Dr. Thomas Kremer, Claudia Nemat, Prof. Dr. Marion Schick
Commercial register: Amtsgericht Bonn HRB 6794
Registered office: Bonn

BIG CHANGES START SMALL - CONSERVE RESOURCES BY NOT PRINTING EVERY E-MAIL.
_______________________________________________
Openstack-security mailing list
Openstack-security at lists.openstack.org<mailto:Openstack-security at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security


_______________________________________________
Openstack-security mailing list
Openstack-security at lists.openstack.org<mailto:Openstack-security at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security



--
Thanks,
-Sriram




--
Thanks,
-Sriram



--
Thanks,
-Sriram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140214/fac0185f/attachment.html>

More information about the Openstack-security mailing list