REVIEW-36: SDIACT-187/SDIACT-216 Improve XDCDB security and read/update access with a new RESTfull API - Test Readiness Review

SDIACT-216 delivers a new REST API that provides more secure access to the XSEDE Central Database (XDCDB) . Two software tools that previously accessed the XDCDB through direct database connections have been updated to use the new XDCDB REST API. One of these software tools is xdusage (also delivered in SDIACT-216), which reports allocation information for a given user. The second tool is gateway_submit_attributes (delivered in SDIACT-187) which allows science gateways to report the gateway user submitting a job under a science gateway community user account. Because SDIACT-187 and SDIACT-216 are tightly coupled with one another, we will be testing them together. This review assesses the test readiness of both SDIACT-187 and SDIACT-216.

XCDCDB API/xdusage

• (Jim) SSL Labs shows C rating for the SSL configuration on xsede-xdcdb-api.xsede.org
  • Developer fixed SSL configuration so that it has an A+ rating
• (Galen) Invalid references to xdusage-1.2-0
  • Developer fixed to 2.0-1
• (Venkat) Test plan should include tests for TLS and rejection/redirection of http connections to https
  • Tested by JP
• (Susan) Typo "uses" in deployment plan
  • Fixed in version 1.1 of deployment plan
• (Susan) Outdated links in design document
  • Fixed in version 0.2 design doc
• (Shava) Some out of date references in test plan
  • Fixed by developer

gateway_submit_attributes

• (Galen) Perl dependencies are a mess
  • Developer clarified yum install instructions for Perl
• (Galen) "Generate API key" page is confusing because it looks static
  • Solution proposed – needs to be fixed by end of testing
• (Galen) Clarify that resource_name is the xdcdb resource name is NOT a hostname
  • Instructions have been clarified
• (Galen/Susan) values for gateway_submit_attributes.conf are unclear
  • Developer added more detailed instructions
• (Shava) Duplicate step number in install guide
  • Duplicates fixed.
• (Shava) Why re-use xdusage account for gateway_submit_attributes?
  • Developer changed to gwsubmit account

Software (use the latest revision below)

• gateway_submit_attributes
• xdusage

Documentation

• Design/Security overview
  • Security and General Design Description
• Installation guide
  • Gateway_submit_attributes Installation Guide
  • Xdusage Installation Guide
• Deployment Plan
  • SDIACT-187 Deployment Plan
  • SDIACT-216 Deployment Plan
• User guide
  • gateway_submit_attributes user guide
  • xdusage user guide
• Defect, issue, and risk reporting
  • See SDIACT-216 test plan below
• Acceptance test plan
  • SDIACT-187 Test Plan
  • SDIACT-216 Test Plan
• Testing resources
  • hpcdev-pub04.sdsc.edu - Centos 6 (Galen)
  • initech.psc.edu - Centos 7 (Susan)

Package information: All software packages (e.g., server and client packages) for this CI are listed.

Documentation and Installation instructions: The deployment plan for this CI on XSEDE is clearly described as well as the installation instructions and any XSEDE specific configuration instructions.

Test environment and facilities: The test environment needed to adequately to validate this component is described. Should indicate also whether testing can be performed within a VM and if not, the reasons for it.

Assumptions: Lists any assumptions needed before testing can begin (e.g., accounts needed).

Test procedures, cases, and scenarios: Lists the tests that should be run or an associated test suite and expected performance metrics if applicable.

Defect, issue, and risk reporting: Deployment plans should include defect and issue reporting information. The testing plan could reference that same information from the deployment plan, or provide alternate information if defects and issues need to be reported differently during testing. Risks, as well as defects and issues, should be part of the testing report.