EGI QC 7

This page describes the 7th release of the EGI Quality Criteria (QC), that is used for verification of software products. These QC drive the Software Verification in EGI Software Provision workflow.

Documentation

Release Notes

ID
QC_DOC_1
Critical
True
Description

Products must provide release notes with:

  • new features
  • bug fixes
  • any backward incompatible changes
What to check

Verifier must assure that the document exists and contains the requested information.

What to report

Include a link to the document in the report.


User Documentation

ID
QC_DOC_2
Critical
True (for user-side services and tools)
Description

Products with client tools must provide documentation on its usage

What to check

Verifier must assure that the document exists. For any detected flaws in the document, open a ticket with the issue.

What to report

Include a link to the document in the report.


API Documentation

ID
QC_DOC_3
Critical
False
Description

If the product provides a public API, it must be documented. The documentation should cover all the existing public functionality of the API. If the product implements a well-known or standard API (e.g. SRM), any missing functionality must be documented.

What to check

Verifier must assure that the API is documented.

What to report

Include a link to the document in the report.


Administrator Documentation

ID
QC_DOC_4
Critical
True
Description

Products must provide an administrator guide describing installation, configuration and operation of the system. The document should contain the following information:

  • description of services and daemons running
  • init scripts and expected run levels
  • configuration files
  • list of log files
  • open ports used by the product
  • cron jobs used by the service
What to check

Verifier must assure that the document exists. For any detected flaws in the document, open a ticket with the issue.

What to report

Include a link to the document in the report.


Software License

ID
QC_DOC_5
Critical
True
Description

Products must have a compatible license for using them in the EGI Infrastructure. For Open Source products, compatible licenses are those accepted by the Open Source Initiative and categorized as Popular and widely used or with strong communities:

  • Apache License, 2.0 (Apache-2.0)
  • BSD 3-Clause "New" or "Revised" license (BSD-3-Clause)
  • BSD 3-Clause "Simplified" or "FreeBSD" license (BSD-2-Clause)
  • GNU General Public License (GPL)
  • GNU Library or "Lesser" General Public License (LGPL)
  • MIT license (MIT)
  • Mozilla Public License 1.1 (MPL-1.1)
  • Common Development and Distribution License (CDDL-1.0)
  • Eclipse Public License (EPL-1.0)

Other licenses accepted by the Open Source Initiative and listed as Special Purpose are compatible with the infrastructure (when applicable):

  • Educational Community License
  • IPA Font License (IPA)
  • NASA Open Source Agreement 1.3 (NASA-1.3)
  • Open Font License 1.1 (OFL-1.1)

Any other license, and non Open Source products will be evaluated by the verification team in coordination with the Operations Community.

What to check

License of the product must be one of the listed before.

What to report

Include the license type in the report.

See also

Open Source Initiative Licenses by Category


Installation

Binary Distribution

ID
QC_DIST_1
Critical
True
Description

Products must be available in the native packaging format of the supported platform (RPM or DEB packages).

What to check

Packages must install without issues in a machine configured without any external repositories (valid repositories are the standard OS repo, UMD repo and EPEL repo for RH based distros)

Packages must follow the OS policies (name of packages, use of filesystem hierarchy, init scripts, ...). For any detected issue, open a ticket.

Packages must be signed (or the repository where they are fetched from is signed for Debian-based distros)

What to report
  • OK for products installing without any dependencies problems and using valid signatures.
  • WARNING for products that install correctly but are not compliant with the distro guidelines (e.g. files in /opt)
  • FAIL in any other case.

yum/apt-get log can be included as appendix to the report.

See also

Upgrade

ID
QC_UPGRADE_1
Critical
False
Description

Non-major updates should be installable in a machine configured with the previous version.

What to check

Verifier should update a working product with the verified version. The update should not cause any problems.

What to report
  • Not tested if the installation was not an upgrade.
  • OK for products updated without issues.
  • FAIL in any other case.

yum/apt-get log can be included as appendix to the report.


Security

X.509 Certificate support

ID
QC_SEC_1
Critical
True (for products requiring authentication)
Description

Primary authentication token within the infrastructure is the X.509 certificate and its proxy derivatives.

What to check

Verifier must use X.509 certificates as authentication token. The appliance should also support proxy derivatives (e.g. VOMS proxies).

What to report
  • OK for products able to use X.509 certificates as auth token.
  • FAIL in any other case.

SHA-2 Certificates Support

ID
QC_SEC_2
Critical
True
Description

Certificates and proxies generated with SHA-2 cryptographic hash funtions must be supported by the middleware

What to check

Verification must be performed with SHA-2 certificates for the service and for clients.

Testing

See EGI QC wiki for more information on SHA-2 certificates.

What to report
  • OK for products able to use SHA-2 certificates.
  • FAIL in any other case.
See also

RT #3078


RFC Proxy support

ID
QC_SEC_3
Critical
False
Description

All middelware using proxies must accept RFC proxies as credential tokens for authentication

What to check

Verification must be performed using a RFC proxy. Such proxy can be obtained with the -rfc option of voms-proxy-init.

Testing

See EGI QC wiki for more information on RFC proxies.

What to report
  • OK for products able to use RFC proxies.
  • WARNING in any other case.

ARGUS Integration

ID
QC_SEC_4
Critical
False
Description

All services requiring authorization should be able to use an external ARGUS service that manages the authorization policies and provides mapping of accounts.

What to check

Verifier configures an external ARGUS service for the product being verified. Test a banning policy and a allowed policy to the resource. Check that the policies are enforced.

Testing

See EGI QC wiki for using the ARGUS service of the verification testbed for this test.

What to report
  • OK for products that apply correctly the banning and authorized policies of an external ARGUS service.
  • WARNING for products not supporting ARGUS integration.
See also

ARGUS Authorization Service


World Writable Files

ID
QC_SEC_5
Critical
True
Description

World-writable files and directories are dangerous since they allows anyone to modify them, several vulnerabilities in recent years have been due to world writable files and directories being present when they should not be. No product should include or create world writable files in order to prevent new vulnerabilities being introduced in the future.

What to check

Verifier must assure that the product does not include or creates world-writable files or directories. If any world-writable files are required for the normal operation of the service, these should be documented by the Techonology Provider, a ticket reporting the files must be opened. Logs and config files must not be world-writable.

Testing

See EGI QC wiki for example test.

What to report
  • OK for products without world-writabble files
  • WARNING for products with world-writabble files required for operation and documented.
  • FAIL for products with world-writtable files that are not documented.
See also

Proposed by the EGI SVG RAT to prevent new vulnerabilities in the future.


Passwords in world readable files

ID
QC_SEC_6
Critical
True
Description

If the product uses configuration files with any kind of passwords, those files must not be world readable.

What to check

Verifier must check the default permission of configuration files that contain passwords. None of them must be readable.

What to report
  • OK if all files with passwords are not world readable.
  • FAIL in any other case.
See also

SVG Advisory 1414


Information Model

GlueSchema 1.3 Support

ID
QC_INFO_1
Critical
False
Description

Resource information exchanged in the EGI Infrastructure must conform to GlueSchema v1.3

What to check

Verifier must run glue validator to check GlueSchema 1.3 conformance.

Testing

See EGI QC wiki for information on running the validator and list of allowed issues.

What to report
  • OK for glueschema compliant products.
  • WARNING for products that fail for the allowed failures documented in the wiki.
  • FAIL for any other case.
See also

GlueSchema 2.0 Support

ID
QC_INFO_2
Critical
True
Description

Resource information exchanged in the EGI Infrastructure must conform to GlueSchema v2.0

What to check

Verifier must run glue validator to check GlueSchema 2 conformance.

Testing

See EGI QC wiki for information on running the validator and list of allowed issues.

What to report
  • OK for glueschema compliant products.
  • WARNING for products that fail for the allowed failures documented in the wiki.
  • FAIL for any other case.
See also

Middleware Version Information

ID
QC_INFO_3
Critical
False
Description

Resource information published by Information Discovery Appliances must include the middleware version of the middleware

What to check

Verifier runs a query to check the middleware version.

Testing

See EGI QC wiki for information on example queries.

What to report
  • OK for products that publish their version.
  • WARNING otherwise.
See also

RT #1378


Operations

Service Probes

ID
QC_MON_1
Critical
True
Description

Services must be monitored by the monitoring infrastructure of EGI by using the public inerface of the service. The exact tests to perform for each service are determined by the operations community. The product should work with the existing probes for the service.

TP should provide a (or a set of) monitoring probe that tests that the service provides the expected functionality correctly that runs integrated in the monitoring infrastructure of EGI.

What to check

If the product is already being tested in the verification testbed, check that the tests pass OK. If the tests do not pass clarify the source of the problem (if it's a limitation of the verification testbed, the criterion passes as WARNING).

If it's not being tested, contact the verifiers mailing list to configure the Nagios machine.

If there there are no tests for the product, do also contact the verifiers mailing list to decide on the result of the verification.

What to report
  • OK product is checked in the testbed Nagios and passes all tests.
  • WARNING There are no tests for the product, or some tests do not pass due to limitations of the verification testbed.
  • FAIL product is checked in the testbed and one or more Nagios tests fail due to changes in the product.
See also

Accounting Records

ID
QC_ACC_1
Critical
True
Description

Job Execution Appliances must generate accounting records for the resource consumption of the users. The exact format of the accounting records is defined by the operations community.

These records must be transmitted to the EGI central database periodically.

What to check

Execute some jobs and force the generation and transmission of records. Check that there are as many records as job sumitted and that the transmission was started.

What to report
  • OK Accounting records are created and sent to the EGI central database.
  • FAIL The accounting records are not created.
  • NA For products that do not execute jobs.
See also

Support

Bug Tracking System

ID
QC_SUPPORT_1
Critical
True
Description

Technology Providers must enrol in GGUS as 3rd level support for the products verified by the Quality Assurance team of EGI. Any further integration with TP-specific bug tracking software is entirely up to the Technology Provider.

What to check

Pass if Technology Provider enlisted as 3rd level support in GGUS.

What to report
  • OK for products with support in GGUS.
  • FAIL for any other case.
See also

GGUS


Specific QC

Basic Funcionality Test

ID
QC_FUNC_1
Critical
True
Description

Verification must include basic functionality tests of the product that assures that it performs its intended functionality.

What to check

Verifier must configure the product and start its services in the verification testbed. If the verifier is not able to start the services, the TP should be contacted to clarify any issues, opening GGUS tickets if neccesary.

Once the product is installed and running, the verifier should perform basic tests to assert that its basic functionality is met. The quantity and level of detail of the tests can be adjusted for each release (i.e. major releases should include more testing than minor or revision releases.

Testing

See EGI QC wiki for test examples for each product.

What to report

Include in the report:

  • what functionality was tested.
  • if the tests were succesful or not.

If the product cannot be operated because of some missing functionality or major bugs, set the product as rejected.


New features/bug fixes testing.

ID
QC_FUNC_2
Critical
False
Description

Verification should check (whenever feasible) any new features and bug fixes included in the release.

What to check

Check the release notes of the products and test the relevant features and bug fixes included in the release (if they are feasible to be tested within the verification testbed). Take into account that the product will be also tested in Staged Rollout, if there are changes that should be tested in a production environment notify state it clearly in the report.

What to report

Include in the report:

  • what functionality was tested.
  • if the tests were succesful or not.