Functional verification for SNMPv3 with MD5/DES

https://vaporio.atlassian.net/browse/VIO-1919
This already worked, here is functional verification.
There will be CI side changes required to merge this.
I still need to find out what those are.

Makefile

@@ -3,7 +3,7 @@
 #
 
 PLUGIN_NAME    := snmp
-PLUGIN_VERSION := 2.2.2
+PLUGIN_VERSION := 2.2.3
 IMAGE_NAME     := vaporio/snmp-plugin
 BIN_NAME       := synse-snmp-plugin
 
@@ -78,24 +78,31 @@ help:  ## Print usage information
 
 .DEFAULT_GOAL := help
 
-# This test recipe probably is probably what ci is hooking into now? It's hard to tell.
-# You can't run tests on a dev box like this anymore without standing up the emulator first.
-.PHONY: test
-test: ## Run all tests
-	go test -cover ./... || exit
-
 .PHONY: integration-test
 unit-test: test
 
+.PHONY: start-snmp-emulators
+start-snmp-emulators: ## Start emulators for functional tests.
+	# Start the SNMP emulator for the pxgmsups (Eaton UPS) in a docker container in the background.
+	# Tests run on the local machine.
+	docker-compose -f ./emulator/ups/pxgms_ups/test_snmp.yml down || true
+	docker-compose -f ./emulator/ups/pxgms_ups/test_snmp.yml build
+	docker-compose -f ./emulator/ups/pxgms_ups/test_snmp.yml up -d
+	# Start the SNMP emulator for the pxgmsups (Eaton UPS) in a docker container in the background.
+	# Tests run on the local machine.
+	docker-compose -f ./emulator/ups/tripplite_ups/test_snmp.yml down || true
+	docker-compose -f ./emulator/ups/tripplite_ups/test_snmp.yml build
+	docker-compose -f ./emulator/ups/tripplite_ups/test_snmp.yml up -d
 
-# FIXME: try to streamline the below
+.PHONY: stop-snmp-emulators
+stop-snmp-emulators: ## Shutdown the emulators.
+	docker-compose -f ./emulator/ups/tripplite_ups/test_snmp.yml down
+	docker-compose -f ./emulator/ups/pxgms_ups/test_snmp.yml down
 
-.PHONY: test-dev-box
-test-dev-box:  ## Run all tests on a dev box.
-	# Start the SNMP emulator in a docker container in the background.
-	# Tests run on the local machine.
-	docker-compose -f ./emulator/test_snmp.yml down || true
-	docker-compose -f ./emulator/test_snmp.yml build
-	docker-compose -f ./emulator/test_snmp.yml up -d
-	go test -cover -v ./... || (echo TESTS FAILED $$?; docker-compose -f ./emulator/test_snmp.yml kill; exit 1)
-	docker-compose -f ./emulator/test_snmp.yml down
+.PHONY: run-tests
+run-tests:
+	# Run the tests. Requires the emulators.
+	go test -cover -v ./... || (echo TESTS FAILED $$?; docker-compose -f ./emulator/ups/pxgms_ups/test_snmp.yml kill; exit 1)
+
+.PHONY: test
+test: start-snmp-emulators run-tests stop-snmp-emulators  ## Start emulators, run all tests, stop emulators.

emulator/README.md

@@ -1 +1,2 @@
-This directory contains what we need to run the SNMP emulator in a container for testing.
+This directory contains what we need to run SNMP emulators in containers
+for testing.

emulator/Dockerfile → emulator/ups/pxgms_ups/Dockerfile

@@ -1,4 +1,4 @@
-# Ths dockerfile starts the SNMP emulator in a container for testing.
+# Ths dockerfile starts the PXGMS UPS (Eaton UPS) SNMP emulator in a container for testing.
 FROM vaporio/vapor-endpoint-base-x64:1.0
 
 RUN pip install -I \
@@ -7,6 +7,7 @@ RUN pip install -I \
     pyasn1
 
 # The emulator will not start as root, so we need to add a user.
+# As root, the Error message is the following:
 # snmp-emulator    | ERROR: cant drop priveleges: Must drop priveleges to a non-priveleged user&group (sic)
 # Create the user and ${HOME}
 RUN groupadd -r docker && useradd -r -g docker snmp
@@ -31,6 +32,7 @@ EXPOSE 1024/udp
 
 # Args are:
 # data directory (typically /home/snmp/data)
-# port (normally using 11011 for single emulator)
+# port (normally using 1024 and up)
 # log file name (trying to keep these names unique)
-CMD ["./start_snmp_emulator.sh","./data","1024","snmp-emulator-ups.log"]
+# SNMP version, typically V3
+CMD ["./start_snmp_emulator.sh","./data","1024","snmp-emulator-ups-pxgms.log", "V3"]

emulator/ups/pxgms_ups/README.md

@@ -0,0 +1,2 @@
+This directory contains the pxgms ups emulator for the Eaton UPS. The data
+file is a snmpwalk from SNMP OID .1.3.6.1

emulator/ups/pxgms_ups/start_snmp_emulator.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# Start the snmp emulator for the Pxgms (Eaton) UPS.
+
+# Args are:
+# data directory
+# port
+# log file name
+# SNMP Version. Only V3 is currently supported, but we can do more in the future.
+
+DATA_DIRECTORY=$1
+NETWORK_PORT=$2
+LOG_DIRECTORY=$3
+SNMP_VERSION=$4
+
+# Enure SNMP_VERSION is set
+if [ -z ${SNMP_VERSION+x} ]; then
+  echo "SNMP_VERSION is unset";
+else echo "SNMP_VERSION is set to '${SNMP_VERSION}'";
+fi
+
+# SNMP V3 only for this UPS.
+if [[ ${SNMP_VERSION} -ne V3 ]] ; then
+  echo "SNMP_VERSION is not V3"
+  exit 1
+fi
+
+# The snmp emulator cannot run as root.
+# Running a python file to load a configuration file will work,
+# but then we don't have access to things like snmpsimd.py when we Popen.
+# It is not a path issue.
+#
+
+python `which snmpsimd.py` \
+    --data-dir=${DATA_DIRECTORY} \
+    --agent-udpv4-endpoint=0.0.0.0:${NETWORK_PORT} \
+    --v3-user=simulator \
+    --v3-auth-key=auctoritas \
+    --v3-auth-proto=SHA \
+    --v3-priv-key=privatus \
+    --v3-priv-proto=AES \
+    2>&1 | tee /logs/${LOG_DIRECTORY}
+

emulator/ups/pxgms_ups/test_snmp.yml

@@ -0,0 +1,10 @@
+# This is the container running the PXGMS (Eaton) UPS SNMP emulator to test against.
+# This emulator runs on port 1024.
+snmp-emulator-pxgms-ups:
+  container_name: snmp-emulator-pxgms-ups
+  build: .
+  dockerfile: Dockerfile
+  # This command will override what is in the dockerfile.
+  command: ./start_snmp_emulator.sh ./data 1024 snmp-emulator-pxgms-ups.log V3
+  ports:
+    - 1024:1024/udp

emulator/ups/tripplite_ups/Dockerfile

@@ -0,0 +1,38 @@
+# Ths dockerfile starts the SNMP emulator for the tripplite ups in a container for testing.
+# This emulator runs on port 1025.
+FROM vaporio/vapor-endpoint-base-x64:1.0
+
+RUN pip install -I \
+    snmpsim \
+    pysnmp \
+    pyasn1
+
+# The emulator will not start as root, so we need to add a user.
+# As root, the Error message is the following:
+# snmp-emulator    | ERROR: cant drop priveleges: Must drop priveleges to a non-priveleged user&group (sic)
+# Create the user and ${HOME}
+RUN groupadd -r docker && useradd -r -g docker snmp
+ADD . /home/snmp
+
+# These SNMP emulator files are specfic to the device being emulated.
+# Data are just places in /home/snmp/data on the emulator to keep it simple.
+ADD data/public.snmpwalk /home/snmp/data/public.snmpwalk
+
+# snmpsmi variation modules (like writecache) are getting installed to a location not in the search path,
+# so copy where it will be found.
+# snmp user owns /home/snmp and /logs.
+RUN mkdir -p /home/snmp/.snmpsim/variation && \
+    cp /usr/local/snmpsim/variation/* /home/snmp/.snmpsim/variation && \
+    chown snmp:docker /home/snmp -R && \
+    chown snmp:docker /logs -R
+USER snmp
+WORKDIR /home/snmp
+
+# Default emulator port is 1024. Expose it.
+EXPOSE 1024/udp
+
+# data directory (typically /home/snmp/data)
+# port (typically 1024 and up)
+# log file name (trying to keep these names unique)
+# SNMP version (V3)
+CMD ["./start_snmp_emulator.sh","./data","1025","snmp-emulator-tripplite-ups.log", "V3"]

emulator/ups/tripplite_ups/README.md

@@ -0,0 +1,2 @@
+This directory contains the pxgms ups emulator for the Tripplite UPS. The
+data file is a snmpwalk from OID .1.3.6.1