Installation guide
Security
Due to some security issues, it is strongly advised to use Squash TM 2.2.0 (or higher 2.X.Y) or any version greater or equal to 3.0.0.
This page describes how to install one by one all the components of Squash DEVOPS.
Legend
†indicates a component which is common to Squash AUTOM and Squash DEVOPS.
️‡ indicates a Premium component. An overview of the Premium features is available here. To benefit of these or to ask for more information, check our website or contact us.
Diagrams
Overview of Squash AUTOM and Squash DEVOPS components
Interconnections
Squash Orchestratorâ€
Installation
The installation of the orchestrator consists in deploying a Docker image. It contains all core services (part of the OpenTestFactory Orchestrator) and some Squash specific services.
To get the latest image of Squash Orchestrator, use the following command:
docker pull squashtest/squash-orchestrator:4.3.0
Recommendations for sizing the Docker container are:
- CPU: 2
- RAM: 2 GB
- disk: provide the capacity for storing the execution reports and their attachments for one hour of usage
Trouble shooting - Accessibility of the Squash TM instance
Check that the Squash TM instance is accessible from Squash Orchestrator. To do this, go onto the Docker host and run the command (replacing https://squashtm.example.com/squash with the URL of your instance):
curl https://squashtm.example.com/squash/isSquashAlive
Squash is Alive!
Usage
Configuring the image
The execution of the following command will start the Squash Orchestrator using an existing execution environment, with self-generated trusted keys (which is not recommended in a production setup):
docker run -d \
--name orchestrator \
-p 7774:7774 \
-p 7775:7775 \
-p 7776:7776 \
-p 38368:38368 \
-p 24368:24368 \
-p 12312:12312 \
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname \
-e SSH_CHANNEL_USER=user \
-e SSH_CHANNEL_PASSWORD=secret \
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework \
squashtest/squash-orchestrator:4.3.0
docker run -d ^
--name orchestrator ^
-p 7774:7774 ^
-p 7775:7775 ^
-p 7776:7776 ^
-p 38368:38368 ^
-p 24368:24368 ^
-p 12312:12312 ^
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname ^
-e SSH_CHANNEL_USER=user ^
-e SSH_CHANNEL_PASSWORD=secret ^
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework ^
squashtest/squash-orchestrator:4.3.0
docker run -d `
--name orchestrator `
-p 7774:7774 `
-p 7775:7775 `
-p 7776:7776 `
-p 38368:38368 `
-p 24368:24368 `
-p 12312:12312 `
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname `
-e SSH_CHANNEL_USER=user `
-e SSH_CHANNEL_PASSWORD=secret `
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework `
squashtest/squash-orchestrator:4.3.0
It exposes the following services on the corresponding ports:
- receptionist (port 7774)
- observer (port 7775)
- killswitch (port 7776)
- eventbus (port 38368)
- agentchannel (port 24368)
- quality gate (port 12312)
If you do not plan to declare agents, port 24368 may not be exposed. Similarly, if you don't plan to use the quality gate, port 12312 may not be exposed.
Configuration with pre-generated keys
Outside of experimentation, it is recommended to start Squash Orchestrator by specifying one or more public keys that will be used to validate tokens authenticating incoming requests.
The following commands generate a pair of trusted_key.pem / trusted_key.pub keys (you can generate several if you wish):
openssl genrsa -out trusted_key.pem 4096
openssl rsa -pubout -in trusted_key.pem -out trusted_key.pub
If your public keys (*.pub) are in a public_keys directory, here is an example making them accessible to the orchestrator (all files in this directory will be accessible to the orchestrator, do not put your private keys there):
docker run ... \
-v /path/to/public_keys:/etc/squashtf \
...
docker run ... ^
-v d:\path\to\public_keys:/etc/squashtf ^
...
docker run ... `
-v d:\path\to\public_keys:/etc/squashtf `
...
If you plan to use only one public key, you can make it accessible directly:
docker run ... \
-v /path/to/public_keys/trusted_key.pub:/etc/squashtf/trusted_key.pub \
...
docker run ... ^
-v d:\path\to\public_keys/trusted_key.pub:/etc/squashtf/trusted_key.pub ^
...
docker run ... `
-v d:\path\to\public_keys/trusted_key.pub:/etc/squashtf/trusted_key.pub `
...
Tokens verified by these keys will have full access to the default namespace. This behavior can be changed by modifying the image configuration.
For more details about Squash Orchestrator configuration, please check the OpenTestFactory Orchestrator documentation on which Squash Orchestrator is based (the deployment of the two orchestrators is similar). That documentation also details the specific cases of deploying with docker-compose or with Kubernetes.
Using self-signed certificates
A FAQ details how to use Squash Orchestrator with self-signed certificates.
Run the image in Premium mode‡
In the case where
- you have a Squash DEVOPS Premium license and
- hence, you deploy the Premium version of the Test Plan Retriever Squash TM plugin,
then, you must run Squash Orchestrator in Premium mode.
In order to do that, you have to add the following parameter in the Squash Orchestrator's run command: -e SQUASH_LICENCE_TYPE=premium.
docker run -d \
--name orchestrator \
-p 7774:7774 \
-p 7775:7775 \
-p 7776:7776 \
-p 38368:38368 \
-p 24368:24368 \
-p 12312:12312 \
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname \
-e SSH_CHANNEL_USER=user \
-e SSH_CHANNEL_PASSWORD=secret \
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework \
-e SQUASH_LICENCE_TYPE=premium \
squashtest/squash-orchestrator:4.3.0
docker run -d ^
--name orchestrator ^
-p 7774:7774 ^
-p 7775:7775 ^
-p 7776:7776 ^
-p 38368:38368 ^
-p 24368:24368 ^
-p 12312:12312 ^
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname ^
-e SSH_CHANNEL_USER=user ^
-e SSH_CHANNEL_PASSWORD=secret ^
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework ^
-e SQUASH_LICENCE_TYPE=premium ^
squashtest/squash-orchestrator:4.3.0
docker run -d `
--name orchestrator `
-p 7774:7774 `
-p 7775:7775 `
-p 7776:7776 `
-p 38368:38368 `
-p 24368:24368 `
-p 12312:12312 `
-e SSH_CHANNEL_HOST=the_environment_ip_or_hostname `
-e SSH_CHANNEL_USER=user `
-e SSH_CHANNEL_PASSWORD=secret `
-e SSH_CHANNEL_TAGS=ssh,linux,robotframework `
-e SQUASH_LICENCE_TYPE=premium `
squashtest/squash-orchestrator:4.3.0
Otherwise, if you deploy the Community version of the Test Plan Retriever, you must not run Squash Orchestrator in Premium mode.
Orchestrator toolsâ€
Installation
The orchestrator tools aim at simplifying the use of that one. They can be installed on any machine from where we want to administrate the orchestrator.
They require Python 3.8 or later. They are usable on Linux, maxOS, or Windows.
These tools can be installed from PyPI by using the following command:
pip install --upgrade opentf-tools
Overview of the tool capabilities
-
opentf-readywaits until the orchestrator is ready to accept workflows. -
opentf-donewaits until the orchestrator can be safely stopped (i.e. it has no more pending tasks). -
opentf-ctlcan be used to- start / track / stop a workflow
- generate a signed token
- list the agents
- generate / modify a configuration file
- …
Generating a signed token
Requests to Squash Orchestrator must be associated with signed tokens.
Given a trusted_key.pem private key in the current directory, the following command generates a signed token that will be recognized by the orchestrator if it knows the corresponding public key:
opentf-ctl generate token using trusted_key.pem
Please specify an algorithm (RS512 if unspecified):
The specified algorithm is: RS512
Please enter the issuer (your company or department): acme
Please enter the subject (you or the person you are making this token for): charlie
The signed token is:
ey...
Details
A complete description of the tools is available in the OpenTestFactory documentation.
OpenTestFactory Agentâ€
Installation
The OpenTestFactory agent is a Python application that is installed in the execution environment. It requires Python 3.7 or higher. It works on Linux, macOS, and Windows.
The agent is a simple script. It only has one external dependency, the well known requests Python library (it will be installed if not already present on the execution environment).
To install the agent from PyPI, use the following command:
pip install --upgrade opentf-agent
You can test your installation by running the following command:
opentf-agent --help
Usage
Summary
$ opentf-agent --help
usage: opentf-agent [-h] --tags TAGS --host HOST [--port PORT] [--path_prefix PATH_PREFIX] [--token TOKEN] [--encoding ENCODING] [--script_path SCRIPT_PATH] [--workspace_dir WORKSPACE_DIR] [--name NAME] [--polling_delay POLLING_DELAY] [--liveness_probe LIVENESS_PROBE] [--retry RETRY] [--debug]
OpenTestFactory Agent
optional arguments:
-h, --help show this help message and exit
--tags TAGS a comma-separated list of tags (e.g. windows,robotframework)
--host HOST target host with protocol (e.g. https://example.local)
--port PORT target port (default to 24368)
--path_prefix PATH_PREFIX
target context path (default to no context path)
--token TOKEN token
--encoding ENCODING encoding on the console side (defaults to utf-8)
--script_path SCRIPT_PATH
where to put temporary files (defaults to current directory)
--workspace_dir WORKSPACE_DIR
where to put workspaces (defaults to current directory)
--name NAME agent name (defaults to "test agent")
--polling_delay POLLING_DELAY
polling delay in seconds (default to 5)
--liveness_probe LIVENESS_PROBE
liveness probe in seconds (default to 300 seconds)
--retry RETRY how many time to try joining host (default to 5,
0 = try forever)
--debug whether to log debug informations.
Example
Assuming there is a Squash Orchestrator running on orchestrator.example.com, with a known token stored in the TOKEN environment variable, the following command will register the Windows-based execution environment and will possibly receive commands from Squash Orchestrator targeting windows and/or robotframework tagged environments:
chcp 65001
opentf-agent --tags windows,robotframework --host http://orchestrator.example.com/ --token %TOKEN%
The agent will poll the Orchestrator every 5 seconds, and will execute the received commands.
The chcp command sets the console to Unicode. It is Windows-specific. It is not mandatory but may be needed depending on the test framework available in the execution environment.
Details
A complete description of the agent is available in the OpenTestFactory documentation.
Execution environmentsâ€
Some test technologies require that some particular components are installed in the execution environment, these ones are indicated in the pages describing the specificities of each technology.
Squash TM plugins
Installation
For details on the installation, please refer to the installation protocol of a Squash TM plugin.
| Plugin | Squash TM version | Compatible plugin version | Download latest Community version | Download latest Premium version‡ |
|---|---|---|---|---|
| Result Publisher†| Warning Result Publisher Premium is part of Squash AUTOM Premium‡ offer. |
|||
| 2.2.0, or later 2.X.Y | 2.2.X | 2.2.0: .tar.gz or .zip | 2.2.0: .tar.gz or .zip | |
| 3.0.0, or later 3.X.Y | 3.0.X | 3.0.0: .tar.gz or .zip | 3.0.0: .tar.gz or .zip | |
| 4.0.0, or later 4.0.X | 4.0.X | 4.0.0: .tar.gz or .zip | 4.0.0: .tar.gz or .zip | |
| 4.1.0, or later 4.X.Y | 4.1.X | 4.1.0: .tar.gz or .zip | 4.1.0: .tar.gz or .zip | |
| 5.0.0, or later 5.X.Y | 5.0.X | 5.0.0: .tar.gz or .zip | 5.0.0: .tar.gz or .zip | |
| Test Plan Retriever | Warning Test Plan Retriever Premium requires to start Squash Orchestrator in Premium mode, see here. |
|||
| 2.2.0, or later 2.X.Y | 2.0.X | 2.0.0: .tar.gz or .zip | 2.0.0: .tar.gz or .zip | |
| 3.0.0, or later 3.X.Y | 3.0.X | 3.0.0: .tar.gz or .zip | 3.0.0: .tar.gz or .zip | |
| 4.0.0, or later 3.X.Y | 4.0.X | 4.0.0: .tar.gz or .zip | 4.0.0: .tar.gz or .zip | |
| 5.0.0, or later 5.X.Y | 5.0.X | 5.0.0: .tar.gz or .zip | 5.0.0 : .tar.gz or .zip |
Squash TM configuration
Warning
Squash DEVOPS requires that the public URL of Squash TM is defined (see Squash TM documentation).
Plugin for Jenkins
Installation
The plugin is freely downloadable, as a .hpi file (opentestfactory-orchestrator-2.1.0.hpi).
To install it, you have to submit the plugin in the Upload Plugin area accessible by the Advanced tab of the Plugin Manager in Jenkins configuration:
Compatibility of the plugin
This plugin is compatible with version 2.357 or higher of Jenkins.
Java version
Versions 2.0.0 and later of the Plugin for Jenkins requires Java 11 which is also necessary for Jenkins 2.357 or later (see Jenkins announcement). This means that
- if you use Jenkins version 2.357 or later, you must use the Plugin for Jenkins 2.0.0 or later;
- otherwise, you must use a version 1.x.y of the Plugin for Jenkins (which is compatible with versions 2.164.1 up to 2.356 of Jenkins); the last such version, opentestfactory-orchestrator-1.4.0.hpi, is downloadable here.