diff options
| author |   Petr OspalĂ˝ <p.ospaly@partner.samsung.com> | 2019-09-20 05:51:37 +0200 |
|---|---|---|
| committer |   Ofir Sonsino <ofir.sonsino@intl.att.com> | 2019-10-03 15:07:32 +0000 |
| commit | 968cd1f0e8a4b5487933d1e7c2d0049720464d8c (patch) | |
| tree | bcafe71526c49168d1402eddbb489a31830e5dab | |
| parent | 5fb549c2847fe5dfdb06019e136913cd0aeea0e9 (diff) | |
Add support for HTTPS in sanity tests
If 'disableHttp' is enabled then HTTP ports are replaced with HTTPS ports.
Also added the latest trustore with AAF issuer. And because certs for SDC
components have CN set to "sdc" - environment json must have the domain
names correctly too...it will not work with plain IPs.
The changes have been tested from CSIT perspective so if something is
missing here or wrong then it is due to the fact that I was focusing on
bringing https support to the same level as are http tests and there is
also the fact that I do not know SDC component at all.
The changes are also done in a manner of previous ones - hacked on top of
the current codebase, which is in dire need of a rewrite:
- duplicated trustores and other artifacts
- duplicated scripts and/or similar script with small differences
- ui tests use old ubuntu image vs api tests on alpine
- chef codebase is very messy and I see no benefit in the current usage
Issue-ID: SDC-2564
Signed-off-by: Petr OspalĂ˝ <p.ospaly@partner.samsung.com>
Change-Id: I32e0fb7723ab8489eb09372d410c6f34aaf7cfc8
15 files changed, 130 insertions, 22 deletions
diff --git a/sdc-os-chef/environments/Template.json b/sdc-os-chef/environments/Template.json index e049258cad..f9e5b6dfd4 100644 --- a/sdc-os-chef/environments/Template.json +++ b/sdc-os-chef/environments/Template.json @@ -52,15 +52,18 @@ "override_attributes": { "FE": { "http_port": "8181", - "https_port": "9443" + "https_port": "9443", + "domain_name": "sdc" }, "BE": { "http_port": "8080", - "https_port": "8443" + "https_port": "8443", + "domain_name": "sdc" }, "ONBOARDING_BE": { "http_port": "8081", "https_port": "8445", + "domain_name": "sdc", "catalog_notification_url": "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/" }, "elasticsearch": { diff --git a/test-apis-ci/sdc-api-tests/Dockerfile b/test-apis-ci/sdc-api-tests/Dockerfile index 396e6ebcd4..edf939f43e 100644 --- a/test-apis-ci/sdc-api-tests/Dockerfile +++ b/test-apis-ci/sdc-api-tests/Dockerfile @@ -1,5 +1,15 @@ FROM onap/base_sdc-sanity:1.4.1 +# install packages +RUN \ + apk update \ + && \ + apk add --no-cache \ + jq \ + openssl \ + && \ + rm -rf /var/cache/apk/* + COPY chef-solo /root/chef-solo/ COPY chef-repo/cookbooks/. /root/chef-solo/cookbooks/ diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks Binary files differnew file mode 100644 index 0000000000..d07ce1a66b --- /dev/null +++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh index 23a1d3fa95..562bfe4ffc 100644 --- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh +++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh @@ -4,6 +4,10 @@ RERUN=false debug_port=8000 TEST_SUITES=testSuites fileName=testng-failed.xml +JAVA_OPTIONS="${JAVA_OPTIONS} \ + -Djavax.net.ssl.trustStore=/var/lib/tests/etc/org.onap.sdc.trust.jks \ + -Dtestng.show.stack.frames=true \ + " function help_usage () { diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb index 112cc4c2e7..61d0133888 100644 --- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb +++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb @@ -46,4 +46,19 @@ tests_base="/var/lib/tests" group 'root' mode '0755' action :create - end
\ No newline at end of file + end + + directory "create_etc_dir" do + path "/var/lib/tests/etc" + owner 'root' + group 'root' + mode '0755' + action :create + end + +cookbook_file "/var/lib/tests/etc/org.onap.sdc.trust.jks" do + source "org.onap.sdc.trust.jks" + owner "root" + group "root" + mode 0644 +end
\ No newline at end of file diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb index 782bba249d..e90fa87e02 100644 --- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb +++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb @@ -8,9 +8,9 @@ template "sdc-yaml-config" do mode "0755" variables ({ :target_path => "#{tests_base}/target", - :catalogBE_ip => node['Nodes']['BE'], + :catalogBE_host => node['Nodes']['BE'], :catalogBE_port => node['BE'][:http_port], - :webportal_ip => node['Nodes']['FE'], + :webportal_host => node['Nodes']['FE'], :webportal_port => node['FE'][:http_port], :janusgraph_file => "#{tests_base}/conf/janusgraph.properties", :tests_base_ci => "#{tests_base}/CI/tests", diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb index ce20180d63..4185e3fee9 100644 --- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb +++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb @@ -2,17 +2,22 @@ outputFolder: <%= @target_path %> reportName: index.html esHost: eshost disributionClientHost: disClient -catalogFeHost: <%= @webportal_ip %> -catalogFePort: <%= @webportal_port %> -catalogBeHost: <%= @catalogBE_ip %> -catalogBePort: <%= @catalogBE_port %> -onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %> <% if node[:disableHttp] -%> sdcHttpMethod: https onboardingBePort: <%= node['ONBOARDING_BE'][:https_port] %> +onboardingBeHost: <%= node['ONBOARDING_BE'][:domain_name] %> +catalogBeHost: <%= node['BE'][:domain_name] %> +catalogBePort: <%= node['BE'][:https_port] %> +catalogFeHost: <%= node['FE'][:domain_name] %> +catalogFePort: <%= node['FE'][:https_port] %> <% else %> sdcHttpMethod: http onboardingBePort: <%= node['ONBOARDING_BE'][:http_port] %> +onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %> +catalogFeHost: <%= @webportal_host %> +catalogFePort: <%= @webportal_port %> +catalogBeHost: <%= @catalogBE_host %> +catalogBePort: <%= @catalogBE_port %> <% end -%> disributionClientPort: 8181 esPort: 9200 diff --git a/test-apis-ci/sdc-api-tests/startup.sh b/test-apis-ci/sdc-api-tests/startup.sh index 80faeeac2e..7b102cadfd 100644 --- a/test-apis-ci/sdc-api-tests/startup.sh +++ b/test-apis-ci/sdc-api-tests/startup.sh @@ -1,5 +1,24 @@ #!/bin/bash +# prepare env for HTTPS if used + +is_https=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.default_attributes.disableHttp' | \ + tr '[:upper:]' '[:lower:]') + +if [ "$is_https" = true ] ; then + # setup /etc/hosts + SDC_FE_IP=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.default_attributes.Nodes.FE') + SDC_FE_HOSTNAME=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.override_attributes.FE.domain_name') + if ! grep -q "^[[:space:]]*${SDC_FE_IP}[[:space:]]" ; then + echo "${SDC_FE_IP}" "${SDC_FE_HOSTNAME}" >> /etc/hosts + fi +fi + +# run tests + cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} diff --git a/ui-ci/sdc-ui-tests/Dockerfile b/ui-ci/sdc-ui-tests/Dockerfile index 3b1129322f..1bd1a779ba 100644 --- a/ui-ci/sdc-ui-tests/Dockerfile +++ b/ui-ci/sdc-ui-tests/Dockerfile @@ -1,5 +1,15 @@ FROM onap/base_sdc-vnc:1.4.1 +# install packages +RUN DEBIAN_FRONTEND=noninteractive \ + apt-get -y update \ + && \ + apt-get -y install \ + jq \ + openssl \ + && \ + apt-get -y clean + COPY chef-solo /root/chef-solo/ COPY chef-repo/cookbooks/. /root/chef-solo/cookbooks/ diff --git a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/org.onap.sdc.trust.jks b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/org.onap.sdc.trust.jks Binary files differnew file mode 100644 index 0000000000..d07ce1a66b --- /dev/null +++ b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/org.onap.sdc.trust.jks diff --git a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/startTest.sh b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/startTest.sh index f013bcf2cf..c4415578ee 100644 --- a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/startTest.sh +++ b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/files/default/startTest.sh @@ -4,6 +4,10 @@ RERUN=false debug_port=8000 TEST_SUITES=testSuites fileName=testng-failed.xml +JAVA_OPTIONS="${JAVA_OPTIONS} \ + -Djavax.net.ssl.trustStore=/var/lib/tests/etc/org.onap.sdc.trust.jks \ + -Dtestng.show.stack.frames=true \ + " function help_usage () { diff --git a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_1_setup_env.rb b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_1_setup_env.rb index 112cc4c2e7..61d0133888 100644 --- a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_1_setup_env.rb +++ b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_1_setup_env.rb @@ -46,4 +46,19 @@ tests_base="/var/lib/tests" group 'root' mode '0755' action :create - end
\ No newline at end of file + end + + directory "create_etc_dir" do + path "/var/lib/tests/etc" + owner 'root' + group 'root' + mode '0755' + action :create + end + +cookbook_file "/var/lib/tests/etc/org.onap.sdc.trust.jks" do + source "org.onap.sdc.trust.jks" + owner "root" + group "root" + mode 0644 +end
\ No newline at end of file diff --git a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_2_setup_configuration.rb b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_2_setup_configuration.rb index 04a65413f5..50a953081a 100644 --- a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_2_setup_configuration.rb +++ b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/recipes/sanityUiTests_2_setup_configuration.rb @@ -7,9 +7,9 @@ template "sdc-yaml-config" do group "root" mode "0755" variables ({ - :catalogBE_ip => node['Nodes']['BE'], + :catalogBE_host => node['Nodes']['BE'], :catalogBE_port => node['BE'][:http_port], - :webportal_ip => node['Nodes']['FE'], + :webportal_host => node['Nodes']['FE'], :webportal_port => node['FE'][:http_port], :janusgraph_file => "#{tests_base}/conf/janusgraph.properties", :tests_base_ci => "#{tests_base}/CI/tests", diff --git a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/templates/default/sdc-sanity.yaml.erb b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/templates/default/sdc-sanity.yaml.erb index c8a3258625..23d0abcdda 100644 --- a/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/templates/default/sdc-sanity.yaml.erb +++ b/ui-ci/sdc-ui-tests/chef-repo/cookbooks/sdc-ui-tests/templates/default/sdc-sanity.yaml.erb @@ -1,24 +1,28 @@ -url: http://<%= @webportal_ip %>:8285/sdc1 browser: firefox uiSimulator: true -catalogBeHost: <%= @catalogBE_ip %> -catalogBePort: <%= @catalogBE_port %> -catalogFeHost: <%= @webportal_ip %> -catalogFePort: <%= @webportal_port %> -onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %> <% if node[:disableHttp] -%> sdcHttpMethod: https onboardingBePort: <%= node['ONBOARDING_BE'][:https_port] %> +onboardingBeHost: <%= node['ONBOARDING_BE'][:domain_name] %> +url: https://<%= node['FE'][:domain_name] %>:8286/sdc1 +catalogBeHost: <%= node['BE'][:domain_name] %> +catalogBePort: <%= node['BE'][:https_port] %> +catalogFeHost: <%= node['FE'][:domain_name] %> +catalogFePort: <%= node['FE'][:https_port] %> <% else %> sdcHttpMethod: http onboardingBePort: <%= node['ONBOARDING_BE'][:http_port] %> +onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %> +url: http://<%= @webportal_host %>:8285/sdc1 +catalogBeHost: <%= @catalogBE_host %> +catalogBePort: <%= @catalogBE_port %> +catalogFeHost: <%= @webportal_host %> +catalogFePort: <%= @webportal_port %> <% end -%> - - esHost: <%= @ES_IP %> esPort: 9200 disributionClientHost: disClient @@ -40,4 +44,4 @@ importResourceTestsConfigDir: <%= @importResourceTestsConfigDir %> errorConfigurationFile: <%= @errorConfigurationFile %> configurationFile: <%= @ConfigurationFile %> importTypesConfigDir: <%= @importTypesDir %> -janusGraphPropertiesFile: <%= @janusgraph_file %>
\ No newline at end of file +janusGraphPropertiesFile: <%= @janusgraph_file %> diff --git a/ui-ci/sdc-ui-tests/startup.sh b/ui-ci/sdc-ui-tests/startup.sh index 9078980666..6455c17e58 100644 --- a/ui-ci/sdc-ui-tests/startup.sh +++ b/ui-ci/sdc-ui-tests/startup.sh @@ -2,6 +2,25 @@ /dockerstartup/vnc_startup.sh & +# prepare env for HTTPS if used + +is_https=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.default_attributes.disableHttp' | \ + tr '[:upper:]' '[:lower:]') + +if [ "$is_https" = true ] ; then + # setup /etc/hosts + SDC_FE_IP=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.default_attributes.Nodes.FE') + SDC_FE_HOSTNAME=$(cat /root/chef-solo/environments/${ENVNAME}.json | \ + jq -cr '.override_attributes.FE.domain_name') + if ! grep -q "^[[:space:]]*${SDC_FE_IP}[[:space:]]" ; then + echo "${SDC_FE_IP}" "${SDC_FE_HOSTNAME}" >> /etc/hosts + fi +fi + +# run tests + cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} |