From c138b700030d22ae0bdbd6992fb4a4d8a3431798 Mon Sep 17 00:00:00 2001 From: Piotr Jaszczyk Date: Wed, 10 Apr 2019 10:32:00 +0200 Subject: Read passwords from files Key- and trust-store passwords should be read from files in order to work with DCAE tls-init-container. Change-Id: Ibe454663328268f33f8be25ef9ec129f1ce1d396 Issue-ID: DCAEGEN2-1412 Signed-off-by: Piotr Jaszczyk --- .../config/impl/ConfigurationValidatorTest.kt | 63 ++++++++++++---------- .../config/impl/JsonConfigurationParserTest.kt | 5 +- .../src/test/resources/sampleConfig.json | 4 +- .../src/test/resources/test.ks.pass | 1 + .../src/test/resources/trust.ks.pass | 1 + 5 files changed, 40 insertions(+), 34 deletions(-) create mode 100644 sources/hv-collector-configuration/src/test/resources/test.ks.pass create mode 100644 sources/hv-collector-configuration/src/test/resources/trust.ks.pass (limited to 'sources/hv-collector-configuration/src/test') diff --git a/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidatorTest.kt b/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidatorTest.kt index 0806e8ca..5495c865 100644 --- a/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidatorTest.kt +++ b/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidatorTest.kt @@ -36,9 +36,9 @@ import org.onap.dcae.collectors.veshv.utils.logging.LogLevel import org.onap.dcaegen2.services.sdk.model.streams.dmaap.KafkaSink import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys import java.io.File +import java.nio.file.Paths import java.time.Duration - internal object ConfigurationValidatorTest : Spek({ describe("ConfigurationValidator") { val cut = ConfigurationValidator() @@ -79,10 +79,10 @@ internal object ConfigurationValidatorTest : Spek({ firstRequestDelaySec = Some(defaultFirstReqDelaySec), requestIntervalSec = Some(defaultRequestIntervalSec), sslDisable = Some(false), - keyStoreFile = Some(KEYSTORE), - keyStorePassword = Some(KEYSTORE_PASSWORD), - trustStoreFile = Some(TRUSTSTORE), - trustStorePassword = Some(TRUSTSTORE_PASSWORD), + keyStoreFile = Some(keyStore), + keyStorePasswordFile = Some(keyStorePassFile), + trustStoreFile = Some(trustStore), + trustStorePasswordFile = Some(trustStorePassFile), streamPublishers = Some(sampleStreamsDefinition), logLevel = Some(LogLevel.TRACE) ) @@ -101,10 +101,10 @@ internal object ConfigurationValidatorTest : Spek({ val securityKeys = it.security.keys .getOrElse { fail("Should be immutableSecurityKeys") } as SecurityKeys - assertThat(securityKeys.keyStore().path()).isEqualTo(File(KEYSTORE).toPath()) - assertThat(securityKeys.trustStore().path()).isEqualTo(File(TRUSTSTORE).toPath()) - securityKeys.keyStorePassword().use { assertThat(it).isEqualTo(KEYSTORE_PASSWORD.toCharArray()) } - securityKeys.trustStorePassword().use { assertThat(it).isEqualTo(TRUSTSTORE_PASSWORD.toCharArray()) } + assertThat(securityKeys.keyStore().path()).isEqualTo(File(keyStore).toPath()) + assertThat(securityKeys.trustStore().path()).isEqualTo(File(trustStore).toPath()) + securityKeys.keyStorePassword().use { assertThat(it).isEqualTo(keyStorePass.toCharArray()) } + securityKeys.trustStorePassword().use { assertThat(it).isEqualTo(trustStorePass.toCharArray()) } assertThat(it.cbs.firstRequestDelay) .isEqualTo(Duration.ofSeconds(defaultFirstReqDelaySec)) @@ -168,10 +168,10 @@ internal object ConfigurationValidatorTest : Spek({ { val securityKeys = it.security.keys .getOrElse { fail("Should be immutableSecurityKeys") } as SecurityKeys - assertThat(securityKeys.keyStore().path()).isEqualTo(File(KEYSTORE).toPath()) - assertThat(securityKeys.trustStore().path()).isEqualTo(File(TRUSTSTORE).toPath()) - securityKeys.keyStorePassword().use { assertThat(it).isEqualTo(KEYSTORE_PASSWORD.toCharArray()) } - securityKeys.trustStorePassword().use { assertThat(it).isEqualTo(TRUSTSTORE_PASSWORD.toCharArray()) } + assertThat(securityKeys.keyStore().path()).isEqualTo(File(keyStore).toPath()) + assertThat(securityKeys.trustStore().path()).isEqualTo(File(trustStore).toPath()) + securityKeys.keyStorePassword().use { assertThat(it).isEqualTo(keyStorePass.toCharArray()) } + securityKeys.trustStorePassword().use { assertThat(it).isEqualTo(trustStorePass.toCharArray()) } } ) } @@ -185,10 +185,10 @@ private fun partialConfiguration(listenPort: Option = Some(defaultListenPor firstReqDelaySec: Option = Some(defaultFirstReqDelaySec), requestIntervalSec: Option = Some(defaultRequestIntervalSec), sslDisable: Option = Some(false), - keyStoreFile: Option = Some(KEYSTORE), - keyStorePassword: Option = Some(KEYSTORE_PASSWORD), - trustStoreFile: Option = Some(TRUSTSTORE), - trustStorePassword: Option = Some(TRUSTSTORE_PASSWORD), + keyStoreFile: Option = Some(keyStore), + keyStorePassword: Option = Some(keyStorePassFile), + trustStoreFile: Option = Some(trustStore), + trustStorePassword: Option = Some(trustStorePassFile), streamPublishers: Option> = Some(sampleStreamsDefinition), logLevel: Option = Some(LogLevel.INFO) ) = PartialConfiguration( @@ -198,24 +198,29 @@ private fun partialConfiguration(listenPort: Option = Some(defaultListenPor requestIntervalSec = requestIntervalSec, sslDisable = sslDisable, keyStoreFile = keyStoreFile, - keyStorePassword = keyStorePassword, + keyStorePasswordFile = keyStorePassword, trustStoreFile = trustStoreFile, - trustStorePassword = trustStorePassword, + trustStorePasswordFile = trustStorePassword, streamPublishers = streamPublishers, logLevel = logLevel ) -const val defaultListenPort = 1234 -const val defaultRequestIntervalSec = 3L -const val defaultIdleTimeoutSec = 10L -const val defaultFirstReqDelaySec = 10L +private fun resourcePathAsString(resource: String) = + Paths.get(ConfigurationValidatorTest::class.java.getResource(resource).toURI()).toString() + +private const val defaultListenPort = 1234 +private const val defaultRequestIntervalSec = 3L +private const val defaultIdleTimeoutSec = 10L +private const val defaultFirstReqDelaySec = 10L -const val KEYSTORE = "test.ks.pkcs12" -const val KEYSTORE_PASSWORD = "changeMe" -const val TRUSTSTORE = "trust.ks.pkcs12" -const val TRUSTSTORE_PASSWORD = "changeMeToo" +private const val keyStore = "test.ks.pkcs12" +private const val trustStore = "trust.ks.pkcs12" +private const val keyStorePass = "change.me" +private const val trustStorePass = "change.me.too" +private val keyStorePassFile = resourcePathAsString("/test.ks.pass") +private val trustStorePassFile = resourcePathAsString("/trust.ks.pass") -const val sampleSinkName = "perf3gpp" +private const val sampleSinkName = "perf3gpp" const val sampleMaxPayloadSize = 1024 private val sink = mock().also { @@ -224,4 +229,4 @@ private val sink = mock().also { } private val sampleStreamsDefinition = listOf(sink) -private val sampleRouting = listOf(Route(sink.name(), sink)) \ No newline at end of file +private val sampleRouting = listOf(Route(sink.name(), sink)) diff --git a/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/JsonConfigurationParserTest.kt b/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/JsonConfigurationParserTest.kt index 919f22c1..485ef9a8 100644 --- a/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/JsonConfigurationParserTest.kt +++ b/sources/hv-collector-configuration/src/test/kotlin/org/onap/dcae/collectors/veshv/config/impl/JsonConfigurationParserTest.kt @@ -28,7 +28,6 @@ import org.jetbrains.spek.api.dsl.it import org.onap.dcae.collectors.veshv.tests.utils.resourceAsStream import org.onap.dcae.collectors.veshv.utils.logging.LogLevel import java.io.StringReader -import java.time.Duration import kotlin.test.fail /** @@ -93,9 +92,9 @@ internal object JsonConfigurationParserTest : Spek({ assertThat(config.sslDisable).isEqualTo(Some(false)) assertThat(config.keyStoreFile).isEqualTo(Some("test.ks.pkcs12")) - assertThat(config.keyStorePassword).isEqualTo(Some("changeMe")) + assertThat(config.keyStorePasswordFile).isEqualTo(Some("test.ks.pass")) assertThat(config.trustStoreFile).isEqualTo(Some("trust.ks.pkcs12")) - assertThat(config.trustStorePassword).isEqualTo(Some("changeMeToo")) + assertThat(config.trustStorePasswordFile).isEqualTo(Some("trust.ks.pass")) } } } diff --git a/sources/hv-collector-configuration/src/test/resources/sampleConfig.json b/sources/hv-collector-configuration/src/test/resources/sampleConfig.json index a5ad52ae..a1eb96a3 100644 --- a/sources/hv-collector-configuration/src/test/resources/sampleConfig.json +++ b/sources/hv-collector-configuration/src/test/resources/sampleConfig.json @@ -6,7 +6,7 @@ "cbs.requestIntervalSec": 900, "security.sslDisable": false, "security.keys.keyStoreFile": "test.ks.pkcs12", - "security.keys.keyStorePassword": "changeMe", + "security.keys.keyStorePasswordFile": "test.ks.pass", "security.keys.trustStoreFile": "trust.ks.pkcs12", - "security.keys.trustStorePassword": "changeMeToo" + "security.keys.trustStorePasswordFile": "trust.ks.pass" } \ No newline at end of file diff --git a/sources/hv-collector-configuration/src/test/resources/test.ks.pass b/sources/hv-collector-configuration/src/test/resources/test.ks.pass new file mode 100644 index 00000000..2d96f185 --- /dev/null +++ b/sources/hv-collector-configuration/src/test/resources/test.ks.pass @@ -0,0 +1 @@ +change.me \ No newline at end of file diff --git a/sources/hv-collector-configuration/src/test/resources/trust.ks.pass b/sources/hv-collector-configuration/src/test/resources/trust.ks.pass new file mode 100644 index 00000000..563231aa --- /dev/null +++ b/sources/hv-collector-configuration/src/test/resources/trust.ks.pass @@ -0,0 +1 @@ +change.me.too \ No newline at end of file -- cgit 1.2.3-korg