diff options
author | efiacor <fiachra.corcoran@est.tech> | 2022-12-07 10:56:27 +0000 |
---|---|---|
committer | efiacor <fiachra.corcoran@est.tech> | 2022-12-07 15:59:59 +0000 |
commit | bda6aeaa60607ab4fe5af508156019d7bd5c0ce4 (patch) | |
tree | 24bae3847c1139ba9aed95ce286277202aae9a93 /csit/scripts/dmaap-datarouter | |
parent | b37d32a39c7096e39fc389f15d150e8c2b8c54c2 (diff) |
[DMAAP-DR] Remove AAF/TLS phase 1
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Ifeae01dd8e7f0a737d8b74594a8061ae3d4ea647
Issue-ID: DMAAP-1642
Diffstat (limited to 'csit/scripts/dmaap-datarouter')
15 files changed, 96 insertions, 196 deletions
diff --git a/csit/scripts/dmaap-datarouter/datarouter-launch.sh b/csit/scripts/dmaap-datarouter/datarouter-launch.sh index 6d38913d..d4a422d2 100644 --- a/csit/scripts/dmaap-datarouter/datarouter-launch.sh +++ b/csit/scripts/dmaap-datarouter/datarouter-launch.sh @@ -1,7 +1,7 @@ #!/bin/bash # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,13 +22,14 @@ function dmaap_dr_launch() { subscribers_required=$1 - mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs + mkdir -p "${WORKSPACE}"/archives/dmaap/dr/last_run_logs # start DMaaP DR containers with docker compose and configuration from docker-compose.yml docker login -u docker -p docker nexus3.onap.org:10001 if [[ ${subscribers_required} == true ]]; then - docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d + docker-compose -f "${WORKSPACE}"/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d else + # shellcheck disable=SC2086 docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d datarouter-prov datarouter-node mariadb fi @@ -50,10 +51,12 @@ function dmaap_dr_launch() { for i in 1 2 3 4 5 6 7 8 9 10; do if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]] then + # shellcheck disable=SC2046 echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) echo "DR Service Running, datarouter-prov container is healthy" break else + # shellcheck disable=SC2046 echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) echo sleep ${i} sleep ${i} @@ -66,27 +69,32 @@ function dmaap_dr_launch() { fi done + # shellcheck disable=SC2006 DR_PROV_IP=`get-instance-ip.sh datarouter-prov` + # shellcheck disable=SC2006 DR_NODE_IP=`get-instance-ip.sh datarouter-node` DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) - echo DR_PROV_IP=${DR_PROV_IP} - echo DR_NODE_IP=${DR_NODE_IP} - echo DR_GATEWAY_IP=${DR_GATEWAY_IP} + echo DR_PROV_IP="${DR_PROV_IP}" + echo DR_NODE_IP="${DR_NODE_IP}" + echo DR_GATEWAY_IP="${DR_GATEWAY_IP}" if [[ ${subscribers_required} == true ]] then + # shellcheck disable=SC2006 DR_SUB_IP=`get-instance-ip.sh subscriber-node` + # shellcheck disable=SC2006 DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` - echo DR_SUB_IP=${DR_SUB_IP} - echo DR_SUB2_IP=${DR_SUB2_IP} + echo DR_SUB_IP="${DR_SUB_IP}" + echo DR_SUB2_IP="${DR_SUB2_IP}" fi sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts - docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" - docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT http://$DR_PROV_IP/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT http://$DR_PROV_IP/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" #Pass any variables required by Robot test suites in ROBOT_VARIABLES + # shellcheck disable=SC2034 ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}" }
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh index 8958f28c..f54f8424 100755 --- a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh +++ b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh @@ -1,6 +1,6 @@ #!/bin/bash # ============LICENSE_START=================================================== -# Copyright (C) 2019-2021 Nordix Foundation. +# Copyright (C) 2019-2022 Nordix Foundation. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,16 +18,15 @@ # ============LICENSE_END===================================================== function teardown_dmaap_dr (){ - cd ${WORKSPACE}/archives/dmaap/dr + # shellcheck disable=SC2164 + cd "${WORKSPACE}"/archives/dmaap/dr rm -rf last_run_logs/* docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs - docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs - docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs + docker cp subscriber-node:/var/log/onap/subscriber last_run_logs/sub1_logs + docker cp subscriber-node2:/var/log/onap/subscriber last_run_logs/sub2_logs sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts - docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf - cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl - python -c 'import update_ca; update_ca.remove_onap_ca_cert()' + docker-compose -f "${WORKSPACE}"/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf }
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml index d2902ff5..d7b7ea1a 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml +++ b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml @@ -25,15 +25,10 @@ services: container_name: datarouter-prov hostname: dmaap-dr-prov ports: - - "443:8443" - - "8443:8443" - "8080:8080" volumes: - ./provserver.properties:/opt/app/datartr/etc/provserver.properties - ./logback.xml:/opt/app/datartr/etc/logback.xml - - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks - - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 - - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props depends_on: mariadb: condition: service_healthy @@ -52,13 +47,10 @@ services: container_name: datarouter-node hostname: dmaap-dr-node ports: - - "9443:8443" - "9090:8080" volumes: - ./node.properties:/opt/app/datartr/etc/node.properties - - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks - - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 - - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + - ./logback.xml:/opt/app/datartr/etc/logback.xml depends_on: datarouter-prov: condition: service_healthy @@ -75,6 +67,7 @@ services: - "7070:7070" volumes: - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + - ./sub-logback.xml:/opt/app/subscriber/etc/logback.xml networks: net: aliases: @@ -88,6 +81,7 @@ services: - "7071:7070" volumes: - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + - ./sub-logback.xml:/opt/app/subscriber/etc/logback.xml networks: net: aliases: diff --git a/csit/scripts/dmaap-datarouter/docker-compose/node.properties b/csit/scripts/dmaap-datarouter/docker-compose/node.properties index 9f3ca40d..1e684b43 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/node.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/node.properties @@ -19,10 +19,10 @@ # Configuration parameters set at startup for the DataRouter node # # URL to retrieve dynamic configuration -ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +ProvisioningURL = http://dmaap-dr-prov:8080/internal/prov # # URL to upload PUB/DEL/EXP logs -LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +LogUploadURL = http://dmaap-dr-prov:8080/internal/logs # # The port number for http as seen within the server IntHttpPort = 8080 @@ -82,4 +82,4 @@ CadiEnabled = false AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props # https security required for publish request -TlsEnabled = true +TlsEnabled = false diff --git a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties index b38c3f56..caf8240c 100755 --- a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties @@ -18,19 +18,19 @@ #Jetty Server properties org.onap.dmaap.datarouter.provserver.http.port = 8080 -org.onap.dmaap.datarouter.provserver.https.port = 8443 +org.onap.dmaap.datarouter.provserver.https.port = 443 org.onap.dmaap.datarouter.provserver.https.relaxation = true -org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props - org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc org.onap.dmaap.datarouter.provserver.logretention = 30 -#DMAAP-597 (Tech Dept) REST request source IP auth -# relaxation to accommodate OOM kubernetes deploy org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false +org.onap.dmaap.datarouter.provserver.cadi.enabled = false +org.onap.dmaap.datarouter.provserver.tlsenabled = false +org.onap.dmaap.datarouter.nodeserver.https.port = 8443 +org.onap.dmaap.datarouter.nodeserver.http.port = 8080 #Localhost address config org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 @@ -41,18 +41,3 @@ org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/d org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter -# PROV - DEFAULT ENABLED TLS PROTOCOLS -org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 - -# AAF config -org.onap.dmaap.datarouter.provserver.cadi.enabled = false - -org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# -org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed -org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub -org.onap.dmaap.datarouter.provserver.aaf.instance = legacy -org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe -org.onap.dmaap.datarouter.provserver.tlsenabled = true -org.onap.dmaap.datarouter.nodeserver.https.port = 8443 -org.onap.dmaap.datarouter.nodeserver.http.port = 8080
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml b/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml new file mode 100644 index 00000000..222a4ffb --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/sub-logback.xml @@ -0,0 +1,61 @@ +<!-- + ============LICENSE_START================================================== + * org.onap.dmaap + * =========================================================================== + * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * +--> +<configuration scan="true" scanPeriod="3 seconds" debug="false"> + <property name="logDir" value="/var/log/onap/subscriber" /> + <property name="generalLogName" value="application" /> + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{InvocationId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> + <property name="logDirectory" value="${logDir}" /> + + <appender name="file" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <append>true</append> + <immediateFlush>true</immediateFlush> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>50MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="console" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <logger name="org.eclipse.jetty" level="info"/> + + <root level="debug"> + <appender-ref ref="file" /> + <appender-ref ref="console" /> + </root> +</configuration> diff --git a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties index 311bbe56..aad02d14 100644 --- a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties +++ b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties @@ -23,13 +23,5 @@ org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery -org.onap.dmaap.datarouter.subscriber.https.relaxation = true -org.onap.dmaap.datarouter.subscriber.keystore.type = jks -org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit -org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks -org.onap.dmaap.datarouter.subscriber.keystore.password = changeit -org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks -org.onap.dmaap.datarouter.subscriber.truststore.password = changeit - diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 Binary files differdeleted file mode 100644 index 3793a9d4..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props deleted file mode 100644 index e32e7282..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props +++ /dev/null @@ -1,17 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# by root -# on 2021-03-12T11:38:49.244+0000 -# @copyright 2019, AT&T -############################################################ -Challenge=secret -cadi_alias=dmaap-dr-node@dmaap-dr.onap.org -cadi_key_password=secret -#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 -cadi_keystore_password=secret -cadi_keystore_password_jks=secret -cadi_keystore_password_p12=secret -cadi_truststore=/opt/app/osaaf/local/truststore.jks -cadi_truststore_password=secret -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks Binary files differdeleted file mode 100644 index 91547c60..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 Binary files differdeleted file mode 100755 index 1393fb05..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props deleted file mode 100644 index 18f91ba8..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props +++ /dev/null @@ -1,17 +0,0 @@ -############################################################ -# Properties Generated by AT&T Certificate Manager -# by root -# on 2021-03-12T11:29:50.699+0000 -# @copyright 2019, AT&T -############################################################ -Challenge=secret -cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org -cadi_key_password=secret -#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile -cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 -cadi_keystore_password=secret -cadi_keystore_password_jks=secret -cadi_keystore_password_p12=secret -cadi_truststore=/opt/app/osaaf/local/truststore.jks -cadi_truststore_password=secret -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks Binary files differdeleted file mode 100644 index 91547c60..00000000 --- a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks +++ /dev/null diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem deleted file mode 100644 index 1f9d08e5..00000000 --- a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem +++ /dev/null @@ -1,40 +0,0 @@ - -# Issuer: C=US,O=ONAP,OU=OSAAF -# Subject: C=US,O=ONAP,OU=OSAAF -# Label: "" -# Serial: 0x9EAEEDC0A7CEB59D -# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F -# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B -# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA ------BEGIN CERTIFICATE----- -MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL -BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM -BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1 -MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV -BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A -MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj -6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X -SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI -tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r -4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY -WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy -uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991 -qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN -Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM -RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs -wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj -MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei -Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD -AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8 -oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4 -RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb -X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov -yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90 -XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT -EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5 -VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR -OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi -mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe -jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt -3arVcS9XgA== ------END CERTIFICATE-----
\ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py deleted file mode 100644 index d36f8acc..00000000 --- a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py +++ /dev/null @@ -1,65 +0,0 @@ -# ============LICENSE_START=================================================== -# Copyright (C) 2019-2021 Nordix Foundation. -# ============================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END===================================================== - -import certifi -import os - - -def add_onap_ca_cert(): - cafile = certifi.where() - dir_path = os.path.dirname(os.path.realpath(__file__)) - datarouter_ca = dir_path + '/onap_ca_cert.pem' - with open(datarouter_ca, 'rb') as infile: - customca = infile.read() - - with open(cafile, 'ab') as outfile: - outfile.write(customca) - - print("Added DR Cert to CA") - - -def remove_onap_ca_cert(): - cafile = certifi.where() - number_of_lines_to_delete = 40 - count = 0 - dr_cert_exists = False - - with open(cafile, 'r+b', buffering=0) as outfile: - for line in outfile.readlines()[-36:-35]: - if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line: - dr_cert_exists = True - if dr_cert_exists: - outfile.seek(0, os.SEEK_END) - end = outfile.tell() - while outfile.tell() > 0: - outfile.seek(-1, os.SEEK_CUR) - char = outfile.read(1) - if char == b'\n': - count += 1 - if count == number_of_lines_to_delete: - outfile.truncate() - print( - "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File") - exit(0) - outfile.seek(-1, os.SEEK_CUR) - else: - print("No DR cert in CA File to remove") - - if count < number_of_lines_to_delete + 1: - print("Number of lines in file less than number of lines to delete. Exiting...") - exit(1) |