summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rwxr-xr-xcsit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh25
-rwxr-xr-xcsit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh21
-rwxr-xr-xcsit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt2
-rwxr-xr-xcsit/prepare-csit.sh48
-rwxr-xr-xcsit/run-csit.sh195
-rwxr-xr-xcsit/run-project-csit.sh28
-rwxr-xr-xcsit/scripts/common_functions.sh263
-rw-r--r--csit/scripts/dmaap-datarouter/datarouter-launch.sh92
-rwxr-xr-xcsit/scripts/dmaap-datarouter/datarouter-teardown.sh33
-rw-r--r--csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml118
-rw-r--r--csit/scripts/dmaap-datarouter/docker-compose/node.properties82
-rwxr-xr-xcsit/scripts/dmaap-datarouter/docker-compose/provserver.properties55
-rw-r--r--csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties35
-rw-r--r--csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12bin0 -> 4596 bytes
-rw-r--r--csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props17
-rw-r--r--csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jksbin0 -> 3234 bytes
-rwxr-xr-xcsit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12bin0 -> 4596 bytes
-rw-r--r--csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props17
-rw-r--r--csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jksbin0 -> 3234 bytes
-rw-r--r--csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem40
-rw-r--r--csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py65
-rwxr-xr-xcsit/scripts/get-instance-ip.sh17
-rwxr-xr-xcsit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot179
24 files changed, 1334 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index bd821d35..fcbc5f20 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,5 @@
*.classpath
*.project
datarouter-prov/unit-test-logs/
+/venv/*
+*/archives/
diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh
new file mode 100755
index 00000000..53b4387c
--- /dev/null
+++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh
@@ -0,0 +1,25 @@
+#!/bin/bash
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-launch.sh
+# Launch DR. If true is passed, 2 subscriber containers are also deployed, else false.
+dmaap_dr_launch true
+cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl
+# Add the root CA to robot framework. This is then removed on teardown.
+python -c 'import update_ca; update_ca.add_onap_ca_cert()' \ No newline at end of file
diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh
new file mode 100755
index 00000000..536863bc
--- /dev/null
+++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-teardown.sh
+teardown_dmaap_dr \ No newline at end of file
diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt b/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt
new file mode 100755
index 00000000..5d32c668
--- /dev/null
+++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt
@@ -0,0 +1,2 @@
+# Place the suites in run order.
+dmaap-datarouter/ssl-dr-suite
diff --git a/csit/prepare-csit.sh b/csit/prepare-csit.sh
new file mode 100755
index 00000000..109cdb49
--- /dev/null
+++ b/csit/prepare-csit.sh
@@ -0,0 +1,48 @@
+#!/bin/bash -x
+#
+# Copyright 2019 © Samsung Electronics Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# This script installs common libraries required by CSIT tests
+#
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=`git rev-parse --show-toplevel`
+fi
+
+TESTPLANDIR=${WORKSPACE}/${TESTPLAN}
+
+# Assume that if ROBOT_VENV is set and virtualenv with system site packages can be activated,
+# ci-management/jjb/integration/include-raw-integration-install-robotframework.sh has already
+# been executed
+
+if [ -f ${WORKSPACE}/env.properties ]; then
+ source ${WORKSPACE}/env.properties
+fi
+if [ -f ${ROBOT_VENV}/bin/activate ]; then
+ source ${ROBOT_VENV}/bin/activate
+else
+ rm -rf /tmp/ci-management
+ rm -f ${WORKSPACE}/env.properties
+ cd /tmp
+ git clone "https://gerrit.onap.org/r/ci-management"
+ source /tmp/ci-management/jjb/integration/include-raw-integration-install-robotframework.sh
+fi
+
+# install eteutils
+mkdir -p ${ROBOT_VENV}/src/onap
+rm -rf ${ROBOT_VENV}/src/onap/testsuite
+pip install --upgrade --extra-index-url="https://nexus3.onap.org/repository/PyPi.staging/simple" 'robotframework-onap==0.5.1.*' --pre
+
+pip freeze
diff --git a/csit/run-csit.sh b/csit/run-csit.sh
new file mode 100755
index 00000000..ce9cf80f
--- /dev/null
+++ b/csit/run-csit.sh
@@ -0,0 +1,195 @@
+#!/bin/bash -x
+#
+# Copyright 2016-2017 Huawei Technologies Co., Ltd.
+# Modification Copyright 2019 © Samsung Electronics Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# $1 project/functionality
+# $2 robot options
+
+#
+# functions
+#
+
+function on_exit(){
+ rc=$?
+ if [[ ${WORKSPACE} ]]; then
+ if [[ ${WORKDIR} ]]; then
+ rsync -av "$WORKDIR/" "$WORKSPACE/archives/$TESTPLAN"
+ fi
+ # Record list of active docker containers
+ docker ps --format "{{.Image}}" > "$WORKSPACE/archives/$TESTPLAN/_docker-images.log"
+
+ # show memory consumption after all docker instances initialized
+ docker_stats | tee "$WORKSPACE/archives/$TESTPLAN/_sysinfo-2-after-robot.txt"
+ fi
+ # Run teardown script plan if it exists
+ cd "${TESTPLANDIR}"
+ TEARDOWN="${TESTPLANDIR}/teardown.sh"
+ if [ -f "${TEARDOWN}" ]; then
+ echo "Running teardown script ${TEARDOWN}"
+ source_safely "${TEARDOWN}"
+ fi
+ # TODO: do something with the output
+ exit $rc
+}
+# ensure that teardown and other finalizing steps are always executed
+trap on_exit EXIT
+
+function docker_stats(){
+ #General memory details
+ echo "> top -bn1 | head -3"
+ top -bn1 | head -3
+ echo
+
+ echo "> free -h"
+ free -h
+ echo
+
+ #Memory details per Docker
+ echo "> docker ps"
+ docker ps
+ echo
+
+ echo "> docker stats --no-stream"
+ docker stats --no-stream
+ echo
+}
+
+# save current set options
+function save_set() {
+ RUN_CSIT_SAVE_SET="$-"
+ RUN_CSIT_SHELLOPTS="$SHELLOPTS"
+}
+
+# load the saved set options
+function load_set() {
+ _setopts="$-"
+
+ # bash shellopts
+ for i in $(echo "$SHELLOPTS" | tr ':' ' ') ; do
+ set +o ${i}
+ done
+ for i in $(echo "$RUN_CSIT_SHELLOPTS" | tr ':' ' ') ; do
+ set -o ${i}
+ done
+
+ # other options
+ for i in $(echo "$_setopts" | sed 's/./& /g') ; do
+ set +${i}
+ done
+ set -${RUN_CSIT_SAVE_SET}
+}
+
+# set options for quick bailout when error
+function harden_set() {
+ set -xeo pipefail
+ set +u # enabled it would probably fail too many often
+}
+
+# relax set options so the sourced file will not fail
+# the responsibility is shifted to the sourced file...
+function relax_set() {
+ set +e
+ set +o pipefail
+}
+
+# wrapper for sourcing a file
+function source_safely() {
+ [ -z "$1" ] && return 1
+ relax_set
+ . "$1"
+ load_set
+}
+
+#
+# main
+#
+
+# set and save options for quick failure
+harden_set && save_set
+
+if [ $# -eq 0 ]
+then
+ echo
+ echo "Usage: $0 plans/<project>/<functionality> [<robot-options>]"
+ echo
+ echo " <project>, <functionality>, <robot-options>: "
+ echo " The same values as for the '{project}-csit-{functionality}' JJB job template."
+ echo
+ exit 1
+fi
+
+if [ -z "$WORKSPACE" ]; then
+ export WORKSPACE=$(git rev-parse --show-toplevel)
+fi
+
+if [ -f "${WORKSPACE}/${1}/testplan.txt" ]; then
+ export TESTPLAN="${1}"
+else
+ echo "testplan not found: ${WORKSPACE}/${TESTPLAN}/testplan.txt"
+ exit 2
+fi
+
+export TESTOPTIONS="${2}"
+
+rm -rf "$WORKSPACE/archives/$TESTPLAN"
+mkdir -p "$WORKSPACE/archives/$TESTPLAN"
+
+TESTPLANDIR="${WORKSPACE}/${TESTPLAN}"
+
+# Run installation of prerequired libraries
+source_safely "${WORKSPACE}/prepare-csit.sh"
+
+# Activate the virtualenv containing all the required libraries installed by prepare-csit.sh
+source_safely "${ROBOT_VENV}/bin/activate"
+
+WORKDIR=$(mktemp -d --suffix=-robot-workdir)
+cd "${WORKDIR}"
+
+# Add csit scripts to PATH
+export PATH="${PATH}:${WORKSPACE}/docker/scripts:${WORKSPACE}/scripts:${ROBOT_VENV}/bin"
+export SCRIPTS="${WORKSPACE}/scripts"
+export ROBOT_VARIABLES=
+
+# Sign in to nexus3 docker repo
+docker login -u docker -p docker nexus3.onap.org:10001
+
+# Run setup script plan if it exists
+cd "${TESTPLANDIR}"
+SETUP="${TESTPLANDIR}/setup.sh"
+if [ -f "${SETUP}" ]; then
+ echo "Running setup script ${SETUP}"
+ source_safely "${SETUP}"
+fi
+
+# show memory consumption after all docker instances initialized
+docker_stats | tee "$WORKSPACE/archives/$TESTPLAN/_sysinfo-1-after-setup.txt"
+
+# Run test plan
+cd "$WORKDIR"
+echo "Reading the testplan:"
+cat "${TESTPLANDIR}/testplan.txt" | egrep -v '(^[[:space:]]*#|^[[:space:]]*$)' | sed "s|^|${WORKSPACE}/tests/|" > testplan.txt
+cat testplan.txt
+SUITES=$( xargs -a testplan.txt )
+
+echo ROBOT_VARIABLES="${ROBOT_VARIABLES}"
+echo "Starting Robot test suites ${SUITES} ..."
+relax_set
+python -m robot.run -N ${TESTPLAN} -v WORKSPACE:/tmp ${ROBOT_VARIABLES} ${TESTOPTIONS} ${SUITES}
+RESULT=$?
+load_set
+echo "RESULT: $RESULT"
+# Note that the final steps are done in on_exit function after this exit!
+exit $RESULT
diff --git a/csit/run-project-csit.sh b/csit/run-project-csit.sh
new file mode 100755
index 00000000..a990bf1b
--- /dev/null
+++ b/csit/run-project-csit.sh
@@ -0,0 +1,28 @@
+#!/bin/bash -x
+#
+# Copyright 2020-2021 © Samsung Electronics Co., Ltd.
+# Modifications copyright (C) 2021 Nordix Foundation..
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+export WORKSPACE=$(git rev-parse --show-toplevel)/csit
+
+rm -rf ${WORKSPACE}/archives
+mkdir -p ${WORKSPACE}/archives
+cd ${WORKSPACE}
+
+./run-csit.sh plans/dmaap-datarouter/ssl-dr-suite
+
+
+
diff --git a/csit/scripts/common_functions.sh b/csit/scripts/common_functions.sh
new file mode 100755
index 00000000..684c4184
--- /dev/null
+++ b/csit/scripts/common_functions.sh
@@ -0,0 +1,263 @@
+#!/bin/bash
+
+# Copyright 2016-2017 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+function memory_details(){
+ #General memory details
+ echo "> top -bn1 | head -3"
+ top -bn1 | head -3
+ echo
+
+ echo "> free -h"
+ free -h
+ echo
+
+ #Memory details per Docker
+ echo "> docker ps"
+ docker ps
+ echo
+
+ echo "> docker stats --no-stream"
+ docker stats --no-stream
+ echo
+}
+function fibonacci_number(){
+ set +x
+ if [ $1 -le 1 ]
+ then
+ echo "1"
+ elif [ $1 -le 10 ]
+ then
+ Num=$1
+ f1=0
+ f2=1
+ fn=-1
+ for i in `eval echo {1..$Num}`;do
+ fn=$((f1+f2))
+ f1=$f2
+ f2=$fn
+ done
+ echo $fn
+ else
+ echo "30"
+ fi
+}
+function wait_curl_driver(){
+ #Parameters:
+ #CURL_COMMAND - the URL on which the curl command will be executed
+ #GREP_STRING - Desired string to be found inside the body response of the
+ # previous curl command
+ #EXCLUDE_STRING - If the filtered string (GREP_STRING) must not exist in
+ # the body response of the curl
+ #WAIT_MESSAGE - the message to be displayed for logging purpose. (optional)
+ #REPEAT_NUMBER - the maximum number of tries before abandoning the curl
+ # command (optional, by default = 15)
+ #MAX_TIME - Maximum time allowed for the transfer (in seconds)
+ #STATUS_CODE - A HTTP status code desired to be found by getting the link
+ # /!\ IMPORTANT NOTICE: the usage of STATUS_CODE option turn GREP_STRING/
+ # /!\ EXCLUDE_STRING/and the MAX_TIME options becomes obsolete with no
+ # /!\ execution impact
+ #MEMORY_USAGE - If Parameters exists shows the memory usage after curl
+ # execution(s)
+
+ repeat_max=15
+ parameters="$@"
+
+ #WAIT_MESSAGE
+ if [[ $parameters == *"WAIT_MESSAGE"* ]]
+ then
+ wait_message=`echo $parameters | sed -e "s/.*WAIT_MESSAGE=//g"`
+ wait_message=`echo $wait_message | sed -e "s/ .*//g"`
+ else
+ wait_message="wait ..."
+ fi
+
+ #REPEAT_NUMBER
+ if [[ $parameters == *"REPEAT_NUMBER"* ]]
+ then
+ repeat_max=`echo $parameters | sed -e "s/.*REPEAT_NUMBER=//g"`
+ repeat_max=`echo $repeat_max | sed -e "s/ .*//g"`
+ fi
+
+ #CURL_COMMAND
+ if [[ $parameters == *"CURL_COMMAND"* ]]
+ then
+ curl_command=`echo $parameters | sed -e 's/.*CURL_COMMAND=//g'`
+ curl_command=`echo $curl_command | sed -e 's/ .*//g'`
+ else
+ echo "-Curl is empty-" # Or no parameterseter passed.
+ return 0
+ fi
+
+ #MAX_TIME
+ if [[ $parameters == *"MAX_TIME"* ]]
+ then
+ max_time=`echo $parameters | sed -e 's/.*MAX_TIME=//g'`
+ max_time=`echo $max_time | sed -e 's/ .*//g'`
+ else
+ max_time="5"
+ fi
+
+ exclude_string=""
+ #EXCLUDE_STRING
+ if [[ $parameters == *"EXCLUDE_STRING"* ]]
+ then
+ exclude_string="-v"
+ fi
+
+ status_code=""
+ #STATUS_CODE
+ if [[ $parameters == *"STATUS_CODE"* ]]
+ then
+ status_code=`echo $parameters | sed -e 's/.*STATUS_CODE=//g'`
+ status_code=`echo $status_code | sed -e 's/ .*//g'`
+ fi
+
+ for i in `eval echo {1..$repeat_max}`; do
+ response_code=`curl -o /dev/null --silent --head --write-out '%{http_code}' $curl_command`
+ echo "..."
+ if [[ ! -z $status_code ]] ; then
+ if [ "$status_code" -eq "$response_code" ]
+ then
+ echo "SUCCESS:Actual Status code <$response_code> match the expected code <$status_code>"
+ return 0
+ else
+ echo "WARNING:Expected <$status_code> but Actual <$response_code>"
+ fi
+ else
+ #GREP_STRING
+ if [[ $parameters == *"GREP_STRING"* ]]
+ then
+ grep_command=`echo $parameters | sed -e 's/.*GREP_STRING=//g'`
+ grep_command=`echo $grep_command | sed -e 's/ REPEAT_NUMBER=.*//g' | sed -e 's/ CURL_COMMAND=.*//g' | sed -e 's/ WAIT_MESSAGE=.*//g' | sed -e 's/ MAX_TIME=.*//g' | sed -e 's/ EXCLUDE_STRING.*//g'`
+ else
+ echo "-Grep_command is empty-" # Or no parameters passed.
+ return 0
+ fi
+
+ str=`curl -sS -m$max_time $curl_command | grep "$grep_command"`
+ echo "BODY::$str"
+ if [[ ! -z $exclude_string ]]
+ then
+ if [[ -z $str ]]
+ then
+ echo "SUCCESS: body response does not contains '$grep_command'";
+ break;
+ else
+ echo "Fall_Short: Body response still contains '$grep_command'"
+ fi
+ else
+ if [[ ! -z $str ]]
+ then
+ echo "SUCCESS: body response contains '$grep_command'";
+ break;
+ else
+ echo "Fall_Short: Element '$grep_command' not found yet # "$i""
+ fi
+ fi
+
+ if [ "$?" = "7" ]; then
+ echo 'Connection refused or can not connect to server/proxy';
+ str=''
+ fi
+ fi
+ seconds2sleep=`fibonacci_number $i`
+ echo $wait_message
+ echo "Iteration::$i out of $repeat_max "
+ echo "Quiet time for $seconds2sleep seconds ..."
+ sleep $seconds2sleep
+
+ # if waiting for a long time, log system load
+ if [ $i -gt 45 ]
+ then
+ memory_details
+ fi
+ done
+ #MEMORY_USAGE
+ if [[ $parameters == *"MEMORY_USAGE"* ]]
+ then
+ echo "==========================MEMORY USAGE=================================="
+ memory_details
+ echo "========================================================================"
+ fi
+ return 0
+}
+
+function run_simulator ()
+{
+ run_robottestlib
+ run_simulator_docker $1
+}
+
+function run_robottestlib ()
+{
+ #Start the robottest REST library if not started
+ if ! pgrep -f robottest > /dev/null
+ then
+ #Download the latest robottest jar
+ wget -q -O ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar "https://nexus.open-o.org/service/local/artifact/maven/redirect?r=snapshots&g=org.openo.integration&a=org.openo.robottest&e=jar&v=LATEST"
+ chmod +x ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar
+ eval `java -cp ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar org.openo.robot.test.robottest.MyRemoteLibrary` &
+ fi
+}
+
+function run_simulator_docker ()
+{
+ #Start the simulator docker if not started
+ SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator`
+ if [[ -z $SIMULATOR_IP ]]
+ then
+ echo "Starting simulator docker..."
+ SIMULATOR_JSON=$1
+ if [[ -z $SIMULATOR_JSON ]]
+ then
+ SIMULATOR_JSON=main.json
+ fi
+ docker run -d -i -t --name simulator -e SIMULATOR_JSON=$SIMULATOR_JSON -p 18009:18009 -p 18008:18008 openoint/simulate-test-docker
+ SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator`
+ fi
+
+ #Set the simulator IP in robot variables
+ ROBOT_VARIABLES=${ROBOT_VARIABLES}" -v SIMULATOR_IP:${SIMULATOR_IP} -v SCRIPTS:${SCRIPTS}"
+ echo ${ROBOT_VARIABLES}
+}
+
+function get_docker_compose_service ()
+{
+ local service=$1
+ local compose_file=${2:-docker-compose.yml}
+
+ echo $(docker-compose --file ./${compose_file} ps | grep $service | cut -d " " -f1 )
+}
+
+function bypass_ip_adress ()
+{
+ local ip_address=$1
+
+ if [[ $no_proxy && $no_proxy != *$ip_address* ]]; then
+ export no_proxy=$no_proxy,$ip_address
+ fi
+}
+
+function wait_for_service_init ()
+{
+ local service_url=$1
+
+ for delay in {1..50}; do
+ curl -sS ${service_url} && break
+ echo "$delay - Waiting for $service_url..."
+ sleep $delay
+ done
+}
diff --git a/csit/scripts/dmaap-datarouter/datarouter-launch.sh b/csit/scripts/dmaap-datarouter/datarouter-launch.sh
new file mode 100644
index 00000000..6d38913d
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/datarouter-launch.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2021 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+
+function dmaap_dr_launch() {
+
+ subscribers_required=$1
+ mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs
+
+ # start DMaaP DR containers with docker compose and configuration from docker-compose.yml
+ docker login -u docker -p docker nexus3.onap.org:10001
+ if [[ ${subscribers_required} == true ]]; then
+ docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d
+ else
+ docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d datarouter-prov datarouter-node mariadb
+ fi
+
+ # Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb
+ for i in 1 2 3 4 5 6 7 8 9 10; do
+ if [[ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ]] && \
+ [[ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ]] && \
+ [[ $(docker inspect --format '{{ .State.Running }}' mariadb) ]]
+ then
+ echo "DR Service Running"
+ break
+ else
+ echo sleep ${i}
+ sleep ${i}
+ fi
+ done
+
+ # Wait for healthy container datarouter-prov
+ for i in 1 2 3 4 5 6 7 8 9 10; do
+ if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]]
+ then
+ echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
+ echo "DR Service Running, datarouter-prov container is healthy"
+ break
+ else
+ echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)
+ echo sleep ${i}
+ sleep ${i}
+ if [[ ${i} = 10 ]]
+ then
+ echo datarouter-prov container is not in healthy state - the test is not made, teardown...
+ docker-compose rm -sf
+ exit 1
+ fi
+ fi
+ done
+
+ DR_PROV_IP=`get-instance-ip.sh datarouter-prov`
+ DR_NODE_IP=`get-instance-ip.sh datarouter-node`
+ DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov)
+ echo DR_PROV_IP=${DR_PROV_IP}
+ echo DR_NODE_IP=${DR_NODE_IP}
+ echo DR_GATEWAY_IP=${DR_GATEWAY_IP}
+ if [[ ${subscribers_required} == true ]]
+ then
+ DR_SUB_IP=`get-instance-ip.sh subscriber-node`
+ DR_SUB2_IP=`get-instance-ip.sh subscriber-node2`
+ echo DR_SUB_IP=${DR_SUB_IP}
+ echo DR_SUB2_IP=${DR_SUB2_IP}
+ fi
+
+
+ sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts
+ sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts
+
+ docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP"
+ docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP"
+
+ #Pass any variables required by Robot test suites in ROBOT_VARIABLES
+ ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}"
+} \ No newline at end of file
diff --git a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh
new file mode 100755
index 00000000..8958f28c
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh
@@ -0,0 +1,33 @@
+#!/bin/bash
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+function teardown_dmaap_dr (){
+ cd ${WORKSPACE}/archives/dmaap/dr
+ rm -rf last_run_logs/*
+ docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs
+ docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs
+ docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs
+ docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs
+ docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs
+ sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts
+ sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts
+ docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf
+ cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl
+ python -c 'import update_ca; update_ca.remove_onap_ca_cert()'
+} \ No newline at end of file
diff --git a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
new file mode 100644
index 00000000..9140d0fc
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
@@ -0,0 +1,118 @@
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019-21 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+#
+version: '2.1'
+services:
+ datarouter-prov:
+ image: onap/dmaap/datarouter-prov:latest
+ container_name: datarouter-prov
+ hostname: dmaap-dr-prov
+ ports:
+ - "443:8443"
+ - "8443:8443"
+ - "8080:8080"
+ volumes:
+ - ./provserver.properties:/opt/app/datartr/etc/provserver.properties
+ - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks
+ - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12
+ - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
+ depends_on:
+ mariadb:
+ condition: service_healthy
+ healthcheck:
+ test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"]
+ interval: 10s
+ timeout: 30s
+ retries: 5
+ networks:
+ net:
+ aliases:
+ - dmaap-dr-prov
+
+ datarouter-node:
+ image: onap/dmaap/datarouter-node:latest
+ container_name: datarouter-node
+ hostname: dmaap-dr-node
+ ports:
+ - "9443:8443"
+ - "9090:8080"
+ volumes:
+ - ./node.properties:/opt/app/datartr/etc/node.properties
+ - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks
+ - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12
+ - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
+ depends_on:
+ datarouter-prov:
+ condition: service_healthy
+ networks:
+ net:
+ aliases:
+ - dmaap-dr-node
+
+ datarouter-subscriber:
+ image: onap/dmaap/datarouter-subscriber:latest
+ container_name: subscriber-node
+ hostname: subscriber.com
+ ports:
+ - "7070:7070"
+ volumes:
+ - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+ networks:
+ net:
+ aliases:
+ - subscriber.com
+
+ datarouter-subscriber2:
+ image: onap/dmaap/datarouter-subscriber:latest
+ container_name: subscriber-node2
+ hostname: subscriber2.com
+ ports:
+ - "7071:7070"
+ volumes:
+ - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+ networks:
+ net:
+ aliases:
+ - subscriber2.com
+
+ mariadb:
+ image: nexus3.onap.org:10001/library/mariadb:10.2.14
+ container_name: mariadb
+ hostname: datarouter-mariadb
+ ports:
+ - "3306:3306"
+ environment:
+ MYSQL_ROOT_PASSWORD: datarouter
+ MYSQL_DATABASE: datarouter
+ MYSQL_USER: datarouter
+ MYSQL_PASSWORD: datarouter
+ healthcheck:
+ test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"]
+ interval: 10s
+ timeout: 30s
+ retries: 5
+ networks:
+ net:
+ aliases:
+ - datarouter-mariadb
+
+networks:
+ net:
+ driver: bridge
diff --git a/csit/scripts/dmaap-datarouter/docker-compose/node.properties b/csit/scripts/dmaap-datarouter/docker-compose/node.properties
new file mode 100644
index 00000000..58639cfd
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/docker-compose/node.properties
@@ -0,0 +1,82 @@
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+#
+# Configuration parameters set at startup for the DataRouter node
+#
+# URL to retrieve dynamic configuration
+ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov
+#
+# URL to upload PUB/DEL/EXP logs
+LogUploadURL = https://dmaap-dr-prov:8443/internal/logs
+#
+# The port number for http as seen within the server
+IntHttpPort = 8080
+#
+# The port number for https as seen within the server
+IntHttpsPort = 8443
+#
+# The external port number for https taking port mapping into account
+ExtHttpsPort = 443
+#
+# The minimum interval between fetches of the dynamic configuration from the provisioning server
+MinProvFetchInterval = 10000
+#
+# The minimum interval between saves of the redirection data file
+MinRedirSaveInterval = 10000
+#
+# The path to the directory where log files are stored
+LogDir = /opt/app/datartr/logs
+#
+# The retention interval (in days) for log files
+LogRetention = 30
+#
+# The path to the directories where data and meta data files are stored
+SpoolDir = /opt/app/datartr/spool
+#
+# The path to the redirection data file
+RedirectionFile = etc/redirections.dat
+#
+# The type of keystore for https
+KeyStoreType = PKCS12
+#
+# The type of truststore for https
+TrustStoreType = jks
+#
+# The path to the file used to trigger an orderly shutdown
+QuiesceFile = etc/SHUTDOWN
+#
+# The key used to generate passwords for node to node transfers
+NodeAuthKey = Node123!
+#
+# DR_NODE DEFAULT ENABLED TLS PROTOCOLS
+NodeHttpsProtocols = TLSv1.1|TLSv1.2
+#
+# AAF type to generate permission string
+AAFType = org.onap.dmaap-dr.feed
+#
+# AAF default instance to generate permission string - default should be legacy
+AAFInstance = legacy
+#
+# AAF action to generate permission string - default should be publish
+AAFAction = publish
+#
+# AAF CADI enabled flag
+CadiEnabled = false
+#
+# AAF Props file path
+AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props
diff --git a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties
new file mode 100755
index 00000000..b54868e2
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties
@@ -0,0 +1,55 @@
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+#Jetty Server properties
+org.onap.dmaap.datarouter.provserver.http.port = 8080
+org.onap.dmaap.datarouter.provserver.https.port = 8443
+org.onap.dmaap.datarouter.provserver.https.relaxation = true
+
+org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props
+
+org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs
+org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool
+org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc
+org.onap.dmaap.datarouter.provserver.logretention = 30
+
+#DMAAP-597 (Tech Dept) REST request source IP auth
+# relaxation to accommodate OOM kubernetes deploy
+org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false
+
+#Localhost address config
+org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1
+
+# Database access
+org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver
+org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter
+org.onap.dmaap.datarouter.db.login = datarouter
+org.onap.dmaap.datarouter.db.password = datarouter
+
+# PROV - DEFAULT ENABLED TLS PROTOCOLS
+org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2
+
+# AAF config
+org.onap.dmaap.datarouter.provserver.cadi.enabled = false
+
+org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234#
+org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed
+org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub
+org.onap.dmaap.datarouter.provserver.aaf.instance = legacy
+org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe \ No newline at end of file
diff --git a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties
new file mode 100644
index 00000000..311bbe56
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties
@@ -0,0 +1,35 @@
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+#Subscriber properties
+org.onap.dmaap.datarouter.subscriber.http.port = 7070
+org.onap.dmaap.datarouter.subscriber.https.port = 7443
+org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN
+org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD
+org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery
+
+org.onap.dmaap.datarouter.subscriber.https.relaxation = true
+org.onap.dmaap.datarouter.subscriber.keystore.type = jks
+org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit
+org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks
+org.onap.dmaap.datarouter.subscriber.keystore.password = changeit
+org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks
+org.onap.dmaap.datarouter.subscriber.truststore.password = changeit
+
+
+
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12
new file mode 100644
index 00000000..3793a9d4
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12
Binary files differ
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props
new file mode 100644
index 00000000..e32e7282
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# by root
+# on 2021-03-12T11:38:49.244+0000
+# @copyright 2019, AT&T
+############################################################
+Challenge=secret
+cadi_alias=dmaap-dr-node@dmaap-dr.onap.org
+cadi_key_password=secret
+#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12
+cadi_keystore_password=secret
+cadi_keystore_password_jks=secret
+cadi_keystore_password_p12=secret
+cadi_truststore=/opt/app/osaaf/local/truststore.jks
+cadi_truststore_password=secret
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks
new file mode 100644
index 00000000..91547c60
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks
Binary files differ
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12
new file mode 100755
index 00000000..1393fb05
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12
Binary files differ
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props
new file mode 100644
index 00000000..18f91ba8
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+# by root
+# on 2021-03-12T11:29:50.699+0000
+# @copyright 2019, AT&T
+############################################################
+Challenge=secret
+cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org
+cadi_key_password=secret
+#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile
+cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12
+cadi_keystore_password=secret
+cadi_keystore_password_jks=secret
+cadi_keystore_password_p12=secret
+cadi_truststore=/opt/app/osaaf/local/truststore.jks
+cadi_truststore_password=secret
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks
new file mode 100644
index 00000000..91547c60
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks
Binary files differ
diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
new file mode 100644
index 00000000..1f9d08e5
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
@@ -0,0 +1,40 @@
+
+# Issuer: C=US,O=ONAP,OU=OSAAF
+# Subject: C=US,O=ONAP,OU=OSAAF
+# Label: ""
+# Serial: 0x9EAEEDC0A7CEB59D
+# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F
+# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B
+# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA
+-----BEGIN CERTIFICATE-----
+MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL
+BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM
+BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1
+MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV
+BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj
+6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X
+SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI
+tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r
+4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY
+WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy
+uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991
+qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN
+Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM
+RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs
+wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj
+MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei
+Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8
+oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4
+RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb
+X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov
+yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90
+XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT
+EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5
+VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR
+OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi
+mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe
+jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt
+3arVcS9XgA==
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py
new file mode 100644
index 00000000..d36f8acc
--- /dev/null
+++ b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py
@@ -0,0 +1,65 @@
+# ============LICENSE_START===================================================
+# Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+import certifi
+import os
+
+
+def add_onap_ca_cert():
+ cafile = certifi.where()
+ dir_path = os.path.dirname(os.path.realpath(__file__))
+ datarouter_ca = dir_path + '/onap_ca_cert.pem'
+ with open(datarouter_ca, 'rb') as infile:
+ customca = infile.read()
+
+ with open(cafile, 'ab') as outfile:
+ outfile.write(customca)
+
+ print("Added DR Cert to CA")
+
+
+def remove_onap_ca_cert():
+ cafile = certifi.where()
+ number_of_lines_to_delete = 40
+ count = 0
+ dr_cert_exists = False
+
+ with open(cafile, 'r+b', buffering=0) as outfile:
+ for line in outfile.readlines()[-36:-35]:
+ if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line:
+ dr_cert_exists = True
+ if dr_cert_exists:
+ outfile.seek(0, os.SEEK_END)
+ end = outfile.tell()
+ while outfile.tell() > 0:
+ outfile.seek(-1, os.SEEK_CUR)
+ char = outfile.read(1)
+ if char == b'\n':
+ count += 1
+ if count == number_of_lines_to_delete:
+ outfile.truncate()
+ print(
+ "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File")
+ exit(0)
+ outfile.seek(-1, os.SEEK_CUR)
+ else:
+ print("No DR cert in CA File to remove")
+
+ if count < number_of_lines_to_delete + 1:
+ print("Number of lines in file less than number of lines to delete. Exiting...")
+ exit(1)
diff --git a/csit/scripts/get-instance-ip.sh b/csit/scripts/get-instance-ip.sh
new file mode 100755
index 00000000..a236c025
--- /dev/null
+++ b/csit/scripts/get-instance-ip.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+#
+# Copyright 2016-2017 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $1
diff --git a/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot b/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot
new file mode 100755
index 00000000..2f96cdc8
--- /dev/null
+++ b/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot
@@ -0,0 +1,179 @@
+*** Settings ***
+Library OperatingSystem
+Library RequestsLibrary
+Library requests
+Library Collections
+Library Process
+Library String
+
+*** Variables ***
+${TARGET_URL} https://dmaap-dr-prov:8443/
+${TARGET_URL_FEED} https://dmaap-dr-prov:8443/feed/1
+${TARGET_URL_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=csit_test
+${TARGET_URL_NOT_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=file_that_doesnt_exist
+${TARGET_URL_SUBSCRIBE} https://dmaap-dr-prov:8443/subscribe/1
+${TARGET_URL_SUBSCRIPTION} https://dmaap-dr-prov:8443/subs/1
+${TARGET_URL_PUBLISH_PROV} https://dmaap-dr-prov:8443/publish/1/csit_test
+${TARGET_URL_PUBLISH_NODE} https://dmaap-dr-node:8443/publish/1/csit_test
+${TARGET_URL_DELETE_FILE} https://dmaap-dr-node:8443/delete/2
+
+${FEED_CONTENT_TYPE} application/vnd.dmaap-dr.feed
+${SUBSCRIBE_CONTENT_TYPE} application/vnd.dmaap-dr.subscription
+${PUBLISH_FEED_CONTENT_TYPE} application/octet-stream
+
+${CREATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "CSIT_Test", "business_description": "CSIT_Test", "suspend": false, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}}
+${UPDATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "UPDATED-CSIT_Test", "business_description": "CSIT_Test", "suspend": true, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}}
+${SUBSCRIBE_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false}
+${UPDATE_SUBSCRIPTION_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"dradmin", "password":"dradmin", "use100":true}, "metadataOnly":false, "suspend":true, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false}
+${SUBSCRIBE2_DATA} {"delivery":{ "url":"http://${DR_SUB2_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"privileged", "privilegedSubscriber":true}
+
+${CLI_VERIFY_SUB_RECEIVED_FILE} docker exec subscriber-node /bin/sh -c "ls /opt/app/subscriber/delivery | grep csit_test"
+${CLI_VERIFY_FILE_REMAINS_ON_NODE} docker exec datarouter-node /bin/sh -c "ls /opt/app/datartr/spool/s/0/2 | grep dmaap-dr-node | grep -v .M"
+
+*** Test Cases ***
+Run Feed Creation
+ [Documentation] Feed Creation
+ [Timeout] 1 minute
+ ${resp}= PostCall ${TARGET_URL} ${CREATE_FEED_DATA} ${FEED_CONTENT_TYPE} dradmin
+ log ${TARGET_URL}
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 201
+ log 'JSON Response Code:'${resp}
+
+Run Subscribe to Feed
+ [Documentation] Subscribe to Feed
+ [Timeout] 1 minute
+ ${resp}= PostCall ${TARGET_URL_SUBSCRIBE} ${SUBSCRIBE_DATA} ${SUBSCRIBE_CONTENT_TYPE} dradmin
+ log ${TARGET_URL_SUBSCRIBE}
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 201
+ log 'JSON Response Code:'${resp}
+
+Run Subscribe to Feed with Privileged Subscription
+ [Documentation] Subscribe to Feed with privileged subscription
+ [Timeout] 1 minute
+ ${resp}= PostCall ${TARGET_URL_SUBSCRIBE} ${SUBSCRIBE2_DATA} ${SUBSCRIBE_CONTENT_TYPE} privileged
+ log ${TARGET_URL_SUBSCRIBE}
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 201
+ log 'JSON Response Code:'${resp}
+
+Run Publish to Feed
+ [Documentation] Publish to Feed
+ [Timeout] 1 minute
+ Sleep 10s Behaviour was noticed where feed was not created in time for publish to be sent
+ ${resp}= PutCall ${TARGET_URL_PUBLISH_PROV} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin
+ log ${TARGET_URL_PUBLISH_PROV}
+ Should Contain ${resp.headers['Location']} https://dmaap-dr-node:8443/publish/1/csit_test
+ ${resp}= PutCall ${TARGET_URL_PUBLISH_NODE} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin
+ Should Be Equal As Strings ${resp.status_code} 204
+ log 'JSON Response Code:'${resp}
+
+Verify Subscriber Received Published File
+ [Documentation] Verify file is delivered to datarouter-subscriber
+ [Timeout] 1 minute
+ Sleep 5s Time to allow subscriber to receive the file
+ ${cli_cmd_output}= Run Process ${CLI_VERIFY_SUB_RECEIVED_FILE} shell=yes
+ Log ${cli_cmd_output.stdout}
+ Should Be Equal As Strings ${cli_cmd_output.rc} 0
+ Should Contain ${cli_cmd_output.stdout} csit_test
+
+
+Verify File Remains On Privileged Subscriber And Delete It
+ [Documentation] Verify file has not been deleted on datarouter-node and delete it using DELETE API
+ [Timeout] 1 minute
+ ${cli_cmd_output}= Run Process ${CLI_VERIFY_FILE_REMAINS_ON_NODE} shell=yes
+ log ${cli_cmd_output.stdout}
+ Should Be Equal As Strings ${cli_cmd_output.rc} 0
+ Should Contain ${cli_cmd_output.stdout} dmaap-dr-node
+ ${resp}= DeleteCall ${TARGET_URL_DELETE_FILE}/${cli_cmd_output.stdout} dradmin
+ Should Be Equal As Strings ${resp.status_code} 200
+ log 'JSON Response Code:'${resp}
+ ${cli_cmd_output}= Run Process ${CLI_VERIFY_FILE_REMAINS_ON_NODE} shell=yes
+ log ${cli_cmd_output.stdout}
+ Should Be Equal As Strings ${cli_cmd_output.rc} 1
+
+Run Update Subscription
+ [Documentation] Update Subscription to suspend and change delivery credentials
+ [Timeout] 1 minute
+ ${resp}= PutCall ${TARGET_URL_SUBSCRIPTION} ${UPDATE_SUBSCRIPTION_DATA} ${SUBSCRIBE_CONTENT_TYPE} dradmin
+ log ${TARGET_URL_SUBSCRIPTION}
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 200
+ log 'JSON Response Code:'${resp}
+ ${resp}= GetCall ${TARGET_URL_SUBSCRIPTION} ${SUBSCRIBE_CONTENT_TYPE} dradmin
+ log ${resp.text}
+ Should Contain ${resp.text} "password":"dradmin","user":"dradmin"
+ log 'JSON Response Code:'${resp}
+
+Run Update Feed
+ [Documentation] Update Feed description and suspend
+ [Timeout] 1 minute
+ ${resp}= PutCall ${TARGET_URL_FEED} ${UPDATE_FEED_DATA} ${FEED_CONTENT_TYPE} dradmin
+ log ${TARGET_URL_FEED}
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 200
+ log 'JSON Response Code:'${resp}
+ ${resp}= GetCall ${TARGET_URL_FEED} ${FEED_CONTENT_TYPE} dradmin
+ log ${resp.text}
+ Should Contain ${resp.text} "UPDATED-CSIT_Test"
+ log 'JSON Response Code:'${resp}
+
+Run Get With Filename That Exists
+ [Documentation] Get publish record with a specified filename
+ [Timeout] 2 minutes
+ sleep 1 minute 45 seconds needed to ensure logs have been updated
+ ${resp}= GetCall ${TARGET_URL_EXISTS_LOGGING} ${FEED_CONTENT_TYPE} dradmin
+ log ${resp.text}
+ Should Contain ${resp.text} "fileName":"csit_test"
+ log 'JSON Response Code:'${resp}
+
+Run Get With Filename That Doesnt Exist
+ [Documentation] Get publish record with a specified filename
+ [Timeout] 1 minute
+ ${resp}= GetCall ${TARGET_URL_NOT_EXISTS_LOGGING} ${FEED_CONTENT_TYPE} dradmin
+ log ${resp.text}
+ Should Contain ${resp.text} []
+ log 'JSON Response Code:'${resp}
+
+
+Run Delete Subscription
+ [Documentation] Delete Subscription
+ [Timeout] 1 minute
+ ${resp}= DeleteCall ${TARGET_URL_SUBSCRIPTION} dradmin
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 204
+ log 'JSON Response Code:'${resp}
+
+Run Delete Feed
+ [Documentation] Delete Feed
+ [Timeout] 1 minute
+ ${resp}= DeleteCall ${TARGET_URL_FEED} dradmin
+ log ${resp.text}
+ Should Be Equal As Strings ${resp.status_code} 204
+ log 'JSON Response Code:'${resp}
+
+*** Keywords ***
+PostCall
+ [Arguments] ${url} ${data} ${content_type} ${user}
+ ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type}
+ ${resp}= Evaluate requests.post('${url}', data='${data}', headers=${headers}, verify=True) requests
+ [Return] ${resp}
+
+PutCall
+ [Arguments] ${url} ${data} ${content_type} ${user}
+ ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type} Authorization=Basic ZHJhZG1pbjpkcmFkbWlu
+ ${resp}= Evaluate requests.put('${url}', data='${data}', headers=${headers}, verify=True, allow_redirects=False) requests
+ [Return] ${resp}
+
+GetCall
+ [Arguments] ${url} ${content_type} ${user}
+ ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type}
+ ${resp}= Evaluate requests.get('${url}', headers=${headers}, verify=True) requests
+ [Return] ${resp}
+
+DeleteCall
+ [Arguments] ${url} ${user}
+ ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user}
+ ${resp}= Evaluate requests.delete('${url}', headers=${headers}, verify=True) requests
+ [Return] ${resp}