From d73829d6083d7d31bd780cfbc086476ae0da8bb0 Mon Sep 17 00:00:00 2001 From: efiacor Date: Fri, 16 Jul 2021 14:49:14 +0100 Subject: [DMAAP-DR] Migrate csit suite to the repo Signed-off-by: efiacor Change-Id: I284f6b235ef3bf3cd2685da488d89f41fcba1ea7 Issue-ID: DMAAP-1636 --- csit/scripts/common_functions.sh | 263 +++++++++++++++++++++ csit/scripts/dmaap-datarouter/datarouter-launch.sh | 92 +++++++ .../dmaap-datarouter/datarouter-teardown.sh | 33 +++ .../docker-compose/docker-compose.yml | 118 +++++++++ .../docker-compose/node.properties | 82 +++++++ .../docker-compose/provserver.properties | 55 +++++ .../docker-compose/subscriber.properties | 35 +++ .../dr_certs/dr_node/org.onap.dmaap-dr-node.p12 | Bin 0 -> 4596 bytes .../dr_certs/dr_node/org.onap.dmaap-dr.cred.props | 17 ++ .../dr_certs/dr_node/truststore.jks | Bin 0 -> 3234 bytes .../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 | Bin 0 -> 4596 bytes .../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props | 17 ++ .../dr_certs/dr_prov/truststore.jks | Bin 0 -> 3234 bytes .../dmaap-datarouter/robot_ssl/onap_ca_cert.pem | 40 ++++ .../dmaap-datarouter/robot_ssl/update_ca.py | 65 +++++ csit/scripts/get-instance-ip.sh | 17 ++ 16 files changed, 834 insertions(+) create mode 100755 csit/scripts/common_functions.sh create mode 100644 csit/scripts/dmaap-datarouter/datarouter-launch.sh create mode 100755 csit/scripts/dmaap-datarouter/datarouter-teardown.sh create mode 100644 csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml create mode 100644 csit/scripts/dmaap-datarouter/docker-compose/node.properties create mode 100755 csit/scripts/dmaap-datarouter/docker-compose/provserver.properties create mode 100644 csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties create mode 100644 csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 create mode 100644 csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props create mode 100644 csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks create mode 100755 csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 create mode 100644 csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props create mode 100644 csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks create mode 100644 csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem create mode 100644 csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py create mode 100755 csit/scripts/get-instance-ip.sh (limited to 'csit/scripts') diff --git a/csit/scripts/common_functions.sh b/csit/scripts/common_functions.sh new file mode 100755 index 00000000..684c4184 --- /dev/null +++ b/csit/scripts/common_functions.sh @@ -0,0 +1,263 @@ +#!/bin/bash + +# Copyright 2016-2017 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +function memory_details(){ + #General memory details + echo "> top -bn1 | head -3" + top -bn1 | head -3 + echo + + echo "> free -h" + free -h + echo + + #Memory details per Docker + echo "> docker ps" + docker ps + echo + + echo "> docker stats --no-stream" + docker stats --no-stream + echo +} +function fibonacci_number(){ + set +x + if [ $1 -le 1 ] + then + echo "1" + elif [ $1 -le 10 ] + then + Num=$1 + f1=0 + f2=1 + fn=-1 + for i in `eval echo {1..$Num}`;do + fn=$((f1+f2)) + f1=$f2 + f2=$fn + done + echo $fn + else + echo "30" + fi +} +function wait_curl_driver(){ + #Parameters: + #CURL_COMMAND - the URL on which the curl command will be executed + #GREP_STRING - Desired string to be found inside the body response of the + # previous curl command + #EXCLUDE_STRING - If the filtered string (GREP_STRING) must not exist in + # the body response of the curl + #WAIT_MESSAGE - the message to be displayed for logging purpose. (optional) + #REPEAT_NUMBER - the maximum number of tries before abandoning the curl + # command (optional, by default = 15) + #MAX_TIME - Maximum time allowed for the transfer (in seconds) + #STATUS_CODE - A HTTP status code desired to be found by getting the link + # /!\ IMPORTANT NOTICE: the usage of STATUS_CODE option turn GREP_STRING/ + # /!\ EXCLUDE_STRING/and the MAX_TIME options becomes obsolete with no + # /!\ execution impact + #MEMORY_USAGE - If Parameters exists shows the memory usage after curl + # execution(s) + + repeat_max=15 + parameters="$@" + + #WAIT_MESSAGE + if [[ $parameters == *"WAIT_MESSAGE"* ]] + then + wait_message=`echo $parameters | sed -e "s/.*WAIT_MESSAGE=//g"` + wait_message=`echo $wait_message | sed -e "s/ .*//g"` + else + wait_message="wait ..." + fi + + #REPEAT_NUMBER + if [[ $parameters == *"REPEAT_NUMBER"* ]] + then + repeat_max=`echo $parameters | sed -e "s/.*REPEAT_NUMBER=//g"` + repeat_max=`echo $repeat_max | sed -e "s/ .*//g"` + fi + + #CURL_COMMAND + if [[ $parameters == *"CURL_COMMAND"* ]] + then + curl_command=`echo $parameters | sed -e 's/.*CURL_COMMAND=//g'` + curl_command=`echo $curl_command | sed -e 's/ .*//g'` + else + echo "-Curl is empty-" # Or no parameterseter passed. + return 0 + fi + + #MAX_TIME + if [[ $parameters == *"MAX_TIME"* ]] + then + max_time=`echo $parameters | sed -e 's/.*MAX_TIME=//g'` + max_time=`echo $max_time | sed -e 's/ .*//g'` + else + max_time="5" + fi + + exclude_string="" + #EXCLUDE_STRING + if [[ $parameters == *"EXCLUDE_STRING"* ]] + then + exclude_string="-v" + fi + + status_code="" + #STATUS_CODE + if [[ $parameters == *"STATUS_CODE"* ]] + then + status_code=`echo $parameters | sed -e 's/.*STATUS_CODE=//g'` + status_code=`echo $status_code | sed -e 's/ .*//g'` + fi + + for i in `eval echo {1..$repeat_max}`; do + response_code=`curl -o /dev/null --silent --head --write-out '%{http_code}' $curl_command` + echo "..." + if [[ ! -z $status_code ]] ; then + if [ "$status_code" -eq "$response_code" ] + then + echo "SUCCESS:Actual Status code <$response_code> match the expected code <$status_code>" + return 0 + else + echo "WARNING:Expected <$status_code> but Actual <$response_code>" + fi + else + #GREP_STRING + if [[ $parameters == *"GREP_STRING"* ]] + then + grep_command=`echo $parameters | sed -e 's/.*GREP_STRING=//g'` + grep_command=`echo $grep_command | sed -e 's/ REPEAT_NUMBER=.*//g' | sed -e 's/ CURL_COMMAND=.*//g' | sed -e 's/ WAIT_MESSAGE=.*//g' | sed -e 's/ MAX_TIME=.*//g' | sed -e 's/ EXCLUDE_STRING.*//g'` + else + echo "-Grep_command is empty-" # Or no parameters passed. + return 0 + fi + + str=`curl -sS -m$max_time $curl_command | grep "$grep_command"` + echo "BODY::$str" + if [[ ! -z $exclude_string ]] + then + if [[ -z $str ]] + then + echo "SUCCESS: body response does not contains '$grep_command'"; + break; + else + echo "Fall_Short: Body response still contains '$grep_command'" + fi + else + if [[ ! -z $str ]] + then + echo "SUCCESS: body response contains '$grep_command'"; + break; + else + echo "Fall_Short: Element '$grep_command' not found yet # "$i"" + fi + fi + + if [ "$?" = "7" ]; then + echo 'Connection refused or can not connect to server/proxy'; + str='' + fi + fi + seconds2sleep=`fibonacci_number $i` + echo $wait_message + echo "Iteration::$i out of $repeat_max " + echo "Quiet time for $seconds2sleep seconds ..." + sleep $seconds2sleep + + # if waiting for a long time, log system load + if [ $i -gt 45 ] + then + memory_details + fi + done + #MEMORY_USAGE + if [[ $parameters == *"MEMORY_USAGE"* ]] + then + echo "==========================MEMORY USAGE==================================" + memory_details + echo "========================================================================" + fi + return 0 +} + +function run_simulator () +{ + run_robottestlib + run_simulator_docker $1 +} + +function run_robottestlib () +{ + #Start the robottest REST library if not started + if ! pgrep -f robottest > /dev/null + then + #Download the latest robottest jar + wget -q -O ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar "https://nexus.open-o.org/service/local/artifact/maven/redirect?r=snapshots&g=org.openo.integration&a=org.openo.robottest&e=jar&v=LATEST" + chmod +x ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar + eval `java -cp ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar org.openo.robot.test.robottest.MyRemoteLibrary` & + fi +} + +function run_simulator_docker () +{ + #Start the simulator docker if not started + SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator` + if [[ -z $SIMULATOR_IP ]] + then + echo "Starting simulator docker..." + SIMULATOR_JSON=$1 + if [[ -z $SIMULATOR_JSON ]] + then + SIMULATOR_JSON=main.json + fi + docker run -d -i -t --name simulator -e SIMULATOR_JSON=$SIMULATOR_JSON -p 18009:18009 -p 18008:18008 openoint/simulate-test-docker + SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator` + fi + + #Set the simulator IP in robot variables + ROBOT_VARIABLES=${ROBOT_VARIABLES}" -v SIMULATOR_IP:${SIMULATOR_IP} -v SCRIPTS:${SCRIPTS}" + echo ${ROBOT_VARIABLES} +} + +function get_docker_compose_service () +{ + local service=$1 + local compose_file=${2:-docker-compose.yml} + + echo $(docker-compose --file ./${compose_file} ps | grep $service | cut -d " " -f1 ) +} + +function bypass_ip_adress () +{ + local ip_address=$1 + + if [[ $no_proxy && $no_proxy != *$ip_address* ]]; then + export no_proxy=$no_proxy,$ip_address + fi +} + +function wait_for_service_init () +{ + local service_url=$1 + + for delay in {1..50}; do + curl -sS ${service_url} && break + echo "$delay - Waiting for $service_url..." + sleep $delay + done +} diff --git a/csit/scripts/dmaap-datarouter/datarouter-launch.sh b/csit/scripts/dmaap-datarouter/datarouter-launch.sh new file mode 100644 index 00000000..6d38913d --- /dev/null +++ b/csit/scripts/dmaap-datarouter/datarouter-launch.sh @@ -0,0 +1,92 @@ +#!/bin/bash +# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +function dmaap_dr_launch() { + + subscribers_required=$1 + mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs + + # start DMaaP DR containers with docker compose and configuration from docker-compose.yml + docker login -u docker -p docker nexus3.onap.org:10001 + if [[ ${subscribers_required} == true ]]; then + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d + else + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d datarouter-prov datarouter-node mariadb + fi + + # Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb + for i in 1 2 3 4 5 6 7 8 9 10; do + if [[ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ]] && \ + [[ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ]] && \ + [[ $(docker inspect --format '{{ .State.Running }}' mariadb) ]] + then + echo "DR Service Running" + break + else + echo sleep ${i} + sleep ${i} + fi + done + + # Wait for healthy container datarouter-prov + for i in 1 2 3 4 5 6 7 8 9 10; do + if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]] + then + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo "DR Service Running, datarouter-prov container is healthy" + break + else + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo sleep ${i} + sleep ${i} + if [[ ${i} = 10 ]] + then + echo datarouter-prov container is not in healthy state - the test is not made, teardown... + docker-compose rm -sf + exit 1 + fi + fi + done + + DR_PROV_IP=`get-instance-ip.sh datarouter-prov` + DR_NODE_IP=`get-instance-ip.sh datarouter-node` + DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) + echo DR_PROV_IP=${DR_PROV_IP} + echo DR_NODE_IP=${DR_NODE_IP} + echo DR_GATEWAY_IP=${DR_GATEWAY_IP} + if [[ ${subscribers_required} == true ]] + then + DR_SUB_IP=`get-instance-ip.sh subscriber-node` + DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` + echo DR_SUB_IP=${DR_SUB_IP} + echo DR_SUB2_IP=${DR_SUB2_IP} + fi + + + sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts + sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts + + docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" + + #Pass any variables required by Robot test suites in ROBOT_VARIABLES + ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}" +} \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh new file mode 100755 index 00000000..8958f28c --- /dev/null +++ b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +function teardown_dmaap_dr (){ + cd ${WORKSPACE}/archives/dmaap/dr + rm -rf last_run_logs/* + docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs + docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs + docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs + docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs + docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs + sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts + sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf + cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl + python -c 'import update_ca; update_ca.remove_onap_ca_cert()' +} \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml new file mode 100644 index 00000000..9140d0fc --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml @@ -0,0 +1,118 @@ +# +# ============LICENSE_START======================================================= +# Copyright (C) 2019-21 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# +# +version: '2.1' +services: + datarouter-prov: + image: onap/dmaap/datarouter-prov:latest + container_name: datarouter-prov + hostname: dmaap-dr-prov + ports: + - "443:8443" + - "8443:8443" + - "8080:8080" + volumes: + - ./provserver.properties:/opt/app/datartr/etc/provserver.properties + - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks + - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 + - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + depends_on: + mariadb: + condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"] + interval: 10s + timeout: 30s + retries: 5 + networks: + net: + aliases: + - dmaap-dr-prov + + datarouter-node: + image: onap/dmaap/datarouter-node:latest + container_name: datarouter-node + hostname: dmaap-dr-node + ports: + - "9443:8443" + - "9090:8080" + volumes: + - ./node.properties:/opt/app/datartr/etc/node.properties + - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks + - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 + - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + depends_on: + datarouter-prov: + condition: service_healthy + networks: + net: + aliases: + - dmaap-dr-node + + datarouter-subscriber: + image: onap/dmaap/datarouter-subscriber:latest + container_name: subscriber-node + hostname: subscriber.com + ports: + - "7070:7070" + volumes: + - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + net: + aliases: + - subscriber.com + + datarouter-subscriber2: + image: onap/dmaap/datarouter-subscriber:latest + container_name: subscriber-node2 + hostname: subscriber2.com + ports: + - "7071:7070" + volumes: + - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + net: + aliases: + - subscriber2.com + + mariadb: + image: nexus3.onap.org:10001/library/mariadb:10.2.14 + container_name: mariadb + hostname: datarouter-mariadb + ports: + - "3306:3306" + environment: + MYSQL_ROOT_PASSWORD: datarouter + MYSQL_DATABASE: datarouter + MYSQL_USER: datarouter + MYSQL_PASSWORD: datarouter + healthcheck: + test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"] + interval: 10s + timeout: 30s + retries: 5 + networks: + net: + aliases: + - datarouter-mariadb + +networks: + net: + driver: bridge diff --git a/csit/scripts/dmaap-datarouter/docker-compose/node.properties b/csit/scripts/dmaap-datarouter/docker-compose/node.properties new file mode 100644 index 00000000..58639cfd --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/node.properties @@ -0,0 +1,82 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== +# +# Configuration parameters set at startup for the DataRouter node +# +# URL to retrieve dynamic configuration +ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +# +# URL to upload PUB/DEL/EXP logs +LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +# +# The port number for http as seen within the server +IntHttpPort = 8080 +# +# The port number for https as seen within the server +IntHttpsPort = 8443 +# +# The external port number for https taking port mapping into account +ExtHttpsPort = 443 +# +# The minimum interval between fetches of the dynamic configuration from the provisioning server +MinProvFetchInterval = 10000 +# +# The minimum interval between saves of the redirection data file +MinRedirSaveInterval = 10000 +# +# The path to the directory where log files are stored +LogDir = /opt/app/datartr/logs +# +# The retention interval (in days) for log files +LogRetention = 30 +# +# The path to the directories where data and meta data files are stored +SpoolDir = /opt/app/datartr/spool +# +# The path to the redirection data file +RedirectionFile = etc/redirections.dat +# +# The type of keystore for https +KeyStoreType = PKCS12 +# +# The type of truststore for https +TrustStoreType = jks +# +# The path to the file used to trigger an orderly shutdown +QuiesceFile = etc/SHUTDOWN +# +# The key used to generate passwords for node to node transfers +NodeAuthKey = Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF CADI enabled flag +CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties new file mode 100755 index 00000000..b54868e2 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties @@ -0,0 +1,55 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +#Jetty Server properties +org.onap.dmaap.datarouter.provserver.http.port = 8080 +org.onap.dmaap.datarouter.provserver.https.port = 8443 +org.onap.dmaap.datarouter.provserver.https.relaxation = true + +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + +org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs +org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool +org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc +org.onap.dmaap.datarouter.provserver.logretention = 30 + +#DMAAP-597 (Tech Dept) REST request source IP auth +# relaxation to accommodate OOM kubernetes deploy +org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false + +#Localhost address config +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 + +# Database access +org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter +org.onap.dmaap.datarouter.db.login = datarouter +org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties new file mode 100644 index 00000000..311bbe56 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties @@ -0,0 +1,35 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +#Subscriber properties +org.onap.dmaap.datarouter.subscriber.http.port = 7070 +org.onap.dmaap.datarouter.subscriber.https.port = 7443 +org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN +org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD +org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery + +org.onap.dmaap.datarouter.subscriber.https.relaxation = true +org.onap.dmaap.datarouter.subscriber.keystore.type = jks +org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit +org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks +org.onap.dmaap.datarouter.subscriber.keystore.password = changeit +org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks +org.onap.dmaap.datarouter.subscriber.truststore.password = changeit + + + diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 new file mode 100644 index 00000000..3793a9d4 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..e32e7282 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2021-03-12T11:38:49.244+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=secret +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_key_password=secret +#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 +cadi_keystore_password=secret +cadi_keystore_password_jks=secret +cadi_keystore_password_p12=secret +cadi_truststore=/opt/app/osaaf/local/truststore.jks +cadi_truststore_password=secret +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks new file mode 100644 index 00000000..91547c60 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 new file mode 100755 index 00000000..1393fb05 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..18f91ba8 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2021-03-12T11:29:50.699+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=secret +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_key_password=secret +#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 +cadi_keystore_password=secret +cadi_keystore_password_jks=secret +cadi_keystore_password_p12=secret +cadi_truststore=/opt/app/osaaf/local/truststore.jks +cadi_truststore_password=secret +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks new file mode 100644 index 00000000..91547c60 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks differ diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem new file mode 100644 index 00000000..1f9d08e5 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem @@ -0,0 +1,40 @@ + +# Issuer: C=US,O=ONAP,OU=OSAAF +# Subject: C=US,O=ONAP,OU=OSAAF +# Label: "" +# Serial: 0x9EAEEDC0A7CEB59D +# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F +# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B +# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA +-----BEGIN CERTIFICATE----- +MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL +BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM +BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1 +MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV +BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj +6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X +SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI +tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r +4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY +WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy +uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991 +qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN +Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM +RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs +wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj +MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei +Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8 +oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4 +RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb +X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov +yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90 +XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT +EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5 +VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR +OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi +mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe +jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt +3arVcS9XgA== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py new file mode 100644 index 00000000..d36f8acc --- /dev/null +++ b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py @@ -0,0 +1,65 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +import certifi +import os + + +def add_onap_ca_cert(): + cafile = certifi.where() + dir_path = os.path.dirname(os.path.realpath(__file__)) + datarouter_ca = dir_path + '/onap_ca_cert.pem' + with open(datarouter_ca, 'rb') as infile: + customca = infile.read() + + with open(cafile, 'ab') as outfile: + outfile.write(customca) + + print("Added DR Cert to CA") + + +def remove_onap_ca_cert(): + cafile = certifi.where() + number_of_lines_to_delete = 40 + count = 0 + dr_cert_exists = False + + with open(cafile, 'r+b', buffering=0) as outfile: + for line in outfile.readlines()[-36:-35]: + if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line: + dr_cert_exists = True + if dr_cert_exists: + outfile.seek(0, os.SEEK_END) + end = outfile.tell() + while outfile.tell() > 0: + outfile.seek(-1, os.SEEK_CUR) + char = outfile.read(1) + if char == b'\n': + count += 1 + if count == number_of_lines_to_delete: + outfile.truncate() + print( + "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File") + exit(0) + outfile.seek(-1, os.SEEK_CUR) + else: + print("No DR cert in CA File to remove") + + if count < number_of_lines_to_delete + 1: + print("Number of lines in file less than number of lines to delete. Exiting...") + exit(1) diff --git a/csit/scripts/get-instance-ip.sh b/csit/scripts/get-instance-ip.sh new file mode 100755 index 00000000..a236c025 --- /dev/null +++ b/csit/scripts/get-instance-ip.sh @@ -0,0 +1,17 @@ +#!/bin/bash +# +# Copyright 2016-2017 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $1 -- cgit 1.2.3-korg