summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorebo <eliezio.oliveira@est.tech>2020-03-01 23:41:37 +0000
committerMorgan Richomme <morgan.richomme@orange.com>2020-03-04 07:39:01 +0000
commit080e04538cbaff52dc46c0b3208b9f60f3479ba7 (patch)
tree741a3030db7a39887416eec377820d56514ceb3f
parent76c43bfd668d4f112a3845c631459643e405304a (diff)
Fixed the SSH configuration of user 'netconf'
The actual SSH configuration is stored in Sysrepo and not as ordinary ~netconf/.ssh files. Issue-ID: INT-1124 Change-Id: I7e16e09a20ac6f2d52c8958550603935b6790283 Signed-off-by: ebo <eliezio.oliveira@est.tech>
-rw-r--r--test/mocks/netconf-pnp-simulator/docs/examples/mynetconf/docker-compose.yml2
-rw-r--r--test/mocks/netconf-pnp-simulator/engine/Dockerfile8
-rw-r--r--test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa27
-rw-r--r--test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa.pub1
-rw-r--r--test/mocks/netconf-pnp-simulator/engine/config/ssh/load_auth_pubkey.xml12
-rw-r--r--test/mocks/netconf-pnp-simulator/engine/container-tag.yaml2
-rwxr-xr-xtest/mocks/netconf-pnp-simulator/engine/entrypoint.sh7
-rw-r--r--test/mocks/netconf-pnp-simulator/modules/docker-compose.yml2
8 files changed, 50 insertions, 11 deletions
diff --git a/test/mocks/netconf-pnp-simulator/docs/examples/mynetconf/docker-compose.yml b/test/mocks/netconf-pnp-simulator/docs/examples/mynetconf/docker-compose.yml
index ee70c4fd9..5d8ba5acc 100644
--- a/test/mocks/netconf-pnp-simulator/docs/examples/mynetconf/docker-compose.yml
+++ b/test/mocks/netconf-pnp-simulator/docs/examples/mynetconf/docker-compose.yml
@@ -2,7 +2,7 @@ version: '3'
services:
netopeer2:
- image: nexus3.onap.org:10001/onap/integration/simulators/netconf-pnp-simulator:2.6.0
+ image: nexus3.onap.org:10001/onap/integration/simulators/netconf-pnp-simulator:2.6.1
container_name: mynetconf
restart: always
ports:
diff --git a/test/mocks/netconf-pnp-simulator/engine/Dockerfile b/test/mocks/netconf-pnp-simulator/engine/Dockerfile
index 5432b646a..426606953 100644
--- a/test/mocks/netconf-pnp-simulator/engine/Dockerfile
+++ b/test/mocks/netconf-pnp-simulator/engine/Dockerfile
@@ -142,7 +142,6 @@ RUN set -eux \
&& apk add \
libcurl \
libev \
- openssh-keygen \
pcre \
protobuf-c \
# v0.9.3 has somes bugs as warned in libnetconf2/CMakeLists.txt:237
@@ -162,13 +161,6 @@ RUN adduser --system --disabled-password --gecos 'Netconf User' netconf
ENV HOME=/home/netconf
VOLUME $HOME/.local/share/virtualenvs
-# generate ssh keys for netconf user
-RUN set -eux \
- && mkdir -p $HOME/.cache \
- && mkdir -p $HOME/.ssh \
- && ssh-keygen -t dsa -P '' -f $HOME/.ssh/id_dsa \
- && cat $HOME/.ssh/id_dsa.pub > $HOME/.ssh/authorized_keys
-
EXPOSE 830
COPY supervisord.conf /etc/supervisord.conf
diff --git a/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa b/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa
new file mode 100644
index 000000000..bef767251
--- /dev/null
+++ b/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa
@@ -0,0 +1,27 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABFwAAAAdzc2gtcn
+NhAAAAAwEAAQAAAQEA+KQmP43rUq7Dd06EMEiKKRMAxBabO5d9u2646qfGtL15hrjc7b5z
+Q7kMhg+ZSiw3ivnRks/mh3Qpw/9dKyFUlcZ8P0wshlhh7GB6V6itGXYieh11/BahspUyWV
+k4ki0g61MJPDKvLiJN0ncuRPchoCnJgORiJwULqjIWW87dSoS4cqeu/nSCfg92/yc0sj0R
+7fVzAaRk2DBLoYwTNmh+QvaZba5katjSBf3Ek9XonYU1dsDEqhpvY8AxuwsMQHmL2p9XGs
+2SKyH2O2v6w97G8Uj5cx/dp1IcPJtKp3iow1jvpMwiVZVkP6vXOoYOvTdrQXLWHpd1kxcN
+brG2xv2QhQAAA8A9tQcJPbUHCQAAAAdzc2gtcnNhAAABAQD4pCY/jetSrsN3ToQwSIopEw
+DEFps7l327brjqp8a0vXmGuNztvnNDuQyGD5lKLDeK+dGSz+aHdCnD/10rIVSVxnw/TCyG
+WGHsYHpXqK0ZdiJ6HXX8FqGylTJZWTiSLSDrUwk8Mq8uIk3Sdy5E9yGgKcmA5GInBQuqMh
+Zbzt1KhLhyp67+dIJ+D3b/JzSyPRHt9XMBpGTYMEuhjBM2aH5C9pltrmRq2NIF/cST1eid
+hTV2wMSqGm9jwDG7CwxAeYvan1cazZIrIfY7a/rD3sbxSPlzH92nUhw8m0qneKjDWO+kzC
+JVlWQ/q9c6hg69N2tBctYel3WTFw1usbbG/ZCFAAAAAwEAAQAAAQEA5a3kcxLrDV7Iyx3p
+eByaG6UlMP3c+ahQCeMWyBShtnXMm8mKs8cY/LckvXYNWPoNeMCaem63+eoxZo8vBldspk
+pKncIE4zkjg9H/UZhMBlgdMwah5XMWfTva3bRQUJ+FaDw1LLl5Hzmq/77+K9DJ7ASN0hWm
+IXtEsjxAcSBfRKQRDJbDJcniUOgmeeU6CwAv9IyLkGVJ77U8rTV6dq1LoqqTgFxPre/Uej
+AXUBPycwqH3eY+1sbF6+B5JrE3iwGBR1HFSJTqvPlGLYyQuwI/9IB6Lb6sNpYSLWMPsE6F
+4UasjHixgm+dggQcUF5FyA2d+FQ4fPTvkXNjhcelEOAWRQAAAIEA3hgaO/1j4A2fB02mho
+Nfc6XfGA24Z1MlFDGy2R+X9T73QGpLI24ruQ87V7tbNJapo1eMbiVZBzSN01oL2JILzQxJ
+ZFvjCKeNyTCEtpOqvB4kaU77H5T10qT81WkzlUwI/K5k5/rtur8VBioZo/2HsUrRNX/QBO
+/tKE4/xg6jl/AAAACBAP0R3HxL3xWBRi81+nF/g/WUcos0AwElOYXU1Ua1coBKXYr5Zh85
+pMrcjbInAtKD2QVPSzpvU8krpWSKCr8o4yTO/QtwTk6eIATRGjgJSPwxsFuvG4T6/gDOI7
+6ib6syomWm91rK4NTRcpSkgJzh4/OwiMRvWXbrcdvW6tk0ekHbAAAAgQD7hSlDCxgTFixb
+U40Zu5zn19/2GK+Vbr3wBWlaGsngjnpwq3ek3XGSBwJ7z7/J5B3RPEJxE8sdtd5APp7FF7
+fozImitj1D+WFP0Sy0HLLy6djn/rdFOoVZ4x00g5k9B7fqAd5YRaRaG8Uwnt18wcQnHZ1G
+7EBzCxu08G0XYEv1HwAAAAduZXRjb25mAQI=
+-----END OPENSSH PRIVATE KEY-----
diff --git a/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa.pub b/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa.pub
new file mode 100644
index 000000000..8c5994e17
--- /dev/null
+++ b/test/mocks/netconf-pnp-simulator/engine/config/ssh/id_rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD4pCY/jetSrsN3ToQwSIopEwDEFps7l327brjqp8a0vXmGuNztvnNDuQyGD5lKLDeK+dGSz+aHdCnD/10rIVSVxnw/TCyGWGHsYHpXqK0ZdiJ6HXX8FqGylTJZWTiSLSDrUwk8Mq8uIk3Sdy5E9yGgKcmA5GInBQuqMhZbzt1KhLhyp67+dIJ+D3b/JzSyPRHt9XMBpGTYMEuhjBM2aH5C9pltrmRq2NIF/cST1eidhTV2wMSqGm9jwDG7CwxAeYvan1cazZIrIfY7a/rD3sbxSPlzH92nUhw8m0qneKjDWO+kzCJVlWQ/q9c6hg69N2tBctYel3WTFw1usbbG/ZCF netconf
diff --git a/test/mocks/netconf-pnp-simulator/engine/config/ssh/load_auth_pubkey.xml b/test/mocks/netconf-pnp-simulator/engine/config/ssh/load_auth_pubkey.xml
new file mode 100644
index 000000000..4f35c2fd2
--- /dev/null
+++ b/test/mocks/netconf-pnp-simulator/engine/config/ssh/load_auth_pubkey.xml
@@ -0,0 +1,12 @@
+<system xmlns="urn:ietf:params:xml:ns:yang:ietf-system">
+ <authentication>
+ <user>
+ <name>netconf</name>
+ <authorized-key>
+ <name>id_rsa</name>
+ <algorithm>ssh-rsa</algorithm>
+ <key-data>AAAAB3NzaC1yc2EAAAADAQABAAABAQD4pCY/jetSrsN3ToQwSIopEwDEFps7l327brjqp8a0vXmGuNztvnNDuQyGD5lKLDeK+dGSz+aHdCnD/10rIVSVxnw/TCyGWGHsYHpXqK0ZdiJ6HXX8FqGylTJZWTiSLSDrUwk8Mq8uIk3Sdy5E9yGgKcmA5GInBQuqMhZbzt1KhLhyp67+dIJ+D3b/JzSyPRHt9XMBpGTYMEuhjBM2aH5C9pltrmRq2NIF/cST1eidhTV2wMSqGm9jwDG7CwxAeYvan1cazZIrIfY7a/rD3sbxSPlzH92nUhw8m0qneKjDWO+kzCJVlWQ/q9c6hg69N2tBctYel3WTFw1usbbG/ZCF</key-data>
+ </authorized-key>
+ </user>
+ </authentication>
+</system>
diff --git a/test/mocks/netconf-pnp-simulator/engine/container-tag.yaml b/test/mocks/netconf-pnp-simulator/engine/container-tag.yaml
index f705e1e02..cd982b9ac 100644
--- a/test/mocks/netconf-pnp-simulator/engine/container-tag.yaml
+++ b/test/mocks/netconf-pnp-simulator/engine/container-tag.yaml
@@ -1 +1 @@
-tag: "2.6.0"
+tag: "2.6.1"
diff --git a/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh b/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh
index 951ca474b..48a5e5a40 100755
--- a/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh
+++ b/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh
@@ -28,6 +28,7 @@ set -o xtrace
export PATH=/opt/bin:/usr/local/bin:/usr/bin:/bin
CONFIG=/config
+SSH_CONFIG=$CONFIG/ssh
TLS_CONFIG=$CONFIG/tls
MODELS_CONFIG=$CONFIG/modules
KEY_PATH=/opt/etc/keystored/keys
@@ -55,6 +56,11 @@ find_executable() {
done
}
+configure_ssh()
+{
+ sysrepocfg --datastore=startup --format=xml ietf-system --import=$SSH_CONFIG/load_auth_pubkey.xml
+}
+
configure_tls()
{
cp $TLS_CONFIG/server_key.pem $KEY_PATH
@@ -126,6 +132,7 @@ create_python_venv()
echo $env_dir
}
+configure_ssh
configure_tls
configure_modules
diff --git a/test/mocks/netconf-pnp-simulator/modules/docker-compose.yml b/test/mocks/netconf-pnp-simulator/modules/docker-compose.yml
index ac0304380..8176e3b95 100644
--- a/test/mocks/netconf-pnp-simulator/modules/docker-compose.yml
+++ b/test/mocks/netconf-pnp-simulator/modules/docker-compose.yml
@@ -2,7 +2,7 @@ version: '3'
services:
netconf-pnp-simulator:
- image: nexus3.onap.org:10001/onap/integration/simulators/netconf-pnp-simulator:2.6.0
+ image: nexus3.onap.org:10001/onap/integration/simulators/netconf-pnp-simulator:2.6.1
container_name: netconf-pnp-simulator
restart: always
ports: