diff options
author | Krzysztof Gajewski <krzysztof.gajewski@nokia.com> | 2021-02-01 17:46:51 +0100 |
---|---|---|
committer | Krzysztof Gajewski <krzysztof.gajewski@nokia.com> | 2021-02-11 18:12:27 +0100 |
commit | c746882a07952a0cd460e6fa8bcac246289db6b9 (patch) | |
tree | f1398e07e0916d19860f52e48191597d0ff5e9b0 /test/mocks/datafilecollector-testharness | |
parent | ae43fa6fee1bb5b8cb68e21f50b477c084ef21eb (diff) |
Add HTTPS to DFC tests
- testing environment preparation for DFC with HTTPS client
(expand existing http server)
- add suitable TCs for CSIT tests
Issue-ID: DCAEGEN2-2528
Signed-off-by: Krzysztof Gajewski <krzysztof.gajewski@nokia.com>
Change-Id: Ifa8abb827e269d76144fc74c65031dd387fe5fe7
Diffstat (limited to 'test/mocks/datafilecollector-testharness')
48 files changed, 1137 insertions, 203 deletions
diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh new file mode 100755 index 000000000..6dacd49ec --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc400" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh new file mode 100755 index 000000000..953f41ca2 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 5MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc401" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="5MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 5000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh new file mode 100755 index 000000000..c406c1f2e --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 50MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc402" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="50MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 50000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh new file mode 100755 index 000000000..86c0f7e28 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS client certificate authentication, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc403" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh new file mode 100755 index 000000000..90ef7ccf0 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS no clientt authentication, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc404" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh b/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh index bfe9b9e4f..0593c52bb 100755 --- a/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh +++ b/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# TS_ONELINE_DESCR="Single file tests suite" @@ -8,15 +17,20 @@ suite_setup ############# TEST CASES ################# -./FTC1.sh $1 $2 -./FTC2.sh $1 $2 -./FTC3.sh $1 $2 -./FTC4.sh $1 $2 -./FTC5.sh $1 $2 -./FTC6.sh $1 $2 -./FTC7.sh $1 $2 -./FTC8.sh $1 $2 -./FTC9.sh $1 $2 +./FTC1.sh "$1" "$2" +./FTC2.sh "$1" "$2" +./FTC3.sh "$1" "$2" +./FTC4.sh "$1" "$2" +./FTC5.sh "$1" "$2" +./FTC6.sh "$1" "$2" +./FTC7.sh "$1" "$2" +./FTC8.sh "$1" "$2" +./FTC9.sh "$1" "$2" +./FTC400.sh "$1" "$2" +./FTC401.sh "$1" "$2" +./FTC402.sh "$1" "$2" +./FTC403.sh "$1" "$2" +./FTC404.sh "$1" "$2" ########################################## diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem new file mode 100644 index 000000000..b876f2a99 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCTVPk0SJYjfGLZ +ToXsNWVDQTjgsCJ/8YtPl4Z+kT0DJJO6CusCZnsTknr0exzu2WuXpoC4Y7w79civ +1sOWMqRI+wwNtXGDyoJPFCOAiWk8aeOS1mXM4g+tFZjDjMJbbjbeaQbFLOJw+1ri +6PI7gQPz4pPGY+Yd8pKo8WubRSWWlM2HSKp0Fmdt5elmjSqBKJMhvv0SzDt7YwNv +fOVCayGDyIe99trmalv+dpgP8WVSqm/hupDo4LwFcoZDrlphZWjDurRpPFqwyXB7 +VUp12Bu7LeFsxcGz9uVCnh1Ol2rWU9zHgI32r/9JbzWOqF+DdvQxJ9Ce43Slxs+j +lONjPfSVAgMBAAECggEAIBEGjFKgGukfupxUmayldZXkg0LSv3YbFB+uri1+UgjL +/loR/FvBvejLyhphmbrIqCEdMwTCG2rLWzorJ62uBBRf8zvikQSqh/uiHn/J39RM +K9FuJsGtF8bzkNw6ERxT5OSHDLNQNbb/eROqZTkXWyWddDiaBTqeoRaqjQjnvXYf +2nchun8UfNrNO1Hnxf1shYNMgYpdSIYybh6+BmNgUpm1R22as7oD/o+xtTJhp8/s +k8PybdV4a3JufZcPZKCCA4+XPtxLejDBIpV8ndoriaz+qcR3pd0VaXVPC8qSGOoX +IaYAQQx9UvenOIcpPfUMmtO7FilEZDaK7IQXPsTMoQKBgQDmqsTL3aL7a3OufCEo +3dC5iv5bm3IcTPNA2kINh0k8n3nllfKQwZzyKqtT7uzKxo3XuQMF2NL9q6ZcwpPG +BZCDBLoOGgnRZF5KzPArHoLUeI1KINGcVBpYZpxpS6ys3CNQFhov8wC/E7dys7+j +jxZ70BKzKb+OceuVBzT3mrsRRwKBgQCjgzpIO2hidnhd1sRlI8Cd84HZzjy1mXvE +g/q7f2Dyti6eHaCbrBysb/Dg+OLiJ0qarV+0qx63lgyYDyWLrYeIfaVIlKAwKeJB +5/6fNZ0vpPgGKUuPSxnxY+0plQzznO6ldwPWox1nj11pQlCCbnLyIsN03N6BT/Hu +B1uwk+OZQwKBgQDdULvBXsYhtNcpcq/eJfU+EL475sl1nd9HOiJmGIeMQvcR8Ozr +Ntj/ATGhNny7kgZGFJ1x3reR7D+SgJ6IQI6HJuHc5d7FqSdPXZKRzJR6h7AIj7SN +6aPdbZZk8NachBrdnFdD6kOtEZ3Rz+TvaTqJUPqgLE4+vc7rDh8j8rHJwQKBgAJ5 +mgg93faflHLXLWHaiK/bX7vMQ178U8NFvCXaZ71ExK/gAu5YTJbPmvXMzqJdteNh +fHFfpbdhrg8fK5JRrhuCy12t4j7YY3Rb7p66UQbHmHl/ZoVkvZ/Jw209tFR7q6EV +jBlTnr5SjTdqqY1P3q2LmSnLrhKHA0J3GgwyMN/BAoGAbwJrqrTD5al5GZDmQLpF +18ncYSp26/l4Na0vzAU+0JzNvbTyDLfWXXfx1+Ap4omI12gKp+hPVzvy4R2Pvw29 +vrSmKIluW/8NhCwyndJqmR3/TfLJNbVoCCP5PoXCJScCNia/4syxBHd+8B/Mbh/Q +Vh3VsUe1aj3w3k/zgiHM7Ec= +-----END RSA PRIVATE KEY----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem new file mode 100644 index 000000000..c541ef03a --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEcTCCAtmgAwIBAgIUOGJE5uY0d4BxflhwhgzVZnYRZcwwDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRhNzdhNzMxOTYxZjYwMzkxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjEwMjEwMTUyMDI5WhcNMjMwMjEwMTUxMjA3WjB3MREwDwYDVQQD +DAhvbmFwLm9yZzENMAsGA1UECwwET05BUDEZMBcGA1UECgwQTGludXgtRm91bmRh +dGlvbjEWMBQGA1UEBwwNU2FuLUZyYW5jaXNjbzETMBEGA1UECAwKQ2FsaWZvcm5p +YTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT +VPk0SJYjfGLZToXsNWVDQTjgsCJ/8YtPl4Z+kT0DJJO6CusCZnsTknr0exzu2WuX +poC4Y7w79civ1sOWMqRI+wwNtXGDyoJPFCOAiWk8aeOS1mXM4g+tFZjDjMJbbjbe +aQbFLOJw+1ri6PI7gQPz4pPGY+Yd8pKo8WubRSWWlM2HSKp0Fmdt5elmjSqBKJMh +vv0SzDt7YwNvfOVCayGDyIe99trmalv+dpgP8WVSqm/hupDo4LwFcoZDrlphZWjD +urRpPFqwyXB7VUp12Bu7LeFsxcGz9uVCnh1Ol2rWU9zHgI32r/9JbzWOqF+DdvQx +J9Ce43Slxs+jlONjPfSVAgMBAAGjgYowgYcwDAYDVR0TAQH/BAIwADAfBgNVHSME +GDAWgBSVNWKlCol8dwbm9DGRVjhySQviKTAnBgNVHSUEIDAeBggrBgEFBQcDAgYI +KwYBBQUHAwQGCCsGAQUFBwMBMB0GA1UdDgQWBBQft80LFwbI2ltsHHs80O/Rre0Y +LjAOBgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQELBQADggGBAAIwbJHtize60YkA +jW8r93wqcWA6xyTKXiR5JW5TDjboOjwwrpns/cga4rIAN+a1jxhM2dfQUbNiafAG ++4BwAxa3Oe/jgGGaKvB1RFaNZpbQ3zR9A97KB9LMK9jIPPZq4vOUIXmcpoKcW/wI +Ubn6eXqPM+ikL4+NZyCgf/+WWoYUe57E9D1ftsZBDrxy5jGxngNYPtjOVir05bmd +mLW0IPYRfrtyBowrK8tMksChvsxaSoODZBl7t2OSg7dZ8c808jQSMBcs2S+6+xDU +37PwLcmwkq7jtSl5ujmR9WtHUpZApwazSboiGmxAoZBPpp9wTKWgy1xIATqcUCdx +hkLWtdkOh4Kas5AZR3wDVzOLaLvzcdfZ7MD3+0hF5R4gFv4fgpwUm3rWV1eEu7xj +nAO1gZNnVVdRpYY2Six9lpOpG81klBnd2DpcrZeP5eGi4ka3mqqSXW51jxUBk1dA +rrgs3EMb/0h2a1HPJ5Vx7qfPMtUrouDUwtlE4R4QtXI+gPDYBA== +-----END CERTIFICATE----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem new file mode 100644 index 000000000..bdc921182 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEszCCAxugAwIBAgIUXdztVMaxBJq+K0DnVEn21jUaVUUwDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRhNzdhNzMxOTYxZjYwMzkxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjEwMjEwMTUyMDI5WhcNMzEwMjEwMTUyMDI5WjBhMSMwIQYKCZIm +iZPyLGQBAQwTYy0wNGE3N2E3MzE5NjFmNjAzOTEVMBMGA1UEAwwMTWFuYWdlbWVu +dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBAMm52gFqo3WJliqiCdL9DpfaOgJI+S4e +lp45i0laGUwCv4c93qECYvauV1W6bR2wMIb1684j7LBpr25TMyKT6ZeZ1qVwB9ri +6XgdptVxw0ijGtUUKpf2ewbLqOyyiX20EEvfBD00luyhQizwsg8OcbbZcc/7pl/e +o1GgQV9loF6bV9wBQeDt0KtZMnXeQoFejhqkYRDB61PXefqhHqpSxi1NVJJiSSIB +udkFqdzhAVCu2QknNYRzt9zn1qchzwFuzZt5ureiVKk7ih7yIuw8eBm9RgFJBZO2 +48ZxlAQXlG5AUQN1sWSg0fPzgwO9AZLUP9b0iLhTQozXGEKhtjzF2EhUL2MvL/JY +nx+tO88j1EdgmqUsoUUhBQsewju+8a5z3eqdtxqRhn0q2AM3WFdEqzMI43L0/Lwj +jcPWqn9FmNXwtbNNK8EI3IxFLsooMAWceHpz9BQ9UNcq5jGyjE8ED8bGuorDxncl +pCEkmjrbdpmk3YmKgDZ8hPY7O3eoEhES+QIDAQABo2MwYTAPBgNVHRMBAf8EBTAD +AQH/MB8GA1UdIwQYMBaAFJU1YqUKiXx3Bub0MZFWOHJJC+IpMB0GA1UdDgQWBBSV +NWKlCol8dwbm9DGRVjhySQviKTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL +BQADggGBAHVm2xjIPtD3qjHgGWBjT+4wwjbc2oAYtQoGzXGztvqtmaLLkMEV+F6p +p1qQTNXn28fDC1hAhzI921xjIo4uya1mctnRvrcXy/tNq/nFqAGrTOxg0iO2Y+yJ +Cwi7G3WooHgEsxBTOMIlD9uoUd1sowq6AHA2usKUHtAf7AMf1zHX082/GsD7w5wh +gcB8pP8EBghYoVZ6NQLyzlBOAyacbWo5q505fDRs3bDeVVLVNN/pgS+uIFHhHhQ8 +PLYukbDJ09hPvPc+k4zTrbvQcOh7ftdKp5W3xRUDjmszMiXu7B7DXK48LGnD/vdg +HQAII84zpu9JC1xlJAZfFIUvoLBjyYda3B6nxXr32bih1Sjpn72P9QVDmvKtpHUp +f5pAzL8/y/bEuiaCvzauqC+eoXRi8hlOMzQ0S0xIANlJrQdwj/r/qwzeBW4Vbdo/ +k/VKx1KR8cfSXrXuTz0CITbZAcq5S6kD+z9iFmJrx2wdtTwXog9XLp1UcATUxxki +w+5qVOtR4w== +-----END CERTIFICATE----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 Binary files differnew file mode 100644 index 000000000..bfe1637e0 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass new file mode 100644 index 000000000..1bce434bd --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass @@ -0,0 +1 @@ +3vxKHIIQ9kEDQsZ6PBg4_LNb
\ No newline at end of file diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 Binary files differnew file mode 100644 index 000000000..6bd0e2759 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass new file mode 100644 index 000000000..a3ecdf21b --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass @@ -0,0 +1 @@ +B9BWYIw8YAHPRcF1lU9rZZUc
\ No newline at end of file diff --git a/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env b/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env new file mode 100644 index 000000000..756787866 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env @@ -0,0 +1,4 @@ +KEYSTORE_SOURCE_PATHS=/opt/app/datafile/etc/cert/external/keystore.p12:/opt/app/datafile/etc/cert/external/keystore.pass +TRUSTSTORES_PASSWORDS_PATHS=/opt/app/datafile/etc/cert/trust.pass:/opt/app/datafile/etc/cert/external/truststore.pass +TRUSTSTORES_PATHS=/opt/app/datafile/etc/cert/trust.jks:/opt/app/datafile/etc/cert/external/truststore.p12 +KEYSTORE_DESTINATION_PATHS=/opt/app/datafile/etc/cert/cert.p12:/opt/app/datafile/etc/cert/p12.pass diff --git a/test/mocks/datafilecollector-testharness/common/README.md b/test/mocks/datafilecollector-testharness/common/README.md index dc57e09df..736ed4819 100644 --- a/test/mocks/datafilecollector-testharness/common/README.md +++ b/test/mocks/datafilecollector-testharness/common/README.md @@ -63,14 +63,14 @@ Stop a FTPES container with the supplied instance id (0-5). **start_ftpes \<ftpes-instance-id>**: Start a previously stopped FTPES container with the supplied instance id (0-5). -**kill_http \<http-instance-id>**: -Stop and remove a HTTP container with the supplied instance id (0-5). +**kill_http_https \<http-instance-id>**: +Stop and remove a HTTP/HTTPS container with the supplied instance id (0-5). -**stop_http \<http-instance-id>**: -Stop a HTTP container with the supplied instance id (0-5). +**stop_http_https \<http-instance-id>**: +Stop a HTTP/HTTPS container with the supplied instance id (0-5). -**start_http \<http-instance-id>**: -Start a previously stopped HTTP container with the supplied instance id (0-5). +**start_http_https \<http-instance-id>**: +Start a previously stopped HTTP/HTTPS container with the supplied instance id (0-5). **mr_print \<variable-name>**: Print a variable value from the MR simulator. diff --git a/test/mocks/datafilecollector-testharness/common/test_env.sh b/test/mocks/datafilecollector-testharness/common/test_env.sh index a5ea8a17e..d565ea7ed 100644 --- a/test/mocks/datafilecollector-testharness/common/test_env.sh +++ b/test/mocks/datafilecollector-testharness/common/test_env.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # This env variable is only needed if the auto test scripts tests are executed in a different folder than 'auto-test' in the integration repo # Change '<local-path>' to your path to the integration repo. In addition to the auto-test, the 'common' dir is needed if not executed in the @@ -36,11 +45,11 @@ DFC_MAX_NUM=5 #Max number of dfc containers to run in p DFC_MAX_IDX=$(($DFC_MAX_NUM - 1)) #Max index of the dfc containers SFTP_BASE="dfc_sftp-server" #Base name of the dfc_sftp-server containers. Instance 0 will be named dfc_sftp-server0, instance 1 will named dfc_sftp-server1 etc FTPES_BASE="dfc_ftpes-server-vsftpd" #Base name of the dfc_ftpes-server-vsftpd containers. Instance 0 will be named dfc_ftpes-server-vsftpd0, instance 1 will named dfc_ftpes-server-vsftpd1 etc -HTTP_BASE="dfc_http-server" #Base name of the dfc_http-server containers. Instance 0 will be named dfc_http-server0, instance 1 will named dfc_http-server1 etc +HTTP_HTTPS_BASE="dfc_http-https-server" #Base name of the dfc_http-https-server containers. Instance 0 will be named dfc_http-https-server0, instance 1 will named dfc_http-https-server1 etc FTP_MAX_NUM=5 #Max number of sftp and ftpes containers to run in paralell in auto test -HTTP_MAX_NUM=5 #Max number of http containers to run in paralell in auto test +HTTP_MAX_NUM=5 #Max number of http/https containers to run in paralell in auto test FTP_MAX_IDX=$(($FTP_MAX_NUM - 1)) #Max index of sftp and ftpes containers -HTTP_MAX_IDX=$(($HTTP_MAX_NUM - 1)) #Max index of http containers +HTTP_MAX_IDX=$(($HTTP_MAX_NUM - 1)) #Max index of http/https containers #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network SFTP_SIMS_CONTAINER="sftp-server0:22,sftp-server1:22,sftp-server2:22,sftp-server3:22,sftp-server4:22" @@ -48,8 +57,10 @@ SFTP_SIMS_CONTAINER="sftp-server0:22,sftp-server1:22,sftp-server2:22,sftp-server #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network FTPES_SIMS_CONTAINER="ftpes-server-vsftpd0:21,ftpes-server-vsftpd1:21,ftpes-server-vsftpd2:21,ftpes-server-vsftpd3:21,ftpes-server-vsftpd4:21" -#List of http server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network -HTTP_SIMS_CONTAINER="http-server0:80,http-server1:80,http-server2:80,http-server3:80,http-server4:80" +#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network +HTTP_SIMS_CONTAINER="http-https-server0:80,http-https-server1:80,http-https-server2:80,http-https-server3:80,http-https-server4:80" +HTTPS_SIMS_CONTAINER="http-https-server0:443,http-https-server1:443,http-https-server2:443,http-https-server3:443,http-https-server4:443" +HTTPS_SIMS_NO_AUTH_CONTAINER="http-https-server0:8080,http-https-server1:8080,http-https-server2:8080,http-https-server3:8080,http-https-server4:8080" #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network SFTP_SIMS_LOCALHOST="localhost:1022,localhost:1023,localhost:1024,localhost:1025,localhost:1026" @@ -57,12 +68,16 @@ SFTP_SIMS_LOCALHOST="localhost:1022,localhost:1023,localhost:1024,localhost:1025 #List of ftpes server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network FTPES_SIMS_LOCALHOST="localhost:1032,localhost:1033,localhost:1034,localhost:1035,localhost:1036" -#List of http server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network +#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network HTTP_SIMS_LOCALHOST="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85" +HTTPS_SIMS_LOCALHOST="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448" +HTTPS_SIMS_NO_AUTH_LOCALHOST="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085" export SFTP_SIMS=$SFTP_SIMS_CONTAINER #This env will be set to SFTP_SIMS_LOCALHOST if auto test is executed with 'manual-app' export FTPES_SIMS=$FTPES_SIMS_CONTAINER #This env will be set to FTPES_SIMS_LOCALHOST if auto test is executed with 'manual-app' export HTTP_SIMS=$HTTP_SIMS_CONTAINER #This env will be set to HTTP_SIMS_LOCALHOST if auto test is executed with 'manual-app' +export HTTPS_SIMS=$HTTPS_SIMS_CONTAINER #This env will be set to HTTPS_SIMS_LOCALHOST if auto test is executed with 'manual-app' +export HTTPS_SIMS_NO_AUTH=$HTTPS_SIMS_NO_AUTH_CONTAINER #This env will be set to HTTPS_SIMS_NO_AUTH_LOCALHOST if auto test is executed with 'manual-app' #Host name of the DR redirect simulator export DR_REDIR_SIM="drsim_redir" #This env will be set to 'localhost' if auto test is executed with arg 'manual-app' diff --git a/test/mocks/datafilecollector-testharness/common/testcase_common.sh b/test/mocks/datafilecollector-testharness/common/testcase_common.sh index 9f156a901..345752b47 100755 --- a/test/mocks/datafilecollector-testharness/common/testcase_common.sh +++ b/test/mocks/datafilecollector-testharness/common/testcase_common.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# . ../common/test_env.sh @@ -161,20 +170,20 @@ docker build -t mrsim:latest . &> /dev/null cd ../ftpes-sftp-server docker build -t ftpes_vsftpd:latest -f Dockerfile-ftpes . &> /dev/null cd ../http-https-server -docker build -t http_httpd:latest -f Dockerfile-http . &> /dev/null +docker build -t http_https_httpd:latest -f Dockerfile-http-https . &> /dev/null cd $curdir echo "" echo "Local registry images for simulators:" -echo "MR simulator " $(docker images | grep mrsim) -echo "DR simulator: " $(docker images | grep drsim_common) -echo "DR redir simulator: " $(docker images | grep drsim_common) -echo "SFTP: " $(docker images | grep atmoz/sftp) -echo "FTPES: " $(docker images | grep ftpes_vsftpd) -echo "HTTP: " $(docker images | grep http_httpd) -echo "Consul: " $(docker images | grep consul) -echo "CBS: " $(docker images | grep platform.configbinding.app) +echo "MR simulator " $(docker images | grep mrsim) +echo "DR simulator: " $(docker images | grep drsim_common) +echo "DR redir simulator: " $(docker images | grep drsim_common) +echo "SFTP: " $(docker images | grep atmoz/sftp) +echo "FTPES: " $(docker images | grep ftpes_vsftpd) +echo "HTTP/HTTPS/HTTPS no auth: " $(docker images | grep http_https_httpd) +echo "Consul: " $(docker images | grep consul) +echo "CBS: " $(docker images | grep platform.configbinding.app) echo "" #Configure MR sim to use correct host:port for running dfc as an app or as a container @@ -183,6 +192,8 @@ if [ $START_ARG == "manual-app" ]; then export SFTP_SIMS=$SFTP_SIMS_LOCALHOST export FTPES_SIMS=$FTPES_SIMS_LOCALHOST export HTTP_SIMS=$HTTP_SIMS_LOCALHOST + export HTTPS_SIMS=$HTTPS_SIMS_LOCALHOST + export HTTPS_SIMS_NO_AUTH=HTTPS_SIMS_NO_AUTH_LOCALHOST export DR_REDIR_SIM="localhost" fi #else @@ -208,7 +219,7 @@ __do_curl() { echo "<no-response-from-server>" return 1 else - if [ $http_code -lt 200 ] && [ $http_code -gt 299]; then + if [ $http_code -lt 200 ] && [ $http_code -gt 299 ]; then echo "<not found, resp:${http_code}>" return 1 fi @@ -374,12 +385,22 @@ __start_dfc_image() { localport=$(($DFC_PORT + $2)) localport_secure=$(($DFC_PORT_SECURE + $2)) - echo "Creating docker network $DOCKER_SIM_NWNAME, if needed" + echo "Creating docker network "$DOCKER_SIM_NWNAME", if needed" - docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME + docker network ls| grep "$DOCKER_SIM_NWNAME" > /dev/null || docker network create "$DOCKER_SIM_NWNAME" echo "Starting DFC: " $appname " with ports mapped to " $localport " and " $localport_secure " in docker network "$DOCKER_SIM_NWNAME - docker run -d --volume $(pwd)/../simulator-group/tls/:/opt/app/datafile/etc/cert/ -p $localport":8100" -p $localport_secure":8433" --network=$DOCKER_SIM_NWNAME -e CONSUL_HOST=$CONSUL_HOST -e CONSUL_PORT=$CONSUL_PORT -e CONFIG_BINDING_SERVICE=$CONFIG_BINDING_SERVICE -e CONFIG_BINDING_SERVICE_SERVICE_PORT=$CONFIG_BINDING_SERVICE_SERVICE_PORT -e HOSTNAME=$appname --name $appname $DFC_IMAGE + if [ "$HTTP_TYPE" = "HTTPS" ] + then + mkdir "$SIM_GROUP"/tls/external + cp "$SIM_GROUP"/../certservice/generated-certs/dfc-p12/* "$SIM_GROUP"/tls/external/ + docker run \ + --name oom-certservice-post-processor \ + --env-file "$SIM_GROUP"/../certservice/merger/merge-certs.env \ + --mount type=bind,src="$SIM_GROUP"/tls,dst=/opt/app/datafile/etc/cert \ + nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:latest + fi + docker run -d --volume $(pwd)/../simulator-group/tls/:/opt/app/datafile/etc/cert/ -p $localport":8100" -p $localport_secure":8433" --network=$DOCKER_SIM_NWNAME -e CONSUL_HOST=$CONSUL_HOST -e CONSUL_PORT=$CONSUL_PORT -e CONFIG_BINDING_SERVICE=$CONFIG_BINDING_SERVICE -e CONFIG_BINDING_SERVICE_SERVICE_PORT=$CONFIG_BINDING_SERVICE_SERVICE_PORT -e HOSTNAME=$appname --name $appname $DFC_IMAGE sleep 3 set +x dfc_started=false @@ -517,6 +538,8 @@ log_sim_settings() { echo "SFTP_SIMS= "$SFTP_SIMS echo "FTPES_SIMS= "$FTPES_SIMS echo "HTTP_SIMS= "$HTTP_SIMS + echo "HTTPS_SIMS= "$HTTPS_SIMS + echo "HTTPS_SIMS_NO_AUTH= "$HTTPS_SIMS_NO_AUTH echo "" } @@ -526,6 +549,7 @@ clean_containers() { docker stop $(docker ps -q --filter name=dfc_) &> /dev/null echo "Removing all containers, dfc app and simulators with name prefix 'dfc_'" docker rm $(docker ps -a -q --filter name=dfc_) &> /dev/null + docker rm -f $(docker ps -a -q --filter name=oom-certservice-post-processor) &> /dev/null echo "Removing unused docker networks with substring 'dfc' in network name" docker network rm $(docker network ls -q --filter name=dfc) echo "" @@ -537,6 +561,7 @@ start_simulators() { echo "Starting all simulators" curdir=$PWD cd $SIM_GROUP + export SIM_GROUP=$SIM_GROUP $SIM_GROUP/simulators-start.sh cd $curdir echo "" @@ -767,7 +792,7 @@ start_ftpes() { } # Stop and remove the HTTP container, arg: <http-instance-id> -kill_http() { +kill_http_https() { if [ $# != 1 ]; then __print_err "need one arg, <http-instance-id>" @@ -778,16 +803,16 @@ kill_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Killing HTTP, instance id: "$1 + echo "Killing HTTP/HTTPS, instance id: "$1 __docker_stop $appname __docker_rm $appname } # Stop HTTP container, arg: <http-instance-id> -stop_http() { +stop_http_https() { if [ $# != 1 ]; then __print_err "need one arg, <http-instance-id>" @@ -798,15 +823,15 @@ stop_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Stopping HTTP, instance id: "$1 + echo "Stopping HTTP/HTTPS, instance id: "$1 __docker_stop $appname } # Starts a stopped HTTP container, arg: <http-instance-id> -start_http() { +start_http_https() { if [ $# != 1 ]; then __print_err "need one arg, <http-instance-id>" @@ -817,9 +842,9 @@ start_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Starting HTTP, instance id: "$1 + echo "Starting HTTP/HTTPS, instance id: "$1 __docker_start $appname } @@ -1200,7 +1225,7 @@ store_logs() { done for (( i=0; i<=$HTTP_MAX_IDX; i++ )); do - appname=$HTTP_BASE$i + appname=$HTTP_HTTPS_BASE$i docker logs $appname > $TESTLOGS/$ATC/${1}_${appname}.log 2>&1 done diff --git a/test/mocks/datafilecollector-testharness/http-https-server/.gitignore b/test/mocks/datafilecollector-testharness/http-https-server/.gitignore index bd6c5bed8..2c8afebd8 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/.gitignore +++ b/test/mocks/datafilecollector-testharness/http-https-server/.gitignore @@ -1 +1 @@ -files/onap/* +/files diff --git a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http deleted file mode 100644 index d3601b865..000000000 --- a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http +++ /dev/null @@ -1,8 +0,0 @@ -FROM httpd:alpine - -COPY configuration/htpasswd /usr/local/apache2/conf/.htpasswd -COPY configuration/httpd.conf /usr/local/apache2/conf/httpd.conf -RUN chmod 644 /usr/local/apache2/conf/.htpasswd -RUN chmod 644 /usr/local/apache2/conf/httpd.conf -RUN chown root:root /usr/local/apache2/conf/.htpasswd -RUN chown root:root /usr/local/apache2/conf/httpd.conf diff --git a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https new file mode 100644 index 000000000..a2d8bf8cc --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https @@ -0,0 +1,15 @@ +FROM httpd:alpine + +RUN apk update + +ENV APACHE_LOG_DIR /usr/local/apache2/logs + +RUN mkdir /usr/local/apache2/certs + +COPY --chown=root:root apache2/certs /usr/local/apache2/certs +COPY --chown=root:root apache2/conf /usr/local/apache2/conf +COPY --chown=root:root apache2/conf/extra /usr/local/apache2/conf/extra + +RUN chmod 644 /usr/local/apache2/conf/.htpasswd +RUN chmod 644 /usr/local/apache2/conf/httpd.conf +RUN chmod 644 /usr/local/apache2/conf/extra/httpd-ssl.conf diff --git a/test/mocks/datafilecollector-testharness/http-https-server/README.md b/test/mocks/datafilecollector-testharness/http-https-server/README.md new file mode 100644 index 000000000..77e701175 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/README.md @@ -0,0 +1,32 @@ +# ejbca certs + +There are needed certificates generated using CMPv2 server to properly run the https server and dfc being able to work with +https protocol. For that reason, pre-generated certs were prepared and stored in `certservice/generated-certs` directory. + +# Docker preparations + +Source: <https://docs.docker.com/install/linux/linux-postinstall/> + +`sudo usermod -aG docker $USER` + +then logout-login to activate it. + +# Prepare files for the simulator + +Run `prepare.sh` with an argument found in `test_cases.yml` (or add a new tc in that file) to create files (1MB, +5MB and 50MB files) and a large number of symbolic links to these files to simulate PM files. The files names +matches the files in the events produced by the MR simulator. The dirs with the files will be mounted +by the ftp containers, defined in the docker-compse file, when started + +# Starting/stopping the HTTP/HTTPS server(s) + +Start: `docker-compose up` + +Stop: Ctrl +C, then `docker-compose down` or `docker-compose down --remove-orphans` + +If you experience issues (or port collision), check the currently running other containers +by using 'docker ps' and stop them if necessary. + +# Cleaning docker structure + +Deep cleaning: `docker system prune` diff --git a/test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd index 07f1978e6..07f1978e6 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf new file mode 100644 index 000000000..f4caf357e --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf @@ -0,0 +1,65 @@ +Listen 443 +Listen 8080 + +SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES +SSLProxyProtocol all -SSLv3 +SSLPassPhraseDialog builtin + +SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)" +SSLSessionCacheTimeout 300 + +<VirtualHost *:8080> + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /usr/local/apache2/certs/truststore.pem + SSLCertificateFile /usr/local/apache2/certs/keystore.pem + SSLCertificateKeyFile /usr/local/apache2/certs/key.pem + +</VirtualHost> + +<VirtualHost *:443> + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + <Directory "/usr/local/apache2/htdocs"> + SSLVerifyClient optional + SSLVerifyDepth 2 + SSLOptions +FakeBasicAuth +StrictRequire + <RequireAll> + Require ssl-verify-client + </RequireAll> + Options Indexes FollowSymLinks MultiViews + AuthType Basic + AuthName "Restricted Content" + AuthBasicProvider file + AuthUserFile /usr/local/apache2/conf/.htpasswd + Require valid-user + </Directory> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /usr/local/apache2/certs/truststore.pem + SSLCertificateFile /usr/local/apache2/certs/keystore.pem + SSLCertificateKeyFile /usr/local/apache2/certs/key.pem +</VirtualHost> diff --git a/test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf index 88081b441..ef3ce95f7 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf @@ -91,7 +91,7 @@ LoadModule auth_basic_module modules/mod_auth_basic.so #LoadModule cache_module modules/mod_cache.so #LoadModule cache_disk_module modules/mod_cache_disk.so #LoadModule cache_socache_module modules/mod_cache_socache.so -#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +LoadModule socache_shmcb_module modules/mod_socache_shmcb.so #LoadModule socache_dbm_module modules/mod_socache_dbm.so #LoadModule socache_memcache_module modules/mod_socache_memcache.so #LoadModule socache_redis_module modules/mod_socache_redis.so @@ -158,7 +158,7 @@ LoadModule version_module modules/mod_version.so #LoadModule session_dbd_module modules/mod_session_dbd.so #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so -#LoadModule ssl_module modules/mod_ssl.so +LoadModule ssl_module modules/mod_ssl.so #LoadModule optional_hook_export_module modules/mod_optional_hook_export.so #LoadModule optional_hook_import_module modules/mod_optional_hook_import.so #LoadModule optional_fn_import_module modules/mod_optional_fn_import.so @@ -256,44 +256,50 @@ ServerAdmin you@example.com # you might expect, make sure that you have specifically enabled it # below. # +<Directory /usr/local/apache2/htdocs> + Options Indexes FollowSymLinks + AllowOverride None + Require all granted +</Directory> # # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # -DocumentRoot "/usr/local/apache2/htdocs" -<Directory "/usr/local/apache2/htdocs"> - # - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.4/mod/core.html#options - # for more information. - # - Options Indexes FollowSymLinks - - # - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # AllowOverride FileInfo AuthConfig Limit - # - AllowOverride None - - # - # Controls who can get stuff from this server. - # - AuthType Basic - AuthName "Restricted Content" - AuthUserFile /usr/local/apache2/conf/.htpasswd - Require valid-user -</Directory> - +<VirtualHost *:80> + DocumentRoot "/usr/local/apache2/htdocs" + <Directory "/usr/local/apache2/htdocs"> + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride None + + # + # Controls who can get stuff from this server. + # + AuthType Basic + AuthName "Restricted Content" + AuthUserFile /usr/local/apache2/conf/.htpasswd + Require valid-user + </Directory> +</VirtualHost> # # DirectoryIndex: sets the file that Apache will serve if a directory # is requested. @@ -317,7 +323,7 @@ DocumentRoot "/usr/local/apache2/htdocs" # logged here. If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # -ErrorLog /proc/self/fd/2 +ErrorLog ${APACHE_LOG_DIR}/error.log # # LogLevel: Control the number of messages logged to the error_log. @@ -346,7 +352,7 @@ LogLevel warn # define per-<VirtualHost> access logfiles, transactions will be # logged therein and *not* in this file. # - CustomLog /proc/self/fd/1 common + CustomLog ${APACHE_LOG_DIR}/access.log combined # # If you prefer a logfile with access, agent, and referer information @@ -541,7 +547,7 @@ Include conf/extra/proxy-html.conf </IfModule> # Secure (SSL/TLS) connections -#Include conf/extra/httpd-ssl.conf +Include conf/extra/httpd-ssl.conf # # Note: The following must must be present to support # starting without SSL on platforms with no /dev/random equivalent diff --git a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml index 537cfcfaf..09b698f89 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml +++ b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml @@ -2,14 +2,19 @@ version: '3' services: - http-server: - container_name: http-server-httpd + http-https-server: + container_name: http-https-server-httpd image: httpd:alpine + environment: + APACHE_LOG_DIR: /usr/local/apache2/logs ports: - "80:80" + - "443:443" + - "8080:8080" volumes: - - ./configuration/htpasswd:/usr/local/apache2/conf/.htpasswd:ro - - ./configuration/httpd.conf:/usr/local/apache/conf/httpd.conf:ro - - - ./files/onap/http/:/usr/local/apache2/htdocs + - ./apache2/conf/.htpasswd:/usr/local/apache2/conf/.htpasswd:ro + - ./apache2/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro + - ./apache2/conf/extra/httpd-ssl.conf:/usr/local/apache2/conf/extra/httpd-ssl.conf:ro + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs:ro + - ./files/onap/http:/usr/local/apache2/htdocs restart: on-failure diff --git a/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml b/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml index 08f632e28..d27bb9384 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml +++ b/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml @@ -3,14 +3,14 @@ TC1: size_files: 1 5 10 number_files: 10 30 10 - directory_files: http + directory_files: http http http TC2: size_files: 0.5 1 5 number_files: 2 3 1 - directory_files: http + directory_files: http http http TC_10000: size_files: 1 1 5 5 50 50 number_files: 10000 10000 10000 10000 1 1 - directory_files: http + directory_files: http http http http http http diff --git a/test/mocks/datafilecollector-testharness/mr-sim/README.md b/test/mocks/datafilecollector-testharness/mr-sim/README.md index 055e7d914..a8d2b7aaa 100644 --- a/test/mocks/datafilecollector-testharness/mr-sim/README.md +++ b/test/mocks/datafilecollector-testharness/mr-sim/README.md @@ -10,7 +10,7 @@ This readme contains: The MR-sim is a python script delivering batches of events including one or more fileReady for one or more PNFs. It is possible to configure number of events, PNFs, consumer groups, exising or missing files, file prefixes and change identifier. -In addition, MR sim can be configured to deliver file url for up to 5 FTP and 5 HTTP servers (simulating the PNFs). +In addition, MR sim can be configured to deliver file url for up to 5 FTP and 5 HTTP/HTTPS/HTTPS with no auth servers (simulating the PNFs). ## Building and running @@ -33,8 +33,10 @@ The following envrionment vaiables are used: - **FTPES_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate ftpes file urls for. If not set MR sim will assume 'localhost:21'. Minimum 1 and maximum 5 host-port pairs can be given. - **SFTP_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate sftp file urls for. If not set MR sim will assume 'localhost:1022'. Minimum 1 and maximum 5 host-port pairs can be given. - **HTTP_SIMS** - A comma-separated list of hostname:port for the HTTP servers to generate http file urls for. If not set MR sim will assume 'localhost:81'. Minimum 1 and maximum 5 host-port pairs can be given. +- **HTTPS_SIMS** - A comma-separated list of hostname:port for the HTTPS servers (configured for client certificate authentication and basic authentication; certificates were obtained using CMPv2 server) to generate http file urls for. If not set MR sim will assume 'localhost:444'. Minimum 1 and maximum 5 host-port pairs can be given. +- **HTTPS_SIMS_NO_AUTH** - A comma-separated list of hostname:port for the HTTPS servers with no autorization to generate http file urls for. If not set MR sim will assume 'localhost:8081'. Minimum 1 and maximum 5 host-port pairs can be given. - **NUM_FTP_SERVERS** - Number of FTP servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. -- **NUM_HTTP_SERVERS** - Number of HTTP servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. +- **NUM_HTTP_SERVERS** - Number of HTTP/HTTPS/HTTPS with no authorization servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. - **MR_GROUPS** - A comma-separated list of consummer-group:changeId\[:changeId]\*. Defines which change identifier that should be used for each consumer group. If not set the MR-sim will assume 'OpenDcae-c12:PM_MEAS_FILES'.not set the MR-sim will assume 'OpenDcae-c12:PM_MEAS_FILES'. - **MR_FILE_PREFIX_MAPPING** - A comma-separated list of changeId:filePrefix. Defines which file prefix to use for each change identifier, needed to distinguish files for each change identifiers. If not set the MR-sim will assume 'PM_MEAS_FILES:A @@ -179,7 +181,9 @@ TC1500 - 700 ME, SFTP, 1MB files, 100 files per event, 35 events per poll, simul Changing the first digit in tc number will change the test case to run FTPES or HTTP instead. Eg. TC201 is FTPES version of TC101. -TC2XX is same as TC1XX but with FTPES, TC3XX is same as TC1XX but with HTTP +TC2XX is same as TC1XX but with FTPES, TC3XX is same as TC1XX but with HTTP, TC4XX is same as TC1XX but with HTTPS +(with basic authorization). Note, in the case of HTTPS, some tests may not have direct correspondence in FTP tests +(TC403, TC404 described in the end of this section). TC6XX is same as TC5XX but with FTPES @@ -187,6 +191,10 @@ TC8XX is same as TC7XX but with FTPES TC2XXX is same as TC1XXX but with FTPES +TC403 - One ME, HTTPS with client certificate authentication, 1 1MB file, 1 event + +TC404 - One ME, HTTPS with no client authentication, 1 1MB file, 1 event + ## Developer workflow 1. `sudo apt install python3-venv` diff --git a/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py b/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py index 809f18661..323dde618 100644 --- a/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py +++ b/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py @@ -1,3 +1,14 @@ +# COPYRIGHT NOTICE STARTS HERE +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# COPYRIGHT NOTICE ENDS HERE import argparse import os import sys @@ -19,10 +30,13 @@ ftpes_hosts = [] ftpes_ports = [] http_hosts = [] http_ports = [] +https_hosts = [] +https_ports = [] +https_hosts_no_auth = [] +https_ports_no_auth = [] num_ftp_servers = 1 num_http_servers = 1 - def sumList(ctrArray): tmp = 0 for i in range(len(ctrArray)): @@ -525,6 +539,18 @@ def MR_reply(consumerGroup, consumerId): elif args.tc302: return tc100(groupIndex, changeId, filePrefix, "http", "50MB") + elif args.tc400: + return tc100(groupIndex, changeId, filePrefix, "https", "1MB") + elif args.tc401: + return tc100(groupIndex, changeId, filePrefix, "https", "5MB") + elif args.tc402: + return tc100(groupIndex, changeId, filePrefix, "https", "50MB") + elif args.tc403: + return tc100(groupIndex, changeId, filePrefix, "httpsCAuth", "1MB") + elif args.tc404: + return tc100(groupIndex, changeId, filePrefix, "httpsNoAuth", "1MB") + + #### Test case functions @@ -543,7 +569,8 @@ def tc100(groupIndex, changeId, filePrefix, schemeType, fileSize): fileName = createFileName(groupIndex, filePrefix, nodeName, seqNr, fileSize) msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "onap", "pano", nodeIndex) + getEventEnd() - if schemeType == "http": + if (schemeType == "http") or (schemeType == "https") \ + or (schemeType == "httpsCAuth") or (schemeType == "httpsNoAuth"): msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "demo", "demo123456!", nodeIndex) + getEventEnd() fileMap[groupIndex][seqNr * hash(filePrefix)] = seqNr @@ -1192,20 +1219,37 @@ def getEventName(fn, type, user, passwd, nodeIndex): nodeIndex = nodeIndex % num_ftp_servers port = sftp_ports[nodeIndex] ip = sftp_hosts[nodeIndex] - if (type == "ftpes"): + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + if type == "ftpes": port = ftpes_ports[nodeIndex] ip = ftpes_hosts[nodeIndex] - elif (type == "http"): + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "http": nodeIndex = nodeIndex % num_http_servers port = http_ports[nodeIndex] ip = http_hosts[nodeIndex] + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "https": + nodeIndex = nodeIndex % num_http_servers + port = https_ports[nodeIndex] + ip = https_hosts[nodeIndex] + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "httpsCAuth": + alt_type = "https" + port = https_ports[nodeIndex] + ip = https_hosts[nodeIndex] + location_variant = alt_type + """://""" + ip + """:""" + str(port) + elif type == "httpsNoAuth": + alt_type = "https" + port = https_ports_no_auth[nodeIndex] + ip = https_hosts_no_auth[nodeIndex] + location_variant = alt_type + """://""" + ip + """:""" + str(port) nameStr = """{ "name": \"""" + fn + """", "hashMap": { "fileFormatType": "org.3GPP.32.435#measCollec", - "location": \"""" + type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str( - port) + """/""" + fn + """", + "location": \"""" + location_variant + """/""" + fn + """", "fileFormatVersion": "V10", "compression": "gzip" } @@ -1248,14 +1292,18 @@ if __name__ == "__main__": sftp_sims = os.environ.get('SFTP_SIMS', 'localhost:1022') ftpes_sims = os.environ.get('FTPES_SIMS', 'localhost:21') http_sims = os.environ.get('HTTP_SIMS', 'localhost:81') + https_sims = os.environ.get('HTTPS_SIMS', 'localhost:444') + https_sims_no_auth = os.environ.get('HTTPS_SIMS_NO_AUTH', 'localhost:8081') num_ftp_servers = int(os.environ.get('NUM_FTP_SERVERS', 1)) num_http_servers = int(os.environ.get('NUM_HTTP_SERVERS', 1)) print("Configured sftp sims: " + sftp_sims) print("Configured ftpes sims: " + ftpes_sims) print("Configured http sims: " + http_sims) + print("Configured https sims: " + https_sims) + print("Configured https with no authorization sims: " + https_sims_no_auth) print("Configured number of ftp servers: " + str(num_ftp_servers)) - print("Configured number of http servers: " + str(num_http_servers)) + print("Configured number of http/https/https with no auth servers: " + str(num_http_servers) + " each") tmp = sftp_sims.split(',') for i in range(len(tmp)): @@ -1275,6 +1323,19 @@ if __name__ == "__main__": http_hosts.append(hp[0]) http_ports.append(hp[1]) + tmp = https_sims.split(',') + for i in range(len(tmp)): + hp = tmp[i].split(':') + https_hosts.append(hp[0]) + https_ports.append(hp[1]) + + tmp = https_sims_no_auth.split(',') + for i in range(len(tmp)): + hp = tmp[i].split(':') + https_hosts_no_auth.append(hp[0]) + https_ports_no_auth.append(hp[1]) + + groups = os.environ.get('MR_GROUPS', 'OpenDcae-c12:PM_MEAS_FILES') print("Groups detected: " + groups) configuredPrefixes = os.environ.get('MR_FILE_PREFIX_MAPPING', 'PM_MEAS_FILES:A') @@ -1637,6 +1698,28 @@ if __name__ == "__main__": action='store_true', help='TC302 - One ME, HTTP, 1 50MB file, 1 event') + # HTTPS TCs with single ME + parser.add_argument( + '--tc400', + action='store_true', + help='TC400 - One ME, HTTPS, 1 1MB file, 1 event') + parser.add_argument( + '--tc401', + action='store_true', + help='TC401 - One ME, HTTPS, 1 5MB file, 1 event') + parser.add_argument( + '--tc402', + action='store_true', + help='TC402 - One ME, HTTPS, 1 50MB file, 1 event') + parser.add_argument( + '--tc403', + action='store_true', + help='TC403 - One ME, HTTPS client certificare authentication, 1 1MB file, 1 event') + parser.add_argument( + '--tc404', + action='store_true', + help='TC404 - One ME, HTTPS no client authentication, 1 1MB file, 1 event') + args = parser.parse_args() if args.tc100: @@ -1778,6 +1861,17 @@ if __name__ == "__main__": elif args.tc302: tc_num = "TC# 302" + elif args.tc400: + tc_num = "TC# 400" + elif args.tc401: + tc_num = "TC# 401" + elif args.tc402: + tc_num = "TC# 402" + elif args.tc403: + tc_num = "TC# 403" + elif args.tc404: + tc_num = "TC# 404" + else: print("No TC was defined") print("use --help for usage info") @@ -1797,8 +1891,18 @@ if __name__ == "__main__": print("Using " + str(http_hosts[i]) + ":" + str(http_ports[i]) + " for http server with index " + str( i) + " for http server address and port in file urls.") + for i in range(len(https_hosts)): + print("Using " + str(https_hosts[i]) + ":" + str(https_ports[i]) + " for https server with index " + str( + i) + " for https server address and port in file urls.") + + for i in range(len(https_hosts_no_auth)): + print("Using " + str(https_hosts_no_auth[i]) + ":" + str(https_ports_no_auth[i]) + + " for https server with no authentication with index " + str(i) + + " for https server address and port in file urls.") + print("Using up to " + str(num_ftp_servers) + " ftp servers, for each protocol for PNFs.") - print("Using up to " + str(num_http_servers) + " http servers, for each protocol for PNFs.") + print("Using up to " + str(num_http_servers) + + " http/https/https with no auth servers, for each protocol for PNFs.") def https_app(**kwargs): diff --git a/test/mocks/datafilecollector-testharness/simulator-group/README.md b/test/mocks/datafilecollector-testharness/simulator-group/README.md index 75abec9f1..98b26bc86 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/README.md +++ b/test/mocks/datafilecollector-testharness/simulator-group/README.md @@ -95,15 +95,15 @@ FILE_SIZE="1MB" #File size for FTP file (1KB, 1MB, 5MB, 50MB or AL FTP_TYPE="SFTP" #Type of FTP files to generate (SFTP, FTPES or ALL) If `FTP_TYPE` is set to `ALL`, both ftp servers will be populated with the same files. If set to `SFTP` or `FTPES` then only the server serving that protocol will be populated with files. -`HTTP_TYPE` for now is only prepared for `HTTP` protocol. `HTTPS` protocol will be served in the future +`HTTP_TYPE` is prepared for `HTTP` and `HTTPS` protocol. Note, thanks to configuration of http server, single action populates files for all HTTP/HTTPS server type. Run the script `docker-compose-setup.sh`to create a docker-compose with the desired settings. The desired setting in the script need to be manually adapted to for each specific simulator behavior according to the above. Check each simulator for available parameters. All simulators will be started with the generated docker-compose.yml file -To generate ftp/http url with IP different from localhost, set SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP env variables to the addreses of the ftp servers before starting. -So farm, this only works when the simulator python script is started from the command line. +To generate an ftp/http/https url with an IP different from localhost, set the SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP and/or HTTPS_SIM_IP and/or HTTPS_SIM_NO_AUTH_IP env variables to the address(es) of the ftp/http/https servers before starting. +So far, this only works when the simulator python script is started from the command line. Kill all the containers with `simulators-kill.se` diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json index f839e79be..76d6822a2 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json index 89a49070e..ddf0bbb36 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json index dbd41652b..43dc6a9c5 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json index fee8a0f79..bc9c9b1f6 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json new file mode 100644 index 000000000..960764ad8 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json @@ -0,0 +1,36 @@ +{ + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.p12", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/p12.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.security.enableDmaapCertAuth": "false", + "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12", + "dmaap.dmaapConsumerConfiguration.consumerId": "C12", + "dmaap.dmaapConsumerConfiguration.timeoutMs": -1, + "sftp.security.strictHostKeyChecking": "true", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "user", + "log_url": "https://drsim:3907/feedlog/2", + "publish_url": "https://drsim:3907/publish/2", + "location": "loc00", + "password": "password", + "publisher_id": "972.360gm" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://mrsim:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + }, + "type": "message_router" + } + } +} diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json index 8ab143879..9f370391b 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json index 4e6b1fd25..bf65e85a8 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json index 599ad74e6..486d5ee44 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json index 8e96210bb..6509bcfdf 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json index 4b538987e..620d172e6 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json index f0fc2cba9..dfbecaa1e 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh index ad45559eb..d5b36ec58 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh @@ -1,4 +1,13 @@ #/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # Script for manually starting all simulators with test setting below # Matching json config is needed in CBS/Consul as well. Use consul_config.sh to add config to consul @@ -31,6 +40,8 @@ export BASIC_AUTH_PASSWORD=demo123456! export SFTP_SIMS="localhost:21,localhost:22,localhost:23,localhost:24,localhost:25" # Comma separated list for SFTP servers host:port export FTPES_SIMS="localhost:1022,localhost:1023,localhost:1024,localhost:1026,localhost:1026" # Comma separated list for FTPES servers host:port export HTTP_SIMS="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85" # Comma separated list for HTTP servers host:port +export HTTPS_SIMS="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448" # Comma separated list for HTTPS (enabling client certificate authorization and basic authorization) servers host:port +export HTTPS_SIMS_NO_AUTH="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085" # Comma separated list for HTTPS (with no authorization) servers host:port export DR_REDIR_SIM="localhost" # Hostname of DR redirect server diff --git a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml index c4ed2fec3..537012afb 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml +++ b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml @@ -78,6 +78,8 @@ services: SFTP_SIMS: ${SFTP_SIMS} FTPES_SIMS: ${FTPES_SIMS} HTTP_SIMS: ${HTTP_SIMS} + HTTPS_SIMS: ${HTTPS_SIMS} + HTTPS_SIMS_NO_AUTH: ${HTTPS_SIMS_NO_AUTH} NUM_FTP_SERVERS: ${NUM_FTP_SERVERS} NUM_HTTP_SERVERS: ${NUM_HTTP_SERVERS} MR_GROUPS: ${MR_GROUPS} @@ -228,47 +230,67 @@ services: depends_on: - tls-init-container - http-server0: + http-https-server0: networks: - dfcnet - container_name: dfc_http-server0 - image: http_httpd:latest + container_name: dfc_http-https-server0 + image: http_https_httpd:latest ports: - "81:80" + - "444:443" + - "8081:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server1: + http-https-server1: networks: - dfcnet - container_name: dfc_http-server1 - image: http_httpd:latest + container_name: dfc_http-https-server1 + image: http_https_httpd:latest ports: - "82:80" + - "445:443" + - "8082:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server2: + http-https-server2: networks: - dfcnet - container_name: dfc_http-server2 - image: http_httpd:latest + container_name: dfc_http-https-server2 + image: http_https_httpd:latest ports: - "83:80" + - "446:443" + - "8083:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server3: + http-https-server3: networks: - dfcnet - container_name: dfc_http-server3 - image: http_httpd:latest + container_name: dfc_http-https-server3 + image: http_https_httpd:latest ports: - "84:80" + - "447:443" + - "8084:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server4: + http-https-server4: networks: - dfcnet - container_name: dfc_http-server4 - image: http_httpd:latest + container_name: dfc_http-https-server4 + image: http_https_httpd:latest ports: - "85:80" + - "448:443" + - "8085:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw diff --git a/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh b/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh index fa56724bb..0021eca5e 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh @@ -1,4 +1,13 @@ #/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# #Script for manually preparing images for mr-sim, dr-sim, dr-redir-sim and sftp server. @@ -20,4 +29,4 @@ docker build -t ftpes_vsftpd:latest -f Dockerfile-ftpes . #Build image for http server cd ../http-https-server -docker build -t http_httpd:latest -f Dockerfile-http . +docker build -t http_https_httpd:latest -f Dockerfile-http-https . diff --git a/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh b/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh index 697850339..e53494392 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# #Script to kill and remove all simulators docker logs dfc_mr-sim @@ -21,6 +30,7 @@ docker kill dfc_http-server1 docker kill dfc_http-server2 docker kill dfc_http-server3 docker kill dfc_http-server4 +docker kill oom-certservice-post-processor docker kill dfc_cbs docker kill dfc_consul @@ -38,11 +48,12 @@ docker rm dfc_ftpes-server-vsftpd1 docker rm dfc_ftpes-server-vsftpd2 docker rm dfc_ftpes-server-vsftpd3 docker rm dfc_ftpes-server-vsftpd4 -docker rm dfc_http-server0 -docker rm dfc_http-server1 -docker rm dfc_http-server2 -docker rm dfc_http-server3 -docker rm dfc_http-server4 +docker rm -f dfc_http-https-server0 +docker rm -f dfc_http-https-server1 +docker rm -f dfc_http-https-server2 +docker rm -f dfc_http-https-server3 +docker rm -f dfc_http-https-server4 +docker rm -f oom-certservice-post-processor docker rm dfc_cbs docker rm dfc_consul diff --git a/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh b/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh index 895949caa..f39f052a0 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# set -x server_check() { for i in {1..10}; do @@ -12,16 +21,28 @@ server_check() { echo "Simulator " $1 " on localhost:$2$3 - no response" } -basic_auth_server_check() { +http_https_basic_server_check() { for i in {1..10}; do - res=$(curl -s -o /dev/null -w "%{http_code}" http://$BASIC_AUTH_LOGIN:$BASIC_AUTH_PASSWORD@localhost:$2$3) + res=$(curl $4 -s -o /dev/null -w "%{http_code}" "$3"://"$BASIC_AUTH_LOGIN":"$BASIC_AUTH_PASSWORD"@localhost:"$2") if [ $res -gt 199 ] && [ $res -lt 300 ]; then - echo "Simulator " $1 " on localhost:$2$3 responded ok" + echo "Simulator " "$1" " on localhost: ""$2"" responded ok" return fi sleep 1 done - echo "Simulator " $1 " on localhost:$2$3 - no response" + echo "Simulator " "$1" " on localhost:""$2"" - no response" +} + +http_https_server_check() { + for i in {1..10}; do + res=$(curl $4 -s -o /dev/null -w "%{http_code}" $3://localhost:$2) + if [ $res -gt 199 ] && [ $res -lt 300 ]; then + echo "Simulator " $1 " on localhost:$2 responded ok" + return + fi + sleep 1 + done + echo "Simulator " $1 " on localhost:$2 - no response" } server_check_https() { @@ -38,7 +59,7 @@ server_check_https() { ftpes_server_check() { for i in {1..10}; do - res=$(curl --silent --max-time 3 localhost:$2 2>&1 | grep vsFTPd) + res=$(curl --silent --max-time 3 ftp://localhost:$2 --ftp-ssl -v -k 2>&1 | grep vsFTPd) if ! [ -z "$res" ]; then echo "Simulator " $1 " on localhost:$2 responded ok" return @@ -50,7 +71,7 @@ ftpes_server_check() { sftp_server_check() { for i in {1..10}; do - res=$(curl --silent --max-time 3 localhost:$2 2>&1 | grep OpenSSH) + res=$(curl --silent --max-time 3 sftp://localhost:$2 -v -k 2>&1 | grep Connected) if ! [ -z "$res" ]; then echo "Simulator " $1 " on localhost:"$2" responded ok" return @@ -67,6 +88,11 @@ DOCKER_SIM_NWNAME="dfcnet" echo "Creating docker network $DOCKER_SIM_NWNAME, if needed" docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME +if [ -z "$SIM_GROUP" ] + then + export SIM_GROUP="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +fi + if [ -z "$NUM_FTP_SERVERS" ] then export NUM_FTP_SERVERS=1 @@ -101,11 +127,11 @@ FTPES_SIM[1]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd1')" FTPES_SIM[2]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd2')" FTPES_SIM[3]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd3')" FTPES_SIM[4]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd4')" -HTTP_SIM[0]="$(docker ps -q --filter='name=dfc_http-server0')" -HTTP_SIM[1]="$(docker ps -q --filter='name=dfc_http-server1')" -HTTP_SIM[2]="$(docker ps -q --filter='name=dfc_http-server2')" -HTTP_SIM[3]="$(docker ps -q --filter='name=dfc_http-server3')" -HTTP_SIM[4]="$(docker ps -q --filter='name=dfc_http-server4')" +HTTP_SIM[0]="$(docker ps -q --filter='name=dfc_http-https-server0')" +HTTP_SIM[1]="$(docker ps -q --filter='name=dfc_http-https-server1')" +HTTP_SIM[2]="$(docker ps -q --filter='name=dfc_http-https-server2')" +HTTP_SIM[3]="$(docker ps -q --filter='name=dfc_http-https-server3')" +HTTP_SIM[4]="$(docker ps -q --filter='name=dfc_http-https-server4')" CBS_SIM="$(docker ps -q --filter='name=dfc_cbs')" CONSUL_SIM="$(docker ps -q --filter='name=dfc_consul')" @@ -168,11 +194,26 @@ sftp_server_check "SFTP server 1" 1023 sftp_server_check "SFTP server 2" 1024 sftp_server_check "SFTP server 3" 1025 sftp_server_check "SFTP server 4" 1026 -basic_auth_server_check "HTTP server 0" 81 -basic_auth_server_check "HTTP server 1" 82 -basic_auth_server_check "HTTP server 2" 83 -basic_auth_server_check "HTTP server 3" 84 -basic_auth_server_check "HTTP server 4" 85 +http_https_basic_server_check "HTTP basic auth server 0" 81 http +http_https_basic_server_check "HTTP basic auth server 1" 82 http +http_https_basic_server_check "HTTP basic auth server 2" 83 http +http_https_basic_server_check "HTTP basic auth server 3" 84 http +http_https_basic_server_check "HTTP basic auth server 4" 85 http +http_https_basic_server_check "HTTPS basic auth server 0" 444 https -k +http_https_basic_server_check "HTTPS basic auth server 1" 445 https -k +http_https_basic_server_check "HTTPS basic auth server 2" 446 https -k +http_https_basic_server_check "HTTPS basic auth server 3" 447 https -k +http_https_basic_server_check "HTTPS basic auth server 4" 448 https -k +http_https_server_check "HTTPS client certificate authentication server 0" 444 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 1" 445 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 2" 446 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 3" 447 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 4" 448 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS no auth server 0" 8081 https -k +http_https_server_check "HTTPS no auth server 1" 8082 https -k +http_https_server_check "HTTPS no auth server 2" 8083 https -k +http_https_server_check "HTTPS no auth server 3" 8084 https -k +http_https_server_check "HTTPS no auth server 4" 8085 https -k echo "" @@ -235,7 +276,7 @@ if [ -z "$HTTP_FILE_PREFIXES" ] HTTP_FILE_PREFIXES="A" fi -if [ $HTTP_TYPE = "ALL" ] || [ $HTTP_TYPE = "HTTP" ]; then +if [ $HTTP_TYPE = "ALL" ] || [ $HTTP_TYPE = "HTTP" ] || [ $HTTP_TYPE = "HTTPS" ]; then echo "Creating files for HTTP server, may take time...." p=0 while [ $p -lt $NUM_HTTP_SERVERS ]; do |