Merge "HV-VES expects passwords to be placed in files"

4 files changed, 11 insertions, 7 deletions

diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json
index 2c2610a0..018f590a 100644
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json
@@ -6,7 +6,7 @@
   "cbs.firstRequestDelaySec": 3,
   "cbs.requestIntervalSec": 5,
   "security.keys.keyStoreFile": "/etc/hv-ves/ssl/server.p12",
-  "security.keys.keyStorePassword": "onaponap",
+  "security.keys.keyStorePasswordFile": "/etc/hv-ves/ssl/server.pass",
   "security.keys.trustStoreFile": "/etc/hv-ves/ssl/trust.p12",
-  "security.keys.trustStorePassword": "onaponap"
+  "security.keys.trustStorePasswordFile": "/etc/hv-ves/ssl/trust.pass"
 }
\ No newline at end of file
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore
index 0729569c..955c17d1 100644
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore
@@ -4,3 +4,4 @@
 *.csr
 *.pkcs12
 *.p12
+*.pass
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh
index 9f6bea20..33e3b32b 100755
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh
@@ -41,6 +41,8 @@ function gen_key() {
   keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
       keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
       keytool -alias ${key_name} -importcert ${keystore}
+
+  printf ${STORE_PASS} > ${key_name}.pass
 }
 
 
@@ -54,10 +56,11 @@ function gen_truststore() {
   local name="$1"
   local trusted_ca="$2"
   keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12
+  printf ${STORE_PASS} > ${name}.pass
 }
 
 function clean() {
-  rm -f *.crt *.p12
+  rm -f *.crt *.p12 *.pass
 }
 
 if [[ $# -eq 0 ]]; then
@@ -74,4 +77,3 @@ else
   echo "usage: $0 [clean]"
   exit 1
 fi
-
diff --git a/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py b/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py
index 789c0b69..ea225c53 100644
--- a/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py
+++ b/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py
@@ -158,8 +158,9 @@ class XnfSimulator:
         cert_name_prefix = "" if should_use_valid_certs else "untrusted"
         certificates_path_with_file_prefix = COLLECTOR_CERTS_LOOKUP_DIR + cert_name_prefix
         self.key_store_path = certificates_path_with_file_prefix + "client.p12"
+        self.key_store_passwd_path = certificates_path_with_file_prefix + "client.pass"
         self.trust_store_path = certificates_path_with_file_prefix + "trust.p12"
-        self.sec_store_passwd = "onaponap"
+        self.trust_store_passwd_path = certificates_path_with_file_prefix + "trust.pass"
         self.disable_ssl = should_disable_ssl
         self.hv_collector_host = UNENCRYPTED_HV_VES_SERVICE_NAME \
             if should_connect_to_unencrypted_hv_ves else HV_VES_SERVICE_NAME
@@ -171,8 +172,8 @@ class XnfSimulator:
                            "--ves-port", "6061",
                            "--key-store", self.key_store_path,
                            "--trust-store", self.trust_store_path,
-                           "--key-store-password", self.sec_store_passwd,
-                           "--trust-store-password", self.sec_store_passwd]
+                           "--key-store-password-file", self.key_store_passwd_path,
+                           "--trust-store-password-file", self.trust_store_passwd_path]
         if self.disable_ssl:
             startup_command.append("--ssl-disable")
         return startup_command