Merge "Add CSITs for Truststore Merger"

author: Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com> 2020-08-26 12:12:09 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2020-08-26 12:12:09 +0000
commit: 0a97966e7ca9d378835fc7cb4a03939c8d6b3a7a (patch)
tree: df79f93aa55476c3229fb44ed29819ab57102e34
parent: 0e8096a3cc7fc7d27648948e169a321173b4a033 (diff)
parent: 764e0a41bd0fa062ff32287c53645fcbb650697e (diff)
30 files changed, 395 insertions, 0 deletions
diff --git a/plans/oom-platform-cert-service/truststoremerger/setup.sh b/plans/oom-platform-cert-service/truststoremerger/setup.sh
new file mode 100644
index 00000000..9f618406
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/setup.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+#
+# Copyright 2020 Nokia.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#export container name
+export MergerContainerName=TrustStoreMerger
+
+#install docker sdk
+echo "Uninstall docker-py and reinstall docker."
+pip uninstall -y docker-py
+pip uninstall -y docker
+pip install -U docker==2.7.0
+
+#install pyjks for .jks files management
+pip install pyjks
diff --git a/plans/oom-platform-cert-service/truststoremerger/teardown.sh b/plans/oom-platform-cert-service/truststoremerger/teardown.sh
new file mode 100644
index 00000000..a0ee4d26
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/teardown.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+#
+# Copyright 2017 ZTE, Inc. and others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+kill-instance.sh ${MergerContainerName}
diff --git a/plans/oom-platform-cert-service/truststoremerger/testplan.txt b/plans/oom-platform-cert-service/truststoremerger/testplan.txt
new file mode 100755
index 00000000..11e00832
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/testplan.txt
@@ -0,0 +1,3 @@
+# Test suites are relative paths under [integration/csit.git]/tests/.
+# Place the suites in run order.
+oom-platform-cert-service/truststoremerger
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
new file mode 100644
index 00000000..1c9f111a
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
new file mode 100644
index 00000000..978e682d
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
@@ -0,0 +1,63 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
+Bag Attributes
+    friendlyName: trusted-certificate-1
+    2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
+subject=UID = c-0b8462793092c1adf, CN = ManagementCA, O = EJBCA Container Quickstart
+
+issuer=UID = c-0b8462793092c1adf, CN = ManagementCA, O = EJBCA Container Quickstart
+
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
new file mode 100644
index 00000000..9edfaa41
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
new file mode 100644
index 00000000..f98b3366
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreJks.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
new file mode 100644
index 00000000..95c00fc2
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/empty.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
new file mode 100644
index 00000000..840728bb
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
new file mode 100644
index 00000000..5b971616
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.txt:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
new file mode 100644
index 00000000..1a195116
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
new file mode 100644
index 00000000..b397f9ac
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks_invalid.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
new file mode 100644
index 00000000..52fa88c6
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/invalid/truststore.jks:/invalid/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
new file mode 100644
index 00000000..3bd85a06
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12 b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
new file mode 100644
index 00000000..3a98c4a2
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
new file mode 100644
index 00000000..8815d6cb
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
new file mode 100644
index 00000000..817b6194
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
@@ -0,0 +1 @@
+WkTGRmhSe%PM;it?NRY888Ak
+\ No newline at end of file
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass
new file mode 100644
index 00000000..48036abd
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass
@@ -0,0 +1 @@
+0TZd_x#qp$78hJsm0wzc1dm_
+\ No newline at end of file
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
new file mode 100644
index 00000000..4afa1a27
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass::/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
new file mode 100644
index 00000000..e0240a74
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
new file mode 100644
index 00000000..66b6f66f
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py b/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py
new file mode 100644
index 00000000..cc60eed6
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py
@@ -0,0 +1,11 @@
+
+class EnvsReader:
+
+  def read_env_list_from_file(self, path):
+    f = open(path, "r")
+    r_list = []
+    for line in f:
+      line = line.strip()
+      if line[0] != "#":
+        r_list.append(line)
+    return r_list
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py b/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py
new file mode 100644
index 00000000..e18ca12c
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py
@@ -0,0 +1,18 @@
+
+import jks
+
+class JksTruststoreValidator:
+
+  def get_truststore(self, truststore_path, password_path):
+    truststore = jks.KeyStore.load(truststore_path, open(password_path, 'rb').read())
+    return truststore.certs
+
+  def assert_jks_truststores_equal(self, result_truststore_path, password_path, expected_truststore_path):
+    result_certs = self.get_truststore(result_truststore_path, password_path)
+    expected_certs = self.get_truststore(expected_truststore_path, password_path)
+    if len(result_certs) != len(expected_certs):
+      return False
+    for k in result_certs:
+      if not (k in expected_certs and result_certs[k].cert == expected_certs[k].cert):
+        return False
+    return True
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py b/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py
new file mode 100644
index 00000000..8dc9623d
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py
@@ -0,0 +1,19 @@
+import re
+
+BEGIN_CERT = "-----BEGIN CERTIFICATE-----"
+END_CERT = "-----END CERTIFICATE-----"
+
+class PemTruststoreValidator:
+
+  def assert_pem_truststores_equal(self, result_pem_path, expected_pem_path):
+    result_certs = self.get_list_of_pem_certificates(result_pem_path)
+    expected_certs = self.get_list_of_pem_certificates(expected_pem_path)
+    result_certs.sort()
+    expected_certs.sort()
+    if len(result_certs) != len(expected_certs):
+      return False
+    return result_certs == expected_certs
+
+
+  def get_list_of_pem_certificates(self, path):
+    return re.findall(BEGIN_CERT + '(.+?)' + END_CERT, open(path, 'rb').read(), re.DOTALL)
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py b/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py
new file mode 100644
index 00000000..f7a493c4
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py
@@ -0,0 +1,47 @@
+import docker
+import os
+import shutil
+from EnvsReader import EnvsReader
+from docker.types import Mount
+
+ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
+
+
+class TrustMergerManager:
+
+  def __init__(self, mount_path, truststores_path):
+    self.mount_path = mount_path
+    self.truststores_path = truststores_path
+
+  def run_merger_container(self, merger_image, merger_name, path_to_env):
+    self.remove_mount_dir()
+    shutil.copytree(self.truststores_path, self.mount_path)
+    client = docker.from_env()
+    environment = EnvsReader().read_env_list_from_file(path_to_env)
+    container = client.containers.run(
+        image=merger_image,
+        name=merger_name,
+        environment=environment,
+        user='root',  # Run container as root to avoid permission issues with volume mount access
+        mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind')],
+        detach=True
+    )
+    exitcode = container.wait()
+    return exitcode
+
+  def create_mount_dir(self):
+    if not os.path.exists(self.mount_path):
+      os.makedirs(self.mount_path)
+
+  def remove_mount_dir(self):
+    if os.path.exists(self.mount_path):
+      shutil.rmtree(self.mount_path)
+
+  def remove_merger_container_and_save_logs(self, container_name, log_file_name):
+    client = docker.from_env()
+    container = client.containers.get(container_name)
+    text_file = open(ARCHIVES_PATH + "merger_container_" + log_file_name + ".log", "w")
+    text_file.write(container.logs())
+    text_file.close()
+    container.remove()
+    self.remove_mount_dir()
diff --git a/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot
new file mode 100644
index 00000000..1040afab
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot
@@ -0,0 +1,34 @@
+*** Settings ***
+
+Resource          ../../../common.robot
+Resource          ./trust-merger-properties.robot
+Library           ../libraries/TrustMergerManager.py  ${MOUNT_PATH}  ${TRUSTSTORES_PATH}
+Library           ../libraries/JksTruststoreValidator.py
+Library           ../libraries/PemTruststoreValidator.py
+
+*** Keywords ***
+
+Run Trust Merger And Expect Error
+    [Documentation]  Run Truststore Merger Container And Validate Exit Code
+    [Arguments]   ${env_file}  ${expected_exit_code}
+    ${exit_code}=  Run Merger Container  ${DOCKER_MERGER_IMAGE}  ${MERGER_CONTAINER_NAME}  ${env_file}
+    Remove Merger Container And Save Logs  ${MERGER_CONTAINER_NAME}  negative_path
+    Should Be Equal As Strings  ${exit_code}  ${expected_exit_code}  Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+
+Run Trust Merger And Merge Truststore Files To Jks
+    [Documentation]  Run Truststore Merger Container And Validate Exit Code And Files
+    [Arguments]  ${env_file}  ${expected_exit_code}  ${jks_path}  ${jks_password}  ${expected_jks_path}
+    ${exit_code}=  Run Merger Container  ${DOCKER_MERGER_IMAGE}  ${MERGER_CONTAINER_NAME}  ${env_file}
+    ${files_equal}=  Assert Jks Truststores Equal  ${jks_path}  ${jks_password}  ${expected_jks_path}
+    Remove Merger Container And Save Logs  ${MERGER_CONTAINER_NAME}  positive_path
+    Should Be Equal As Strings  ${exit_code}  ${expected_exit_code}  Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+    Should Be True  ${files_equal}
+
+Run Trust Merger And Merge Truststore Files To Pem
+    [Documentation]  Run Truststore Merger Container And Validate Exit Code And Files
+    [Arguments]  ${env_file}  ${expected_exit_code}  ${pem_path}  ${expected_pem_path}
+    ${exit_code}=  Run Merger Container  ${DOCKER_MERGER_IMAGE}  ${MERGER_CONTAINER_NAME}  ${env_file}
+    ${files_equal}=  Assert Pem Truststores Equal  ${pem_path}  ${expected_pem_path}
+    Remove Merger Container And Save Logs  ${MERGER_CONTAINER_NAME}  positive_path
+    Should Be Equal As Strings  ${exit_code}  ${expected_exit_code}  Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+    Should Be True  ${files_equal}
diff --git a/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot
new file mode 100644
index 00000000..d356f604
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot
@@ -0,0 +1,35 @@
+*** Variables ***
+
+${DOCKER_MERGER_IMAGE}                                nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-truststore-merger:latest
+${MERGER_CONTAINER_NAME}                              %{MergerContainerName}
+${MOUNT_PATH}                                         %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp
+${TRUSTSTORES_PATH}                                   %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores
+${EXPECTED_TRUSTSTORES_PATH}                          %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores
+
+${JKS_TRUSTSTORE_MOUNT_PATH}                          %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.jks
+${JKS_PASSWORD_MOUNT_PATH}                            %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststoreJks.pass
+${P12_TRUSTSTORE_MOUNT_PATH}                          %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.p12
+${P12_PASSWORD_MOUNT_PATH}                            %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststoreP12.pass
+${PEM_TRUSTSTORE_MOUNT_PATH}                          %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.pem
+
+${JKS_TRUSTSTORE_EXPECTED_PATH}                       %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
+${PEM_TRUSTSTORE_EXPECTED_PATH}                       %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
+
+${INVALID_ENV_EMPTY_FILE}                             %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
+${INVALID_ENV_LIST_SIZE}                              %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
+${INVALID_ENV_EMPTY_PASSWORDS}                        %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
+${INVALID_PASSWORD_PATHS}                             %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
+${INVALID_ENV_TRUSTSTORE_PATHS}                       %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
+${INVALID_ENV_FILE_PASSWORD}                          %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
+${INVALID_ENV_EXTENSION}                              %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
+${INVALID_ENV_DUPLICATED_ALIASES}                     %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
+${INVALID_ENV_EMPTY_CERTS}                            %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
+${VALID_ENV_JKS_PEM_P12}                              %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
+${VALID_ENV_PEM_P12}                                  %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
+${VALID_ENV_SINGLE_TRUSTSTORE}                        %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
+
+${TRUSTSTORE_JKS}                                     %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
+${TRUSTSTORE_JKS_PASS}                                %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
+${TRUSTSTORE_P12}                                     %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
+${TRUSTSTORE_P12_PASS}                                %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pass
+${TRUSTSTORE_PEM}                                     %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
diff --git a/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot b/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot
new file mode 100644
index 00000000..966a4243
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot
@@ -0,0 +1,67 @@
+*** Settings ***
+
+Documentation     Truststore merger test case scenarios
+Library 	      RequestsLibrary
+Resource          ./resources/trust-merger-keywords.robot
+
+*** Test Cases ***
+
+Trust Merger fails when file extension is invalid
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with invalid truststore extension env and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_EXTENSION}  1
+
+Trust Merger fails when truststore and passwords envs not provided
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with invalid empty envs and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_EMPTY_FILE}  1
+
+Trust Merger fails when list sizes are different
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with different truststore and password envs size and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_LIST_SIZE}  2
+
+Trust Merger fails when a variable is empty
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with empty truststore password path env and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_EMPTY_PASSWORDS}  2
+
+Trust Merger fails when truststore paths are invalid
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with invalid truststore path and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_TRUSTSTORE_PATHS}  3
+
+Trust Merger fails when password path is invalid
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with invalid password path and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_PASSWORD_PATHS}  4
+
+Trust Merger fails when password file pair is invalid
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with incorrect password env and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_FILE_PASSWORD}  7
+
+Trust Merger fails when pem does not contain cert
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with empty pem truststore and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_EMPTY_CERTS}  9
+
+Trust Merger fails when aliases are duplicated
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with duplicated aliases in truststores and expect error code
+    Run Trust Merger And Expect Error  ${INVALID_ENV_DUPLICATED_ALIASES}  10
+
+Trust Merger merges successfully jks pem p12
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with valid env file and expect merged certs from jks, pem and p12
+    Run Trust Merger And Merge Truststore Files To Jks  ${VALID_ENV_JKS_PEM_P12}  0  ${JKS_TRUSTSTORE_MOUNT_PATH}  ${TRUSTSTORE_JKS_PASS}  ${JKS_TRUSTSTORE_EXPECTED_PATH}
+
+Trust Merger merges successfully pem p12
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with valid env file and expect merged certs from pem and p12
+    Run Trust Merger And Merge Truststore Files To Pem  ${VALID_ENV_PEM_P12}  0  ${PEM_TRUSTSTORE_MOUNT_PATH}  ${PEM_TRUSTSTORE_EXPECTED_PATH}
+
+Trust Merger ends successfully with single truststore
+    [Tags]      OOM-TRUST-STORE-MERGER
+    [Documentation]  Run with one truststore in env file and expect code 0
+    Run Trust Merger And Merge Truststore Files To Jks  ${VALID_ENV_SINGLE_TRUSTSTORE}  0  ${JKS_TRUSTSTORE_MOUNT_PATH}  ${TRUSTSTORE_JKS_PASS}  ${TRUSTSTORE_JKS}
author	Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com>	2020-08-26 12:12:09 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2020-08-26 12:12:09 +0000
commit	0a97966e7ca9d378835fc7cb4a03939c8d6b3a7a (patch)
tree	df79f93aa55476c3229fb44ed29819ab57102e34
parent	0e8096a3cc7fc7d27648948e169a321173b4a033 (diff)
parent	764e0a41bd0fa062ff32287c53645fcbb650697e (diff)