aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMarcin Przybysz <marcin.przybysz@nokia.com>2020-03-23 12:34:20 +0000
committerGerrit Code Review <gerrit@onap.org>2020-03-23 12:34:20 +0000
commit6084ae6d95002956774b813202d3fc70ffddfabf (patch)
tree054d0626120f0f0238784acb2638296d1d9ee632
parent48496a511e8aa634c8b13ece136f7d63b659bdc1 (diff)
parented0f3be44b4a98f19b0998982ed858cbfb0d1aa1 (diff)
Merge "Make certservice-client use volume mount"
-rw-r--r--tests/aaf/certservice/assets/invalid_client_docker.env4
-rw-r--r--tests/aaf/certservice/assets/valid_client_docker.env2
-rw-r--r--tests/aaf/certservice/libraries/CertClientManager.py57
-rw-r--r--tests/aaf/certservice/resources/cert-service-keywords.robot2
4 files changed, 28 insertions, 37 deletions
diff --git a/tests/aaf/certservice/assets/invalid_client_docker.env b/tests/aaf/certservice/assets/invalid_client_docker.env
index 7fbc666e..3e7d879b 100644
--- a/tests/aaf/certservice/assets/invalid_client_docker.env
+++ b/tests/aaf/certservice/assets/invalid_client_docker.env
@@ -1,6 +1,6 @@
#Client envs
REQUEST_TIMEOUT=5000
-OUTPUT_PATH=/var/log
+OUTPUT_PATH=/var/certs
CA_NAME=Invalid
#Csr config envs
COMMON_NAME=onap.org
@@ -9,4 +9,4 @@ ORGANIZATION_UNIT=ONAP
LOCATION=San-Francisco
STATE=California
COUNTRY=US
-SANS=example.com:example1.com:example3.com \ No newline at end of file
+SANS=example.com:sample.com \ No newline at end of file
diff --git a/tests/aaf/certservice/assets/valid_client_docker.env b/tests/aaf/certservice/assets/valid_client_docker.env
index 7a219761..01818960 100644
--- a/tests/aaf/certservice/assets/valid_client_docker.env
+++ b/tests/aaf/certservice/assets/valid_client_docker.env
@@ -1,6 +1,6 @@
#Client envs
REQUEST_TIMEOUT=30000
-OUTPUT_PATH=/var/log
+OUTPUT_PATH=/var/certs
CA_NAME=RA
#Csr config envs
COMMON_NAME=onap.org
diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/aaf/certservice/libraries/CertClientManager.py
index ebacf221..792b6939 100644
--- a/tests/aaf/certservice/libraries/CertClientManager.py
+++ b/tests/aaf/certservice/libraries/CertClientManager.py
@@ -1,12 +1,12 @@
import docker
import os
import shutil
-import tarfile
import re
from OpenSSL import crypto
+from docker.types import Mount
ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
-TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
+MOUNT_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
ERROR_API_REGEX = 'Error on API response.*[0-9]{3}'
RESPONSE_CODE_REGEX = '[0-9]{3}'
@@ -15,11 +15,19 @@ RESPONSE_CODE_REGEX = '[0-9]{3}'
class CertClientManager:
def run_client_container(self, client_image, container_name, path_to_env, request_url, network):
+ self.create_mount_dir()
client = docker.from_env()
environment = self.read_list_env_from_file(path_to_env)
environment.append("REQUEST_URL=" + request_url)
- container = client.containers.run(image=client_image, name=container_name, detach=True, environment=environment,
- network=network)
+ container = client.containers.run(
+ image=client_image,
+ name=container_name,
+ environment=environment,
+ network=network,
+ user='root', #Run container as root to avoid permission issues with volume mount access
+ mounts=[Mount(target='/var/certs', source=MOUNT_PATH, type='bind')],
+ detach=True
+ )
exitcode = container.wait()
return exitcode
@@ -39,40 +47,19 @@ class CertClientManager:
text_file.write(container.logs())
text_file.close()
container.remove()
+ self.remove_mount_dir()
- def can_open_keystore_and_truststore_with_pass(self, container_name):
- self.copy_jks_file_to_tmp_dir(container_name)
-
- keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass'
- keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks'
+ def can_open_keystore_and_truststore_with_pass(self):
+ keystore_pass_path = MOUNT_PATH + '/keystore.pass'
+ keystore_jks_path = MOUNT_PATH + '/keystore.jks'
can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path)
- truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass'
- truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks'
+ truststore_pass_path = MOUNT_PATH + '/truststore.pass'
+ truststore_jks_path = MOUNT_PATH + '/truststore.jks'
can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path)
- self.remove_tmp_dir(TMP_PATH)
return can_open_keystore & can_open_truststore
- def copy_jks_file_to_tmp_dir(self, container_name):
- os.mkdir(TMP_PATH)
- self.copy_jks_file_from_container_to_tmp_dir(container_name)
- self.extract_tar_file()
-
- def copy_jks_file_from_container_to_tmp_dir(self, container_name):
- client = docker.from_env()
- container = client.containers.get(container_name)
- f = open(TMP_PATH + '/var_log.tar', 'wb')
- bits, stat = container.get_archive('/var/log/')
- for chunk in bits:
- f.write(chunk)
- f.close()
-
- def extract_tar_file(self):
- my_tar = tarfile.open(TMP_PATH + '/var_log.tar')
- my_tar.extractall(TMP_PATH + '/logs')
- my_tar.close()
-
def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path):
try:
password = open(pass_file_path, 'rb').read()
@@ -81,8 +68,12 @@ class CertClientManager:
except:
return False
- def remove_tmp_dir(self, tmp_path):
- shutil.rmtree(tmp_path)
+ def create_mount_dir(self):
+ if not os.path.exists(MOUNT_PATH):
+ os.makedirs(MOUNT_PATH)
+
+ def remove_mount_dir(self):
+ shutil.rmtree(MOUNT_PATH)
def can_find_api_response_in_logs(self, container_name):
logs = self.get_container_logs(container_name)
diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot
index c70cfcf4..75cebadc 100644
--- a/tests/aaf/certservice/resources/cert-service-keywords.robot
+++ b/tests/aaf/certservice/resources/cert-service-keywords.robot
@@ -87,7 +87,7 @@ Run Cert Service Client And Validate JKS File Creation And Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
[Arguments] ${env_file} ${expected_exit_code}
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
- ${can_open}= Can Open Keystore And Truststore With Pass ${CLIENT_CONTAINER_NAME}
+ ${can_open}= Can Open Keystore And Truststore With Pass
Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase