diff options
author | Marcin Przybysz <marcin.przybysz@nokia.com> | 2020-03-23 12:34:20 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-03-23 12:34:20 +0000 |
commit | 6084ae6d95002956774b813202d3fc70ffddfabf (patch) | |
tree | 054d0626120f0f0238784acb2638296d1d9ee632 | |
parent | 48496a511e8aa634c8b13ece136f7d63b659bdc1 (diff) | |
parent | ed0f3be44b4a98f19b0998982ed858cbfb0d1aa1 (diff) |
Merge "Make certservice-client use volume mount"
4 files changed, 28 insertions, 37 deletions
diff --git a/tests/aaf/certservice/assets/invalid_client_docker.env b/tests/aaf/certservice/assets/invalid_client_docker.env index 7fbc666e..3e7d879b 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker.env +++ b/tests/aaf/certservice/assets/invalid_client_docker.env @@ -1,6 +1,6 @@ #Client envs REQUEST_TIMEOUT=5000 -OUTPUT_PATH=/var/log +OUTPUT_PATH=/var/certs CA_NAME=Invalid #Csr config envs COMMON_NAME=onap.org @@ -9,4 +9,4 @@ ORGANIZATION_UNIT=ONAP LOCATION=San-Francisco STATE=California COUNTRY=US -SANS=example.com:example1.com:example3.com
\ No newline at end of file +SANS=example.com:sample.com
\ No newline at end of file diff --git a/tests/aaf/certservice/assets/valid_client_docker.env b/tests/aaf/certservice/assets/valid_client_docker.env index 7a219761..01818960 100644 --- a/tests/aaf/certservice/assets/valid_client_docker.env +++ b/tests/aaf/certservice/assets/valid_client_docker.env @@ -1,6 +1,6 @@ #Client envs REQUEST_TIMEOUT=30000 -OUTPUT_PATH=/var/log +OUTPUT_PATH=/var/certs CA_NAME=RA #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/aaf/certservice/libraries/CertClientManager.py index ebacf221..792b6939 100644 --- a/tests/aaf/certservice/libraries/CertClientManager.py +++ b/tests/aaf/certservice/libraries/CertClientManager.py @@ -1,12 +1,12 @@ import docker import os import shutil -import tarfile import re from OpenSSL import crypto +from docker.types import Mount ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/" -TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp" +MOUNT_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp" ERROR_API_REGEX = 'Error on API response.*[0-9]{3}' RESPONSE_CODE_REGEX = '[0-9]{3}' @@ -15,11 +15,19 @@ RESPONSE_CODE_REGEX = '[0-9]{3}' class CertClientManager: def run_client_container(self, client_image, container_name, path_to_env, request_url, network): + self.create_mount_dir() client = docker.from_env() environment = self.read_list_env_from_file(path_to_env) environment.append("REQUEST_URL=" + request_url) - container = client.containers.run(image=client_image, name=container_name, detach=True, environment=environment, - network=network) + container = client.containers.run( + image=client_image, + name=container_name, + environment=environment, + network=network, + user='root', #Run container as root to avoid permission issues with volume mount access + mounts=[Mount(target='/var/certs', source=MOUNT_PATH, type='bind')], + detach=True + ) exitcode = container.wait() return exitcode @@ -39,40 +47,19 @@ class CertClientManager: text_file.write(container.logs()) text_file.close() container.remove() + self.remove_mount_dir() - def can_open_keystore_and_truststore_with_pass(self, container_name): - self.copy_jks_file_to_tmp_dir(container_name) - - keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass' - keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks' + def can_open_keystore_and_truststore_with_pass(self): + keystore_pass_path = MOUNT_PATH + '/keystore.pass' + keystore_jks_path = MOUNT_PATH + '/keystore.jks' can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path) - truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass' - truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks' + truststore_pass_path = MOUNT_PATH + '/truststore.pass' + truststore_jks_path = MOUNT_PATH + '/truststore.jks' can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path) - self.remove_tmp_dir(TMP_PATH) return can_open_keystore & can_open_truststore - def copy_jks_file_to_tmp_dir(self, container_name): - os.mkdir(TMP_PATH) - self.copy_jks_file_from_container_to_tmp_dir(container_name) - self.extract_tar_file() - - def copy_jks_file_from_container_to_tmp_dir(self, container_name): - client = docker.from_env() - container = client.containers.get(container_name) - f = open(TMP_PATH + '/var_log.tar', 'wb') - bits, stat = container.get_archive('/var/log/') - for chunk in bits: - f.write(chunk) - f.close() - - def extract_tar_file(self): - my_tar = tarfile.open(TMP_PATH + '/var_log.tar') - my_tar.extractall(TMP_PATH + '/logs') - my_tar.close() - def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path): try: password = open(pass_file_path, 'rb').read() @@ -81,8 +68,12 @@ class CertClientManager: except: return False - def remove_tmp_dir(self, tmp_path): - shutil.rmtree(tmp_path) + def create_mount_dir(self): + if not os.path.exists(MOUNT_PATH): + os.makedirs(MOUNT_PATH) + + def remove_mount_dir(self): + shutil.rmtree(MOUNT_PATH) def can_find_api_response_in_logs(self, container_name): logs = self.get_container_logs(container_name) diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot index c70cfcf4..75cebadc 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/aaf/certservice/resources/cert-service-keywords.robot @@ -87,7 +87,7 @@ Run Cert Service Client And Validate JKS File Creation And Client Exit Code [Documentation] Run Cert Service Client Container And Validate Exit Code [Arguments] ${env_file} ${expected_exit_code} ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} - ${can_open}= Can Open Keystore And Truststore With Pass ${CLIENT_CONTAINER_NAME} + ${can_open}= Can Open Keystore And Truststore With Pass Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase |