Move csits form aaf to oom

create csit folder under oom
move csits from aaf to oom
reconfigure csits: remove aaf word, use new image

Issue-ID: OOM-2526
Signed-off-by: Pawel <pawel.kasperkiewicz@nokia.com>
Change-Id: I7b1f010fe46420cb734c67133f038bdadffd5ecc

7 files changed, 0 insertions, 337 deletions

diff --git a/plans/aaf/certservice/certs/Makefile b/plans/aaf/certservice/certs/Makefile
deleted file mode 100644
index 126e0533..00000000
--- a/plans/aaf/certservice/certs/Makefile
+++ /dev/null
@@ -1,110 +0,0 @@
-all: step_1 step_2 step_3 step_4 step_5 step_6 step_7 step_8 step_9 step_10 step_11 step_12 step_13 step_14 step_15
-.PHONY: all
-#Clear certificates
-clear:
-	@echo "Clear certificates"
-	rm -f certServiceClient-keystore.jks certServiceServer-keystore.jks root.crt truststore.jks certServiceServer-keystore.p12
-	@echo "#####done#####"
-
-#Generate root private and public keys
-step_1:
-	@echo "Generate root private and public keys"
-	keytool -genkeypair -v -alias root -keyalg RSA -keysize 4096 -validity 3650 -keystore root-keystore.jks \
-    -dname "CN=root.com, OU=Root Org, O=Root Company, L=Wroclaw, ST=Dolny Slask, C=PL" -keypass secret \
-    -storepass secret -ext BasicConstraints:critical="ca:true"
-	@echo "#####done#####"
-
-#Export public key as certificate
-step_2:
-	@echo "(Export public key as certificate)"
-	keytool -exportcert -alias root -keystore root-keystore.jks -storepass secret -file root.crt -rfc
-	@echo "#####done#####"
-
-#Self-signed root (import root certificate into truststore)
-step_3:
-	@echo "(Self-signed root (import root certificate into truststore))"
-	keytool -importcert -alias root -keystore truststore.jks -file root.crt -storepass secret -noprompt
-	@echo "#####done#####"
-
-#Generate certService's client private and public keys
-step_4:
-	@echo "Generate certService's client private and public keys"
-	keytool -genkeypair -v -alias certServiceClient -keyalg RSA -keysize 2048 -validity 730 \
-    -keystore certServiceClient-keystore.jks -storetype JKS \
-    -dname "CN=certServiceClient.com,OU=certServiceClient company,O=certServiceClient org,L=Wroclaw,ST=Dolny Slask,C=PL" \
-    -keypass secret -storepass secret
-	@echo "####done####"
-
-#Generate certificate signing request for certService's client
-step_5:
-	@echo "Generate certificate signing request for certService's client"
-	keytool -certreq -keystore certServiceClient-keystore.jks -alias certServiceClient -storepass secret -file certServiceClient.csr
-	@echo "####done####"
-
-#Sign certService's client certificate by root CA
-step_6:
-	@echo "Sign certService's client certificate by root CA"
-	keytool -gencert -v -keystore root-keystore.jks -storepass secret -alias root -infile certServiceClient.csr \
-    -outfile certServiceClientByRoot.crt -rfc -ext bc=0  -ext ExtendedkeyUsage="serverAuth,clientAuth"
-	@echo "####done####"
-
-#Import root certificate into client
-step_7:
-	@echo "Import root certificate into intermediate"
-	cat root.crt >> certServiceClientByRoot.crt
-	@echo "####done####"
-
-#Import signed certificate into certService's client
-step_8:
-	@echo "Import signed certificate into certService's client"
-	keytool -importcert -file certServiceClientByRoot.crt -destkeystore certServiceClient-keystore.jks -alias certServiceClient -storepass secret -noprompt
-	@echo "####done####"
-
-#Generate certService private and public keys
-step_9:
-	@echo "Generate certService private and public keys"
-	keytool -genkeypair -v -alias aaf-cert-service -keyalg RSA -keysize 2048 -validity 730 \
-    -keystore certServiceServer-keystore.jks -storetype JKS \
-    -dname "CN=aaf-cert-service,OU=certServiceServer company,O=certServiceServer org,L=Wroclaw,ST=Dolny Slask,C=PL" \
-    -keypass secret -storepass secret -ext BasicConstraints:critical="ca:false"
-	@echo "####done####"
-
-#Generate certificate signing request for certService
-step_10:
-	@echo "Generate certificate signing request for certService"
-	keytool -certreq -keystore certServiceServer-keystore.jks -alias aaf-cert-service -storepass secret -file certServiceServer.csr
-	@echo "####done####"
-
-#Sign certService certificate by root CA
-step_11:
-	@echo "Sign certService certificate by root CA"
-	keytool -gencert -v -keystore root-keystore.jks -storepass secret -alias root -infile certServiceServer.csr \
-    -outfile certServiceServerByRoot.crt -rfc -ext bc=0  -ext ExtendedkeyUsage="serverAuth,clientAuth" \
-    -ext SubjectAlternativeName:="DNS:aaf-cert-service,DNS:localhost"
-	@echo "####done####"
-
-#Import root certificate into server
-step_12:
-	@echo "Import root certificate into intermediate(server)"
-	cat root.crt >> certServiceServerByRoot.crt
-	@echo "####done####"
-
-#Import signed certificate into certService
-step_13:
-	@echo "Import signed certificate into certService"
-	keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias aaf-cert-service \
-    -storepass secret -noprompt
-	@echo "####done####"
-
-#Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)
-step_14:
-	@echo "Convert certServiceServer-keystore(.jks) to PCKS12 format(.p12)"
-	keytool -importkeystore -srckeystore certServiceServer-keystore.jks -srcstorepass secret \
-        -destkeystore certServiceServer-keystore.p12 -deststoretype PKCS12 -deststorepass secret
-	@echo "#####done#####"
-
-#Clear unused certificates
-step_15:
-	@echo "Clear unused certificates"
-	rm -f certServiceClientByRoot.crt certServiceClient.csr root-keystore.jks certServiceServerByRoot.crt  certServiceServer.csr
-	@echo "#####done#####"
diff --git a/plans/aaf/certservice/cmpServers.json b/plans/aaf/certservice/cmpServers.json
deleted file mode 100644
index d6557c52..00000000
--- a/plans/aaf/certservice/cmpServers.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-  "cmpv2Servers": [
-    {
-      "caName": "Client",
-      "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
-      "issuerDN": "CN=ManagementCA",
-      "caMode": "CLIENT",
-      "authentication": {
-        "iak": "mypassword",
-        "rv": "mypassword"
-      }
-    },
-    {
-      "caName": "RA",
-      "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
-      "issuerDN": "CN=ManagementCA",
-      "caMode": "RA",
-      "authentication": {
-        "iak": "mypassword",
-        "rv": "mypassword"
-      }
-    }
-  ]
-}
diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/aaf/certservice/docker-compose.yml
deleted file mode 100644
index dcac7df0..00000000
--- a/plans/aaf/certservice/docker-compose.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-version: "2.1"
-
-services:
-  ejbca:
-    image: primekey/ejbca-ce:6.15.2.5
-    hostname: cahostname
-    container_name: aafcert-ejbca
-    ports:
-      - "80:8080"
-      - "443:8443"
-    volumes:
-      - $SCRIPTS_PATH:/opt/primekey/scripts
-    healthcheck:
-      test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
-      interval: 20s
-      timeout: 3s
-      retries: 9
-    networks:
-      - certservice
-
-  aaf-cert-service:
-    image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:latest
-    volumes:
-      - $CONFIGURATION_PATH:/etc/onap/aaf/certservice/cmpServers.json
-      - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks
-      - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt
-      - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks
-      - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12
-    container_name: aafcert-service
-    ports:
-      - "8443:8443"
-    depends_on:
-      ejbca:
-        condition: service_healthy
-    healthcheck:
-      test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"]
-      interval: 10s
-      timeout: 3s
-      retries: 15
-    networks:
-      - certservice
-
-
-networks:
-  certservice:
-    driver: bridge
-
diff --git a/plans/aaf/certservice/scripts/ejbca-configuration.sh b/plans/aaf/certservice/scripts/ejbca-configuration.sh
deleted file mode 100755
index 77f5c555..00000000
--- a/plans/aaf/certservice/scripts/ejbca-configuration.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-configureEjbca() {
-    ejbca.sh config cmp addalias --alias cmpRA
-    ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra
-    ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword
-    ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe
-    ejbca.sh config cmp dumpalias --alias cmpRA
-    ejbca.sh config cmp addalias --alias cmp
-    ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true
-    ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe
-    ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password mypassword --type 1 --token USERGENERATED
-    ejbca.sh ra setclearpwd --username Node123 --password mypassword
-    ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN
-    ejbca.sh config cmp dumpalias --alias cmp
-    ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem
-}
-
-configureEjbca
diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh
deleted file mode 100644
index 1200e964..00000000
--- a/plans/aaf/certservice/setup.sh
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/bin/bash
-#
-# Copyright 2020 Nokia.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-# ------------------------------------
-# Resolve path to script's directory and cmp servers configuration
-
-SCRIPT=`realpath $0`
-CURRENT_WORKDIR_PATH=`dirname $SCRIPT`
-PROJECT_DIRECTORY="plans/aaf/certservice"
-
-SCRIPTS_DIRECTORY="scripts"
-
-JENKINS_SCRIPTS_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$SCRIPTS_DIRECTORY"
-LOCAL_SCRIPTS_PATH="$CURRENT_WORKDIR_PATH/$SCRIPTS_DIRECTORY"
-
-# ------------------------------------
-#Prepare enviroment for client
-#install docker sdk
-echo "Uninstall docker-py and reinstall docker."
-pip uninstall -y docker-py
-pip uninstall -y docker
-pip install -U docker==2.7.0
-
-#reinstall pyopenssl library
-echo "Reinstall pyopenssl library."
-pip uninstall pyopenssl -y
-pip install pyopenssl==17.5.0
-
-#install pyjks for .jks files management
-pip install pyjks
-
-#Disable proxy - for local run
-unset http_proxy https_proxy
-
-#export container name
-export ClientContainerName=CertServiceClient
-# ------------------------------------
-
-if test -d "$JENKINS_SCRIPTS_PATH"; then
-    SCRIPTS_PATH=$JENKINS_SCRIPTS_PATH
-else test -f "$LOCAL_SCRIPTS_PATH";
-    SCRIPTS_PATH=$LOCAL_SCRIPTS_PATH
-fi
-echo "Use scripts from: $SCRIPTS_PATH"
-
-CONFIGURATION_FILE="cmpServers.json"
-
-JENKINS_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$CONFIGURATION_FILE"
-LOCAL_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$CONFIGURATION_FILE"
-
-if test -f "$JENKINS_CONFIGURATION_PATH"; then
-    CONFIGURATION_PATH="$JENKINS_CONFIGURATION_PATH"
-else test -f "$LOCAL_CONFIGURATION_PATH";
-    CONFIGURATION_PATH=$LOCAL_CONFIGURATION_PATH
-fi
-echo "Use configuration from: $CONFIGURATION_PATH"
-
-# -------------------------------------
-
-export CONFIGURATION_PATH=${CONFIGURATION_PATH}
-export SCRIPTS_PATH=${SCRIPTS_PATH}
-
-#Generate keystores, truststores, certificates and keys
-mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/
-make all -C ./certs/
-cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt
-echo "Generated keystores"
-openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt
-echo "Generated server certificate"
-openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key
-echo "Generated server key"
-
-docker-compose up -d
-
-AAFCERT_IP='none'
-# Wait container ready
-for i in {1..9}
-do
-   AAFCERT_IP=`get-instance-ip.sh aafcert-service`
-   RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \
-   python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]')
-   if [[ "$RESP_CODE" == "UP" ]]; then
-       echo 'AAF Cert Service is ready'
-       export AAFCERT_IP=${AAFCERT_IP}
-       docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
-       break
-   fi
-   echo 'Waiting for AAF Cert Service to start up...'
-   sleep 30s
-done
-
-if [ "$AAFCERT_IP" == 'none' -o "$AAFCERT_IP" == '' ]; then
-    echo "AAF Cert Service is not ready!"
-    exit 1 # Return error code
-fi
diff --git a/plans/aaf/certservice/teardown.sh b/plans/aaf/certservice/teardown.sh
deleted file mode 100644
index 71e20b7c..00000000
--- a/plans/aaf/certservice/teardown.sh
+++ /dev/null
@@ -1,25 +0,0 @@
-#!/bin/bash
-#
-# Copyright 2017 ZTE, Inc. and others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-docker-compose down
-
-make clear -C ./certs/
-echo "Removed old keystores"
-rm -rf ${WORKSPACE}/tests/aaf/certservice/assets/certs
-echo "Removed old certificates"
-
-kill-instance.sh ${ClientContainerName}
\ No newline at end of file
diff --git a/plans/aaf/certservice/testplan.txt b/plans/aaf/certservice/testplan.txt
deleted file mode 100755
index 270fc6d4..00000000
--- a/plans/aaf/certservice/testplan.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-# Test suites are relative paths under [integration/csit.git]/tests/.
-# Place the suites in run order.
-aaf/certservice