Move CSIT to integration/csit repo

To facilite branching of CSIT tests, all CSIT test
code and scripts are relocated to the integration/csit
repo.

Change-Id: I1e4c0eff44691f73f8098b3c52764107f6b8b8df
Issue-ID: INT-671
Signed-off-by: Gary Wu <gary.i.wu@huawei.com>

8 files changed, 320 insertions, 0 deletions

diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/docker-compose.yml b/plans/dcaegen2-collectors-hv-ves/testsuites/docker-compose.yml
new file mode 100644
index 00000000..2a928217
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/docker-compose.yml
@@ -0,0 +1,100 @@
+version: "3"
+
+networks:
+  ves-hv-default:
+    external:
+      name: $CONTAINERS_NETWORK
+
+services:
+  zookeeper:
+    image: wurstmeister/zookeeper
+    ports:
+      - "2181:2181"
+    networks:
+      - ves-hv-default
+
+  kafka:
+    image: wurstmeister/kafka
+    ports:
+      - "9092:9092"
+    environment:
+      KAFKA_ADVERTISED_HOST_NAME: "kafka"
+      KAFKA_AUTO_CREATE_TOPICS_ENABLE: 'true'
+      KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
+      KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://kafka:9092"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    depends_on:
+      - zookeeper
+    networks:
+      - ves-hv-default
+
+  consul:
+    image: progrium/consul
+    ports:
+      - "8500:8500"
+    environment:
+      - CONSUL_BIND_INTERFACE=eth0
+    networks:
+      ves-hv-default:
+        aliases:
+           - consul
+    command: ["-server", "-bootstrap"]
+
+  ves-hv-collector:
+    image: ${DOCKER_REGISTRY_PREFIX}onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:latest
+    ports:
+      - "6060:6060"
+      - "6061:6061/tcp"
+    entrypoint: ["java", "-Dio.netty.leakDetection.level=paranoid", "-cp", "*:", "org.onap.dcae.collectors.veshv.main.MainKt"]
+    command: ["--listen-port", "6061",
+              "--config-url", "http://consul:8500/v1/kv/veshv-config",
+              "--key-store-password", "onaponap",
+              "--trust-store-password", "onaponap"]
+    healthcheck:
+      interval: 10s
+      timeout: 5s
+      retries: 2
+      test: "curl --request GET --fail --silent --show-error localhost:6060/health/ready && nc -vz localhost 6061"
+    depends_on:
+      - kafka
+    volumes:
+      - ./ssl/:/etc/ves-hv/
+    networks:
+      - ves-hv-default
+
+  unencrypted-ves-hv-collector:
+    image: ${DOCKER_REGISTRY_PREFIX}onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:latest
+    ports:
+      - "7060:6060"
+      - "7061:6061/tcp"
+    entrypoint: ["java", "-Dio.netty.leakDetection.level=paranoid", "-cp", "*:", "org.onap.dcae.collectors.veshv.main.MainKt"]
+    command: ["--listen-port", "6061","--config-url", "http://consul:8500/v1/kv/veshv-config", "--ssl-disable"]
+    healthcheck:
+      interval: 10s
+      timeout: 5s
+      retries: 2
+      test: "curl --request GET --fail --silent --show-error localhost:6060/health/ready && nc -vz localhost 6061"
+    depends_on:
+      - kafka
+    volumes:
+      - ./ssl/:/etc/ves-hv/
+    networks:
+      - ves-hv-default
+
+  dcae-app-simulator:
+    image: ${DOCKER_REGISTRY_PREFIX}onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-dcae-app-simulator:latest
+    ports:
+      - "6063:6063/tcp"
+    command: ["--listen-port", "6063", "--kafka-bootstrap-servers", "kafka:9092", "--kafka-topics", "ves_hvRanMeas"]
+    healthcheck:
+      interval: 10s
+      timeout: 5s
+      retries: 2
+      test: "curl --request GET --fail --silent --show-error localhost:6063/healthcheck"
+    depends_on:
+      - kafka
+    networks:
+      ves-hv-default:
+        aliases:
+           - dcae-app-simulator
\ No newline at end of file
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/setup.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/setup.sh
new file mode 100755
index 00000000..6f72521a
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/setup.sh
@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+if [[ $# -eq 1 ]] && [[ $1 == "local-test-run" ]]; then
+  echo "Building locally - assuming all dependencies are installed"
+  export DOCKER_REGISTRY=""
+  export DOCKER_REGISTRY_PREFIX=""
+  export WORKSPACE=$(git rev-parse --show-toplevel)
+else
+  echo "Default run - install all dependencies"
+
+  pip uninstall -y docker-py
+  pip install docker
+
+  COMPOSE_VERSION=1.22.0
+  COMPOSE_LOCATION='/usr/local/bin/docker-compose'
+  sudo curl -L https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m) -o ${COMPOSE_LOCATION}
+  sudo chmod +x ${COMPOSE_LOCATION}
+
+  export DOCKER_REGISTRY="nexus3.onap.org:10001"
+  export DOCKER_REGISTRY_PREFIX="${DOCKER_REGISTRY}/"
+fi
+
+echo "Removing not used docker networks"
+docker network prune -f
+
+export CONTAINERS_NETWORK=ves-hv-default
+echo "Creating network for containers: ${CONTAINERS_NETWORK}"
+docker network create ${CONTAINERS_NETWORK}
+
+cd ssl
+./gen-certs.sh
+cd ..
+
+docker-compose up -d
+
+mkdir -p ${WORKSPACE}/archives/containers_logs
+
+export ROBOT_VARIABLES="--pythonpath ${WORKSPACE}/test/csit/tests/dcaegen2-collectors-hv-ves/testcases/libraries"
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore
new file mode 100644
index 00000000..0729569c
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/.gitignore
@@ -0,0 +1,6 @@
+*.crt
+*.key
+*.srl
+*.csr
+*.pkcs12
+*.p12
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
new file mode 100644
index 00000000..a32d30dd
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/Makefile-openssl
@@ -0,0 +1,41 @@
+FILE=sample
+PASSWD=onaponap
+CA_PASSWD=onaponap
+SUBJ=/C=PL/ST=DL/L=Wroclaw/O=Nokia/OU=MANO
+CA=trust
+
+sign: $(FILE).crt
+
+clean:
+	rm -f *.crt *.key *.srl *.csr *.pkcs12
+
+generate-ca-certificate: $(CA).crt
+
+generate-private-key: $(FILE).key
+
+create-public-key: $(FILE).pub
+
+create-sign-request: $(FILE).csr
+
+create-key-store: $(FILE).ks.pkcs12
+
+create-trust-store: $(CA).crt
+	openssl pkcs12 -export -in $(CA).crt -CAfile $(CA).crt -out $(CA).pkcs12 -nokeys -noiter -nomaciter -passout pass:$(PASSWD)
+
+$(CA).crt:
+	openssl req -new -x509 -keyout $(CA).key -out $(CA).crt -days 365 -passout pass:$(CA_PASSWD) -subj "$(SUBJ)"
+
+$(FILE).key:
+	openssl genpkey -algorithm RSA -out $(FILE).key -pkeyopt rsa_keygen_bits:2048
+
+$(FILE).pub: $(FILE).key
+	openssl x509 -req -days 360 -in client.csr -CA $(CA).crt -CAkey $(CA).key -CAcreateserial -out client.crt
+
+$(FILE).csr: $(FILE).key
+	openssl req -new -sha256 -key $(FILE).key -out $(FILE).csr -subj "$(SUBJ)"
+
+$(FILE).crt: $(CA).crt $(FILE).csr
+	openssl x509 -req -days 360 -in $(FILE).csr -CA $(CA).crt -CAkey $(CA).key -out $(FILE).crt -CAcreateserial -passin pass:$(CA_PASSWD)
+
+$(FILE).ks.pkcs12: $(FILE).key $(FILE).crt $(CA).crt
+	openssl pkcs12 -export -in $(FILE).crt -inkey $(FILE).key -CAfile $(CA).crt -out $(FILE).ks.pkcs12 -noiter -nomaciter -passout pass:$(PASSWD)
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
new file mode 100644
index 00000000..c2819d24
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/README.md
@@ -0,0 +1,54 @@
+# Generating SSL certificates
+
+## Java keytool way (recommended)
+
+To generate:
+
+```shell
+./gen-certs.sh
+```
+
+To clean (remove generated files):
+
+```shell
+./gen-certs.sh clean
+```
+
+## OpenSSL way (currently might not work)
+
+> Add `-f Makefile-openssl` to each command
+
+Typical usage:
+
+```shell
+make FILE=client
+make FILE=server
+```
+
+or (to generate PKCS12 key and trust stores):
+
+```shell
+make create-key-store FILE=client
+make create-key-store FILE=server
+make create-trust-store
+```
+
+Will generate CA certificate and signed client and server certificates.
+
+More "low-level" usage:
+
+```shell
+make generate-ca-certificate
+make generate-private-key FILE=client 
+make sign FILE=client
+```
+
+# Connecting to a server
+
+First generate *client* and *server* certificates. Then start a server with it's cert and make ca.crt a trusted certification authority.
+
+After that you can:
+
+```shell
+./connect.sh client localhost:8600 < file_with_a_data_to_be_sent.dat
+```
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh
new file mode 100755
index 00000000..34572f7a
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/ssl/gen-certs.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+set -eu -o pipefail -o xtrace
+
+STORE_PASS=onaponap
+CN_PREFIX=dcaegen2-hvves
+DNAME_PREFIX="C=PL,ST=DL,L=Wroclaw,O=Nokia,OU=MANO,CN=${CN_PREFIX}"
+
+store_opts="-storetype PKCS12 -storepass ${STORE_PASS} -noprompt"
+
+function gen_key() {
+  local key_name="$1"
+  local ca="$2"
+  local keystore="-keystore ${key_name}.p12 ${store_opts}"
+  keytool -genkey -alias ${key_name} \
+      ${keystore} \
+      -keyalg RSA \
+      -validity 730 \
+      -keysize 2048 \
+      -dname "${DNAME_PREFIX}-${key_name}"
+  keytool -import -trustcacerts -alias ${ca} -file ${ca}.crt ${keystore}
+
+  keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
+      keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
+      keytool -alias ${key_name} -importcert ${keystore}
+}
+
+
+function gen_ca() {
+  local ca="$1"
+  keytool -genkeypair ${store_opts} -alias ${ca} -dname "${DNAME_PREFIX}-${ca}" -keystore ${ca}.p12
+  keytool -export -alias ${ca} -file ${ca}.crt ${store_opts} -keystore ${ca}.p12
+}
+
+function gen_truststore() {
+  local name="$1"
+  local trusted_ca="$2"
+  keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12
+}
+
+function clean() {
+  rm -f *.crt *.p12
+}
+
+if [[ $# -eq 0 ]]; then
+  gen_ca ca
+  gen_ca untrustedca
+  gen_truststore trust ca
+  gen_truststore untrustedtrust untrustedca
+  gen_key client ca
+  gen_key server ca
+  gen_key untrustedclient untrustedca
+elif [[ $1 == "clean" ]]; then
+  clean
+else
+  echo "usage: $0 [clean]"
+  exit 1
+fi
+
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/teardown.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/teardown.sh
new file mode 100755
index 00000000..fe922ed0
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/teardown.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+cd ssl
+./gen-certs.sh clean
+cd ..
+
+COMPOSE_LOGS_FILE=${WORKSPACE}/archives/containers_logs/docker-compose.log
+docker-compose logs > ${COMPOSE_LOGS_FILE}
+docker-compose down
+docker-compose rm -f
+
+docker network rm ${CONTAINERS_NETWORK}
+
+if grep "LEAK:" ${COMPOSE_LOGS_FILE}; then
+    echo "WARNING: Memory leak detected in docker-compose logs."
+fi
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/testplan.txt b/plans/dcaegen2-collectors-hv-ves/testsuites/testplan.txt
new file mode 100644
index 00000000..e9a7f636
--- /dev/null
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/testplan.txt
@@ -0,0 +1,4 @@
+# Test suites are relative paths under [integration.git]/test/csit/tests/.
+# Place the suites in run order.
+dcaegen2-collectors-hv-ves/testcases
+