diff options
| author |   efiacor <fiachra.corcoran@est.tech> | 2021-03-18 12:37:58 +0000 |
|---|---|---|
| committer | efiacor <fiachra.corcoran@est.tech> | 2021-03-18 12:38:05 +0000 |
| commit | 452cf07374e1eba2220ca516e6ad690f7715b248 (patch) | |
| tree | 5759b02a98a535244ce84f87156c1caaaa1c034e /plans | |
| parent | 1d3ceea1defb5640e9f850dad647904b41002988 (diff) | |
[DMAAP-DR] Refactoring ssl csit suite
Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I6eafd28c5a61fda42ddc61b2d40c4c8208f62670
Issue-ID: DMAAP-1571
Diffstat (limited to 'plans')
5 files changed, 25 insertions, 354 deletions
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml deleted file mode 100644 index ed8a7c04..00000000 --- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml +++ /dev/null @@ -1,114 +0,0 @@ -# -# ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -# -# -version: '2.1' -services: - datarouter-prov: - image: nexus3.onap.org:10001/onap/dmaap/datarouter-prov - container_name: datarouter-prov - hostname: dmaap-dr-prov - ports: - - "443:8443" - - "8443:8443" - - "8080:8080" - volumes: - - ./prov_data/provserver.properties:/opt/app/datartr/etc/provserver.properties - - ./prov_data/addSubscriber.txt:/opt/app/datartr/addSubscriber.txt - - ./prov_data/addFeed3.txt:/opt/app/datartr/addFeed3.txt - depends_on: - mariadb_container: - condition: service_healthy - healthcheck: - test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"] - interval: 10s - timeout: 30s - retries: 5 - networks: - testing_net: - aliases: - - dmaap-dr-prov - - datarouter-node: - image: nexus3.onap.org:10001/onap/dmaap/datarouter-node - container_name: datarouter-node - hostname: dmaap-dr-node - ports: - - "9443:8443" - - "9090:8080" - volumes: - - ./node_data/node.properties:/opt/app/datartr/etc/node.properties - depends_on: - datarouter-prov: - condition: service_healthy - networks: - testing_net: - aliases: - - dmaap-dr-node - - datarouter-subscriber: - image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber - container_name: subscriber-node - hostname: subscriber.com - ports: - - "7070:7070" - volumes: - - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties - networks: - testing_net: - aliases: - - subscriber.com - - datarouter-subscriber2: - image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber - container_name: subscriber-node2 - hostname: subscriber2.com - ports: - - "7071:7070" - volumes: - - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties - networks: - testing_net: - aliases: - - subscriber2.com - - mariadb_container: - image: mariadb:10.2.14 - container_name: mariadb - hostname: datarouter-mariadb - ports: - - "3306:3306" - environment: - MYSQL_ROOT_PASSWORD: datarouter - MYSQL_DATABASE: datarouter - MYSQL_USER: datarouter - MYSQL_PASSWORD: datarouter - healthcheck: - test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"] - interval: 10s - timeout: 30s - retries: 5 - networks: - testing_net: - aliases: - - datarouter-mariadb - -networks: - testing_net: - driver: bridge diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties deleted file mode 100644 index 1d7a5d42..00000000 --- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties +++ /dev/null @@ -1,87 +0,0 @@ -#------------------------------------------------------------------------------- -# ============LICENSE_START================================================== -# * org.onap.dmaap -# * =========================================================================== -# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# * =========================================================================== -# * Licensed under the Apache License, Version 2.0 (the "License"); -# * you may not use this file except in compliance with the License. -# * You may obtain a copy of the License at -# * -# * http://www.apache.org/licenses/LICENSE-2.0 -# * -# * Unless required by applicable law or agreed to in writing, software -# * distributed under the License is distributed on an "AS IS" BASIS, -# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# * See the License for the specific language governing permissions and -# * limitations under the License. -# * ============LICENSE_END==================================================== -# * -# * ECOMP is a trademark and service mark of AT&T Intellectual Property. -# * -#------------------------------------------------------------------------------- -# -# Configuration parameters set at startup for the DataRouter node -# -# URL to retrieve dynamic configuration -ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov -# -# URL to upload PUB/DEL/EXP logs -LogUploadURL = https://dmaap-dr-prov:8443/internal/logs -# -# The port number for http as seen within the server -IntHttpPort = 8080 -# -# The port number for https as seen within the server -IntHttpsPort = 8443 -# -# The external port number for https taking port mapping into account -ExtHttpsPort = 443 -# -# The minimum interval between fetches of the dynamic configuration from the provisioning server -MinProvFetchInterval = 10000 -# -# The minimum interval between saves of the redirection data file -MinRedirSaveInterval = 10000 -# -# The path to the directory where log files are stored -LogDir = /opt/app/datartr/logs -# -# The retention interval (in days) for log files -LogRetention = 30 -# -# The path to the directories where data and meta data files are stored -SpoolDir = /opt/app/datartr/spool -# -# The path to the redirection data file -RedirectionFile = etc/redirections.dat -# -# The type of keystore for https -KeyStoreType = PKCS12 -# -# The type of truststore for https -TrustStoreType = jks -# -# The path to the file used to trigger an orderly shutdown -QuiesceFile = etc/SHUTDOWN -# -# The key used to generate passwords for node to node transfers -NodeAuthKey = Node123! -# -# DR_NODE DEFAULT ENABLED TLS PROTOCOLS -NodeHttpsProtocols = TLSv1.1|TLSv1.2 -# -# AAF type to generate permission string -AAFType = org.onap.dmaap-dr.feed -# -# AAF default instance to generate permission string - default should be legacy -AAFInstance = legacy -# -# AAF action to generate permission string - default should be publish -AAFAction = publish -# -# AAF CADI enabled flag -CadiEnabled = false -# -# AAF Props file path -AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties deleted file mode 100755 index 3930bd09..00000000 --- a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties +++ /dev/null @@ -1,61 +0,0 @@ -#------------------------------------------------------------------------------- -# ============LICENSE_START================================================== -# * org.onap.dmaap -# * =========================================================================== -# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. -# * Modifications Copyright (C) 2018 Nokia. All rights reserved. -# * =========================================================================== -# * Licensed under the Apache License, Version 2.0 (the "License"); -# * you may not use this file except in compliance with the License. -# * You may obtain a copy of the License at -# * -# * http://www.apache.org/licenses/LICENSE-2.0 -# * -# * Unless required by applicable law or agreed to in writing, software -# * distributed under the License is distributed on an "AS IS" BASIS, -# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# * See the License for the specific language governing permissions and -# * limitations under the License. -# * ============LICENSE_END==================================================== -# * -# * ECOMP is a trademark and service mark of AT&T Intellectual Property. -# * -#------------------------------------------------------------------------------- - -#Jetty Server properties -org.onap.dmaap.datarouter.provserver.http.port = 8080 -org.onap.dmaap.datarouter.provserver.https.port = 8443 -org.onap.dmaap.datarouter.provserver.https.relaxation = true - -org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props - -org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs -org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool -org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc -org.onap.dmaap.datarouter.provserver.logretention = 30 - -#DMAAP-597 (Tech Dept) REST request source IP auth -# relaxation to accommodate OOM kubernetes deploy -org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false - -#Localhost address config -org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 - -# Database access -org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver -org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter -org.onap.dmaap.datarouter.db.login = datarouter -org.onap.dmaap.datarouter.db.password = datarouter - -# PROV - DEFAULT ENABLED TLS PROTOCOLS -org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 - -# AAF config -org.onap.dmaap.datarouter.provserver.cadi.enabled = false - -org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# -org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed -org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub -org.onap.dmaap.datarouter.provserver.aaf.instance = legacy -org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish -org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file diff --git a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh index e1f2cb46..53b4387c 100755 --- a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh +++ b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh @@ -1,8 +1,7 @@ #!/bin/bash -# -# ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. -# ================================================================================ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -16,83 +15,11 @@ # limitations under the License. # # SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -# - - -source ${SCRIPTS}/common_functions.sh - -# Clone DMaaP Data Router repo -mkdir -p $WORKSPACE/archives/dmaapdr -cd $WORKSPACE/archives/dmaapdr - -git clone --depth 1 https://gerrit.onap.org/r/dmaap/datarouter -b master -cd datarouter -git pull -cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources -cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml . -cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties ./prov_data/provserver.properties -cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties ./node_data/node.properties - -# start DMaaP DR containers with docker compose and configuration from docker-compose.yml -docker login -u docker -p docker nexus3.onap.org:10001 -docker-compose up -d - -# Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb -for i in {1..10}; do - if [ $(docker inspect --format '{{ .State.Running }}' subscriber-node2) ] && \ - [ $(docker inspect --format '{{ .State.Running }}' subscriber-node) ] && \ - [ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ] && \ - [ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ] && \ - [ $(docker inspect --format '{{ .State.Running }}' mariadb) ] - then - echo "DR Service Running" - break - else - echo sleep $i - sleep $i - fi -done - -# Wait for healthy container datarouter-prov -for i in {1..10}; do - if [ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ] - then - echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) - echo "DR Service Running, datarouter-prov container is healthy" - break - else - echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) - echo sleep $i - sleep $i - if [ $i = 10 ] - then - echo datarouter-prov container is not in healthy state - the test is not made, teardown... - cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources - docker-compose rm -sf - exit 1 - fi - fi -done - -DR_PROV_IP=`get-instance-ip.sh datarouter-prov` -DR_NODE_IP=`get-instance-ip.sh datarouter-node` -DR_SUB_IP=`get-instance-ip.sh subscriber-node` -DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` -DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) - -echo DR_PROV_IP=${DR_PROV_IP} -echo DR_NODE_IP=${DR_NODE_IP} -echo DR_SUB_IP=${DR_SUB_IP} -echo DR_SUB2_IP=${DR_SUB2_IP} -echo DR_GATEWAY_IP=${DR_GATEWAY_IP} - -sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts -sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts - -python $WORKSPACE/scripts/dmaap-datarouter/update_ca.py - -docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" - -#Pass any variables required by Robot test suites in ROBOT_VARIABLES -ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}"
\ No newline at end of file +# ============LICENSE_END===================================================== + +source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-launch.sh +# Launch DR. If true is passed, 2 subscriber containers are also deployed, else false. +dmaap_dr_launch true +cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl +# Add the root CA to robot framework. This is then removed on teardown. +python -c 'import update_ca; update_ca.add_onap_ca_cert()'
\ No newline at end of file diff --git a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh index d8ec4dc9..7ffd1fe2 100755 --- a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh +++ b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh @@ -1,8 +1,7 @@ #!/bin/bash -# -# ============LICENSE_START======================================================= -# Copyright (C) 2019 Nordix Foundation. -# ================================================================================ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -16,11 +15,18 @@ # limitations under the License. # # SPDX-License-Identifier: Apache-2.0 -# ============LICENSE_END========================================================= -# +# ============LICENSE_END===================================================== -cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources +cd ${WORKSPACE}/archives/dmaap/dr +rm -rf last_run_logs/* +docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs +docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs +docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs +docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs +docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs +cd ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts docker-compose rm -sf -python $WORKSPACE/scripts/dmaap-datarouter/remove_cert_from_ca.py +cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl +python -c 'import update_ca; update_ca.remove_onap_ca_cert()' |