[DMAAP-DR] Refactoring ssl csit suite

Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I6eafd28c5a61fda42ddc61b2d40c4c8208f62670
Issue-ID: DMAAP-1571

4 files changed, 290 insertions, 0 deletions

diff --git a/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
new file mode 100644
index 00000000..377e5514
--- /dev/null
+++ b/scripts/dmaap-datarouter/docker-compose/docker-compose.yml
@@ -0,0 +1,118 @@
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019-21 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+#
+version: '2.1'
+services:
+  datarouter-prov:
+    image: nexus3.onap.org:10001/onap/dmaap/datarouter-prov
+    container_name: datarouter-prov
+    hostname: dmaap-dr-prov
+    ports:
+    - "443:8443"
+    - "8443:8443"
+    - "8080:8080"
+    volumes:
+    - ./provserver.properties:/opt/app/datartr/etc/provserver.properties
+    - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks
+    - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12
+    - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
+    depends_on:
+      mariadb:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"]
+      interval: 10s
+      timeout: 30s
+      retries: 5
+    networks:
+      testing_net:
+        aliases:
+        - dmaap-dr-prov
+
+  datarouter-node:
+    image: nexus3.onap.org:10001/onap/dmaap/datarouter-node
+    container_name: datarouter-node
+    hostname: dmaap-dr-node
+    ports:
+    - "9443:8443"
+    - "9090:8080"
+    volumes:
+    - ./node.properties:/opt/app/datartr/etc/node.properties
+    - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks
+    - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12
+    - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props
+    depends_on:
+      datarouter-prov:
+        condition: service_healthy
+    networks:
+      testing_net:
+        aliases:
+        - dmaap-dr-node
+
+  datarouter-subscriber:
+    image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber
+    container_name: subscriber-node
+    hostname: subscriber.com
+    ports:
+    - "7070:7070"
+    volumes:
+    - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+    networks:
+      testing_net:
+        aliases:
+        - subscriber.com
+
+  datarouter-subscriber2:
+    image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber
+    container_name: subscriber-node2
+    hostname: subscriber2.com
+    ports:
+    - "7071:7070"
+    volumes:
+    - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties
+    networks:
+      testing_net:
+        aliases:
+        - subscriber2.com
+
+  mariadb:
+    image: mariadb:10.2.14
+    container_name: mariadb
+    hostname: datarouter-mariadb
+    ports:
+    - "3306:3306"
+    environment:
+      MYSQL_ROOT_PASSWORD: datarouter
+      MYSQL_DATABASE: datarouter
+      MYSQL_USER: datarouter
+      MYSQL_PASSWORD: datarouter
+    healthcheck:
+      test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"]
+      interval: 10s
+      timeout: 30s
+      retries: 5
+    networks:
+      testing_net:
+        aliases:
+        - datarouter-mariadb
+
+networks:
+  testing_net:
+    driver: bridge
diff --git a/scripts/dmaap-datarouter/docker-compose/node.properties b/scripts/dmaap-datarouter/docker-compose/node.properties
new file mode 100644
index 00000000..58639cfd
--- /dev/null
+++ b/scripts/dmaap-datarouter/docker-compose/node.properties
@@ -0,0 +1,82 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+#
+#    Configuration parameters set at startup for the DataRouter node
+#
+#    URL to retrieve dynamic configuration
+ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov
+#
+#    URL to upload PUB/DEL/EXP logs
+LogUploadURL = https://dmaap-dr-prov:8443/internal/logs
+#
+#    The port number for http as seen within the server
+IntHttpPort = 8080
+#
+#    The port number for https as seen within the server
+IntHttpsPort = 8443
+#
+#    The external port number for https taking port mapping into account
+ExtHttpsPort = 443
+#
+#    The minimum interval between fetches of the dynamic configuration from the provisioning server
+MinProvFetchInterval = 10000
+#
+#    The minimum interval between saves of the redirection data file
+MinRedirSaveInterval = 10000
+#
+#    The path to the directory where log files are stored
+LogDir = /opt/app/datartr/logs
+#
+#    The retention interval (in days) for log files
+LogRetention = 30
+#
+#    The path to the directories where data and meta data files are stored
+SpoolDir = /opt/app/datartr/spool
+#
+#    The path to the redirection data file
+RedirectionFile = etc/redirections.dat
+#
+#    The type of keystore for https
+KeyStoreType = PKCS12
+#
+#    The type of truststore for https
+TrustStoreType = jks
+#
+#    The path to the file used to trigger an orderly shutdown
+QuiesceFile = etc/SHUTDOWN
+#
+#    The key used to generate passwords for node to node transfers
+NodeAuthKey = Node123!
+#
+#    DR_NODE DEFAULT ENABLED TLS PROTOCOLS
+NodeHttpsProtocols = TLSv1.1|TLSv1.2
+#
+#    AAF type to generate permission string
+AAFType = org.onap.dmaap-dr.feed
+#
+#    AAF default instance to generate permission string - default should be legacy
+AAFInstance = legacy
+#
+#    AAF action to generate permission string - default should be publish
+AAFAction = publish
+#
+#    AAF CADI enabled flag
+CadiEnabled = false
+#
+#    AAF Props file path
+AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props
diff --git a/scripts/dmaap-datarouter/docker-compose/provserver.properties b/scripts/dmaap-datarouter/docker-compose/provserver.properties
new file mode 100755
index 00000000..b54868e2
--- /dev/null
+++ b/scripts/dmaap-datarouter/docker-compose/provserver.properties
@@ -0,0 +1,55 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+#Jetty Server properties
+org.onap.dmaap.datarouter.provserver.http.port           = 8080
+org.onap.dmaap.datarouter.provserver.https.port          = 8443
+org.onap.dmaap.datarouter.provserver.https.relaxation    = true
+
+org.onap.dmaap.datarouter.provserver.aafprops.path       = /opt/app/osaaf/local/org.onap.dmaap-dr.props
+
+org.onap.dmaap.datarouter.provserver.accesslog.dir       = /opt/app/datartr/logs
+org.onap.dmaap.datarouter.provserver.spooldir            = /opt/app/datartr/spool
+org.onap.dmaap.datarouter.provserver.dbscripts           = /opt/app/datartr/etc/misc
+org.onap.dmaap.datarouter.provserver.logretention        = 30
+
+#DMAAP-597 (Tech Dept) REST request source IP auth
+# relaxation to accommodate OOM kubernetes deploy
+org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false
+
+#Localhost address config
+org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1
+
+# Database access
+org.onap.dmaap.datarouter.db.driver   = org.mariadb.jdbc.Driver
+org.onap.dmaap.datarouter.db.url      = jdbc:mariadb://datarouter-mariadb:3306/datarouter
+org.onap.dmaap.datarouter.db.login    = datarouter
+org.onap.dmaap.datarouter.db.password = datarouter
+
+# PROV - DEFAULT ENABLED TLS PROTOCOLS
+org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2
+
+# AAF config
+org.onap.dmaap.datarouter.provserver.cadi.enabled = false
+
+org.onap.dmaap.datarouter.provserver.passwordencryption   = PasswordEncryptionKey#@$%^&1234#
+org.onap.dmaap.datarouter.provserver.aaf.feed.type        = org.onap.dmaap-dr.feed
+org.onap.dmaap.datarouter.provserver.aaf.sub.type         = org.onap.dmaap-dr.sub
+org.onap.dmaap.datarouter.provserver.aaf.instance         = legacy
+org.onap.dmaap.datarouter.provserver.aaf.action.publish   = publish
+org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file
diff --git a/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/scripts/dmaap-datarouter/docker-compose/subscriber.properties
new file mode 100644
index 00000000..311bbe56
--- /dev/null
+++ b/scripts/dmaap-datarouter/docker-compose/subscriber.properties
@@ -0,0 +1,35 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+#Subscriber properties
+org.onap.dmaap.datarouter.subscriber.http.port           = 7070
+org.onap.dmaap.datarouter.subscriber.https.port          = 7443
+org.onap.dmaap.datarouter.subscriber.auth.user           = LOGIN
+org.onap.dmaap.datarouter.subscriber.auth.password       = PASSWORD
+org.onap.dmaap.datarouter.subscriber.delivery.dir        = /opt/app/subscriber/delivery
+
+org.onap.dmaap.datarouter.subscriber.https.relaxation    = true
+org.onap.dmaap.datarouter.subscriber.keystore.type       = jks
+org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit
+org.onap.dmaap.datarouter.subscriber.keystore.path       = /opt/app/datartr/self_signed/keystore.jks
+org.onap.dmaap.datarouter.subscriber.keystore.password   = changeit
+org.onap.dmaap.datarouter.subscriber.truststore.path     = /opt/app/datartr/self_signed/cacerts.jks
+org.onap.dmaap.datarouter.subscriber.truststore.password = changeit
+
+
+