diff options
| author |   Aleksandra Maciaga <aleksandra.maciaga@nokia.com> | 2020-03-26 17:28:47 +0100 |
|---|---|---|
| committer |   Michal Banka <michal.banka@nokia.com> | 2020-04-03 15:16:10 +0200 |
| commit | 13b7d05f2c457cea4a5f78fe4dbb6d1d99a6f450 (patch) | |
| tree | 73792f6f545cb89f4cff29e31e029c06c7909c4e /tests/aaf | |
| parent | 1ebe7ecef97bdac055c8ed67c5b379a4f6c89c4c (diff) | |
Change AAF Certservice CSITs to send requests via HTTPS
Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Signed-off-by: Michal Banka <michal.banka@nokia.com>
Change-Id: Ia7b5d8d548f4ae3727302772fc56e6b0142b0da0
Issue-ID: AAF-1084
Diffstat (limited to 'tests/aaf')
5 files changed, 30 insertions, 13 deletions
diff --git a/tests/aaf/certservice/assets/invalid_client_docker.env b/tests/aaf/certservice/assets/invalid_client_docker.env index 3e7d879b..e96237ca 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker.env +++ b/tests/aaf/certservice/assets/invalid_client_docker.env @@ -2,6 +2,10 @@ REQUEST_TIMEOUT=5000 OUTPUT_PATH=/var/certs CA_NAME=Invalid +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org ORGANIZATION=Linux-Foundation diff --git a/tests/aaf/certservice/assets/valid_client_docker.env b/tests/aaf/certservice/assets/valid_client_docker.env index 01818960..55fefa3e 100644 --- a/tests/aaf/certservice/assets/valid_client_docker.env +++ b/tests/aaf/certservice/assets/valid_client_docker.env @@ -2,6 +2,10 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org ORGANIZATION=Linux-Foundation diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/aaf/certservice/libraries/CertClientManager.py index a959c9ee..a4a0df23 100644 --- a/tests/aaf/certservice/libraries/CertClientManager.py +++ b/tests/aaf/certservice/libraries/CertClientManager.py @@ -10,10 +10,12 @@ ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/" ERROR_API_REGEX = 'Error on API response.*[0-9]{3}' RESPONSE_CODE_REGEX = '[0-9]{3}' + class CertClientManager: - def __init__(self, mount_path): + def __init__(self, mount_path, truststore_path): self.mount_path = mount_path + self.truststore_path = truststore_path def run_client_container(self, client_image, container_name, path_to_env, request_url, network): self.create_mount_dir() @@ -25,8 +27,9 @@ class CertClientManager: name=container_name, environment=environment, network=network, - user='root', #Run container as root to avoid permission issues with volume mount access - mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind')], + user='root', # Run container as root to avoid permission issues with volume mount access + mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind'), + Mount(target='/etc/onap/aaf/certservice/certs/', source=self.truststore_path, type='bind')], detach=True ) exitcode = container.wait() diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot index a128178c..d4d4fd93 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/aaf/certservice/resources/cert-service-keywords.robot @@ -5,19 +5,20 @@ Resource ./cert-service-properties.robot Library RequestsLibrary Library HttpLibrary.HTTP Library Collections -Library ../libraries/CertClientManager.py ${MOUNT_PATH} +Library ../libraries/CertClientManager.py ${MOUNT_PATH} ${TRUSTSTORE_PATH} Library ../libraries/JksFilesValidator.py ${MOUNT_PATH} *** Keywords *** Create sessions [Documentation] Create all required sessions - Create Session aaf_cert_service_url ${AAFCERT_URL} - Set Suite Variable ${http_session} aaf_cert_service_url + ${certs}= Create List ${CERTSERVICE_SERVER_CRT} ${CERTSERVICE_SERVER_KEY} + Create Client Cert Session alias ${AAFCERT_URL} client_certs=${certs} verify=${ROOTCA} + Set Suite Variable ${https_valid_cert_session} alias Run Healthcheck [Documentation] Run Healthcheck - ${resp}= Get Request ${http_session} /actuator/health + ${resp}= Get Request ${https_valid_cert_session} /actuator/health Should Be Equal As Strings ${resp.status_code} 200 Validate Recieved Response ${resp} status UP @@ -31,7 +32,7 @@ Validate Recieved Response Send Get Request And Validate Response [Documentation] Send request to passed url and validate received response [Arguments] ${path} ${resp_code} - ${resp}= Get Request ${http_session} ${path} + ${resp}= Get Request ${https_valid_cert_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} Send Get Request with Header @@ -39,7 +40,7 @@ Send Get Request with Header [Arguments] ${path} ${csr_file} ${pk_file} [Return] ${resp} ${headers}= Create Header with CSR and PK ${csr_file} ${pk_file} - ${resp}= Get Request ${http_session} ${path} headers=${headers} + ${resp}= Get Request ${https_valid_cert_session} ${path} headers=${headers} Send Get Request with Header And Expect Success [Documentation] Send request to passed url and validate received response @@ -81,7 +82,7 @@ Create Header with CSR and PK Send Post Request And Validate Response [Documentation] Send request to passed url and validate received response [Arguments] ${path} ${resp_code} - ${resp}= Post Request ${http_session} ${path} + ${resp}= Post Request ${https_valid_cert_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} Run Cert Service Client And Validate JKS File Creation And Client Exit Code diff --git a/tests/aaf/certservice/resources/cert-service-properties.robot b/tests/aaf/certservice/resources/cert-service-properties.robot index 0dd8b066..53d6b246 100644 --- a/tests/aaf/certservice/resources/cert-service-properties.robot +++ b/tests/aaf/certservice/resources/cert-service-properties.robot @@ -1,10 +1,14 @@ *** Variables *** -${CERT_SERVICE_PORT} 8080 -${AAFCERT_URL} http://localhost:${cert_service_port} +${CERT_SERVICE_CONTAINER_NAME} aaf-cert-service +${CERT_SERVICE_PORT} 8443 +${AAFCERT_URL} https://localhost:${cert_service_port} ${CLIENT_CA_NAME} Client ${RA_CA_NAME} RA ${CERT_SERVICE_ENDPOINT} /v1/certificate/ +${ROOTCA} %{WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt +${CERTSERVICE_SERVER_CRT} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt +${CERTSERVICE_SERVER_KEY} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key ${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.csr ${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.pk ${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.csr @@ -13,10 +17,11 @@ ${INVALID_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/asse ${INVALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.key -${CERT_SERVICE_ADDRESS} http://%{AAFCERT_IP}:${cert_service_port} +${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} ${VALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker.env ${INVALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker.env ${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest ${CLIENT_CONTAINER_NAME} %{ClientContainerName} ${CERT_SERVICE_NETWORK} certservice_certservice ${MOUNT_PATH} %{WORKSPACE}/tests/aaf/certservice/tmp +${TRUSTSTORE_PATH} %{WORKSPACE}/plans/aaf/certservice/certs |