diff options
57 files changed, 401 insertions, 277 deletions
diff --git a/plans/dcaegen2-services-pmsh/testsuite/assets/mr_sim/mr-initializer.json b/plans/dcaegen2-services-pmsh/testsuite/assets/mr_sim/mr-initializer.json index 6b12a831..6c2c4809 100644 --- a/plans/dcaegen2-services-pmsh/testsuite/assets/mr_sim/mr-initializer.json +++ b/plans/dcaegen2-services-pmsh/testsuite/assets/mr_sim/mr-initializer.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -13,7 +13,7 @@ "application/json" ] }, - "body": "{}" + "body": [] } }, { @@ -30,15 +30,12 @@ "application/json" ] }, - "body": { - "type": "JSON", - "json": {} - } + "body": [] } }, { "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", + "path": "/events/unauthenticated.PMSH_CL_INPUT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -50,10 +47,7 @@ "application/json" ] }, - "body": { - "type": "JSON", - "json": {} - } + "body": [] } } ] diff --git a/plans/modeling-etsicatalog/sanity-check/setup.sh b/plans/modeling-etsicatalog/sanity-check/setup.sh index e713af21..2e494167 100644 --- a/plans/modeling-etsicatalog/sanity-check/setup.sh +++ b/plans/modeling-etsicatalog/sanity-check/setup.sh @@ -33,7 +33,7 @@ docker run -d -p 80:80 -e CONSUL_IP=$CONSUL_IP -e SDCLIENT_IP=$DISCOVERY_IP -e " MSB_IP==`get-instance-ip.sh msb_internal_apigateway` echo MSB_IP=${MSB_IP} -docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_ROOT_PASSWORD=root nexus3.onap.org:10001/library/mariadb +docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_USER="etsicatalog" -e MYSQL_PASSWORD="etsicatalog" -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE="etsicatalog" nexus3.onap.org:10001/library/mariadb DB_IP=`get-instance-ip.sh vfc-db` echo DB_IP=${DB_IP} @@ -56,7 +56,7 @@ echo sleep 60 sleep 60 # start modeling-etsicatalog -docker run -d --name modeling-etsicatalog -v /var/lib/mysql -e MSB_ADDR=${DISCOVERY_IP}:10081 -e MYSQL_ADDR=${DB_IP}:3306 nexus3.onap.org:10001/onap/modeling/etsicatalog +docker run -d --name modeling-etsicatalog -v /var/lib/mysql -e MSB_ADDR=${DISCOVERY_IP}:10081 -e DB_IP=${DB_IP} nexus3.onap.org:10001/onap/modeling/etsicatalog EtsiCatalog_IP=`get-instance-ip.sh modeling-etsicatalog` for i in {1..10}; do curl -sS -m 1 ${EtsiCatalog_IP}:8806 && break diff --git a/plans/aaf/certservice/certs/Makefile b/plans/oom-platform-cert-service/certservice/certs/Makefile index 126e0533..ea90c5c7 100644 --- a/plans/aaf/certservice/certs/Makefile +++ b/plans/oom-platform-cert-service/certservice/certs/Makefile @@ -63,16 +63,16 @@ step_8: #Generate certService private and public keys step_9: @echo "Generate certService private and public keys" - keytool -genkeypair -v -alias aaf-cert-service -keyalg RSA -keysize 2048 -validity 730 \ + keytool -genkeypair -v -alias oom-cert-service -keyalg RSA -keysize 2048 -validity 730 \ -keystore certServiceServer-keystore.jks -storetype JKS \ - -dname "CN=aaf-cert-service,OU=certServiceServer company,O=certServiceServer org,L=Wroclaw,ST=Dolny Slask,C=PL" \ + -dname "CN=oom-cert-service,OU=certServiceServer company,O=certServiceServer org,L=Wroclaw,ST=Dolny Slask,C=PL" \ -keypass secret -storepass secret -ext BasicConstraints:critical="ca:false" @echo "####done####" #Generate certificate signing request for certService step_10: @echo "Generate certificate signing request for certService" - keytool -certreq -keystore certServiceServer-keystore.jks -alias aaf-cert-service -storepass secret -file certServiceServer.csr + keytool -certreq -keystore certServiceServer-keystore.jks -alias oom-cert-service -storepass secret -file certServiceServer.csr @echo "####done####" #Sign certService certificate by root CA @@ -80,7 +80,7 @@ step_11: @echo "Sign certService certificate by root CA" keytool -gencert -v -keystore root-keystore.jks -storepass secret -alias root -infile certServiceServer.csr \ -outfile certServiceServerByRoot.crt -rfc -ext bc=0 -ext ExtendedkeyUsage="serverAuth,clientAuth" \ - -ext SubjectAlternativeName:="DNS:aaf-cert-service,DNS:localhost" + -ext SubjectAlternativeName:="DNS:oom-cert-service,DNS:localhost" @echo "####done####" #Import root certificate into server @@ -92,7 +92,7 @@ step_12: #Import signed certificate into certService step_13: @echo "Import signed certificate into certService" - keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias aaf-cert-service \ + keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias oom-cert-service \ -storepass secret -noprompt @echo "####done####" diff --git a/plans/aaf/certservice/cmpServers.json b/plans/oom-platform-cert-service/certservice/cmpServers.json index d6557c52..72564949 100644 --- a/plans/aaf/certservice/cmpServers.json +++ b/plans/oom-platform-cert-service/certservice/cmpServers.json @@ -2,7 +2,7 @@ "cmpv2Servers": [ { "caName": "Client", - "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp", + "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmp", "issuerDN": "CN=ManagementCA", "caMode": "CLIENT", "authentication": { @@ -12,7 +12,7 @@ }, { "caName": "RA", - "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA", + "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA", "issuerDN": "CN=ManagementCA", "caMode": "RA", "authentication": { diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/oom-platform-cert-service/certservice/docker-compose.yml index dcac7df0..b281101a 100644 --- a/plans/aaf/certservice/docker-compose.yml +++ b/plans/oom-platform-cert-service/certservice/docker-compose.yml @@ -4,7 +4,7 @@ services: ejbca: image: primekey/ejbca-ce:6.15.2.5 hostname: cahostname - container_name: aafcert-ejbca + container_name: oomcert-ejbca ports: - "80:8080" - "443:8443" @@ -18,22 +18,22 @@ services: networks: - certservice - aaf-cert-service: - image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:latest + oom-cert-service: + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-api:latest volumes: - - $CONFIGURATION_PATH:/etc/onap/aaf/certservice/cmpServers.json - - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks - - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt - - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks - - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 - container_name: aafcert-service + - $CONFIGURATION_PATH:/etc/onap/oom/certservice/cmpServers.json + - ./certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks + - ./certs/root.crt:/etc/onap/oom/certservice/certs/root.crt + - ./certs/certServiceServer-keystore.jks:/etc/onap/oom/certservice/certs/certServiceServer-keystore.jks + - ./certs/certServiceServer-keystore.p12:/etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 + container_name: oomcert-service ports: - "8443:8443" depends_on: ejbca: condition: service_healthy healthcheck: - test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"] + test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/oom/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 --pass secret"] interval: 10s timeout: 3s retries: 15 diff --git a/plans/aaf/certservice/scripts/ejbca-configuration.sh b/plans/oom-platform-cert-service/certservice/scripts/ejbca-configuration.sh index 77f5c555..77f5c555 100755 --- a/plans/aaf/certservice/scripts/ejbca-configuration.sh +++ b/plans/oom-platform-cert-service/certservice/scripts/ejbca-configuration.sh diff --git a/plans/aaf/certservice/setup.sh b/plans/oom-platform-cert-service/certservice/setup.sh index 1200e964..bee54cde 100644 --- a/plans/aaf/certservice/setup.sh +++ b/plans/oom-platform-cert-service/certservice/setup.sh @@ -20,7 +20,7 @@ SCRIPT=`realpath $0` CURRENT_WORKDIR_PATH=`dirname $SCRIPT` -PROJECT_DIRECTORY="plans/aaf/certservice" +PROJECT_DIRECTORY="plans/oom-platform-cert-service/certservice" SCRIPTS_DIRECTORY="scripts" @@ -75,35 +75,35 @@ export CONFIGURATION_PATH=${CONFIGURATION_PATH} export SCRIPTS_PATH=${SCRIPTS_PATH} #Generate keystores, truststores, certificates and keys -mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/ +mkdir -p ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/ make all -C ./certs/ -cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt +cp ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/root.crt ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/root.crt echo "Generated keystores" -openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt +openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.crt echo "Generated server certificate" -openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key +openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.key echo "Generated server key" docker-compose up -d -AAFCERT_IP='none' +OOMCERT_IP='none' # Wait container ready for i in {1..9} do - AAFCERT_IP=`get-instance-ip.sh aafcert-service` + OOMCERT_IP=`get-instance-ip.sh oomcert-service` RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \ python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]') if [[ "$RESP_CODE" == "UP" ]]; then - echo 'AAF Cert Service is ready' - export AAFCERT_IP=${AAFCERT_IP} - docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh + echo 'OOM Cert Service is ready' + export OOMCERT_IP=${OOMCERT_IP} + docker exec oomcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh break fi - echo 'Waiting for AAF Cert Service to start up...' + echo 'Waiting for OOM Cert Service to start up...' sleep 30s done -if [ "$AAFCERT_IP" == 'none' -o "$AAFCERT_IP" == '' ]; then - echo "AAF Cert Service is not ready!" +if [ "$OOMCERT_IP" == 'none' -o "$OOMCERT_IP" == '' ]; then + echo "OOM Cert Service is not ready!" exit 1 # Return error code fi diff --git a/plans/aaf/certservice/teardown.sh b/plans/oom-platform-cert-service/certservice/teardown.sh index 71e20b7c..f531180e 100644 --- a/plans/aaf/certservice/teardown.sh +++ b/plans/oom-platform-cert-service/certservice/teardown.sh @@ -19,7 +19,7 @@ docker-compose down make clear -C ./certs/ echo "Removed old keystores" -rm -rf ${WORKSPACE}/tests/aaf/certservice/assets/certs +rm -rf ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs echo "Removed old certificates" kill-instance.sh ${ClientContainerName}
\ No newline at end of file diff --git a/plans/aaf/certservice/testplan.txt b/plans/oom-platform-cert-service/certservice/testplan.txt index 270fc6d4..ed9ee127 100755 --- a/plans/aaf/certservice/testplan.txt +++ b/plans/oom-platform-cert-service/certservice/testplan.txt @@ -1,3 +1,3 @@ # Test suites are relative paths under [integration/csit.git]/tests/. # Place the suites in run order. -aaf/certservice +oom-platform-cert-service/certservice diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/cds/resources/aai.cert b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/cds/resources/aai.cert index 9acb8bb9..266a8f21 100755 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/cds/resources/aai.cert +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/cds/resources/aai.cert @@ -1,31 +1,36 @@ Bag Attributes - friendlyName: so@so.onap.org - localKeyID: 54 69 6D 65 20 31 35 36 34 30 35 32 33 31 34 37 38 34 -subject=CN = aai-simulator, emailAddress = , OU = so@so.onap.org, OU = OSAAF, O = ONAP, C = US + friendlyName: aai-cert + localKeyID: 59 C6 CE 53 FF 25 7B 6F 86 4D E4 3A 2D EB 48 98 E0 20 B9 54 +subject=C = US, O = ONAP, OU = OSAAF, CN = aai-simulator -issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 +issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediate -----BEGIN CERTIFICATE----- -MIIEBzCCAu+gAwIBAgIIdC1kel7DdnYwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE -BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp -bnRlcm1lZGlhdGVDQV85MB4XDTE5MDcyNTEwNTgzNFoXDTIwMDcyNTEwNTgzNFow -bjEWMBQGA1UEAwwNYWFpLXNpbXVsYXRvcjEPMA0GCSqGSIb3DQEJARYAMRcwFQYD -VQQLDA5zb0Bzby5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9O -QVAxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -185xCE6cmsY6XB5Dd/5GlfuWjN05KKk3akymxhbJLa9ektlusmuTPt4cnxD+e4b6 -dymqHzQ6C206TBK1jaDzcF07Ag7VTpxmlgaSukQ+aZoXfIcs80lWCLnNvC2MrOuh -9uhUILAmuddo01cIHJvti5R2g6BEirCGsVKBSwmXRotxHyzUg9IwOpeGy0G1ZDjU -OiMqY5qOonVTEz1AganctdiWK1/eZ5IBD7gQwckS5n1a6RYMVSnr1vKLoiZq76Bp -wKy3EBX16jlmQMC5Aj9/GDezJg0bPvlikL3VUsC76DRShucsxS3SzVxeAJ5nsH8S -qUElpbe3uabhFG2qKmtvdwIDAQABo4HPMIHMMAkGA1UdEwQCMAAwDgYDVR0PAQH/ -BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBUBgNVHSME -TTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4wLDEOMAwGA1UECwwFT1NBQUYx -DTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEHMB0GA1UdDgQWBBSQ54p+SID0 -2p21lUHY9YC1ZZfkZTAYBgNVHREEETAPgg1hYWktc2ltdWxhdG9yMA0GCSqGSIb3 -DQEBCwUAA4IBAQBRGK6Iyjc/0bC3+qjPuNwSlu1pUcgHtgxP/oTU5f9xMSkSjIP0 -weVnIEGOwlW8GRbDPQza14AHETTxJ17rv6p6h7l/dZZmbMPl2S+QXGptgDWR6zY7 -q5ROecGcQzgto6lTMcKgBMW+ct3Tb3khMqP6ewzGz85SY7BgyVE7HFG9M5BM3NhX -ovAcj93C24DFKLDKxHrrsVIROlFk6QW2+kb0zo1YzVc6NNJY2ViXBrM5zrG21tDj -VEv0JaHKPYhzWCb7ZcSSo/ftZ2yDsRGS8r6DK5sYCfLifloMVJhF04hOC+ZbxiiB -JgYniQPmb0Zj5BfXWovdAe/89wr5aokQ3GZL +MIIE/TCCAuUCAQIwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCVVMxDTALBgNV +BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRUwEwYDVQQDDAxpbnRlcm1lZGlhdGUw +IBcNMjAwODEzMTUxMDI5WhgPMjEyMDA3MjAxNTEwMjlaMEQxCzAJBgNVBAYTAlVT +MQ0wCwYDVQQKDARPTkFQMQ4wDAYDVQQLDAVPU0FBRjEWMBQGA1UEAwwNYWFpLXNp +bXVsYXRvcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM/5ReR7rfi1 +KKJSOKSzq+B+jLDOSeBzg6XtuSwcxW9glm09GzxRz7TGTdIRmGz3Y2SRY1En40Ep +ZwEoyPgTBBNNR5hC+da9amvjFil/cvB1GqPS5v5PSNR38kmYjMGCUPtgqFv3Nl3L +zAdgBBwrS4vitDXfq3oDyArGiY2DU1JZzGhPbLdrt8CNetk4csz5v/yHlcY3IMTz +DYyuxfCRNBZvQd1rdusGo/FARLTRD4btMY3i/0/u0weXAsZrzjwiYiuA0i2qjmv7 +AeakNYLBC/nK/UTZFpwoZzFiAzcMs9fUwTDUhWm4nKoVSxRnkjlJoUx/vsctJbSl ++KKJBUYXrznkAQw34BhEZGQdjsUrpoIYti/pZ2w1O0xxfWMz98NE1qZH4TKKirNo +cG7BZJ7EjqO25Ye6rZjfFdUa+Ri7pY7JBNobK8htR72BBX8+j1e8q3IuJ+GjUi9K +fcSH1qK3ypztS8qjfFxYjehBktNt95MgaQdAvz2Xkyzpuj565+54B4YZtv+mfa98 +M/Osc11eox9GTY0nMw/8oohdNt9mzlgsUmCR3rK/3O5xkbmaOyWrgNj/0QlyjVsn +w0pnmHTPmL321U/N5OQe21E54r0PI40DD6pfzUQ9CY/9j45o2f+eD29el4gjTf3l +Bx4+9Hm116oHA9CxFqN7OOySAgrvLm5vAgMBAAEwDQYJKoZIhvcNAQELBQADggIB +ALDeWIRGGVWLgYi1hbvTF/YrZyEPaHW2DSAZHVq+B6YE5O7hpcr5xesT52/zKwVJ +wkithWEeYRkr3/zOtBWYA1luGNf3eQ3MbbaNfatGrv1NrMtp+x7QsLT8u1+YArwj +Vr2Z4h7MHIO9EjdgH5IEMJRaUnOLRTZvvkNESJwVVy+Jlw3NVPvkw+wJcZF2n8Wf +SNdE/FIBLLhJtX2/tiYeO+npn1WAcqifT5k0nOIRxZYEk0GdIq2P53nuaJ74GcWC +enNI/CHjkJKix3yk8GlJPZkL/PfUbne6UwuNmAovoOcnd9hRbzv/IFXnJkmp4aun +pdaSDpbWHyN/pEQBiSPN6QdgNzR7l+zkn+tprZtR143zAvsRBRf2JhpHQqI0EJLV +HPVOGX9ph8f7Dixbka7EiCwy1yoaFuewQ0h/Ofqa8Nw7LPkTi3rp+FWZbZoZahlk +A3k8StZwVOFvUIbvoj0bP3e2nJgnJKwfWppX29m6M0xUTn54hIm2TRkMy2SSIIHl +7jYcaNKbmPibVeaW9Y8bjwBPkvvLbS7ZFb8QTYpYQbBUwLpkbuPImaQq+V4VqRJl +Jzb5ZY7rSk/sp+vu2PuU4QkGGLC1X0bNCIi7ucwt9ie8uNCsYdNfQLYRy3x/BrWq +BsmHg+f5zPyVmKd+qXBwfa7UeT2zJLs3IlFwBeg4sk3f -----END CERTIFICATE----- diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/pnf-sw-upgrade.yang b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/pnf-sw-upgrade.yang index 3cba9cf0..cbad3c57 100755 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/pnf-sw-upgrade.yang +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/pnf-sw-upgrade.yang @@ -73,6 +73,10 @@ module pnf-sw-upgrade { description "Free-text description of the UP."; } + leaf node-health { + type string; + description "Reflect Node Health Status"; + } } } }
\ No newline at end of file diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/startup.xml b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/startup.xml index e1ce243c..ebf2af37 100755 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/startup.xml +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/simulators/pnfsim/pnf-sw-upgrade/startup.xml @@ -1,12 +1,13 @@ <?xml version='1.0' encoding='UTF-8'?> <software-upgrade xmlns="http://onap.org/pnf-sw-upgrade"> - <upgrade-package> - <id>sw-id-1</id> - <current-status>CREATED</current-status> - <software-version>test_software_1</software-version> - <uri>sftp://127.0.0.1/test_software_1.img</uri> - <user>test_user</user> - <password>test_password</password> - <user-label>trial software update</user-label> - </upgrade-package> + <upgrade-package> + <id>sw-id-1</id> + <current-status>CREATED</current-status> + <software-version>test_software_1</software-version> + <uri>sftp://127.0.0.1/test_software_1.img</uri> + <user>test_user</user> + <password>test_password</password> + <user-label>trial software update</user-label> + <node-health>Ok</node-health> + </upgrade-package> </software-upgrade>
\ No newline at end of file diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/aai-certificate/aai.cert b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/aai-certificate/aai.cert index 9acb8bb9..266a8f21 100755..100644 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/aai-certificate/aai.cert +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/aai-certificate/aai.cert @@ -1,31 +1,36 @@ Bag Attributes - friendlyName: so@so.onap.org - localKeyID: 54 69 6D 65 20 31 35 36 34 30 35 32 33 31 34 37 38 34 -subject=CN = aai-simulator, emailAddress = , OU = so@so.onap.org, OU = OSAAF, O = ONAP, C = US + friendlyName: aai-cert + localKeyID: 59 C6 CE 53 FF 25 7B 6F 86 4D E4 3A 2D EB 48 98 E0 20 B9 54 +subject=C = US, O = ONAP, OU = OSAAF, CN = aai-simulator -issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 +issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediate -----BEGIN CERTIFICATE----- -MIIEBzCCAu+gAwIBAgIIdC1kel7DdnYwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE -BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp -bnRlcm1lZGlhdGVDQV85MB4XDTE5MDcyNTEwNTgzNFoXDTIwMDcyNTEwNTgzNFow -bjEWMBQGA1UEAwwNYWFpLXNpbXVsYXRvcjEPMA0GCSqGSIb3DQEJARYAMRcwFQYD -VQQLDA5zb0Bzby5vbmFwLm9yZzEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoMBE9O -QVAxCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -185xCE6cmsY6XB5Dd/5GlfuWjN05KKk3akymxhbJLa9ektlusmuTPt4cnxD+e4b6 -dymqHzQ6C206TBK1jaDzcF07Ag7VTpxmlgaSukQ+aZoXfIcs80lWCLnNvC2MrOuh -9uhUILAmuddo01cIHJvti5R2g6BEirCGsVKBSwmXRotxHyzUg9IwOpeGy0G1ZDjU -OiMqY5qOonVTEz1AganctdiWK1/eZ5IBD7gQwckS5n1a6RYMVSnr1vKLoiZq76Bp -wKy3EBX16jlmQMC5Aj9/GDezJg0bPvlikL3VUsC76DRShucsxS3SzVxeAJ5nsH8S -qUElpbe3uabhFG2qKmtvdwIDAQABo4HPMIHMMAkGA1UdEwQCMAAwDgYDVR0PAQH/ -BAQDAgXgMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBUBgNVHSME -TTBLgBSB95lbELnIjN7zUl7qTmmgQz6s3aEwpC4wLDEOMAwGA1UECwwFT1NBQUYx -DTALBgNVBAoMBE9OQVAxCzAJBgNVBAYTAlVTggEHMB0GA1UdDgQWBBSQ54p+SID0 -2p21lUHY9YC1ZZfkZTAYBgNVHREEETAPgg1hYWktc2ltdWxhdG9yMA0GCSqGSIb3 -DQEBCwUAA4IBAQBRGK6Iyjc/0bC3+qjPuNwSlu1pUcgHtgxP/oTU5f9xMSkSjIP0 -weVnIEGOwlW8GRbDPQza14AHETTxJ17rv6p6h7l/dZZmbMPl2S+QXGptgDWR6zY7 -q5ROecGcQzgto6lTMcKgBMW+ct3Tb3khMqP6ewzGz85SY7BgyVE7HFG9M5BM3NhX -ovAcj93C24DFKLDKxHrrsVIROlFk6QW2+kb0zo1YzVc6NNJY2ViXBrM5zrG21tDj -VEv0JaHKPYhzWCb7ZcSSo/ftZ2yDsRGS8r6DK5sYCfLifloMVJhF04hOC+ZbxiiB -JgYniQPmb0Zj5BfXWovdAe/89wr5aokQ3GZL +MIIE/TCCAuUCAQIwDQYJKoZIhvcNAQELBQAwQzELMAkGA1UEBhMCVVMxDTALBgNV +BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRUwEwYDVQQDDAxpbnRlcm1lZGlhdGUw +IBcNMjAwODEzMTUxMDI5WhgPMjEyMDA3MjAxNTEwMjlaMEQxCzAJBgNVBAYTAlVT +MQ0wCwYDVQQKDARPTkFQMQ4wDAYDVQQLDAVPU0FBRjEWMBQGA1UEAwwNYWFpLXNp +bXVsYXRvcjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM/5ReR7rfi1 +KKJSOKSzq+B+jLDOSeBzg6XtuSwcxW9glm09GzxRz7TGTdIRmGz3Y2SRY1En40Ep +ZwEoyPgTBBNNR5hC+da9amvjFil/cvB1GqPS5v5PSNR38kmYjMGCUPtgqFv3Nl3L +zAdgBBwrS4vitDXfq3oDyArGiY2DU1JZzGhPbLdrt8CNetk4csz5v/yHlcY3IMTz +DYyuxfCRNBZvQd1rdusGo/FARLTRD4btMY3i/0/u0weXAsZrzjwiYiuA0i2qjmv7 +AeakNYLBC/nK/UTZFpwoZzFiAzcMs9fUwTDUhWm4nKoVSxRnkjlJoUx/vsctJbSl ++KKJBUYXrznkAQw34BhEZGQdjsUrpoIYti/pZ2w1O0xxfWMz98NE1qZH4TKKirNo +cG7BZJ7EjqO25Ye6rZjfFdUa+Ri7pY7JBNobK8htR72BBX8+j1e8q3IuJ+GjUi9K +fcSH1qK3ypztS8qjfFxYjehBktNt95MgaQdAvz2Xkyzpuj565+54B4YZtv+mfa98 +M/Osc11eox9GTY0nMw/8oohdNt9mzlgsUmCR3rK/3O5xkbmaOyWrgNj/0QlyjVsn +w0pnmHTPmL321U/N5OQe21E54r0PI40DD6pfzUQ9CY/9j45o2f+eD29el4gjTf3l +Bx4+9Hm116oHA9CxFqN7OOySAgrvLm5vAgMBAAEwDQYJKoZIhvcNAQELBQADggIB +ALDeWIRGGVWLgYi1hbvTF/YrZyEPaHW2DSAZHVq+B6YE5O7hpcr5xesT52/zKwVJ +wkithWEeYRkr3/zOtBWYA1luGNf3eQ3MbbaNfatGrv1NrMtp+x7QsLT8u1+YArwj +Vr2Z4h7MHIO9EjdgH5IEMJRaUnOLRTZvvkNESJwVVy+Jlw3NVPvkw+wJcZF2n8Wf +SNdE/FIBLLhJtX2/tiYeO+npn1WAcqifT5k0nOIRxZYEk0GdIq2P53nuaJ74GcWC +enNI/CHjkJKix3yk8GlJPZkL/PfUbne6UwuNmAovoOcnd9hRbzv/IFXnJkmp4aun +pdaSDpbWHyN/pEQBiSPN6QdgNzR7l+zkn+tprZtR143zAvsRBRf2JhpHQqI0EJLV +HPVOGX9ph8f7Dixbka7EiCwy1yoaFuewQ0h/Ofqa8Nw7LPkTi3rp+FWZbZoZahlk +A3k8StZwVOFvUIbvoj0bP3e2nJgnJKwfWppX29m6M0xUTn54hIm2TRkMy2SSIIHl +7jYcaNKbmPibVeaW9Y8bjwBPkvvLbS7ZFb8QTYpYQbBUwLpkbuPImaQq+V4VqRJl +Jzb5ZY7rSk/sp+vu2PuU4QkGGLC1X0bNCIi7ucwt9ie8uNCsYdNfQLYRy3x/BrWq +BsmHg+f5zPyVmKd+qXBwfa7UeT2zJLs3IlFwBeg4sk3f -----END CERTIFICATE----- diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/root-certificate/root.crt b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/root-certificate/root.crt new file mode 100644 index 00000000..03f676e4 --- /dev/null +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/config/certificates/root-certificate/root.crt @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIIFbTCCA1WgAwIBAgIUcuJ40Js2R5pukZRainsbfHjZMc8wDQYJKoZIhvcNAQEL +BQAwPTEPMA0GA1UEAwwGUm9vdENBMQ4wDAYDVQQLDAVPU0FBRjENMAsGA1UECgwE +T05BUDELMAkGA1UEBhMCVVMwIBcNMjAwODEzMTQ1ODM2WhgPMjEyMDA3MjAxNDU4 +MzZaMD0xDzANBgNVBAMMBlJvb3RDQTEOMAwGA1UECwwFT1NBQUYxDTALBgNVBAoM +BE9OQVAxCzAJBgNVBAYTAlVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC +AgEA1hsnL+g+86ZvckGH2FF8etyyHkre0NioqsR2ppPXQmejhcL03yGjFPNNVsb5 +eXYmAets4sbNbgjbcEiNVYbj0KkYZvXN+YHPys3W7LADE0d+RyIvuw2v1OdZbAZU +BexGDYIW+bz1Bvrw5Vw7n7mCGVgZgbTj6hXDKMOb8EyhhzOQj4trasuz63/kZPtZ +NzlzXh7AU+FOVOkfWEGsAKzyOwqsTLD5IlD85vahYiSe8xMVYdMz+JAFwNvMdOGH +uVdwFEa0bGh+GAonGK1bRhfqjrronOfhnVhMccS3uFyHHhRzT3JmifXRih0/v9Le +EPyc1GwUJd1lMI1iITCAsxlOSwINr0H4FrhV576hUBlZCZxRYQ1Srt04BNP1NjrB +wDQKPQhhlFZYwxn4YCG7T/ktN4ANtFiPa5/ZP4OSYHjF+v6L97vIGQ4DlQ+rvvsY +6/HhRcDhnKm0v3DMY4rF2gPzVZQTVnHgQY3hXaILi7p2kGMVyD5J4lFMGNwYseXP +wxtQL03vlXdLIOcxYP0WjeFyHe7mTZMAS++xzIkcwXPZBTZzOzzxB15V4Hl2WeNE +DSTizLQjKw3vcSkmTEoLVCR/GelVhpXP3WmqmbtbMM6V8g6u+csmiERmoAyGR6hI +h/9pKIBznJChEAdGKLZvsNCC2MjbLDa/n160Ho8G5zLKz5cCAwEAAaNjMGEwHQYD +VR0OBBYEFFFA2kBuZQ5ypVzKvp5CSMztpaDdMB8GA1UdIwQYMBaAFFFA2kBuZQ5y +pVzKvp5CSMztpaDdMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0G +CSqGSIb3DQEBCwUAA4ICAQCezmNt0W5hHUMLCAYfvzw5C85HslIW1OsdYtv7Ck6Q ++qrVqku36/7EesziQfBhB1BYOoGkUbAizrkFVCSvHSenRYaukVirPR5EfmWtAocD +1Tg8EepiFG7FeSWLBflyHbeoq66opVIqooJ9EZT6SDQRc/bYojMu+ZRQ6CJe9mlL +1JAnfWpJJc4c/WevcXo6LqumB4JGA+Dg+ca2ELfEaGNjJs32mDDeWHcKeFzXOk/g +jkfwuDmOc//j/M0ehT3RSnI1b3YXw5gHP0Axne/fFooXtoR8A4ofw8pCu/OsJIdD +AgBtu81klFbPmXZtlcN0lC34KqcUZUkGPcBbKg741wFAmjqCl40FUSofhaARm4gS +zn6CcDx11+JWtAu8kgr7gLtFFYm+pnQdHTnzL7Rd4Wuk4V5i8I/Vx9SCJEHWQx1V +d0EQzZMbLxMxlg8eEUDHm8RBVQahbAmTLPtLxiPtw/a2YY5Ck2ilH1L0CPkJtlvB +AW2uZFJ4DNaIQBDB4hbJgRuVK3K3hzZ5SHyJKmMO0XZ2O+zoQJ4Tl+yasu30lsZU +0qiDgP+WjhzZh+pCS1WkxGZGL7HG0P0HVXkqW2yrzThGurrc5ACAN15UUhrYcuUT +bgfv0R7oe+bp+ZtUQ/d8rU9vR+OcIL0pENfI9vIwtfmNpIWizeJLWc9Kafqd+c8j +kw== +-----END CERTIFICATE----- diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/docker-compose.yml b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/docker-compose.yml index bea0dca4..0886d9d5 100755 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/docker-compose.yml +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/docker-compose.yml @@ -170,9 +170,9 @@ services: - "8081:8081" volumes: - /etc/localtime:/etc/localtime:ro - - ${TEST_LAB_DIR}/volumes/so/ca-certificates/onapheat:/app/ca-certificates - ${CONFIG_DIR_PATH}/override-files/bpmn-infra/onapheat:/app/config - ${CONFIG_DIR_PATH}/certificates/aai-certificate/aai.cert:/app/ca-certificates/aai.cert + - ${CONFIG_DIR_PATH}/certificates/root-certificate/root.crt:/app/ca-certificates/root.crt environment: - APP=bpmn-infra - JVM_ARGS=-Xms64m -Xmx512m diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/application.yaml b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/application.yaml index 205abe40..3a40848f 100755 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/application.yaml +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/application.yaml @@ -3,8 +3,8 @@ server: tomcat: max-threads: 4 ssl: - key-store: classpath:keystore/org.onap.so.p12 - key-store-password: u!@JQoYD])@ykq.NKM,O7iA. + key-store: classpath:keystore/keystore.p12 + key-store-password: mYHC98!qX}7h?W}jRv}MIXTJ keyStoreType: PKCS12 ssl-enable: true spring: @@ -21,5 +21,5 @@ spring: http: client: ssl: - trust-store: classpath:truststore/org.onap.so.trust.jks - trust-store-password: '[)3KV.k*!IlkFhWEq0Nv2dDa'
\ No newline at end of file + trust-store: classpath:truststore/truststore.jks + trust-store-password: '*TQH?Lnszprs4LmlAj38yds('
\ No newline at end of file diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/keystore.p12 b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/keystore.p12 Binary files differnew file mode 100644 index 00000000..6b4340d4 --- /dev/null +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/keystore.p12 diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/org.onap.so.p12 b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/org.onap.so.p12 Binary files differdeleted file mode 100755 index 015f2bf6..00000000 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/keystore/org.onap.so.p12 +++ /dev/null diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/org.onap.so.trust.jks b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/org.onap.so.trust.jks Binary files differdeleted file mode 100755 index 88d61846..00000000 --- a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/org.onap.so.trust.jks +++ /dev/null diff --git a/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/truststore.jks b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/truststore.jks Binary files differnew file mode 100644 index 00000000..d219aaf5 --- /dev/null +++ b/plans/usecases-pnf-sw-upgrade/pnf-sw-upgrade/sorch/simulator/aai-simulator/src/main/resources/truststore/truststore.jks diff --git a/plans/vfc-gvnfm-vnflcm/sanity-check/setup.sh b/plans/vfc-gvnfm-vnflcm/sanity-check/setup.sh index f82f228a..3fd82d29 100755 --- a/plans/vfc-gvnfm-vnflcm/sanity-check/setup.sh +++ b/plans/vfc-gvnfm-vnflcm/sanity-check/setup.sh @@ -32,10 +32,16 @@ docker run -d -p 80:80 -e CONSUL_IP=$MSB_CONSUL_IP -e SDCLIENT_IP=$MSB_DISCOVERY MSB_IAG_IP=`get-instance-ip.sh msb_internal_apigateway` echo MSB_IAG_IP=${MSB_IAG_IP} -docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql nexus3.onap.org:10001/onap/vfc/db +# Start Mysql +docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_USER="gvnfm" -e MYSQL_PASSWORD="gvnfm" -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE="gvnfm" nexus3.onap.org:10001/library/mariadb VFC_DB_IP=`get-instance-ip.sh vfc-db` echo VFC_DB_IP=${VFC_DB_IP} +# Start Redis +docker run -d -p 6379:6379 --name vfc-redis redis +VFC_REDIS_IP=`get-instance-ip.sh vfc-redis` +echo VFC_REDIS_IP=${VFC_REDIS_IP} + # Wait for initialization(8500 Consul, 10081 Service Registration & Discovery, 80 api gateway) for i in {1..10}; do curl -sS -m 1 ${MSB_CONSUL_IP}:8500 && curl -sS -m 1 ${MSB_DISCOVERY_IP}:10081 && curl -sS -m 1 ${MSB_IAG_IP}:80 && break @@ -55,7 +61,7 @@ echo sleep 30 sleep 30 # start vfc-vnflcm -docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 nexus3.onap.org:10001/onap/vfc/vnflcm +docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} nexus3.onap.org:10001/onap/vfc/vnflcm VNFLCM_IP=`get-instance-ip.sh vfc-vnflcm` # Wait for initialization diff --git a/plans/vfc-gvnfm-vnfmgr/sanity-check/setup.sh b/plans/vfc-gvnfm-vnfmgr/sanity-check/setup.sh index 22dd8ae3..b66662b9 100755 --- a/plans/vfc-gvnfm-vnfmgr/sanity-check/setup.sh +++ b/plans/vfc-gvnfm-vnfmgr/sanity-check/setup.sh @@ -19,7 +19,6 @@ source ${SCRIPTS}/common_functions.sh - #start msb docker run -d -p 8500:8500 --name msb_consul consul:0.9.3 MSB_CONSUL_IP=`get-instance-ip.sh msb_consul` @@ -31,10 +30,16 @@ docker run -d -p 80:80 -e CONSUL_IP=$MSB_CONSUL_IP -e SDCLIENT_IP=$MSB_DISCOVERY MSB_IAG_IP=`get-instance-ip.sh msb_internal_apigateway` echo MSB_IAG_IP=${MSB_IAG_IP} -docker run -d -p 3306:3306 --name vfc-db nexus3.onap.org:10001/onap/vfc/db +# Start Mysql +docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_USER="gvnfm" -e MYSQL_PASSWORD="gvnfm" -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE="gvnfm" nexus3.onap.org:10001/library/mariadb VFC_DB_IP=`get-instance-ip.sh vfc-db` echo VFC_DB_IP=${VFC_DB_IP} +# Start Redis +docker run -d -p 6379:6379 --name vfc-redis redis +VFC_REDIS_IP=`get-instance-ip.sh vfc-redis` +echo VFC_REDIS_IP=${VFC_REDIS_IP} + # Wait for initialization(8500 Consul, 10081 Service Registration & Discovery, 80 api gateway) for i in {1..10}; do curl -sS -m 1 ${MSB_CONSUL_IP}:8500 && curl -sS -m 1 ${MSB_DISCOVERY_IP}:10081 && curl -sS -m 1 ${MSB_IAG_IP}:80 && break @@ -54,7 +59,7 @@ echo sleep 60 sleep 60 # start vfc-vnflcm -docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 nexus3.onap.org:10001/onap/vfc/vnflcm +docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} nexus3.onap.org:10001/onap/vfc/vnflcm VNFLCM_IP=`get-instance-ip.sh vfc-vnflcm` # Wait for initialization @@ -65,7 +70,7 @@ for i in {1..10}; do done # start vfc-vnfres -docker run -d --name vfc-vnfmgr -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 nexus3.onap.org:10001/onap/vfc/vnfmgr +docker run -d --name vfc-vnfmgr -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} nexus3.onap.org:10001/onap/vfc/vnfmgr VNFMGR_IP=`get-instance-ip.sh vfc-vnfmgr` # Wait for initialization diff --git a/plans/vfc-gvnfm-vnfres/sanity-check/setup.sh b/plans/vfc-gvnfm-vnfres/sanity-check/setup.sh index e2ab2594..358fa6cc 100755 --- a/plans/vfc-gvnfm-vnfres/sanity-check/setup.sh +++ b/plans/vfc-gvnfm-vnfres/sanity-check/setup.sh @@ -19,7 +19,6 @@ source ${SCRIPTS}/common_functions.sh - #start msb docker run -d -p 8500:8500 --name msb_consul consul:0.9.3 MSB_CONSUL_IP=`get-instance-ip.sh msb_consul` @@ -31,10 +30,16 @@ docker run -d -p 80:80 -e CONSUL_IP=$MSB_CONSUL_IP -e SDCLIENT_IP=$MSB_DISCOVERY MSB_IAG_IP=`get-instance-ip.sh msb_internal_apigateway` echo MSB_IAG_IP=${MSB_IAG_IP} -docker run -d -p 3306:3306 --name vfc-db nexus3.onap.org:10001/onap/vfc/db +# Start Mysql +docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_USER="gvnfm" -e MYSQL_PASSWORD="gvnfm" -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE="gvnfm" nexus3.onap.org:10001/library/mariadb VFC_DB_IP=`get-instance-ip.sh vfc-db` echo VFC_DB_IP=${VFC_DB_IP} +# Start Redis +docker run -d -p 6379:6379 --name vfc-redis redis +VFC_REDIS_IP=`get-instance-ip.sh vfc-redis` +echo VFC_REDIS_IP=${VFC_REDIS_IP} + # Wait for initialization(8500 Consul, 10081 Service Registration & Discovery, 80 api gateway) for i in {1..10}; do curl -sS -m 1 ${MSB_CONSUL_IP}:8500 && curl -sS -m 1 ${MSB_DISCOVERY_IP}:10081 && curl -sS -m 1 ${MSB_IAG_IP}:80 && break @@ -54,7 +59,7 @@ echo sleep 60 sleep 60 # start vfc-vnflcm -docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 nexus3.onap.org:10001/onap/vfc/vnflcm +docker run -d --name vfc-vnflcm -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} nexus3.onap.org:10001/onap/vfc/vnflcm VNFLCM_IP=`get-instance-ip.sh vfc-vnflcm` # Wait for initialization @@ -65,7 +70,7 @@ for i in {1..10}; do done # start vfc-vnfres -docker run -d --name vfc-vnfres -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 nexus3.onap.org:10001/onap/vfc/vnfres +docker run -d --name vfc-vnfres -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} nexus3.onap.org:10001/onap/vfc/vnfres VNFRES_IP=`get-instance-ip.sh vfc-vnfres` # Wait for initialization diff --git a/plans/vfc-nfvo-lcm/sanity-check/setup.sh b/plans/vfc-nfvo-lcm/sanity-check/setup.sh index 394a8afd..6ed146ff 100755 --- a/plans/vfc-nfvo-lcm/sanity-check/setup.sh +++ b/plans/vfc-nfvo-lcm/sanity-check/setup.sh @@ -32,10 +32,16 @@ docker run -d -p 80:80 -e CONSUL_IP=$MSB_CONSUL_IP -e SDCLIENT_IP=$MSB_DISCOVERY MSB_IAG_IP=`get-instance-ip.sh msb_internal_apigateway` echo MSB_IAG_IP=${MSB_IAG_IP} -docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql nexus3.onap.org:10001/onap/vfc/db +# Mysql +docker run -d -p 3306:3306 --name vfc-db -v /var/lib/mysql -e MYSQL_USER="vfcnfvolcm" -e MYSQL_PASSWORD="vfcnfvolcm" -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE="vfcnfvolcm" nexus3.onap.org:10001/library/mariadb VFC_DB_IP=`get-instance-ip.sh vfc-db` echo VFC_DB_IP=${VFC_DB_IP} +# Redis +docker run -d -p 6379:6379 --name vfc-redis redis +VFC_REDIS_IP=`get-instance-ip.sh vfc-redis` +echo VFC_REDIS_IP=${VFC_REDIS_IP} + # Wait for initialization(8500 Consul, 10081 Service Registration & Discovery, 80 api gateway) for i in {1..10}; do curl -sS -m 1 ${MSB_CONSUL_IP}:8500 && curl -sS -m 1 ${MSB_DISCOVERY_IP}:10081 && curl -sS -m 1 ${MSB_IAG_IP}:80 && break @@ -61,7 +67,7 @@ echo sleep 60 sleep 60 # start vfc-nslcm -docker run -d --name vfc-nslcm -v /var/lib/mysql -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REG_TO_MSB_WHEN_START=true nexus3.onap.org:10001/onap/vfc/nslcm +docker run -d --name vfc-nslcm -v /var/lib/mysql -e MSB_ADDR=${MSB_IAG_IP}:80 -e MYSQL_ADDR=${VFC_DB_IP}:3306 -e REDIS_HOST=${VFC_REDIS_IP} -e REG_TO_MSB_WHEN_START=true nexus3.onap.org:10001/onap/vfc/nslcm NSLCM_IP=`get-instance-ip.sh vfc-nslcm` # Wait for initialization diff --git a/tests/aaf/certservice/resources/cert-service-properties.robot b/tests/aaf/certservice/resources/cert-service-properties.robot deleted file mode 100644 index 54ddec11..00000000 --- a/tests/aaf/certservice/resources/cert-service-properties.robot +++ /dev/null @@ -1,31 +0,0 @@ -*** Variables *** - -${CERT_SERVICE_CONTAINER_NAME} aaf-cert-service -${CERT_SERVICE_PORT} 8443 -${AAFCERT_URL} https://localhost:${cert_service_port} -${CLIENT_CA_NAME} Client -${RA_CA_NAME} RA -${CERT_SERVICE_ENDPOINT} /v1/certificate/ -${ROOTCA} %{WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt -${CERTSERVICE_SERVER_CRT} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt -${CERTSERVICE_SERVER_KEY} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key -${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.csr -${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.pk -${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.csr -${VALID_RA_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.pk -${INVALID_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.csr -${INVALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.key - - -${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} -${VALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker.env -${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_jks.env -${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_p12.env -${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_pem.env -${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker_output_type.env -${INVALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker.env -${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest -${CLIENT_CONTAINER_NAME} %{ClientContainerName} -${CERT_SERVICE_NETWORK} certservice_certservice -${MOUNT_PATH} %{WORKSPACE}/tests/aaf/certservice/tmp -${TRUSTSTORE_PATH} %{WORKSPACE}/plans/aaf/certservice/certs diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json b/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json index b70b41d1..bad79d5f 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json @@ -84,7 +84,7 @@ "dmaap_info": { "client_id": "1475976809466", "client_role": "org.onap.dcae.pmPublisher", - "topic_url": "https://mr-sim:3095/events/org.onap.dmaap.mr.PM_SUBSCRIPTIONS", + "topic_url": "https://mr-sim:3095/events/unauthenticated.DCAE_CL_OUTPUT", "location": "san-francisco" }, "type": "message_router" @@ -103,7 +103,7 @@ "policy_pm_subscriber": { "dmaap_info": { "location": "san-francisco", - "topic_url": "https://mr-sim:3095/events/org.onap.dmaap.mr.PM_SUBSCRIPTIONS", + "topic_url": "https://mr-sim:3095/events/unauthenticated.PMSH_CL_INPUT", "client_role": "org.onap.dcae.pmSubscriber", "client_id": "1575876809456" }, diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json index 1a027f21..860672f4 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,7 +36,7 @@ "application/json" ] }, - "body": "{}" + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json index e5c4dd84..8dd58188 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,7 +36,7 @@ "application/json" ] }, - "body": "{}" + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json index eba4e4ee..cd75deb3 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", + "path": "/events/unauthenticated.PMSH_CL_INPUT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", + "path": "/events/unauthenticated.PMSH_CL_INPUT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,10 +36,7 @@ "application/json" ] }, - "body": { - "type": "JSON", - "json": {} - } + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json deleted file mode 100644 index f73fee82..00000000 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json +++ /dev/null @@ -1,45 +0,0 @@ -[ - { - "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", - "queryStringParameters" : { - "timeout" : [ "1000" ] - } - }, - "httpResponse": { - "statusCode": 200, - "headers": { - "content-type": [ - "application/json" - ] - }, - "body": [ - "{\"name\": \"ResponseEvent\", \"nameSpace\": \"org.onap.policy.apex.onap.pmcontrol\", \"source\": \"APEX\", \"target\": \"DCAE\", \"version\": \"0.0.1\", \"status\": {\"subscriptionName\": \"ExtraPM-All-gNB-R2B\", \"nfName\": \"pnf_new\", \"changeType\": \"CREATE\", \"message\": \"success\"}}" - ] - }, - "times": { - "remainingTimes": 1, - "unlimited": false - } - }, - { - "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", - "queryStringParameters" : { - "timeout" : [ "1000" ] - } - }, - "httpResponse": { - "statusCode": 200, - "headers": { - "content-type": [ - "application/json" - ] - }, - "body": { - "type": "JSON", - "json": {} - } - } - } -] diff --git a/tests/dcaegen2-services-pmsh/testcases/pmsh.robot b/tests/dcaegen2-services-pmsh/testcases/pmsh.robot index a2b8cad6..def53caa 100644 --- a/tests/dcaegen2-services-pmsh/testcases/pmsh.robot +++ b/tests/dcaegen2-services-pmsh/testcases/pmsh.robot @@ -21,7 +21,6 @@ ${SUBSCRIPTIONS_ENDPOINT} /subscriptions ${MR_EXPECTATION_AAI_PNF_CREATED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json ${MR_EXPECTATION_AAI_PNF_REMOVED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json -${MR_EXPECTATION_POLICY_RESPONSE_PNF_NEW} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json ${MR_EXPECTATION_POLICY_RESPONSE_PNF_EXISTING} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json ${CBS_EXPECTATION_ADMIN_STATE_UNLOCKED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json @@ -62,18 +61,18 @@ Verify PNF detected in AAI when administrative state unlocked Verify Policy response on MR is handled [Tags] PMSH_04 [Documentation] Verify policy response on MR is handled - [Timeout] 40 seconds + [Timeout] 60 seconds SimulatePolicyResponse ${MR_EXPECTATION_POLICY_RESPONSE_PNF_EXISTING} - Sleep 15 seconds Ensure Policy response on MR is picked up + Sleep 31 seconds Ensure Policy response on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Be Equal As Strings ${resp.json()[0]['network_functions'][0]['nf_sub_status']} CREATED Verify AAI event on MR detailing new PNF being detected is handled [Tags] PMSH_05 [Documentation] Verify PNF created AAI event on MR is handled - [Timeout] 30 seconds + [Timeout] 60 seconds SimulateNewPNF - Sleep 15 seconds Ensure AAI event on MR is picked up + Sleep 31 seconds Ensure AAI event on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Be Equal As Strings ${resp.json()[0]['network_functions'][1]['nf_name']} pnf_newly_discovered Should Be Equal As Strings ${resp.json()[0]['network_functions'][1]['orchestration_status']} Active @@ -82,9 +81,9 @@ Verify AAI event on MR detailing new PNF being detected is handled Verify AAI event on MR detailing PNF being deleted is handled [Tags] PMSH_06 [Documentation] Verify PNF deleted AAI event on MR is handled - [Timeout] 30 seconds + [Timeout] 60 seconds SimulateDeletedPNF - Sleep 12 seconds Ensure AAI event on MR is picked up + Sleep 31 seconds Ensure AAI event on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Not Contain ${resp.text} pnf_newly_discovered diff --git a/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot b/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot index 216f4055..ef10203a 100644 --- a/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot +++ b/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot @@ -123,41 +123,41 @@ Publish V7 Batch Event Without Auth And Cert Send Request And Validate Response Publish Event To VES Collector ${https_no_cert_no_auth_session} ${VES_BATCH_EVENT_ENDPOINT_V7} ${VES_VALID_BATCH_JSON_V7} 401 Publish VES Event With Empty Stnd Domain Namespace Parameter - [Tags] DCAE-VESC-R1 - [Documentation] Post single event with invalid data (empty stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input event.commonEventHeader.stndDefinedNamespace is empty in request" message - Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_EMMPTY_NAMESPACE} 400 Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is empty in request + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED + [Documentation] Post single event with invalid data (empty stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input %1 %2 is empty in request" message + Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_EMMPTY_NAMESPACE} 400 Mandatory input %1 %2 is empty in request Publish VES Event With Missing Stnd Domain Namespace Parameter - [Tags] DCAE-VESC-R1 - [Documentation] Post single event with invalid data (missing stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is missing from request" message - Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_MISSING_NAMESPACE} 400 Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is missing from request + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED + [Documentation] Post single event with invalid data (missing stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input %1 %2 is missing from request" message + Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_MISSING_NAMESPACE} 400 Mandatory input %1 %2 is missing from request Publish Single VES Event With Empty JSON - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with empty json and expect 400 Response Status Code Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_EMPTY_JSON} 400 Publish Single VES Event With Missing SourceName Parameter - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with empty json and expect 400 Response Status Code Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_NAMESPACE_3GPP_PROVISIONING_MISSING_SOURCENAME} 400 Publish Single VES Event With stndDefinedNamespace = 3GPP-Provisioning - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-Provisioning and event should routed to topic unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_PROVISIONING} 202 unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-Heartbeat - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-Heartbeat and event should routed to topic unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_HEARTBEAT} 202 unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-PerformanceAssurance - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-PerformanceAssurance and event should routed to topic unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_PERFORMANCE_ASSURANCE} 202 unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-FaultSupervision - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-FaultSupervision and event should routed to topic unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT - Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_FAULTSUPERVISION} 202 unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT
\ No newline at end of file + Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_FAULTSUPERVISION} 202 unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT diff --git a/tests/aaf/certservice/assets/invalid.csr b/tests/oom-platform-cert-service/certservice/assets/invalid.csr index 7284ab4d..7284ab4d 100644 --- a/tests/aaf/certservice/assets/invalid.csr +++ b/tests/oom-platform-cert-service/certservice/assets/invalid.csr diff --git a/tests/aaf/certservice/assets/invalid.key b/tests/oom-platform-cert-service/certservice/assets/invalid.key index 6484fb6f..6484fb6f 100644 --- a/tests/aaf/certservice/assets/invalid.key +++ b/tests/oom-platform-cert-service/certservice/assets/invalid.key diff --git a/tests/aaf/certservice/assets/invalid_client_docker.env b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env index e96237ca..4f19a9e7 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker.env +++ b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env @@ -2,9 +2,9 @@ REQUEST_TIMEOUT=5000 OUTPUT_PATH=/var/certs CA_NAME=Invalid -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/invalid_client_docker_output_type.env b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env index cff46646..4cdcd9ed 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker_output_type.env +++ b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=INV -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client.csr b/tests/oom-platform-cert-service/certservice/assets/valid_client.csr index 59e5c6af..59e5c6af 100644 --- a/tests/aaf/certservice/assets/valid_client.csr +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client.csr diff --git a/tests/aaf/certservice/assets/valid_client.pk b/tests/oom-platform-cert-service/certservice/assets/valid_client.pk index c84908ff..c84908ff 100644 --- a/tests/aaf/certservice/assets/valid_client.pk +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client.pk diff --git a/tests/aaf/certservice/assets/valid_client_docker.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env index 55fefa3e..6fad6d21 100644 --- a/tests/aaf/certservice/assets/valid_client_docker.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env @@ -2,9 +2,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_jks.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env index 19de0750..0e2d8367 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_jks.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=JKS -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_p12.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env index 0f1cfc28..c3ed729f 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_p12.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=P12 -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_pem.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env index f704f21e..aca2a54b 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_pem.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=PEM -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_ra.csr b/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr index 5decd8ee..5decd8ee 100644 --- a/tests/aaf/certservice/assets/valid_ra.csr +++ b/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr diff --git a/tests/aaf/certservice/assets/valid_ra.pk b/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk index b1ad633a..b1ad633a 100644 --- a/tests/aaf/certservice/assets/valid_ra.pk +++ b/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/oom-platform-cert-service/certservice/cert-service-test.robot index ddf7a174..58e8a7e3 100644 --- a/tests/aaf/certservice/cert-service-test.robot +++ b/tests/oom-platform-cert-service/certservice/cert-service-test.robot @@ -1,6 +1,6 @@ *** Settings *** -Documentation AAF Cert Service API test case scenarios +Documentation OOM Cert Service API test case scenarios Library RequestsLibrary Resource ./resources/cert-service-keywords.robot @@ -9,82 +9,82 @@ Suite Setup Create sessions *** Test Cases *** Health Check - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Service is up and running Run health check Reload Configuration - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Configuration was changed Send Get Request And Validate Response /reload 200 Check if application is ready - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to /ready endpoint and expect 200 Send Get Request And Validate Response /ready 200 Generate Certificate In RA Mode For CA Name - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${RA_CA_NAME} endpoint and expect 200 Send Get Request with Header And Expect Success ${CERT_SERVICE_ENDPOINT}${RA_CA_NAME} ${VALID_RA_CSR_FILE} ${VALID_RA_PK_FILE} Report Not Found Error When Path To Service Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT} endpoint and expect 404 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT} ${VALID_CLIENT_CSR_FILE} ${VALID_CLIENT_PK_FILE} 404 Report Bad Request Error When Header Is Missing In Request - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request without header to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request And Validate Response ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} 400 Report Bad Request Error When CSR Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} ${INVALID_CSR_FILE} ${VALID_CLIENT_PK_FILE} 400 Report Bad Request Error When PK Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400 Cert Service Client successfully creates keystore.p12 and truststore.p12 - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code ${VALID_ENV_FILE} 0 Cert Service Client successfully creates keystore.jks and truststore.jks - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE_JKS} 0 Cert Service Client successfully creates keystore and truststore with expected data with no OUTPUT_TYPE - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PKCS12 files created with correct data Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=JKS - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and JKS files created with correct data Run Cert Service Client And Validate JKS Files Contain Expected Data ${VALID_ENV_FILE_JKS} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=P12 - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PKCS12 files created with correct data Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE_P12} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=PEM - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PEM files created with correct data Run Cert Service Client And Validate PEM Files Contain Expected Data ${VALID_ENV_FILE_PEM} 0 Cert Service Client reports error when OUTPUT_TYPE is invalid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with invalid OUTPUT_TYPE env and expected exit code 1 Run Cert Service Client And Validate Client Exit Code ${INVALID_ENV_FILE_OUTPUT_TYPE} 1 Run Cert Service Client Container And Validate Exit Code And API Response - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with invalid CaName env and expected exit code 5 Run Cert Service Client And Validate Http Response Code And Client Exit Code ${INVALID_ENV_FILE} 404 5 diff --git a/tests/aaf/certservice/libraries/ArtifactParser.py b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py index 54e8d0ff..54e8d0ff 100644 --- a/tests/aaf/certservice/libraries/ArtifactParser.py +++ b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/oom-platform-cert-service/certservice/libraries/CertClientManager.py index a4a0df23..46d69bb8 100644 --- a/tests/aaf/certservice/libraries/CertClientManager.py +++ b/tests/oom-platform-cert-service/certservice/libraries/CertClientManager.py @@ -29,7 +29,7 @@ class CertClientManager: network=network, user='root', # Run container as root to avoid permission issues with volume mount access mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind'), - Mount(target='/etc/onap/aaf/certservice/certs/', source=self.truststore_path, type='bind')], + Mount(target='/etc/onap/oom-platform-cert-service/certservice/certs/', source=self.truststore_path, type='bind')], detach=True ) exitcode = container.wait() diff --git a/tests/aaf/certservice/libraries/EnvsReader.py b/tests/oom-platform-cert-service/certservice/libraries/EnvsReader.py index cc60eed6..cc60eed6 100644 --- a/tests/aaf/certservice/libraries/EnvsReader.py +++ b/tests/oom-platform-cert-service/certservice/libraries/EnvsReader.py diff --git a/tests/aaf/certservice/libraries/JksArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/JksArtifactsValidator.py index e2fdde91..e2fdde91 100644 --- a/tests/aaf/certservice/libraries/JksArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/JksArtifactsValidator.py diff --git a/tests/aaf/certservice/libraries/P12ArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/P12ArtifactsValidator.py index b0701718..b0701718 100644 --- a/tests/aaf/certservice/libraries/P12ArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/P12ArtifactsValidator.py diff --git a/tests/aaf/certservice/libraries/PemArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/PemArtifactsValidator.py index 46e0357e..46e0357e 100644 --- a/tests/aaf/certservice/libraries/PemArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/PemArtifactsValidator.py diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/oom-platform-cert-service/certservice/resources/cert-service-keywords.robot index 39c26a6a..fea210b5 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/oom-platform-cert-service/certservice/resources/cert-service-keywords.robot @@ -15,7 +15,7 @@ Library ../libraries/PemArtifactsValidator.py ${MOUNT_PATH} Create sessions [Documentation] Create all required sessions ${certs}= Create List ${CERTSERVICE_SERVER_CRT} ${CERTSERVICE_SERVER_KEY} - Create Client Cert Session alias ${AAFCERT_URL} client_certs=${certs} verify=${ROOTCA} + Create Client Cert Session alias ${OOMCERT_URL} client_certs=${certs} verify=${ROOTCA} Set Suite Variable ${https_valid_cert_session} alias Run Healthcheck diff --git a/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot new file mode 100644 index 00000000..ff0500a2 --- /dev/null +++ b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot @@ -0,0 +1,31 @@ +*** Variables *** + +${CERT_SERVICE_CONTAINER_NAME} oom-cert-service +${CERT_SERVICE_PORT} 8443 +${OOMCERT_URL} https://localhost:${cert_service_port} +${CLIENT_CA_NAME} Client +${RA_CA_NAME} RA +${CERT_SERVICE_ENDPOINT} /v1/certificate/ +${ROOTCA} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/root.crt +${CERTSERVICE_SERVER_CRT} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.crt +${CERTSERVICE_SERVER_KEY} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.key +${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client.csr +${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client.pk +${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr +${VALID_RA_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk +${INVALID_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid.csr +${INVALID_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid.key + + +${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} +${VALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env +${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env +${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env +${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env +${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env +${INVALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env +${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:latest +${CLIENT_CONTAINER_NAME} %{ClientContainerName} +${CERT_SERVICE_NETWORK} certservice_certservice +${MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/tmp +${TRUSTSTORE_PATH} %{WORKSPACE}/plans/oom-platform-cert-service/certservice/certs diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env b/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env index 57894753..5d647de6 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env @@ -2,7 +2,7 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA -OUTPUT_TYPE=JKS +OUTPUT_TYPE=PEM KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py index b2399dfb..b1c024ff 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py @@ -25,7 +25,6 @@ import shutil import subprocess import docker -import jks from OpenSSL import crypto from docker.types import Mount @@ -39,13 +38,14 @@ class ClientManager: def __init__(self, mount_path, truststore_path): self.mount_path = mount_path self.truststore_path = truststore_path + self.keyPem = mount_path + '/key.pem' self.caCertPem = mount_path + '/ca.pem' self.serverKeyPem = mount_path + '/server_key.pem' self.serverCertPem = mount_path + '/server_cert.pem' - self.keystoreJksPath = mount_path + '/keystore.jks' + self.keystorePemPath = mount_path + '/keystore.pem' self.keystoreP12Path = mount_path + '/keystore.p12' self.keystorePassPath = mount_path + '/keystore.pass' - self.truststoreJksPath = mount_path + '/truststore.jks' + self.truststorePemPath = mount_path + '/truststore.pem' self.truststoreP12Path = mount_path + '/truststore.p12' self.truststorePassPath = mount_path + '/truststore.pass' @@ -71,18 +71,19 @@ class ClientManager: # Function to validate keystore/truststore can be opened with generated pass-phrase. def can_open_keystore_and_truststore_with_pass(self, container_name): if container_name != NETCONF_PNP_SIM_CONTAINER_NAME: - return self.can_open_keystore_and_truststore_jks_files() + return self.can_open_keystore_and_truststore_pem_files() else: return self.can_open_keystore_and_truststore_p12_files() - # Function to validate keystore.jks/truststore.jks can be opened with generated pass-phrase. - def can_open_keystore_and_truststore_jks_files(self): + # Function to validate keystore.pem/truststore.pem exist and are not empty. + def can_open_keystore_and_truststore_pem_files(self): try: - jks.KeyStore.load(self.keystoreJksPath, open(self.keystorePassPath, 'rb').read()) - jks.KeyStore.load(self.truststoreJksPath, open(self.truststorePassPath, 'rb').read()) - return True + private_key = self.file_exist_and_not_empty(self.keyPem) + keystore_pem = self.file_exist_and_not_empty(self.keystorePemPath) + truststore_pem = self.file_exist_and_not_empty(self.truststorePemPath) + return private_key and keystore_pem and truststore_pem except Exception as e: - print("UnExpected Error in validating keystore.jks/truststore.jks: {0}".format(e)) + print("UnExpected Error in validating keystore.pem/truststore.pem: {0}".format(e)) return False # Function to validate keystore.p12/truststore.p12 can be opened with generated pass-phrase. @@ -93,12 +94,14 @@ class ClientManager: # Method for Uploading Certificate in SDNC-Container. # Creating/Uploading Server-key, Server-cert, Ca-cert PEM files in Netconf-Pnp-Simulator. - def can_install_keystore_and_truststore_certs(self, cmd, container_name): + def can_install_keystore_and_truststore_certs(self, cmd, cmd_tls, container_name): continue_exec = True if container_name == NETCONF_PNP_SIM_CONTAINER_NAME: print("Generating PEM files for {0} from P12 files".format(container_name)) continue_exec = self.create_pem(self.keystorePassPath, self.keystoreP12Path, self.truststorePassPath, self.truststoreP12Path) + else: + cmd = cmd_tls if continue_exec: print("Initiate Configuration Push for : {0}".format(container_name)) resp_code = self.execute_bash_config(cmd, container_name) @@ -165,6 +168,9 @@ class ClientManager: def remove_mount_dir(self): shutil.rmtree(self.mount_path) + def file_exist_and_not_empty(self, path_to_file): + return os.path.isfile(path_to_file) and os.path.getsize(path_to_file) > 0 + @staticmethod def get_pkcs12(pass_file_path, p12_file_path): # Load PKCS12 Object diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh new file mode 100755 index 00000000..323f8100 --- /dev/null +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh @@ -0,0 +1,104 @@ +#!/bin/bash + +# ============LICENSE_START======================================================= +# Copyright (C) 2020 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +set -o errexit +set -o pipefail +set -o nounset +[ "${SHELL_XTRACE:-false}" = "true" ] && set -o xtrace + +CONFIG=${CONFIG:-"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data} +CONTAINER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' sdnc) +ODL_URL=${ODL_URL:-http://"${CONTAINER_IP}":8282} +PROC_NAME=${0##*/} +PROC_NAME=${PROC_NAME%.sh} + +function now_ms() { + # Requires coreutils package + date +"%Y-%m-%d %H:%M:%S.%3N" +} + +function log() { + local level=$1 + shift + local message="$*" + printf "%s %-5s [%s] %s\n" "$(now_ms)" $level $PROC_NAME "$message" +} + +# Extracts the body of a PEM file by removing the dashed header and footer +pem_body() { + grep -Fv -- ----- $1 +} + +CA_CERT_ID=xNF_CA_certificate_0_0 +CA_CERT=$(pem_body $CONFIG/truststore.pem) + +SERVER_PRIV_KEY_ID=ODL_private_key_0 +SERVER_KEY=$(pem_body $CONFIG/key.pem) +SERVER_CERT=$(pem_body $CONFIG/keystore.pem) + +RESTCONF_URL=$ODL_URL/restconf +NETCONF_KEYSTORE_PATH=$RESTCONF_URL/config/netconf-keystore:keystore + +xcurl() { + curl -s -o /dev/null -H "Authorization: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==" -w %{http_code} "$@" +} + +log INFO Delete Keystore +sc=$(xcurl -X DELETE $NETCONF_KEYSTORE_PATH) + +if [ "$sc" != "200" -a "$sc" != "404" ]; then + log ERROR "Keystore deletion failed with SC=$sc" + exit 1 +fi + +log INFO Load CA certificate +sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data " +{ + \"trusted-certificate\": [ + { + \"name\": \"$CA_CERT_ID\", + \"certificate\": \"$CA_CERT\" + } + ] +} +") + +if [ "$sc" != "200" -a "$sc" != "204" ]; then + log ERROR Trusted-certificate update failed with SC=$sc + exit 1 +fi + +log INFO Load server private key and certificate +sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data " +{ + \"private-key\": { + \"name\": \"$SERVER_PRIV_KEY_ID\", + \"certificate-chain\": [ + \"$SERVER_CERT\" + ], + \"data\": \"$SERVER_KEY\" + } +} +") + +if [ "$sc" != "200" -a "$sc" != "204" ]; then + log ERROR Private-key update failed with SC=$sc + exit 1 +fi
\ No newline at end of file diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot index a7fbcccc..52cc5d2f 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot @@ -77,7 +77,7 @@ Run Cert Service Client And Validate JKS File Creation And Client Exit Code [Arguments] ${env_file} ${CONTAINER_NAME} ${expected_exit_code} ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} ${can_open}= Can Open Keystore And Truststore With Pass ${CONTAINER_NAME} - ${install_certs}= Can Install Keystore And Truststore Certs ${CONF_SCRIPT} ${CONTAINER_NAME} + ${install_certs}= Can Install Keystore And Truststore Certs ${CONF_SCRIPT} ${CONF_TLS_SCRIPT} ${CONTAINER_NAME} Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} Should Be True ${can_open} Cannot Open Keystore/TrustStore by Passphrase |