diff options
| -rwxr-xr-x | plans/sdnc/healthcheck/setup.sh | 33 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env | 36 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh | 115 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh | 7 | ||||
| -rwxr-xr-x | scripts/sdnc/netconf-pnp-simulator/docker-compose.yml | 12 | ||||
| -rw-r--r-- | scripts/sdnc/netconf-pnp-simulator/netconf-config/data.json | 10 | ||||
| -rw-r--r-- | scripts/sdnc/netconf-pnp-simulator/netconf-config/model.yang | 29 | ||||
| -rwxr-xr-x | scripts/sdnc/netconf-pnp-simulator/netconf-config/subscriber.py | 136 | ||||
| -rw-r--r-- | scripts/sdnc/sdnc/certs/keys0.zip | bin | 5057 -> 6006 bytes | |||
| -rwxr-xr-x | scripts/sdnc/sdnc/docker-compose.yml | 43 | ||||
| -rw-r--r-- | tests/sdnc/healthcheck/test1.robot | 2 | ||||
| -rw-r--r-- | tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-properties.robot | 4 | ||||
| -rw-r--r-- | tests/sdnc/sdnc_netconf_tls_post_deploy/sdnc_post_deploy_cert_check.robot | 52 |
13 files changed, 173 insertions, 306 deletions
diff --git a/plans/sdnc/healthcheck/setup.sh b/plans/sdnc/healthcheck/setup.sh index 99753dfb..2934cd58 100755 --- a/plans/sdnc/healthcheck/setup.sh +++ b/plans/sdnc/healthcheck/setup.sh @@ -26,6 +26,39 @@ export DMAAP_TOPIC=AUTO export DOCKER_IMAGE_VERSION=2.1-STAGING-latest export CCSDK_DOCKER_IMAGE_VERSION=1.1-STAGING-latest +# Set credentials +export MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-mySecretPassword} +export MYSQL_USER=${MYSQL_USER:-sdnc} +export MYSQL_PASSWORD=${MYSQL_PASSWORD:-test123} +export MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb} +export ODL_USER=${ODL_USER:-admin} +export ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} +export ODL_ADMIN_USER=${ODL_ADMIN_USER:-${ODL_USER}} +export ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-${ODL_PASSWORD}} +export DMAAP_USER=${DMAAP_USER:-admin} +export DMAAP_PASSWORD=${DMAAP_PASSWORD:-admin} +export DMAAP_AUTHKEY=${DMAAP_AUTHKEY:-""} +export AAI_TRUSTSTORE_PASSWORD=${AAI_TRUSTSTORE_PASSWORD:-changeit} +export AAI_CLIENT_NAME=${AAI_CLIENT_NAME:-sdnc@sdnc.onap.org} +export AAI_CLIENT_PASSWORD=${AAI_CLIENT_PASSWORD:-demo123456!} +export ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTURE_PASSWORD:-changeit} +export HONEYCOMB_USER=${HONEYCOMB_USER:-admin} +export HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin} +export TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit} +export KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin} +export NENG_USER=${NENG_USER:-ccsdkapps} +export NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps} +export SO_USER=${SO_USER:-sdncaBpmn} +export SO_PASSWORD=${SO_PASSWORD:-password1$} +export CDS_USER=${CDS_USER:-ccsdkapps} +export CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps} +export ANSIBLE_USER=${ANSIBLE_USER:-sdnc} +export ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc} +export SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey} +export ASDC_USER=${ASDC_USER:-sdnc} +export ASDC_PASSWORD=${ASDC_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} + + export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1) if [ "$MTU" == "" ]; then diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env b/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env index 45a0a204..d10b9b1c 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env @@ -2,7 +2,7 @@ GERRIT_BRANCH=master NEXUS_USERNAME=docker NEXUS_PASSWD=docker SDNC_CONTAINER_NAME=sdnc -SDNC_IMAGE_TAG=1.8.3-STAGING-latest +SDNC_IMAGE_TAG=2.1-STAGING-latest NEXUS_DOCKER_REPO=nexus3.onap.org:10001 CLIENT_CONTAINER_NAME=CertServiceClient SDNC_CERT_PATH=${SCRIPTS}/sdnc/sdnc/certs @@ -13,4 +13,36 @@ AAF_CERTSERVICE_SCRIPTS_PATH=${SCRIPTS}/sdnc/certservice/scripts TEMP_DIR_PATH=${WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/tmp NETCONF_CONFIG_PATH=${SCRIPTS}/sdnc/netconf-pnp-simulator/netconf-config AAF_INITIAL_CERTS=${WORKSPACE}/plans/sdnc/sdnc_netconf_tls_post_deploy/certs -AAF_CERTSERVICE_CONFIG_PATH=${SCRIPTS}/sdnc/certservice/config/cmpServers.json
\ No newline at end of file +AAF_CERTSERVICE_CONFIG_PATH=${SCRIPTS}/sdnc/certservice/config/cmpServers.json + +# Set vars with default credentials +export MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-mySecretPassword} +export MYSQL_USER=${MYSQL_USER:-sdnc} +export MYSQL_PASSWORD=${MYSQL_PASSWORD:-test123} +export MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb} +export ODL_USER=${ODL_USER:-admin} +export ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} +export ODL_ADMIN_USER=${ODL_ADMIN_USER:-${ODL_USER}} +export ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-${ODL_PASSWORD}} +export DMAAP_USER=${DMAAP_USER:-admin} +export DMAAP_PASSWORD=${DMAAP_PASSWORD:-admin} +export DMAAP_AUTHKEY=${DMAAP_AUTHKEY:-""} +export AAI_TRUSTSTORE_PASSWORD=${AAI_TRUSTSTORE_PASSWORD:-changeit} +export AAI_CLIENT_NAME=${AAI_CLIENT_NAME:-sdnc@sdnc.onap.org} +export AAI_CLIENT_PASSWORD=${AAI_CLIENT_PASSWORD:-demo123456!} +export ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTURE_PASSWORD:-changeit} +export HONEYCOMB_USER=${HONEYCOMB_USER:-admin} +export HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin} +export TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit} +export KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin} +export NENG_USER=${NENG_USER:-ccsdkapps} +export NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps} +export SO_USER=${SO_USER:-sdncaBpmn} +export SO_PASSWORD=${SO_PASSWORD:-password1$} +export CDS_USER=${CDS_USER:-ccsdkapps} +export CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps} +export ANSIBLE_USER=${ANSIBLE_USER:-sdnc} +export ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc} +export SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey} +export ASDC_USER=${ASDC_USER:-sdnc} +export ASDC_PASSWORD=${ASDC_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh b/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh index a2020aee..1cb65071 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh @@ -29,9 +29,6 @@ chmod +x "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config # Export temp directory export TEMP_DIR_PATH=${TEMP_DIR_PATH} -# Create temp directory to bind with docker containers -mkdir -m 755 -p "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs -mkdir -m 755 -p "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1) @@ -59,55 +56,57 @@ pip install pyjks # Disable Proxy - for local run unset http_proxy https_proxy -# Export AAF Certservice config path -export AAF_INITIAL_CERTS -export EJBCA_CERTPROFILE_PATH -export AAF_CERTSERVICE_CONFIG_PATH -export AAF_CERTSERVICE_SCRIPTS_PATH -export CERT_PROFILE=${EJBCA_CERTPROFILE_PATH} -export SCRIPTS_PATH=${AAF_CERTSERVICE_SCRIPTS_PATH} -export CONFIGURATION_PATH=${AAF_CERTSERVICE_CONFIG_PATH} - -# Generate Keystores, Truststores, Certificates and Keys -make all -C ./certs/ - -cp "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/root.crt "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/root.crt -openssl pkcs12 -in "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer.crt -openssl pkcs12 -in "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' >"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer.key - -echo "Generated KeyStores, Server Certificate and Key" - -# Start EJBCA, AAF-CertService Containers with docker-compose and configuration from docker-compose.yml -docker-compose -f "${SCRIPTS}"/sdnc/certservice/docker-compose.yml up -d - -# Check if AAF-Certservice Service is healthy and ready -AAFCERT_IP='none' -for i in {1..9}; do - AAFCERT_IP=$(get-instance-ip.sh aaf-cert-service) - RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | - python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]') - if [[ "${RESP_CODE}" == "UP" ]]; then - echo "AAF Cert Service is Ready." - export AAFCERT_IP=${AAFCERT_IP} - docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh - break - fi - echo "Waiting for AAF Cert Service to Start Up..." - sleep 2m -done +###################### Netconf Simulator Setup ###################### -if [[ "${AAFCERT_IP}" == "none" || "${AAFCERT_IP}" == '' || "${RESP_CODE}" != "UP" ]]; then - echo "AAF CertService not started Could cause problems for testing activities...!" +# Get integration/simulators +if [ -d ${SCRIPTS}/sdnc/pnf-simulator ] +then + rm -rf ${SCRIPTS}/sdnc/pnf-simulator fi +mkdir ${SCRIPTS}/sdnc/pnf-simulator +git clone "https://gerrit.onap.org/r/integration/simulators/pnf-simulator" ${SCRIPTS}/sdnc/pnf-simulator + +# Fix docker-compose to add nexus repo for onap dockers +mv ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml.orig +cat ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml.orig | sed -e "s/image: onap/image: nexus3.onap.org:10001\/onap/" > ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml + +# Remove carriage returns (if any) from netopeer start script +mv ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh.orig +cat ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh.orig | sed -e "s/\r$//g" > ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh +chmod 755 ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh + + +# Start Netconf Simulator Container with docker-compose and configuration from docker-compose.yml +docker-compose -f "${SCRIPTS}"/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml up -d + +# Add test user in netopeer container +sleep 60 +docker exec netconfsimulator_netopeer_1 useradd --system test + ############################## SDNC Setup ############################## +# Copy client certs from netconf simulator to SDNC certs directory +mkdir /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/client.crt /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/client.key /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/ca.crt /tmp/keys0/trustedCertificates.crt +cwd=$(pwd) +cd /tmp +zip -r $SDNC_CERT_PATH/keys0.zip keys0 +rm -rf /tmp/keys0 + # Export Mariadb, SDNC tmp, cert directory path export SDNC_CERT_PATH=${SDNC_CERT_PATH} docker pull "${NEXUS_DOCKER_REPO}"/onap/sdnc-image:"${SDNC_IMAGE_TAG}" docker tag "${NEXUS_DOCKER_REPO}"/onap/sdnc-image:"${SDNC_IMAGE_TAG}" onap/sdnc-image:latest +# Fix permissions on certs directory to guarantee directory is read/ +# writable and that files are readable +chmod ugo+rwx ${SCRIPTS}/sdnc/sdnc/certs +chmod ugo+r ${SCRIPTS}/sdnc/sdnc/certs/* + # Start Mariadb, SDNC Containers with docker-compose and configuration from docker-compose.yml docker-compose -f "${SCRIPTS}"/sdnc/sdnc/docker-compose.yml up -d @@ -128,30 +127,30 @@ if [[ "${SDNC_IP}" == 'none' || "${SDNC_IP}" == '' || "${RESP_CODE}" != '200' ]] fi # Check if SDNC-ODL Karaf Session started -for i in {1..15}; do - EXEC_RESP=$(docker exec -it sdnc /opt/opendaylight/current/bin/client system:start-level) - if grep -q 'Level 100' <<<"${EXEC_RESP}"; then - echo "SDNC-ODL Karaf Session Started." - break +TIME_OUT=300 +INTERVAL=10 +TIME=0 +while [ "$TIME" -lt "$TIME_OUT" ]; do + + docker exec sdnc cat /opt/opendaylight/data/log/karaf.log | grep 'warp coils' + + if [ $? == 0 ] ; then + echo SDNC karaf started in $TIME seconds + break; fi - echo "Waiting for SDNC-ODL Karaf Session to Start Up..." - sleep 2m + + echo Sleep: $INTERVAL seconds before testing if SDNC is up. Total wait time up now is: $TIME seconds. Timeout is: $TIME_OUT seconds + sleep $INTERVAL + TIME=$(($TIME+$INTERVAL)) done -if ! grep -q 'Level 100' <<<"${EXEC_RESP}"; then - echo "SDNC-ODL Karaf Session not Started, Could cause problems for testing activities...!" +if [ "$TIME" -ge "$TIME_OUT" ]; then + echo TIME OUT: karaf session not started in $TIME_OUT seconds, setup failed + exit 1; fi -echo "Sleeping 5 minutes" -sleep 5m - -###################### Netconf-PNP-Simulator Setup ###################### -# Export netconf-pnp simulator conf path -export NETCONF_CONFIG_PATH=${NETCONF_CONFIG_PATH} -# Start Netconf-Pnp-Simulator Container with docker-compose and configuration from docker-compose.yml -docker-compose -f "${SCRIPTS}"/sdnc/netconf-pnp-simulator/docker-compose.yml up -d # Update default Networking bridge IP in mount.json file sed -i "s/pnfaddr/${LOCAL_IP}/g" "${REQUEST_DATA_PATH}"/mount.xml diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh b/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh index b780ed49..bbf4d075 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh @@ -15,11 +15,8 @@ # limitations under the License. # -docker-compose -f "${SCRIPTS}"/sdnc/certservice/docker-compose.yml down -v + docker-compose -f "${SCRIPTS}"/sdnc/sdnc/docker-compose.yml down -v -docker-compose -f "${SCRIPTS}"/sdnc/netconf-pnp-simulator/docker-compose.yml down -v +docker-compose -f "${SCRIPTS}"/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml down -v -make clear -C "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs -rm -rf "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs -rm -rf "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data
\ No newline at end of file diff --git a/scripts/sdnc/netconf-pnp-simulator/docker-compose.yml b/scripts/sdnc/netconf-pnp-simulator/docker-compose.yml deleted file mode 100755 index d8e723ba..00000000 --- a/scripts/sdnc/netconf-pnp-simulator/docker-compose.yml +++ /dev/null @@ -1,12 +0,0 @@ -version: '3' - -services: - netconf-pnp-simulator: - image: nexus3.onap.org:10001/onap/integration/simulators/netconf-pnp-simulator:2.8.6 - container_name: netconf-simulator - restart: always - ports: - - "830:830" - - "6513:6513" - volumes: - - ${NETCONF_CONFIG_PATH}:/config/modules/mynetconf diff --git a/scripts/sdnc/netconf-pnp-simulator/netconf-config/data.json b/scripts/sdnc/netconf-pnp-simulator/netconf-config/data.json deleted file mode 100644 index 63872eef..00000000 --- a/scripts/sdnc/netconf-pnp-simulator/netconf-config/data.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "mynetconf:netconflist": { - "netconf": [ - { - "netconf-id": 3, - "netconf-param": 3 - } - ] - } -} diff --git a/scripts/sdnc/netconf-pnp-simulator/netconf-config/model.yang b/scripts/sdnc/netconf-pnp-simulator/netconf-config/model.yang deleted file mode 100644 index 6c8c36ab..00000000 --- a/scripts/sdnc/netconf-pnp-simulator/netconf-config/model.yang +++ /dev/null @@ -1,29 +0,0 @@ -module mynetconf { - yang-version 1.1; - namespace "urn:mynetconf:test"; - - prefix nft; - - organization - "mynetconf"; - contact - "my netconf address"; - description - "yang model for mynetconf"; - revision "2019-03-01" { - description - "initial version"; - } - - container netconflist { - list netconf { - key netconf-id; - leaf netconf-id { - type uint16; - } - leaf netconf-param { - type uint32; - } - } - } -} diff --git a/scripts/sdnc/netconf-pnp-simulator/netconf-config/subscriber.py b/scripts/sdnc/netconf-pnp-simulator/netconf-config/subscriber.py deleted file mode 100755 index 61272967..00000000 --- a/scripts/sdnc/netconf-pnp-simulator/netconf-config/subscriber.py +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/bin/env python3 - -__author__ = "Mislav Novakovic <mislav.novakovic@sartura.hr>" -__copyright__ = "Copyright 2018, Deutsche Telekom AG" -__license__ = "Apache 2.0" - -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This sample application demonstrates use of Python programming language bindings for sysrepo library. -# Original c application was rewritten in Python to show similarities and differences -# between the two. -# -# Most notable difference is in the very different nature of languages, c is weakly statically typed language -# while Python is strongly dynamically typed. Python code is much easier to read and logic easier to comprehend -# for smaller scripts. Memory safety is not an issue but lower performance can be expected. -# -# The original c implementation is also available in the source, so one can refer to it to evaluate trade-offs. - -import sysrepo as sr -import sys - - -# Helper function for printing changes given operation, old and new value. -def print_change(op, old_val, new_val): - if op == sr.SR_OP_CREATED: - print(f"CREATED: {new_val.to_string()}") - elif op == sr.SR_OP_DELETED: - print(f"DELETED: {old_val.to_string()}") - elif op == sr.SR_OP_MODIFIED: - print(f"MODIFIED: {old_val.to_string()} to {new_val.to_string()}") - elif op == sr.SR_OP_MOVED: - print(f"MOVED: {new_val.xpath()} after {old_val.xpath()}") - - -# Helper function for printing events. -def ev_to_str(ev): - if ev == sr.SR_EV_VERIFY: - return "verify" - elif ev == sr.SR_EV_APPLY: - return "apply" - elif ev == sr.SR_EV_ABORT: - return "abort" - else: - return "unknown" - - -# Function to print current configuration state. -# It does so by loading all the items of a session and printing them out. -def print_current_config(session, module_name): - select_xpath = f"/{module_name}:*//*" - - values = session.get_items(select_xpath) - - if values is not None: - print("========== BEGIN CONFIG ==========") - for i in range(values.val_cnt()): - print(values.val(i).to_string(), end='') - print("=========== END CONFIG ===========") - - -# Function to be called for subscribed client of given session whenever configuration changes. -def module_change_cb(sess, module_name, event, private_ctx): - try: - print("========== Notification " + ev_to_str(event) + " =============================================") - if event == sr.SR_EV_APPLY: - print_current_config(sess, module_name) - - print("========== CHANGES: =============================================") - - change_path = f"/{module_name}:*" - - it = sess.get_changes_iter(change_path) - - while True: - change = sess.get_change_next(it) - if change is None: - break - print_change(change.oper(), change.old_val(), change.new_val()) - - print("========== END OF CHANGES =======================================") - except Exception as e: - print(e) - - return sr.SR_ERR_OK - - -def main(): - # Notable difference between c implementation is using exception mechanism for open handling unexpected events. - # Here it is useful because `Connection`, `Session` and `Subscribe` could throw an exception. - try: - module_name = "ietf-interfaces" - if len(sys.argv) > 1: - module_name = sys.argv[1] - else: - print("\nYou can pass the module name to be subscribed as the first argument") - - print(f"Application will watch for changes in {module_name}") - - # connect to sysrepo - conn = sr.Connection(module_name) - - # start session - sess = sr.Session(conn) - - # subscribe for changes in running config */ - subscribe = sr.Subscribe(sess) - - subscribe.module_change_subscribe(module_name, module_change_cb) - - try: - print_current_config(sess, module_name) - except Exception as e: - print(e) - - print("========== STARTUP CONFIG APPLIED AS RUNNING ==========") - - sr.global_loop() - - print("Application exit requested, exiting.") - - except Exception as e: - print(e) - - -if __name__ == '__main__': - main() diff --git a/scripts/sdnc/sdnc/certs/keys0.zip b/scripts/sdnc/sdnc/certs/keys0.zip Binary files differindex 48b4d90a..6f7f756b 100644 --- a/scripts/sdnc/sdnc/certs/keys0.zip +++ b/scripts/sdnc/sdnc/certs/keys0.zip diff --git a/scripts/sdnc/sdnc/docker-compose.yml b/scripts/sdnc/sdnc/docker-compose.yml index c47fab50..61bf8b6e 100755 --- a/scripts/sdnc/sdnc/docker-compose.yml +++ b/scripts/sdnc/sdnc/docker-compose.yml @@ -9,7 +9,10 @@ services: volumes: - /etc/localtime:/etc/localtime:ro environment: - - MYSQL_ROOT_PASSWORD=password + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_DATABASE=${MYSQL_DATABASE} hostname: mariadb.so.testlab.onap.org logging: @@ -29,12 +32,38 @@ services: - "8282:8181" hostname: sdnc + links: + - mariadb:dbhost + - mariadb:sdnctldb01 + - mariadb:sdnctldb02 environment: - - MYSQL_ROOT_PASSWORD=password + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_DATABASE=${MYSQL_DATABASE} - SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties - - MYSQL_PASSWD=password - - ODL_ADMIN_USERNAME=admin - - ODL_ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + - SDNC_BIN=/opt/onap/sdnc/bin + - ODL_CERT_DIR=/tmp + - ODL_ADMIN_USERNAME=${ODL_USER} + - ODL_ADMIN_PASSWORD=${ODL_PASSWORD} + - ODL_USER=${ODL_USER} + - ODL_PASSWORD=${ODL_PASSWORD} + - ODL_CERT_DIR=/opt/opendaylight/current/certs + - SDNC_DB_INIT=true + - HONEYCOMB_USER=${HONEYCOMB_USER} + - HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD} + - TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD} + - KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD} + - SO_USER=${SO_USER} + - SO_PASSWORD=${SO_PASSWORD} + - NENG_USER=${NENG_USER} + - NENG_PASSWORD=${NENG_PASSWORD} + - CDS_USER=${CDS_USER} + - CDS_PASSWORD=${CDS_PASSWORD} + - ANSIBLE_USER=${ANSIBLE_USER} + - ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD} + - SQL_CRYPTKEY=${SQL_CRYPTKEY} + - A1_TRUSTSTORE_PASSWORD=a1adapter depends_on: - mariadb dns: @@ -44,7 +73,3 @@ services: options: max-size: "30m" max-file: "5" - extra_hosts: - - sdnctldb02:${LOCAL_IP} - - sdnctldb01:${LOCAL_IP} - - dbhost:${LOCAL_IP}
\ No newline at end of file diff --git a/tests/sdnc/healthcheck/test1.robot b/tests/sdnc/healthcheck/test1.robot index 3648a8e4..85783a79 100644 --- a/tests/sdnc/healthcheck/test1.robot +++ b/tests/sdnc/healthcheck/test1.robot @@ -6,7 +6,7 @@ Library json Library String *** Variables *** -${SDN_APIDOCS_URI} /apidoc/apis +${SDN_APIDOCS_URI} /apidoc/openapi3/18/apis/single ${SDN_HEALTHCHECK_OPERATION_PATH} /operations/SLI-API:healthcheck *** Test Cases *** diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-properties.robot b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-properties.robot index 131a52f9..e6e9790c 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-properties.robot +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-properties.robot @@ -28,10 +28,10 @@ ${SDNC_NETWORK_TOPOLOGY} /config/network-topology:network-topolo ${MOUNT_PATH} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data ${SDNC_CSR_FILE} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env ${SDNC_MOUNT_PATH} /config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo -${PNFSIM_MOUNT_PATH} /config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount/mynetconf:netconflist +${PNFSIM_MOUNT_PATH} /config/network-topology:network-topology/topology/topology-netconf/node/PNFDemo/yang-ext:mount/pnf-simulator # Netconf-Pnp-Simulator ${NETCONF_PNP_SIM_CONTAINER_NAME} %{NETCONF_PNP_SIM_CONTAINER_NAME} ${NETCONF_PNP_SIM_CSR_FILE} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/netconf_pnp_simulator_csr.env ${CONF_SCRIPT} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config.sh -${CONF_TLS_SCRIPT} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh
\ No newline at end of file +${CONF_TLS_SCRIPT} %{WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/sdnc_post_deploy_cert_check.robot b/tests/sdnc/sdnc_netconf_tls_post_deploy/sdnc_post_deploy_cert_check.robot index c2b35e12..7d322c1b 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/sdnc_post_deploy_cert_check.robot +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/sdnc_post_deploy_cert_check.robot @@ -9,52 +9,20 @@ Suite Setup Create sessions *** Test Cases *** -Health Check AAF CertService - [Tags] AAF-CERT-SERVICE - [Documentation] Service is Up and Running - Run health check - -Reload AAF CertService Configuration - [Tags] AAF-CERT-SERVICE - [Documentation] Configuration is Reloaded - Send Get Request And Validate Response /reload 200 - -Check AAF CertService Container Is Ready - [Tags] AAF-CERT-SERVICE - [Documentation] Send Request to /ready Endpoint and Expect 200 - Send Get Request And Validate Response /ready 200 - Check SDNC Keystore For Netopeer2 Certificates [Tags] SDNC-NETOPEER2-CERT-DEPLOYMENT [Documentation] Checking Keystore after SDNC istallation Send Get Request And Validate Response Sdnc ${SDNC_KEYSTORE_CONFIG_PATH} 200 -Check SDNC And PNF TLS Connection Over Netopeer2 Certificates - [Tags] SDNC-PNF-TLS-CONNECTION-CHECK - [Documentation] Checking PNF Mount after SDNC Installation - Send Get Request And Validate TLS Connection Response ${SDNC_MOUNT_PATH} 200 - -Check PNF Delete And Remove Netopeer2 Certificates From Keystore - [Tags] SDNC-PNF-MOUNT-DELETE-CLEAR-KEYSTORE - [Documentation] Checking PNF Mount Delete from SDNC - Send Delete Request And Validate PNF Mount Deleted ${SDNC_MOUNT_PATH} 200 - -Check AAF-CertService Successfully Creates Certificates for SDNC - [Tags] AAF-CERT-SERVICE-SDNC - [Documentation] Run with SDNC CSR and Expected Exit Code 0 - Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${SDNC_CSR_FILE} ${SDNC_CONTAINER_NAME} 0 - -Check SDNC-ODL Certificates Installation In Keystore And Truststore - [Tags] SDNC-ODL-CERTIFICATE-KEYSTORE-VALIDATE - [Documentation] Validate Certificates Got Installed in SDNC-ODL Keystore - Send Get Request And Validate Response Sdnc ${SDNC_KEYSTORE_CONFIG_PATH} 200 +# TLS connection to netconf simulator is not currently working. Commenting +# out for now, and will uncomment when we have working solution. +#Check SDNC And PNF TLS Connection Over Netopeer2 Certificates +# [Tags] SDNC-PNF-TLS-CONNECTION-CHECK +# [Documentation] Checking PNF Mount after SDNC Installation +# Send Get Request And Validate TLS Connection Response ${SDNC_MOUNT_PATH} 200 -Check AAF-CertService Successfully Creates Certificates for Netconf-Pnp-Simulator - [Tags] AAF-CERT-SERVICE-NETCONF_PNP_SIMULATOR - [Documentation] Run with NETCONF-PNP-SIMULATOR CSR and Expect Exit Code 0 - Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${NETCONF_PNP_SIM_CSR_FILE} ${NETCONF_PNP_SIM_CONTAINER_NAME} 0 +#Check PNF Delete And Remove Netopeer2 Certificates From Keystore +# [Tags] SDNC-PNF-MOUNT-DELETE-CLEAR-KEYSTORE +# [Documentation] Checking PNF Mount Delete from SDNC +# Send Delete Request And Validate PNF Mount Deleted ${SDNC_MOUNT_PATH} 200 -Check SDNC-ODL Netconf-Pnp-Simulatore TLS Connection Establishment - [Tags] SDNC-ODL-NETCONF-PNP_SIMULATION-TLS-CONNECTION - [Documentation] Validate SDNC-ODL and Netconf-Pnp-Simulation TLS Connection Establishment - Send Get Request And Validate TLS Connection Response ${SDNC_MOUNT_PATH} 200
\ No newline at end of file |