diff options
Diffstat (limited to 'tests')
33 files changed, 215 insertions, 154 deletions
diff --git a/tests/aaf/certservice/resources/cert-service-properties.robot b/tests/aaf/certservice/resources/cert-service-properties.robot deleted file mode 100644 index 54ddec11..00000000 --- a/tests/aaf/certservice/resources/cert-service-properties.robot +++ /dev/null @@ -1,31 +0,0 @@ -*** Variables *** - -${CERT_SERVICE_CONTAINER_NAME} aaf-cert-service -${CERT_SERVICE_PORT} 8443 -${AAFCERT_URL} https://localhost:${cert_service_port} -${CLIENT_CA_NAME} Client -${RA_CA_NAME} RA -${CERT_SERVICE_ENDPOINT} /v1/certificate/ -${ROOTCA} %{WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt -${CERTSERVICE_SERVER_CRT} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt -${CERTSERVICE_SERVER_KEY} %{WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key -${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.csr -${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client.pk -${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.csr -${VALID_RA_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_ra.pk -${INVALID_CSR_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.csr -${INVALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid.key - - -${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} -${VALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker.env -${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_jks.env -${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_p12.env -${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_pem.env -${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker_output_type.env -${INVALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker.env -${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest -${CLIENT_CONTAINER_NAME} %{ClientContainerName} -${CERT_SERVICE_NETWORK} certservice_certservice -${MOUNT_PATH} %{WORKSPACE}/tests/aaf/certservice/tmp -${TRUSTSTORE_PATH} %{WORKSPACE}/plans/aaf/certservice/certs diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json b/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json index b70b41d1..bad79d5f 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json @@ -84,7 +84,7 @@ "dmaap_info": { "client_id": "1475976809466", "client_role": "org.onap.dcae.pmPublisher", - "topic_url": "https://mr-sim:3095/events/org.onap.dmaap.mr.PM_SUBSCRIPTIONS", + "topic_url": "https://mr-sim:3095/events/unauthenticated.DCAE_CL_OUTPUT", "location": "san-francisco" }, "type": "message_router" @@ -103,7 +103,7 @@ "policy_pm_subscriber": { "dmaap_info": { "location": "san-francisco", - "topic_url": "https://mr-sim:3095/events/org.onap.dmaap.mr.PM_SUBSCRIPTIONS", + "topic_url": "https://mr-sim:3095/events/unauthenticated.PMSH_CL_INPUT", "client_role": "org.onap.dcae.pmSubscriber", "client_id": "1575876809456" }, diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json index 1a027f21..860672f4 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,7 +36,7 @@ "application/json" ] }, - "body": "{}" + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json index e5c4dd84..8dd58188 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/AAI_EVENT/dcae_pmsh_cg/dcae_pmsh_aai_event", + "path": "/events/AAI_EVENT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,7 +36,7 @@ "application/json" ] }, - "body": "{}" + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json index eba4e4ee..cd75deb3 100644 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json +++ b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json @@ -1,7 +1,7 @@ [ { "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", + "path": "/events/unauthenticated.PMSH_CL_INPUT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -24,7 +24,7 @@ }, { "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", + "path": "/events/unauthenticated.PMSH_CL_INPUT/.*", "queryStringParameters" : { "timeout" : [ "1000" ] } @@ -36,10 +36,7 @@ "application/json" ] }, - "body": { - "type": "JSON", - "json": {} - } + "body": [] } } ] diff --git a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json b/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json deleted file mode 100644 index f73fee82..00000000 --- a/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json +++ /dev/null @@ -1,45 +0,0 @@ -[ - { - "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", - "queryStringParameters" : { - "timeout" : [ "1000" ] - } - }, - "httpResponse": { - "statusCode": 200, - "headers": { - "content-type": [ - "application/json" - ] - }, - "body": [ - "{\"name\": \"ResponseEvent\", \"nameSpace\": \"org.onap.policy.apex.onap.pmcontrol\", \"source\": \"APEX\", \"target\": \"DCAE\", \"version\": \"0.0.1\", \"status\": {\"subscriptionName\": \"ExtraPM-All-gNB-R2B\", \"nfName\": \"pnf_new\", \"changeType\": \"CREATE\", \"message\": \"success\"}}" - ] - }, - "times": { - "remainingTimes": 1, - "unlimited": false - } - }, - { - "httpRequest": { - "path": "/events/unauthenticated.PMSH_CL_INPUT/dcae_pmsh_cg/dcae_pmsh_policy_cl_input", - "queryStringParameters" : { - "timeout" : [ "1000" ] - } - }, - "httpResponse": { - "statusCode": 200, - "headers": { - "content-type": [ - "application/json" - ] - }, - "body": { - "type": "JSON", - "json": {} - } - } - } -] diff --git a/tests/dcaegen2-services-pmsh/testcases/pmsh.robot b/tests/dcaegen2-services-pmsh/testcases/pmsh.robot index a2b8cad6..def53caa 100644 --- a/tests/dcaegen2-services-pmsh/testcases/pmsh.robot +++ b/tests/dcaegen2-services-pmsh/testcases/pmsh.robot @@ -21,7 +21,6 @@ ${SUBSCRIPTIONS_ENDPOINT} /subscriptions ${MR_EXPECTATION_AAI_PNF_CREATED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-created.json ${MR_EXPECTATION_AAI_PNF_REMOVED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-aai-pnf-deleted.json -${MR_EXPECTATION_POLICY_RESPONSE_PNF_NEW} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-new.json ${MR_EXPECTATION_POLICY_RESPONSE_PNF_EXISTING} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/mr-expectation-policy-subscription-created-pnf-existing.json ${CBS_EXPECTATION_ADMIN_STATE_UNLOCKED} %{WORKSPACE}/tests/dcaegen2-services-pmsh/testcases/assets/cbs-expectation-unlocked-config.json @@ -62,18 +61,18 @@ Verify PNF detected in AAI when administrative state unlocked Verify Policy response on MR is handled [Tags] PMSH_04 [Documentation] Verify policy response on MR is handled - [Timeout] 40 seconds + [Timeout] 60 seconds SimulatePolicyResponse ${MR_EXPECTATION_POLICY_RESPONSE_PNF_EXISTING} - Sleep 15 seconds Ensure Policy response on MR is picked up + Sleep 31 seconds Ensure Policy response on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Be Equal As Strings ${resp.json()[0]['network_functions'][0]['nf_sub_status']} CREATED Verify AAI event on MR detailing new PNF being detected is handled [Tags] PMSH_05 [Documentation] Verify PNF created AAI event on MR is handled - [Timeout] 30 seconds + [Timeout] 60 seconds SimulateNewPNF - Sleep 15 seconds Ensure AAI event on MR is picked up + Sleep 31 seconds Ensure AAI event on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Be Equal As Strings ${resp.json()[0]['network_functions'][1]['nf_name']} pnf_newly_discovered Should Be Equal As Strings ${resp.json()[0]['network_functions'][1]['orchestration_status']} Active @@ -82,9 +81,9 @@ Verify AAI event on MR detailing new PNF being detected is handled Verify AAI event on MR detailing PNF being deleted is handled [Tags] PMSH_06 [Documentation] Verify PNF deleted AAI event on MR is handled - [Timeout] 30 seconds + [Timeout] 60 seconds SimulateDeletedPNF - Sleep 12 seconds Ensure AAI event on MR is picked up + Sleep 31 seconds Ensure AAI event on MR is picked up ${resp}= Get Request pmsh_session ${SUBSCRIPTIONS_ENDPOINT} Should Not Contain ${resp.text} pnf_newly_discovered diff --git a/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot b/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot index 216f4055..ef10203a 100644 --- a/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot +++ b/tests/dcaegen2/testcases/02__cert_basic_auth_tests.robot @@ -123,41 +123,41 @@ Publish V7 Batch Event Without Auth And Cert Send Request And Validate Response Publish Event To VES Collector ${https_no_cert_no_auth_session} ${VES_BATCH_EVENT_ENDPOINT_V7} ${VES_VALID_BATCH_JSON_V7} 401 Publish VES Event With Empty Stnd Domain Namespace Parameter - [Tags] DCAE-VESC-R1 - [Documentation] Post single event with invalid data (empty stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input event.commonEventHeader.stndDefinedNamespace is empty in request" message - Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_EMMPTY_NAMESPACE} 400 Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is empty in request + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED + [Documentation] Post single event with invalid data (empty stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input %1 %2 is empty in request" message + Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_EMMPTY_NAMESPACE} 400 Mandatory input %1 %2 is empty in request Publish VES Event With Missing Stnd Domain Namespace Parameter - [Tags] DCAE-VESC-R1 - [Documentation] Post single event with invalid data (missing stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is missing from request" message - Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_MISSING_NAMESPACE} 400 Mandatory input attribute event.commonEventHeader.stndDefinedNamespace is missing from request + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED + [Documentation] Post single event with invalid data (missing stnd namespace parameter) to /eventListener/v7 endpoint, expect 400 Response Status Code and "Mandatory input %1 %2 is missing from request" message + Send Request And Validate Response And Error Message Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_MISSING_NAMESPACE} 400 Mandatory input %1 %2 is missing from request Publish Single VES Event With Empty JSON - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with empty json and expect 400 Response Status Code Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_EMPTY_JSON} 400 Publish Single VES Event With Missing SourceName Parameter - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with empty json and expect 400 Response Status Code Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_NAMESPACE_3GPP_PROVISIONING_MISSING_SOURCENAME} 400 Publish Single VES Event With stndDefinedNamespace = 3GPP-Provisioning - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-Provisioning and event should routed to topic unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_PROVISIONING} 202 unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-Heartbeat - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-Heartbeat and event should routed to topic unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_HEARTBEAT} 202 unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-PerformanceAssurance - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-PerformanceAssurance and event should routed to topic unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_PERFORMANCE_ASSURANCE} 202 unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT Publish Single VES Event With stndDefinedNamespace = 3GPP-FaultSupervision - [Tags] DCAE-VESC-R1 + [Tags] DCAE-VESC-R1 DCAE-VESC-STNDDEFINED [Documentation] Post single event with stndDefinedNamespace = 3GPP-FaultSupervision and event should routed to topic unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT - Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_FAULTSUPERVISION} 202 unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT
\ No newline at end of file + Send Request And Validate Response Publish Event To VES Collector ${https_basic_auth_session} ${VES_EVENTLISTENER_V7} ${VES_STDN_DEFINED_3GPP_FAULTSUPERVISION} 202 unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT diff --git a/tests/aaf/certservice/assets/invalid.csr b/tests/oom-platform-cert-service/certservice/assets/invalid.csr index 7284ab4d..7284ab4d 100644 --- a/tests/aaf/certservice/assets/invalid.csr +++ b/tests/oom-platform-cert-service/certservice/assets/invalid.csr diff --git a/tests/aaf/certservice/assets/invalid.key b/tests/oom-platform-cert-service/certservice/assets/invalid.key index 6484fb6f..6484fb6f 100644 --- a/tests/aaf/certservice/assets/invalid.key +++ b/tests/oom-platform-cert-service/certservice/assets/invalid.key diff --git a/tests/aaf/certservice/assets/invalid_client_docker.env b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env index e96237ca..4f19a9e7 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker.env +++ b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env @@ -2,9 +2,9 @@ REQUEST_TIMEOUT=5000 OUTPUT_PATH=/var/certs CA_NAME=Invalid -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/invalid_client_docker_output_type.env b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env index cff46646..4cdcd9ed 100644 --- a/tests/aaf/certservice/assets/invalid_client_docker_output_type.env +++ b/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=INV -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client.csr b/tests/oom-platform-cert-service/certservice/assets/valid_client.csr index 59e5c6af..59e5c6af 100644 --- a/tests/aaf/certservice/assets/valid_client.csr +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client.csr diff --git a/tests/aaf/certservice/assets/valid_client.pk b/tests/oom-platform-cert-service/certservice/assets/valid_client.pk index c84908ff..c84908ff 100644 --- a/tests/aaf/certservice/assets/valid_client.pk +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client.pk diff --git a/tests/aaf/certservice/assets/valid_client_docker.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env index 55fefa3e..6fad6d21 100644 --- a/tests/aaf/certservice/assets/valid_client_docker.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env @@ -2,9 +2,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_jks.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env index 19de0750..0e2d8367 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_jks.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=JKS -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_p12.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env index 0f1cfc28..c3ed729f 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_p12.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=P12 -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_client_docker_pem.env b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env index f704f21e..aca2a54b 100644 --- a/tests/aaf/certservice/assets/valid_client_docker_pem.env +++ b/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env @@ -3,9 +3,9 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA OUTPUT_TYPE=PEM -KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret -TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PATH=/etc/onap/oom-platform-cert-service/certservice/certs/truststore.jks TRUSTSTORE_PASSWORD=secret #Csr config envs COMMON_NAME=onap.org diff --git a/tests/aaf/certservice/assets/valid_ra.csr b/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr index 5decd8ee..5decd8ee 100644 --- a/tests/aaf/certservice/assets/valid_ra.csr +++ b/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr diff --git a/tests/aaf/certservice/assets/valid_ra.pk b/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk index b1ad633a..b1ad633a 100644 --- a/tests/aaf/certservice/assets/valid_ra.pk +++ b/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/oom-platform-cert-service/certservice/cert-service-test.robot index ddf7a174..58e8a7e3 100644 --- a/tests/aaf/certservice/cert-service-test.robot +++ b/tests/oom-platform-cert-service/certservice/cert-service-test.robot @@ -1,6 +1,6 @@ *** Settings *** -Documentation AAF Cert Service API test case scenarios +Documentation OOM Cert Service API test case scenarios Library RequestsLibrary Resource ./resources/cert-service-keywords.robot @@ -9,82 +9,82 @@ Suite Setup Create sessions *** Test Cases *** Health Check - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Service is up and running Run health check Reload Configuration - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Configuration was changed Send Get Request And Validate Response /reload 200 Check if application is ready - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to /ready endpoint and expect 200 Send Get Request And Validate Response /ready 200 Generate Certificate In RA Mode For CA Name - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${RA_CA_NAME} endpoint and expect 200 Send Get Request with Header And Expect Success ${CERT_SERVICE_ENDPOINT}${RA_CA_NAME} ${VALID_RA_CSR_FILE} ${VALID_RA_PK_FILE} Report Not Found Error When Path To Service Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT} endpoint and expect 404 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT} ${VALID_CLIENT_CSR_FILE} ${VALID_CLIENT_PK_FILE} 404 Report Bad Request Error When Header Is Missing In Request - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request without header to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request And Validate Response ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} 400 Report Bad Request Error When CSR Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} ${INVALID_CSR_FILE} ${VALID_CLIENT_PK_FILE} 400 Report Bad Request Error When PK Is Not Valid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400 Cert Service Client successfully creates keystore.p12 and truststore.p12 - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code ${VALID_ENV_FILE} 0 Cert Service Client successfully creates keystore.jks and truststore.jks - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE_JKS} 0 Cert Service Client successfully creates keystore and truststore with expected data with no OUTPUT_TYPE - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PKCS12 files created with correct data Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=JKS - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and JKS files created with correct data Run Cert Service Client And Validate JKS Files Contain Expected Data ${VALID_ENV_FILE_JKS} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=P12 - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PKCS12 files created with correct data Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE_P12} 0 Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=PEM - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with correct env and PEM files created with correct data Run Cert Service Client And Validate PEM Files Contain Expected Data ${VALID_ENV_FILE_PEM} 0 Cert Service Client reports error when OUTPUT_TYPE is invalid - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with invalid OUTPUT_TYPE env and expected exit code 1 Run Cert Service Client And Validate Client Exit Code ${INVALID_ENV_FILE_OUTPUT_TYPE} 1 Run Cert Service Client Container And Validate Exit Code And API Response - [Tags] AAF-CERT-SERVICE + [Tags] OOM-CERT-SERVICE [Documentation] Run with invalid CaName env and expected exit code 5 Run Cert Service Client And Validate Http Response Code And Client Exit Code ${INVALID_ENV_FILE} 404 5 diff --git a/tests/aaf/certservice/libraries/ArtifactParser.py b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py index 54e8d0ff..54e8d0ff 100644 --- a/tests/aaf/certservice/libraries/ArtifactParser.py +++ b/tests/oom-platform-cert-service/certservice/libraries/ArtifactParser.py diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/oom-platform-cert-service/certservice/libraries/CertClientManager.py index a4a0df23..46d69bb8 100644 --- a/tests/aaf/certservice/libraries/CertClientManager.py +++ b/tests/oom-platform-cert-service/certservice/libraries/CertClientManager.py @@ -29,7 +29,7 @@ class CertClientManager: network=network, user='root', # Run container as root to avoid permission issues with volume mount access mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind'), - Mount(target='/etc/onap/aaf/certservice/certs/', source=self.truststore_path, type='bind')], + Mount(target='/etc/onap/oom-platform-cert-service/certservice/certs/', source=self.truststore_path, type='bind')], detach=True ) exitcode = container.wait() diff --git a/tests/aaf/certservice/libraries/EnvsReader.py b/tests/oom-platform-cert-service/certservice/libraries/EnvsReader.py index cc60eed6..cc60eed6 100644 --- a/tests/aaf/certservice/libraries/EnvsReader.py +++ b/tests/oom-platform-cert-service/certservice/libraries/EnvsReader.py diff --git a/tests/aaf/certservice/libraries/JksArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/JksArtifactsValidator.py index e2fdde91..e2fdde91 100644 --- a/tests/aaf/certservice/libraries/JksArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/JksArtifactsValidator.py diff --git a/tests/aaf/certservice/libraries/P12ArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/P12ArtifactsValidator.py index b0701718..b0701718 100644 --- a/tests/aaf/certservice/libraries/P12ArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/P12ArtifactsValidator.py diff --git a/tests/aaf/certservice/libraries/PemArtifactsValidator.py b/tests/oom-platform-cert-service/certservice/libraries/PemArtifactsValidator.py index 46e0357e..46e0357e 100644 --- a/tests/aaf/certservice/libraries/PemArtifactsValidator.py +++ b/tests/oom-platform-cert-service/certservice/libraries/PemArtifactsValidator.py diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/oom-platform-cert-service/certservice/resources/cert-service-keywords.robot index 39c26a6a..fea210b5 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/oom-platform-cert-service/certservice/resources/cert-service-keywords.robot @@ -15,7 +15,7 @@ Library ../libraries/PemArtifactsValidator.py ${MOUNT_PATH} Create sessions [Documentation] Create all required sessions ${certs}= Create List ${CERTSERVICE_SERVER_CRT} ${CERTSERVICE_SERVER_KEY} - Create Client Cert Session alias ${AAFCERT_URL} client_certs=${certs} verify=${ROOTCA} + Create Client Cert Session alias ${OOMCERT_URL} client_certs=${certs} verify=${ROOTCA} Set Suite Variable ${https_valid_cert_session} alias Run Healthcheck diff --git a/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot new file mode 100644 index 00000000..ff0500a2 --- /dev/null +++ b/tests/oom-platform-cert-service/certservice/resources/cert-service-properties.robot @@ -0,0 +1,31 @@ +*** Variables *** + +${CERT_SERVICE_CONTAINER_NAME} oom-cert-service +${CERT_SERVICE_PORT} 8443 +${OOMCERT_URL} https://localhost:${cert_service_port} +${CLIENT_CA_NAME} Client +${RA_CA_NAME} RA +${CERT_SERVICE_ENDPOINT} /v1/certificate/ +${ROOTCA} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/root.crt +${CERTSERVICE_SERVER_CRT} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.crt +${CERTSERVICE_SERVER_KEY} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.key +${VALID_CLIENT_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client.csr +${VALID_CLIENT_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client.pk +${VALID_RA_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_ra.csr +${VALID_RA_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_ra.pk +${INVALID_CSR_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid.csr +${INVALID_PK_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid.key + + +${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} +${VALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker.env +${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_jks.env +${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_p12.env +${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/valid_client_docker_pem.env +${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker_output_type.env +${INVALID_ENV_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/invalid_client_docker.env +${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:latest +${CLIENT_CONTAINER_NAME} %{ClientContainerName} +${CERT_SERVICE_NETWORK} certservice_certservice +${MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/certservice/tmp +${TRUSTSTORE_PATH} %{WORKSPACE}/plans/oom-platform-cert-service/certservice/certs diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env b/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env index 57894753..5d647de6 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/csr/sdnc_csr.env @@ -2,7 +2,7 @@ REQUEST_TIMEOUT=30000 OUTPUT_PATH=/var/certs CA_NAME=RA -OUTPUT_TYPE=JKS +OUTPUT_TYPE=PEM KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks KEYSTORE_PASSWORD=secret TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py index b2399dfb..b1c024ff 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/ClientManager.py @@ -25,7 +25,6 @@ import shutil import subprocess import docker -import jks from OpenSSL import crypto from docker.types import Mount @@ -39,13 +38,14 @@ class ClientManager: def __init__(self, mount_path, truststore_path): self.mount_path = mount_path self.truststore_path = truststore_path + self.keyPem = mount_path + '/key.pem' self.caCertPem = mount_path + '/ca.pem' self.serverKeyPem = mount_path + '/server_key.pem' self.serverCertPem = mount_path + '/server_cert.pem' - self.keystoreJksPath = mount_path + '/keystore.jks' + self.keystorePemPath = mount_path + '/keystore.pem' self.keystoreP12Path = mount_path + '/keystore.p12' self.keystorePassPath = mount_path + '/keystore.pass' - self.truststoreJksPath = mount_path + '/truststore.jks' + self.truststorePemPath = mount_path + '/truststore.pem' self.truststoreP12Path = mount_path + '/truststore.p12' self.truststorePassPath = mount_path + '/truststore.pass' @@ -71,18 +71,19 @@ class ClientManager: # Function to validate keystore/truststore can be opened with generated pass-phrase. def can_open_keystore_and_truststore_with_pass(self, container_name): if container_name != NETCONF_PNP_SIM_CONTAINER_NAME: - return self.can_open_keystore_and_truststore_jks_files() + return self.can_open_keystore_and_truststore_pem_files() else: return self.can_open_keystore_and_truststore_p12_files() - # Function to validate keystore.jks/truststore.jks can be opened with generated pass-phrase. - def can_open_keystore_and_truststore_jks_files(self): + # Function to validate keystore.pem/truststore.pem exist and are not empty. + def can_open_keystore_and_truststore_pem_files(self): try: - jks.KeyStore.load(self.keystoreJksPath, open(self.keystorePassPath, 'rb').read()) - jks.KeyStore.load(self.truststoreJksPath, open(self.truststorePassPath, 'rb').read()) - return True + private_key = self.file_exist_and_not_empty(self.keyPem) + keystore_pem = self.file_exist_and_not_empty(self.keystorePemPath) + truststore_pem = self.file_exist_and_not_empty(self.truststorePemPath) + return private_key and keystore_pem and truststore_pem except Exception as e: - print("UnExpected Error in validating keystore.jks/truststore.jks: {0}".format(e)) + print("UnExpected Error in validating keystore.pem/truststore.pem: {0}".format(e)) return False # Function to validate keystore.p12/truststore.p12 can be opened with generated pass-phrase. @@ -93,12 +94,14 @@ class ClientManager: # Method for Uploading Certificate in SDNC-Container. # Creating/Uploading Server-key, Server-cert, Ca-cert PEM files in Netconf-Pnp-Simulator. - def can_install_keystore_and_truststore_certs(self, cmd, container_name): + def can_install_keystore_and_truststore_certs(self, cmd, cmd_tls, container_name): continue_exec = True if container_name == NETCONF_PNP_SIM_CONTAINER_NAME: print("Generating PEM files for {0} from P12 files".format(container_name)) continue_exec = self.create_pem(self.keystorePassPath, self.keystoreP12Path, self.truststorePassPath, self.truststoreP12Path) + else: + cmd = cmd_tls if continue_exec: print("Initiate Configuration Push for : {0}".format(container_name)) resp_code = self.execute_bash_config(cmd, container_name) @@ -165,6 +168,9 @@ class ClientManager: def remove_mount_dir(self): shutil.rmtree(self.mount_path) + def file_exist_and_not_empty(self, path_to_file): + return os.path.isfile(path_to_file) and os.path.getsize(path_to_file) > 0 + @staticmethod def get_pkcs12(pass_file_path, p12_file_path): # Load PKCS12 Object diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh new file mode 100755 index 00000000..323f8100 --- /dev/null +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config_tls.sh @@ -0,0 +1,104 @@ +#!/bin/bash + +# ============LICENSE_START======================================================= +# Copyright (C) 2020 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +set -o errexit +set -o pipefail +set -o nounset +[ "${SHELL_XTRACE:-false}" = "true" ] && set -o xtrace + +CONFIG=${CONFIG:-"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data} +CONTAINER_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' sdnc) +ODL_URL=${ODL_URL:-http://"${CONTAINER_IP}":8282} +PROC_NAME=${0##*/} +PROC_NAME=${PROC_NAME%.sh} + +function now_ms() { + # Requires coreutils package + date +"%Y-%m-%d %H:%M:%S.%3N" +} + +function log() { + local level=$1 + shift + local message="$*" + printf "%s %-5s [%s] %s\n" "$(now_ms)" $level $PROC_NAME "$message" +} + +# Extracts the body of a PEM file by removing the dashed header and footer +pem_body() { + grep -Fv -- ----- $1 +} + +CA_CERT_ID=xNF_CA_certificate_0_0 +CA_CERT=$(pem_body $CONFIG/truststore.pem) + +SERVER_PRIV_KEY_ID=ODL_private_key_0 +SERVER_KEY=$(pem_body $CONFIG/key.pem) +SERVER_CERT=$(pem_body $CONFIG/keystore.pem) + +RESTCONF_URL=$ODL_URL/restconf +NETCONF_KEYSTORE_PATH=$RESTCONF_URL/config/netconf-keystore:keystore + +xcurl() { + curl -s -o /dev/null -H "Authorization: Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ==" -w %{http_code} "$@" +} + +log INFO Delete Keystore +sc=$(xcurl -X DELETE $NETCONF_KEYSTORE_PATH) + +if [ "$sc" != "200" -a "$sc" != "404" ]; then + log ERROR "Keystore deletion failed with SC=$sc" + exit 1 +fi + +log INFO Load CA certificate +sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data " +{ + \"trusted-certificate\": [ + { + \"name\": \"$CA_CERT_ID\", + \"certificate\": \"$CA_CERT\" + } + ] +} +") + +if [ "$sc" != "200" -a "$sc" != "204" ]; then + log ERROR Trusted-certificate update failed with SC=$sc + exit 1 +fi + +log INFO Load server private key and certificate +sc=$(xcurl -X POST $NETCONF_KEYSTORE_PATH --header "Content-Type: application/json" --data " +{ + \"private-key\": { + \"name\": \"$SERVER_PRIV_KEY_ID\", + \"certificate-chain\": [ + \"$SERVER_CERT\" + ], + \"data\": \"$SERVER_KEY\" + } +} +") + +if [ "$sc" != "200" -a "$sc" != "204" ]; then + log ERROR Private-key update failed with SC=$sc + exit 1 +fi
\ No newline at end of file diff --git a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot index a7fbcccc..52cc5d2f 100644 --- a/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot +++ b/tests/sdnc/sdnc_netconf_tls_post_deploy/resources/sdnc-keywords.robot @@ -77,7 +77,7 @@ Run Cert Service Client And Validate JKS File Creation And Client Exit Code [Arguments] ${env_file} ${CONTAINER_NAME} ${expected_exit_code} ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} ${can_open}= Can Open Keystore And Truststore With Pass ${CONTAINER_NAME} - ${install_certs}= Can Install Keystore And Truststore Certs ${CONF_SCRIPT} ${CONTAINER_NAME} + ${install_certs}= Can Install Keystore And Truststore Certs ${CONF_SCRIPT} ${CONF_TLS_SCRIPT} ${CONTAINER_NAME} Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} Should Be True ${can_open} Cannot Open Keystore/TrustStore by Passphrase |