From 6ed06d5157bc334b957016bd3c4f78e81cca3c94 Mon Sep 17 00:00:00 2001 From: Tomasz Wrobel Date: Wed, 11 Mar 2020 15:31:10 +0100 Subject: Enhacement AAF-CerService CSIT Added http response code verification in negative path. Added verification of .jks file creation in positive path. Issue-ID: AAF-996 Signed-off-by: Tomasz Wrobel Change-Id: Ia60823a0393149054bbb4358883f7ec6dbd965b4 --- tests/aaf/certservice/cert-service-test.robot | 8 +- .../aaf/certservice/libraries/CertClientManager.py | 88 ++++++++++++++++++++-- .../resources/cert-service-keywords.robot | 23 ++++-- 3 files changed, 105 insertions(+), 14 deletions(-) diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/aaf/certservice/cert-service-test.robot index 9d45e455..b3b57b54 100644 --- a/tests/aaf/certservice/cert-service-test.robot +++ b/tests/aaf/certservice/cert-service-test.robot @@ -43,13 +43,13 @@ Report Bad Request Error When PK Is Not Valid [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400 -Cert Service Client successful create keystore and trust store +Cert Service Client successfully creates keystore and truststore [Tags] AAF-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 - Run Cert Service Client Container And Validate Exit Code ${VALID_ENV_FILE} 0 + Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE} 0 -Creation of keystore and trustore unsuccesful, incorrect client configuration +Run Cert Service Client Container And Validate Exit Code And API Response [Tags] AAF-CERT-SERVICE [Documentation] Run with invalid CaName env and expected exit code 5 - Run Cert Service Client Container And Validate Exit Code ${INVALID_ENV_FILE} 5 + Run Cert Service Client And Validate Http Response Code And Client Exit Code ${INVALID_ENV_FILE} 404 5 diff --git a/tests/aaf/certservice/libraries/CertClientManager.py b/tests/aaf/certservice/libraries/CertClientManager.py index 30501c8b..ebacf221 100644 --- a/tests/aaf/certservice/libraries/CertClientManager.py +++ b/tests/aaf/certservice/libraries/CertClientManager.py @@ -1,4 +1,15 @@ import docker +import os +import shutil +import tarfile +import re +from OpenSSL import crypto + +ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/" +TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp" + +ERROR_API_REGEX = 'Error on API response.*[0-9]{3}' +RESPONSE_CODE_REGEX = '[0-9]{3}' class CertClientManager: @@ -12,11 +23,6 @@ class CertClientManager: exitcode = container.wait() return exitcode - def remove_client_container(self, container_name): - client = docker.from_env() - container = client.containers.get(container_name) - container.remove() - def read_list_env_from_file(self, path): f = open(path, "r") r_list = [] @@ -25,3 +31,75 @@ class CertClientManager: if line[0] != "#": r_list.append(line) return r_list + + def remove_client_container_and_save_logs(self, container_name, log_file_name): + client = docker.from_env() + container = client.containers.get(container_name) + text_file = open(ARCHIVES_PATH + "container_" + log_file_name + ".log", "w") + text_file.write(container.logs()) + text_file.close() + container.remove() + + def can_open_keystore_and_truststore_with_pass(self, container_name): + self.copy_jks_file_to_tmp_dir(container_name) + + keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass' + keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks' + can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path) + + truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass' + truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks' + can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path) + + self.remove_tmp_dir(TMP_PATH) + return can_open_keystore & can_open_truststore + + def copy_jks_file_to_tmp_dir(self, container_name): + os.mkdir(TMP_PATH) + self.copy_jks_file_from_container_to_tmp_dir(container_name) + self.extract_tar_file() + + def copy_jks_file_from_container_to_tmp_dir(self, container_name): + client = docker.from_env() + container = client.containers.get(container_name) + f = open(TMP_PATH + '/var_log.tar', 'wb') + bits, stat = container.get_archive('/var/log/') + for chunk in bits: + f.write(chunk) + f.close() + + def extract_tar_file(self): + my_tar = tarfile.open(TMP_PATH + '/var_log.tar') + my_tar.extractall(TMP_PATH + '/logs') + my_tar.close() + + def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path): + try: + password = open(pass_file_path, 'rb').read() + crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password) + return True + except: + return False + + def remove_tmp_dir(self, tmp_path): + shutil.rmtree(tmp_path) + + def can_find_api_response_in_logs(self, container_name): + logs = self.get_container_logs(container_name) + api_logs = re.findall(ERROR_API_REGEX, logs) + if api_logs: + return True + else: + return False + + def get_api_response_from_logs(self, container_name): + logs = self.get_container_logs(container_name) + error_api_message = re.findall(ERROR_API_REGEX, logs) + code = re.findall(RESPONSE_CODE_REGEX, error_api_message[0]) + return code[0] + + def get_container_logs(self, container_name): + client = docker.from_env() + container = client.containers.get(container_name) + logs = container.logs() + return logs diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot index a8315e7f..e8576dd2 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/aaf/certservice/resources/cert-service-keywords.robot @@ -83,9 +83,22 @@ Send Post Request And Validate Response ${resp}= Post Request ${http_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} -Run Cert Service Client Container And Validate Exit Code +Run Cert Service Client And Validate JKS File Creation And Client Exit Code [Documentation] Run Cert Service Client Container And Validate Exit Code - [Arguments] ${env_file} ${expected_code} - ${exitcode}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK} - Remove Client Container ${CLIENT_CONTAINER_NAME} - Should Be Equal As Strings ${exitcode} ${expected_code} + [Arguments] ${env_file} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK} + ${can_open}= Can Open Keystore And Truststore With Pass ${CLIENT_CONTAINER_NAME} + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} + Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase + +Run Cert Service Client And Validate Http Response Code And Client Exit Code + [Documentation] Run Cert Service Client Container And Validate Exit Code + [Arguments] ${env_file} ${expected_api_response_code} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK} + ${can_find_API_response}= Can Find Api Response In Logs ${CLIENT_CONTAINER_NAME} + ${api_response_code}= Get Api Response From Logs ${CLIENT_CONTAINER_NAME} + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path + Should Be True ${can_find_API_response} Cannot Find API response in logs + Should Be Equal As Strings ${api_response_code} ${expected_api_response_code} API return ${api_response_code} but expected: ${expected_api_response_code} + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code} -- cgit 1.2.3-korg