1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
import docker
import os
import shutil
import re
from OpenSSL import crypto
from docker.types import Mount
ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
MOUNT_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
ERROR_API_REGEX = 'Error on API response.*[0-9]{3}'
RESPONSE_CODE_REGEX = '[0-9]{3}'
class CertClientManager:
def run_client_container(self, client_image, container_name, path_to_env, request_url, network):
self.create_mount_dir()
client = docker.from_env()
environment = self.read_list_env_from_file(path_to_env)
environment.append("REQUEST_URL=" + request_url)
container = client.containers.run(
image=client_image,
name=container_name,
environment=environment,
network=network,
user='root', #Run container as root to avoid permission issues with volume mount access
mounts=[Mount(target='/var/certs', source=MOUNT_PATH, type='bind')],
detach=True
)
exitcode = container.wait()
return exitcode
def read_list_env_from_file(self, path):
f = open(path, "r")
r_list = []
for line in f:
line = line.strip()
if line[0] != "#":
r_list.append(line)
return r_list
def remove_client_container_and_save_logs(self, container_name, log_file_name):
client = docker.from_env()
container = client.containers.get(container_name)
text_file = open(ARCHIVES_PATH + "container_" + log_file_name + ".log", "w")
text_file.write(container.logs())
text_file.close()
container.remove()
self.remove_mount_dir()
def can_open_keystore_and_truststore_with_pass(self):
keystore_pass_path = MOUNT_PATH + '/keystore.pass'
keystore_jks_path = MOUNT_PATH + '/keystore.jks'
can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path)
truststore_pass_path = MOUNT_PATH + '/truststore.pass'
truststore_jks_path = MOUNT_PATH + '/truststore.jks'
can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path)
return can_open_keystore & can_open_truststore
def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path):
try:
password = open(pass_file_path, 'rb').read()
crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password)
return True
except:
return False
def create_mount_dir(self):
if not os.path.exists(MOUNT_PATH):
os.makedirs(MOUNT_PATH)
def remove_mount_dir(self):
shutil.rmtree(MOUNT_PATH)
def can_find_api_response_in_logs(self, container_name):
logs = self.get_container_logs(container_name)
api_logs = re.findall(ERROR_API_REGEX, logs)
if api_logs:
return True
else:
return False
def get_api_response_from_logs(self, container_name):
logs = self.get_container_logs(container_name)
error_api_message = re.findall(ERROR_API_REGEX, logs)
code = re.findall(RESPONSE_CODE_REGEX, error_api_message[0])
return code[0]
def get_container_logs(self, container_name):
client = docker.from_env()
container = client.containers.get(container_name)
logs = container.logs()
return logs
|
