blob: 4bda61982c3f797902484aa4f40d651be46c843d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
|
*** Settings ***
Resource ../../../common.robot
Resource ./cert-service-properties.robot
Library RequestsLibrary
Library Collections
Library Process
Library DateTime
Library ../libraries/CertClientManager.py ${MOUNT_PATH} ${TRUSTSTORE_PATH}
Library ../libraries/P12ArtifactsValidator.py ${MOUNT_PATH}
Library ../libraries/JksArtifactsValidator.py ${MOUNT_PATH}
Library ../libraries/PemArtifactsValidator.py ${MOUNT_PATH}
Library ../libraries/ResponseParser.py
Library json
*** Keywords ***
Create sessions
[Documentation] Create all required sessions
${certs}= Create List ${CERTSERVICE_SERVER_CRT} ${CERTSERVICE_SERVER_KEY}
Create Client Cert Session alias ${OOMCERT_URL} client_certs=${certs} verify=${ROOTCA}
Set Suite Variable ${https_valid_cert_session} alias
Run Healthcheck
[Documentation] Run Healthcheck
${resp}= Get Request ${https_valid_cert_session} /actuator/health
Should Be Equal As Strings ${resp.status_code} 200
Validate Recieved Response ${resp} status UP
Validate Recieved Response
[Documentation] Validare message that has been received
[Arguments] ${resp} ${key} ${expected_value}
${json}= Evaluate json.loads(r"""${resp.content}""", strict=False) json
${value}= Get From Dictionary ${json} ${key}
Log To Console ${value}
Should Be Equal As Strings ${value} ${expected_value}
Send Get Request And Validate Response
[Documentation] Send request to passed url and validate received response
[Arguments] ${path} ${resp_code}
${resp}= Get Request ${https_valid_cert_session} ${path}
Should Be Equal As Strings ${resp.status_code} ${resp_code}
Send Get Request with Header
[Documentation] Send request to passed url
[Arguments] ${path} ${csr_file} ${pk_file}
[Return] ${resp}
${headers}= Create Header with CSR and PK ${csr_file} ${pk_file}
${resp}= Get Request ${https_valid_cert_session} ${path} headers=${headers}
Send Get Request with Header And Expect Success
[Documentation] Send request to passed url and validate received response
[Arguments] ${path} ${csr_file} ${pk_file}
${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
Should Be Equal As Strings ${resp.status_code} 200
Check Message Recieved On Success ${resp.content}
Check Message Recieved On Success
[Documentation] Check if correct messsage has been sent on successful request
[Arguments] ${content}
${resp_content}= Evaluate json.loads(r"""${content}""", strict=False) json
Dictionary Should Contain Key ${resp_content} certificateChain
@{list}= Get From Dictionary ${resp_content} certificateChain
List Should Contain Certificates @{list}
Dictionary Should Contain Key ${resp_content} trustedCertificates
List Should Contain Certificates
[Documentation] Verify if list contains certificates
[Arguments] @{list}
FOR ${content} IN @{list}
Should Contain ${content} BEGIN CERTIFICATE
Should Contain ${content} END CERTIFICATE
END
Send Get Request with Header And Expect Error
[Documentation] Send request to passed url and validate received response
[Arguments] ${path} ${csr_file} ${pk_file} ${resp_code}
${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
Should Be Equal As Strings ${resp.status_code} ${resp_code}
Create Header with CSR and PK
[Documentation] Create header with CSR and PK
[Arguments] ${csr_file} ${pk_file}
[Return] ${headers}
${csr}= Get Data From File ${csr_file}
${pk}= Get Data From File ${pk_file}
${headers}= Create Dictionary CSR=${csr} PK=${pk}
Send Post Request And Validate Response
[Documentation] Send request to passed url and validate received response
[Arguments] ${path} ${resp_code}
${resp}= Post Request ${https_valid_cert_session} ${path}
Should Be Equal As Strings ${resp.status_code} ${resp_code}
Send Initialization Request And Key Update Request And Expect Success
[Documentation] Send initialization request and then key update request to passed urls and validate received response
[Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file}
${start_time}= Get Current Timestamp For Docker Log
Send Initialization Request And Update Request And Check Status Code ${path} ${update_path} ${csr_file} ${pk_file}
... ${update_csr_file} ${update_pk_file} 200
Verify Key Update Request Sent By Cert Service ${start_time}
Send Initialization Request And Certification Request And Expect Success
[Documentation] Send initialization request and then certification request to passed urls and validate received response
[Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file}
${start_time}= Get Current Timestamp For Docker Log
Send Initialization Request And Update Request And Check Status Code ${path} ${update_path} ${csr_file} ${pk_file}
... ${update_csr_file} ${update_pk_file} 200
Verify Certification Request Sent By Cert Service ${start_time}
Send Initialization Request And Key Update Request With Wrong Old Private Key And Expect Error
[Documentation] Send initialization request and then key update request to passed urls and expect status code 500
[Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file} ${wrong_old_pk_file}
${start_time}= Get Current Timestamp For Docker Log
${old_cert}= Send Certificate Initialization Request And Return Certificate ${path} ${csr_file} ${pk_file}
${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert} ${wrong_old_pk_file}
Should Be Equal As Strings ${resp.status_code} 500
Verify Key Update Request Sent By Cert Service ${start_time}
Send Update Request With Wrong Header And Expect Error
[Documentation] Send update request to passed url and expect wrong header response
[Arguments] ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
Should Be Equal As Strings ${resp.status_code} 400
Send Update Request With Missing Header And Expect Error
[Documentation] Send update request to passed url and expect wrong header response
[Arguments] ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file} ${header_to_remove}
${headers}= Create Header for Certificate Update ${update_csr_file} ${update_pk_file} ${old_cert_base64} ${old_pk_file}
Remove From Dictionary ${headers} ${header_to_remove}
${resp}= Get Request ${https_valid_cert_session} ${update_path} headers=${headers}
Should Be Equal As Strings ${resp.status_code} 400
Send Initialization Request And Update Request And Check Status Code
[Documentation] Send certificate update request and check status code
[Arguments] ${path} ${update_path} ${csr_file} ${pk_file} ${update_csr_file} ${update_pk_file} ${expected_status_code}
${old_cert}= Send Certificate Initialization Request And Return Certificate ${path} ${csr_file} ${pk_file}
${resp}= Send Certificate Update Request And Return Response ${update_path} ${update_csr_file} ${update_pk_file} ${old_cert} ${pk_file}
Should Be Equal As Strings ${resp.status_code} ${expected_status_code}
Send Certificate Initialization Request And Return Certificate
[Documentation] Send certificate initialization request and return base64 encoded certificate from response
[Arguments] ${path} ${csr_file} ${pk_file}
[Return] ${base64Certificate}
${resp}= Send Get Request with Header ${path} ${csr_file} ${pk_file}
${json}= Evaluate json.loads(r"""${resp.content}""", strict=False) json
${base64Certificate}= Parse Response ${json}
Send Certificate Update Request And Return Response
[Documentation] Send certificate update request and return response code
[Arguments] ${path} ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
[Return] ${resp}
${headers}= Create Header for Certificate Update ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
${resp}= Get Request ${https_valid_cert_session} ${path} headers=${headers}
Create Header for Certificate Update
[Documentation] Create header with CSR and PK, OLD_CERT and OLD_PK
[Arguments] ${csr_file} ${pk_file} ${old_cert} ${old_pk_file}
[Return] ${headers}
${csr}= Get Data From File ${csr_file}
${pk}= Get Data From File ${pk_file}
${old_pk}= Get Data From File ${old_pk_file}
${headers}= Create Dictionary CSR=${csr} PK=${pk} OLD_CERT=${old_cert} OLD_PK=${old_pk}
Verify Key Update Request Sent By Cert Service
[Documentation] Verify that request was key update request
[Arguments] ${start_time}
${result}= Run Process docker logs oomcert-service --since ${start_time} shell=yes
Should Contain ${result.stdout} ${EXPECTED_KUR_LOG}
Verify Certification Request Sent By Cert Service
[Documentation] Verify that request was certification request
[Arguments] ${start_time}
${result}= Run Process docker logs oomcert-service --since ${start_time} shell=yes
Should Contain ${result.stdout} ${EXPECTED_CR_LOG}
Get Current Timestamp For Docker Log
[Documentation] Gets current timestamp valid for docker
[Return] ${timestamp}
${timestamp}= Get Current Date result_format=%Y-%m-%dT%H:%M:%S.%f
Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${can_open}= Can Open Keystore And Truststore With Pass
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase
Run Cert Service Client And Validate JKS File Creation And Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${can_open}= Can Open Keystore And Truststore With Pass Jks
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase
Run Cert Service Client And Validate PKCS12 Files Contain Expected Data
[Documentation] Run Cert Service Client Container And Validate PKCS12 Files Contain Expected Data
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${data} ${isEqual}= Get And Compare Data P12 ${env_file}
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
Run Cert Service Client And Validate JKS Files Contain Expected Data
[Documentation] Run Cert Service Client Container And Validate JKS Files Contain Expected Data
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${data} ${isEqual}= Get And Compare Data Jks ${env_file}
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
Run Cert Service Client And Validate PEM Files Contain Expected Data
[Documentation] Run Cert Service Client Container And Validate PEM Files Contain Expected Data
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${existNotEmpty}= Artifacts Exist And Are Not Empty
${data} ${isEqual}= Get And Compare Data Pem ${env_file}
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
Should Be True ${existNotEmpty} PEM artifacts not created properly
Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData}
Run Cert Service Client And Validate Http Response Code And Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
[Arguments] ${env_file} ${expected_api_response_code} ${expected_exit_code}
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
${can_find_API_response}= Can Find Api Response In Logs ${CLIENT_CONTAINER_NAME}
${api_response_code}= Get Api Response From Logs ${CLIENT_CONTAINER_NAME}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path
Should Be True ${can_find_API_response} Cannot Find API response in logs
Should Be Equal As Strings ${api_response_code} ${expected_api_response_code} API return ${api_response_code} but expected: ${expected_api_response_code}
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
Run Cert Service Client And Validate Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
[Arguments] ${env_file} ${expected_exit_code}
[Teardown] Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path
${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK}
Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
|
