diff options
-rw-r--r-- | test/mocks/pnf-onboarding/README.md | 19 | ||||
-rw-r--r-- | test/mocks/pnf-onboarding/pom.xml | 94 | ||||
-rw-r--r-- | test/mocks/pnf-onboarding/src/main/assembly/signedZipCmsIncludesCert.xml | 15 |
3 files changed, 91 insertions, 37 deletions
diff --git a/test/mocks/pnf-onboarding/README.md b/test/mocks/pnf-onboarding/README.md index 8440b3483..b14b34d95 100644 --- a/test/mocks/pnf-onboarding/README.md +++ b/test/mocks/pnf-onboarding/README.md @@ -1,25 +1,26 @@ - PNF Package for Integration Test ================================ -**NOTE: Currently this solution only works on Linux OS and requires openssl to be preinstalled.** +**NOTE: Requires openssl to be preinstalled.** -This module builds 2 PNF packages based on the files in `/src/main/resources/csarContent/` +This module builds 3 PNF packages based on the files in `/src/main/resources/csarContent/` -1. unsigned package: `sample-pnf-1.0.1-SNAPSHOT.csar` -2. signed package: `sample-signed-pnf-1.0.1-SNAPSHOT.zip` +1. unsigned package: + `sample-pnf-1.0.1-SNAPSHOT.csar` -The signed package is based on ETSI SOL004 Security Option 2. It contains the csar, cert and cms files. +2. signed packages: + A) `sample-signed-pnf-1.0.1-SNAPSHOT.zip` + B) `sample-signed-pnf-cms-includes-cert-1.0.1-SNAPSHOT.zip` + The signed packages are based on ETSI SOL004 Security Option 2. They contain csar, cert and cms files. In package B cms includes cert. The packages are generated by running the following command in the same directory as this readme file i.e. pnf-onboarding directory: > `$ mvn clean install` The packages will be stored in the maven generated `target` directory. -To be able to use the signed package in SDC the `src/main/resources/securityContent/root.cert` file has to be loaded into SDC onboarding backend container. +To be able to use the signed packages in SDC the `src/main/resources/securityContent/root.cert` file has to be loaded into SDC onboarding backend container. If SDC is running in containers locally then the following commands could be used to copy the root.cert to the default location in SDC Onboarding Container. It is assumed that the commands are executed from inside pnf-onboarding directory. > `$ docker exec -it <sdc-onboard-backend-container-id> mkdir -p /var/lib/jetty/cert` - -> `$ docker cp src/main/resources/securityContent/root.cert <sdc-onboard-backend-container-id>:/var/lib/jetty` +> `$ docker cp src/main/resources/securityContent/root.cert <sdc-onboard-backend-container-id>:/var/lib/jetty/cert`
\ No newline at end of file diff --git a/test/mocks/pnf-onboarding/pom.xml b/test/mocks/pnf-onboarding/pom.xml index 7f513eb00..e9b057d6f 100644 --- a/test/mocks/pnf-onboarding/pom.xml +++ b/test/mocks/pnf-onboarding/pom.xml @@ -19,6 +19,7 @@ <onap.nexus.url>https://nexus.onap.org</onap.nexus.url> <csar.name>sample-pnf-${version}</csar.name> <signed.csar.name>sample-signed-pnf-${version}</signed.csar.name> + <signed.csar.name.cms.includes.cert>sample-signed-pnf-cms-includes-cert-${version}</signed.csar.name.cms.includes.cert> </properties> <build> @@ -86,15 +87,8 @@ <destinationFile>${project.build.directory}/${csar.name}.csar</destinationFile> </configuration> </execution> - </executions> - </plugin> - <plugin> - <groupId>com.coderplus.maven.plugins</groupId> - <artifactId>copy-rename-maven-plugin</artifactId> - <version>1.0</version> - <executions> <execution> - <id>copy-csar-and-cert-to-signed-csar-dir</id> + <id>copy-csar-and-cert-to-signed-csar-dirs</id> <phase>prepare-package</phase> <goals> <goal>copy</goal> @@ -109,6 +103,10 @@ <sourceFile>${project.build.directory}/${csar.name}.csar</sourceFile> <destinationFile>${project.build.directory}/signed-csar/${csar.name}.csar</destinationFile> </fileSet> + <fileSet> + <sourceFile>${project.build.directory}/${csar.name}.csar</sourceFile> + <destinationFile>${project.build.directory}/signed-csar-cms-includes-cert/${csar.name}.csar</destinationFile> + </fileSet> </fileSets> </configuration> </execution> @@ -117,7 +115,7 @@ <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>exec-maven-plugin</artifactId> - <version>1.3.2</version> <!-- Check version --> + <version>1.3.2</version> <executions> <execution> <id>generate-signature</id> @@ -125,27 +123,52 @@ <goals> <goal>exec</goal> </goals> + <configuration> + <executable>openssl</executable> + <arguments> + <argument>cms</argument> + <argument>-sign</argument> + <argument>-binary</argument> + <argument>-nocerts</argument> + <argument>-outform</argument> + <argument>pem</argument> + <argument>-signer</argument> + <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf.cert</argument> + <argument>-inkey</argument> + <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf-private-key.pem</argument> + <argument>-in</argument> + <argument>${project.build.directory}/signed-csar/${csar.name}.csar</argument> + <argument>-out</argument> + <argument>${project.build.directory}/signed-csar/${csar.name}.cms</argument> + </arguments> + </configuration> + </execution> + <execution> + <id>generate-signature-cms-includes-cert</id> + <phase>prepare-package</phase> + <goals> + <goal>exec</goal> + </goals> + <configuration> + <executable>openssl</executable> + <arguments> + <argument>cms</argument> + <argument>-sign</argument> + <argument>-binary</argument> + <argument>-outform</argument> + <argument>pem</argument> + <argument>-signer</argument> + <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf.cert</argument> + <argument>-inkey</argument> + <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf-private-key.pem</argument> + <argument>-in</argument> + <argument>${project.build.directory}/signed-csar-cms-includes-cert/${csar.name}.csar</argument> + <argument>-out</argument> + <argument>${project.build.directory}/signed-csar-cms-includes-cert/${csar.name}.cms</argument> + </arguments> + </configuration> </execution> </executions> - <configuration> - <executable>openssl</executable> - <arguments> - <argument>cms</argument> - <argument>-sign</argument> - <argument>-binary</argument> - <argument>-nocerts</argument> - <argument>-outform</argument> - <argument>pem</argument> - <argument>-signer</argument> - <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf.cert</argument> - <argument>-inkey</argument> - <argument>${project.basedir}/src/main/resources/securityContent/sample-pnf-private-key.pem</argument> - <argument>-in</argument> - <argument>${project.build.directory}/signed-csar/${csar.name}.csar</argument> - <argument>-out</argument> - <argument>${project.build.directory}/signed-csar/${csar.name}.cms</argument> - </arguments> - </configuration> </plugin> <plugin> <artifactId>maven-assembly-plugin</artifactId> @@ -166,6 +189,21 @@ </descriptors> </configuration> </execution> + <execution> + <id>make-signed-csar-zip-file-cms-includes-cert</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + <configuration> + <finalName>${signed.csar.name.cms.includes.cert}</finalName> + <attach>false</attach> + <appendAssemblyId>false</appendAssemblyId> + <descriptors> + <descriptor>src/main/assembly/signedZipCmsIncludesCert.xml</descriptor> + </descriptors> + </configuration> + </execution> </executions> </plugin> <plugin> diff --git a/test/mocks/pnf-onboarding/src/main/assembly/signedZipCmsIncludesCert.xml b/test/mocks/pnf-onboarding/src/main/assembly/signedZipCmsIncludesCert.xml new file mode 100644 index 000000000..856db12ff --- /dev/null +++ b/test/mocks/pnf-onboarding/src/main/assembly/signedZipCmsIncludesCert.xml @@ -0,0 +1,15 @@ +<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.0 http://maven.apache.org/xsd/assembly-1.1.0.xsd"> + <id>onap_secure_csar_cms_includes_cert</id> + <formats> + <format>zip</format> + </formats> + <includeBaseDirectory>false</includeBaseDirectory> + <fileSets> + <fileSet> + <directory>${project.build.directory}/signed-csar-cms-includes-cert</directory> + <outputDirectory></outputDirectory> + </fileSet> + </fileSets> +</assembly> + |