From c746882a07952a0cd460e6fa8bcac246289db6b9 Mon Sep 17 00:00:00 2001 From: Krzysztof Gajewski Date: Mon, 1 Feb 2021 17:46:51 +0100 Subject: Add HTTPS to DFC tests - testing environment preparation for DFC with HTTPS client (expand existing http server) - add suitable TCs for CSIT tests Issue-ID: DCAEGEN2-2528 Signed-off-by: Krzysztof Gajewski Change-Id: Ifa8abb827e269d76144fc74c65031dd387fe5fe7 --- .../auto-test/FTC400.sh | 87 ++++ .../auto-test/FTC401.sh | 87 ++++ .../auto-test/FTC402.sh | 87 ++++ .../auto-test/FTC403.sh | 87 ++++ .../auto-test/FTC404.sh | 87 ++++ .../auto-test/SingleFileSuite.sh | 32 +- .../certservice/generated-certs/apache-pem/key.pem | 28 ++ .../generated-certs/apache-pem/keystore.pem | 26 + .../generated-certs/apache-pem/truststore.pem | 28 ++ .../generated-certs/dfc-p12/keystore.p12 | Bin 0 -> 2857 bytes .../generated-certs/dfc-p12/keystore.pass | 1 + .../generated-certs/dfc-p12/truststore.p12 | Bin 0 -> 1530 bytes .../generated-certs/dfc-p12/truststore.pass | 1 + .../certservice/merger/merge-certs.env | 4 + .../datafilecollector-testharness/common/README.md | 12 +- .../common/test_env.sh | 27 +- .../common/testcase_common.sh | 71 ++- .../http-https-server/.gitignore | 2 +- .../http-https-server/Dockerfile-http | 8 - .../http-https-server/Dockerfile-http-https | 15 + .../http-https-server/README.md | 32 ++ .../http-https-server/apache2/conf/.htpasswd | 1 + .../apache2/conf/extra/httpd-ssl.conf | 65 +++ .../http-https-server/apache2/conf/httpd.conf | 559 +++++++++++++++++++++ .../http-https-server/configuration/htpasswd | 1 - .../http-https-server/configuration/httpd.conf | 553 -------------------- .../http-https-server/docker-compose.yml | 17 +- .../http-https-server/test_cases.yml | 6 +- .../datafilecollector-testharness/mr-sim/README.md | 14 +- .../datafilecollector-testharness/mr-sim/mr-sim.py | 120 ++++- .../simulator-group/README.md | 6 +- .../simulator-group/consul/c12_feed1_PM.json | 8 +- .../consul/c12_feed1_PM_feed2_CTR.json | 8 +- .../simulator-group/consul/c12_feed2_CTR.json | 8 +- .../consul/c12_feed2_CTR_feed3_LOG_TEMP.json | 8 +- .../simulator-group/consul/c12_feed2_PM.json | 8 +- .../simulator-group/consul/c12_feed2_PM_HTTPS.json | 36 ++ .../simulator-group/consul/c12_feed2_PM_MEAS.json | 8 +- ..._feed2_PM_MEAS_no_strict_host_key_checking.json | 8 +- .../consul/c12_feed2_PM_secureMR.json | 8 +- .../simulator-group/consul/c12_feed3_PM_CTR.json | 8 +- .../simulator-group/consul/c13_feed2_CTR.json | 8 +- .../simulator-group/consul/c14_feed3_LOG.json | 8 +- .../consul/c15_feed1_PM_feed4_TEST.json | 8 +- .../consul/c16_feed4_TEST_feed5_TEMP.json | 8 +- .../simulator-group/docker-compose-setup.sh | 11 + .../simulator-group/docker-compose-template.yml | 52 +- .../simulator-group/prepare-images.sh | 11 +- .../simulator-group/simulators-kill.sh | 21 +- .../simulator-group/simulators-start.sh | 75 ++- 50 files changed, 1654 insertions(+), 720 deletions(-) create mode 100755 test/mocks/datafilecollector-testharness/auto-test/FTC400.sh create mode 100755 test/mocks/datafilecollector-testharness/auto-test/FTC401.sh create mode 100755 test/mocks/datafilecollector-testharness/auto-test/FTC402.sh create mode 100755 test/mocks/datafilecollector-testharness/auto-test/FTC403.sh create mode 100755 test/mocks/datafilecollector-testharness/auto-test/FTC404.sh create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 create mode 100644 test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass create mode 100644 test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env delete mode 100644 test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http create mode 100644 test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https create mode 100644 test/mocks/datafilecollector-testharness/http-https-server/README.md create mode 100644 test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd create mode 100644 test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf create mode 100644 test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf delete mode 100644 test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd delete mode 100644 test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf create mode 100644 test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh new file mode 100755 index 000000000..6dacd49ec --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC400.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc400" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh new file mode 100755 index 000000000..953f41ca2 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC401.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 5MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc401" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="5MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 5000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh new file mode 100755 index 000000000..c406c1f2e --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC402.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 50MB file from one PNF in one event using HTTPS, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc402" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="50MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 50000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh new file mode 100755 index 000000000..86c0f7e28 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC403.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS client certificate authentication, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc403" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh b/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh new file mode 100755 index 000000000..90ef7ccf0 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/auto-test/FTC404.sh @@ -0,0 +1,87 @@ +#!/bin/bash +# +# Copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# + +TC_ONELINE_DESCR="One 1MB file from one PNF in one event using HTTPS no clientt authentication, from poll to publish" + +. ../common/testcase_common.sh $1 $2 + +#### TEST BEGIN #### + +clean_containers + +export MR_TC="--tc404" +export MR_GROUPS="OpenDcae-c12:PM_MEAS_FILES" +export MR_FILE_PREFIX_MAPPING="PM_MEAS_FILES:A" + +export DR_TC="--tc normal" +export DR_FEEDS="2:A" + +export DR_REDIR_TC="--tc normal" +export DR_REDIR_FEEDS="2:A" + +export NUM_HTTPFILES="10" +export NUM_PNFS="1" +export FILE_SIZE="1MB" +export HTTP_TYPE="HTTPS" +export HTTP_FILE_PREFIXES="A" +export NUM_HTTP_SERVERS=1 + +log_sim_settings + +start_simulators + +consul_config_app 0 "../simulator-group/consul/c12_feed2_PM_HTTPS.json" + +mr_equal ctr_requests 0 60 +dr_equal ctr_published_files 0 60 + +mr_print tc_info +dr_print tc_info +drr_print tc_info + +start_dfc 0 + +dr_equal ctr_published_files 1 60 + +sleep_wait 30 + +dr_equal ctr_published_files 1 + +mr_greater ctr_requests 1 + +mr_equal ctr_events 1 +mr_equal ctr_unique_files 1 +mr_equal ctr_unique_PNFs 1 + +dr_equal ctr_publish_query 1 +dr_equal ctr_publish_query_bad_file_prefix 0 +dr_equal ctr_publish_query_published 0 +dr_equal ctr_publish_query_not_published 1 +dr_equal ctr_publish_req 1 +dr_equal ctr_publish_req_bad_file_prefix 0 +dr_equal ctr_publish_req_redirect 1 +dr_equal ctr_publish_req_published 0 +dr_equal ctr_published_files 1 +dr_equal ctr_double_publish 0 + +drr_equal ctr_publish_requests 1 +drr_equal ctr_publish_requests_bad_file_prefix 0 +drr_equal ctr_publish_responses 1 + +drr_equal dwl_volume 1000000 + +check_dfc_logs + +#### TEST COMPLETE #### + +store_logs END + +print_result diff --git a/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh b/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh index bfe9b9e4f..0593c52bb 100755 --- a/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh +++ b/test/mocks/datafilecollector-testharness/auto-test/SingleFileSuite.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# TS_ONELINE_DESCR="Single file tests suite" @@ -8,15 +17,20 @@ suite_setup ############# TEST CASES ################# -./FTC1.sh $1 $2 -./FTC2.sh $1 $2 -./FTC3.sh $1 $2 -./FTC4.sh $1 $2 -./FTC5.sh $1 $2 -./FTC6.sh $1 $2 -./FTC7.sh $1 $2 -./FTC8.sh $1 $2 -./FTC9.sh $1 $2 +./FTC1.sh "$1" "$2" +./FTC2.sh "$1" "$2" +./FTC3.sh "$1" "$2" +./FTC4.sh "$1" "$2" +./FTC5.sh "$1" "$2" +./FTC6.sh "$1" "$2" +./FTC7.sh "$1" "$2" +./FTC8.sh "$1" "$2" +./FTC9.sh "$1" "$2" +./FTC400.sh "$1" "$2" +./FTC401.sh "$1" "$2" +./FTC402.sh "$1" "$2" +./FTC403.sh "$1" "$2" +./FTC404.sh "$1" "$2" ########################################## diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem new file mode 100644 index 000000000..b876f2a99 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/key.pem @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCTVPk0SJYjfGLZ +ToXsNWVDQTjgsCJ/8YtPl4Z+kT0DJJO6CusCZnsTknr0exzu2WuXpoC4Y7w79civ +1sOWMqRI+wwNtXGDyoJPFCOAiWk8aeOS1mXM4g+tFZjDjMJbbjbeaQbFLOJw+1ri +6PI7gQPz4pPGY+Yd8pKo8WubRSWWlM2HSKp0Fmdt5elmjSqBKJMhvv0SzDt7YwNv +fOVCayGDyIe99trmalv+dpgP8WVSqm/hupDo4LwFcoZDrlphZWjDurRpPFqwyXB7 +VUp12Bu7LeFsxcGz9uVCnh1Ol2rWU9zHgI32r/9JbzWOqF+DdvQxJ9Ce43Slxs+j +lONjPfSVAgMBAAECggEAIBEGjFKgGukfupxUmayldZXkg0LSv3YbFB+uri1+UgjL +/loR/FvBvejLyhphmbrIqCEdMwTCG2rLWzorJ62uBBRf8zvikQSqh/uiHn/J39RM +K9FuJsGtF8bzkNw6ERxT5OSHDLNQNbb/eROqZTkXWyWddDiaBTqeoRaqjQjnvXYf +2nchun8UfNrNO1Hnxf1shYNMgYpdSIYybh6+BmNgUpm1R22as7oD/o+xtTJhp8/s +k8PybdV4a3JufZcPZKCCA4+XPtxLejDBIpV8ndoriaz+qcR3pd0VaXVPC8qSGOoX +IaYAQQx9UvenOIcpPfUMmtO7FilEZDaK7IQXPsTMoQKBgQDmqsTL3aL7a3OufCEo +3dC5iv5bm3IcTPNA2kINh0k8n3nllfKQwZzyKqtT7uzKxo3XuQMF2NL9q6ZcwpPG +BZCDBLoOGgnRZF5KzPArHoLUeI1KINGcVBpYZpxpS6ys3CNQFhov8wC/E7dys7+j +jxZ70BKzKb+OceuVBzT3mrsRRwKBgQCjgzpIO2hidnhd1sRlI8Cd84HZzjy1mXvE +g/q7f2Dyti6eHaCbrBysb/Dg+OLiJ0qarV+0qx63lgyYDyWLrYeIfaVIlKAwKeJB +5/6fNZ0vpPgGKUuPSxnxY+0plQzznO6ldwPWox1nj11pQlCCbnLyIsN03N6BT/Hu +B1uwk+OZQwKBgQDdULvBXsYhtNcpcq/eJfU+EL475sl1nd9HOiJmGIeMQvcR8Ozr +Ntj/ATGhNny7kgZGFJ1x3reR7D+SgJ6IQI6HJuHc5d7FqSdPXZKRzJR6h7AIj7SN +6aPdbZZk8NachBrdnFdD6kOtEZ3Rz+TvaTqJUPqgLE4+vc7rDh8j8rHJwQKBgAJ5 +mgg93faflHLXLWHaiK/bX7vMQ178U8NFvCXaZ71ExK/gAu5YTJbPmvXMzqJdteNh +fHFfpbdhrg8fK5JRrhuCy12t4j7YY3Rb7p66UQbHmHl/ZoVkvZ/Jw209tFR7q6EV +jBlTnr5SjTdqqY1P3q2LmSnLrhKHA0J3GgwyMN/BAoGAbwJrqrTD5al5GZDmQLpF +18ncYSp26/l4Na0vzAU+0JzNvbTyDLfWXXfx1+Ap4omI12gKp+hPVzvy4R2Pvw29 +vrSmKIluW/8NhCwyndJqmR3/TfLJNbVoCCP5PoXCJScCNia/4syxBHd+8B/Mbh/Q +Vh3VsUe1aj3w3k/zgiHM7Ec= +-----END RSA PRIVATE KEY----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem new file mode 100644 index 000000000..c541ef03a --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/keystore.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEcTCCAtmgAwIBAgIUOGJE5uY0d4BxflhwhgzVZnYRZcwwDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRhNzdhNzMxOTYxZjYwMzkxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjEwMjEwMTUyMDI5WhcNMjMwMjEwMTUxMjA3WjB3MREwDwYDVQQD +DAhvbmFwLm9yZzENMAsGA1UECwwET05BUDEZMBcGA1UECgwQTGludXgtRm91bmRh +dGlvbjEWMBQGA1UEBwwNU2FuLUZyYW5jaXNjbzETMBEGA1UECAwKQ2FsaWZvcm5p +YTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT +VPk0SJYjfGLZToXsNWVDQTjgsCJ/8YtPl4Z+kT0DJJO6CusCZnsTknr0exzu2WuX +poC4Y7w79civ1sOWMqRI+wwNtXGDyoJPFCOAiWk8aeOS1mXM4g+tFZjDjMJbbjbe +aQbFLOJw+1ri6PI7gQPz4pPGY+Yd8pKo8WubRSWWlM2HSKp0Fmdt5elmjSqBKJMh +vv0SzDt7YwNvfOVCayGDyIe99trmalv+dpgP8WVSqm/hupDo4LwFcoZDrlphZWjD +urRpPFqwyXB7VUp12Bu7LeFsxcGz9uVCnh1Ol2rWU9zHgI32r/9JbzWOqF+DdvQx +J9Ce43Slxs+jlONjPfSVAgMBAAGjgYowgYcwDAYDVR0TAQH/BAIwADAfBgNVHSME +GDAWgBSVNWKlCol8dwbm9DGRVjhySQviKTAnBgNVHSUEIDAeBggrBgEFBQcDAgYI +KwYBBQUHAwQGCCsGAQUFBwMBMB0GA1UdDgQWBBQft80LFwbI2ltsHHs80O/Rre0Y +LjAOBgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQELBQADggGBAAIwbJHtize60YkA +jW8r93wqcWA6xyTKXiR5JW5TDjboOjwwrpns/cga4rIAN+a1jxhM2dfQUbNiafAG ++4BwAxa3Oe/jgGGaKvB1RFaNZpbQ3zR9A97KB9LMK9jIPPZq4vOUIXmcpoKcW/wI +Ubn6eXqPM+ikL4+NZyCgf/+WWoYUe57E9D1ftsZBDrxy5jGxngNYPtjOVir05bmd +mLW0IPYRfrtyBowrK8tMksChvsxaSoODZBl7t2OSg7dZ8c808jQSMBcs2S+6+xDU +37PwLcmwkq7jtSl5ujmR9WtHUpZApwazSboiGmxAoZBPpp9wTKWgy1xIATqcUCdx +hkLWtdkOh4Kas5AZR3wDVzOLaLvzcdfZ7MD3+0hF5R4gFv4fgpwUm3rWV1eEu7xj +nAO1gZNnVVdRpYY2Six9lpOpG81klBnd2DpcrZeP5eGi4ka3mqqSXW51jxUBk1dA +rrgs3EMb/0h2a1HPJ5Vx7qfPMtUrouDUwtlE4R4QtXI+gPDYBA== +-----END CERTIFICATE----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem new file mode 100644 index 000000000..bdc921182 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/apache-pem/truststore.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEszCCAxugAwIBAgIUXdztVMaxBJq+K0DnVEn21jUaVUUwDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRhNzdhNzMxOTYxZjYwMzkxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjEwMjEwMTUyMDI5WhcNMzEwMjEwMTUyMDI5WjBhMSMwIQYKCZIm +iZPyLGQBAQwTYy0wNGE3N2E3MzE5NjFmNjAzOTEVMBMGA1UEAwwMTWFuYWdlbWVu +dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBAMm52gFqo3WJliqiCdL9DpfaOgJI+S4e +lp45i0laGUwCv4c93qECYvauV1W6bR2wMIb1684j7LBpr25TMyKT6ZeZ1qVwB9ri +6XgdptVxw0ijGtUUKpf2ewbLqOyyiX20EEvfBD00luyhQizwsg8OcbbZcc/7pl/e +o1GgQV9loF6bV9wBQeDt0KtZMnXeQoFejhqkYRDB61PXefqhHqpSxi1NVJJiSSIB +udkFqdzhAVCu2QknNYRzt9zn1qchzwFuzZt5ureiVKk7ih7yIuw8eBm9RgFJBZO2 +48ZxlAQXlG5AUQN1sWSg0fPzgwO9AZLUP9b0iLhTQozXGEKhtjzF2EhUL2MvL/JY +nx+tO88j1EdgmqUsoUUhBQsewju+8a5z3eqdtxqRhn0q2AM3WFdEqzMI43L0/Lwj +jcPWqn9FmNXwtbNNK8EI3IxFLsooMAWceHpz9BQ9UNcq5jGyjE8ED8bGuorDxncl +pCEkmjrbdpmk3YmKgDZ8hPY7O3eoEhES+QIDAQABo2MwYTAPBgNVHRMBAf8EBTAD +AQH/MB8GA1UdIwQYMBaAFJU1YqUKiXx3Bub0MZFWOHJJC+IpMB0GA1UdDgQWBBSV +NWKlCol8dwbm9DGRVjhySQviKTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL +BQADggGBAHVm2xjIPtD3qjHgGWBjT+4wwjbc2oAYtQoGzXGztvqtmaLLkMEV+F6p +p1qQTNXn28fDC1hAhzI921xjIo4uya1mctnRvrcXy/tNq/nFqAGrTOxg0iO2Y+yJ +Cwi7G3WooHgEsxBTOMIlD9uoUd1sowq6AHA2usKUHtAf7AMf1zHX082/GsD7w5wh +gcB8pP8EBghYoVZ6NQLyzlBOAyacbWo5q505fDRs3bDeVVLVNN/pgS+uIFHhHhQ8 +PLYukbDJ09hPvPc+k4zTrbvQcOh7ftdKp5W3xRUDjmszMiXu7B7DXK48LGnD/vdg +HQAII84zpu9JC1xlJAZfFIUvoLBjyYda3B6nxXr32bih1Sjpn72P9QVDmvKtpHUp +f5pAzL8/y/bEuiaCvzauqC+eoXRi8hlOMzQ0S0xIANlJrQdwj/r/qwzeBW4Vbdo/ +k/VKx1KR8cfSXrXuTz0CITbZAcq5S6kD+z9iFmJrx2wdtTwXog9XLp1UcATUxxki +w+5qVOtR4w== +-----END CERTIFICATE----- diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 new file mode 100644 index 000000000..bfe1637e0 Binary files /dev/null and b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.p12 differ diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass new file mode 100644 index 000000000..1bce434bd --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/keystore.pass @@ -0,0 +1 @@ +3vxKHIIQ9kEDQsZ6PBg4_LNb \ No newline at end of file diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 new file mode 100644 index 000000000..6bd0e2759 Binary files /dev/null and b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.p12 differ diff --git a/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass new file mode 100644 index 000000000..a3ecdf21b --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/generated-certs/dfc-p12/truststore.pass @@ -0,0 +1 @@ +B9BWYIw8YAHPRcF1lU9rZZUc \ No newline at end of file diff --git a/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env b/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env new file mode 100644 index 000000000..756787866 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/certservice/merger/merge-certs.env @@ -0,0 +1,4 @@ +KEYSTORE_SOURCE_PATHS=/opt/app/datafile/etc/cert/external/keystore.p12:/opt/app/datafile/etc/cert/external/keystore.pass +TRUSTSTORES_PASSWORDS_PATHS=/opt/app/datafile/etc/cert/trust.pass:/opt/app/datafile/etc/cert/external/truststore.pass +TRUSTSTORES_PATHS=/opt/app/datafile/etc/cert/trust.jks:/opt/app/datafile/etc/cert/external/truststore.p12 +KEYSTORE_DESTINATION_PATHS=/opt/app/datafile/etc/cert/cert.p12:/opt/app/datafile/etc/cert/p12.pass diff --git a/test/mocks/datafilecollector-testharness/common/README.md b/test/mocks/datafilecollector-testharness/common/README.md index dc57e09df..736ed4819 100644 --- a/test/mocks/datafilecollector-testharness/common/README.md +++ b/test/mocks/datafilecollector-testharness/common/README.md @@ -63,14 +63,14 @@ Stop a FTPES container with the supplied instance id (0-5). **start_ftpes \**: Start a previously stopped FTPES container with the supplied instance id (0-5). -**kill_http \**: -Stop and remove a HTTP container with the supplied instance id (0-5). +**kill_http_https \**: +Stop and remove a HTTP/HTTPS container with the supplied instance id (0-5). -**stop_http \**: -Stop a HTTP container with the supplied instance id (0-5). +**stop_http_https \**: +Stop a HTTP/HTTPS container with the supplied instance id (0-5). -**start_http \**: -Start a previously stopped HTTP container with the supplied instance id (0-5). +**start_http_https \**: +Start a previously stopped HTTP/HTTPS container with the supplied instance id (0-5). **mr_print \**: Print a variable value from the MR simulator. diff --git a/test/mocks/datafilecollector-testharness/common/test_env.sh b/test/mocks/datafilecollector-testharness/common/test_env.sh index a5ea8a17e..d565ea7ed 100644 --- a/test/mocks/datafilecollector-testharness/common/test_env.sh +++ b/test/mocks/datafilecollector-testharness/common/test_env.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # This env variable is only needed if the auto test scripts tests are executed in a different folder than 'auto-test' in the integration repo # Change '' to your path to the integration repo. In addition to the auto-test, the 'common' dir is needed if not executed in the @@ -36,11 +45,11 @@ DFC_MAX_NUM=5 #Max number of dfc containers to run in p DFC_MAX_IDX=$(($DFC_MAX_NUM - 1)) #Max index of the dfc containers SFTP_BASE="dfc_sftp-server" #Base name of the dfc_sftp-server containers. Instance 0 will be named dfc_sftp-server0, instance 1 will named dfc_sftp-server1 etc FTPES_BASE="dfc_ftpes-server-vsftpd" #Base name of the dfc_ftpes-server-vsftpd containers. Instance 0 will be named dfc_ftpes-server-vsftpd0, instance 1 will named dfc_ftpes-server-vsftpd1 etc -HTTP_BASE="dfc_http-server" #Base name of the dfc_http-server containers. Instance 0 will be named dfc_http-server0, instance 1 will named dfc_http-server1 etc +HTTP_HTTPS_BASE="dfc_http-https-server" #Base name of the dfc_http-https-server containers. Instance 0 will be named dfc_http-https-server0, instance 1 will named dfc_http-https-server1 etc FTP_MAX_NUM=5 #Max number of sftp and ftpes containers to run in paralell in auto test -HTTP_MAX_NUM=5 #Max number of http containers to run in paralell in auto test +HTTP_MAX_NUM=5 #Max number of http/https containers to run in paralell in auto test FTP_MAX_IDX=$(($FTP_MAX_NUM - 1)) #Max index of sftp and ftpes containers -HTTP_MAX_IDX=$(($HTTP_MAX_NUM - 1)) #Max index of http containers +HTTP_MAX_IDX=$(($HTTP_MAX_NUM - 1)) #Max index of http/https containers #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network SFTP_SIMS_CONTAINER="sftp-server0:22,sftp-server1:22,sftp-server2:22,sftp-server3:22,sftp-server4:22" @@ -48,8 +57,10 @@ SFTP_SIMS_CONTAINER="sftp-server0:22,sftp-server1:22,sftp-server2:22,sftp-server #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network FTPES_SIMS_CONTAINER="ftpes-server-vsftpd0:21,ftpes-server-vsftpd1:21,ftpes-server-vsftpd2:21,ftpes-server-vsftpd3:21,ftpes-server-vsftpd4:21" -#List of http server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network -HTTP_SIMS_CONTAINER="http-server0:80,http-server1:80,http-server2:80,http-server3:80,http-server4:80" +#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc and the simulators in a private docker network +HTTP_SIMS_CONTAINER="http-https-server0:80,http-https-server1:80,http-https-server2:80,http-https-server3:80,http-https-server4:80" +HTTPS_SIMS_CONTAINER="http-https-server0:443,http-https-server1:443,http-https-server2:443,http-https-server3:443,http-https-server4:443" +HTTPS_SIMS_NO_AUTH_CONTAINER="http-https-server0:8080,http-https-server1:8080,http-https-server2:8080,http-https-server3:8080,http-https-server4:8080" #List of sftp server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network SFTP_SIMS_LOCALHOST="localhost:1022,localhost:1023,localhost:1024,localhost:1025,localhost:1026" @@ -57,12 +68,16 @@ SFTP_SIMS_LOCALHOST="localhost:1022,localhost:1023,localhost:1024,localhost:1025 #List of ftpes server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network FTPES_SIMS_LOCALHOST="localhost:1032,localhost:1033,localhost:1034,localhost:1035,localhost:1036" -#List of http server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network +#List of http/https/https with no authorization server name and port number, used by MR sim to produce file urls. Theses server names and ports are used when running dfc as stand along app and the simulators in a private docker network HTTP_SIMS_LOCALHOST="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85" +HTTPS_SIMS_LOCALHOST="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448" +HTTPS_SIMS_NO_AUTH_LOCALHOST="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085" export SFTP_SIMS=$SFTP_SIMS_CONTAINER #This env will be set to SFTP_SIMS_LOCALHOST if auto test is executed with 'manual-app' export FTPES_SIMS=$FTPES_SIMS_CONTAINER #This env will be set to FTPES_SIMS_LOCALHOST if auto test is executed with 'manual-app' export HTTP_SIMS=$HTTP_SIMS_CONTAINER #This env will be set to HTTP_SIMS_LOCALHOST if auto test is executed with 'manual-app' +export HTTPS_SIMS=$HTTPS_SIMS_CONTAINER #This env will be set to HTTPS_SIMS_LOCALHOST if auto test is executed with 'manual-app' +export HTTPS_SIMS_NO_AUTH=$HTTPS_SIMS_NO_AUTH_CONTAINER #This env will be set to HTTPS_SIMS_NO_AUTH_LOCALHOST if auto test is executed with 'manual-app' #Host name of the DR redirect simulator export DR_REDIR_SIM="drsim_redir" #This env will be set to 'localhost' if auto test is executed with arg 'manual-app' diff --git a/test/mocks/datafilecollector-testharness/common/testcase_common.sh b/test/mocks/datafilecollector-testharness/common/testcase_common.sh index 9f156a901..345752b47 100755 --- a/test/mocks/datafilecollector-testharness/common/testcase_common.sh +++ b/test/mocks/datafilecollector-testharness/common/testcase_common.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# . ../common/test_env.sh @@ -161,20 +170,20 @@ docker build -t mrsim:latest . &> /dev/null cd ../ftpes-sftp-server docker build -t ftpes_vsftpd:latest -f Dockerfile-ftpes . &> /dev/null cd ../http-https-server -docker build -t http_httpd:latest -f Dockerfile-http . &> /dev/null +docker build -t http_https_httpd:latest -f Dockerfile-http-https . &> /dev/null cd $curdir echo "" echo "Local registry images for simulators:" -echo "MR simulator " $(docker images | grep mrsim) -echo "DR simulator: " $(docker images | grep drsim_common) -echo "DR redir simulator: " $(docker images | grep drsim_common) -echo "SFTP: " $(docker images | grep atmoz/sftp) -echo "FTPES: " $(docker images | grep ftpes_vsftpd) -echo "HTTP: " $(docker images | grep http_httpd) -echo "Consul: " $(docker images | grep consul) -echo "CBS: " $(docker images | grep platform.configbinding.app) +echo "MR simulator " $(docker images | grep mrsim) +echo "DR simulator: " $(docker images | grep drsim_common) +echo "DR redir simulator: " $(docker images | grep drsim_common) +echo "SFTP: " $(docker images | grep atmoz/sftp) +echo "FTPES: " $(docker images | grep ftpes_vsftpd) +echo "HTTP/HTTPS/HTTPS no auth: " $(docker images | grep http_https_httpd) +echo "Consul: " $(docker images | grep consul) +echo "CBS: " $(docker images | grep platform.configbinding.app) echo "" #Configure MR sim to use correct host:port for running dfc as an app or as a container @@ -183,6 +192,8 @@ if [ $START_ARG == "manual-app" ]; then export SFTP_SIMS=$SFTP_SIMS_LOCALHOST export FTPES_SIMS=$FTPES_SIMS_LOCALHOST export HTTP_SIMS=$HTTP_SIMS_LOCALHOST + export HTTPS_SIMS=$HTTPS_SIMS_LOCALHOST + export HTTPS_SIMS_NO_AUTH=HTTPS_SIMS_NO_AUTH_LOCALHOST export DR_REDIR_SIM="localhost" fi #else @@ -208,7 +219,7 @@ __do_curl() { echo "" return 1 else - if [ $http_code -lt 200 ] && [ $http_code -gt 299]; then + if [ $http_code -lt 200 ] && [ $http_code -gt 299 ]; then echo "" return 1 fi @@ -374,12 +385,22 @@ __start_dfc_image() { localport=$(($DFC_PORT + $2)) localport_secure=$(($DFC_PORT_SECURE + $2)) - echo "Creating docker network $DOCKER_SIM_NWNAME, if needed" + echo "Creating docker network "$DOCKER_SIM_NWNAME", if needed" - docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME + docker network ls| grep "$DOCKER_SIM_NWNAME" > /dev/null || docker network create "$DOCKER_SIM_NWNAME" echo "Starting DFC: " $appname " with ports mapped to " $localport " and " $localport_secure " in docker network "$DOCKER_SIM_NWNAME - docker run -d --volume $(pwd)/../simulator-group/tls/:/opt/app/datafile/etc/cert/ -p $localport":8100" -p $localport_secure":8433" --network=$DOCKER_SIM_NWNAME -e CONSUL_HOST=$CONSUL_HOST -e CONSUL_PORT=$CONSUL_PORT -e CONFIG_BINDING_SERVICE=$CONFIG_BINDING_SERVICE -e CONFIG_BINDING_SERVICE_SERVICE_PORT=$CONFIG_BINDING_SERVICE_SERVICE_PORT -e HOSTNAME=$appname --name $appname $DFC_IMAGE + if [ "$HTTP_TYPE" = "HTTPS" ] + then + mkdir "$SIM_GROUP"/tls/external + cp "$SIM_GROUP"/../certservice/generated-certs/dfc-p12/* "$SIM_GROUP"/tls/external/ + docker run \ + --name oom-certservice-post-processor \ + --env-file "$SIM_GROUP"/../certservice/merger/merge-certs.env \ + --mount type=bind,src="$SIM_GROUP"/tls,dst=/opt/app/datafile/etc/cert \ + nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:latest + fi + docker run -d --volume $(pwd)/../simulator-group/tls/:/opt/app/datafile/etc/cert/ -p $localport":8100" -p $localport_secure":8433" --network=$DOCKER_SIM_NWNAME -e CONSUL_HOST=$CONSUL_HOST -e CONSUL_PORT=$CONSUL_PORT -e CONFIG_BINDING_SERVICE=$CONFIG_BINDING_SERVICE -e CONFIG_BINDING_SERVICE_SERVICE_PORT=$CONFIG_BINDING_SERVICE_SERVICE_PORT -e HOSTNAME=$appname --name $appname $DFC_IMAGE sleep 3 set +x dfc_started=false @@ -517,6 +538,8 @@ log_sim_settings() { echo "SFTP_SIMS= "$SFTP_SIMS echo "FTPES_SIMS= "$FTPES_SIMS echo "HTTP_SIMS= "$HTTP_SIMS + echo "HTTPS_SIMS= "$HTTPS_SIMS + echo "HTTPS_SIMS_NO_AUTH= "$HTTPS_SIMS_NO_AUTH echo "" } @@ -526,6 +549,7 @@ clean_containers() { docker stop $(docker ps -q --filter name=dfc_) &> /dev/null echo "Removing all containers, dfc app and simulators with name prefix 'dfc_'" docker rm $(docker ps -a -q --filter name=dfc_) &> /dev/null + docker rm -f $(docker ps -a -q --filter name=oom-certservice-post-processor) &> /dev/null echo "Removing unused docker networks with substring 'dfc' in network name" docker network rm $(docker network ls -q --filter name=dfc) echo "" @@ -537,6 +561,7 @@ start_simulators() { echo "Starting all simulators" curdir=$PWD cd $SIM_GROUP + export SIM_GROUP=$SIM_GROUP $SIM_GROUP/simulators-start.sh cd $curdir echo "" @@ -767,7 +792,7 @@ start_ftpes() { } # Stop and remove the HTTP container, arg: -kill_http() { +kill_http_https() { if [ $# != 1 ]; then __print_err "need one arg, " @@ -778,16 +803,16 @@ kill_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Killing HTTP, instance id: "$1 + echo "Killing HTTP/HTTPS, instance id: "$1 __docker_stop $appname __docker_rm $appname } # Stop HTTP container, arg: -stop_http() { +stop_http_https() { if [ $# != 1 ]; then __print_err "need one arg, " @@ -798,15 +823,15 @@ stop_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Stopping HTTP, instance id: "$1 + echo "Stopping HTTP/HTTPS, instance id: "$1 __docker_stop $appname } # Starts a stopped HTTP container, arg: -start_http() { +start_http_https() { if [ $# != 1 ]; then __print_err "need one arg, " @@ -817,9 +842,9 @@ start_http() { __print_err "arg should be 0.."$HTTP_MAX_IDX exit 1 fi - appname=$HTTP_BASE$1 + appname=$HTTP_HTTPS_BASE$1 - echo "Starting HTTP, instance id: "$1 + echo "Starting HTTP/HTTPS, instance id: "$1 __docker_start $appname } @@ -1200,7 +1225,7 @@ store_logs() { done for (( i=0; i<=$HTTP_MAX_IDX; i++ )); do - appname=$HTTP_BASE$i + appname=$HTTP_HTTPS_BASE$i docker logs $appname > $TESTLOGS/$ATC/${1}_${appname}.log 2>&1 done diff --git a/test/mocks/datafilecollector-testharness/http-https-server/.gitignore b/test/mocks/datafilecollector-testharness/http-https-server/.gitignore index bd6c5bed8..2c8afebd8 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/.gitignore +++ b/test/mocks/datafilecollector-testharness/http-https-server/.gitignore @@ -1 +1 @@ -files/onap/* +/files diff --git a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http deleted file mode 100644 index d3601b865..000000000 --- a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http +++ /dev/null @@ -1,8 +0,0 @@ -FROM httpd:alpine - -COPY configuration/htpasswd /usr/local/apache2/conf/.htpasswd -COPY configuration/httpd.conf /usr/local/apache2/conf/httpd.conf -RUN chmod 644 /usr/local/apache2/conf/.htpasswd -RUN chmod 644 /usr/local/apache2/conf/httpd.conf -RUN chown root:root /usr/local/apache2/conf/.htpasswd -RUN chown root:root /usr/local/apache2/conf/httpd.conf diff --git a/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https new file mode 100644 index 000000000..a2d8bf8cc --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/Dockerfile-http-https @@ -0,0 +1,15 @@ +FROM httpd:alpine + +RUN apk update + +ENV APACHE_LOG_DIR /usr/local/apache2/logs + +RUN mkdir /usr/local/apache2/certs + +COPY --chown=root:root apache2/certs /usr/local/apache2/certs +COPY --chown=root:root apache2/conf /usr/local/apache2/conf +COPY --chown=root:root apache2/conf/extra /usr/local/apache2/conf/extra + +RUN chmod 644 /usr/local/apache2/conf/.htpasswd +RUN chmod 644 /usr/local/apache2/conf/httpd.conf +RUN chmod 644 /usr/local/apache2/conf/extra/httpd-ssl.conf diff --git a/test/mocks/datafilecollector-testharness/http-https-server/README.md b/test/mocks/datafilecollector-testharness/http-https-server/README.md new file mode 100644 index 000000000..77e701175 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/README.md @@ -0,0 +1,32 @@ +# ejbca certs + +There are needed certificates generated using CMPv2 server to properly run the https server and dfc being able to work with +https protocol. For that reason, pre-generated certs were prepared and stored in `certservice/generated-certs` directory. + +# Docker preparations + +Source: + +`sudo usermod -aG docker $USER` + +then logout-login to activate it. + +# Prepare files for the simulator + +Run `prepare.sh` with an argument found in `test_cases.yml` (or add a new tc in that file) to create files (1MB, +5MB and 50MB files) and a large number of symbolic links to these files to simulate PM files. The files names +matches the files in the events produced by the MR simulator. The dirs with the files will be mounted +by the ftp containers, defined in the docker-compse file, when started + +# Starting/stopping the HTTP/HTTPS server(s) + +Start: `docker-compose up` + +Stop: Ctrl +C, then `docker-compose down` or `docker-compose down --remove-orphans` + +If you experience issues (or port collision), check the currently running other containers +by using 'docker ps' and stop them if necessary. + +# Cleaning docker structure + +Deep cleaning: `docker system prune` diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd new file mode 100644 index 000000000..07f1978e6 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/.htpasswd @@ -0,0 +1 @@ +demo:$apr1$wRR00QBi$GvxjeaEqidmeSae9hE9AZ1 diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf new file mode 100644 index 000000000..f4caf357e --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/extra/httpd-ssl.conf @@ -0,0 +1,65 @@ +Listen 443 +Listen 8080 + +SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES +SSLProxyProtocol all -SSLv3 +SSLPassPhraseDialog builtin + +SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)" +SSLSessionCacheTimeout 300 + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /usr/local/apache2/certs/truststore.pem + SSLCertificateFile /usr/local/apache2/certs/keystore.pem + SSLCertificateKeyFile /usr/local/apache2/certs/key.pem + + + + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + SSLVerifyClient optional + SSLVerifyDepth 2 + SSLOptions +FakeBasicAuth +StrictRequire + + Require ssl-verify-client + + Options Indexes FollowSymLinks MultiViews + AuthType Basic + AuthName "Restricted Content" + AuthBasicProvider file + AuthUserFile /usr/local/apache2/conf/.htpasswd + Require valid-user + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /usr/local/apache2/certs/truststore.pem + SSLCertificateFile /usr/local/apache2/certs/keystore.pem + SSLCertificateKeyFile /usr/local/apache2/certs/key.pem + diff --git a/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf new file mode 100644 index 000000000..ef3ce95f7 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/http-https-server/apache2/conf/httpd.conf @@ -0,0 +1,559 @@ +# +# This is the main Apache HTTP server configuration file. It contains the +# configuration directives that give the server its instructions. +# See for detailed information. +# In particular, see +# +# for a discussion of each configuration directive. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# +# Configuration and logfile names: If the filenames you specify for many +# of the server's control files begin with "/" (or "drive:/" for Win32), the +# server will use that explicit path. If the filenames do *not* begin +# with "/", the value of ServerRoot is prepended -- so "logs/access_log" +# with ServerRoot set to "/usr/local/apache2" will be interpreted by the +# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" +# will be interpreted as '/logs/access_log'. + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# Do not add a slash at the end of the directory path. If you point +# ServerRoot at a non-local disk, be sure to specify a local disk on the +# Mutex directive, if file-based mutexes are used. If you wish to share the +# same ServerRoot for multiple httpd daemons, you will need to change at +# least PidFile. +# +ServerRoot "/usr/local/apache2" + +# +# Mutex: Allows you to set the mutex mechanism and mutex file directory +# for individual mutexes, or change the global defaults +# +# Uncomment and change the directory if mutexes are file-based and the default +# mutex file directory is not on a local disk or is not appropriate for some +# other reason. +# +# Mutex default:logs + +# +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# have to place corresponding `LoadModule' lines at this location so the +# directives contained in it are actually available _before_ they are used. +# Statically compiled modules (those listed by `httpd -l') do not need +# to be loaded here. +# +# Example: +# LoadModule foo_module modules/mod_foo.so +# +LoadModule mpm_event_module modules/mod_mpm_event.so +#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so +#LoadModule mpm_worker_module modules/mod_mpm_worker.so +LoadModule authn_file_module modules/mod_authn_file.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +#LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbd_module modules/mod_authn_dbd.so +#LoadModule authn_socache_module modules/mod_authn_socache.so +LoadModule authn_core_module modules/mod_authn_core.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +LoadModule authz_user_module modules/mod_authz_user.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +#LoadModule authz_owner_module modules/mod_authz_owner.so +#LoadModule authz_dbd_module modules/mod_authz_dbd.so +LoadModule authz_core_module modules/mod_authz_core.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so +LoadModule access_compat_module modules/mod_access_compat.so +LoadModule auth_basic_module modules/mod_auth_basic.so +#LoadModule auth_form_module modules/mod_auth_form.so +#LoadModule auth_digest_module modules/mod_auth_digest.so +#LoadModule allowmethods_module modules/mod_allowmethods.so +#LoadModule isapi_module modules/mod_isapi.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule cache_module modules/mod_cache.so +#LoadModule cache_disk_module modules/mod_cache_disk.so +#LoadModule cache_socache_module modules/mod_cache_socache.so +LoadModule socache_shmcb_module modules/mod_socache_shmcb.so +#LoadModule socache_dbm_module modules/mod_socache_dbm.so +#LoadModule socache_memcache_module modules/mod_socache_memcache.so +#LoadModule socache_redis_module modules/mod_socache_redis.so +#LoadModule watchdog_module modules/mod_watchdog.so +#LoadModule macro_module modules/mod_macro.so +#LoadModule dbd_module modules/mod_dbd.so +#LoadModule bucketeer_module modules/mod_bucketeer.so +#LoadModule dumpio_module modules/mod_dumpio.so +#LoadModule echo_module modules/mod_echo.so +#LoadModule example_hooks_module modules/mod_example_hooks.so +#LoadModule case_filter_module modules/mod_case_filter.so +#LoadModule case_filter_in_module modules/mod_case_filter_in.so +#LoadModule example_ipc_module modules/mod_example_ipc.so +#LoadModule buffer_module modules/mod_buffer.so +#LoadModule data_module modules/mod_data.so +#LoadModule ratelimit_module modules/mod_ratelimit.so +LoadModule reqtimeout_module modules/mod_reqtimeout.so +#LoadModule ext_filter_module modules/mod_ext_filter.so +#LoadModule request_module modules/mod_request.so +#LoadModule include_module modules/mod_include.so +LoadModule filter_module modules/mod_filter.so +#LoadModule reflector_module modules/mod_reflector.so +#LoadModule substitute_module modules/mod_substitute.so +#LoadModule sed_module modules/mod_sed.so +#LoadModule charset_lite_module modules/mod_charset_lite.so +#LoadModule deflate_module modules/mod_deflate.so +#LoadModule xml2enc_module modules/mod_xml2enc.so +#LoadModule proxy_html_module modules/mod_proxy_html.so +#LoadModule brotli_module modules/mod_brotli.so +LoadModule mime_module modules/mod_mime.so +#LoadModule ldap_module modules/mod_ldap.so +LoadModule log_config_module modules/mod_log_config.so +#LoadModule log_debug_module modules/mod_log_debug.so +#LoadModule log_forensic_module modules/mod_log_forensic.so +#LoadModule logio_module modules/mod_logio.so +#LoadModule lua_module modules/mod_lua.so +LoadModule env_module modules/mod_env.so +#LoadModule mime_magic_module modules/mod_mime_magic.so +#LoadModule cern_meta_module modules/mod_cern_meta.so +#LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +#LoadModule ident_module modules/mod_ident.so +#LoadModule usertrack_module modules/mod_usertrack.so +#LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule version_module modules/mod_version.so +#LoadModule remoteip_module modules/mod_remoteip.so +#LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so +#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so +#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so +#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so +#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so +#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_express_module modules/mod_proxy_express.so +#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so +#LoadModule session_module modules/mod_session.so +#LoadModule session_cookie_module modules/mod_session_cookie.so +#LoadModule session_crypto_module modules/mod_session_crypto.so +#LoadModule session_dbd_module modules/mod_session_dbd.so +#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so +#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so +LoadModule ssl_module modules/mod_ssl.so +#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +#LoadModule dialup_module modules/mod_dialup.so +#LoadModule http2_module modules/mod_http2.so +#LoadModule proxy_http2_module modules/mod_proxy_http2.so +#LoadModule md_module modules/mod_md.so +#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so +#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so +#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so +#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so +LoadModule unixd_module modules/mod_unixd.so +#LoadModule heartbeat_module modules/mod_heartbeat.so +#LoadModule heartmonitor_module modules/mod_heartmonitor.so +#LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule asis_module modules/mod_asis.so +#LoadModule info_module modules/mod_info.so +#LoadModule suexec_module modules/mod_suexec.so + + #LoadModule cgid_module modules/mod_cgid.so + + + #LoadModule cgi_module modules/mod_cgi.so + +#LoadModule dav_fs_module modules/mod_dav_fs.so +#LoadModule dav_lock_module modules/mod_dav_lock.so +#LoadModule vhost_alias_module modules/mod_vhost_alias.so +#LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +#LoadModule imagemap_module modules/mod_imagemap.so +#LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +#LoadModule rewrite_module modules/mod_rewrite.so + + +# +# If you wish httpd to run as a different user or group, you must run +# httpd as root initially and it will switch. +# +# User/Group: The name (or #number) of the user/group to run httpd as. +# It is usually good practice to create a dedicated user and group for +# running httpd, as with most system services. +# +User daemon +Group daemon + + + +# 'Main' server configuration +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# + +# +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +# +ServerAdmin you@example.com + +# +# ServerName gives the name and port that the server uses to identify itself. +# This can often be determined automatically, but we recommend you specify +# it explicitly to prevent problems during startup. +# +# If your host doesn't have a registered DNS name, enter its IP address here. +# +#ServerName www.example.com:80 + +# +# Deny access to the entirety of your server's filesystem. You must +# explicitly permit access to web content directories in other +# blocks below. +# + + AllowOverride none + Require all denied + + +# +# Note that from this point forward you must specifically allow +# particular features to be enabled - so if something's not working as +# you might expect, make sure that you have specifically enabled it +# below. +# + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +# +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# + + DocumentRoot "/usr/local/apache2/htdocs" + + # + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.4/mod/core.html#options + # for more information. + # + Options Indexes FollowSymLinks + + # + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # AllowOverride FileInfo AuthConfig Limit + # + AllowOverride None + + # + # Controls who can get stuff from this server. + # + AuthType Basic + AuthName "Restricted Content" + AuthUserFile /usr/local/apache2/conf/.htpasswd + Require valid-user + + +# +# DirectoryIndex: sets the file that Apache will serve if a directory +# is requested. +# + + DirectoryIndex index.html + + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + +# +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the number of messages logged to the error_log. +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +# +LogLevel warn + + + # + # The following directives define some format nicknames for use with + # a CustomLog directive (see below). + # + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %b" common + + + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + + + # + # The location and format of the access logfile (Common Logfile Format). + # If you do not define any access logfiles within a + # container, they will be logged here. Contrariwise, if you *do* + # define per- access logfiles, transactions will be + # logged therein and *not* in this file. + # + CustomLog ${APACHE_LOG_DIR}/access.log combined + + # + # If you prefer a logfile with access, agent, and referer information + # (Combined Logfile Format) you can use the following directive. + # + #CustomLog "logs/access_log" combined + + + + # + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + # + ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" + + + + + # + # ScriptSock: On threaded servers, designate the path to the UNIX + # socket used to communicate with the CGI daemon of mod_cgid. + # + #Scriptsock cgisock + + +# +# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. +# + + AllowOverride None + Options None + Require all granted + + + + # + # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied + # backend servers which have lingering "httpoxy" defects. + # 'Proxy' request header is undefined by the IETF, not listed by IANA + # + RequestHeader unset Proxy early + + + + # + # TypesConfig points to the file containing the list of mappings from + # filename extension to MIME-type. + # + TypesConfig conf/mime.types + + # + # AddType allows you to add to or override the MIME configuration + # file specified in TypesConfig for specific file types. + # + #AddType application/x-gzip .tgz + # + # AddEncoding allows you to have certain browsers uncompress + # information on the fly. Note: Not all browsers support this. + # + #AddEncoding x-compress .Z + #AddEncoding x-gzip .gz .tgz + # + # If the AddEncoding directives above are commented-out, then you + # probably should define those extensions to indicate media types: + # + AddType application/x-compress .Z + AddType application/x-gzip .gz .tgz + + # + # AddHandler allows you to map certain file extensions to "handlers": + # actions unrelated to filetype. These can be either built into the server + # or added with the Action directive (see below) + # + # To use CGI scripts outside of ScriptAliased directories: + # (You will also need to add "ExecCGI" to the "Options" directive.) + # + #AddHandler cgi-script .cgi + + # For type maps (negotiated resources): + #AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + #AddType text/html .shtml + #AddOutputFilter INCLUDES .shtml + + +# +# The mod_mime_magic module allows the server to use various hints from the +# contents of the file itself to determine its type. The MIMEMagicFile +# directive tells the module where the hint definitions are located. +# +#MIMEMagicFile conf/magic + +# +# Customizable error responses come in three flavors: +# 1) plain text 2) local redirects 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# MaxRanges: Maximum number of Ranges in a request before +# returning the entire resource, or one of the special +# values 'default', 'none' or 'unlimited'. +# Default setting is to accept 200 Ranges. +#MaxRanges unlimited + +# +# EnableMMAP and EnableSendfile: On systems that support it, +# memory-mapping or the sendfile syscall may be used to deliver +# files. This usually improves server performance, but must +# be turned off when serving from networked-mounted +# filesystems or if support for these functions is otherwise +# broken on your system. +# Defaults: EnableMMAP On, EnableSendfile Off +# +#EnableMMAP off +#EnableSendfile on + +# Supplemental configuration +# +# The configuration files in the conf/extra/ directory can be +# included to add extra features or to modify the default configuration of +# the server, or you may simply copy their contents here and change as +# necessary. + +# Server-pool management (MPM specific) +#Include conf/extra/httpd-mpm.conf + +# Multi-language error messages +#Include conf/extra/httpd-multilang-errordoc.conf + +# Fancy directory listings +#Include conf/extra/httpd-autoindex.conf + +# Language settings +#Include conf/extra/httpd-languages.conf + +# User home directories +#Include conf/extra/httpd-userdir.conf + +# Real-time info on requests and configuration +#Include conf/extra/httpd-info.conf + +# Virtual hosts +#Include conf/extra/httpd-vhosts.conf + +# Local access to the Apache HTTP Server Manual +#Include conf/extra/httpd-manual.conf + +# Distributed authoring and versioning (WebDAV) +#Include conf/extra/httpd-dav.conf + +# Various default settings +#Include conf/extra/httpd-default.conf + +# Configure mod_proxy_html to understand HTML4/XHTML1 + +Include conf/extra/proxy-html.conf + + +# Secure (SSL/TLS) connections +Include conf/extra/httpd-ssl.conf +# +# Note: The following must must be present to support +# starting without SSL on platforms with no /dev/random equivalent +# but a statically compiled-in mod_ssl. +# + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + diff --git a/test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd b/test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd deleted file mode 100644 index 07f1978e6..000000000 --- a/test/mocks/datafilecollector-testharness/http-https-server/configuration/htpasswd +++ /dev/null @@ -1 +0,0 @@ -demo:$apr1$wRR00QBi$GvxjeaEqidmeSae9hE9AZ1 diff --git a/test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf b/test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf deleted file mode 100644 index 88081b441..000000000 --- a/test/mocks/datafilecollector-testharness/http-https-server/configuration/httpd.conf +++ /dev/null @@ -1,553 +0,0 @@ -# -# This is the main Apache HTTP server configuration file. It contains the -# configuration directives that give the server its instructions. -# See for detailed information. -# In particular, see -# -# for a discussion of each configuration directive. -# -# Do NOT simply read the instructions in here without understanding -# what they do. They're here only as hints or reminders. If you are unsure -# consult the online docs. You have been warned. -# -# Configuration and logfile names: If the filenames you specify for many -# of the server's control files begin with "/" (or "drive:/" for Win32), the -# server will use that explicit path. If the filenames do *not* begin -# with "/", the value of ServerRoot is prepended -- so "logs/access_log" -# with ServerRoot set to "/usr/local/apache2" will be interpreted by the -# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log" -# will be interpreted as '/logs/access_log'. - -# -# ServerRoot: The top of the directory tree under which the server's -# configuration, error, and log files are kept. -# -# Do not add a slash at the end of the directory path. If you point -# ServerRoot at a non-local disk, be sure to specify a local disk on the -# Mutex directive, if file-based mutexes are used. If you wish to share the -# same ServerRoot for multiple httpd daemons, you will need to change at -# least PidFile. -# -ServerRoot "/usr/local/apache2" - -# -# Mutex: Allows you to set the mutex mechanism and mutex file directory -# for individual mutexes, or change the global defaults -# -# Uncomment and change the directory if mutexes are file-based and the default -# mutex file directory is not on a local disk or is not appropriate for some -# other reason. -# -# Mutex default:logs - -# -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, instead of the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses. -# -#Listen 12.34.56.78:80 -Listen 80 - -# -# Dynamic Shared Object (DSO) Support -# -# To be able to use the functionality of a module which was built as a DSO you -# have to place corresponding `LoadModule' lines at this location so the -# directives contained in it are actually available _before_ they are used. -# Statically compiled modules (those listed by `httpd -l') do not need -# to be loaded here. -# -# Example: -# LoadModule foo_module modules/mod_foo.so -# -LoadModule mpm_event_module modules/mod_mpm_event.so -#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so -#LoadModule mpm_worker_module modules/mod_mpm_worker.so -LoadModule authn_file_module modules/mod_authn_file.so -#LoadModule authn_dbm_module modules/mod_authn_dbm.so -#LoadModule authn_anon_module modules/mod_authn_anon.so -#LoadModule authn_dbd_module modules/mod_authn_dbd.so -#LoadModule authn_socache_module modules/mod_authn_socache.so -LoadModule authn_core_module modules/mod_authn_core.so -LoadModule authz_host_module modules/mod_authz_host.so -LoadModule authz_groupfile_module modules/mod_authz_groupfile.so -LoadModule authz_user_module modules/mod_authz_user.so -#LoadModule authz_dbm_module modules/mod_authz_dbm.so -#LoadModule authz_owner_module modules/mod_authz_owner.so -#LoadModule authz_dbd_module modules/mod_authz_dbd.so -LoadModule authz_core_module modules/mod_authz_core.so -#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so -#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so -LoadModule access_compat_module modules/mod_access_compat.so -LoadModule auth_basic_module modules/mod_auth_basic.so -#LoadModule auth_form_module modules/mod_auth_form.so -#LoadModule auth_digest_module modules/mod_auth_digest.so -#LoadModule allowmethods_module modules/mod_allowmethods.so -#LoadModule isapi_module modules/mod_isapi.so -#LoadModule file_cache_module modules/mod_file_cache.so -#LoadModule cache_module modules/mod_cache.so -#LoadModule cache_disk_module modules/mod_cache_disk.so -#LoadModule cache_socache_module modules/mod_cache_socache.so -#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so -#LoadModule socache_dbm_module modules/mod_socache_dbm.so -#LoadModule socache_memcache_module modules/mod_socache_memcache.so -#LoadModule socache_redis_module modules/mod_socache_redis.so -#LoadModule watchdog_module modules/mod_watchdog.so -#LoadModule macro_module modules/mod_macro.so -#LoadModule dbd_module modules/mod_dbd.so -#LoadModule bucketeer_module modules/mod_bucketeer.so -#LoadModule dumpio_module modules/mod_dumpio.so -#LoadModule echo_module modules/mod_echo.so -#LoadModule example_hooks_module modules/mod_example_hooks.so -#LoadModule case_filter_module modules/mod_case_filter.so -#LoadModule case_filter_in_module modules/mod_case_filter_in.so -#LoadModule example_ipc_module modules/mod_example_ipc.so -#LoadModule buffer_module modules/mod_buffer.so -#LoadModule data_module modules/mod_data.so -#LoadModule ratelimit_module modules/mod_ratelimit.so -LoadModule reqtimeout_module modules/mod_reqtimeout.so -#LoadModule ext_filter_module modules/mod_ext_filter.so -#LoadModule request_module modules/mod_request.so -#LoadModule include_module modules/mod_include.so -LoadModule filter_module modules/mod_filter.so -#LoadModule reflector_module modules/mod_reflector.so -#LoadModule substitute_module modules/mod_substitute.so -#LoadModule sed_module modules/mod_sed.so -#LoadModule charset_lite_module modules/mod_charset_lite.so -#LoadModule deflate_module modules/mod_deflate.so -#LoadModule xml2enc_module modules/mod_xml2enc.so -#LoadModule proxy_html_module modules/mod_proxy_html.so -#LoadModule brotli_module modules/mod_brotli.so -LoadModule mime_module modules/mod_mime.so -#LoadModule ldap_module modules/mod_ldap.so -LoadModule log_config_module modules/mod_log_config.so -#LoadModule log_debug_module modules/mod_log_debug.so -#LoadModule log_forensic_module modules/mod_log_forensic.so -#LoadModule logio_module modules/mod_logio.so -#LoadModule lua_module modules/mod_lua.so -LoadModule env_module modules/mod_env.so -#LoadModule mime_magic_module modules/mod_mime_magic.so -#LoadModule cern_meta_module modules/mod_cern_meta.so -#LoadModule expires_module modules/mod_expires.so -LoadModule headers_module modules/mod_headers.so -#LoadModule ident_module modules/mod_ident.so -#LoadModule usertrack_module modules/mod_usertrack.so -#LoadModule unique_id_module modules/mod_unique_id.so -LoadModule setenvif_module modules/mod_setenvif.so -LoadModule version_module modules/mod_version.so -#LoadModule remoteip_module modules/mod_remoteip.so -#LoadModule proxy_module modules/mod_proxy.so -#LoadModule proxy_connect_module modules/mod_proxy_connect.so -#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so -#LoadModule proxy_http_module modules/mod_proxy_http.so -#LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so -#LoadModule proxy_scgi_module modules/mod_proxy_scgi.so -#LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so -#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so -#LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so -#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so -#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so -#LoadModule proxy_express_module modules/mod_proxy_express.so -#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so -#LoadModule session_module modules/mod_session.so -#LoadModule session_cookie_module modules/mod_session_cookie.so -#LoadModule session_crypto_module modules/mod_session_crypto.so -#LoadModule session_dbd_module modules/mod_session_dbd.so -#LoadModule slotmem_shm_module modules/mod_slotmem_shm.so -#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so -#LoadModule ssl_module modules/mod_ssl.so -#LoadModule optional_hook_export_module modules/mod_optional_hook_export.so -#LoadModule optional_hook_import_module modules/mod_optional_hook_import.so -#LoadModule optional_fn_import_module modules/mod_optional_fn_import.so -#LoadModule optional_fn_export_module modules/mod_optional_fn_export.so -#LoadModule dialup_module modules/mod_dialup.so -#LoadModule http2_module modules/mod_http2.so -#LoadModule proxy_http2_module modules/mod_proxy_http2.so -#LoadModule md_module modules/mod_md.so -#LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so -#LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so -#LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so -#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so -LoadModule unixd_module modules/mod_unixd.so -#LoadModule heartbeat_module modules/mod_heartbeat.so -#LoadModule heartmonitor_module modules/mod_heartmonitor.so -#LoadModule dav_module modules/mod_dav.so -LoadModule status_module modules/mod_status.so -LoadModule autoindex_module modules/mod_autoindex.so -#LoadModule asis_module modules/mod_asis.so -#LoadModule info_module modules/mod_info.so -#LoadModule suexec_module modules/mod_suexec.so - - #LoadModule cgid_module modules/mod_cgid.so - - - #LoadModule cgi_module modules/mod_cgi.so - -#LoadModule dav_fs_module modules/mod_dav_fs.so -#LoadModule dav_lock_module modules/mod_dav_lock.so -#LoadModule vhost_alias_module modules/mod_vhost_alias.so -#LoadModule negotiation_module modules/mod_negotiation.so -LoadModule dir_module modules/mod_dir.so -#LoadModule imagemap_module modules/mod_imagemap.so -#LoadModule actions_module modules/mod_actions.so -#LoadModule speling_module modules/mod_speling.so -#LoadModule userdir_module modules/mod_userdir.so -LoadModule alias_module modules/mod_alias.so -#LoadModule rewrite_module modules/mod_rewrite.so - - -# -# If you wish httpd to run as a different user or group, you must run -# httpd as root initially and it will switch. -# -# User/Group: The name (or #number) of the user/group to run httpd as. -# It is usually good practice to create a dedicated user and group for -# running httpd, as with most system services. -# -User daemon -Group daemon - - - -# 'Main' server configuration -# -# The directives in this section set up the values used by the 'main' -# server, which responds to any requests that aren't handled by a -# definition. These values also provide defaults for -# any containers you may define later in the file. -# -# All of these directives may appear inside containers, -# in which case these default settings will be overridden for the -# virtual host being defined. -# - -# -# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@your-domain.com -# -ServerAdmin you@example.com - -# -# ServerName gives the name and port that the server uses to identify itself. -# This can often be determined automatically, but we recommend you specify -# it explicitly to prevent problems during startup. -# -# If your host doesn't have a registered DNS name, enter its IP address here. -# -#ServerName www.example.com:80 - -# -# Deny access to the entirety of your server's filesystem. You must -# explicitly permit access to web content directories in other -# blocks below. -# - - AllowOverride none - Require all denied - - -# -# Note that from this point forward you must specifically allow -# particular features to be enabled - so if something's not working as -# you might expect, make sure that you have specifically enabled it -# below. -# - -# -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# -DocumentRoot "/usr/local/apache2/htdocs" - - # - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.4/mod/core.html#options - # for more information. - # - Options Indexes FollowSymLinks - - # - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # AllowOverride FileInfo AuthConfig Limit - # - AllowOverride None - - # - # Controls who can get stuff from this server. - # - AuthType Basic - AuthName "Restricted Content" - AuthUserFile /usr/local/apache2/conf/.htpasswd - Require valid-user - - -# -# DirectoryIndex: sets the file that Apache will serve if a directory -# is requested. -# - - DirectoryIndex index.html - - -# -# The following lines prevent .htaccess and .htpasswd files from being -# viewed by Web clients. -# - - Require all denied - - -# -# ErrorLog: The location of the error log file. -# If you do not specify an ErrorLog directive within a -# container, error messages relating to that virtual host will be -# logged here. If you *do* define an error logfile for a -# container, that host's errors will be logged there and not here. -# -ErrorLog /proc/self/fd/2 - -# -# LogLevel: Control the number of messages logged to the error_log. -# Possible values include: debug, info, notice, warn, error, crit, -# alert, emerg. -# -LogLevel warn - - - # - # The following directives define some format nicknames for use with - # a CustomLog directive (see below). - # - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined - LogFormat "%h %l %u %t \"%r\" %>s %b" common - - - # You need to enable mod_logio.c to use %I and %O - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio - - - # - # The location and format of the access logfile (Common Logfile Format). - # If you do not define any access logfiles within a - # container, they will be logged here. Contrariwise, if you *do* - # define per- access logfiles, transactions will be - # logged therein and *not* in this file. - # - CustomLog /proc/self/fd/1 common - - # - # If you prefer a logfile with access, agent, and referer information - # (Combined Logfile Format) you can use the following directive. - # - #CustomLog "logs/access_log" combined - - - - # - # Redirect: Allows you to tell clients about documents that used to - # exist in your server's namespace, but do not anymore. The client - # will make a new request for the document at its new location. - # Example: - # Redirect permanent /foo http://www.example.com/bar - - # - # Alias: Maps web paths into filesystem paths and is used to - # access content that does not live under the DocumentRoot. - # Example: - # Alias /webpath /full/filesystem/path - # - # If you include a trailing / on /webpath then the server will - # require it to be present in the URL. You will also likely - # need to provide a section to allow access to - # the filesystem path. - - # - # ScriptAlias: This controls which directories contain server scripts. - # ScriptAliases are essentially the same as Aliases, except that - # documents in the target directory are treated as applications and - # run by the server when requested rather than as documents sent to the - # client. The same rules about trailing "/" apply to ScriptAlias - # directives as to Alias. - # - ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/" - - - - - # - # ScriptSock: On threaded servers, designate the path to the UNIX - # socket used to communicate with the CGI daemon of mod_cgid. - # - #Scriptsock cgisock - - -# -# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased -# CGI directory exists, if you have that configured. -# - - AllowOverride None - Options None - Require all granted - - - - # - # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied - # backend servers which have lingering "httpoxy" defects. - # 'Proxy' request header is undefined by the IETF, not listed by IANA - # - RequestHeader unset Proxy early - - - - # - # TypesConfig points to the file containing the list of mappings from - # filename extension to MIME-type. - # - TypesConfig conf/mime.types - - # - # AddType allows you to add to or override the MIME configuration - # file specified in TypesConfig for specific file types. - # - #AddType application/x-gzip .tgz - # - # AddEncoding allows you to have certain browsers uncompress - # information on the fly. Note: Not all browsers support this. - # - #AddEncoding x-compress .Z - #AddEncoding x-gzip .gz .tgz - # - # If the AddEncoding directives above are commented-out, then you - # probably should define those extensions to indicate media types: - # - AddType application/x-compress .Z - AddType application/x-gzip .gz .tgz - - # - # AddHandler allows you to map certain file extensions to "handlers": - # actions unrelated to filetype. These can be either built into the server - # or added with the Action directive (see below) - # - # To use CGI scripts outside of ScriptAliased directories: - # (You will also need to add "ExecCGI" to the "Options" directive.) - # - #AddHandler cgi-script .cgi - - # For type maps (negotiated resources): - #AddHandler type-map var - - # - # Filters allow you to process content before it is sent to the client. - # - # To parse .shtml files for server-side includes (SSI): - # (You will also need to add "Includes" to the "Options" directive.) - # - #AddType text/html .shtml - #AddOutputFilter INCLUDES .shtml - - -# -# The mod_mime_magic module allows the server to use various hints from the -# contents of the file itself to determine its type. The MIMEMagicFile -# directive tells the module where the hint definitions are located. -# -#MIMEMagicFile conf/magic - -# -# Customizable error responses come in three flavors: -# 1) plain text 2) local redirects 3) external redirects -# -# Some examples: -#ErrorDocument 500 "The server made a boo boo." -#ErrorDocument 404 /missing.html -#ErrorDocument 404 "/cgi-bin/missing_handler.pl" -#ErrorDocument 402 http://www.example.com/subscription_info.html -# - -# -# MaxRanges: Maximum number of Ranges in a request before -# returning the entire resource, or one of the special -# values 'default', 'none' or 'unlimited'. -# Default setting is to accept 200 Ranges. -#MaxRanges unlimited - -# -# EnableMMAP and EnableSendfile: On systems that support it, -# memory-mapping or the sendfile syscall may be used to deliver -# files. This usually improves server performance, but must -# be turned off when serving from networked-mounted -# filesystems or if support for these functions is otherwise -# broken on your system. -# Defaults: EnableMMAP On, EnableSendfile Off -# -#EnableMMAP off -#EnableSendfile on - -# Supplemental configuration -# -# The configuration files in the conf/extra/ directory can be -# included to add extra features or to modify the default configuration of -# the server, or you may simply copy their contents here and change as -# necessary. - -# Server-pool management (MPM specific) -#Include conf/extra/httpd-mpm.conf - -# Multi-language error messages -#Include conf/extra/httpd-multilang-errordoc.conf - -# Fancy directory listings -#Include conf/extra/httpd-autoindex.conf - -# Language settings -#Include conf/extra/httpd-languages.conf - -# User home directories -#Include conf/extra/httpd-userdir.conf - -# Real-time info on requests and configuration -#Include conf/extra/httpd-info.conf - -# Virtual hosts -#Include conf/extra/httpd-vhosts.conf - -# Local access to the Apache HTTP Server Manual -#Include conf/extra/httpd-manual.conf - -# Distributed authoring and versioning (WebDAV) -#Include conf/extra/httpd-dav.conf - -# Various default settings -#Include conf/extra/httpd-default.conf - -# Configure mod_proxy_html to understand HTML4/XHTML1 - -Include conf/extra/proxy-html.conf - - -# Secure (SSL/TLS) connections -#Include conf/extra/httpd-ssl.conf -# -# Note: The following must must be present to support -# starting without SSL on platforms with no /dev/random equivalent -# but a statically compiled-in mod_ssl. -# - -SSLRandomSeed startup builtin -SSLRandomSeed connect builtin - diff --git a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml index 537cfcfaf..09b698f89 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml +++ b/test/mocks/datafilecollector-testharness/http-https-server/docker-compose.yml @@ -2,14 +2,19 @@ version: '3' services: - http-server: - container_name: http-server-httpd + http-https-server: + container_name: http-https-server-httpd image: httpd:alpine + environment: + APACHE_LOG_DIR: /usr/local/apache2/logs ports: - "80:80" + - "443:443" + - "8080:8080" volumes: - - ./configuration/htpasswd:/usr/local/apache2/conf/.htpasswd:ro - - ./configuration/httpd.conf:/usr/local/apache/conf/httpd.conf:ro - - - ./files/onap/http/:/usr/local/apache2/htdocs + - ./apache2/conf/.htpasswd:/usr/local/apache2/conf/.htpasswd:ro + - ./apache2/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf:ro + - ./apache2/conf/extra/httpd-ssl.conf:/usr/local/apache2/conf/extra/httpd-ssl.conf:ro + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs:ro + - ./files/onap/http:/usr/local/apache2/htdocs restart: on-failure diff --git a/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml b/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml index 08f632e28..d27bb9384 100644 --- a/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml +++ b/test/mocks/datafilecollector-testharness/http-https-server/test_cases.yml @@ -3,14 +3,14 @@ TC1: size_files: 1 5 10 number_files: 10 30 10 - directory_files: http + directory_files: http http http TC2: size_files: 0.5 1 5 number_files: 2 3 1 - directory_files: http + directory_files: http http http TC_10000: size_files: 1 1 5 5 50 50 number_files: 10000 10000 10000 10000 1 1 - directory_files: http + directory_files: http http http http http http diff --git a/test/mocks/datafilecollector-testharness/mr-sim/README.md b/test/mocks/datafilecollector-testharness/mr-sim/README.md index 055e7d914..a8d2b7aaa 100644 --- a/test/mocks/datafilecollector-testharness/mr-sim/README.md +++ b/test/mocks/datafilecollector-testharness/mr-sim/README.md @@ -10,7 +10,7 @@ This readme contains: The MR-sim is a python script delivering batches of events including one or more fileReady for one or more PNFs. It is possible to configure number of events, PNFs, consumer groups, exising or missing files, file prefixes and change identifier. -In addition, MR sim can be configured to deliver file url for up to 5 FTP and 5 HTTP servers (simulating the PNFs). +In addition, MR sim can be configured to deliver file url for up to 5 FTP and 5 HTTP/HTTPS/HTTPS with no auth servers (simulating the PNFs). ## Building and running @@ -33,8 +33,10 @@ The following envrionment vaiables are used: - **FTPES_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate ftpes file urls for. If not set MR sim will assume 'localhost:21'. Minimum 1 and maximum 5 host-port pairs can be given. - **SFTP_SIMS** - A comma-separated list of hostname:port for the FTP servers to generate sftp file urls for. If not set MR sim will assume 'localhost:1022'. Minimum 1 and maximum 5 host-port pairs can be given. - **HTTP_SIMS** - A comma-separated list of hostname:port for the HTTP servers to generate http file urls for. If not set MR sim will assume 'localhost:81'. Minimum 1 and maximum 5 host-port pairs can be given. +- **HTTPS_SIMS** - A comma-separated list of hostname:port for the HTTPS servers (configured for client certificate authentication and basic authentication; certificates were obtained using CMPv2 server) to generate http file urls for. If not set MR sim will assume 'localhost:444'. Minimum 1 and maximum 5 host-port pairs can be given. +- **HTTPS_SIMS_NO_AUTH** - A comma-separated list of hostname:port for the HTTPS servers with no autorization to generate http file urls for. If not set MR sim will assume 'localhost:8081'. Minimum 1 and maximum 5 host-port pairs can be given. - **NUM_FTP_SERVERS** - Number of FTP servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. -- **NUM_HTTP_SERVERS** - Number of HTTP servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. +- **NUM_HTTP_SERVERS** - Number of HTTP/HTTPS/HTTPS with no authorization servers to use out of those specified in the envrioment variables above. The number shall be in the range 1-5. - **MR_GROUPS** - A comma-separated list of consummer-group:changeId\[:changeId]\*. Defines which change identifier that should be used for each consumer group. If not set the MR-sim will assume 'OpenDcae-c12:PM_MEAS_FILES'.not set the MR-sim will assume 'OpenDcae-c12:PM_MEAS_FILES'. - **MR_FILE_PREFIX_MAPPING** - A comma-separated list of changeId:filePrefix. Defines which file prefix to use for each change identifier, needed to distinguish files for each change identifiers. If not set the MR-sim will assume 'PM_MEAS_FILES:A @@ -179,7 +181,9 @@ TC1500 - 700 ME, SFTP, 1MB files, 100 files per event, 35 events per poll, simul Changing the first digit in tc number will change the test case to run FTPES or HTTP instead. Eg. TC201 is FTPES version of TC101. -TC2XX is same as TC1XX but with FTPES, TC3XX is same as TC1XX but with HTTP +TC2XX is same as TC1XX but with FTPES, TC3XX is same as TC1XX but with HTTP, TC4XX is same as TC1XX but with HTTPS +(with basic authorization). Note, in the case of HTTPS, some tests may not have direct correspondence in FTP tests +(TC403, TC404 described in the end of this section). TC6XX is same as TC5XX but with FTPES @@ -187,6 +191,10 @@ TC8XX is same as TC7XX but with FTPES TC2XXX is same as TC1XXX but with FTPES +TC403 - One ME, HTTPS with client certificate authentication, 1 1MB file, 1 event + +TC404 - One ME, HTTPS with no client authentication, 1 1MB file, 1 event + ## Developer workflow 1. `sudo apt install python3-venv` diff --git a/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py b/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py index 809f18661..323dde618 100644 --- a/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py +++ b/test/mocks/datafilecollector-testharness/mr-sim/mr-sim.py @@ -1,3 +1,14 @@ +# COPYRIGHT NOTICE STARTS HERE +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# COPYRIGHT NOTICE ENDS HERE import argparse import os import sys @@ -19,10 +30,13 @@ ftpes_hosts = [] ftpes_ports = [] http_hosts = [] http_ports = [] +https_hosts = [] +https_ports = [] +https_hosts_no_auth = [] +https_ports_no_auth = [] num_ftp_servers = 1 num_http_servers = 1 - def sumList(ctrArray): tmp = 0 for i in range(len(ctrArray)): @@ -525,6 +539,18 @@ def MR_reply(consumerGroup, consumerId): elif args.tc302: return tc100(groupIndex, changeId, filePrefix, "http", "50MB") + elif args.tc400: + return tc100(groupIndex, changeId, filePrefix, "https", "1MB") + elif args.tc401: + return tc100(groupIndex, changeId, filePrefix, "https", "5MB") + elif args.tc402: + return tc100(groupIndex, changeId, filePrefix, "https", "50MB") + elif args.tc403: + return tc100(groupIndex, changeId, filePrefix, "httpsCAuth", "1MB") + elif args.tc404: + return tc100(groupIndex, changeId, filePrefix, "httpsNoAuth", "1MB") + + #### Test case functions @@ -543,7 +569,8 @@ def tc100(groupIndex, changeId, filePrefix, schemeType, fileSize): fileName = createFileName(groupIndex, filePrefix, nodeName, seqNr, fileSize) msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "onap", "pano", nodeIndex) + getEventEnd() - if schemeType == "http": + if (schemeType == "http") or (schemeType == "https") \ + or (schemeType == "httpsCAuth") or (schemeType == "httpsNoAuth"): msg = getEventHead(groupIndex, changeId, nodeName) + getEventName(fileName, schemeType, "demo", "demo123456!", nodeIndex) + getEventEnd() fileMap[groupIndex][seqNr * hash(filePrefix)] = seqNr @@ -1192,20 +1219,37 @@ def getEventName(fn, type, user, passwd, nodeIndex): nodeIndex = nodeIndex % num_ftp_servers port = sftp_ports[nodeIndex] ip = sftp_hosts[nodeIndex] - if (type == "ftpes"): + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + if type == "ftpes": port = ftpes_ports[nodeIndex] ip = ftpes_hosts[nodeIndex] - elif (type == "http"): + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "http": nodeIndex = nodeIndex % num_http_servers port = http_ports[nodeIndex] ip = http_hosts[nodeIndex] + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "https": + nodeIndex = nodeIndex % num_http_servers + port = https_ports[nodeIndex] + ip = https_hosts[nodeIndex] + location_variant = type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str(port) + elif type == "httpsCAuth": + alt_type = "https" + port = https_ports[nodeIndex] + ip = https_hosts[nodeIndex] + location_variant = alt_type + """://""" + ip + """:""" + str(port) + elif type == "httpsNoAuth": + alt_type = "https" + port = https_ports_no_auth[nodeIndex] + ip = https_hosts_no_auth[nodeIndex] + location_variant = alt_type + """://""" + ip + """:""" + str(port) nameStr = """{ "name": \"""" + fn + """", "hashMap": { "fileFormatType": "org.3GPP.32.435#measCollec", - "location": \"""" + type + """://""" + user + """:""" + passwd + """@""" + ip + """:""" + str( - port) + """/""" + fn + """", + "location": \"""" + location_variant + """/""" + fn + """", "fileFormatVersion": "V10", "compression": "gzip" } @@ -1248,14 +1292,18 @@ if __name__ == "__main__": sftp_sims = os.environ.get('SFTP_SIMS', 'localhost:1022') ftpes_sims = os.environ.get('FTPES_SIMS', 'localhost:21') http_sims = os.environ.get('HTTP_SIMS', 'localhost:81') + https_sims = os.environ.get('HTTPS_SIMS', 'localhost:444') + https_sims_no_auth = os.environ.get('HTTPS_SIMS_NO_AUTH', 'localhost:8081') num_ftp_servers = int(os.environ.get('NUM_FTP_SERVERS', 1)) num_http_servers = int(os.environ.get('NUM_HTTP_SERVERS', 1)) print("Configured sftp sims: " + sftp_sims) print("Configured ftpes sims: " + ftpes_sims) print("Configured http sims: " + http_sims) + print("Configured https sims: " + https_sims) + print("Configured https with no authorization sims: " + https_sims_no_auth) print("Configured number of ftp servers: " + str(num_ftp_servers)) - print("Configured number of http servers: " + str(num_http_servers)) + print("Configured number of http/https/https with no auth servers: " + str(num_http_servers) + " each") tmp = sftp_sims.split(',') for i in range(len(tmp)): @@ -1275,6 +1323,19 @@ if __name__ == "__main__": http_hosts.append(hp[0]) http_ports.append(hp[1]) + tmp = https_sims.split(',') + for i in range(len(tmp)): + hp = tmp[i].split(':') + https_hosts.append(hp[0]) + https_ports.append(hp[1]) + + tmp = https_sims_no_auth.split(',') + for i in range(len(tmp)): + hp = tmp[i].split(':') + https_hosts_no_auth.append(hp[0]) + https_ports_no_auth.append(hp[1]) + + groups = os.environ.get('MR_GROUPS', 'OpenDcae-c12:PM_MEAS_FILES') print("Groups detected: " + groups) configuredPrefixes = os.environ.get('MR_FILE_PREFIX_MAPPING', 'PM_MEAS_FILES:A') @@ -1637,6 +1698,28 @@ if __name__ == "__main__": action='store_true', help='TC302 - One ME, HTTP, 1 50MB file, 1 event') + # HTTPS TCs with single ME + parser.add_argument( + '--tc400', + action='store_true', + help='TC400 - One ME, HTTPS, 1 1MB file, 1 event') + parser.add_argument( + '--tc401', + action='store_true', + help='TC401 - One ME, HTTPS, 1 5MB file, 1 event') + parser.add_argument( + '--tc402', + action='store_true', + help='TC402 - One ME, HTTPS, 1 50MB file, 1 event') + parser.add_argument( + '--tc403', + action='store_true', + help='TC403 - One ME, HTTPS client certificare authentication, 1 1MB file, 1 event') + parser.add_argument( + '--tc404', + action='store_true', + help='TC404 - One ME, HTTPS no client authentication, 1 1MB file, 1 event') + args = parser.parse_args() if args.tc100: @@ -1778,6 +1861,17 @@ if __name__ == "__main__": elif args.tc302: tc_num = "TC# 302" + elif args.tc400: + tc_num = "TC# 400" + elif args.tc401: + tc_num = "TC# 401" + elif args.tc402: + tc_num = "TC# 402" + elif args.tc403: + tc_num = "TC# 403" + elif args.tc404: + tc_num = "TC# 404" + else: print("No TC was defined") print("use --help for usage info") @@ -1797,8 +1891,18 @@ if __name__ == "__main__": print("Using " + str(http_hosts[i]) + ":" + str(http_ports[i]) + " for http server with index " + str( i) + " for http server address and port in file urls.") + for i in range(len(https_hosts)): + print("Using " + str(https_hosts[i]) + ":" + str(https_ports[i]) + " for https server with index " + str( + i) + " for https server address and port in file urls.") + + for i in range(len(https_hosts_no_auth)): + print("Using " + str(https_hosts_no_auth[i]) + ":" + str(https_ports_no_auth[i]) + + " for https server with no authentication with index " + str(i) + + " for https server address and port in file urls.") + print("Using up to " + str(num_ftp_servers) + " ftp servers, for each protocol for PNFs.") - print("Using up to " + str(num_http_servers) + " http servers, for each protocol for PNFs.") + print("Using up to " + str(num_http_servers) + + " http/https/https with no auth servers, for each protocol for PNFs.") def https_app(**kwargs): diff --git a/test/mocks/datafilecollector-testharness/simulator-group/README.md b/test/mocks/datafilecollector-testharness/simulator-group/README.md index 75abec9f1..98b26bc86 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/README.md +++ b/test/mocks/datafilecollector-testharness/simulator-group/README.md @@ -95,15 +95,15 @@ FILE_SIZE="1MB" #File size for FTP file (1KB, 1MB, 5MB, 50MB or AL FTP_TYPE="SFTP" #Type of FTP files to generate (SFTP, FTPES or ALL) If `FTP_TYPE` is set to `ALL`, both ftp servers will be populated with the same files. If set to `SFTP` or `FTPES` then only the server serving that protocol will be populated with files. -`HTTP_TYPE` for now is only prepared for `HTTP` protocol. `HTTPS` protocol will be served in the future +`HTTP_TYPE` is prepared for `HTTP` and `HTTPS` protocol. Note, thanks to configuration of http server, single action populates files for all HTTP/HTTPS server type. Run the script `docker-compose-setup.sh`to create a docker-compose with the desired settings. The desired setting in the script need to be manually adapted to for each specific simulator behavior according to the above. Check each simulator for available parameters. All simulators will be started with the generated docker-compose.yml file -To generate ftp/http url with IP different from localhost, set SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP env variables to the addreses of the ftp servers before starting. -So farm, this only works when the simulator python script is started from the command line. +To generate an ftp/http/https url with an IP different from localhost, set the SFTP_SIM_IP and/or FTPES_SIM_IP and/or HTTP_SIM_IP and/or HTTPS_SIM_IP and/or HTTPS_SIM_NO_AUTH_IP env variables to the address(es) of the ftp/http/https servers before starting. +So far, this only works when the simulator python script is started from the command line. Kill all the containers with `simulators-kill.se` diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json index f839e79be..76d6822a2 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json index 89a49070e..ddf0bbb36 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json index dbd41652b..43dc6a9c5 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json index fee8a0f79..bc9c9b1f6 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json new file mode 100644 index 000000000..960764ad8 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_HTTPS.json @@ -0,0 +1,36 @@ +{ + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.p12", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/p12.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.security.enableDmaapCertAuth": "false", + "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12", + "dmaap.dmaapConsumerConfiguration.consumerId": "C12", + "dmaap.dmaapConsumerConfiguration.timeoutMs": -1, + "sftp.security.strictHostKeyChecking": "true", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "user", + "log_url": "https://drsim:3907/feedlog/2", + "publish_url": "https://drsim:3907/publish/2", + "location": "loc00", + "password": "password", + "publisher_id": "972.360gm" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://mrsim:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT" + }, + "type": "message_router" + } + } +} diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json index 8ab143879..9f370391b 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json index 5a297d279..c5a5f843f 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json index 4e6b1fd25..bf65e85a8 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json index 599ad74e6..486d5ee44 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json index 8e96210bb..6509bcfdf 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json index 4b538987e..620d172e6 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json index f0fc2cba9..dfbecaa1e 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json @@ -1,8 +1,8 @@ { - "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", - "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", - "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", - "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.certificateConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.certificateConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.certificateConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.certificateConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh index ad45559eb..d5b36ec58 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-setup.sh @@ -1,4 +1,13 @@ #/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # Script for manually starting all simulators with test setting below # Matching json config is needed in CBS/Consul as well. Use consul_config.sh to add config to consul @@ -31,6 +40,8 @@ export BASIC_AUTH_PASSWORD=demo123456! export SFTP_SIMS="localhost:21,localhost:22,localhost:23,localhost:24,localhost:25" # Comma separated list for SFTP servers host:port export FTPES_SIMS="localhost:1022,localhost:1023,localhost:1024,localhost:1026,localhost:1026" # Comma separated list for FTPES servers host:port export HTTP_SIMS="localhost:81,localhost:82,localhost:83,localhost:84,localhost:85" # Comma separated list for HTTP servers host:port +export HTTPS_SIMS="localhost:444,localhost:445,localhost:446,localhost:447,localhost:448" # Comma separated list for HTTPS (enabling client certificate authorization and basic authorization) servers host:port +export HTTPS_SIMS_NO_AUTH="localhost:8081,localhost:8082,localhost:8083,localhost:8084,localhost:8085" # Comma separated list for HTTPS (with no authorization) servers host:port export DR_REDIR_SIM="localhost" # Hostname of DR redirect server diff --git a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml index c4ed2fec3..537012afb 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml +++ b/test/mocks/datafilecollector-testharness/simulator-group/docker-compose-template.yml @@ -78,6 +78,8 @@ services: SFTP_SIMS: ${SFTP_SIMS} FTPES_SIMS: ${FTPES_SIMS} HTTP_SIMS: ${HTTP_SIMS} + HTTPS_SIMS: ${HTTPS_SIMS} + HTTPS_SIMS_NO_AUTH: ${HTTPS_SIMS_NO_AUTH} NUM_FTP_SERVERS: ${NUM_FTP_SERVERS} NUM_HTTP_SERVERS: ${NUM_HTTP_SERVERS} MR_GROUPS: ${MR_GROUPS} @@ -228,47 +230,67 @@ services: depends_on: - tls-init-container - http-server0: + http-https-server0: networks: - dfcnet - container_name: dfc_http-server0 - image: http_httpd:latest + container_name: dfc_http-https-server0 + image: http_https_httpd:latest ports: - "81:80" + - "444:443" + - "8081:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server1: + http-https-server1: networks: - dfcnet - container_name: dfc_http-server1 - image: http_httpd:latest + container_name: dfc_http-https-server1 + image: http_https_httpd:latest ports: - "82:80" + - "445:443" + - "8082:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server2: + http-https-server2: networks: - dfcnet - container_name: dfc_http-server2 - image: http_httpd:latest + container_name: dfc_http-https-server2 + image: http_https_httpd:latest ports: - "83:80" + - "446:443" + - "8083:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server3: + http-https-server3: networks: - dfcnet - container_name: dfc_http-server3 - image: http_httpd:latest + container_name: dfc_http-https-server3 + image: http_https_httpd:latest ports: - "84:80" + - "447:443" + - "8084:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw - http-server4: + http-https-server4: networks: - dfcnet - container_name: dfc_http-server4 - image: http_httpd:latest + container_name: dfc_http-https-server4 + image: http_https_httpd:latest ports: - "85:80" + - "448:443" + - "8085:8080" restart: on-failure + volumes: + - ./../certservice/generated-certs/apache-pem:/usr/local/apache2/certs/:rw diff --git a/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh b/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh index fa56724bb..0021eca5e 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/prepare-images.sh @@ -1,4 +1,13 @@ #/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# #Script for manually preparing images for mr-sim, dr-sim, dr-redir-sim and sftp server. @@ -20,4 +29,4 @@ docker build -t ftpes_vsftpd:latest -f Dockerfile-ftpes . #Build image for http server cd ../http-https-server -docker build -t http_httpd:latest -f Dockerfile-http . +docker build -t http_https_httpd:latest -f Dockerfile-http-https . diff --git a/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh b/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh index 697850339..e53494392 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/simulators-kill.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# #Script to kill and remove all simulators docker logs dfc_mr-sim @@ -21,6 +30,7 @@ docker kill dfc_http-server1 docker kill dfc_http-server2 docker kill dfc_http-server3 docker kill dfc_http-server4 +docker kill oom-certservice-post-processor docker kill dfc_cbs docker kill dfc_consul @@ -38,11 +48,12 @@ docker rm dfc_ftpes-server-vsftpd1 docker rm dfc_ftpes-server-vsftpd2 docker rm dfc_ftpes-server-vsftpd3 docker rm dfc_ftpes-server-vsftpd4 -docker rm dfc_http-server0 -docker rm dfc_http-server1 -docker rm dfc_http-server2 -docker rm dfc_http-server3 -docker rm dfc_http-server4 +docker rm -f dfc_http-https-server0 +docker rm -f dfc_http-https-server1 +docker rm -f dfc_http-https-server2 +docker rm -f dfc_http-https-server3 +docker rm -f dfc_http-https-server4 +docker rm -f oom-certservice-post-processor docker rm dfc_cbs docker rm dfc_consul diff --git a/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh b/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh index 895949caa..f39f052a0 100755 --- a/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh +++ b/test/mocks/datafilecollector-testharness/simulator-group/simulators-start.sh @@ -1,4 +1,13 @@ #!/bin/bash +# +# Modifications copyright (C) 2021 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# set -x server_check() { for i in {1..10}; do @@ -12,16 +21,28 @@ server_check() { echo "Simulator " $1 " on localhost:$2$3 - no response" } -basic_auth_server_check() { +http_https_basic_server_check() { for i in {1..10}; do - res=$(curl -s -o /dev/null -w "%{http_code}" http://$BASIC_AUTH_LOGIN:$BASIC_AUTH_PASSWORD@localhost:$2$3) + res=$(curl $4 -s -o /dev/null -w "%{http_code}" "$3"://"$BASIC_AUTH_LOGIN":"$BASIC_AUTH_PASSWORD"@localhost:"$2") if [ $res -gt 199 ] && [ $res -lt 300 ]; then - echo "Simulator " $1 " on localhost:$2$3 responded ok" + echo "Simulator " "$1" " on localhost: ""$2"" responded ok" return fi sleep 1 done - echo "Simulator " $1 " on localhost:$2$3 - no response" + echo "Simulator " "$1" " on localhost:""$2"" - no response" +} + +http_https_server_check() { + for i in {1..10}; do + res=$(curl $4 -s -o /dev/null -w "%{http_code}" $3://localhost:$2) + if [ $res -gt 199 ] && [ $res -lt 300 ]; then + echo "Simulator " $1 " on localhost:$2 responded ok" + return + fi + sleep 1 + done + echo "Simulator " $1 " on localhost:$2 - no response" } server_check_https() { @@ -38,7 +59,7 @@ server_check_https() { ftpes_server_check() { for i in {1..10}; do - res=$(curl --silent --max-time 3 localhost:$2 2>&1 | grep vsFTPd) + res=$(curl --silent --max-time 3 ftp://localhost:$2 --ftp-ssl -v -k 2>&1 | grep vsFTPd) if ! [ -z "$res" ]; then echo "Simulator " $1 " on localhost:$2 responded ok" return @@ -50,7 +71,7 @@ ftpes_server_check() { sftp_server_check() { for i in {1..10}; do - res=$(curl --silent --max-time 3 localhost:$2 2>&1 | grep OpenSSH) + res=$(curl --silent --max-time 3 sftp://localhost:$2 -v -k 2>&1 | grep Connected) if ! [ -z "$res" ]; then echo "Simulator " $1 " on localhost:"$2" responded ok" return @@ -67,6 +88,11 @@ DOCKER_SIM_NWNAME="dfcnet" echo "Creating docker network $DOCKER_SIM_NWNAME, if needed" docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME +if [ -z "$SIM_GROUP" ] + then + export SIM_GROUP="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" +fi + if [ -z "$NUM_FTP_SERVERS" ] then export NUM_FTP_SERVERS=1 @@ -101,11 +127,11 @@ FTPES_SIM[1]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd1')" FTPES_SIM[2]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd2')" FTPES_SIM[3]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd3')" FTPES_SIM[4]="$(docker ps -q --filter='name=dfc_ftpes-server-vsftpd4')" -HTTP_SIM[0]="$(docker ps -q --filter='name=dfc_http-server0')" -HTTP_SIM[1]="$(docker ps -q --filter='name=dfc_http-server1')" -HTTP_SIM[2]="$(docker ps -q --filter='name=dfc_http-server2')" -HTTP_SIM[3]="$(docker ps -q --filter='name=dfc_http-server3')" -HTTP_SIM[4]="$(docker ps -q --filter='name=dfc_http-server4')" +HTTP_SIM[0]="$(docker ps -q --filter='name=dfc_http-https-server0')" +HTTP_SIM[1]="$(docker ps -q --filter='name=dfc_http-https-server1')" +HTTP_SIM[2]="$(docker ps -q --filter='name=dfc_http-https-server2')" +HTTP_SIM[3]="$(docker ps -q --filter='name=dfc_http-https-server3')" +HTTP_SIM[4]="$(docker ps -q --filter='name=dfc_http-https-server4')" CBS_SIM="$(docker ps -q --filter='name=dfc_cbs')" CONSUL_SIM="$(docker ps -q --filter='name=dfc_consul')" @@ -168,11 +194,26 @@ sftp_server_check "SFTP server 1" 1023 sftp_server_check "SFTP server 2" 1024 sftp_server_check "SFTP server 3" 1025 sftp_server_check "SFTP server 4" 1026 -basic_auth_server_check "HTTP server 0" 81 -basic_auth_server_check "HTTP server 1" 82 -basic_auth_server_check "HTTP server 2" 83 -basic_auth_server_check "HTTP server 3" 84 -basic_auth_server_check "HTTP server 4" 85 +http_https_basic_server_check "HTTP basic auth server 0" 81 http +http_https_basic_server_check "HTTP basic auth server 1" 82 http +http_https_basic_server_check "HTTP basic auth server 2" 83 http +http_https_basic_server_check "HTTP basic auth server 3" 84 http +http_https_basic_server_check "HTTP basic auth server 4" 85 http +http_https_basic_server_check "HTTPS basic auth server 0" 444 https -k +http_https_basic_server_check "HTTPS basic auth server 1" 445 https -k +http_https_basic_server_check "HTTPS basic auth server 2" 446 https -k +http_https_basic_server_check "HTTPS basic auth server 3" 447 https -k +http_https_basic_server_check "HTTPS basic auth server 4" 448 https -k +http_https_server_check "HTTPS client certificate authentication server 0" 444 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 1" 445 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 2" 446 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 3" 447 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS client certificate authentication server 4" 448 https "-k --cert ../certservice/generated-certs/apache-pem/keystore.pem --key ../certservice/generated-certs/apache-pem/key.pem" +http_https_server_check "HTTPS no auth server 0" 8081 https -k +http_https_server_check "HTTPS no auth server 1" 8082 https -k +http_https_server_check "HTTPS no auth server 2" 8083 https -k +http_https_server_check "HTTPS no auth server 3" 8084 https -k +http_https_server_check "HTTPS no auth server 4" 8085 https -k echo "" @@ -235,7 +276,7 @@ if [ -z "$HTTP_FILE_PREFIXES" ] HTTP_FILE_PREFIXES="A" fi -if [ $HTTP_TYPE = "ALL" ] || [ $HTTP_TYPE = "HTTP" ]; then +if [ $HTTP_TYPE = "ALL" ] || [ $HTTP_TYPE = "HTTP" ] || [ $HTTP_TYPE = "HTTPS" ]; then echo "Creating files for HTTP server, may take time...." p=0 while [ $p -lt $NUM_HTTP_SERVERS ]; do -- cgit 1.2.3-korg