From f2cd4acee77c76f28ab17852c1817d854bf036ce Mon Sep 17 00:00:00 2001 From: Remigiusz Janeczek Date: Tue, 14 Jul 2020 09:33:25 +0200 Subject: Add sftp strict host key checking to DFC consul configs Issue-ID: DCAEGEN2-2219 Signed-off-by: Remigiusz Janeczek Change-Id: I93b673bc947edaeff57a19bda822f6ed70521b87 --- .../simulator-group/consul/c12_feed1_PM.json | 1 + .../consul/c12_feed1_PM_feed2_CTR.json | 1 + .../simulator-group/consul/c12_feed2_CTR.json | 1 + .../consul/c12_feed2_CTR_feed3_LOG_TEMP.json | 1 + .../simulator-group/consul/c12_feed2_PM.json | 1 + .../simulator-group/consul/c12_feed2_PM_MEAS.json | 1 + ..._feed2_PM_MEAS_no_strict_host_key_checking.json | 33 ++++++++++++++++++++++ .../consul/c12_feed2_PM_secureMR.json | 1 + .../simulator-group/consul/c12_feed3_PM_CTR.json | 1 + .../simulator-group/consul/c13_feed2_CTR.json | 1 + .../simulator-group/consul/c14_feed3_LOG.json | 1 + .../consul/c15_feed1_PM_feed4_TEST.json | 1 + .../consul/c16_feed4_TEST_feed5_TEMP.json | 1 + 13 files changed, 45 insertions(+) create mode 100644 test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json (limited to 'test/mocks') diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json index 787e6c607..2defeb0c0 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json index c7115179b..dea4e2e39 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed1_PM_feed2_CTR.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json index bc21a968e..2cdb656e7 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_subscribes": { "dmaap_subscriber": { "dmaap_info": { diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json index 90ddc258b..8d76b43ea 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_CTR_feed3_LOG_TEMP.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "CTR_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json index d54b9e50c..8243dddb9 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json index b1e894011..d041852d1 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json new file mode 100644 index 000000000..2b0defbf3 --- /dev/null +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json @@ -0,0 +1,33 @@ +{ + "dmaap.ftpesConfig.keyCert": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.ftpesConfig.keyPasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.ftpesConfig.trustedCa": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.ftpesConfig.trustedCaPasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.trustStorePath": "/opt/app/datafile/etc/cert/trust.jks", + "dmaap.security.trustStorePasswordPath": "/opt/app/datafile/etc/cert/trust.pass", + "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", + "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", + "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "false", + "streams_publishes": { + "PM_MEAS_FILES": { + "type": "data_router", + "dmaap_info": { + "username": "user", + "log_url": "https://drsim:3907/feedlog/2", + "publish_url": "https://drsim:3907/publish/2", + "location": "loc00", + "password": "password", + "publisher_id": "972.360gm" + } + } + }, + "streams_subscribes": { + "dmaap_subscriber": { + "dmaap_info": { + "topic_url": "http://dradmin:dradmin@mrsim:2222/events/unauthenticated.VES_NOTIFICATION_OUTPUT/OpenDcae-c12/C12" + }, + "type": "message_router" + } + } +} diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json index 82c2f5807..ace7cbbc3 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed2_PM_secureMR.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json index 6d3f205d2..2fe61ee0e 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c12_feed3_PM_CTR.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json index 9841a241b..27d3eb87e 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c13_feed2_CTR.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "CTR_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json index c76974f8d..0bbd15901 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c14_feed3_LOG.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "LOG_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json index 3f43b6756..6fac2c236 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c15_feed1_PM_feed4_TEST.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json index 5afee1b4c..7d0d9e0d6 100644 --- a/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json +++ b/test/mocks/datafilecollector-testharness/simulator-group/consul/c16_feed4_TEST_feed5_TEMP.json @@ -8,6 +8,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "TEST_FILES": { "type": "data_router", -- cgit 1.2.3-korg