diff options
22 files changed, 287 insertions, 94 deletions
@@ -7,10 +7,11 @@ More information about the project and all its functionalities you can find unde https://wiki.onap.org/display/DW/OOM+Certification+Service ``` -Project consists of three submodules: +Project consists of four submodules: 1. oom-certservice-api 2. oom-certservice-client 3. oom-certservice-post-processor +4. oom-certservice-k8s-external-provider Detailed information about submodules can be found in ```README.md``` in their directories. diff --git a/certService/pom.xml b/certService/pom.xml index 2c7b5d44..e3e98174 100644 --- a/certService/pom.xml +++ b/certService/pom.xml @@ -18,10 +18,10 @@ <parent> <groupId>org.onap.oom.platform.cert-service</groupId> <artifactId>oom-certservice</artifactId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> </parent> <artifactId>oom-certservice-api</artifactId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> <name>oom-certservice-api</name> <description>OOM Certification Service Api</description> <packaging>jar</packaging> diff --git a/certService/version.properties b/certService/version.properties index 3ad2137c..8d40756c 100644 --- a/certService/version.properties +++ b/certService/version.properties @@ -1,5 +1,5 @@ major=2 -minor=2 +minor=3 patch=0 base_version=${major}.${minor}.${patch} release_version=${base_version} diff --git a/certServiceClient/pom.xml b/certServiceClient/pom.xml index 9201b813..a99732eb 100644 --- a/certServiceClient/pom.xml +++ b/certServiceClient/pom.xml @@ -18,12 +18,12 @@ <parent> <artifactId>oom-certservice</artifactId> <groupId>org.onap.oom.platform.cert-service</groupId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>oom-certservice-client</artifactId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> <name>oom-certservice-client</name> <description>OOM Certification Service Api Client</description> <packaging>jar</packaging> diff --git a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java index 3f87be52..d050a2a3 100644 --- a/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java +++ b/certServiceClient/src/main/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactory.java @@ -36,7 +36,7 @@ import org.slf4j.LoggerFactory; public class CsrConfigurationFactory implements ConfigurationFactory<CsrConfiguration> { private static final Logger LOGGER = LoggerFactory.getLogger(CsrConfigurationFactory.class); - private static final String SANS_DELIMITER = ":"; + private static final String SANS_DELIMITER = ","; private final EnvsForCsr envsForCsr; private final ValidatorsFactory validatorsFactory; diff --git a/certServiceClient/src/test/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactoryTest.java b/certServiceClient/src/test/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactoryTest.java index 238b979d..cdcefe2e 100644 --- a/certServiceClient/src/test/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactoryTest.java +++ b/certServiceClient/src/test/java/org/onap/oom/certservice/client/configuration/factory/CsrConfigurationFactoryTest.java @@ -41,8 +41,8 @@ import static org.onap.oom.certservice.client.api.ExitStatus.CSR_CONFIGURATION_E public class CsrConfigurationFactoryTest { private static final String COMMON_NAME_VALID = "onap.org"; - private static final List<String> SANS_SPLITTED_VALID = List.of("test-name"); - private static final String SANS_VALID = "test-name"; + private static final List<String> SANS_SPLITTED_VALID = List.of("test-name", "test-name-1"); + private static final String SANS_VALID = "test-name,test-name-1"; private static final String COUNTRY_VALID = "US"; private static final String LOCATION_VALID = "San-Francisco"; private static final String ORGANIZATION_VALID = "Linux-Foundation"; diff --git a/certServiceClient/version.properties b/certServiceClient/version.properties index 3ad2137c..8d40756c 100644 --- a/certServiceClient/version.properties +++ b/certServiceClient/version.properties @@ -1,5 +1,5 @@ major=2 -minor=2 +minor=3 patch=0 base_version=${major}.${minor}.${patch} release_version=${base_version} diff --git a/certServiceK8sExternalProvider/README.md b/certServiceK8sExternalProvider/README.md index ee739a3f..9e2daa5e 100644 --- a/certServiceK8sExternalProvider/README.md +++ b/certServiceK8sExternalProvider/README.md @@ -67,9 +67,6 @@ filtered out from the Certificate Signing Request. - streetAddresses - postalCodes - isCa - - ipAddresses - - uris - - emails - duration - usages diff --git a/certServiceK8sExternalProvider/deploy/_certificate_example_.yaml b/certServiceK8sExternalProvider/deploy/_certificate_example_.yaml index e19e6351..e5226906 100644 --- a/certServiceK8sExternalProvider/deploy/_certificate_example_.yaml +++ b/certServiceK8sExternalProvider/deploy/_certificate_example_.yaml @@ -43,10 +43,16 @@ spec: - California organizationalUnits: - ONAP - # DNS SAN + # SANs dnsNames: - localhost - certissuer.onap.org + ipAddresses: + - "127.0.0.1" + uris: + - onap://cluster.local/ + emailAddresses: + - onap@onap.org # The reference to the CMPv2 issuer issuerRef: group: certmanager.onap.org diff --git a/certServiceK8sExternalProvider/deploy/_certificate_example_contains_not_supported_properties.yaml b/certServiceK8sExternalProvider/deploy/_certificate_example_contains_not_supported_properties.yaml index 37068435..aa33e98f 100644 --- a/certServiceK8sExternalProvider/deploy/_certificate_example_contains_not_supported_properties.yaml +++ b/certServiceK8sExternalProvider/deploy/_certificate_example_contains_not_supported_properties.yaml @@ -47,15 +47,15 @@ spec: postalCodes: #***NOT SUPPORTED BY CERT SERVICE API*** - 12-345 serialNumber: "12345" #***NOT SUPPORTED BY CERT SERVICE API*** - # DNS SAN + # SANs dnsNames: - localhost - certissuer.onap.org - ipAddresses: #***NOT SUPPORTED BY CERT SERVICE API*** + ipAddresses: - "127.0.0.1" - uris: #***NOT SUPPORTED BY CERT SERVICE API*** + uris: - onap://cluster.local/ - emailAddresses: #***NOT SUPPORTED BY CERT SERVICE API*** + emailAddresses: - onap@onap.org duration: 24h #***OVERRIDDEN BY CMPV2 SERVER*** renewBefore: 8h diff --git a/certServiceK8sExternalProvider/pom.xml b/certServiceK8sExternalProvider/pom.xml index a34ffc3f..22c4757e 100644 --- a/certServiceK8sExternalProvider/pom.xml +++ b/certServiceK8sExternalProvider/pom.xml @@ -5,7 +5,7 @@ <parent> <artifactId>oom-certservice</artifactId> <groupId>org.onap.oom.platform.cert-service</groupId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> @@ -15,8 +15,20 @@ <properties> <version.mvn-clean-plugin>3.1.0</version.mvn-clean-plugin> <version.mvn-golang-wrapper-plugin>2.3.5</version.mvn-golang-wrapper-plugin> + <sonar.go.coverage.reportPaths>bin/coverage.out</sonar.go.coverage.reportPaths> + <sonar.exclusions>**/*_test.go, **/testdata/*</sonar.exclusions> + <sonar-go-plugin.version>1.1.1.2000</sonar-go-plugin.version> </properties> + + <dependencies> + <dependency> + <groupId>org.sonarsource.go</groupId> + <artifactId>sonar-go-plugin</artifactId> + <version>${sonar-go-plugin.version}</version> + </dependency> + </dependencies> + <build> <!--Changing standard Maven project source structure to make it Go compatible--> <sourceDirectory>${basedir}</sourceDirectory> @@ -46,6 +58,17 @@ <extensions>true</extensions> <executions> <execution> + <id>coverage</id> + <goals> + <goal>test</goal> + </goals> + <configuration> + <testFlags> + <flag>-coverprofile=bin/coverage.out</flag> + </testFlags> + </configuration> + </execution> + <execution> <id>install</id> <goals> <goal>install</goal> diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go index 649ce47f..5eeaf2e6 100644 --- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go +++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger.go @@ -50,6 +50,9 @@ func logSupportedProperties(log leveledlogger.Logger, csr *x509.CertificateReque logSupportedMultiValueProperty(log, csr.Subject.Province, "state") logSupportedMultiValueProperty(log, csr.Subject.Locality, "location") logSupportedMultiValueProperty(log, csr.DNSNames, "dns names") + logSupportedMultiValueProperty(log, csr.EmailAddresses, "email addresses") + logSupportedMultiValueProperty(log, mapIpAddressesToText(csr.IPAddresses), "ipAddresses") + logSupportedMultiValueProperty(log, mapUrisToText(csr.URIs), "uris") } func logSupportedMultiValueProperty(log leveledlogger.Logger, values []string, propertyName string) { @@ -80,21 +83,6 @@ func extractUsages(usages []cmapi.KeyUsage) string { } func logPropertiesNotSupportedByCertService(log leveledlogger.Logger, request *cmapi.CertificateRequest, csr *x509.CertificateRequest) { - - //IP addresses in SANs - if len(csr.IPAddresses) > 0 { - log.Warning(getNotSupportedMessage("ipAddresses", extractIPAddresses(csr.IPAddresses))) - } - //URIs in SANs - if len(csr.URIs) > 0 { - log.Warning(getNotSupportedMessage("uris", extractURIs(csr.URIs))) - } - - //Email addresses in SANs - if len(csr.EmailAddresses) > 0 { - log.Warning(getNotSupportedMessage("emailAddresses", extractStringArray(csr.EmailAddresses))) - } - if request.Spec.IsCA == true { log.Warning(getNotSupportedMessage("isCA", strconv.FormatBool(request.Spec.IsCA))) } @@ -121,20 +109,20 @@ func extractStringArray(strArray []string) string { return values } -func extractURIs(URIs []*url.URL) string { - values := "" - for _, uri := range URIs { - values = values + uri.String() + ", " +func mapUrisToText(uris []*url.URL) []string { + urisAsText := make([]string, len(uris)) + for i, ipAddress := range uris { + urisAsText[i] = ipAddress.String() } - return values + return urisAsText } -func extractIPAddresses(addresses []net.IP) string { - values := "" - for _, ipAddress := range addresses { - values = values + ipAddress.String() + ", " +func mapIpAddressesToText(addresses []net.IP) []string { + ipsAsText := make([]string, len(addresses)) + for i, ipAddress := range addresses { + ipsAsText[i] = ipAddress.String() } - return values + return ipsAsText } func getSupportedMessage(property string, value string) string { diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go index 250fab8b..0b50980b 100644 --- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go +++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/certificate_request_logger_test.go @@ -40,7 +40,6 @@ import ( var unsupportedProperties = []string{ "* property 'duration'", "* property 'usages'", - "- property 'ipAddresses'", "- property 'isCA'", "- property 'subject.streetAddress'", "- property 'subject.postalCodes'", @@ -53,7 +52,11 @@ var supportedProperties = []string{ "+ property 'country'", "+ property 'state'", "+ property 'location'", - "+ property 'dns names'"} + "+ property 'dns names'", + "+ property 'ipAddresses'", + "+ property 'uris'", + "+ property 'email addresses'", + } const RESULT_LOG = "testdata/test_result.log" diff --git a/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go b/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go index c0f6f950..dcb255ea 100644 --- a/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go +++ b/certServiceK8sExternalProvider/src/cmpv2controller/logger/test_resource.go @@ -21,43 +21,44 @@ package logger const csrWithoutSkippedProperties = (`-----BEGIN CERTIFICATE REQUEST----- -MIIDETCCAfkCAQAwgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh +MIIDPTCCAiUCAQAwgYIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHEw1TYW4tRnJhbmNpc2NvMRkwFwYDVQQKExBMaW51eC1Gb3VuZGF0 aW9uMQ0wCwYDVQQLEwRPTkFQMRwwGgYDVQQDExNjZXJ0aXNzdWVyLm9uYXAub3Jn -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhQiSgyYGpEfX/HuCFwT -GHkLe1CheKz2CQzSP9an5BSdET1OgABmuJjtnXZzKpPAZCGJX2QTyDE9zvdTN0Ci -/8WRL/m2tWUPbt8qRVW36PSKazpB+ELZjQi3rmYtmWUlRuJNfLcksK59pcD5W46t -d9eettkex0FAcxpQE/ukhpW9r6QrmlQAQHuF1rBw6uJMGzFSPWh9XFLFbxZJyJCu -AIycvT95bgtot3EMPwGkxAYzxtAu6D5/n65nIZ0f9BuuNFtmnoHmn/9fPUnZHA0h -qP9kXAAU10S3gig+Na6DeZFBE1y9jCt4vmSq2ssBO24kOAHrg5GrqEsnfoSnu8Nb -sQIDAQABoEkwRwYJKoZIhvcNAQkOMTowODApBgNVHREEIjAggglsb2NhbGhvc3SC -E2NlcnRpc3N1ZXIub25hcC5vcmcwCwYDVR0PBAQDAgWgMA0GCSqGSIb3DQEBCwUA -A4IBAQAWkOeJHnmtlSvlb7HbBeSGY4E9M338sKtwV4ZSvH+n5rgwamkvjhUwhycs -UR0XgeAyD86kK6kkvVewdIanHYp1k7CuDZkU6piy8t4RhosyqUWQNWtemGYdNZCL -cgZ1Jbj4NdIZo2EKBIEbTrm9VFt1zidYRFNGNJp8RQQds6r4qATq1NKr6ptrLuIc -dzfOm1ZPtSn8u4H4+z1re6q18JeM0VPXBiXBtEXwQRXIEnsjCzYxdjy+QwbEmlpB -o2hMIamWNIbskYnNkaky8eQzjJ8uIesESeanWJlrMUbzicOwQeYMPmj+Mkn1nqlK -YFwml5XnVXXpGLHGWCswpN3CDyXi +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RKJGx0bXUz2hyWPssq5 +sZEOcC4ITkBWDx1b/g+abX1J2nTfKZK4JSRd1I/9Lz8LaiyuqacCzJ3vZ+IbvbwJ +HjTvzakbdQgbm7TSOH4zBXUp6lN92PT+RwM5PGcipi3vcC/eT4aMohEhHH1qkNCP +G7EC69hTnw3tyXX19euF/gAJwHeYNSHC6k2WwLYkYkkhRIndzv1vM8nBLb7C7JBE +aAO0fq1trVEoIYdz3tNWZWs+T+Vu8fATqm1rLzKOj3bQljRluFsegrRPR2oD9Th5 +AE5nmw948higVTlXcdeoW0MiAn6pWyHzcTKhBizm+Yp4bejqx8oq+Joq7u5nue/p +KQIDAQABoHUwcwYJKoZIhvcNAQkOMWYwZDBVBgNVHREETjBMgglsb2NhbGhvc3SC +E2NlcnRpc3N1ZXIub25hcC5vcmeBDW9uYXBAb25hcC5vcmeHBH8AAAGGFW9uYXA6 +Ly9jbHVzdGVyLmxvY2FsLzALBgNVHQ8EBAMCBaAwDQYJKoZIhvcNAQELBQADggEB +AI3LghPWW3P8zO5CiLIMYwbYbQt0nA0AA/iDzBh/HXE+owLXECffGhidC9oG8d1r +ZAL+fkjU1+hBSPyk8ZIeiPGi1NDL4h+65Cobv/D3O5PEDYui98FZSykrkcLCb3Qx +ga6ki+l3sQYP6sWyK6N1U7uX8t1g7IMbcpMO7rASNMDRWkYtlmJhit0Yd6YgvYuL +gqH+TRiUTvm6XKby5DaTK3lz7h78lqTxVcWHlxUGTvXAEF15cqbKGy9n/4y1LQUc +AhEFo/1MKDqMpG8FTw/EFMMzKQAXofeLGcWepXo1oDGHal8/3kYN+0c2cH4ZASp4 +N8j9VQMXik3mDiJWFtM0oWI= -----END CERTIFICATE REQUEST-----`) const csrWithSkippedProperties = (`-----BEGIN CERTIFICATE REQUEST----- -MIIDgjCCAmoCAQAwgaQxCzAJBgNVBAYTAlBMMRMwEQYDVQQIEwpEb2xueVNsYXNr -MRAwDgYDVQQHEwdXcm9jbGF3MREwDwYDVQQJEwhMb3RuaWN6YTEPMA0GA1UEERMG -MTItMzQ1MQ0wCwYDVQQKEwRPTkFQMQ0wCwYDVQQLEwRvbmFwMRwwGgYDVQQDExNj -ZXJ0aXNzdWVyLm9uYXAub3JnMQ4wDAYDVQQFEwUxMjM0NTCCASIwDQYJKoZIhvcN -AQEBBQADggEPADCCAQoCggEBAPdrWRYpdGY6A9YEQ8mnQdOW7wzdaNHJ83ZrMPZd -V7jBOMvQbTw6Oe/Q4vD+Dla7FmGqlAajNIgKRiUUQLKVmASELhCYhtW7Mn91qe6l -xuyPyOEi9o8mArJosFAfPPF0nm9FQPi2qHgyi6C52QR7cKsgNPflpKVsEx9Y+Zns -YBqkaX16BukvcHUANgsvZ3rLUVeiOsCi2ysVcsm+4XMvF6ejoqKJ9k7Ti0VrQtqh -e1nKlaa4uP3dreeUXBMLfKUS7QrNavpiX6wVaohVp6p/AYQ2HZurMv86Q2E5D5SC -ReEpVuWx+r4MI8dAHbYe09ntkRGIe8mVyxHHEWLNfZiwKGsCAwEAAaCBlzCBlAYJ -KoZIhvcNAQkOMYGGMIGDMFUGA1UdEQROMEyCCWxvY2FsaG9zdIITY2VydGlzc3Vl -ci5vbmFwLm9yZ4ENb25hcEBvbmFwLm9yZ4cEfwAAAYYVb25hcDovL2NsdXN0ZXIu -bG9jYWwvMAsGA1UdDwQEAwICBDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH -AwIwDQYJKoZIhvcNAQELBQADggEBAHDMw3+fVOrbVnMI2g/IP40vt1eenkoriTHX -dnjRRFio75nCNRJdLOJ9FU3wIgdDZwGaiXdn5NDQxCe0BWcbElDJSYR/xOi7V0AM -2L3CrRAOhr2MjwX7CaOuYWcVtrbtIMf26NLKRXYPlGgc6YeofalDnezMJ/IuRQhj -bcm17a8owa5dH9u/rmTmlrIT7PV4JHkZIogctIcSqod6xdr1mbi8G9DMFAqV+o7W -9kV7XDKhTqYoBIsXwfehNMu3lo72VuklIyVNiEVz4mVzpeZy2DgjRjCLt106yDHZ -f3nco6O4y2EyexBVKq6QRFfZDUab6YcoEVvPAio01RmFrHgnxHs= +MIIDaDCCAlACAQAwgboxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh +MRYwFAYDVQQHEw1TYW4tRnJhbmNpc2NvMRUwEwYDVQQJEwxzYW1wbGVTdHJlZXQx +DzANBgNVBBETBjEyLTM0NTEZMBcGA1UEChMQTGludXgtRm91bmRhdGlvbjENMAsG +A1UECxMET05BUDEcMBoGA1UEAxMTY2VydGlzc3Vlci5vbmFwLm9yZzEOMAwGA1UE +BRMFMTIzNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOsn9B8AmR +ZGcJ/b2pp+oeA0jQgr7wnJeDCWzF7v5k6vBSeladlERVTCBaWO5SSSVDqrhidnvv ++FpxG6LeN+Y/KQn/Hk8pQSoht3yZaTgQV352nOysIr/tI4QUwahAXH8RwvyS4CHJ +vy1n/cJlvdiymC9z61dUx4DyHsMlZMRTldiFIs0/VKtgPPZ3hxMT1NJjg9dmyJhm +RCZOn/cj1laIW6ie/BQJuXINf8VT3bl4mYkfc7yvrj7V3aMWKuzbr8/yMo9fpHqd +gGQIqtmDOWOHkawkEAPqpeFLdryXcfFEFsy9iJHbr4N/5FKj4lbUaS4aVA04oigl +RUKM8bE5uQUHAgMBAAGgaDBmBgkqhkiG9w0BCQ4xWTBXMCkGA1UdEQQiMCCCCWxv +Y2FsaG9zdIITY2VydGlzc3Vlci5vbmFwLm9yZzALBgNVHQ8EBAMCAgQwHQYDVR0l +BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQACQMf4 +OcJHOD1AWmIXy5G0VYUs2qogrSX0BEWWuXRGt9vicUmesgf9YLHNlg5dOujJmEIP +HKkks1uy5dNXMlKAZ3i1TSaVhoFap5jZiXmfKfRXb5ImL3e5146hr+1dqRnPA7rR +4fjjz8B7HeO2TiWu2xgJnyuPHKOwalSOYhVljpEE2hjs064Vc2yovj2FcYdPbfc2 +gFQqkUSBrviuzxhK63fWtMGStv/kSc3cEylDzV45LLIUCVFKzKaqXiG8MCQjhtFI +2ve5+9NJxPQ3SqBKUuRoTHYBC3YppY/QagepVlENeDomvku8iS2FSkkOxGspbhla +7uR7K5JP5H9jLQbj -----END CERTIFICATE REQUEST-----`) diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go index e89eb1f4..be15e832 100644 --- a/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go +++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/cmpv2_provisioner.go @@ -101,7 +101,7 @@ func (ca *CertServiceCA) Sign( if err != nil { return nil, nil, err } - log.Debug("Filtered out CSR PEM: ", "bytes", csrBytes) + log.Debug("Filtered out CSR PEM: ", "bytes", filteredCsrBytes) response, err := ca.certServiceClient.GetCertificates(filteredCsrBytes, privateKeyBytes) if err != nil { diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go index 1a86866b..583d533e 100644 --- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go +++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr.go @@ -45,6 +45,9 @@ func FilterFieldsFromCSR(csrBytes []byte, privateKeyBytes []byte) ([]byte, error filteredCsr, err := x509.CreateCertificateRequest(rand.Reader, &x509.CertificateRequest{ Subject: filteredSubject, DNSNames: csr.DNSNames, + IPAddresses: csr.IPAddresses, + URIs: csr.URIs, + EmailAddresses: csr.EmailAddresses, }, key) if err != nil { return nil, err diff --git a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go index 08fb5538..ff9a799a 100644 --- a/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go +++ b/certServiceK8sExternalProvider/src/cmpv2provisioner/csr/csr_test.go @@ -75,6 +75,9 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi filteredCsr := parseCsrBytes(filteredCsrBytes) assert.Equal(t, originalCsr.DNSNames, filteredCsr.DNSNames) + assert.Equal(t, originalCsr.URIs, filteredCsr.URIs) + assert.Equal(t, originalCsr.EmailAddresses, filteredCsr.EmailAddresses) + assert.Equal(t, originalCsr.IPAddresses, filteredCsr.IPAddresses) assert.Equal(t, originalCsr.PublicKey, filteredCsr.PublicKey) assert.Equal(t, originalCsr.PublicKeyAlgorithm, filteredCsr.PublicKeyAlgorithm) assert.Equal(t, originalCsr.SignatureAlgorithm, filteredCsr.SignatureAlgorithm) @@ -88,9 +91,6 @@ func assertNotFilteredFieldsNotChanged(t *testing.T, originalCsrBytes []byte, fi func assertFilteredFieldsEmpty(t *testing.T, csrBytes []byte) { csr := parseCsrBytes(csrBytes) - assert.Nil(t, csr.URIs) - assert.Nil(t, csr.EmailAddresses) - assert.Nil(t, csr.IPAddresses) assert.Nil(t, csr.Subject.PostalCode) assert.Equal(t, "", csr.Subject.SerialNumber) assert.Nil(t, csr.Subject.StreetAddress) diff --git a/certServicePostProcessor/pom.xml b/certServicePostProcessor/pom.xml index 0e3e1608..bd79d85d 100644 --- a/certServicePostProcessor/pom.xml +++ b/certServicePostProcessor/pom.xml @@ -5,12 +5,12 @@ <parent> <artifactId>oom-certservice</artifactId> <groupId>org.onap.oom.platform.cert-service</groupId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> </parent> <modelVersion>4.0.0</modelVersion> <artifactId>oom-certservice-post-processor</artifactId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> <name>oom-certservice-post-processor</name> <description>An application which conducts certificate post-processing like: merging truststores, copying keystores.</description> <packaging>jar</packaging> diff --git a/compose-resources/entityprofile_Custom_EndEntity-1356531849.xml b/compose-resources/entityprofile_Custom_EndEntity-1356531849.xml index 19d872fe..ec51a80d 100644 --- a/compose-resources/entityprofile_Custom_EndEntity-1356531849.xml +++ b/compose-resources/entityprofile_Custom_EndEntity-1356531849.xml @@ -60,19 +60,19 @@ <int>1</int> </void> <void method="add"> - <int>0</int> + <int>3</int> </void> <void method="add"> <int>3</int> </void> <void method="add"> - <int>0</int> + <int>3</int> </void> <void method="add"> <int>0</int> </void> <void method="add"> - <int>0</int> + <int>3</int> </void> <void method="add"> <int>0</int> @@ -354,6 +354,33 @@ <void method="add"> <int>1802</int> </void> + <void method="add"> + <int>1700</int> + </void> + <void method="add"> + <int>1701</int> + </void> + <void method="add"> + <int>1702</int> + </void> + <void method="add"> + <int>1900</int> + </void> + <void method="add"> + <int>1901</int> + </void> + <void method="add"> + <int>1902</int> + </void> + <void method="add"> + <int>2100</int> + </void> + <void method="add"> + <int>2101</int> + </void> + <void method="add"> + <int>2102</int> + </void> </object> </void> <void method="put"> @@ -570,7 +597,7 @@ </void> <void method="put"> <int>37</int> - <string>-1501801709</string> + <string>-29939301</string> </void> <void method="put"> <int>20037</int> @@ -932,5 +959,149 @@ <int>30218</int> <boolean>true</boolean> </void> + <void method="put"> + <int>17</int> + <string></string> + </void> + <void method="put"> + <int>20017</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10017</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30017</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>117</int> + <string></string> + </void> + <void method="put"> + <int>20117</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10117</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30117</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>217</int> + <string></string> + </void> + <void method="put"> + <int>20217</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10217</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>30217</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>19</int> + <string></string> + </void> + <void method="put"> + <int>20019</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10019</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30019</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>119</int> + <string></string> + </void> + <void method="put"> + <int>20119</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10119</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30119</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>219</int> + <string></string> + </void> + <void method="put"> + <int>20219</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10219</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30219</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>21</int> + <string></string> + </void> + <void method="put"> + <int>20021</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10021</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30021</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>121</int> + <string></string> + </void> + <void method="put"> + <int>20121</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10121</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30121</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>221</int> + <string></string> + </void> + <void method="put"> + <int>20221</int> + <boolean>false</boolean> + </void> + <void method="put"> + <int>10221</int> + <boolean>true</boolean> + </void> + <void method="put"> + <int>30221</int> + <boolean>true</boolean> + </void> </object> </java> diff --git a/docs/sections/usage.rst b/docs/sections/usage.rst index e4a75444..48570992 100644 --- a/docs/sections/usage.rst +++ b/docs/sections/usage.rst @@ -31,7 +31,7 @@ CertService client needs the following configuration parameters to work properly - LOCATION *(optional)* - Location for which certificate from CMPv2 server should be issued - STATE *(required)* - State for which certificate from CMPv2 server should be issued - COUNTRY *(required)* - Country for which certificate from CMPv2 server should be issued - - SANS *(optional)(SANS's should be separated by a colon e.g. test.onap.org:onap.com)* - Subject Alternative Names (SANs) for which certificate from CMPv2 server should be issued. + - SANS *(optional)(SANS's should be separated by a comma e.g. test.onap.org,onap.com)* - Subject Alternative Names (SANs) for which certificate from CMPv2 server should be issued. 3. Parameters to establish secure communication to CertService: @@ -71,7 +71,7 @@ To run CertService client as standalone docker container execute following steps LOCATION=San-Francisco STATE=California COUNTRY=US - SANS=test.onap.org:onap.com + SANS=test.onap.org,onap.com #TLS config envs KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks @@ -23,7 +23,7 @@ </parent> <groupId>org.onap.oom.platform.cert-service</groupId> <artifactId>oom-certservice</artifactId> - <version>2.2.0-SNAPSHOT</version> + <version>2.3.0-SNAPSHOT</version> <name>oom-certservice</name> <description>OOM Certification Service</description> <packaging>pom</packaging> diff --git a/version.properties b/version.properties index 3ad2137c..8d40756c 100644 --- a/version.properties +++ b/version.properties @@ -1,5 +1,5 @@ major=2 -minor=2 +minor=3 patch=0 base_version=${major}.${minor}.${patch} release_version=${base_version} |