From 968cd1f0e8a4b5487933d1e7c2d0049720464d8c Mon Sep 17 00:00:00 2001
From: Petr OspalĂ˝
Date: Fri, 20 Sep 2019 05:51:37 +0200
Subject: Add support for HTTPS in sanity tests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If 'disableHttp' is enabled then HTTP ports are replaced with HTTPS ports.
Also added the latest trustore with AAF issuer. And because certs for SDC
components have CN set to "sdc" - environment json must have the domain
names correctly too...it will not work with plain IPs.
The changes have been tested from CSIT perspective so if something is
missing here or wrong then it is due to the fact that I was focusing on
bringing https support to the same level as are http tests and there is
also the fact that I do not know SDC component at all.
The changes are also done in a manner of previous ones - hacked on top of
the current codebase, which is in dire need of a rewrite:
- duplicated trustores and other artifacts
- duplicated scripts and/or similar script with small differences
- ui tests use old ubuntu image vs api tests on alpine
- chef codebase is very messy and I see no benefit in the current usage
Issue-ID: SDC-2564
Signed-off-by: Petr OspalĂ˝
Change-Id: I32e0fb7723ab8489eb09372d410c6f34aaf7cfc8
---
test-apis-ci/sdc-api-tests/Dockerfile | 10 ++++++++++
.../files/default/org.onap.sdc.trust.jks | Bin 0 -> 1413 bytes
.../sdc-api-tests/files/default/startTest.sh | 4 ++++
.../recipes/sanityApiTests_1_setup_env.rb | 17 ++++++++++++++++-
.../recipes/sanityApiTests_2_setup_configuration.rb | 4 ++--
.../templates/default/sdc-sanity.yaml.erb | 15 ++++++++++-----
test-apis-ci/sdc-api-tests/startup.sh | 19 +++++++++++++++++++
7 files changed, 61 insertions(+), 8 deletions(-)
create mode 100644 test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks
(limited to 'test-apis-ci')
diff --git a/test-apis-ci/sdc-api-tests/Dockerfile b/test-apis-ci/sdc-api-tests/Dockerfile
index 396e6ebcd4..edf939f43e 100644
--- a/test-apis-ci/sdc-api-tests/Dockerfile
+++ b/test-apis-ci/sdc-api-tests/Dockerfile
@@ -1,5 +1,15 @@
FROM onap/base_sdc-sanity:1.4.1
+# install packages
+RUN \
+ apk update \
+ && \
+ apk add --no-cache \
+ jq \
+ openssl \
+ && \
+ rm -rf /var/cache/apk/*
+
COPY chef-solo /root/chef-solo/
COPY chef-repo/cookbooks/. /root/chef-solo/cookbooks/
diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks
new file mode 100644
index 0000000000..d07ce1a66b
Binary files /dev/null and b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/org.onap.sdc.trust.jks differ
diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh
index 23a1d3fa95..562bfe4ffc 100644
--- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh
+++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/files/default/startTest.sh
@@ -4,6 +4,10 @@ RERUN=false
debug_port=8000
TEST_SUITES=testSuites
fileName=testng-failed.xml
+JAVA_OPTIONS="${JAVA_OPTIONS} \
+ -Djavax.net.ssl.trustStore=/var/lib/tests/etc/org.onap.sdc.trust.jks \
+ -Dtestng.show.stack.frames=true \
+ "
function help_usage ()
{
diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb
index 112cc4c2e7..61d0133888 100644
--- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb
+++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_1_setup_env.rb
@@ -46,4 +46,19 @@ tests_base="/var/lib/tests"
group 'root'
mode '0755'
action :create
- end
\ No newline at end of file
+ end
+
+ directory "create_etc_dir" do
+ path "/var/lib/tests/etc"
+ owner 'root'
+ group 'root'
+ mode '0755'
+ action :create
+ end
+
+cookbook_file "/var/lib/tests/etc/org.onap.sdc.trust.jks" do
+ source "org.onap.sdc.trust.jks"
+ owner "root"
+ group "root"
+ mode 0644
+end
\ No newline at end of file
diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb
index 782bba249d..e90fa87e02 100644
--- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb
+++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/recipes/sanityApiTests_2_setup_configuration.rb
@@ -8,9 +8,9 @@ template "sdc-yaml-config" do
mode "0755"
variables ({
:target_path => "#{tests_base}/target",
- :catalogBE_ip => node['Nodes']['BE'],
+ :catalogBE_host => node['Nodes']['BE'],
:catalogBE_port => node['BE'][:http_port],
- :webportal_ip => node['Nodes']['FE'],
+ :webportal_host => node['Nodes']['FE'],
:webportal_port => node['FE'][:http_port],
:janusgraph_file => "#{tests_base}/conf/janusgraph.properties",
:tests_base_ci => "#{tests_base}/CI/tests",
diff --git a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb
index ce20180d63..4185e3fee9 100644
--- a/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb
+++ b/test-apis-ci/sdc-api-tests/chef-repo/cookbooks/sdc-api-tests/templates/default/sdc-sanity.yaml.erb
@@ -2,17 +2,22 @@ outputFolder: <%= @target_path %>
reportName: index.html
esHost: eshost
disributionClientHost: disClient
-catalogFeHost: <%= @webportal_ip %>
-catalogFePort: <%= @webportal_port %>
-catalogBeHost: <%= @catalogBE_ip %>
-catalogBePort: <%= @catalogBE_port %>
-onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %>
<% if node[:disableHttp] -%>
sdcHttpMethod: https
onboardingBePort: <%= node['ONBOARDING_BE'][:https_port] %>
+onboardingBeHost: <%= node['ONBOARDING_BE'][:domain_name] %>
+catalogBeHost: <%= node['BE'][:domain_name] %>
+catalogBePort: <%= node['BE'][:https_port] %>
+catalogFeHost: <%= node['FE'][:domain_name] %>
+catalogFePort: <%= node['FE'][:https_port] %>
<% else %>
sdcHttpMethod: http
onboardingBePort: <%= node['ONBOARDING_BE'][:http_port] %>
+onboardingBeHost: <%= node['ONBOARDING_BE_VIP'] %>
+catalogFeHost: <%= @webportal_host %>
+catalogFePort: <%= @webportal_port %>
+catalogBeHost: <%= @catalogBE_host %>
+catalogBePort: <%= @catalogBE_port %>
<% end -%>
disributionClientPort: 8181
esPort: 9200
diff --git a/test-apis-ci/sdc-api-tests/startup.sh b/test-apis-ci/sdc-api-tests/startup.sh
index 80faeeac2e..7b102cadfd 100644
--- a/test-apis-ci/sdc-api-tests/startup.sh
+++ b/test-apis-ci/sdc-api-tests/startup.sh
@@ -1,5 +1,24 @@
#!/bin/bash
+# prepare env for HTTPS if used
+
+is_https=$(cat /root/chef-solo/environments/${ENVNAME}.json | \
+ jq -cr '.default_attributes.disableHttp' | \
+ tr '[:upper:]' '[:lower:]')
+
+if [ "$is_https" = true ] ; then
+ # setup /etc/hosts
+ SDC_FE_IP=$(cat /root/chef-solo/environments/${ENVNAME}.json | \
+ jq -cr '.default_attributes.Nodes.FE')
+ SDC_FE_HOSTNAME=$(cat /root/chef-solo/environments/${ENVNAME}.json | \
+ jq -cr '.override_attributes.FE.domain_name')
+ if ! grep -q "^[[:space:]]*${SDC_FE_IP}[[:space:]]" ; then
+ echo "${SDC_FE_IP}" "${SDC_FE_HOSTNAME}" >> /etc/hosts
+ fi
+fi
+
+# run tests
+
cd /root/chef-solo
chef-solo -c solo.rb -E ${ENVNAME}
--
cgit 1.2.3-korg