summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com>2022-03-02 12:23:04 +0100
committerMorgan Richomme <morgan.richomme@orange.com>2022-03-15 09:55:25 +0000
commit93b32fa69f35af6a8751ce8ac9d2d8ec7740e283 (patch)
treebec7efe1889cbd47dc61291f375b2e4f5f16ada8
parent644abb6035ca5200311f91c5f8a95c0c44c651d0 (diff)
[ROBOT] ADD CMPv2 test cases that use helm based components
Add CMPv2 helm based test cases Signed-off-by: Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com> Issue-ID: INT-1895 Change-Id: Ifbbf80452cd4b65e4b5df5586bfc72c1ecaac731
-rw-r--r--robot/assets/cmpv2/blueprintTemplate.json12
-rw-r--r--robot/assets/cmpv2/k8s-mongo-ves-client.yaml37
-rw-r--r--robot/assets/cmpv2/k8s-mongo.yaml37
-rw-r--r--robot/assets/cmpv2/k8s-pnf-simulator.yaml73
-rw-r--r--robot/assets/cmpv2/k8s-ves-client.yaml75
-rw-r--r--robot/assets/cmpv2/ves_client_values_aaf.yaml31
-rw-r--r--robot/assets/cmpv2/ves_client_values_basic.yaml14
-rw-r--r--robot/assets/cmpv2/ves_client_values_cmpv2.yaml18
-rw-r--r--robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml55
-rw-r--r--robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml53
-rw-r--r--robot/assets/helm/ves-client/Chart.yaml37
-rw-r--r--robot/assets/helm/ves-client/resources/cert.p120
-rw-r--r--robot/assets/helm/ves-client/resources/p12.pass1
-rw-r--r--robot/assets/helm/ves-client/resources/trust.jks0
-rw-r--r--robot/assets/helm/ves-client/resources/truststore.pass1
-rw-r--r--robot/assets/helm/ves-client/templates/_helpers.tpl175
-rw-r--r--robot/assets/helm/ves-client/templates/certificate.yaml28
-rw-r--r--robot/assets/helm/ves-client/templates/deployment.yaml21
-rw-r--r--robot/assets/helm/ves-client/templates/secret.yaml7
-rw-r--r--robot/assets/helm/ves-client/templates/service.yaml15
-rw-r--r--robot/assets/helm/ves-client/values.yaml133
-rw-r--r--robot/resources/chart_museum.robot22
-rw-r--r--robot/resources/test_templates/cmpv2.robot46
-rw-r--r--robot/resources/usecases/5gbulkpm_helm_interface.robot8
-rw-r--r--robot/testsuites/cmpv2.robot76
25 files changed, 640 insertions, 335 deletions
diff --git a/robot/assets/cmpv2/blueprintTemplate.json b/robot/assets/cmpv2/blueprintTemplate.json
deleted file mode 100644
index f3b87e7d..00000000
--- a/robot/assets/cmpv2/blueprintTemplate.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
- "asdcResourceId": "",
- "asdcServiceId": "",
- "asdcServiceURL": "",
- "blueprintTemplate": "",
- "owner": "robot",
- "serviceIds": [],
- "serviceLocations": [],
- "typeName": "",
- "typeVersion": 100,
- "vnfTypes": []
-}
diff --git a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml b/robot/assets/cmpv2/k8s-mongo-ves-client.yaml
deleted file mode 100644
index 42523993..00000000
--- a/robot/assets/cmpv2/k8s-mongo-ves-client.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'mongo'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- service_component_type:
- type: string
- default: "mongo-ves-client"
- service_component_name_override:
- type: string
- default: "mongo-ves-client"
-node_templates:
- mongo:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- MONGO_INITDB_ROOT_USERNAME: root
- MONGO_INITDB_ROOT_PASSWORD: zXcVbN123!
- MONGO_INITDB_DATABASE: pnf_simulator
- ports:
- - '27017:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
diff --git a/robot/assets/cmpv2/k8s-mongo.yaml b/robot/assets/cmpv2/k8s-mongo.yaml
deleted file mode 100644
index 010eb65c..00000000
--- a/robot/assets/cmpv2/k8s-mongo.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'mongo'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- service_component_type:
- type: string
- default: "mongo"
- service_component_name_override:
- type: string
- default: "mongo"
-node_templates:
- mongo:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- MONGO_INITDB_ROOT_USERNAME: root
- MONGO_INITDB_ROOT_PASSWORD: zXcVbN123!
- MONGO_INITDB_DATABASE: pnf_simulator
- ports:
- - '27017:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
diff --git a/robot/assets/cmpv2/k8s-pnf-simulator.yaml b/robot/assets/cmpv2/k8s-pnf-simulator.yaml
deleted file mode 100644
index 89e838b9..00000000
--- a/robot/assets/cmpv2/k8s-pnf-simulator.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'nexus3.onap.org:10001/onap/org.onap.integration.simulators.pnfsimulator:latest'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- external_cert_cert_type:
- type: string
- description: Output type
- default: 'P12'
- external_cert_ca_name:
- type: string
- description: Name of Certificate Authority configured on CertService side.
- default: 'RA'
- external_cert_common_name:
- type: string
- description: Common name which should be present in certificate.
- default: 'pnf-simulator'
- external_cert_sans:
- type: string
- description: 'List of Subject Alternative Names (SANs) which should be present
- in certificate. Delimiter - , Should contain common_name value and other FQDNs
- under which given component is accessible.'
- default: 'pnf-simulator'
- external_cert_use_external_tls:
- type: boolean
- description: Flag to indicate external tls enable/disable.
- default: true
- service_component_type:
- type: string
- default: "pnf-simulator"
- service_component_name_override:
- type: string
- default: "pnf-simulator"
-node_templates:
- pnf-simulator:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- STRICT_HOSTNAME_VERIFICATION: 'true'
- ports:
- - '5000:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
- always_pull_image: true
- tls_info:
- cert_directory: '/app/store/'
- external_cert:
- external_cert_directory: '/app/store/'
- use_external_tls:
- get_input: external_cert_use_external_tls
- cert_type:
- get_input: external_cert_cert_type
- ca_name:
- get_input: external_cert_ca_name
- external_certificate_parameters:
- common_name:
- get_input: external_cert_common_name
- sans:
- get_input: external_cert_sans
diff --git a/robot/assets/cmpv2/k8s-ves-client.yaml b/robot/assets/cmpv2/k8s-ves-client.yaml
deleted file mode 100644
index cfb5fd53..00000000
--- a/robot/assets/cmpv2/k8s-ves-client.yaml
+++ /dev/null
@@ -1,75 +0,0 @@
-tosca_definitions_version: cloudify_dsl_1_3
-imports:
- - 'http://www.getcloudify.org/spec/cloudify/4.5.5/types.yaml'
- - 'plugin:k8splugin?version=>=3.4.2,<4.0.0'
-inputs:
- tag_version:
- type: string
- description: Docker image to be used
- default: 'nexus3.onap.org:10001/onap/org.onap.integration.nfsimulator.vesclient:latest'
- replicas:
- type: integer
- description: Number of instances
- default: 1
- external_cert_cert_type:
- type: string
- description: Output type
- default: 'P12'
- external_cert_ca_name:
- type: string
- description: Name of Certificate Authority configured on CertService side.
- default: 'RA'
- external_cert_common_name:
- type: string
- description: Common name which should be present in certificate.
- default: 'ves-client'
- external_cert_sans:
- type: string
- description: 'List of Subject Alternative Names (SANs) which should be present
- in certificate. Delimiter - , Should contain common_name value and other FQDNs
- under which given component is accessible.'
- default: 'ves-client'
- external_cert_use_external_tls:
- type: boolean
- description: Flag to indicate external tls enable/disable.
- default: true
- service_component_type:
- type: string
- default: "ves-client"
- service_component_name_override:
- type: string
- default: "ves-client"
-node_templates:
- ves-client:
- type: dcae.nodes.ContainerizedServiceComponent
- interfaces:
- cloudify.interfaces.lifecycle:
- start:
- inputs:
- envs:
- STRICT_HOSTNAME_VERIFICATION: 'true'
- MONGO_HOSTNAME:
- concat: ["mongo-", {get_input: service_component_name_override}]
- ports:
- - '5000:0'
- properties:
- service_component_type: { get_input: service_component_type }
- service_component_name_override: { get_input: service_component_name_override }
- image: { get_input: tag_version }
- replicas: { get_input: replicas }
- always_pull_image: true
- tls_info:
- cert_directory: '/app/store/'
- external_cert:
- external_cert_directory: '/app/store/'
- use_external_tls:
- get_input: external_cert_use_external_tls
- cert_type:
- get_input: external_cert_cert_type
- ca_name:
- get_input: external_cert_ca_name
- external_certificate_parameters:
- common_name:
- get_input: external_cert_common_name
- sans:
- get_input: external_cert_sans
diff --git a/robot/assets/cmpv2/ves_client_values_aaf.yaml b/robot/assets/cmpv2/ves_client_values_aaf.yaml
new file mode 100644
index 00000000..09661297
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_aaf.yaml
@@ -0,0 +1,31 @@
+certMethod: "aaf"
+
+fullnameOverride: "ves-client-aaf"
+secretName: ves-client-secret-aaf
+configMapName: ves-client-configmap-aaf
+certificateName: ves-client-certificate-aaf
+
+config:
+ useCerts: true
+ mongoDbName: ves-client-db-aaf
+
+mongodb:
+ fullnameOverride: "ves-client-db-aaf"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-aaf
+
+certificates:
+ name: ves-client-cert-aaf
+ secretName: ves-client-secret-aaf
+ keystores:
+ jks:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-aaf
+ key: p12.pass
+ pkcs12:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-aaf
+ key: p12.pass
diff --git a/robot/assets/cmpv2/ves_client_values_basic.yaml b/robot/assets/cmpv2/ves_client_values_basic.yaml
new file mode 100644
index 00000000..157136f2
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_basic.yaml
@@ -0,0 +1,14 @@
+fullnameOverride: "ves-client-basic"
+secretName: "ves-client-secret-basic"
+configMapName: "ves-client-configmap-basic"
+certificateName: "ves-client-certificate-basic"
+
+config:
+ useCerts: false
+ mongoDbName: ves-client-db-basic
+
+mongodb:
+ fullnameOverride: "ves-client-db-basic"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-basic
diff --git a/robot/assets/cmpv2/ves_client_values_cmpv2.yaml b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml
new file mode 100644
index 00000000..f6eae10e
--- /dev/null
+++ b/robot/assets/cmpv2/ves_client_values_cmpv2.yaml
@@ -0,0 +1,18 @@
+certMethod: "cmpv2"
+
+fullnameOverride: "ves-client-cmpv2"
+nameOverride: "ves-client-cmpv2"
+secretName: ves-client-secret-cmpv2
+configMapName: ves-client-configmap-cmpv2
+certificateName: ves-client-certificate-cmpv2
+
+config:
+ useCerts: true
+ strictHost: true
+ mongoDbName: ves-client-db-cmpv2
+
+mongodb:
+ fullnameOverride: "ves-client-db-cmpv2"
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer-cmpv2
diff --git a/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml
new file mode 100644
index 00000000..4cea2296
--- /dev/null
+++ b/robot/assets/cmpv2/ves_correct_sans_cmpv2.yaml
@@ -0,0 +1,55 @@
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: false
+
+global:
+ centralizedLoggingEnabled: false
+ cmpv2Enabled: true
+ masterPassword: "test"
+
+
+nameOverride: "dcae-ves-cmpv2-cert-corect-sans"
+fullnameOverride: "dcae-ves-cmpv2-cert-corect-sans"
+
+
+# CMPv2 certificate
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - flag useCmpv2Certificates is set to true
+# Disabled by default
+useCmpv2Certificates: true
+certificates:
+ - mountPath: /opt/app/dcae-certificate/external
+ commonName: dcae-ves-collector-cmpv2-cert
+ dnsNames:
+ - dcae-ves-collector-cmpv2-cert
+ - ves-collector-cmpv2-cert
+ - ves-cmpv2-cert
+ keystore:
+ outputType:
+ - jks
+ passwordSecretRef:
+ name: ves-cmpv2-keystore-password
+ key: password
+ create: true
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector-cmpv2-cert
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 18
+ useNodePortExt: true
+
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcae-ves-cmpv2-cert-corect-sans
+ roles:
+ - read
diff --git a/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml
new file mode 100644
index 00000000..db86b581
--- /dev/null
+++ b/robot/assets/cmpv2/ves_wrong_sans_cmpv2.yaml
@@ -0,0 +1,53 @@
+# TLS role -- set to true if microservice acts as server
+# If true, an init container will retrieve a server cert
+# and key from AAF and mount them in certDirectory.
+tlsServer: false
+
+global:
+ centralizedLoggingEnabled: false
+ cmpv2Enabled: true
+ masterPassword: "test"
+
+
+nameOverride: "dcae-ves-cmpv2-cert-wrong-sans"
+fullnameOverride: "dcae-ves-cmpv2-cert-wrong-sans"
+
+
+# CMPv2 certificate
+# It is used only when:
+# - certDirectory is set
+# - global flag is set to true
+# - flag useCmpv2Certificates is set to true
+# Disabled by default
+useCmpv2Certificates: true
+certificates:
+ - mountPath: /opt/app/dcae-certificate/external
+ commonName: wrong-sans
+ dnsNames:
+ - wrong-sans
+ keystore:
+ outputType:
+ - jks
+ passwordSecretRef:
+ name: ves-cmpv2-keystore-password-wrong-sans
+ key: password
+ create: true
+
+# service configuration
+service:
+ type: NodePort
+ name: dcae-ves-collector-cmpv2-cert-wrong-sans
+ ports:
+ - name: http
+ port: 8443
+ plain_port: 8080
+ port_protocol: http
+ nodePort: 19
+ useNodePortExt: true
+
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: dcae-ves-cmpv2-cert-wrong-sans
+ roles:
+ - read
diff --git a/robot/assets/helm/ves-client/Chart.yaml b/robot/assets/helm/ves-client/Chart.yaml
new file mode 100644
index 00000000..14d36ba0
--- /dev/null
+++ b/robot/assets/helm/ves-client/Chart.yaml
@@ -0,0 +1,37 @@
+apiVersion: v2
+name: ves-client
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 1.0.1
+dependencies:
+ - name: mongodb
+ version: 10.x
+ repository: https://charts.bitnami.com/bitnami
+ condition: mongodb.enabled
+ - name: certInitializer
+ version: ~x.x-0
+ repository: '@chart-museum'
+ - name: common
+ version: ~x.x-0
+ # local reference to common chart, as it is
+ # a part of this chart's package and will not
+ # be published independently to a repo (at this point)
+ repository: '@chart-museum'
diff --git a/robot/assets/helm/ves-client/resources/cert.p12 b/robot/assets/helm/ves-client/resources/cert.p12
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/robot/assets/helm/ves-client/resources/cert.p12
diff --git a/robot/assets/helm/ves-client/resources/p12.pass b/robot/assets/helm/ves-client/resources/p12.pass
new file mode 100644
index 00000000..25acfbf5
--- /dev/null
+++ b/robot/assets/helm/ves-client/resources/p12.pass
@@ -0,0 +1 @@
+collector \ No newline at end of file
diff --git a/robot/assets/helm/ves-client/resources/trust.jks b/robot/assets/helm/ves-client/resources/trust.jks
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/robot/assets/helm/ves-client/resources/trust.jks
diff --git a/robot/assets/helm/ves-client/resources/truststore.pass b/robot/assets/helm/ves-client/resources/truststore.pass
new file mode 100644
index 00000000..25acfbf5
--- /dev/null
+++ b/robot/assets/helm/ves-client/resources/truststore.pass
@@ -0,0 +1 @@
+collector \ No newline at end of file
diff --git a/robot/assets/helm/ves-client/templates/_helpers.tpl b/robot/assets/helm/ves-client/templates/_helpers.tpl
new file mode 100644
index 00000000..e8940d78
--- /dev/null
+++ b/robot/assets/helm/ves-client/templates/_helpers.tpl
@@ -0,0 +1,175 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "ves-client.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "ves-client.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "ves-client.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "ves-client.labels" -}}
+helm.sh/chart: {{ include "ves-client.chart" . }}
+{{ include "ves-client.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "ves-client.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "ves-client.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "ves-client.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "ves-client.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Common namespace
+*/}}
+{{- define "ves-client.namespace" -}}
+ {{- default .Release.Namespace .Values.nsPrefix -}}
+{{- end -}}
+
+{{/*
+Define dns names in certificate
+*/}}
+{{- define "ves-client.dnsNames" -}}
+{{- range $dnsName := $.Values.certificates.dnsNames }}
+- {{ $dnsName }}
+{{- end }}
+{{- end }}
+
+{{/*
+Define dns names in certificate
+*/}}
+{{- define "ves-client.init" -}}
+{{ if eq .Values.certMethod "wrongCert" }}
+- name: {{ include "common.name" . }}-readiness
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ image: {{ .Values.certInitializer.image }}
+ imagePullPolicy: {{ .Values.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ .Values.aafVolumeName }}
+ mountPath: /opt/app/osaaf
+{{- end }}
+{{- end }}
+
+{{- define "ves-client.containers" -}}
+- env:
+ - name: MONGO_HOSTNAME
+ value: {{ .Values.config.mongoDbName | quote }}
+ - name: USE_CERTIFICATE_FOR_AUTHORIZATION
+ value: {{ .Values.config.useCerts | quote }}
+ - name: STRICT_HOSTNAME_VERIFICATION
+ value: {{ .Values.config.strictHost | quote }}
+ name: {{ .Values.configMapName }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ - containerPort: {{ .Values.service.port }}
+ protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /simulator/config
+ port: 5000
+ initialDelaySeconds: 10
+ periodSeconds: 30
+ timeoutSeconds: 1
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ httpGet:
+ path: /simulator/config
+ port: 5000
+ initialDelaySeconds: 60
+ periodSeconds: 15
+ timeoutSeconds: 1
+ successThreshold: 1
+ failureThreshold: 3
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ volumeMounts:
+ {{ if eq .Values.certMethod "wrongCert" }}
+ - name: certstore
+ mountPath: /app/store/cert.p12
+ subPath: cert.p12
+ - name: certstore
+ mountPath: /app/store/p12.pass
+ subPath: p12.pass
+ - name: {{ .Values.aafVolumeName }}
+ mountPath: /app/store
+ {{- end }}
+ {{ if eq .Values.certMethod "cmpv2" }}
+ - name: certstore
+ mountPath: /app/store
+ {{- end }}
+{{- end }}
+
+{{- define "ves-client.volumes" -}}
+{{ if or ( eq .Values.certMethod "cmpv2" ) ( eq .Values.certMethod "wrongCert" ) }}
+- name: certstore
+ projected:
+ sources:
+ - secret:
+ name: ves-client-secret-cmpv2
+ items:
+ - key: keystore.p12
+ path: cert.p12
+ - key: p12.pass
+ path: p12.pass
+ - key: p12.pass
+ path: truststore.pass
+ - key: truststore.jks
+ path: trust.jks
+{{- end }}
+{{ if eq .Values.certMethod "wrongCert" }}
+{{ include "common.certInitializer.volumes" . | nindent 8 }}
+- name: {{ .Values.aafVolumeName }}
+ emptyDir: {}
+{{- end }}
+{{- end }} \ No newline at end of file
diff --git a/robot/assets/helm/ves-client/templates/certificate.yaml b/robot/assets/helm/ves-client/templates/certificate.yaml
new file mode 100644
index 00000000..a8bbbd72
--- /dev/null
+++ b/robot/assets/helm/ves-client/templates/certificate.yaml
@@ -0,0 +1,28 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: '{{ include "ves-client.fullname" . }}-cert'
+ namespace: {{ include "ves-client.namespace" . }}
+spec:
+ secretName: ves-client-secret-cmpv2
+ commonName: {{ include "ves-client.fullname" . }}
+ renewBefore: {{ .Values.certificates.renewBefore }}
+ duration: {{ .Values.certificates.duration }}
+ subject:
+ organizations:
+ - {{ .Values.certificates.subject.organization }}
+ countries:
+ - {{ .Values.certificates.subject.country }}
+ localities:
+ - {{ .Values.certificates.subject.locality }}
+ provinces:
+ - {{ .Values.certificates.subject.province }}
+ organizationalUnits:
+ - {{ .Values.certificates.subject.organizationalUnit }}
+ issuerRef:
+ group: {{ .Values.certificates.issuerRef.group }}
+ kind: {{ .Values.certificates.issuerRef.kind }}
+ name: {{ .Values.certificates.issuerRef.name }}
+ dnsNames: {{ include "ves-client.dnsNames" . | indent 4 }}
+ keystores:
+ {{ toYaml .Values.certificates.keystores | nindent 4 }}
diff --git a/robot/assets/helm/ves-client/templates/deployment.yaml b/robot/assets/helm/ves-client/templates/deployment.yaml
new file mode 100644
index 00000000..8a054f44
--- /dev/null
+++ b/robot/assets/helm/ves-client/templates/deployment.yaml
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "ves-client.fullname" . }}
+ labels:
+ {{ include "ves-client.labels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{ include "ves-client.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{ include "ves-client.selectorLabels" . | nindent 8 }}
+ spec:
+ initContainers:
+ {{ include "ves-client.init" . | nindent 8 }}
+ containers:
+ {{ include "ves-client.containers" . | nindent 8 }}
+ volumes:
+ {{ include "ves-client.volumes" . | nindent 8 }}
diff --git a/robot/assets/helm/ves-client/templates/secret.yaml b/robot/assets/helm/ves-client/templates/secret.yaml
new file mode 100644
index 00000000..354e52cb
--- /dev/null
+++ b/robot/assets/helm/ves-client/templates/secret.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: ves-client-secret-cmpv2
+data:
+ p12.pass: MjNlOTE3NzVjOTE4ZTRmNjY4ZTFhYzgyZDY5ZjExYWU0ZWU0ZGM2MTM3YzUwMzZkZjE3MmEyODJhYTA5
+type: Opaque
diff --git a/robot/assets/helm/ves-client/templates/service.yaml b/robot/assets/helm/ves-client/templates/service.yaml
new file mode 100644
index 00000000..a118388b
--- /dev/null
+++ b/robot/assets/helm/ves-client/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.nameOverride }}
+ labels:
+ {{ include "ves-client.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.port }}
+ protocol: TCP
+ name: {{ .Values.service.name }}
+ selector:
+ {{ include "ves-client.selectorLabels" . | nindent 4 }}
diff --git a/robot/assets/helm/ves-client/values.yaml b/robot/assets/helm/ves-client/values.yaml
new file mode 100644
index 00000000..cc063180
--- /dev/null
+++ b/robot/assets/helm/ves-client/values.yaml
@@ -0,0 +1,133 @@
+global:
+ importCustomCertsEnabled: false
+
+certMethod: "aaf"
+aafVolumeName: aaf-vol-store
+
+replicaCount: 1
+
+image:
+ repository: onap/org.onap.integration.nfsimulator.vesclient
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: "ves-client"
+
+config:
+ strictHost: false
+ useCerts: false
+ mongoDbName: ves-client-db
+
+templatesDir: "/app/template"
+certsDir: "/app/store"
+
+ingress:
+ enabled: false
+
+certInitializer:
+ nameOverride: vesclient-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: ves-client
+ fqi: ves-client@vesclient.onap.org
+ public_fqdn: ves-client.onap.org
+ fqi_namespace: "org.onap.vesclient"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ image: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+ mountPath: "/opt/app/osaaf"
+ appMountPath: "/opt/app/osaaf"
+
+podAnnotations: {}
+
+podSecurityContext: {}
+ # fsGroup: 2000
+
+securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+service:
+ type: NodePort
+ port: 5000
+ name: ves-client-port-name
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 100
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+mongodb:
+ fullnameOverride: "ves-client-db"
+ persistence:
+ enabled: false
+ auth:
+ rootPassword: zXcVbN123!
+ database: simulator
+ username: root
+
+certificates:
+ name: ves-client-cert
+ secretName: ves-client-secret
+ commonName: ves-client
+ dnsNames:
+ - ves-client
+ renewBefore: 720h #30 days
+ duration: 8760h #365 days
+ subject:
+ organization: "Linux-Foundation"
+ country: "US"
+ locality: "San-Francisco"
+ province: "California"
+ organizationalUnit: "ONAP"
+# issuer:
+# group: certmanager.onap.org
+# kind: CMPv2Issuer
+# name: cmpv2-issuer-onap
+ issuerRef:
+ group: certmanager.onap.org
+ kind: CMPv2Issuer
+ name: cmpv2-issuer-onap
+
+# ipAddresses: "127.0.0.1"
+ keystores:
+ jks:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-cmpv2
+ key: p12.pass
+ pkcs12:
+ create: true
+ passwordSecretRef:
+ name: ves-client-secret-cmpv2
+ key: p12.pass
diff --git a/robot/resources/chart_museum.robot b/robot/resources/chart_museum.robot
index 7b46deb3..173e2347 100644
--- a/robot/resources/chart_museum.robot
+++ b/robot/resources/chart_museum.robot
@@ -40,38 +40,24 @@ Package and add charts to repository
Install helm charts
[Documentation] Install DCAE Servcie using helm charts
- [Arguments] ${chart_repo_name} ${dcae_servcie_helm_charts} ${dcae_service_helm_name} ${wait_time}=2 min ${set_values_override}=${EMPTY}
- ${helm_install}= Set Variable helm install ${dcae_service_helm_name} ${chart_repo_name}/${dcae_servcie_helm_charts} --set global.repository=${registry_ovveride} ${set_values_override}
+ [Arguments] ${chart_repo_name} ${dcae_servcie_helm_charts} ${dcae_service_helm_name} ${wait_time}=6m0s ${set_values_override}=${EMPTY}
+ ${helm_install}= Set Variable helm install ${dcae_service_helm_name} ${chart_repo_name}/${dcae_servcie_helm_charts} --set global.repository=${registry_ovveride} ${set_values_override} --wait --timeout ${wait_time}
${helm_install_command_output} = Run And Return Rc And Output ${helm_install}
Log ${helm_install_command_output[1]}
Should Be Equal As Integers ${helm_install_command_output[0]} 0
- Wait Until Keyword Succeeds ${wait_time} 20 sec Checking Status Of Deployed Appliction Using Helm ${dcae_servcie_helm_charts} ${dcae_service_helm_name}
Install helm charts from folder
[Documentation] Install DCAE Servcie using helm charts not in repo
- [Arguments] ${chart_folder} ${dcae_service_helm_name} ${wait_time}=2 min ${set_values_override}=${EMPTY}
+ [Arguments] ${chart_folder} ${dcae_service_helm_name} ${wait_time}=2m0s ${set_values_override}=${EMPTY}
${helm_dependency_update}= Set Variable helm dependency update ${chart_folder}
${helm_dependency_update_output} = Run And Return Rc And Output ${helm_dependency_update}
Log ${helm_dependency_update_output[1]}
Should Be Equal As Integers ${helm_dependency_update_output[0]} 0
${rest} ${dcae_servcie_helm_charts} = Split String From Right ${chart_folder} / 1
- ${helm_install}= Set Variable helm install ${dcae_service_helm_name} ${chart_folder} --set global.repository=${registry_ovveride} ${set_values_override}
+ ${helm_install}= Set Variable helm install ${dcae_service_helm_name} ${chart_folder} --set global.repository=${registry_ovveride} ${set_values_override} --wait --timeout ${wait_time}
${helm_install_command_output} = Run And Return Rc And Output ${helm_install}
Log ${helm_install_command_output[1]}
Should Be Equal As Integers ${helm_install_command_output[0]} 0
- Wait Until Keyword Succeeds ${wait_time} 20 sec Checking Status Of Deployed Appliction Using Helm ${dcae_servcie_helm_charts} ${dcae_service_helm_name}
-
-Checking Status Of Deployed Appliction Using Helm
- [Arguments] ${dcae_servcie_helm_charts} ${dcae_service_helm_name}
- ${pod_status}= Set Variable kubectl get pods -n onap | grep ${dcae_service_helm_name} | awk '{print $3}'
- ${pod_status_command_output} = Run And Return Rc And Output ${pod_status}
- Should Be Equal As Integers ${pod_status_command_output[0]} 0
- Should Be Equal As Strings ${pod_status_command_output[1]} Running
- ${pod_ready}= Set Variable kubectl get pods -n onap | grep ${dcae_service_helm_name} | awk '{print $2}'
- ${pod_ready_command_output} = Run And Return Rc And Output ${pod_ready}
- Should Be Equal As Integers ${pod_ready_command_output[0]} 0
- ${pre} ${post} = Split String ${pod_ready_command_output[1]} / 1
- Should Be Equal As Strings ${pre} ${post}
Uninstall helm charts
[Documentation] Uninstall DCAE Servcie using helm charts
diff --git a/robot/resources/test_templates/cmpv2.robot b/robot/resources/test_templates/cmpv2.robot
index 43570f25..3c948846 100644
--- a/robot/resources/test_templates/cmpv2.robot
+++ b/robot/resources/test_templates/cmpv2.robot
@@ -7,9 +7,10 @@ Library ONAPLibrary.JSON
Library ONAPLibrary.Utilities
Library ONAPLibrary.Templating WITH NAME Templating
Resource pnf_registration_without_SO_template.robot
-Resource ../dcae/deployment.robot
-Resource ../dcae/inventory.robot
Resource ../global_properties.robot
+Resource ../resources/test_templates/pnf_registration_without_SO_template.robot
+Resource ../chart_museum.robot
+
*** Variables ***
@@ -18,9 +19,38 @@ ${VES_ENDPOINT} ${GLOBAL_DCAE_VES_HTTPS_PROTOCOL}://${GLOBAL_INJECTED_DCAE_VE
${VES_data_path} eventListener/v7
${single_event_data_path} /simulator/event
${users} ${EXECDIR}/robot/assets/cmpv2/mongo-users.json
-
+${HELM_RELEASE} kubectl --namespace onap get pods | sed 's/ .*//' | grep robot | sed 's/-.*//'
+${CMPv2_helm_values} ${EXECDIR}/robot/assets/cmpv2
+${VES_Client_helm_charts} ${EXECDIR}/robot/assets/helm/ves-client
*** Keywords ***
+
+Suite setup
+ [Arguments] ${PNF_entry_dict}
+ Send VES integration request ${PNF_entry_dict}
+ ${command_output} = Run And Return Rc And Output ${HELM_RELEASE}
+ Should Be Equal As Integers ${command_output[0]} 0
+ Set Global Variable ${ONAP_HELM_RELEASE} ${command_output[1]}
+ Log To Console Deploying VES Client
+ Install VES Client
+ Log To Console Deploying VES collector with CMPv2 and correct sans
+ Install VES collector with CMPv2
+ Log To Console Deploying VES collector with CMPv2 and wrong SANs
+ Install VES collector with CMPv2 and wrong SANs
+
+Install VES Client
+ [Arguments] ${cert}=cmpv2
+ ${override} = Set Variable -f ${CMPv2_helm_values}/ves_client_values_cmpv2.yaml --set fullnameOverride=${ONAP_HELM_RELEASE}-ves-client-cmpv2 --set mongodb.fullnameOverride=${ONAP_HELM_RELEASE}-ves-db-client-cmpv2 --set config.mongoDbName=${ONAP_HELM_RELEASE}-ves-db-client-cmpv2 --set certMethod=${cert} --debug
+ Install helm charts from folder ${VES_Client_helm_charts} ${ONAP_HELM_RELEASE}-ves-client set_values_override=${override}
+
+Install VES collector with CMPv2
+ ${override} = Set Variable -f ${CMPv2_helm_values}/ves_correct_sans_cmpv2.yaml --debug
+ Install helm charts chart-museum dcae-ves-collector ${ONAP_HELM_RELEASE}-dcae-ves-cmpv2-cert-corect-sans 3m ${override}
+
+Install VES collector with CMPv2 and wrong SANs
+ ${override} = Set Variable -f ${CMPv2_helm_values}/ves_wrong_sans_cmpv2.yaml --debug
+ Install helm charts chart-museum dcae-ves-collector ${ONAP_HELM_RELEASE}-dcae-ves-cmpv2-cert-wrong-sans 3m ${override}
+
VES Client send single VES event
[Arguments] ${event} ${ves_host} ${ves_port} ${pnf_sim_host} ${pnf_sim_port} ${http_reposnse_code}=202
${pnf_sim_endpoint}= Set Variable http://${pnf_sim_host}.onap:${pnf_sim_port}
@@ -36,11 +66,7 @@ VES Client send single VES event
Log VES has accepted event with status code ${post_resp.status_code}
[Return] ${post_resp}
-
Usecase Teardown
- Undeploy Service ${mongo-dep}
- Undeploy Service ${ves-client-dep}
- Undeploy Service ves-collector-cmpv2-dep
- Undeploy Service ves-collector-cmpv2-wrong-sans-dep
- Delete Blueprint From Inventory ${serviceTypeIdMongo}
- Delete Blueprint From Inventory ${serviceTypeIdPnfSimulator} \ No newline at end of file
+ Uninstall helm charts ${ONAP_HELM_RELEASE}-ves-client
+ Uninstall helm charts ${ONAP_HELM_RELEASE}-dcae-ves-cmpv2-cert-corect-sans
+ Uninstall helm charts ${ONAP_HELM_RELEASE}-dcae-ves-cmpv2-cert-wrong-sans
diff --git a/robot/resources/usecases/5gbulkpm_helm_interface.robot b/robot/resources/usecases/5gbulkpm_helm_interface.robot
index 695cf5cd..218f89b2 100644
--- a/robot/resources/usecases/5gbulkpm_helm_interface.robot
+++ b/robot/resources/usecases/5gbulkpm_helm_interface.robot
@@ -176,10 +176,10 @@ Check Known Hosts In Env
[Return] ${output}
Deploying Data File Collector
- Install helm charts chart-museum dcae-datafile-collector ${ONAP_HELM_RELEASE}-dcae-datafile-collector 3 min --set useCmpv2Certificates=true --set global.cmpv2Enabled=true --set masterPasswordOverride=test --set global.centralizedLoggingEnabled=false --debug
+ Install helm charts chart-museum dcae-datafile-collector ${ONAP_HELM_RELEASE}-dcae-datafile-collector 6m --set useCmpv2Certificates=true --set global.cmpv2Enabled=true --set masterPasswordOverride=test --debug
Deploying 3GPP PM Mapper
- Install helm charts chart-museum dcae-pm-mapper ${ONAP_HELM_RELEASE}-dcae-pm-mapper 3 min --set global.centralizedLoggingEnabled=false --set applicationConfig.enable_tls=true --set applicationConfig.enable_http=false --set applicationConfig.aaf_identity=dcae@dcae.onap.org --set applicationConfig.aaf_password=demo123456! --set applicationConfig.key_store_path=/opt/app/pm-mapper/etc/cert/cert.jks --set applicationConfig.key_store_pass_path=/opt/app/pm-mapper/etc/cert/jks.pass --set applicationConfig.trust_store_path=/opt/app/pm-mapper/etc/cert/trust.jks --set applicationConfig.trust_store_pass_path=/opt/app/pm-mapper/etc/cert/trust.pass --debug
+ Install helm charts chart-museum dcae-pm-mapper ${ONAP_HELM_RELEASE}-dcae-pm-mapper 6m --debug
Deploying SFTP Server As xNF
${override} = Set Variable --set fullnameOverride=${ONAP_HELM_RELEASE}-sftp --debug
@@ -219,7 +219,7 @@ DR PM Mapper Subscriber Check
Setting KNOWN_HOSTS_FILE_PATH Environment Variable in DFC
${rc}= Run and Return RC ${SET_KNOWN_HOSTS_FILE_PATH}
Should Be Equal As Integers ${rc} 0
- Wait Until Keyword Succeeds 5 min 10s Check Known Hosts In Env ${CHECK_ENV_SET}
+ Wait Until Keyword Succeeds 7 min 10s Check Known Hosts In Env ${CHECK_ENV_SET}
${GET_RSA_KEY}= Set Variable kubectl exec $(kubectl get pod -n onap | grep ${ONAP_HELM_RELEASE}-sftp | awk '{print $1}') -n onap -- ssh-keyscan -t rsa ${ONAP_HELM_RELEASE}-sftp > /tmp/known_hosts
${rc}= Run and Return RC ${GET_RSA_KEY}
Should Be Equal As Integers ${rc} 0
@@ -276,7 +276,7 @@ Change DFC httpsHostnameVerify configuration in Consul
Should Be Equal As Strings ${resp.status_code} 200
${rc} = Run and Return RC kubectl delete pods -n onap $(kubectl get pods -n onap | grep datafile-collector | awk '{print $1}' | grep -v NAME)
Should Be Equal As Integers ${rc} 0
- Wait Until Keyword Succeeds 120 sec 5 sec Check logs kubectl logs -n onap $(kubectl get pods -n onap | grep datafile-collector | awk '{print $1}' | grep -v NAME) ${container_name}-datafile-collector
+ Wait Until Keyword Succeeds 360 sec 15 sec Check logs kubectl logs -n onap $(kubectl get pods -n onap | grep datafile-collector | awk '{print $1}' | grep -v NAME) ${container_name}-datafile-collector
Sending File Ready Event to VES Collector for HTTPS Server
[Arguments] ${https-server_host}
diff --git a/robot/testsuites/cmpv2.robot b/robot/testsuites/cmpv2.robot
index 89bdb982..d0cf7028 100644
--- a/robot/testsuites/cmpv2.robot
+++ b/robot/testsuites/cmpv2.robot
@@ -9,12 +9,9 @@ Library JSONLibrary
Library ONAPLibrary.JSON
Library ONAPLibrary.Utilities
Library ONAPLibrary.Templating WITH NAME Templating
-Resource ../resources/dcae/deployment.robot
-Resource ../resources/dcae/inventory.robot
Resource ../resources/global_properties.robot
Resource ../resources/test_templates/cmpv2.robot
-Resource ../resources/test_templates/pnf_registration_without_SO_template.robot
-Suite Setup Send VES integration request ${initial entry}
+Suite Setup Suite setup ${initial entry}
Suite Teardown Usecase Teardown
*** Variables ***
@@ -23,71 +20,10 @@ ${PNF_SIMULATOR_BLUEPRINT_PATH} ${EXECDIR}/robot/assets/cmpv2/k8s-ves-c
${VES_INPUTS} deployment/VesTlsCmpv2Inputs.jinja
${pnf_ves_integration_request} ves/pnf_registration_request.jinja
${NEXUS3} ${GLOBAL_INJECTED_NEXUS_DOCKER_REPO}
-&{initial entry} correlation_id=dummy PNF_IPv4_address=11.11.11.1 PNF_IPv6_address=2001:0db8:0:0:0:0:1428:57ab
-
+&{initial entry} correlation_id=dummy PNF_IPv4_address=11.11.11.1 PNF_IPv6_address=2001:0db8:0:0:0:0:1428:57ab
*** Test Cases ***
-Deploying VES Client
- [Documentation]
- ... This test case deploys VES Client with "enable_tls": set to false and "external_cert_use_external_tls" (CMPv2) set to true as DCAE applictaion
- [Tags] CMPv2
- ${rand} Generate Random String 5 [NUMBERS][LOWER]
- Set Suite Variable ${ves_client_hostname} ves-client-${rand}
- ${serviceTypeIdMongo} Load Blueprint To Inventory ${MONGO_BLUEPRINT_PATH} mongo-${rand}
- ${serviceTypeIdPnfSimulator} Load Blueprint To Inventory ${PNF_SIMULATOR_BLUEPRINT_PATH} ves-client-${rand}
- Set Suite Variable ${serviceTypeIdMongo}
- Set Suite Variable ${serviceTypeIdPnfSimulator}
- ${deployment_data}= Set Variable {"serviceTypeId":"${serviceTypeIdMongo}", "inputs":{"service_component_name_override":"mongo-${ves_client_hostname}","service_component_type":"mongo-${ves_client_hostname}"}}
- Set Suite Variable ${mongo-dep} mongo-dep-${rand}
- Deploy Service ${deployment_data} ${mongo-dep} 2 minutes
- ${resp}= Get Blueprint From Inventory ves-client-${rand}
- ${json}= Set Variable ${resp.json()}
- ${image} Get Regexp Matches ${json['items'][0]['blueprintTemplate']} nexus3(.)*?(?=\')
- ${image} Replace String ${image}[0] nexus3.onap.org:10001 ${NEXUS3}
- ${deployment_data}= Set Variable {"serviceTypeId":"${serviceTypeIdPnfSimulator}", "inputs":{"tag_version": "${image}", "service_component_name_override":"${ves_client_hostname}"}}
- Set Suite Variable ${ves-client-dep} ves-client-dep-${rand}
- Deploy Service ${deployment_data} ${ves-client-dep} 4 minutes
-
-
-Deploying VES collector with CMPv2
- [Documentation]
- ... This test case deploys second VES instance with "enable_tls": set to true and "external_cert_use_external_tls" (CMPv2) set to true as DCAE applictaion
- ... Both CMPv2 and AAF certificates are present
- [Tags] CMPv2
- ${resp}= Get Blueprint From Inventory k8s-ves
- ${json}= Set Variable ${resp.json()}
- ${serviceTypeIdVes} Set Variable ${json['items'][0]['typeId']}
- ${image} Get Regexp Matches ${json['items'][0]['blueprintTemplate']} nexus3(.)*?(?=\")
- ${image} Replace String ${image}[0] nexus3.onap.org:10001 ${NEXUS3}
- ${arguments}= Create Dictionary serviceTypeId=${serviceTypeIdVes}
- Set To Dictionary ${arguments} image ${image}
- Set To Dictionary ${arguments} external_port_tls 32226
- Set To Dictionary ${arguments} service_component_name_override dcae-ves-collector-cmpv2-cert
- Set To Dictionary ${arguments} external_cert_sans dcae-ves-collector-cmpv2-cert,ves-collector-cmpv2-cert,ves-cmpv2-cert
- Templating.Create Environment deployment ${GLOBAL_TEMPLATE_FOLDER}
- ${deployment_data}= Templating.Apply Template deployment ${VES_INPUTS} ${arguments}
- Deploy Service ${deployment_data} ves-collector-cmpv2-dep 4 minutes
-
-Deploying VES collector with CMPv2 and wrong SANs
- [Documentation]
- ... This test case deploys second VES instance with "enable_tls": set to true and "external_cert_use_external_tls" (CMPv2) set to true as DCAE applictaion, CMPv2 certificate has wrong SANs
- ... Both CMPv2 and AAF certificates are present
- [Tags] CMPv2
- ${resp}= Get Blueprint From Inventory k8s-ves
- ${json}= Set Variable ${resp.json()}
- ${serviceTypeIdVes} Set Variable ${json['items'][0]['typeId']}
- ${image} Get Regexp Matches ${json['items'][0]['blueprintTemplate']} nexus3(.)*?(?=\")
- ${image} Replace String ${image}[0] nexus3.onap.org:10001 ${NEXUS3}
- ${arguments}= Create Dictionary serviceTypeId=${serviceTypeIdVes}
- Set To Dictionary ${arguments} image ${image}
- Set To Dictionary ${arguments} external_port_tls 32227
- Set To Dictionary ${arguments} service_component_name_override dcae-ves-collector-cmpv2-cert-wrong-sans
- Set To Dictionary ${arguments} external_cert_sans wrong-sans
- Templating.Create Environment deployment ${GLOBAL_TEMPLATE_FOLDER}
- ${deployment_data}= Templating.Apply Template deployment ${VES_INPUTS} ${arguments}
- Deploy Service ${deployment_data} ves-collector-cmpv2-wrong-sans-dep 4 minutes
-
Send registration request to CMPv2 VES
[Documentation]
... This test case triggers registration request from VES Client (where is present only CMPv2 certificate) to VES collector
@@ -100,7 +36,7 @@ Send registration request to CMPv2 VES
Create PNF initial entry in A&AI ${PNF_entry_dict}
Templating.Create Environment ves ${GLOBAL_TEMPLATE_FOLDER}
${template}= Templating.Apply Template ves ${pnf_ves_integration_request} ${PNF_entry_dict}
- VES Client send single VES event ${template} dcae-ves-collector-cmpv2-cert 8443 ${ves_client_hostname} 5000
+ VES Client send single VES event ${template} dcae-ves-collector-cmpv2-cert 8443 ves-client-cmpv2 5000
Verify PNF Integration Request in A&AI ${PNF_entry_dict}
Send registration request to CMPv2 VES with wrong SAN-s
@@ -112,7 +48,7 @@ Send registration request to CMPv2 VES with wrong SAN-s
${PNF_entry_dict}= Create Dictionary correlation_id=${pnf_correlation_id} PNF_IPv4_address=14.14.14.14 PNF_IPv6_address=2001:0db8:0:0:0:0:1428:57ab
Templating.Create Environment ves ${GLOBAL_TEMPLATE_FOLDER}
${template}= Templating.Apply Template ves ${pnf_ves_integration_request} ${PNF_entry_dict}
- ${resp}= VES Client send single VES event ${template} dcae-ves-collector-cmpv2-cert-wrong-sans 8443 ${ves_client_hostname} 5000 421
+ ${resp}= VES Client send single VES event ${template} dcae-ves-collector-cmpv2-cert-wrong-sans 8443 ves-client-cmpv2 5000 421
Should Contain ${resp.json().get('message')} wrong-sans
Send registration request to VES without CMPv2 certificate
@@ -120,10 +56,12 @@ Send registration request to VES without CMPv2 certificate
... This test case triggers registration request from VES Client (where is present only CMPv2 certificate) to VES collector
... with disabled CMPv2 (only AAF certificate is present - VES collector deployed during whole ONAP deploy).
[Tags] CMPv2
+ Uninstall helm charts ${ONAP_HELM_RELEASE}-ves-client
+ Install VES Client wrongCert
${pnf_correlation_id}= Generate Random String 20 [LETTERS][NUMBERS]
${PNF_entry_dict}= Create Dictionary correlation_id=${pnf_correlation_id} PNF_IPv4_address=14.14.14.14 PNF_IPv6_address=2001:0db8:0:0:0:0:1428:57ab
Templating.Create Environment ves ${GLOBAL_TEMPLATE_FOLDER}
${template}= Templating.Apply Template ves ${pnf_ves_integration_request} ${PNF_entry_dict}
- ${resp}= VES Client send single VES event ${template} dcae-ves-collector 8443 ${ves_client_hostname} 5000 421
+ ${resp}= VES Client send single VES event ${template} dcae-ves-collector 8443 ves-client-cmpv2 5000 421
Should Contain ${resp.json().get('message')} certificate_unknown