TEST-17 - secure robot and generate page

Update web site to require a password

provide script to gnerate the page and

credentials for user 'test'

Change-Id: Ic40fcd7f224f27dc819af5ba54695de2fd47520a
Signed-off-by: Jerry Flood <jf9860@att.com>

3 files changed, 226 insertions, 1 deletions

diff --git a/docker/lighttpd.conf b/docker/lighttpd.conf
index 850af409..de9eaa22 100644
--- a/docker/lighttpd.conf
+++ b/docker/lighttpd.conf
@@ -14,4 +14,14 @@ mimetype.assign = (
 static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc", ".cgi" )
 index-file.names = ( "index.html" )
 
-
+server.modules += ( "mod_auth" )
+auth.debug = 2
+auth.backend = "plain"
+auth.backend.plain.userfile = "/etc/lighttpd/authorization"
+auth.require = ( "/" =>
+(
+"method" => "basic",
+"realm" => "Password protected area",
+"require" => "user=robot"
+)
+)
diff --git a/robot/assets/templates/web/index.html.template b/robot/assets/templates/web/index.html.template
new file mode 100644
index 00000000..4853fc72
--- /dev/null
+++ b/robot/assets/templates/web/index.html.template
@@ -0,0 +1,123 @@
+<html><head>
+    <title>Quicklinks To Running Instances</title>
+  </head>
+
+  <body>
+    <h1>The Portal</h1>
+
+    The portal is the entry point to design/provision/operate ONAP. From there you can get to SDC, VID and Policy portals.
+
+    The portal can be found at:<p>
+
+    <a href="http://portal.api.simpledemo.openecomp.org:8989/ECOMPPORTAL/login.htm">Portal</a>
+    <p>
+    One requires role based user names and passwords to receive the full portal functionality. In the demo setup we pre provisioned:
+    <p>
+    <ul>
+      <li> jh0003 Admin </li>
+      <li> cs0008 Designer </li>
+      <li> jm0007 Tester </li>
+      <li> op0001 Operator </li>
+      <li> gv0001 Governance </li>
+      <li> pm0001 Product Manager </li>
+      <li> ps0001 Product Strategy </li>
+    </ul>
+    <p>
+    the password for all of them is: demo123456!
+
+    <h1> The Reality </h1>
+
+    As everything should go through the portal there are many subsystems which have there own GUI or API which come in very handy when debugging things. Here the most important once.
+
+    <h2> Testing </h2>
+
+    <b> Not working. </b> :
+
+    <a href="http://${robot}:88/report.html"> Test Report </a>
+
+    <h2> SDN-C </h2>
+
+    <a  href="http://admin:Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U@${sdnc}:8282/apidoc/explorer/index.html"> Controller </a>  with admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U <p>
+
+    <a  href="http://${sdnc}:8843/signup"> To sign up </a> <p>
+    <a  href="http://${sdnc}:8843/login"> Admin </a> <p>
+
+    <h2> App-C </h2>
+
+    <a  href="http://admin:Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U@${appc}:8282/apidoc/explorer/index.html"> Controller </a>  with admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U <p>
+
+    <h2> Policy </h2>
+
+  <b> Not working. </b> :
+    <a href="http://healthcheck:zb!XztG34@${policy}:6969/healthcheck"> Healthcheck </a> <p>
+
+    <h2> MSO </h2>
+
+    <a href="http://admin:Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U@${mso}:9990/"> JBOSS GUI </a> with admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U <p>
+
+    <a href="http://${mso}:8080/camunda"> Camunda GUI </a> with admin/Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U <p>
+
+    <h2> DCAE </h2>
+
+    <h3> General GUIs </h3>
+    <a href="http://console:ZjJkYjllMjljMTI2M2Iz@${dcae_controller}:9998/resources"> DCAE Controller </a>
+    This might show up empty in a web browser as no content type is set in the response. If that's the case use curl: <p>
+
+     curl http://console:ZjJkYjllMjljMTI2M2Iz@${dcae_controller}:9998/resources <p>
+
+    <a href="http://${dcae_cdap}:9999/ns/TCA/apps/dcae-tca/programs/flows/TCAVESCollectorFlow/runs"> CDAP GUI </a> <p>
+
+    <h3> DCAE internal Message Router </h3>
+
+    <a href="http://${dcae_coll}:3904/topics"> Topics </a> <p>
+
+    <a href="http://${dcae_coll}:3904/events/unauthenticated.SEC_MEASUREMENT_OUTPUT/monitor/0?timeout=10000"> MR topic for collector to TCA </a> <p>
+
+    <a href="http://${dcae_coll}:3904/events/unauthenticated.TCA_EVENT_OUTPUT/monitor/0?timeout=10000"> MR topic for TCA alert to Policy </a> <p>
+
+    <h2> Message Router used between core components </h2>
+
+    <a href="http://${message_router}:3904/topics"> List of Topics </a> <p>
+
+    <h3> Topics of Interest </h3>
+
+    For topics without authentication one can monitor the traffic on a topic with: <p>
+
+    http://${message_router}:3904/events/PUT_TOPIC_HERE/group1/C1?timeout=5000 <p>
+
+    some important once listed below. <p>
+
+    <ul>
+      <li> <a href="http://${message_router}:3904/events/APPC-CL/monitor/0?timeout=10000"> APPC-CL Topic -- Policy Publishes Requests and APP-C publishes response </a>
+      <li> <a href="http://${message_router}:3904/events/PDPP-CONFIGURATION/monitor/0?timeout=10000"> PDPD-CONFIGURATION Topic  </a>
+      <li> <a href="http://${message_router}:3904/events/POLICY-CL-MGT/monitor/0?timeout=10000"> POLICY-CL-MGT Topic -- Control loop operational policy </a>
+      <li> <a href="http://${message_router}:3904/events/DCAE-CL-EVENT/monitor/0?timeout=10000"> DCAE-CL-EVENT Topic -- Provides the Analytics output from DCAE</a>
+
+    </ul>
+
+    <h1> SSH to VM </h1>
+
+    The following links will open a shell and ssh to the various running VMs (at least on a Mac). It assumes that the .ssh/config file has been set appropriately and /etc/hosts has been updated to the running instance.<p>
+
+      <a href="ssh://${aai}"> AAI </a><p>
+      <a href="ssh://${policy}"> Policy </a><p>
+      <a href="ssh://${sdc}"> SDC </a><p>
+      <a href="ssh://${portal}"> Portal </a><p>
+      <a href="ssh://${dcae_controller}"> DCAE </a><p>
+      <a href="ssh://${appc}"> APP-C </a><p>
+      <a href="ssh://${mso}"> MSO </a><p>
+      <a href="ssh://${sdnc}"> SDN-C </a><p>
+      <a href="ssh://${vid}"> VID </a><p>
+      <a href="ssh://${message_router}"> Message Router </a><p>
+      <a href="ssh://${robot}"> Robot Framework for testing </a><p>
+      <a href="ssh://${onapdns}"> DNS server for management network </a><p>
+
+        Inside the VM you can list the docker containers by typing: <p>
+        docker ps <p>
+        and can get a shell prompt by executing the bash command.
+        For example: <p> docker exec -it openecompete_container bash <p>
+
+
+
+
+</body></html>
diff --git a/robot/testsuites/update_onap_page.robot b/robot/testsuites/update_onap_page.robot
new file mode 100644
index 00000000..f200827c
--- /dev/null
+++ b/robot/testsuites/update_onap_page.robot
@@ -0,0 +1,92 @@
+*** Settings ***
+Documentation	  Initializes ONAP Test Web Page and Password
+
+Library    Collections
+Library    OperatingSystem
+Library    StringTemplater
+Resource          ../resources/openstack/keystone_interface.robot
+Resource          ../resources/openstack/nova_interface.robot
+
+
+Test Timeout    1 minutes
+
+*** Variables ***
+${URLS_HTML_TEMPLATE}   robot/assets/templates/web/index.html.template
+
+
+${WEB_USER}       test
+${WEB_PASSWORD}
+
+${URLS_HTML}   html/index.html
+${CREDENTIALS_FILE}   /etc/lighttpd/authorization
+#${CREDENTIALS_FILE}   authorization
+
+*** Test Cases ***
+Update ONAP Page
+    [Tags]   UpdateWebPage
+    Run Keyword If   '${WEB_PASSWORD}' == ''   Fail   "WEB Password must not be empty"
+    Run Openstack Auth Request    auth
+    ${server_map}=    Get Openstack Servers    auth
+    ${oam_ip_map}=   Create Dictionary
+    Set To Dictionary    ${oam_ip_map}   10.0.0.1=onapdns
+    Set To Dictionary    ${oam_ip_map}   10.0.1.1=aai
+    Set To Dictionary    ${oam_ip_map}   10.0.2.1=appc
+    Set To Dictionary    ${oam_ip_map}   10.0.3.1=sdc
+    Set To Dictionary    ${oam_ip_map}   10.0.4.1=dcae_controller
+    Set To Dictionary    ${oam_ip_map}   10.0.4.103=dcae_cdap
+    Set To Dictionary    ${oam_ip_map}   10.0.4.102=dcae_coll
+    Set To Dictionary    ${oam_ip_map}   10.0.5.1=mso
+    Set To Dictionary    ${oam_ip_map}   10.0.6.1=policy
+    Set To Dictionary    ${oam_ip_map}   10.0.7.1=sdnc
+    Set To Dictionary    ${oam_ip_map}   10.0.8.1=vid
+    Set To Dictionary    ${oam_ip_map}   10.0.9.1=portal
+    Set To Dictionary    ${oam_ip_map}   10.0.10.1=robot
+    Set To Dictionary    ${oam_ip_map}   10.0.11.1=message_router
+
+    ${values}=   Create Dictionary
+    ${keys}=    Get Dictionary Keys    ${oam_ip_map}
+    :for   ${oam_ip}   in    @{keys}
+    \    ${value_name}=   Get From Dictionary    ${oam_ip_map}   ${oam_ip}
+    \    Set Public Ip    ${server_map}    ${oam_ip}   ${value_name}   ${values}
+    Log    ${values}
+    Run Keyword If   '${WEB_PASSWORD}' != ''   Create File   ${CREDENTIALS_FILE}   ${WEB_USER}:${WEB_PASSWORD}
+    Create File From Template   ${URLS_HTML_TEMPLATE}   ${URLS_HTML}   ${values}
+
+*** Keywords ***
+Create File From Template
+    [Arguments]    ${template}   ${file}   ${values}
+    ${data}    OperatingSystem.Get File   ${template}
+    ${data}=   Template String   ${data}   ${values}
+    Create File     ${file}   ${data}
+
+Set Public Ip
+    [Arguments]   ${server_map}    ${oam_ip}   ${value_name}   ${values}
+    ${status}   ${public_ip}=   Run Keyword And Ignore Error  Get Public Ip   ${server_map}    ${oam_ip}
+    ${public_ip}=   Set Variable If   '${status}' == 'PASS'   ${public_ip}   ${oam_ip}
+    Set To Dictionary   ${values}   ${value_name}   ${public_ip}
+
+Get Public Ip
+    [Arguments]   ${server_map}    ${oam_ip}
+    ${servers}   Get Dictionary Values    ${server_map}
+    :for   ${server}   in   @{servers}
+    \    ${status}   ${public_ip}   Run Keyword And Ignore Error   Search Addresses   ${server}   ${oam_ip}
+    \    Return From Keyword If   '${status}' == 'PASS'   ${public_ip}
+    Fail  ${oam_ip} Server Not Found
+
+Search Addresses
+    [Arguments]   ${server}   ${oam_ip}
+    ${addresses}   Get From Dictionary   ${server}   addresses
+    ${public_ips}   Get From Dictionary   ${addresses}   public
+    ${public_ip}=   Get V4 IP   ${public_ips}
+    ${oam_ips}   Get From Dictionary   ${addresses}   ${GLOBAL_VM_PROPERTIES['network']}
+    ${this_oam_ip}=   Get V4 IP   ${oam_ips}
+    Return From Keyword If   '${this_oam_ip}' == '${oam_ip}'   ${public_ip}
+    Fail  ${oam_ip} Server Not Found
+
+Get V4 IP
+    [Arguments]   ${ipmaps}
+    :for   ${ipmap}   in   @{ipmaps}
+    \    ${ip}   Get From Dictionary   ${ipmap}   addr
+    \    ${version}   Get From Dictionary   ${ipmap}   version
+    \    Return from Keyword if   '${version}' == '4'   ${ip}
+    Fail  No Version 4 IP
\ No newline at end of file