aboutsummaryrefslogtreecommitdiffstats
path: root/robot
diff options
context:
space:
mode:
authorKatarzyna Wasiel <katarzyna.wasiel@nokia.com>2020-12-02 13:39:45 +0100
committerKrzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com>2020-12-03 08:11:11 +0000
commit7ebd4b3ad2899a4f53560c9105dfa331d63d103a (patch)
tree772d84d1ff7c38fd04a3269822f416d741b32b7b /robot
parentfcfe34d074fa76f89f76dc922bbfa4b7c9704f02 (diff)
Eliminate man-in-the-middle attack in DFC/SFTP protocol - E2E tests
Issue-ID: INT-1797 Signed-off-by: Katarzyna Wasiel <katarzyna.wasiel@nokia.com> Change-Id: I369f96ea18d772205579ad64fdb6e6ed37f2d8eb
Diffstat (limited to 'robot')
-rw-r--r--robot/resources/usecases/5gbulkpm_interface.robot37
-rw-r--r--robot/testsuites/usecases/5gbulkpm.robot92
2 files changed, 108 insertions, 21 deletions
diff --git a/robot/resources/usecases/5gbulkpm_interface.robot b/robot/resources/usecases/5gbulkpm_interface.robot
index 86b0ca00..0655e53e 100644
--- a/robot/resources/usecases/5gbulkpm_interface.robot
+++ b/robot/resources/usecases/5gbulkpm_interface.robot
@@ -60,4 +60,39 @@ Send File Ready Event to VES Collector
Should Be Equal As Strings ${resp.status_code} 202
${VES_FILE_READY_NOTIFICATION} Set Variable {"event":{"commonEventHeader":{"version":"4.0.1","vesEventListenerVersion":"7.0.1","domain":"notification","eventName":"Noti_RnNode-Ericsson_FileReady","eventId":"FileReady_1797490e-10ae-4d48-9ea7-3d7d790b25e1","lastEpochMicrosec":8745745764578,"priority":"Normal","reportingEntityName":"otenb5309","sequence":0,"sourceName":"oteNB5309","startEpochMicrosec":8745745764578,"timeZoneOffset":"UTC+05.30"},"notificationFields":{"changeIdentifier":"PM_MEAS_FILES","changeType":"FileReady","notificationFieldsVersion":"2.0","arrayOfNamedHashMap":[{"name":"A${epoch}.xml.gz","hashMap":{"location":"sftp://bulkpm:bulkpm@sftpserver:22/upload/A${epoch}.xml.gz","compression":"gzip","fileFormatType":"org.3GPP.32.435#measCollec","fileFormatVersion":"V10"}}]}}}
${resp}= Post Request ves ${VES_LISTENER_PATH} data=${VES_FILE_READY_NOTIFICATION} headers=${headers}
- Should Be Equal As Strings ${resp.status_code} 202 \ No newline at end of file
+ Should Be Equal As Strings ${resp.status_code} 202
+
+Upload PM Files to xNF SFTP Server
+ [Arguments] ${ftp_file_path}
+ Open Connection sftpserver
+ Login bulkpm bulkpm
+ ${epoch}= Get Current Date result_format=epoch
+ Set Global Variable ${epoch}
+ Put File ${ftp_file_path} upload/A${epoch}.xml.gz
+ [Return] ${epoch}
+
+Check Given Print In DFC Log
+ [Arguments] ${CHECK_DFC_LOGS}
+ ${dfc_logs}= Run Given Command On DFC Container ${CHECK_DFC_LOGS}
+ Should Contain ${dfc_logs} HostKey has been changed
+
+Run Given Command On DFC Container
+ [Arguments] ${user_command}
+ ${run_command} = Run And Return Rc And Output ${user_command}
+ ${command_output} = Set Variable ${run_command[1]}
+ ${regexp_matches} = Get Regexp Matches ${command_output} .*(\\s|\\[)+(.+-datafile-collector).* 2
+ ${dfc_container_name} = Set Variable ${regexp_matches[0]}
+ ${new_command} = Set Variable ${user_command} ${dfc_container_name}
+ ${command_output} = Run And Return Rc And Output ${new_command}
+ Should Be Equal As Integers ${command_output[0]} 0
+ ${log} = Set Variable ${command_output[1]}
+ [Return] ${log}
+
+Check Known Hosts In Env
+ [Arguments] ${CHECK_KNOWN_HOSTS}
+ ${check} = Run And Return Rc And Output ${CHECK_KNOWN_HOSTS}
+ Should Be Equal As Integers ${check[0]} 0
+ ${env} = Set Variable ${check[1]}
+ ${string_matches} = Get Lines Containing String ${env} KNOWN_HOSTS_FILE_PATH=/home/datafile/.ssh/known_host case_insensitive=True
+ ${output} = Should Not Be Empty ${string_matches}
+ [Return] ${output}
diff --git a/robot/testsuites/usecases/5gbulkpm.robot b/robot/testsuites/usecases/5gbulkpm.robot
index 6ead3811..07ea3b7b 100644
--- a/robot/testsuites/usecases/5gbulkpm.robot
+++ b/robot/testsuites/usecases/5gbulkpm.robot
@@ -17,6 +17,8 @@ Resource ../../resources/dr_interface.robot
Suite Setup Send File Ready Event to VES Collector test
Suite Teardown Usecase Teardown
+
+
*** Variables ***
${INVENTORY_ENDPOINT} /dcae-service-types
${XNF_SFTP_BLUEPRINT_PATH} ${EXECDIR}/robot/assets/usecases/5gbulkpm/k8s-sftp.yaml
@@ -35,16 +37,20 @@ ${VES_LISTENER_PATH} /eventListener/v7
${PMMAPPER_SUB_ROLE_DATA} ${EXECDIR}/robot/assets/usecases/5gbulkpm/sub.json
${PMMAPPER_MR_CLUSTER_DATA} ${EXECDIR}/robot/assets/usecases/5gbulkpm/mr_clusters.json
${NEXUS3} ${GLOBAL_INJECTED_NEXUS_DOCKER_REPO}
-
-
+${SET_KNOWN_HOSTS_FILE_PATH} kubectl set env deployment/$(kubectl get deployment -n onap | grep datafile | awk '{print $1}') KNOWN_HOSTS_FILE_PATH=/home/datafile/.ssh/known_hosts -n onap
+${CHECK_ENV_SET} kubectl set env pod/$(kubectl get pod -n onap | grep datafile | awk '{print $1}') --list -n onap
+${GET_RSA_KEY} kubectl exec $(kubectl get pod -n onap | grep sftpserver | awk '{print $1}') -n onap -- ssh-keyscan -t rsa sftpserver > /tmp/known_hosts
+${COPY_RSA_KEY} kubectl cp /tmp/known_hosts $(kubectl get pod -n onap | grep datafile | awk '{print $1}'):/home/datafile/.ssh/known_hosts -n onap
+${CHECK_DFC_LOGS} kubectl logs $(kubectl get pod -n onap | grep datafile | awk '{print $1}') -n onap --tail=4
+${EXPECTED_PRINT} StrictHostKeyChecking is enabled but environment variable KNOWN_HOSTS_FILE_PATH is not set or points to not existing file
*** Test Cases ***
Deploying Data File Collector
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${headers}= Create Dictionary content-type=application/json
${session}= Create Session dfc ${INVENTORY_SERVER}
- ${resp}= Get Request dfc ${INVENTORY_ENDPOINT}?typeName=k8s-datafile headers=${headers}
+ ${resp}= Get Request dfc ${INVENTORY_ENDPOINT}?typeName=k8s-datafile headers=${headers}
${json}= Set Variable ${resp.json()}
${serviceTypeId-Dfc} Set Variable ${json['items'][0]['typeId']}
${image} Get Regexp Matches ${json['items'][0]['blueprintTemplate']} nexus3(.)*?(?=\\")
@@ -58,7 +64,7 @@ Deploying Data File Collector
Wait Until Keyword Succeeds 5 minute 20 sec Deployment Status ${DEPLOYMENT_SERVER} ${DEPLOYMENT_ENDPOINT} datafile ${operationId}
Deploying 3GPP PM Mapper
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${clusterdata}= OperatingSystem.Get File ${PMMAPPER_MR_CLUSTER_DATA}
${headers}= Create Dictionary content-type=application/json
${session}= Create Session dmaapbc ${DMAAP_BC_SERVER}
@@ -78,7 +84,7 @@ Deploying 3GPP PM Mapper
Wait Until Keyword Succeeds 6 minute 10 sec Deployment Status ${DEPLOYMENT_SERVER} ${DEPLOYMENT_ENDPOINT} pmmapper ${operationId}
Deploying SFTP Server As xNF
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${blueprint}= OperatingSystem.Get File ${XNF_SFTP_BLUEPRINT_PATH}
${templatejson}= Load JSON From File ${BLUEPRINT_TEMPLATE_PATH}
${templatejson}= Update Value To Json ${templatejson} blueprintTemplate ${blueprint}
@@ -98,7 +104,7 @@ Deploying SFTP Server As xNF
Checking PERFORMANCE_MEASUREMENTS Topic In Message Router
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${headers}= Create Dictionary content-type=application/json
${subdata}= OperatingSystem.Get File ${PMMAPPER_SUB_ROLE_DATA}
${session}= Create Session dmaapbc ${DMAAP_BC_SERVER}
@@ -111,28 +117,74 @@ Checking PERFORMANCE_MEASUREMENTS Topic In Message Router
${resp}= Run MR Auth Get Request ${MR_TOPIC_URL_PATH} ${GLOBAL_DCAE_USERNAME} ${GLOBAL_DCAE_PASSWORD}
Should Be Equal As Strings ${resp.status_code} 200
-Upload PM Files to xNF SFTP Server
- [Tags] 5gbulkpm
- Open Connection sftpserver
- Login bulkpm bulkpm
- ${epoch}= Get Current Date result_format=epoch
+Upload PM Files to xNF SFTP Server After Services Deployed
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
+ Upload PM Files to xNF SFTP Server ${FTP_FILE_PATH}
Set Global Variable ${epoch}
- Put File ${FTP_FILE_PATH} upload/A${epoch}.xml.gz
DR Bulk PM Feed Check
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${resp}= Run DR Get Request ${DR_SUB_CHECK_PATH}
Should Contain ${resp.text} bulk_pm_feed
DR PM Mapper Subscriber Check
- [Tags] 5gbulkpm
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
${resp}= Run DR Get Request ${DR_SUB_CHECK_PATH}
Should Contain ${resp.text} https://dcae-pm-mapper:8443/delivery
-Sending File Ready Event to VES Collector
- [Tags] 5gbulkpm
- Send File Ready Event to VES Collector ${epoch}
+Sending File Ready Event to VES Collector After Services Deployed
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
+ Send File Ready Event to VES Collector ${epoch}
+
+Verifying 3GPP Perf VES Content On PERFORMANCE_MEASUREMENTS Topic After Services Deployed
+ [Tags] 5gbulkpm 5gbulkpm_checking_sftp_rsa_key
+ Wait Until Keyword Succeeds 5 minute 5 sec xNF PM File Validate perf3gpp_RnNode-Ericsson_pmMeasResult
+
+Setting Known_Hosts Environment Set
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ ${rc}= Run and Return RC ${SET_KNOWN_HOSTS_FILE_PATH}
+ Should Be Equal As Integers ${rc} 0
+ Wait Until Keyword Succeeds 5 min 10s Check Known Hosts In Env ${CHECK_ENV_SET}
+ ${rc}= Run and Return RC ${GET_RSA_KEY}
+ Should Be Equal As Integers ${rc} 0
+ ${rc}= Run and Return RC ${COPY_RSA_KEY}
+ Should Be Equal As Integers ${rc} 0
+
+Uploading PM Files to xNF SFTP Server After Known_Host Set
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ Upload PM Files to xNF SFTP Server ${FTP_FILE_PATH}
+ Set Global Variable ${epoch}
+
+Sending File Ready Event to VES Collector After Known_Host Set
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ Send File Ready Event to VES Collector ${epoch}
-Verifying 3GPP Perf VES Content On PERFORMANCE_MEASUREMENTS Topic
- [Tags] 5gbulkpm
+Verifying 3GPP Perf VES Content On PERFORMANCE_MEASUREMENTS Topic After Known_Host Set
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
Wait Until Keyword Succeeds 5 minute 5 sec xNF PM File Validate perf3gpp_RnNode-Ericsson_pmMeasResult
+
+Checking DFC Logs After Known_Hosts Set
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ ${dfc_logs}= Run Given Command On DFC Container ${CHECK_DFC_LOGS}
+ Should Not Contain ${dfc_logs} ${EXPECTED_PRINT}
+
+Changing RSA Key Known_Hosts
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ ${get_known_hosts_file}= OperatingSystem.Get File /tmp/known_hosts
+ ${change_rsa_key}= Replace String ${get_known_hosts_file} A a
+ Create File /tmp/known_hosts ${change_rsa_key}
+ ${rc}= Run and Return RC ${COPY_RSA_KEY}
+ Should Be Equal As Integers ${rc} 0
+
+Uploading PM Files to xNF SFTP Server After RSA Key Change
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ Upload PM Files to xNF SFTP Server ${FTP_FILE_PATH}
+ Set Global Variable ${epoch}
+
+Sending File Ready Event to VES Collector After RSA Key Change
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ Send File Ready Event to VES Collector ${epoch}
+
+Checking DFC Logs After RSA Key Change
+ [Tags] 5gbulkpm_checking_sftp_rsa_key
+ Wait Until Keyword Succeeds 5 sec 30 sec Check Given Print In DFC LOG ${CHECK_DFC_LOGS}