X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=installation%2Fsdnc%2Fsrc%2Fmain%2Fscripts%2FinstallCerts.py;h=2aaa20276c32b2eb831d4857c157a4f4101b3aa0;hb=235822c81f892d32eb015cae7a1488319d76bc3b;hp=d3072847cab0b5bd71b5e926157f4ac59c396e10;hpb=52cbd5cc5c206250d6d4dd661cb11a851fd18e52;p=sdnc%2Foam.git diff --git a/installation/sdnc/src/main/scripts/installCerts.py b/installation/sdnc/src/main/scripts/installCerts.py index d3072847..2aaa2027 100644 --- a/installation/sdnc/src/main/scripts/installCerts.py +++ b/installation/sdnc/src/main/scripts/installCerts.py @@ -2,6 +2,7 @@ # Copyright (C) 2019 Nordix Foundation. # ================================================================================ # extended by highstreet technologies GmbH (c) 2020 +# Copyright (c) 2021 Nokia Intellectual Property. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -22,6 +23,7 @@ # coding=utf-8 import os +import sys import re import http.client import base64 @@ -50,7 +52,6 @@ zipFileList = [] username = os.environ['ODL_ADMIN_USERNAME'] password = os.environ['ODL_ADMIN_PASSWORD'] -newpassword = os.environ.get('ODL_ADMIN_NEWPASSWORD') TIMEOUT=1000 INTERVAL=30 timePassed=0 @@ -158,17 +159,23 @@ def makeRestconfPost(conn, json_file, apiCall): req = conn.request("POST", apiCall, json_file, headers=headers) res = conn.getresponse() res.read() - if res.status != 200: + if res.status != 200 and res.status != 204: logging.error("Error here, response back wasnt 200: Response was : %d , %s" % (res.status, res.reason)) + writeCertInstallStatus("NOTOK") else: logging.debug("Response :%s Reason :%s ",res.status, res.reason) def extractZipFiles(zipFileList, count): for zipFolder in zipFileList: - with zipfile.ZipFile(Path + "/" + zipFolder.strip(),"r") as zip_ref: - zip_ref.extractall(Path) - folder = zipFolder.rsplit(".")[0] - processFiles(folder, count) + try: + with zipfile.ZipFile(Path + "/" + zipFolder.strip(),"r") as zip_ref: + zip_ref.extractall(Path) + folder = zipFolder.rsplit(".")[0] + processFiles(folder, count) + except Exception as e: + logging.error("Error while extracting zip file(s). Exiting Certificate Installation.") + logging.info("Error details : %s" % e) + writeCertInstallStatus("NOTOK") def processFiles(folder, count): logging.info('Process folder: %d %s', count, folder) @@ -182,6 +189,7 @@ def processFiles(folder, count): clientCrt = readFile(folder, file.strip()) else: logging.error("Could not find file %s" % file.strip()) + writeCertInstallStatus("NOTOK") shutil.rmtree(Path + "/" + folder) post_content(clientKey, clientCrt, certList, count) @@ -227,6 +235,7 @@ def makeHealthcheckCall(headers, timePassed): if timePassed > TIMEOUT: logging.error("TIME OUT: Healthcheck not passed in %d seconds... Could cause problems for testing activities..." %TIMEOUT) + writeCertInstallStatus("NOTOK") return connected @@ -244,7 +253,7 @@ def get_pass(file_name): return "'{}'".format(password) except Exception as e: logging.error("Error occurred while fetching password : %s", e) - exit() + writeCertInstallStatus("NOTOK") def cleanup(): for file in os.listdir(Path): @@ -268,11 +277,13 @@ def jks_to_p12(file, password): return file except Exception as e: logging.error("Error occurred while converting jks to p12 format : %s", e) + writeCertInstallStatus("NOTOK") def make_cert_chain(cert_chain, pattern): cert_list = [] if cert_chain: + cert_chain = cert_chain.decode('utf-8') matches = re.findall(pattern, cert_chain, re.DOTALL | re.MULTILINE) for cert in matches: cert_list.append(cert.strip()) @@ -323,30 +334,10 @@ def process_jks_files(count): logging.debug("No JKS files found in %s directory" % Path) except subprocess.CalledProcessError as err: print("CalledProcessError Execution of OpenSSL command failed: %s" % err) + writeCertInstallStatus("NOTOK") except Exception as e: logging.error("UnExpected Error while processing JKS files at {0}, Caused by: {1}".format(Path, e)) - -def replaceAdminPassword(username, password, newpassword): - if newpassword is None: - logging.info('Not to replace password for user %s', username) - else: - logging.info('Replace password for user %s', username) - try: - jsondata = '{\"password\": \"{newpassword}\"}'.format(newpassword=newpassword) - url = '/auth/v1/users/{username}@sdn'.format(username=username) - loggin.info("Url %s data $s", url, jsondata) - conn = http.client.HTTPConnection("localhost",odl_port) - req = conn.request("PUT", url, jsondata, headers=headers) - res = conn.getresponse() - res.read() - httpStatus = res.status - if httpStatus == 200: - logging.debug("New password provided successfully for user %s", username) - else: - logging.debug("Password change was not possible. Problem code was: %d", httpStatus) - except: - logging.error("Cannot execute REST call to set password.") - + writeCertInstallStatus("NOTOK") def readCertProperties(): ''' @@ -358,7 +349,6 @@ def readCertProperties(): connected = makeHealthcheckCall(headers, timePassed) logging.info('Connected status: %s', connected) if connected: - replaceAdminPassword(username, password, newpassword) count = 0 if os.path.isfile(Path + "/certs.properties"): with open(Path + "/certs.properties", "r") as f: @@ -373,7 +363,22 @@ def readCertProperties(): logging.debug("No certs.properties/zip files exist at: " + Path) logging.info("Processing any available jks/p12 files under cert directory") process_jks_files(count) - + else: + logging.info('Connected status: %s', connected) + logging.info('Stopping SDNR due to inability to install certificates') + writeCertInstallStatus("NOTOK") + +def writeCertInstallStatus(installStatus): + if installStatus == "NOTOK": + with open(os.path.join(log_directory, 'INSTALLCERTSFAIL'), 'w') as fp: + pass + sys.exit(1) + elif installStatus == "OK": + with open(os.path.join(log_directory, 'INSTALLCERTSPASS'), 'w') as fp: + pass + sys.exit(0) readCertProperties() logging.info('Cert installation ending') +writeCertInstallStatus("OK") +