X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=plans%2Faaf%2Fcertservice%2Fsetup.sh;h=1200e964a1023eb0210bcc948b58d8ccfd48e0b9;hb=8380fca432d740fe0c1d00fb9a39d3917672d91e;hp=48bf00b9be14e9278e2c8a977d48f74c3e278b04;hpb=8892bfac922381ae5bc840d6013624b38c8ecef4;p=integration%2Fcsit.git diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh index 48bf00b9..1200e964 100644 --- a/plans/aaf/certservice/setup.sh +++ b/plans/aaf/certservice/setup.sh @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright 2017 ZTE Corporation. +# Copyright 2020 Nokia. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,16 +15,95 @@ # limitations under the License. # -AAFCERT_IMAGE=nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:latest +# ------------------------------------ +# Resolve path to script's directory and cmp servers configuration -echo AAFCERT_IMAGE=${AAFCERT_IMAGE} +SCRIPT=`realpath $0` +CURRENT_WORKDIR_PATH=`dirname $SCRIPT` +PROJECT_DIRECTORY="plans/aaf/certservice" -# Start AAF Cert Srevice -docker run -p 8080:8080 -d --name aafcert ${AAFCERT_IMAGE} +SCRIPTS_DIRECTORY="scripts" -AAFCERT_IP=`get-instance-ip.sh aafcert` -export AAFCERT_IP=${AAFCERT_IP} +JENKINS_SCRIPTS_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$SCRIPTS_DIRECTORY" +LOCAL_SCRIPTS_PATH="$CURRENT_WORKDIR_PATH/$SCRIPTS_DIRECTORY" +# ------------------------------------ +#Prepare enviroment for client +#install docker sdk +echo "Uninstall docker-py and reinstall docker." +pip uninstall -y docker-py +pip uninstall -y docker +pip install -U docker==2.7.0 + +#reinstall pyopenssl library +echo "Reinstall pyopenssl library." +pip uninstall pyopenssl -y +pip install pyopenssl==17.5.0 + +#install pyjks for .jks files management +pip install pyjks + +#Disable proxy - for local run +unset http_proxy https_proxy + +#export container name +export ClientContainerName=CertServiceClient +# ------------------------------------ + +if test -d "$JENKINS_SCRIPTS_PATH"; then + SCRIPTS_PATH=$JENKINS_SCRIPTS_PATH +else test -f "$LOCAL_SCRIPTS_PATH"; + SCRIPTS_PATH=$LOCAL_SCRIPTS_PATH +fi +echo "Use scripts from: $SCRIPTS_PATH" + +CONFIGURATION_FILE="cmpServers.json" + +JENKINS_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$CONFIGURATION_FILE" +LOCAL_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$CONFIGURATION_FILE" + +if test -f "$JENKINS_CONFIGURATION_PATH"; then + CONFIGURATION_PATH="$JENKINS_CONFIGURATION_PATH" +else test -f "$LOCAL_CONFIGURATION_PATH"; + CONFIGURATION_PATH=$LOCAL_CONFIGURATION_PATH +fi +echo "Use configuration from: $CONFIGURATION_PATH" + +# ------------------------------------- + +export CONFIGURATION_PATH=${CONFIGURATION_PATH} +export SCRIPTS_PATH=${SCRIPTS_PATH} + +#Generate keystores, truststores, certificates and keys +mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/ +make all -C ./certs/ +cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt +echo "Generated keystores" +openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt +echo "Generated server certificate" +openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key +echo "Generated server key" + +docker-compose up -d + +AAFCERT_IP='none' # Wait container ready -sleep 5 +for i in {1..9} +do + AAFCERT_IP=`get-instance-ip.sh aafcert-service` + RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \ + python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]') + if [[ "$RESP_CODE" == "UP" ]]; then + echo 'AAF Cert Service is ready' + export AAFCERT_IP=${AAFCERT_IP} + docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh + break + fi + echo 'Waiting for AAF Cert Service to start up...' + sleep 30s +done +if [ "$AAFCERT_IP" == 'none' -o "$AAFCERT_IP" == '' ]; then + echo "AAF Cert Service is not ready!" + exit 1 # Return error code +fi