From 92dff7dcb033c354ffbaf49e06c10f4c52defcb7 Mon Sep 17 00:00:00 2001 From: Remigiusz Janeczek Date: Wed, 15 Jul 2020 15:22:57 +0200 Subject: [PATCH] Add sftp strict host key checking to DFC in 5G-bulkpm test Issue-ID: DCAEGEN2-2219 Signed-off-by: Remigiusz Janeczek Change-Id: Ie616b5a3ac4228442bc0623d28f0d9c560fde696 --- .../5G-bulkpm/assets/dfc/datafile_endpoints.json | 1 + .../5G-bulkpm/composefile/docker-compose-e2e.yml | 2 ++ plans/usecases-5G-bulkpm/5G-bulkpm/setup.sh | 7 ++++++- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json b/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json index 6abfb566..bd13327b 100644 --- a/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json +++ b/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json @@ -10,6 +10,7 @@ "dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks", "dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass", "dmaap.security.enableDmaapCertAuth": "false", + "sftp.security.strictHostKeyChecking": "true", "streams_publishes": { "PM_MEAS_FILES": { "type": "data_router", diff --git a/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml b/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml index e2f16a7c..dff4824c 100644 --- a/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml +++ b/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml @@ -110,6 +110,8 @@ services: tmp_bulk-pm-network: aliases: - dcaegen2-datafile-collector + environment: + KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts" cbs-sim: container_name: config-binding-service-sim diff --git a/plans/usecases-5G-bulkpm/5G-bulkpm/setup.sh b/plans/usecases-5G-bulkpm/5G-bulkpm/setup.sh index 1f5f26df..8cb3d9f8 100644 --- a/plans/usecases-5G-bulkpm/5G-bulkpm/setup.sh +++ b/plans/usecases-5G-bulkpm/5G-bulkpm/setup.sh @@ -78,6 +78,11 @@ DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway DMAAP_MR_IP=$(docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' dmaap-message-router-server) VESC_IP=$(docker inspect '--format={{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' dcaegen2-vescollector) +#Add SFTP server pubilc key to known hosts of datafile collector +HOST_NAMES=$(docker inspect -f '{{ range .NetworkSettings.Networks}}{{join .Aliases ","}}{{end}}' sftp) +KEY_ENTRY=$(echo $HOST_NAMES "$(docker exec sftp cat /etc/ssh/ssh_host_rsa_key.pub)" | sed -e 's/\w*@\w*$//') +docker exec -i -u root dcaegen2-datafile-collector sh -c "echo $KEY_ENTRY >> /home/datafile/.ssh/known_hosts" + # Add gateway IP to DR Prov docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" @@ -116,4 +121,4 @@ export VESC_PORT=8080 export DMAAP_MR_IP=${DMAAP_MR_IP} #Pass any variables required by Robot test suites in ROBOT_VARIABLES -ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DMAAP_MR_IP:${DMAAP_MR_IP} -v VESC_IP:${VESC_IP} -v VESC_PORT:${VESC_PORT}" \ No newline at end of file +ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DMAAP_MR_IP:${DMAAP_MR_IP} -v VESC_IP:${VESC_IP} -v VESC_PORT:${VESC_PORT}" -- 2.16.6