From c21b0084bfbe44af90047f23141e90a8bdb41482 Mon Sep 17 00:00:00 2001 From: Joanna Jeremicz Date: Mon, 15 Jun 2020 16:21:55 +0200 Subject: [PATCH] Add testcases for PEM and JKS output type Issue-ID: AAF-1152 Change-Id: I99f7fadf7e4e890ff86011226dbcf3761c185072 Signed-off-by: Joanna Jeremicz --- plans/aaf/certservice/setup.sh | 3 + .../assets/invalid_client_docker_output_type.env | 17 ++++++ .../certservice/assets/valid_client_docker_jks.env | 17 ++++++ .../certservice/assets/valid_client_docker_p12.env | 17 ++++++ .../certservice/assets/valid_client_docker_pem.env | 17 ++++++ tests/aaf/certservice/cert-service-test.robot | 33 ++++++++-- tests/aaf/certservice/libraries/ArtifactParser.py | 40 +++++++++++++ .../certservice/libraries/JksArtifactsValidator.py | 45 ++++++++++++++ .../aaf/certservice/libraries/JksFilesValidator.py | 70 ---------------------- .../certservice/libraries/P12ArtifactsValidator.py | 37 ++++++++++++ .../certservice/libraries/PemArtifactsValidator.py | 39 ++++++++++++ .../resources/cert-service-keywords.robot | 45 +++++++++++++- .../resources/cert-service-properties.robot | 4 ++ 13 files changed, 307 insertions(+), 77 deletions(-) create mode 100644 tests/aaf/certservice/assets/invalid_client_docker_output_type.env create mode 100644 tests/aaf/certservice/assets/valid_client_docker_jks.env create mode 100644 tests/aaf/certservice/assets/valid_client_docker_p12.env create mode 100644 tests/aaf/certservice/assets/valid_client_docker_pem.env create mode 100644 tests/aaf/certservice/libraries/ArtifactParser.py create mode 100644 tests/aaf/certservice/libraries/JksArtifactsValidator.py delete mode 100644 tests/aaf/certservice/libraries/JksFilesValidator.py create mode 100644 tests/aaf/certservice/libraries/P12ArtifactsValidator.py create mode 100644 tests/aaf/certservice/libraries/PemArtifactsValidator.py diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh index b23b7192..1200e964 100644 --- a/plans/aaf/certservice/setup.sh +++ b/plans/aaf/certservice/setup.sh @@ -40,6 +40,9 @@ echo "Reinstall pyopenssl library." pip uninstall pyopenssl -y pip install pyopenssl==17.5.0 +#install pyjks for .jks files management +pip install pyjks + #Disable proxy - for local run unset http_proxy https_proxy diff --git a/tests/aaf/certservice/assets/invalid_client_docker_output_type.env b/tests/aaf/certservice/assets/invalid_client_docker_output_type.env new file mode 100644 index 00000000..cff46646 --- /dev/null +++ b/tests/aaf/certservice/assets/invalid_client_docker_output_type.env @@ -0,0 +1,17 @@ +#Client envs +REQUEST_TIMEOUT=30000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=INV +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret +#Csr config envs +COMMON_NAME=onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +SANS=example.com:sample.com diff --git a/tests/aaf/certservice/assets/valid_client_docker_jks.env b/tests/aaf/certservice/assets/valid_client_docker_jks.env new file mode 100644 index 00000000..19de0750 --- /dev/null +++ b/tests/aaf/certservice/assets/valid_client_docker_jks.env @@ -0,0 +1,17 @@ +#Client envs +REQUEST_TIMEOUT=30000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=JKS +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret +#Csr config envs +COMMON_NAME=onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +SANS=example.com:sample.com diff --git a/tests/aaf/certservice/assets/valid_client_docker_p12.env b/tests/aaf/certservice/assets/valid_client_docker_p12.env new file mode 100644 index 00000000..0f1cfc28 --- /dev/null +++ b/tests/aaf/certservice/assets/valid_client_docker_p12.env @@ -0,0 +1,17 @@ +#Client envs +REQUEST_TIMEOUT=30000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=P12 +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret +#Csr config envs +COMMON_NAME=onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +SANS=example.com:sample.com diff --git a/tests/aaf/certservice/assets/valid_client_docker_pem.env b/tests/aaf/certservice/assets/valid_client_docker_pem.env new file mode 100644 index 00000000..f704f21e --- /dev/null +++ b/tests/aaf/certservice/assets/valid_client_docker_pem.env @@ -0,0 +1,17 @@ +#Client envs +REQUEST_TIMEOUT=30000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=PEM +KEYSTORE_PATH=/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/aaf/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret +#Csr config envs +COMMON_NAME=onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +SANS=example.com:sample.com diff --git a/tests/aaf/certservice/cert-service-test.robot b/tests/aaf/certservice/cert-service-test.robot index 90ee1a37..ddf7a174 100644 --- a/tests/aaf/certservice/cert-service-test.robot +++ b/tests/aaf/certservice/cert-service-test.robot @@ -48,15 +48,40 @@ Report Bad Request Error When PK Is Not Valid [Documentation] Send request to ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} endpoint and expect 400 Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400 -Cert Service Client successfully creates keystore and truststore +Cert Service Client successfully creates keystore.p12 and truststore.p12 [Tags] AAF-CERT-SERVICE [Documentation] Run with correct env and expected exit code 0 - Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE} 0 + Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code ${VALID_ENV_FILE} 0 -Cert Service Client successfully creates keystore and truststore with expected data +Cert Service Client successfully creates keystore.jks and truststore.jks + [Tags] AAF-CERT-SERVICE + [Documentation] Run with correct env and expected exit code 0 + Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE_JKS} 0 + +Cert Service Client successfully creates keystore and truststore with expected data with no OUTPUT_TYPE + [Tags] AAF-CERT-SERVICE + [Documentation] Run with correct env and PKCS12 files created with correct data + Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE} 0 + +Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=JKS [Tags] AAF-CERT-SERVICE [Documentation] Run with correct env and JKS files created with correct data - Run Cert Service Client And Validate JKS Files Contain Expected Data ${VALID_ENV_FILE} 0 + Run Cert Service Client And Validate JKS Files Contain Expected Data ${VALID_ENV_FILE_JKS} 0 + +Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=P12 + [Tags] AAF-CERT-SERVICE + [Documentation] Run with correct env and PKCS12 files created with correct data + Run Cert Service Client And Validate PKCS12 Files Contain Expected Data ${VALID_ENV_FILE_P12} 0 + +Cert Service Client successfully creates keystore and truststore with expected data with OUTPUT_TYPE=PEM + [Tags] AAF-CERT-SERVICE + [Documentation] Run with correct env and PEM files created with correct data + Run Cert Service Client And Validate PEM Files Contain Expected Data ${VALID_ENV_FILE_PEM} 0 + +Cert Service Client reports error when OUTPUT_TYPE is invalid + [Tags] AAF-CERT-SERVICE + [Documentation] Run with invalid OUTPUT_TYPE env and expected exit code 1 + Run Cert Service Client And Validate Client Exit Code ${INVALID_ENV_FILE_OUTPUT_TYPE} 1 Run Cert Service Client Container And Validate Exit Code And API Response [Tags] AAF-CERT-SERVICE diff --git a/tests/aaf/certservice/libraries/ArtifactParser.py b/tests/aaf/certservice/libraries/ArtifactParser.py new file mode 100644 index 00000000..54e8d0ff --- /dev/null +++ b/tests/aaf/certservice/libraries/ArtifactParser.py @@ -0,0 +1,40 @@ +from cryptography.x509.oid import ExtensionOID +from cryptography import x509 + +class ArtifactParser: + + def __init__(self, mount_path, ext): + self.keystorePassPath = mount_path + '/keystore.pass' + self.keystorePath = mount_path + '/keystore.' + ext + self.truststorePassPath = mount_path + '/truststore.pass' + self.truststorePath = mount_path + '/truststore.' + ext + + def contains_expected_data(self, data): + expectedData = data.expectedData + actualData = data.actualData + return cmp(expectedData, actualData) == 0 + + def get_owner_data_from_certificate(self, certificate): + list = certificate.get_subject().get_components() + return dict((k, v) for k, v in list) + + def get_sans(self, cert): + extension = cert.to_cryptography().extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME) + dnsList = extension.value.get_values_for_type(x509.DNSName) + return ':'.join(map(lambda dns: dns.encode('ascii','ignore'), dnsList)) + + def get_envs_as_dict(self, list): + envs = self.get_list_of_pairs_by_mappings(list) + return self.remove_nones_from_dict(envs) + + def remove_nones_from_dict(self, dictionary): + return dict((k, v) for k, v in dictionary.iteritems() if k is not None) + + def get_list_of_pairs_by_mappings(self, list): + mappings = self.get_mappings() + listOfEnvs = map(lambda k: k.split('='), list) + return dict((mappings.get(a[0]), a[1]) for a in listOfEnvs) + + def get_mappings(self): + return {'COMMON_NAME':'CN', 'ORGANIZATION':'O', 'ORGANIZATION_UNIT':'OU', 'LOCATION':'L', 'STATE':'ST', 'COUNTRY':'C', 'SANS':'SANS'} + diff --git a/tests/aaf/certservice/libraries/JksArtifactsValidator.py b/tests/aaf/certservice/libraries/JksArtifactsValidator.py new file mode 100644 index 00000000..e2fdde91 --- /dev/null +++ b/tests/aaf/certservice/libraries/JksArtifactsValidator.py @@ -0,0 +1,45 @@ +import jks +from OpenSSL import crypto +from cryptography import x509 +from cryptography.hazmat.backends import default_backend +from EnvsReader import EnvsReader +from ArtifactParser import ArtifactParser + +class JksArtifactsValidator: + + def __init__(self, mount_path): + self.parser = ArtifactParser(mount_path, "jks") + + def get_and_compare_data_jks(self, path_to_env): + data = self.get_data_jks(path_to_env) + return data, self.parser.contains_expected_data(data) + + def get_keystore(self): + keystore = jks.KeyStore.load(self.parser.keystorePath, open(self.parser.keystorePassPath, 'rb').read()) + return keystore.private_keys['certificate'].cert_chain[0][1] + + def get_truststore(self): + truststore = jks.KeyStore.load(self.parser.truststorePath, open(self.parser.truststorePassPath, 'rb').read()) + return truststore.certs + + def can_open_keystore_and_truststore_with_pass_jks(self): + try: + jks.KeyStore.load(self.parser.keystorePath, open(self.parser.keystorePassPath, 'rb').read()) + jks.KeyStore.load(self.parser.truststorePath, open(self.parser.truststorePassPath, 'rb').read()) + return True + except: + return False + + def get_data_jks(self, path_to_env): + envs = self.parser.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env)) + certificate = self.get_keystore_certificate() + data = self.parser.get_owner_data_from_certificate(certificate) + data['SANS'] = self.parser.get_sans(certificate) + return type('', (object,), {"expectedData": envs, "actualData": data}) + + def get_keystore_certificate(self): + return crypto.X509.from_cryptography(self.load_x509_certificate(self.get_keystore())) + + def load_x509_certificate(self, data): + cert = x509.load_der_x509_certificate(data, default_backend()) + return cert diff --git a/tests/aaf/certservice/libraries/JksFilesValidator.py b/tests/aaf/certservice/libraries/JksFilesValidator.py deleted file mode 100644 index 8c150de4..00000000 --- a/tests/aaf/certservice/libraries/JksFilesValidator.py +++ /dev/null @@ -1,70 +0,0 @@ -from OpenSSL import crypto -from cryptography.x509.oid import ExtensionOID -from cryptography import x509 -from EnvsReader import EnvsReader - -class JksFilesValidator: - - def __init__(self, mount_path): - self.keystorePassPath = mount_path + '/keystore.pass' - self.keystoreJksPath = mount_path + '/keystore.jks' - self.truststorePassPath = mount_path + '/truststore.pass' - self.truststoreJksPath = mount_path + '/truststore.jks' - - def get_and_compare_data(self, path_to_env): - data = self.get_data(path_to_env) - return data, self.contains_expected_data(data) - - def can_open_keystore_and_truststore_with_pass(self): - can_open_keystore = self.can_open_jks_file_with_pass_file(self.keystorePassPath, self.keystoreJksPath) - can_open_truststore = self.can_open_jks_file_with_pass_file(self.truststorePassPath, self.truststoreJksPath) - - return can_open_keystore & can_open_truststore - - def can_open_jks_file_with_pass_file(self, pass_file_path, jks_file_path): - try: - self.get_certificate(pass_file_path, jks_file_path) - return True - except: - return False - - def get_data(self, path_to_env): - envs = self.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env)) - certificate = self.get_certificate(self.keystorePassPath, self.keystoreJksPath) - data = self.get_owner_data_from_certificate(certificate) - data['SANS'] = self.get_sans(certificate) - return type('', (object,), {"expectedData": envs, "actualData": data}) - - def contains_expected_data(self, data): - expectedData = data.expectedData - actualData = data.actualData - return cmp(expectedData, actualData) == 0 - - def get_owner_data_from_certificate(self, certificate): - list = certificate.get_subject().get_components() - return dict((k, v) for k, v in list) - - def get_certificate(self, pass_file_path, jks_file_path): - password = open(pass_file_path, 'rb').read() - crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password) - return crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password).get_certificate() - - def get_sans(self, cert): - extension = cert.to_cryptography().extensions.get_extension_for_oid(ExtensionOID.SUBJECT_ALTERNATIVE_NAME) - dnsList = extension.value.get_values_for_type(x509.DNSName) - return ':'.join(map(lambda dns: dns.encode('ascii','ignore'), dnsList)) - - def get_envs_as_dict(self, list): - envs = self.get_list_of_pairs_by_mappings(list) - return self.remove_nones_from_dict(envs) - - def remove_nones_from_dict(self, dictionary): - return dict((k, v) for k, v in dictionary.iteritems() if k is not None) - - def get_list_of_pairs_by_mappings(self, list): - mappings = self.get_mappings() - listOfEnvs = map(lambda k: k.split('='), list) - return dict((mappings.get(a[0]), a[1]) for a in listOfEnvs) - - def get_mappings(self): - return {'COMMON_NAME':'CN', 'ORGANIZATION':'O', 'ORGANIZATION_UNIT':'OU', 'LOCATION':'L', 'STATE':'ST', 'COUNTRY':'C', 'SANS':'SANS'} diff --git a/tests/aaf/certservice/libraries/P12ArtifactsValidator.py b/tests/aaf/certservice/libraries/P12ArtifactsValidator.py new file mode 100644 index 00000000..b0701718 --- /dev/null +++ b/tests/aaf/certservice/libraries/P12ArtifactsValidator.py @@ -0,0 +1,37 @@ +from OpenSSL import crypto +from EnvsReader import EnvsReader +from ArtifactParser import ArtifactParser + +class P12ArtifactsValidator: + + def __init__(self, mount_path): + self.parser = ArtifactParser(mount_path, "p12") + + def get_and_compare_data_p12(self, path_to_env): + data = self.get_data(path_to_env) + return data, self.parser.contains_expected_data(data) + + def can_open_keystore_and_truststore_with_pass(self): + can_open_keystore = self.can_open_store_file_with_pass_file(self.parser.keystorePassPath, self.parser.keystorePath) + can_open_truststore = self.can_open_store_file_with_pass_file(self.parser.truststorePassPath, self.parser.truststorePath) + + return can_open_keystore & can_open_truststore + + def can_open_store_file_with_pass_file(self, pass_file_path, store_file_path): + try: + self.get_certificate(pass_file_path, store_file_path) + return True + except: + return False + + def get_data(self, path_to_env): + envs = self.parser.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env)) + certificate = self.get_certificate(self.parser.keystorePassPath, self.parser.keystorePath) + data = self.parser.get_owner_data_from_certificate(certificate) + data['SANS'] = self.parser.get_sans(certificate) + return type('', (object,), {"expectedData": envs, "actualData": data}) + + def get_certificate(self, pass_file_path, store_file_path): + password = open(pass_file_path, 'rb').read() + crypto.load_pkcs12(open(store_file_path, 'rb').read(), password) + return crypto.load_pkcs12(open(store_file_path, 'rb').read(), password).get_certificate() diff --git a/tests/aaf/certservice/libraries/PemArtifactsValidator.py b/tests/aaf/certservice/libraries/PemArtifactsValidator.py new file mode 100644 index 00000000..46e0357e --- /dev/null +++ b/tests/aaf/certservice/libraries/PemArtifactsValidator.py @@ -0,0 +1,39 @@ +import os +from OpenSSL import crypto +from cryptography import x509 +from cryptography.hazmat.backends import default_backend +from EnvsReader import EnvsReader +from ArtifactParser import ArtifactParser + +class PemArtifactsValidator: + + def __init__(self, mount_path): + self.parser = ArtifactParser(mount_path, "pem") + self.key = mount_path + '/key.pem' + + def get_and_compare_data_pem(self, path_to_env): + data = self.get_data_pem(path_to_env) + return data, self.parser.contains_expected_data(data) + + def artifacts_exist_and_are_not_empty(self): + keystoreExists = self.file_exists_and_is_not_empty(self.parser.keystorePath) + truststoreExists = self.file_exists_and_is_not_empty(self.parser.truststorePath) + keyExists = self.file_exists_and_is_not_empty(self.key) + return keystoreExists and truststoreExists and keyExists + + def file_exists_and_is_not_empty(self, pathToFile): + return os.path.isfile(pathToFile) and os.path.getsize(pathToFile) > 0 + + def get_data_pem(self, path_to_env): + envs = self.parser.get_envs_as_dict(EnvsReader().read_env_list_from_file(path_to_env)) + certificate = self.get_keystore_certificate() + data = self.parser.get_owner_data_from_certificate(certificate) + data['SANS'] = self.parser.get_sans(certificate) + return type('', (object,), {"expectedData": envs, "actualData": data}) + + def get_keystore_certificate(self): + return crypto.X509.from_cryptography(self.load_x509_certificate()) + + def load_x509_certificate(self): + cert = x509.load_pem_x509_certificate(open(self.parser.keystorePath, 'rb').read(), default_backend()) + return cert diff --git a/tests/aaf/certservice/resources/cert-service-keywords.robot b/tests/aaf/certservice/resources/cert-service-keywords.robot index d4d4fd93..39c26a6a 100644 --- a/tests/aaf/certservice/resources/cert-service-keywords.robot +++ b/tests/aaf/certservice/resources/cert-service-keywords.robot @@ -6,7 +6,9 @@ Library RequestsLibrary Library HttpLibrary.HTTP Library Collections Library ../libraries/CertClientManager.py ${MOUNT_PATH} ${TRUSTSTORE_PATH} -Library ../libraries/JksFilesValidator.py ${MOUNT_PATH} +Library ../libraries/P12ArtifactsValidator.py ${MOUNT_PATH} +Library ../libraries/JksArtifactsValidator.py ${MOUNT_PATH} +Library ../libraries/PemArtifactsValidator.py ${MOUNT_PATH} *** Keywords *** @@ -85,7 +87,7 @@ Send Post Request And Validate Response ${resp}= Post Request ${https_valid_cert_session} ${path} Should Be Equal As Strings ${resp.status_code} ${resp_code} -Run Cert Service Client And Validate JKS File Creation And Client Exit Code +Run Cert Service Client And Validate PKCS12 File Creation And Client Exit Code [Documentation] Run Cert Service Client Container And Validate Exit Code [Arguments] ${env_file} ${expected_exit_code} ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} @@ -94,13 +96,42 @@ Run Cert Service Client And Validate JKS File Creation And Client Exit Code Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase +Run Cert Service Client And Validate JKS File Creation And Client Exit Code + [Documentation] Run Cert Service Client Container And Validate Exit Code + [Arguments] ${env_file} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} + ${can_open}= Can Open Keystore And Truststore With Pass Jks + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} + Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase + +Run Cert Service Client And Validate PKCS12 Files Contain Expected Data + [Documentation] Run Cert Service Client Container And Validate PKCS12 Files Contain Expected Data + [Arguments] ${env_file} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} + ${data} ${isEqual}= Get And Compare Data P12 ${env_file} + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} + Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData} + Run Cert Service Client And Validate JKS Files Contain Expected Data [Documentation] Run Cert Service Client Container And Validate JKS Files Contain Expected Data [Arguments] ${env_file} ${expected_exit_code} ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} - ${data} ${isEqual}= Get And Compare Data ${env_file} + ${data} ${isEqual}= Get And Compare Data Jks ${env_file} + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} + Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData} + +Run Cert Service Client And Validate PEM Files Contain Expected Data + [Documentation] Run Cert Service Client Container And Validate PEM Files Contain Expected Data + [Arguments] ${env_file} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} + ${existNotEmpty}= Artifacts Exist And Are Not Empty + ${data} ${isEqual}= Get And Compare Data Pem ${env_file} Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path_with_data Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code} + Should Be True ${existNotEmpty} PEM artifacts not created properly Should Be True ${isEqual} Keystore doesn't contain ${data.expectedData}. Actual data is: ${data.actualData} Run Cert Service Client And Validate Http Response Code And Client Exit Code @@ -113,3 +144,11 @@ Run Cert Service Client And Validate Http Response Code And Client Exit Code Should Be True ${can_find_API_response} Cannot Find API response in logs Should Be Equal As Strings ${api_response_code} ${expected_api_response_code} API return ${api_response_code} but expected: ${expected_api_response_code} Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code} + +Run Cert Service Client And Validate Client Exit Code + [Documentation] Run Cert Service Client Container And Validate Exit Code + [Arguments] ${env_file} ${expected_exit_code} + ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_SERVICE_ADDRESS}${CERT_SERVICE_ENDPOINT} ${CERT_SERVICE_NETWORK} + Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path + Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code} + diff --git a/tests/aaf/certservice/resources/cert-service-properties.robot b/tests/aaf/certservice/resources/cert-service-properties.robot index 53d6b246..54ddec11 100644 --- a/tests/aaf/certservice/resources/cert-service-properties.robot +++ b/tests/aaf/certservice/resources/cert-service-properties.robot @@ -19,6 +19,10 @@ ${INVALID_PK_FILE} %{WORKSPACE}/tests/aaf/certservice/asse ${CERT_SERVICE_ADDRESS} https://${CERT_SERVICE_CONTAINER_NAME}:${CERT_SERVICE_PORT} ${VALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker.env +${VALID_ENV_FILE_JKS} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_jks.env +${VALID_ENV_FILE_P12} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_p12.env +${VALID_ENV_FILE_PEM} %{WORKSPACE}/tests/aaf/certservice/assets/valid_client_docker_pem.env +${INVALID_ENV_FILE_OUTPUT_TYPE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker_output_type.env ${INVALID_ENV_FILE} %{WORKSPACE}/tests/aaf/certservice/assets/invalid_client_docker.env ${DOCKER_CLIENT_IMAGE} nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest ${CLIENT_CONTAINER_NAME} %{ClientContainerName} -- 2.16.6