From: efiacor Date: Fri, 16 Jul 2021 13:49:14 +0000 (+0100) Subject: [DMAAP-DR] Migrate csit suite to the repo X-Git-Tag: 2.1.9~6 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdatarouter.git;a=commitdiff_plain;h=d73829d6083d7d31bd780cfbc086476ae0da8bb0 [DMAAP-DR] Migrate csit suite to the repo Signed-off-by: efiacor Change-Id: I284f6b235ef3bf3cd2685da488d89f41fcba1ea7 Issue-ID: DMAAP-1636 --- diff --git a/.gitignore b/.gitignore index bd821d35..fcbc5f20 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,5 @@ *.classpath *.project datarouter-prov/unit-test-logs/ +/venv/* +*/archives/ diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh new file mode 100755 index 00000000..53b4387c --- /dev/null +++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/setup.sh @@ -0,0 +1,25 @@ +#!/bin/bash +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-launch.sh +# Launch DR. If true is passed, 2 subscriber containers are also deployed, else false. +dmaap_dr_launch true +cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl +# Add the root CA to robot framework. This is then removed on teardown. +python -c 'import update_ca; update_ca.add_onap_ca_cert()' \ No newline at end of file diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh new file mode 100755 index 00000000..536863bc --- /dev/null +++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +source ${WORKSPACE}/scripts/dmaap-datarouter/datarouter-teardown.sh +teardown_dmaap_dr \ No newline at end of file diff --git a/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt b/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt new file mode 100755 index 00000000..5d32c668 --- /dev/null +++ b/csit/plans/dmaap-datarouter/ssl-dr-suite/testplan.txt @@ -0,0 +1,2 @@ +# Place the suites in run order. +dmaap-datarouter/ssl-dr-suite diff --git a/csit/prepare-csit.sh b/csit/prepare-csit.sh new file mode 100755 index 00000000..109cdb49 --- /dev/null +++ b/csit/prepare-csit.sh @@ -0,0 +1,48 @@ +#!/bin/bash -x +# +# Copyright 2019 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This script installs common libraries required by CSIT tests +# + +if [ -z "$WORKSPACE" ]; then + export WORKSPACE=`git rev-parse --show-toplevel` +fi + +TESTPLANDIR=${WORKSPACE}/${TESTPLAN} + +# Assume that if ROBOT_VENV is set and virtualenv with system site packages can be activated, +# ci-management/jjb/integration/include-raw-integration-install-robotframework.sh has already +# been executed + +if [ -f ${WORKSPACE}/env.properties ]; then + source ${WORKSPACE}/env.properties +fi +if [ -f ${ROBOT_VENV}/bin/activate ]; then + source ${ROBOT_VENV}/bin/activate +else + rm -rf /tmp/ci-management + rm -f ${WORKSPACE}/env.properties + cd /tmp + git clone "https://gerrit.onap.org/r/ci-management" + source /tmp/ci-management/jjb/integration/include-raw-integration-install-robotframework.sh +fi + +# install eteutils +mkdir -p ${ROBOT_VENV}/src/onap +rm -rf ${ROBOT_VENV}/src/onap/testsuite +pip install --upgrade --extra-index-url="https://nexus3.onap.org/repository/PyPi.staging/simple" 'robotframework-onap==0.5.1.*' --pre + +pip freeze diff --git a/csit/run-csit.sh b/csit/run-csit.sh new file mode 100755 index 00000000..ce9cf80f --- /dev/null +++ b/csit/run-csit.sh @@ -0,0 +1,195 @@ +#!/bin/bash -x +# +# Copyright 2016-2017 Huawei Technologies Co., Ltd. +# Modification Copyright 2019 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# $1 project/functionality +# $2 robot options + +# +# functions +# + +function on_exit(){ + rc=$? + if [[ ${WORKSPACE} ]]; then + if [[ ${WORKDIR} ]]; then + rsync -av "$WORKDIR/" "$WORKSPACE/archives/$TESTPLAN" + fi + # Record list of active docker containers + docker ps --format "{{.Image}}" > "$WORKSPACE/archives/$TESTPLAN/_docker-images.log" + + # show memory consumption after all docker instances initialized + docker_stats | tee "$WORKSPACE/archives/$TESTPLAN/_sysinfo-2-after-robot.txt" + fi + # Run teardown script plan if it exists + cd "${TESTPLANDIR}" + TEARDOWN="${TESTPLANDIR}/teardown.sh" + if [ -f "${TEARDOWN}" ]; then + echo "Running teardown script ${TEARDOWN}" + source_safely "${TEARDOWN}" + fi + # TODO: do something with the output + exit $rc +} +# ensure that teardown and other finalizing steps are always executed +trap on_exit EXIT + +function docker_stats(){ + #General memory details + echo "> top -bn1 | head -3" + top -bn1 | head -3 + echo + + echo "> free -h" + free -h + echo + + #Memory details per Docker + echo "> docker ps" + docker ps + echo + + echo "> docker stats --no-stream" + docker stats --no-stream + echo +} + +# save current set options +function save_set() { + RUN_CSIT_SAVE_SET="$-" + RUN_CSIT_SHELLOPTS="$SHELLOPTS" +} + +# load the saved set options +function load_set() { + _setopts="$-" + + # bash shellopts + for i in $(echo "$SHELLOPTS" | tr ':' ' ') ; do + set +o ${i} + done + for i in $(echo "$RUN_CSIT_SHELLOPTS" | tr ':' ' ') ; do + set -o ${i} + done + + # other options + for i in $(echo "$_setopts" | sed 's/./& /g') ; do + set +${i} + done + set -${RUN_CSIT_SAVE_SET} +} + +# set options for quick bailout when error +function harden_set() { + set -xeo pipefail + set +u # enabled it would probably fail too many often +} + +# relax set options so the sourced file will not fail +# the responsibility is shifted to the sourced file... +function relax_set() { + set +e + set +o pipefail +} + +# wrapper for sourcing a file +function source_safely() { + [ -z "$1" ] && return 1 + relax_set + . "$1" + load_set +} + +# +# main +# + +# set and save options for quick failure +harden_set && save_set + +if [ $# -eq 0 ] +then + echo + echo "Usage: $0 plans// []" + echo + echo " , , : " + echo " The same values as for the '{project}-csit-{functionality}' JJB job template." + echo + exit 1 +fi + +if [ -z "$WORKSPACE" ]; then + export WORKSPACE=$(git rev-parse --show-toplevel) +fi + +if [ -f "${WORKSPACE}/${1}/testplan.txt" ]; then + export TESTPLAN="${1}" +else + echo "testplan not found: ${WORKSPACE}/${TESTPLAN}/testplan.txt" + exit 2 +fi + +export TESTOPTIONS="${2}" + +rm -rf "$WORKSPACE/archives/$TESTPLAN" +mkdir -p "$WORKSPACE/archives/$TESTPLAN" + +TESTPLANDIR="${WORKSPACE}/${TESTPLAN}" + +# Run installation of prerequired libraries +source_safely "${WORKSPACE}/prepare-csit.sh" + +# Activate the virtualenv containing all the required libraries installed by prepare-csit.sh +source_safely "${ROBOT_VENV}/bin/activate" + +WORKDIR=$(mktemp -d --suffix=-robot-workdir) +cd "${WORKDIR}" + +# Add csit scripts to PATH +export PATH="${PATH}:${WORKSPACE}/docker/scripts:${WORKSPACE}/scripts:${ROBOT_VENV}/bin" +export SCRIPTS="${WORKSPACE}/scripts" +export ROBOT_VARIABLES= + +# Sign in to nexus3 docker repo +docker login -u docker -p docker nexus3.onap.org:10001 + +# Run setup script plan if it exists +cd "${TESTPLANDIR}" +SETUP="${TESTPLANDIR}/setup.sh" +if [ -f "${SETUP}" ]; then + echo "Running setup script ${SETUP}" + source_safely "${SETUP}" +fi + +# show memory consumption after all docker instances initialized +docker_stats | tee "$WORKSPACE/archives/$TESTPLAN/_sysinfo-1-after-setup.txt" + +# Run test plan +cd "$WORKDIR" +echo "Reading the testplan:" +cat "${TESTPLANDIR}/testplan.txt" | egrep -v '(^[[:space:]]*#|^[[:space:]]*$)' | sed "s|^|${WORKSPACE}/tests/|" > testplan.txt +cat testplan.txt +SUITES=$( xargs -a testplan.txt ) + +echo ROBOT_VARIABLES="${ROBOT_VARIABLES}" +echo "Starting Robot test suites ${SUITES} ..." +relax_set +python -m robot.run -N ${TESTPLAN} -v WORKSPACE:/tmp ${ROBOT_VARIABLES} ${TESTOPTIONS} ${SUITES} +RESULT=$? +load_set +echo "RESULT: $RESULT" +# Note that the final steps are done in on_exit function after this exit! +exit $RESULT diff --git a/csit/run-project-csit.sh b/csit/run-project-csit.sh new file mode 100755 index 00000000..a990bf1b --- /dev/null +++ b/csit/run-project-csit.sh @@ -0,0 +1,28 @@ +#!/bin/bash -x +# +# Copyright 2020-2021 © Samsung Electronics Co., Ltd. +# Modifications copyright (C) 2021 Nordix Foundation.. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +export WORKSPACE=$(git rev-parse --show-toplevel)/csit + +rm -rf ${WORKSPACE}/archives +mkdir -p ${WORKSPACE}/archives +cd ${WORKSPACE} + +./run-csit.sh plans/dmaap-datarouter/ssl-dr-suite + + + diff --git a/csit/scripts/common_functions.sh b/csit/scripts/common_functions.sh new file mode 100755 index 00000000..684c4184 --- /dev/null +++ b/csit/scripts/common_functions.sh @@ -0,0 +1,263 @@ +#!/bin/bash + +# Copyright 2016-2017 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +function memory_details(){ + #General memory details + echo "> top -bn1 | head -3" + top -bn1 | head -3 + echo + + echo "> free -h" + free -h + echo + + #Memory details per Docker + echo "> docker ps" + docker ps + echo + + echo "> docker stats --no-stream" + docker stats --no-stream + echo +} +function fibonacci_number(){ + set +x + if [ $1 -le 1 ] + then + echo "1" + elif [ $1 -le 10 ] + then + Num=$1 + f1=0 + f2=1 + fn=-1 + for i in `eval echo {1..$Num}`;do + fn=$((f1+f2)) + f1=$f2 + f2=$fn + done + echo $fn + else + echo "30" + fi +} +function wait_curl_driver(){ + #Parameters: + #CURL_COMMAND - the URL on which the curl command will be executed + #GREP_STRING - Desired string to be found inside the body response of the + # previous curl command + #EXCLUDE_STRING - If the filtered string (GREP_STRING) must not exist in + # the body response of the curl + #WAIT_MESSAGE - the message to be displayed for logging purpose. (optional) + #REPEAT_NUMBER - the maximum number of tries before abandoning the curl + # command (optional, by default = 15) + #MAX_TIME - Maximum time allowed for the transfer (in seconds) + #STATUS_CODE - A HTTP status code desired to be found by getting the link + # /!\ IMPORTANT NOTICE: the usage of STATUS_CODE option turn GREP_STRING/ + # /!\ EXCLUDE_STRING/and the MAX_TIME options becomes obsolete with no + # /!\ execution impact + #MEMORY_USAGE - If Parameters exists shows the memory usage after curl + # execution(s) + + repeat_max=15 + parameters="$@" + + #WAIT_MESSAGE + if [[ $parameters == *"WAIT_MESSAGE"* ]] + then + wait_message=`echo $parameters | sed -e "s/.*WAIT_MESSAGE=//g"` + wait_message=`echo $wait_message | sed -e "s/ .*//g"` + else + wait_message="wait ..." + fi + + #REPEAT_NUMBER + if [[ $parameters == *"REPEAT_NUMBER"* ]] + then + repeat_max=`echo $parameters | sed -e "s/.*REPEAT_NUMBER=//g"` + repeat_max=`echo $repeat_max | sed -e "s/ .*//g"` + fi + + #CURL_COMMAND + if [[ $parameters == *"CURL_COMMAND"* ]] + then + curl_command=`echo $parameters | sed -e 's/.*CURL_COMMAND=//g'` + curl_command=`echo $curl_command | sed -e 's/ .*//g'` + else + echo "-Curl is empty-" # Or no parameterseter passed. + return 0 + fi + + #MAX_TIME + if [[ $parameters == *"MAX_TIME"* ]] + then + max_time=`echo $parameters | sed -e 's/.*MAX_TIME=//g'` + max_time=`echo $max_time | sed -e 's/ .*//g'` + else + max_time="5" + fi + + exclude_string="" + #EXCLUDE_STRING + if [[ $parameters == *"EXCLUDE_STRING"* ]] + then + exclude_string="-v" + fi + + status_code="" + #STATUS_CODE + if [[ $parameters == *"STATUS_CODE"* ]] + then + status_code=`echo $parameters | sed -e 's/.*STATUS_CODE=//g'` + status_code=`echo $status_code | sed -e 's/ .*//g'` + fi + + for i in `eval echo {1..$repeat_max}`; do + response_code=`curl -o /dev/null --silent --head --write-out '%{http_code}' $curl_command` + echo "..." + if [[ ! -z $status_code ]] ; then + if [ "$status_code" -eq "$response_code" ] + then + echo "SUCCESS:Actual Status code <$response_code> match the expected code <$status_code>" + return 0 + else + echo "WARNING:Expected <$status_code> but Actual <$response_code>" + fi + else + #GREP_STRING + if [[ $parameters == *"GREP_STRING"* ]] + then + grep_command=`echo $parameters | sed -e 's/.*GREP_STRING=//g'` + grep_command=`echo $grep_command | sed -e 's/ REPEAT_NUMBER=.*//g' | sed -e 's/ CURL_COMMAND=.*//g' | sed -e 's/ WAIT_MESSAGE=.*//g' | sed -e 's/ MAX_TIME=.*//g' | sed -e 's/ EXCLUDE_STRING.*//g'` + else + echo "-Grep_command is empty-" # Or no parameters passed. + return 0 + fi + + str=`curl -sS -m$max_time $curl_command | grep "$grep_command"` + echo "BODY::$str" + if [[ ! -z $exclude_string ]] + then + if [[ -z $str ]] + then + echo "SUCCESS: body response does not contains '$grep_command'"; + break; + else + echo "Fall_Short: Body response still contains '$grep_command'" + fi + else + if [[ ! -z $str ]] + then + echo "SUCCESS: body response contains '$grep_command'"; + break; + else + echo "Fall_Short: Element '$grep_command' not found yet # "$i"" + fi + fi + + if [ "$?" = "7" ]; then + echo 'Connection refused or can not connect to server/proxy'; + str='' + fi + fi + seconds2sleep=`fibonacci_number $i` + echo $wait_message + echo "Iteration::$i out of $repeat_max " + echo "Quiet time for $seconds2sleep seconds ..." + sleep $seconds2sleep + + # if waiting for a long time, log system load + if [ $i -gt 45 ] + then + memory_details + fi + done + #MEMORY_USAGE + if [[ $parameters == *"MEMORY_USAGE"* ]] + then + echo "==========================MEMORY USAGE==================================" + memory_details + echo "========================================================================" + fi + return 0 +} + +function run_simulator () +{ + run_robottestlib + run_simulator_docker $1 +} + +function run_robottestlib () +{ + #Start the robottest REST library if not started + if ! pgrep -f robottest > /dev/null + then + #Download the latest robottest jar + wget -q -O ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar "https://nexus.open-o.org/service/local/artifact/maven/redirect?r=snapshots&g=org.openo.integration&a=org.openo.robottest&e=jar&v=LATEST" + chmod +x ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar + eval `java -cp ${SCRIPTS}/integration/mockserver/org.openo.robottest.jar org.openo.robot.test.robottest.MyRemoteLibrary` & + fi +} + +function run_simulator_docker () +{ + #Start the simulator docker if not started + SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator` + if [[ -z $SIMULATOR_IP ]] + then + echo "Starting simulator docker..." + SIMULATOR_JSON=$1 + if [[ -z $SIMULATOR_JSON ]] + then + SIMULATOR_JSON=main.json + fi + docker run -d -i -t --name simulator -e SIMULATOR_JSON=$SIMULATOR_JSON -p 18009:18009 -p 18008:18008 openoint/simulate-test-docker + SIMULATOR_IP=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' simulator` + fi + + #Set the simulator IP in robot variables + ROBOT_VARIABLES=${ROBOT_VARIABLES}" -v SIMULATOR_IP:${SIMULATOR_IP} -v SCRIPTS:${SCRIPTS}" + echo ${ROBOT_VARIABLES} +} + +function get_docker_compose_service () +{ + local service=$1 + local compose_file=${2:-docker-compose.yml} + + echo $(docker-compose --file ./${compose_file} ps | grep $service | cut -d " " -f1 ) +} + +function bypass_ip_adress () +{ + local ip_address=$1 + + if [[ $no_proxy && $no_proxy != *$ip_address* ]]; then + export no_proxy=$no_proxy,$ip_address + fi +} + +function wait_for_service_init () +{ + local service_url=$1 + + for delay in {1..50}; do + curl -sS ${service_url} && break + echo "$delay - Waiting for $service_url..." + sleep $delay + done +} diff --git a/csit/scripts/dmaap-datarouter/datarouter-launch.sh b/csit/scripts/dmaap-datarouter/datarouter-launch.sh new file mode 100644 index 00000000..6d38913d --- /dev/null +++ b/csit/scripts/dmaap-datarouter/datarouter-launch.sh @@ -0,0 +1,92 @@ +#!/bin/bash +# +# ============LICENSE_START======================================================= +# Copyright (C) 2021 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# + +function dmaap_dr_launch() { + + subscribers_required=$1 + mkdir -p ${WORKSPACE}/archives/dmaap/dr/last_run_logs + + # start DMaaP DR containers with docker compose and configuration from docker-compose.yml + docker login -u docker -p docker nexus3.onap.org:10001 + if [[ ${subscribers_required} == true ]]; then + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d + else + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml up -d datarouter-prov datarouter-node mariadb + fi + + # Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb + for i in 1 2 3 4 5 6 7 8 9 10; do + if [[ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ]] && \ + [[ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ]] && \ + [[ $(docker inspect --format '{{ .State.Running }}' mariadb) ]] + then + echo "DR Service Running" + break + else + echo sleep ${i} + sleep ${i} + fi + done + + # Wait for healthy container datarouter-prov + for i in 1 2 3 4 5 6 7 8 9 10; do + if [[ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ]] + then + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo "DR Service Running, datarouter-prov container is healthy" + break + else + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo sleep ${i} + sleep ${i} + if [[ ${i} = 10 ]] + then + echo datarouter-prov container is not in healthy state - the test is not made, teardown... + docker-compose rm -sf + exit 1 + fi + fi + done + + DR_PROV_IP=`get-instance-ip.sh datarouter-prov` + DR_NODE_IP=`get-instance-ip.sh datarouter-node` + DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) + echo DR_PROV_IP=${DR_PROV_IP} + echo DR_NODE_IP=${DR_NODE_IP} + echo DR_GATEWAY_IP=${DR_GATEWAY_IP} + if [[ ${subscribers_required} == true ]] + then + DR_SUB_IP=`get-instance-ip.sh subscriber-node` + DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` + echo DR_SUB_IP=${DR_SUB_IP} + echo DR_SUB2_IP=${DR_SUB2_IP} + fi + + + sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts + sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts + + docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/NODES?val=dmaap-dr-node\|$DR_GATEWAY_IP" + docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" + + #Pass any variables required by Robot test suites in ROBOT_VARIABLES + ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}" +} \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/datarouter-teardown.sh b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh new file mode 100755 index 00000000..8958f28c --- /dev/null +++ b/csit/scripts/dmaap-datarouter/datarouter-teardown.sh @@ -0,0 +1,33 @@ +#!/bin/bash +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +function teardown_dmaap_dr (){ + cd ${WORKSPACE}/archives/dmaap/dr + rm -rf last_run_logs/* + docker cp datarouter-prov:/opt/app/datartr/logs last_run_logs/prov_logs + docker cp datarouter-node:/opt/app/datartr/logs last_run_logs/node_event_logs + docker cp datarouter-node:/var/log/onap/datarouter last_run_logs/node_server_logs + docker cp subscriber-node:/var/log/onap/datarouter last_run_logs/sub1_logs + docker cp subscriber-node2:/var/log/onap/datarouter last_run_logs/sub2_logs + sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts + sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts + docker-compose -f ${WORKSPACE}/scripts/dmaap-datarouter/docker-compose/docker-compose.yml rm -sf + cd ${WORKSPACE}/scripts/dmaap-datarouter/robot_ssl + python -c 'import update_ca; update_ca.remove_onap_ca_cert()' +} \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml new file mode 100644 index 00000000..9140d0fc --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/docker-compose.yml @@ -0,0 +1,118 @@ +# +# ============LICENSE_START======================================================= +# Copyright (C) 2019-21 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# +# +version: '2.1' +services: + datarouter-prov: + image: onap/dmaap/datarouter-prov:latest + container_name: datarouter-prov + hostname: dmaap-dr-prov + ports: + - "443:8443" + - "8443:8443" + - "8080:8080" + volumes: + - ./provserver.properties:/opt/app/datartr/etc/provserver.properties + - ../dr_certs/dr_prov/truststore.jks:/opt/app/osaaf/local/truststore.jks + - ../dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 + - ../dr_certs/dr_prov/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + depends_on: + mariadb: + condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"] + interval: 10s + timeout: 30s + retries: 5 + networks: + net: + aliases: + - dmaap-dr-prov + + datarouter-node: + image: onap/dmaap/datarouter-node:latest + container_name: datarouter-node + hostname: dmaap-dr-node + ports: + - "9443:8443" + - "9090:8080" + volumes: + - ./node.properties:/opt/app/datartr/etc/node.properties + - ../dr_certs/dr_node/truststore.jks:/opt/app/osaaf/local/truststore.jks + - ../dr_certs/dr_node/org.onap.dmaap-dr-node.p12:/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 + - ../dr_certs/dr_node/org.onap.dmaap-dr.cred.props:/opt/app/osaaf/local/org.onap.dmaap-dr.cred.props + depends_on: + datarouter-prov: + condition: service_healthy + networks: + net: + aliases: + - dmaap-dr-node + + datarouter-subscriber: + image: onap/dmaap/datarouter-subscriber:latest + container_name: subscriber-node + hostname: subscriber.com + ports: + - "7070:7070" + volumes: + - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + net: + aliases: + - subscriber.com + + datarouter-subscriber2: + image: onap/dmaap/datarouter-subscriber:latest + container_name: subscriber-node2 + hostname: subscriber2.com + ports: + - "7071:7070" + volumes: + - ./subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + net: + aliases: + - subscriber2.com + + mariadb: + image: nexus3.onap.org:10001/library/mariadb:10.2.14 + container_name: mariadb + hostname: datarouter-mariadb + ports: + - "3306:3306" + environment: + MYSQL_ROOT_PASSWORD: datarouter + MYSQL_DATABASE: datarouter + MYSQL_USER: datarouter + MYSQL_PASSWORD: datarouter + healthcheck: + test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"] + interval: 10s + timeout: 30s + retries: 5 + networks: + net: + aliases: + - datarouter-mariadb + +networks: + net: + driver: bridge diff --git a/csit/scripts/dmaap-datarouter/docker-compose/node.properties b/csit/scripts/dmaap-datarouter/docker-compose/node.properties new file mode 100644 index 00000000..58639cfd --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/node.properties @@ -0,0 +1,82 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== +# +# Configuration parameters set at startup for the DataRouter node +# +# URL to retrieve dynamic configuration +ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +# +# URL to upload PUB/DEL/EXP logs +LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +# +# The port number for http as seen within the server +IntHttpPort = 8080 +# +# The port number for https as seen within the server +IntHttpsPort = 8443 +# +# The external port number for https taking port mapping into account +ExtHttpsPort = 443 +# +# The minimum interval between fetches of the dynamic configuration from the provisioning server +MinProvFetchInterval = 10000 +# +# The minimum interval between saves of the redirection data file +MinRedirSaveInterval = 10000 +# +# The path to the directory where log files are stored +LogDir = /opt/app/datartr/logs +# +# The retention interval (in days) for log files +LogRetention = 30 +# +# The path to the directories where data and meta data files are stored +SpoolDir = /opt/app/datartr/spool +# +# The path to the redirection data file +RedirectionFile = etc/redirections.dat +# +# The type of keystore for https +KeyStoreType = PKCS12 +# +# The type of truststore for https +TrustStoreType = jks +# +# The path to the file used to trigger an orderly shutdown +QuiesceFile = etc/SHUTDOWN +# +# The key used to generate passwords for node to node transfers +NodeAuthKey = Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF CADI enabled flag +CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties new file mode 100755 index 00000000..b54868e2 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/provserver.properties @@ -0,0 +1,55 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +#Jetty Server properties +org.onap.dmaap.datarouter.provserver.http.port = 8080 +org.onap.dmaap.datarouter.provserver.https.port = 8443 +org.onap.dmaap.datarouter.provserver.https.relaxation = true + +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + +org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs +org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool +org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc +org.onap.dmaap.datarouter.provserver.logretention = 30 + +#DMAAP-597 (Tech Dept) REST request source IP auth +# relaxation to accommodate OOM kubernetes deploy +org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false + +#Localhost address config +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 + +# Database access +org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter +org.onap.dmaap.datarouter.db.login = datarouter +org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties new file mode 100644 index 00000000..311bbe56 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/docker-compose/subscriber.properties @@ -0,0 +1,35 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +#Subscriber properties +org.onap.dmaap.datarouter.subscriber.http.port = 7070 +org.onap.dmaap.datarouter.subscriber.https.port = 7443 +org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN +org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD +org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery + +org.onap.dmaap.datarouter.subscriber.https.relaxation = true +org.onap.dmaap.datarouter.subscriber.keystore.type = jks +org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit +org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks +org.onap.dmaap.datarouter.subscriber.keystore.password = changeit +org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks +org.onap.dmaap.datarouter.subscriber.truststore.password = changeit + + + diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 new file mode 100644 index 00000000..3793a9d4 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr-node.p12 differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..e32e7282 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2021-03-12T11:38:49.244+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=secret +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_key_password=secret +#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-node.p12 +cadi_keystore_password=secret +cadi_keystore_password_jks=secret +cadi_keystore_password_p12=secret +cadi_truststore=/opt/app/osaaf/local/truststore.jks +cadi_truststore_password=secret +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks new file mode 100644 index 00000000..91547c60 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_node/truststore.jks differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 new file mode 100755 index 00000000..1393fb05 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr-prov.p12 differ diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props new file mode 100644 index 00000000..18f91ba8 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/org.onap.dmaap-dr.cred.props @@ -0,0 +1,17 @@ +############################################################ +# Properties Generated by AT&T Certificate Manager +# by root +# on 2021-03-12T11:29:50.699+0000 +# @copyright 2019, AT&T +############################################################ +Challenge=secret +cadi_alias=dmaap-dr-prov@dmaap-dr.onap.org +cadi_key_password=secret +#cadi_keyfile=/opt/app/osaaf/local/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/osaaf/local/org.onap.dmaap-dr-prov.p12 +cadi_keystore_password=secret +cadi_keystore_password_jks=secret +cadi_keystore_password_p12=secret +cadi_truststore=/opt/app/osaaf/local/truststore.jks +cadi_truststore_password=secret +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US diff --git a/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks new file mode 100644 index 00000000..91547c60 Binary files /dev/null and b/csit/scripts/dmaap-datarouter/dr_certs/dr_prov/truststore.jks differ diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem new file mode 100644 index 00000000..1f9d08e5 --- /dev/null +++ b/csit/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem @@ -0,0 +1,40 @@ + +# Issuer: C=US,O=ONAP,OU=OSAAF +# Subject: C=US,O=ONAP,OU=OSAAF +# Label: "" +# Serial: 0x9EAEEDC0A7CEB59D +# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F +# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B +# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA +-----BEGIN CERTIFICATE----- +MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL +BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM +BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1 +MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV +BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj +6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X +SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI +tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r +4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY +WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy +uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991 +qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN +Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM +RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs +wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj +MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei +Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD +AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8 +oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4 +RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb +X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov +yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90 +XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT +EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5 +VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR +OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi +mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe +jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt +3arVcS9XgA== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py new file mode 100644 index 00000000..d36f8acc --- /dev/null +++ b/csit/scripts/dmaap-datarouter/robot_ssl/update_ca.py @@ -0,0 +1,65 @@ +# ============LICENSE_START=================================================== +# Copyright (C) 2019-2021 Nordix Foundation. +# ============================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END===================================================== + +import certifi +import os + + +def add_onap_ca_cert(): + cafile = certifi.where() + dir_path = os.path.dirname(os.path.realpath(__file__)) + datarouter_ca = dir_path + '/onap_ca_cert.pem' + with open(datarouter_ca, 'rb') as infile: + customca = infile.read() + + with open(cafile, 'ab') as outfile: + outfile.write(customca) + + print("Added DR Cert to CA") + + +def remove_onap_ca_cert(): + cafile = certifi.where() + number_of_lines_to_delete = 40 + count = 0 + dr_cert_exists = False + + with open(cafile, 'r+b', buffering=0) as outfile: + for line in outfile.readlines()[-36:-35]: + if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line: + dr_cert_exists = True + if dr_cert_exists: + outfile.seek(0, os.SEEK_END) + end = outfile.tell() + while outfile.tell() > 0: + outfile.seek(-1, os.SEEK_CUR) + char = outfile.read(1) + if char == b'\n': + count += 1 + if count == number_of_lines_to_delete: + outfile.truncate() + print( + "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File") + exit(0) + outfile.seek(-1, os.SEEK_CUR) + else: + print("No DR cert in CA File to remove") + + if count < number_of_lines_to_delete + 1: + print("Number of lines in file less than number of lines to delete. Exiting...") + exit(1) diff --git a/csit/scripts/get-instance-ip.sh b/csit/scripts/get-instance-ip.sh new file mode 100755 index 00000000..a236c025 --- /dev/null +++ b/csit/scripts/get-instance-ip.sh @@ -0,0 +1,17 @@ +#!/bin/bash +# +# Copyright 2016-2017 Huawei Technologies Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' $1 diff --git a/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot b/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot new file mode 100755 index 00000000..2f96cdc8 --- /dev/null +++ b/csit/tests/dmaap-datarouter/ssl-dr-suite/ssl-dr-suite.robot @@ -0,0 +1,179 @@ +*** Settings *** +Library OperatingSystem +Library RequestsLibrary +Library requests +Library Collections +Library Process +Library String + +*** Variables *** +${TARGET_URL} https://dmaap-dr-prov:8443/ +${TARGET_URL_FEED} https://dmaap-dr-prov:8443/feed/1 +${TARGET_URL_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=csit_test +${TARGET_URL_NOT_EXISTS_LOGGING} https://dmaap-dr-prov:8443/feedlog/1?type=pub&filename=file_that_doesnt_exist +${TARGET_URL_SUBSCRIBE} https://dmaap-dr-prov:8443/subscribe/1 +${TARGET_URL_SUBSCRIPTION} https://dmaap-dr-prov:8443/subs/1 +${TARGET_URL_PUBLISH_PROV} https://dmaap-dr-prov:8443/publish/1/csit_test +${TARGET_URL_PUBLISH_NODE} https://dmaap-dr-node:8443/publish/1/csit_test +${TARGET_URL_DELETE_FILE} https://dmaap-dr-node:8443/delete/2 + +${FEED_CONTENT_TYPE} application/vnd.dmaap-dr.feed +${SUBSCRIBE_CONTENT_TYPE} application/vnd.dmaap-dr.subscription +${PUBLISH_FEED_CONTENT_TYPE} application/octet-stream + +${CREATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "CSIT_Test", "business_description": "CSIT_Test", "suspend": false, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}} +${UPDATE_FEED_DATA} {"name": "CSIT_Test", "version": "m1.0", "description": "UPDATED-CSIT_Test", "business_description": "CSIT_Test", "suspend": true, "deleted": false, "changeowner": true, "authorization": {"classification": "unclassified", "endpoint_addrs": [], "endpoint_ids": [{"password": "dradmin", "id": "dradmin"}]}} +${SUBSCRIBE_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} +${UPDATE_SUBSCRIPTION_DATA} {"delivery":{ "url":"http://${DR_SUB_IP}:7070/", "user":"dradmin", "password":"dradmin", "use100":true}, "metadataOnly":false, "suspend":true, "groupid":29, "subscriber":"dradmin", "privilegedSubscriber":false} +${SUBSCRIBE2_DATA} {"delivery":{ "url":"http://${DR_SUB2_IP}:7070/", "user":"LOGIN", "password":"PASSWORD", "use100":true}, "metadataOnly":false, "suspend":false, "groupid":29, "subscriber":"privileged", "privilegedSubscriber":true} + +${CLI_VERIFY_SUB_RECEIVED_FILE} docker exec subscriber-node /bin/sh -c "ls /opt/app/subscriber/delivery | grep csit_test" +${CLI_VERIFY_FILE_REMAINS_ON_NODE} docker exec datarouter-node /bin/sh -c "ls /opt/app/datartr/spool/s/0/2 | grep dmaap-dr-node | grep -v .M" + +*** Test Cases *** +Run Feed Creation + [Documentation] Feed Creation + [Timeout] 1 minute + ${resp}= PostCall ${TARGET_URL} ${CREATE_FEED_DATA} ${FEED_CONTENT_TYPE} dradmin + log ${TARGET_URL} + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 201 + log 'JSON Response Code:'${resp} + +Run Subscribe to Feed + [Documentation] Subscribe to Feed + [Timeout] 1 minute + ${resp}= PostCall ${TARGET_URL_SUBSCRIBE} ${SUBSCRIBE_DATA} ${SUBSCRIBE_CONTENT_TYPE} dradmin + log ${TARGET_URL_SUBSCRIBE} + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 201 + log 'JSON Response Code:'${resp} + +Run Subscribe to Feed with Privileged Subscription + [Documentation] Subscribe to Feed with privileged subscription + [Timeout] 1 minute + ${resp}= PostCall ${TARGET_URL_SUBSCRIBE} ${SUBSCRIBE2_DATA} ${SUBSCRIBE_CONTENT_TYPE} privileged + log ${TARGET_URL_SUBSCRIBE} + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 201 + log 'JSON Response Code:'${resp} + +Run Publish to Feed + [Documentation] Publish to Feed + [Timeout] 1 minute + Sleep 10s Behaviour was noticed where feed was not created in time for publish to be sent + ${resp}= PutCall ${TARGET_URL_PUBLISH_PROV} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin + log ${TARGET_URL_PUBLISH_PROV} + Should Contain ${resp.headers['Location']} https://dmaap-dr-node:8443/publish/1/csit_test + ${resp}= PutCall ${TARGET_URL_PUBLISH_NODE} ${CREATE_FEED_DATA} ${PUBLISH_FEED_CONTENT_TYPE} dradmin + Should Be Equal As Strings ${resp.status_code} 204 + log 'JSON Response Code:'${resp} + +Verify Subscriber Received Published File + [Documentation] Verify file is delivered to datarouter-subscriber + [Timeout] 1 minute + Sleep 5s Time to allow subscriber to receive the file + ${cli_cmd_output}= Run Process ${CLI_VERIFY_SUB_RECEIVED_FILE} shell=yes + Log ${cli_cmd_output.stdout} + Should Be Equal As Strings ${cli_cmd_output.rc} 0 + Should Contain ${cli_cmd_output.stdout} csit_test + + +Verify File Remains On Privileged Subscriber And Delete It + [Documentation] Verify file has not been deleted on datarouter-node and delete it using DELETE API + [Timeout] 1 minute + ${cli_cmd_output}= Run Process ${CLI_VERIFY_FILE_REMAINS_ON_NODE} shell=yes + log ${cli_cmd_output.stdout} + Should Be Equal As Strings ${cli_cmd_output.rc} 0 + Should Contain ${cli_cmd_output.stdout} dmaap-dr-node + ${resp}= DeleteCall ${TARGET_URL_DELETE_FILE}/${cli_cmd_output.stdout} dradmin + Should Be Equal As Strings ${resp.status_code} 200 + log 'JSON Response Code:'${resp} + ${cli_cmd_output}= Run Process ${CLI_VERIFY_FILE_REMAINS_ON_NODE} shell=yes + log ${cli_cmd_output.stdout} + Should Be Equal As Strings ${cli_cmd_output.rc} 1 + +Run Update Subscription + [Documentation] Update Subscription to suspend and change delivery credentials + [Timeout] 1 minute + ${resp}= PutCall ${TARGET_URL_SUBSCRIPTION} ${UPDATE_SUBSCRIPTION_DATA} ${SUBSCRIBE_CONTENT_TYPE} dradmin + log ${TARGET_URL_SUBSCRIPTION} + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 200 + log 'JSON Response Code:'${resp} + ${resp}= GetCall ${TARGET_URL_SUBSCRIPTION} ${SUBSCRIBE_CONTENT_TYPE} dradmin + log ${resp.text} + Should Contain ${resp.text} "password":"dradmin","user":"dradmin" + log 'JSON Response Code:'${resp} + +Run Update Feed + [Documentation] Update Feed description and suspend + [Timeout] 1 minute + ${resp}= PutCall ${TARGET_URL_FEED} ${UPDATE_FEED_DATA} ${FEED_CONTENT_TYPE} dradmin + log ${TARGET_URL_FEED} + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 200 + log 'JSON Response Code:'${resp} + ${resp}= GetCall ${TARGET_URL_FEED} ${FEED_CONTENT_TYPE} dradmin + log ${resp.text} + Should Contain ${resp.text} "UPDATED-CSIT_Test" + log 'JSON Response Code:'${resp} + +Run Get With Filename That Exists + [Documentation] Get publish record with a specified filename + [Timeout] 2 minutes + sleep 1 minute 45 seconds needed to ensure logs have been updated + ${resp}= GetCall ${TARGET_URL_EXISTS_LOGGING} ${FEED_CONTENT_TYPE} dradmin + log ${resp.text} + Should Contain ${resp.text} "fileName":"csit_test" + log 'JSON Response Code:'${resp} + +Run Get With Filename That Doesnt Exist + [Documentation] Get publish record with a specified filename + [Timeout] 1 minute + ${resp}= GetCall ${TARGET_URL_NOT_EXISTS_LOGGING} ${FEED_CONTENT_TYPE} dradmin + log ${resp.text} + Should Contain ${resp.text} [] + log 'JSON Response Code:'${resp} + + +Run Delete Subscription + [Documentation] Delete Subscription + [Timeout] 1 minute + ${resp}= DeleteCall ${TARGET_URL_SUBSCRIPTION} dradmin + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 204 + log 'JSON Response Code:'${resp} + +Run Delete Feed + [Documentation] Delete Feed + [Timeout] 1 minute + ${resp}= DeleteCall ${TARGET_URL_FEED} dradmin + log ${resp.text} + Should Be Equal As Strings ${resp.status_code} 204 + log 'JSON Response Code:'${resp} + +*** Keywords *** +PostCall + [Arguments] ${url} ${data} ${content_type} ${user} + ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type} + ${resp}= Evaluate requests.post('${url}', data='${data}', headers=${headers}, verify=True) requests + [Return] ${resp} + +PutCall + [Arguments] ${url} ${data} ${content_type} ${user} + ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type} Authorization=Basic ZHJhZG1pbjpkcmFkbWlu + ${resp}= Evaluate requests.put('${url}', data='${data}', headers=${headers}, verify=True, allow_redirects=False) requests + [Return] ${resp} + +GetCall + [Arguments] ${url} ${content_type} ${user} + ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} Content-Type=${content_type} + ${resp}= Evaluate requests.get('${url}', headers=${headers}, verify=True) requests + [Return] ${resp} + +DeleteCall + [Arguments] ${url} ${user} + ${headers}= Create Dictionary X-DMAAP-DR-ON-BEHALF-OF=${user} + ${resp}= Evaluate requests.delete('${url}', headers=${headers}, verify=True) requests + [Return] ${resp}