Make certservice-client use volume mount
[integration/csit.git] / tests / aaf / certservice / libraries / CertClientManager.py
index ebacf22..792b693 100644 (file)
@@ -1,12 +1,12 @@
 import docker
 import os
 import shutil
-import tarfile
 import re
 from OpenSSL import crypto
+from docker.types import Mount
 
 ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
-TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
+MOUNT_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
 
 ERROR_API_REGEX = 'Error on API response.*[0-9]{3}'
 RESPONSE_CODE_REGEX = '[0-9]{3}'
@@ -15,11 +15,19 @@ RESPONSE_CODE_REGEX = '[0-9]{3}'
 class CertClientManager:
 
     def run_client_container(self, client_image, container_name, path_to_env, request_url, network):
+        self.create_mount_dir()
         client = docker.from_env()
         environment = self.read_list_env_from_file(path_to_env)
         environment.append("REQUEST_URL=" + request_url)
-        container = client.containers.run(image=client_image, name=container_name, detach=True, environment=environment,
-                                          network=network)
+        container = client.containers.run(
+            image=client_image,
+            name=container_name,
+            environment=environment,
+            network=network,
+            user='root', #Run container as root to avoid permission issues with volume mount access
+            mounts=[Mount(target='/var/certs', source=MOUNT_PATH, type='bind')],
+            detach=True
+        )
         exitcode = container.wait()
         return exitcode
 
@@ -39,40 +47,19 @@ class CertClientManager:
         text_file.write(container.logs())
         text_file.close()
         container.remove()
+        self.remove_mount_dir()
 
-    def can_open_keystore_and_truststore_with_pass(self, container_name):
-        self.copy_jks_file_to_tmp_dir(container_name)
-
-        keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass'
-        keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks'
+    def can_open_keystore_and_truststore_with_pass(self):
+        keystore_pass_path = MOUNT_PATH + '/keystore.pass'
+        keystore_jks_path = MOUNT_PATH + '/keystore.jks'
         can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path)
 
-        truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass'
-        truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks'
+        truststore_pass_path = MOUNT_PATH + '/truststore.pass'
+        truststore_jks_path = MOUNT_PATH + '/truststore.jks'
         can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path)
 
-        self.remove_tmp_dir(TMP_PATH)
         return can_open_keystore & can_open_truststore
 
-    def copy_jks_file_to_tmp_dir(self, container_name):
-        os.mkdir(TMP_PATH)
-        self.copy_jks_file_from_container_to_tmp_dir(container_name)
-        self.extract_tar_file()
-
-    def copy_jks_file_from_container_to_tmp_dir(self, container_name):
-        client = docker.from_env()
-        container = client.containers.get(container_name)
-        f = open(TMP_PATH + '/var_log.tar', 'wb')
-        bits, stat = container.get_archive('/var/log/')
-        for chunk in bits:
-            f.write(chunk)
-        f.close()
-
-    def extract_tar_file(self):
-        my_tar = tarfile.open(TMP_PATH + '/var_log.tar')
-        my_tar.extractall(TMP_PATH + '/logs')
-        my_tar.close()
-
     def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path):
         try:
             password = open(pass_file_path, 'rb').read()
@@ -81,8 +68,12 @@ class CertClientManager:
         except:
             return False
 
-    def remove_tmp_dir(self, tmp_path):
-        shutil.rmtree(tmp_path)
+    def create_mount_dir(self):
+        if not os.path.exists(MOUNT_PATH):
+            os.makedirs(MOUNT_PATH)
+
+    def remove_mount_dir(self):
+        shutil.rmtree(MOUNT_PATH)
 
     def can_find_api_response_in_logs(self, container_name):
         logs = self.get_container_logs(container_name)