HV-VES expects passwords to be placed in files

author Piotr Jaszczyk <piotr.jaszczyk@nokia.com>

Wed, 10 Apr 2019 09:08:49 +0000 (11:08 +0200)

committer Piotr Jaszczyk <piotr.jaszczyk@nokia.com>

Wed, 10 Apr 2019 11:53:44 +0000 (13:53 +0200)
author Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Wed, 10 Apr 2019 09:08:49 +0000 (11:08 +0200)
committer Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
Wed, 10 Apr 2019 11:53:44 +0000 (13:53 +0200)
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json

index 2c2610a..018f590 100644 (file)
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json
@@ -6,7 +6,7 @@
    "cbs.firstRequestDelaySec": 3,
    "cbs.requestIntervalSec": 5,
    "security.keys.keyStoreFile": "/etc/hv-ves/ssl/server.p12",
-  "security.keys.keyStorePassword": "onaponap",
+  "security.keys.keyStorePasswordFile": "/etc/hv-ves/ssl/server.pass",
    "security.keys.trustStoreFile": "/etc/hv-ves/ssl/trust.p12",
-  "security.keys.trustStorePassword": "onaponap"
+  "security.keys.trustStorePasswordFile": "/etc/hv-ves/ssl/trust.pass"
  }
 \ No newline at end of file
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore

index 0729569..955c17d 100644 (file)
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore
@@ -4,3 +4,4 @@
  *.csr
  *.pkcs12
  *.p12
+*.pass
diff --git a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh

index 9f6bea2..33e3b32 100755 (executable)
--- a/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh
+++ b/plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh
@@ -41,6 +41,8 @@ function gen_key() {
    keytool -certreq -alias ${key_name} -keyalg RSA ${keystore} | \
        keytool -alias ${ca} -gencert -ext "san=dns:${CN_PREFIX}-${ca}" ${store_opts} -keystore ${ca}.p12 | \
        keytool -alias ${key_name} -importcert ${keystore}
+
+  printf ${STORE_PASS} > ${key_name}.pass
  }
  
  
@@ -54,10 +56,11 @@ function gen_truststore() {
    local name="$1"
    local trusted_ca="$2"
    keytool -import -trustcacerts -alias ca -file ${trusted_ca}.crt ${store_opts} -keystore ${name}.p12
+  printf ${STORE_PASS} > ${name}.pass
  }
  
  function clean() {
-  rm -f *.crt *.p12
+  rm -f *.crt *.p12 *.pass
  }
  
  if [[ $# -eq 0 ]]; then
@@ -74,4 +77,3 @@ else
    echo "usage: $0 [clean]"
    exit 1
  fi
-
diff --git a/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py b/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py

index 789c0b6..ea225c5 100644 (file)
--- a/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py
+++ b/tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py
@@ -158,8 +158,9 @@ class XnfSimulator:
          cert_name_prefix = "" if should_use_valid_certs else "untrusted"
          certificates_path_with_file_prefix = COLLECTOR_CERTS_LOOKUP_DIR + cert_name_prefix
          self.key_store_path = certificates_path_with_file_prefix + "client.p12"
+        self.key_store_passwd_path = certificates_path_with_file_prefix + "client.pass"
          self.trust_store_path = certificates_path_with_file_prefix + "trust.p12"
-        self.sec_store_passwd = "onaponap"
+        self.trust_store_passwd_path = certificates_path_with_file_prefix + "trust.pass"
          self.disable_ssl = should_disable_ssl
          self.hv_collector_host = UNENCRYPTED_HV_VES_SERVICE_NAME \
              if should_connect_to_unencrypted_hv_ves else HV_VES_SERVICE_NAME
@@ -171,8 +172,8 @@ class XnfSimulator:
                             "--ves-port", "6061",
                             "--key-store", self.key_store_path,
                             "--trust-store", self.trust_store_path,
-                           "--key-store-password", self.sec_store_passwd,
-                           "--trust-store-password", self.sec_store_passwd]
+                           "--key-store-password-file", self.key_store_passwd_path,
+                           "--trust-store-password-file", self.trust_store_passwd_path]
          if self.disable_ssl:
              startup_command.append("--ssl-disable")
          return startup_command
author	Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
	Wed, 10 Apr 2019 09:08:49 +0000 (11:08 +0200)
committer	Piotr Jaszczyk <piotr.jaszczyk@nokia.com>
	Wed, 10 Apr 2019 11:53:44 +0000 (13:53 +0200)
plans/dcaegen2-collectors-hv-ves/testsuites/collector/configuration/secure.json		patch \| blob \| history
plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/.gitignore		patch \| blob \| history
plans/dcaegen2-collectors-hv-ves/testsuites/collector/ssl/gen-certs.sh		patch \| blob \| history
tests/dcaegen2-collectors-hv-ves/testcases/libraries/XnfSimulatorLibrary.py		patch \| blob \| history