[Documentation] Send request to ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} endpoint and expect 400
Send Get Request with Header And Expect Error ${CERT_SERVICE_ENDPOINT}/${CLIENT_CA_NAME} ${VALID_CLIENT_CSR_FILE} ${INVALID_PK_FILE} 400
-Cert Service Client successful create keystore and trust store
+Cert Service Client successfully creates keystore and truststore
[Tags] AAF-CERT-SERVICE
[Documentation] Run with correct env and expected exit code 0
- Run Cert Service Client Container And Validate Exit Code ${VALID_ENV_FILE} 0
+ Run Cert Service Client And Validate JKS File Creation And Client Exit Code ${VALID_ENV_FILE} 0
-Creation of keystore and trustore unsuccesful, incorrect client configuration
+Run Cert Service Client Container And Validate Exit Code And API Response
[Tags] AAF-CERT-SERVICE
[Documentation] Run with invalid CaName env and expected exit code 5
- Run Cert Service Client Container And Validate Exit Code ${INVALID_ENV_FILE} 5
+ Run Cert Service Client And Validate Http Response Code And Client Exit Code ${INVALID_ENV_FILE} 404 5
import docker
+import os
+import shutil
+import tarfile
+import re
+from OpenSSL import crypto
+
+ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
+TMP_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp"
+
+ERROR_API_REGEX = 'Error on API response.*[0-9]{3}'
+RESPONSE_CODE_REGEX = '[0-9]{3}'
class CertClientManager:
exitcode = container.wait()
return exitcode
- def remove_client_container(self, container_name):
- client = docker.from_env()
- container = client.containers.get(container_name)
- container.remove()
-
def read_list_env_from_file(self, path):
f = open(path, "r")
r_list = []
if line[0] != "#":
r_list.append(line)
return r_list
+
+ def remove_client_container_and_save_logs(self, container_name, log_file_name):
+ client = docker.from_env()
+ container = client.containers.get(container_name)
+ text_file = open(ARCHIVES_PATH + "container_" + log_file_name + ".log", "w")
+ text_file.write(container.logs())
+ text_file.close()
+ container.remove()
+
+ def can_open_keystore_and_truststore_with_pass(self, container_name):
+ self.copy_jks_file_to_tmp_dir(container_name)
+
+ keystore_pass_path = TMP_PATH + '/logs/log/keystore.pass'
+ keystore_jks_path = TMP_PATH + '/logs/log/keystore.jks'
+ can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path)
+
+ truststore_pass_path = TMP_PATH + '/logs/log/truststore.pass'
+ truststore_jks_path = TMP_PATH + '/logs/log/truststore.jks'
+ can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path)
+
+ self.remove_tmp_dir(TMP_PATH)
+ return can_open_keystore & can_open_truststore
+
+ def copy_jks_file_to_tmp_dir(self, container_name):
+ os.mkdir(TMP_PATH)
+ self.copy_jks_file_from_container_to_tmp_dir(container_name)
+ self.extract_tar_file()
+
+ def copy_jks_file_from_container_to_tmp_dir(self, container_name):
+ client = docker.from_env()
+ container = client.containers.get(container_name)
+ f = open(TMP_PATH + '/var_log.tar', 'wb')
+ bits, stat = container.get_archive('/var/log/')
+ for chunk in bits:
+ f.write(chunk)
+ f.close()
+
+ def extract_tar_file(self):
+ my_tar = tarfile.open(TMP_PATH + '/var_log.tar')
+ my_tar.extractall(TMP_PATH + '/logs')
+ my_tar.close()
+
+ def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path):
+ try:
+ password = open(pass_file_path, 'rb').read()
+ crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password)
+ return True
+ except:
+ return False
+
+ def remove_tmp_dir(self, tmp_path):
+ shutil.rmtree(tmp_path)
+
+ def can_find_api_response_in_logs(self, container_name):
+ logs = self.get_container_logs(container_name)
+ api_logs = re.findall(ERROR_API_REGEX, logs)
+ if api_logs:
+ return True
+ else:
+ return False
+
+ def get_api_response_from_logs(self, container_name):
+ logs = self.get_container_logs(container_name)
+ error_api_message = re.findall(ERROR_API_REGEX, logs)
+ code = re.findall(RESPONSE_CODE_REGEX, error_api_message[0])
+ return code[0]
+
+ def get_container_logs(self, container_name):
+ client = docker.from_env()
+ container = client.containers.get(container_name)
+ logs = container.logs()
+ return logs
${resp}= Post Request ${http_session} ${path}
Should Be Equal As Strings ${resp.status_code} ${resp_code}
-Run Cert Service Client Container And Validate Exit Code
+Run Cert Service Client And Validate JKS File Creation And Client Exit Code
[Documentation] Run Cert Service Client Container And Validate Exit Code
- [Arguments] ${env_file} ${expected_code}
- ${exitcode}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK}
- Remove Client Container ${CLIENT_CONTAINER_NAME}
- Should Be Equal As Strings ${exitcode} ${expected_code}
+ [Arguments] ${env_file} ${expected_exit_code}
+ ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK}
+ ${can_open}= Can Open Keystore And Truststore With Pass ${CLIENT_CONTAINER_NAME}
+ Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} positive_path
+ Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return: ${exitcode} exit code, but expected: ${expected_exit_code}
+ Should Be True ${can_open} Cannot Open Keystore/TrustStore by passpshase
+
+Run Cert Service Client And Validate Http Response Code And Client Exit Code
+ [Documentation] Run Cert Service Client Container And Validate Exit Code
+ [Arguments] ${env_file} ${expected_api_response_code} ${expected_exit_code}
+ ${exit_code}= Run Client Container ${DOCKER_CLIENT_IMAGE} ${CLIENT_CONTAINER_NAME} ${env_file} ${CERT_ADDRESS} ${CERT_SERVICE_NETWORK}
+ ${can_find_API_response}= Can Find Api Response In Logs ${CLIENT_CONTAINER_NAME}
+ ${api_response_code}= Get Api Response From Logs ${CLIENT_CONTAINER_NAME}
+ Remove Client Container And Save Logs ${CLIENT_CONTAINER_NAME} negative_path
+ Should Be True ${can_find_API_response} Cannot Find API response in logs
+ Should Be Equal As Strings ${api_response_code} ${expected_api_response_code} API return ${api_response_code} but expected: ${expected_api_response_code}
+ Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
Code Review / integration / csit.git / commitdiff