Add sftp strict host key checking to DFC tests

Issue-ID: DCAEGEN2-2219
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I77438c7215bc80c65080f7c773fb9401edef6e79
diff --git a/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt b/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
index 30d7a2d..052ab7c 100755
--- a/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
+++ b/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
@@ -1,3 +1,4 @@
 # Test suites are relative paths under [integration/csit.git]/tests/.
 # Place the suites in run order.
 dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite
+dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
index 808b0b1..38b78f2 100755
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
@@ -1,12 +1,30 @@
 #!/bin/bash
 
+#function to load sftp servers keys to dfc app depending on KNOWN_HOSTS environment variable
+# when KNOWN_HOSTS == "all_hosts_keys" or is not set, public keys of all sftp servers are loaded
+# when KNOWN_HOSTS == "known_hosts_empty", empty known hosts file is created
+# for other strings known hosts file is not created
+function load-sftp-servers-keys() {
+  if [ -z "$KNOWN_HOSTS" ] || [ "$KNOWN_HOSTS" == "all_hosts_keys" ]; then
+    SFTP_SERVERS="$(docker ps -q --filter='name=dfc_sftp')"
+
+    for SFTP_SERVER in $SFTP_SERVERS; do
+      HOST_NAMES=$(docker inspect -f '{{ join .NetworkSettings.Networks.dfcnet.Aliases ","}}' $SFTP_SERVER)
+      KEY_ENTRY=$(echo $HOST_NAMES "$(docker exec $SFTP_SERVER cat /etc/ssh/ssh_host_rsa_key.pub)" |
+        sed -e 's/\w*@\w*$//')
+      docker exec -u root dfc_app0 sh -c "echo $KEY_ENTRY >> /home/datafile/.ssh/known_hosts"
+    done
+  elif [ "$KNOWN_HOSTS" == "known_hosts_empty" ]; then
+    docker exec -u root dfc_app0 sh -c "touch /home/datafile/.ssh/known_hosts"
+  fi
+}
+
 set -x
 
 #Start DFC app
-
 DOCKER_SIM_NWNAME="dfcnet"
 echo "Creating docker network $DOCKER_SIM_NWNAME, if needed"
-docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME
+docker network ls | grep $DOCKER_SIM_NWNAME >/dev/null || docker network create $DOCKER_SIM_NWNAME
 
 docker-compose up -d
 
@@ -14,21 +32,23 @@
 
 #Wait for initialization of docker containers for dfc app and all simulators
 for i in {1..10}; do
-  if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]
-    then
-      echo "DFC app Running"
-      # enable TRACE logging of DFC
-      docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
+  if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]; then
+    echo "DFC app Running"
 
-      #enable TRACE logging of spring-framework
-      docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+    load-sftp-servers-keys
 
-      docker restart $DFC_APP
-      sleep 10
+    # enable TRACE logging of DFC
+    docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
 
-      break
-    else
-      echo sleep $i
-      sleep $i
+    #enable TRACE logging of spring-framework
+    docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+
+    docker restart $DFC_APP
+    sleep 10
+
+    break
+  else
+    echo sleep $i
+    sleep $i
   fi
 done
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
index 02e0eb6..f92d19f 100644
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
@@ -22,3 +22,4 @@
       CONSUL_PORT: 8500
       CONFIG_BINDING_SERVICE: "config-binding-service"
       HOSTNAME: "dfc_app0"
+      KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts"
diff --git a/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot b/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
index a36833e..c425fe2 100644
--- a/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
+++ b/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
@@ -44,3 +44,13 @@
 	${cli_cmd_output}=          Run Process                    ${DFC_ROOT}/dfc-start.sh   cwd=${DFC_ROOT}   env:SIMGROUP_ROOT=${SIMGROUP_ROOT}
     Log To Console              Dfc-start:
     Log To Console              ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+
+Test Teardown
+	[Documentation]				Cleanup containers
+    ${cli_cmd_output}=          Run Process             ${SIMGROUP_ROOT}/simulators-kill.sh
+    Log To Console              ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+    ${cli_cmd_output}=          Run Process             ${DFC_ROOT}/dfc-kill.sh
+    Log To Console              ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+    ${cli_cmd_output}=          Run Process             ${DFC_ROOT}/../dfc-containers-clean.sh           stderr=STDOUT
+    Log To Console              Dfc containter clean: ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot b/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
index 5b9048f..1d87cfb 100755
--- a/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
@@ -53,7 +53,6 @@
 Verify Single Event From Event Poll To Published File
     [Documentation]                 Keyword to verify single event with file with given parameters.
     [Arguments]                     ${file_size_in_mb}    ${mr_tc}    ${ftp_type}
-    ${cli_cmd_output}=              Run Process     ${DFC_ROOT}/../dfc-containers-clean.sh
     Set Environment Variable        MR_TC                   ${mr_tc}
     Set Environment Variable        FILE_SIZE               ${file_size_in_mb}MB
     Set Environment Variable        FTP_TYPE                ${ftp_type}
@@ -85,10 +84,8 @@
     Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Query Not Published Equal    1                       #Verify 1 query response for not published files
     Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Published Files Equal        1                       #Verify 1 file published to DR sim
     DR Redir Sim Downloaded Volume Equal          ${file_size_in_mb} 000 000                                            #Verify correct number of bytes published file data in DR redir sim
-    ${cli_cmd_output}=              Run Process             ${SIMGROUP_ROOT}/simulators-kill.sh
-    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
-    ${cli_cmd_output}=              Run Process             ${DFC_ROOT}/dfc-kill.sh
-    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+    [Teardown]                      Test Teardown
 
 Set Default Environment Variables
     [Documentation]                 Set default environment variables for simulators setup
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot
new file mode 100755
index 0000000..3962d4e
--- /dev/null
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot
@@ -0,0 +1,112 @@
+*** Settings ***
+Library        OperatingSystem
+Library        RequestsLibrary
+Library        Process
+
+Resource    ../../resources/common-keywords.robot
+
+Test Teardown
+
+*** Variables ***
+${CONSUL_UPL_APP}                   /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?dc=dc1 -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'X-Requested-With: XMLHttpRequest' --data-binary @${SIMGROUP_ROOT}/consul/c12_feed2_PM_MEAS.json
+${CONSUL_UPL_APP_INSECURE_SFTP}     /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?dc=dc1 -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'X-Requested-With: XMLHttpRequest' --data-binary @${SIMGROUP_ROOT}/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json
+${CONSUL_GET_APP}                   /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?raw
+${CBS_GET_MERGED_CONFIG}            /usr/bin/curl -v http://127.0.0.1:10000/service_component_all/dfc_app0
+
+*** Test Cases ***
+
+######### Single file, SFTP, various SFTP Strict host key checking settings
+
+Verify single event with SFTP file, when host known and strict host key checking enabled. From event poll to published file
+    [TAGS]                          DFC_STRICT_HOST_KEY_CHECKING_1
+    [Documentation]                 Verify single event with SFTP file, when host known and strict host key checking enabled. From event poll to published file.
+    [Setup]  Setup Strict Host Key Checking Test  ${CONSUL_UPL_APP}  all_hosts_keys
+
+    Wait Until Keyword Succeeds     1 minute      10 sec    MR Sim Emitted Files Equal          1                       #Verify 1 file emitted from MR sim
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Query Not Published Equal    1                       #Verify 1 query response for not published files
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Published Files Equal        1                       #Verify 1 file published to DR sim
+    DR Redir Sim Downloaded Volume Equal          1 000 000                                                             #Verify 1 000 000 bytes published file data in DR redir sim
+
+    [Teardown]                      Test Teardown
+
+Verify single event with SFTP file, when host unknown and strict host key checking disabled. From event poll to published file
+    [TAGS]                          DFC_STRICT_HOST_KEY_CHECKING_2
+    [Documentation]                 Verify single event with SFTP file, when host unknown and strict host key checking disabled. From event poll to published file.
+    [Setup]  Setup Strict Host Key Checking Test  ${CONSUL_UPL_APP_INSECURE_SFTP}  known_hosts_empty
+
+    Wait Until Keyword Succeeds     1 minute      10 sec    MR Sim Emitted Files Equal          1                       #Verify 1 file emitted from MR sim
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Query Not Published Equal    1                       #Verify 1 query response for not published files
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Published Files Equal        1                       #Verify 1 file published to DR sim
+    DR Redir Sim Downloaded Volume Equal          1 000 000                                                             #Verify 1 000 000 bytes published file data in DR redir sim
+
+    [Teardown]                      Test Teardown
+
+Verify single event with SFTP file, when no known hosts file and strict host key checking enabled. From event poll to published file
+    [TAGS]                          DFC_STRICT_HOST_KEY_CHECKING_3
+    [Documentation]                 Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published.
+    [Setup]  Setup Strict Host Key Checking Test  ${CONSUL_UPL_APP}  no_known_hosts_file
+
+    Wait Until Keyword Succeeds     1 minute      10 sec    MR Sim Emitted Files Equal          1                       #Verify 1 file emitted from MR sim
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Query Not Published Equal    1                       #Verify 1 query response for not published files
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Published Files Equal        1                       #Verify 1 file published to DR sim
+    DR Redir Sim Downloaded Volume Equal          1 000 000                                                             #Verify 1 000 000 bytes published file data in DR redir sim
+
+    [Teardown]                      Test Teardown
+
+
+
+Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published
+    [TAGS]                          DFC_STRICT_HOST_KEY_CHECKING_4
+    [Documentation]                 Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published.
+    [Setup]  Setup Strict Host Key Checking Test  ${CONSUL_UPL_APP}  known_hosts_empty
+    Wait Until Keyword Succeeds     1 minute      10 sec    MR Sim Emitted Files Equal          1                       #Verify 1 file emitted from MR sim
+    Wait Until Keyword Succeeds     1 minute      10 sec    DR Sim Query Not Published Equal    1                       #Verify 1 query response for not published files
+    Sleep                           60
+    DR Sim Published Files Equal    0                                                                                   #Verify no file was published to DR sim
+    [Teardown]                      Test Teardown
+
+*** Keywords ***
+
+Setup Strict Host Key Checking Test
+    [Documentation]                 Sets up strict host key checking test with single 1MB file
+    [Arguments]                     ${consul_config_request}  ${known_hosts_file}
+    Set Environment Variable        MR_TC                   --tc100
+    Set Environment Variable        DR_TC                   --tc normal
+    Set Environment Variable        DR_REDIR_TC             --tc normal
+    Set Environment Variable        MR_GROUPS               OpenDcae-c12:PM_MEAS_FILES
+    Set Environment Variable        MR_FILE_PREFIX_MAPPING  PM_MEAS_FILES:A
+    Set Environment Variable        DR_REDIR_FEEDS          2:A
+    Set Environment Variable        FTP_FILE_PREFIXES       A
+    Set Environment Variable        NUM_FTPFILES            1
+    Set Environment Variable        NUM_PNFS                1
+    Set Environment Variable        FILE_SIZE               1MB
+    Set Environment Variable        FTP_TYPE                SFTP
+    Set Environment Variable        NUM_FTP_SERVERS         1
+    Set Environment Variable        DR_FEEDS                2:A
+    Set Environment Variable        DR_REDIR_SIM            drsim_redir
+    Set Environment Variable        SFTP_SIMS               sftp-server0:22
+    Set Environment Variable        FTPS_SIMS               ftpes-server-vsftpd0:21
+
+    ${cli_cmd_output}=              Run Process     ./simulators-start.sh    cwd=${SIMGROUP_ROOT}
+    Log To Console                  Simulator-start:
+    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+    MR Sim Emitted Files Equal      0                                                                                   #Verify 0 file emitted from MR sim
+    DR Sim Published Files Equal    0                                                                                   #Verify 0 file published to DR sim
+
+    ${cli_cmd_output}=              Run Process                     ${consul_config_request}    shell=yes
+    Log To Console                  Consul APP write:
+    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+    ${cli_cmd_output}=              Run Process                     ${CONSUL_GET_APP}           shell=yes
+    Log To Console                  Consul APP read:
+    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+    ${cli_cmd_output}=              Run Process                     ${CBS_GET_MERGED_CONFIG}    shell=yes
+    Log To Console                  CBS merged configuration:
+    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+    Sleep                           10
+
+    ${cli_cmd_output}=              Run Process                    ${DFC_ROOT}/dfc-start.sh    cwd=${DFC_ROOT}    env:KNOWN_HOSTS=${known_hosts_file}
+    Log To Console                  Dfc-start:
+    Log To Console                  ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot
new file mode 100755
index 0000000..7774384
--- /dev/null
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot
@@ -0,0 +1,2 @@
+*** Settings ***
+Documentation    DFC Strict Host Checking test suite. Single event with single file.