Add sftp strict host key checking to DFC tests
Issue-ID: DCAEGEN2-2219
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I77438c7215bc80c65080f7c773fb9401edef6e79
diff --git a/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt b/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
index 30d7a2d..052ab7c 100755
--- a/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
+++ b/plans/dcaegen2-collectors-datafile/Functional-suite/testplan.txt
@@ -1,3 +1,4 @@
# Test suites are relative paths under [integration/csit.git]/tests/.
# Place the suites in run order.
dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite
+dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
index 808b0b1..38b78f2 100755
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
@@ -1,12 +1,30 @@
#!/bin/bash
+#function to load sftp servers keys to dfc app depending on KNOWN_HOSTS environment variable
+# when KNOWN_HOSTS == "all_hosts_keys" or is not set, public keys of all sftp servers are loaded
+# when KNOWN_HOSTS == "known_hosts_empty", empty known hosts file is created
+# for other strings known hosts file is not created
+function load-sftp-servers-keys() {
+ if [ -z "$KNOWN_HOSTS" ] || [ "$KNOWN_HOSTS" == "all_hosts_keys" ]; then
+ SFTP_SERVERS="$(docker ps -q --filter='name=dfc_sftp')"
+
+ for SFTP_SERVER in $SFTP_SERVERS; do
+ HOST_NAMES=$(docker inspect -f '{{ join .NetworkSettings.Networks.dfcnet.Aliases ","}}' $SFTP_SERVER)
+ KEY_ENTRY=$(echo $HOST_NAMES "$(docker exec $SFTP_SERVER cat /etc/ssh/ssh_host_rsa_key.pub)" |
+ sed -e 's/\w*@\w*$//')
+ docker exec -u root dfc_app0 sh -c "echo $KEY_ENTRY >> /home/datafile/.ssh/known_hosts"
+ done
+ elif [ "$KNOWN_HOSTS" == "known_hosts_empty" ]; then
+ docker exec -u root dfc_app0 sh -c "touch /home/datafile/.ssh/known_hosts"
+ fi
+}
+
set -x
#Start DFC app
-
DOCKER_SIM_NWNAME="dfcnet"
echo "Creating docker network $DOCKER_SIM_NWNAME, if needed"
-docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME
+docker network ls | grep $DOCKER_SIM_NWNAME >/dev/null || docker network create $DOCKER_SIM_NWNAME
docker-compose up -d
@@ -14,21 +32,23 @@
#Wait for initialization of docker containers for dfc app and all simulators
for i in {1..10}; do
- if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]
- then
- echo "DFC app Running"
- # enable TRACE logging of DFC
- docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
+ if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]; then
+ echo "DFC app Running"
- #enable TRACE logging of spring-framework
- docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+ load-sftp-servers-keys
- docker restart $DFC_APP
- sleep 10
+ # enable TRACE logging of DFC
+ docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
- break
- else
- echo sleep $i
- sleep $i
+ #enable TRACE logging of spring-framework
+ docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+
+ docker restart $DFC_APP
+ sleep 10
+
+ break
+ else
+ echo sleep $i
+ sleep $i
fi
done
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
index 02e0eb6..f92d19f 100644
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
@@ -22,3 +22,4 @@
CONSUL_PORT: 8500
CONFIG_BINDING_SERVICE: "config-binding-service"
HOSTNAME: "dfc_app0"
+ KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts"
diff --git a/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot b/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
index a36833e..c425fe2 100644
--- a/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
+++ b/tests/dcaegen2-collectors-datafile/resources/common-keywords.robot
@@ -44,3 +44,13 @@
${cli_cmd_output}= Run Process ${DFC_ROOT}/dfc-start.sh cwd=${DFC_ROOT} env:SIMGROUP_ROOT=${SIMGROUP_ROOT}
Log To Console Dfc-start:
Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+
+Test Teardown
+ [Documentation] Cleanup containers
+ ${cli_cmd_output}= Run Process ${SIMGROUP_ROOT}/simulators-kill.sh
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+ ${cli_cmd_output}= Run Process ${DFC_ROOT}/dfc-kill.sh
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+ ${cli_cmd_output}= Run Process ${DFC_ROOT}/../dfc-containers-clean.sh stderr=STDOUT
+ Log To Console Dfc containter clean: ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot b/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
index 5b9048f..1d87cfb 100755
--- a/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Functional-Single-File-suite/FuncSingleFile.robot
@@ -53,7 +53,6 @@
Verify Single Event From Event Poll To Published File
[Documentation] Keyword to verify single event with file with given parameters.
[Arguments] ${file_size_in_mb} ${mr_tc} ${ftp_type}
- ${cli_cmd_output}= Run Process ${DFC_ROOT}/../dfc-containers-clean.sh
Set Environment Variable MR_TC ${mr_tc}
Set Environment Variable FILE_SIZE ${file_size_in_mb}MB
Set Environment Variable FTP_TYPE ${ftp_type}
@@ -85,10 +84,8 @@
Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Query Not Published Equal 1 #Verify 1 query response for not published files
Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Published Files Equal 1 #Verify 1 file published to DR sim
DR Redir Sim Downloaded Volume Equal ${file_size_in_mb} 000 000 #Verify correct number of bytes published file data in DR redir sim
- ${cli_cmd_output}= Run Process ${SIMGROUP_ROOT}/simulators-kill.sh
- Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
- ${cli_cmd_output}= Run Process ${DFC_ROOT}/dfc-kill.sh
- Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+ [Teardown] Test Teardown
Set Default Environment Variables
[Documentation] Set default environment variables for simulators setup
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot
new file mode 100755
index 0000000..3962d4e
--- /dev/null
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/StrictHostChecking.robot
@@ -0,0 +1,112 @@
+*** Settings ***
+Library OperatingSystem
+Library RequestsLibrary
+Library Process
+
+Resource ../../resources/common-keywords.robot
+
+Test Teardown
+
+*** Variables ***
+${CONSUL_UPL_APP} /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?dc=dc1 -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'X-Requested-With: XMLHttpRequest' --data-binary @${SIMGROUP_ROOT}/consul/c12_feed2_PM_MEAS.json
+${CONSUL_UPL_APP_INSECURE_SFTP} /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?dc=dc1 -X PUT -H 'Accept: application/json' -H 'Content-Type: application/json' -H 'X-Requested-With: XMLHttpRequest' --data-binary @${SIMGROUP_ROOT}/consul/c12_feed2_PM_MEAS_no_strict_host_key_checking.json
+${CONSUL_GET_APP} /usr/bin/curl -v http://127.0.0.1:8500/v1/kv/dfc_app0?raw
+${CBS_GET_MERGED_CONFIG} /usr/bin/curl -v http://127.0.0.1:10000/service_component_all/dfc_app0
+
+*** Test Cases ***
+
+######### Single file, SFTP, various SFTP Strict host key checking settings
+
+Verify single event with SFTP file, when host known and strict host key checking enabled. From event poll to published file
+ [TAGS] DFC_STRICT_HOST_KEY_CHECKING_1
+ [Documentation] Verify single event with SFTP file, when host known and strict host key checking enabled. From event poll to published file.
+ [Setup] Setup Strict Host Key Checking Test ${CONSUL_UPL_APP} all_hosts_keys
+
+ Wait Until Keyword Succeeds 1 minute 10 sec MR Sim Emitted Files Equal 1 #Verify 1 file emitted from MR sim
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Query Not Published Equal 1 #Verify 1 query response for not published files
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Published Files Equal 1 #Verify 1 file published to DR sim
+ DR Redir Sim Downloaded Volume Equal 1 000 000 #Verify 1 000 000 bytes published file data in DR redir sim
+
+ [Teardown] Test Teardown
+
+Verify single event with SFTP file, when host unknown and strict host key checking disabled. From event poll to published file
+ [TAGS] DFC_STRICT_HOST_KEY_CHECKING_2
+ [Documentation] Verify single event with SFTP file, when host unknown and strict host key checking disabled. From event poll to published file.
+ [Setup] Setup Strict Host Key Checking Test ${CONSUL_UPL_APP_INSECURE_SFTP} known_hosts_empty
+
+ Wait Until Keyword Succeeds 1 minute 10 sec MR Sim Emitted Files Equal 1 #Verify 1 file emitted from MR sim
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Query Not Published Equal 1 #Verify 1 query response for not published files
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Published Files Equal 1 #Verify 1 file published to DR sim
+ DR Redir Sim Downloaded Volume Equal 1 000 000 #Verify 1 000 000 bytes published file data in DR redir sim
+
+ [Teardown] Test Teardown
+
+Verify single event with SFTP file, when no known hosts file and strict host key checking enabled. From event poll to published file
+ [TAGS] DFC_STRICT_HOST_KEY_CHECKING_3
+ [Documentation] Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published.
+ [Setup] Setup Strict Host Key Checking Test ${CONSUL_UPL_APP} no_known_hosts_file
+
+ Wait Until Keyword Succeeds 1 minute 10 sec MR Sim Emitted Files Equal 1 #Verify 1 file emitted from MR sim
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Query Not Published Equal 1 #Verify 1 query response for not published files
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Published Files Equal 1 #Verify 1 file published to DR sim
+ DR Redir Sim Downloaded Volume Equal 1 000 000 #Verify 1 000 000 bytes published file data in DR redir sim
+
+ [Teardown] Test Teardown
+
+
+
+Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published
+ [TAGS] DFC_STRICT_HOST_KEY_CHECKING_4
+ [Documentation] Verify single event with SFTP file, when host unknown and strict host key checking enabled. File not published.
+ [Setup] Setup Strict Host Key Checking Test ${CONSUL_UPL_APP} known_hosts_empty
+ Wait Until Keyword Succeeds 1 minute 10 sec MR Sim Emitted Files Equal 1 #Verify 1 file emitted from MR sim
+ Wait Until Keyword Succeeds 1 minute 10 sec DR Sim Query Not Published Equal 1 #Verify 1 query response for not published files
+ Sleep 60
+ DR Sim Published Files Equal 0 #Verify no file was published to DR sim
+ [Teardown] Test Teardown
+
+*** Keywords ***
+
+Setup Strict Host Key Checking Test
+ [Documentation] Sets up strict host key checking test with single 1MB file
+ [Arguments] ${consul_config_request} ${known_hosts_file}
+ Set Environment Variable MR_TC --tc100
+ Set Environment Variable DR_TC --tc normal
+ Set Environment Variable DR_REDIR_TC --tc normal
+ Set Environment Variable MR_GROUPS OpenDcae-c12:PM_MEAS_FILES
+ Set Environment Variable MR_FILE_PREFIX_MAPPING PM_MEAS_FILES:A
+ Set Environment Variable DR_REDIR_FEEDS 2:A
+ Set Environment Variable FTP_FILE_PREFIXES A
+ Set Environment Variable NUM_FTPFILES 1
+ Set Environment Variable NUM_PNFS 1
+ Set Environment Variable FILE_SIZE 1MB
+ Set Environment Variable FTP_TYPE SFTP
+ Set Environment Variable NUM_FTP_SERVERS 1
+ Set Environment Variable DR_FEEDS 2:A
+ Set Environment Variable DR_REDIR_SIM drsim_redir
+ Set Environment Variable SFTP_SIMS sftp-server0:22
+ Set Environment Variable FTPS_SIMS ftpes-server-vsftpd0:21
+
+ ${cli_cmd_output}= Run Process ./simulators-start.sh cwd=${SIMGROUP_ROOT}
+ Log To Console Simulator-start:
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+ MR Sim Emitted Files Equal 0 #Verify 0 file emitted from MR sim
+ DR Sim Published Files Equal 0 #Verify 0 file published to DR sim
+
+ ${cli_cmd_output}= Run Process ${consul_config_request} shell=yes
+ Log To Console Consul APP write:
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+ ${cli_cmd_output}= Run Process ${CONSUL_GET_APP} shell=yes
+ Log To Console Consul APP read:
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+ ${cli_cmd_output}= Run Process ${CBS_GET_MERGED_CONFIG} shell=yes
+ Log To Console CBS merged configuration:
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
+
+ Sleep 10
+
+ ${cli_cmd_output}= Run Process ${DFC_ROOT}/dfc-start.sh cwd=${DFC_ROOT} env:KNOWN_HOSTS=${known_hosts_file}
+ Log To Console Dfc-start:
+ Log To Console ${cli_cmd_output.stdout} ${cli_cmd_output.stderr}
diff --git a/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot
new file mode 100755
index 0000000..7774384
--- /dev/null
+++ b/tests/dcaegen2-collectors-datafile/testsuites/Strict-Host-Checking-suite/__init__.robot
@@ -0,0 +1,2 @@
+*** Settings ***
+Documentation DFC Strict Host Checking test suite. Single event with single file.