Add sftp strict host key checking to DFC tests
Issue-ID: DCAEGEN2-2219
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I77438c7215bc80c65080f7c773fb9401edef6e79
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
index 808b0b1..38b78f2 100755
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/dfc-start.sh
@@ -1,12 +1,30 @@
#!/bin/bash
+#function to load sftp servers keys to dfc app depending on KNOWN_HOSTS environment variable
+# when KNOWN_HOSTS == "all_hosts_keys" or is not set, public keys of all sftp servers are loaded
+# when KNOWN_HOSTS == "known_hosts_empty", empty known hosts file is created
+# for other strings known hosts file is not created
+function load-sftp-servers-keys() {
+ if [ -z "$KNOWN_HOSTS" ] || [ "$KNOWN_HOSTS" == "all_hosts_keys" ]; then
+ SFTP_SERVERS="$(docker ps -q --filter='name=dfc_sftp')"
+
+ for SFTP_SERVER in $SFTP_SERVERS; do
+ HOST_NAMES=$(docker inspect -f '{{ join .NetworkSettings.Networks.dfcnet.Aliases ","}}' $SFTP_SERVER)
+ KEY_ENTRY=$(echo $HOST_NAMES "$(docker exec $SFTP_SERVER cat /etc/ssh/ssh_host_rsa_key.pub)" |
+ sed -e 's/\w*@\w*$//')
+ docker exec -u root dfc_app0 sh -c "echo $KEY_ENTRY >> /home/datafile/.ssh/known_hosts"
+ done
+ elif [ "$KNOWN_HOSTS" == "known_hosts_empty" ]; then
+ docker exec -u root dfc_app0 sh -c "touch /home/datafile/.ssh/known_hosts"
+ fi
+}
+
set -x
#Start DFC app
-
DOCKER_SIM_NWNAME="dfcnet"
echo "Creating docker network $DOCKER_SIM_NWNAME, if needed"
-docker network ls| grep $DOCKER_SIM_NWNAME > /dev/null || docker network create $DOCKER_SIM_NWNAME
+docker network ls | grep $DOCKER_SIM_NWNAME >/dev/null || docker network create $DOCKER_SIM_NWNAME
docker-compose up -d
@@ -14,21 +32,23 @@
#Wait for initialization of docker containers for dfc app and all simulators
for i in {1..10}; do
- if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]
- then
- echo "DFC app Running"
- # enable TRACE logging of DFC
- docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
+ if [ $(docker inspect --format '{{ .State.Running }}' $DFC_APP) ]; then
+ echo "DFC app Running"
- #enable TRACE logging of spring-framework
- docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+ load-sftp-servers-keys
- docker restart $DFC_APP
- sleep 10
+ # enable TRACE logging of DFC
+ docker exec $DFC_APP /bin/sh -c " sed -i 's/org.onap.dcaegen2.collectors.datafile: WARN/org.onap.dcaegen2.collectors.datafile: TRACE/g' /opt/app/datafile/config/application.yaml"
- break
- else
- echo sleep $i
- sleep $i
+ #enable TRACE logging of spring-framework
+ docker exec $DFC_APP /bin/sh -c " sed -i 's/org.springframework.data: ERROR/org.springframework.data: TRACE/g' /opt/app/datafile/config/application.yaml"
+
+ docker restart $DFC_APP
+ sleep 10
+
+ break
+ else
+ echo sleep $i
+ sleep $i
fi
done
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
index 02e0eb6..f92d19f 100644
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
@@ -22,3 +22,4 @@
CONSUL_PORT: 8500
CONFIG_BINDING_SERVICE: "config-binding-service"
HOSTNAME: "dfc_app0"
+ KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts"