Move csits form aaf to oom
create csit folder under oom
move csits from aaf to oom
reconfigure csits: remove aaf word, use new image
Issue-ID: OOM-2526
Signed-off-by: Pawel <pawel.kasperkiewicz@nokia.com>
Change-Id: I7b1f010fe46420cb734c67133f038bdadffd5ecc
diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/aaf/certservice/docker-compose.yml
deleted file mode 100644
index dcac7df..0000000
--- a/plans/aaf/certservice/docker-compose.yml
+++ /dev/null
@@ -1,47 +0,0 @@
-version: "2.1"
-
-services:
- ejbca:
- image: primekey/ejbca-ce:6.15.2.5
- hostname: cahostname
- container_name: aafcert-ejbca
- ports:
- - "80:8080"
- - "443:8443"
- volumes:
- - $SCRIPTS_PATH:/opt/primekey/scripts
- healthcheck:
- test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
- interval: 20s
- timeout: 3s
- retries: 9
- networks:
- - certservice
-
- aaf-cert-service:
- image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:latest
- volumes:
- - $CONFIGURATION_PATH:/etc/onap/aaf/certservice/cmpServers.json
- - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks
- - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt
- - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks
- - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12
- container_name: aafcert-service
- ports:
- - "8443:8443"
- depends_on:
- ejbca:
- condition: service_healthy
- healthcheck:
- test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"]
- interval: 10s
- timeout: 3s
- retries: 15
- networks:
- - certservice
-
-
-networks:
- certservice:
- driver: bridge
-
diff --git a/plans/aaf/certservice/certs/Makefile b/plans/oom-platform-cert-service/certservice/certs/Makefile
similarity index 93%
rename from plans/aaf/certservice/certs/Makefile
rename to plans/oom-platform-cert-service/certservice/certs/Makefile
index 126e053..ea90c5c 100644
--- a/plans/aaf/certservice/certs/Makefile
+++ b/plans/oom-platform-cert-service/certservice/certs/Makefile
@@ -63,16 +63,16 @@
#Generate certService private and public keys
step_9:
@echo "Generate certService private and public keys"
- keytool -genkeypair -v -alias aaf-cert-service -keyalg RSA -keysize 2048 -validity 730 \
+ keytool -genkeypair -v -alias oom-cert-service -keyalg RSA -keysize 2048 -validity 730 \
-keystore certServiceServer-keystore.jks -storetype JKS \
- -dname "CN=aaf-cert-service,OU=certServiceServer company,O=certServiceServer org,L=Wroclaw,ST=Dolny Slask,C=PL" \
+ -dname "CN=oom-cert-service,OU=certServiceServer company,O=certServiceServer org,L=Wroclaw,ST=Dolny Slask,C=PL" \
-keypass secret -storepass secret -ext BasicConstraints:critical="ca:false"
@echo "####done####"
#Generate certificate signing request for certService
step_10:
@echo "Generate certificate signing request for certService"
- keytool -certreq -keystore certServiceServer-keystore.jks -alias aaf-cert-service -storepass secret -file certServiceServer.csr
+ keytool -certreq -keystore certServiceServer-keystore.jks -alias oom-cert-service -storepass secret -file certServiceServer.csr
@echo "####done####"
#Sign certService certificate by root CA
@@ -80,7 +80,7 @@
@echo "Sign certService certificate by root CA"
keytool -gencert -v -keystore root-keystore.jks -storepass secret -alias root -infile certServiceServer.csr \
-outfile certServiceServerByRoot.crt -rfc -ext bc=0 -ext ExtendedkeyUsage="serverAuth,clientAuth" \
- -ext SubjectAlternativeName:="DNS:aaf-cert-service,DNS:localhost"
+ -ext SubjectAlternativeName:="DNS:oom-cert-service,DNS:localhost"
@echo "####done####"
#Import root certificate into server
@@ -92,7 +92,7 @@
#Import signed certificate into certService
step_13:
@echo "Import signed certificate into certService"
- keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias aaf-cert-service \
+ keytool -importcert -file certServiceServerByRoot.crt -destkeystore certServiceServer-keystore.jks -alias oom-cert-service \
-storepass secret -noprompt
@echo "####done####"
diff --git a/plans/aaf/certservice/cmpServers.json b/plans/oom-platform-cert-service/certservice/cmpServers.json
similarity index 75%
rename from plans/aaf/certservice/cmpServers.json
rename to plans/oom-platform-cert-service/certservice/cmpServers.json
index d6557c5..7256494 100644
--- a/plans/aaf/certservice/cmpServers.json
+++ b/plans/oom-platform-cert-service/certservice/cmpServers.json
@@ -2,7 +2,7 @@
"cmpv2Servers": [
{
"caName": "Client",
- "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
+ "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmp",
"issuerDN": "CN=ManagementCA",
"caMode": "CLIENT",
"authentication": {
@@ -12,7 +12,7 @@
},
{
"caName": "RA",
- "url": "http://aafcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
+ "url": "http://oomcert-ejbca:8080/ejbca/publicweb/cmp/cmpRA",
"issuerDN": "CN=ManagementCA",
"caMode": "RA",
"authentication": {
diff --git a/plans/oom-platform-cert-service/certservice/docker-compose.yml b/plans/oom-platform-cert-service/certservice/docker-compose.yml
new file mode 100644
index 0000000..b281101
--- /dev/null
+++ b/plans/oom-platform-cert-service/certservice/docker-compose.yml
@@ -0,0 +1,47 @@
+version: "2.1"
+
+services:
+ ejbca:
+ image: primekey/ejbca-ce:6.15.2.5
+ hostname: cahostname
+ container_name: oomcert-ejbca
+ ports:
+ - "80:8080"
+ - "443:8443"
+ volumes:
+ - $SCRIPTS_PATH:/opt/primekey/scripts
+ healthcheck:
+ test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
+ interval: 20s
+ timeout: 3s
+ retries: 9
+ networks:
+ - certservice
+
+ oom-cert-service:
+ image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-api:latest
+ volumes:
+ - $CONFIGURATION_PATH:/etc/onap/oom/certservice/cmpServers.json
+ - ./certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks
+ - ./certs/root.crt:/etc/onap/oom/certservice/certs/root.crt
+ - ./certs/certServiceServer-keystore.jks:/etc/onap/oom/certservice/certs/certServiceServer-keystore.jks
+ - ./certs/certServiceServer-keystore.p12:/etc/onap/oom/certservice/certs/certServiceServer-keystore.p12
+ container_name: oomcert-service
+ ports:
+ - "8443:8443"
+ depends_on:
+ ejbca:
+ condition: service_healthy
+ healthcheck:
+ test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/oom/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 --pass secret"]
+ interval: 10s
+ timeout: 3s
+ retries: 15
+ networks:
+ - certservice
+
+
+networks:
+ certservice:
+ driver: bridge
+
diff --git a/plans/aaf/certservice/scripts/ejbca-configuration.sh b/plans/oom-platform-cert-service/certservice/scripts/ejbca-configuration.sh
similarity index 100%
rename from plans/aaf/certservice/scripts/ejbca-configuration.sh
rename to plans/oom-platform-cert-service/certservice/scripts/ejbca-configuration.sh
diff --git a/plans/aaf/certservice/setup.sh b/plans/oom-platform-cert-service/certservice/setup.sh
similarity index 69%
rename from plans/aaf/certservice/setup.sh
rename to plans/oom-platform-cert-service/certservice/setup.sh
index 1200e96..bee54cd 100644
--- a/plans/aaf/certservice/setup.sh
+++ b/plans/oom-platform-cert-service/certservice/setup.sh
@@ -20,7 +20,7 @@
SCRIPT=`realpath $0`
CURRENT_WORKDIR_PATH=`dirname $SCRIPT`
-PROJECT_DIRECTORY="plans/aaf/certservice"
+PROJECT_DIRECTORY="plans/oom-platform-cert-service/certservice"
SCRIPTS_DIRECTORY="scripts"
@@ -75,35 +75,35 @@
export SCRIPTS_PATH=${SCRIPTS_PATH}
#Generate keystores, truststores, certificates and keys
-mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/
+mkdir -p ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/
make all -C ./certs/
-cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt
+cp ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/root.crt ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/root.crt
echo "Generated keystores"
-openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt
+openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.crt
echo "Generated server certificate"
-openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key
+openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.key
echo "Generated server key"
docker-compose up -d
-AAFCERT_IP='none'
+OOMCERT_IP='none'
# Wait container ready
for i in {1..9}
do
- AAFCERT_IP=`get-instance-ip.sh aafcert-service`
+ OOMCERT_IP=`get-instance-ip.sh oomcert-service`
RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \
python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]')
if [[ "$RESP_CODE" == "UP" ]]; then
- echo 'AAF Cert Service is ready'
- export AAFCERT_IP=${AAFCERT_IP}
- docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
+ echo 'OOM Cert Service is ready'
+ export OOMCERT_IP=${OOMCERT_IP}
+ docker exec oomcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
break
fi
- echo 'Waiting for AAF Cert Service to start up...'
+ echo 'Waiting for OOM Cert Service to start up...'
sleep 30s
done
-if [ "$AAFCERT_IP" == 'none' -o "$AAFCERT_IP" == '' ]; then
- echo "AAF Cert Service is not ready!"
+if [ "$OOMCERT_IP" == 'none' -o "$OOMCERT_IP" == '' ]; then
+ echo "OOM Cert Service is not ready!"
exit 1 # Return error code
fi
diff --git a/plans/aaf/certservice/teardown.sh b/plans/oom-platform-cert-service/certservice/teardown.sh
similarity index 90%
rename from plans/aaf/certservice/teardown.sh
rename to plans/oom-platform-cert-service/certservice/teardown.sh
index 71e20b7..f531180 100644
--- a/plans/aaf/certservice/teardown.sh
+++ b/plans/oom-platform-cert-service/certservice/teardown.sh
@@ -19,7 +19,7 @@
make clear -C ./certs/
echo "Removed old keystores"
-rm -rf ${WORKSPACE}/tests/aaf/certservice/assets/certs
+rm -rf ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs
echo "Removed old certificates"
kill-instance.sh ${ClientContainerName}
\ No newline at end of file
diff --git a/plans/aaf/certservice/testplan.txt b/plans/oom-platform-cert-service/certservice/testplan.txt
similarity index 72%
rename from plans/aaf/certservice/testplan.txt
rename to plans/oom-platform-cert-service/certservice/testplan.txt
index 270fc6d..ed9ee12 100755
--- a/plans/aaf/certservice/testplan.txt
+++ b/plans/oom-platform-cert-service/certservice/testplan.txt
@@ -1,3 +1,3 @@
# Test suites are relative paths under [integration/csit.git]/tests/.
# Place the suites in run order.
-aaf/certservice
+oom-platform-cert-service/certservice