| import docker |
| import os |
| import shutil |
| import re |
| from OpenSSL import crypto |
| from docker.types import Mount |
| |
| ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/" |
| MOUNT_PATH = os.getenv("WORKSPACE") + "/tests/aaf/certservice/tmp" |
| |
| ERROR_API_REGEX = 'Error on API response.*[0-9]{3}' |
| RESPONSE_CODE_REGEX = '[0-9]{3}' |
| |
| |
| class CertClientManager: |
| |
| def run_client_container(self, client_image, container_name, path_to_env, request_url, network): |
| self.create_mount_dir() |
| client = docker.from_env() |
| environment = self.read_list_env_from_file(path_to_env) |
| environment.append("REQUEST_URL=" + request_url) |
| container = client.containers.run( |
| image=client_image, |
| name=container_name, |
| environment=environment, |
| network=network, |
| user='root', #Run container as root to avoid permission issues with volume mount access |
| mounts=[Mount(target='/var/certs', source=MOUNT_PATH, type='bind')], |
| detach=True |
| ) |
| exitcode = container.wait() |
| return exitcode |
| |
| def read_list_env_from_file(self, path): |
| f = open(path, "r") |
| r_list = [] |
| for line in f: |
| line = line.strip() |
| if line[0] != "#": |
| r_list.append(line) |
| return r_list |
| |
| def remove_client_container_and_save_logs(self, container_name, log_file_name): |
| client = docker.from_env() |
| container = client.containers.get(container_name) |
| text_file = open(ARCHIVES_PATH + "container_" + log_file_name + ".log", "w") |
| text_file.write(container.logs()) |
| text_file.close() |
| container.remove() |
| self.remove_mount_dir() |
| |
| def can_open_keystore_and_truststore_with_pass(self): |
| keystore_pass_path = MOUNT_PATH + '/keystore.pass' |
| keystore_jks_path = MOUNT_PATH + '/keystore.jks' |
| can_open_keystore = self.can_open_jks_file_by_pass_file(keystore_pass_path, keystore_jks_path) |
| |
| truststore_pass_path = MOUNT_PATH + '/truststore.pass' |
| truststore_jks_path = MOUNT_PATH + '/truststore.jks' |
| can_open_truststore = self.can_open_jks_file_by_pass_file(truststore_pass_path, truststore_jks_path) |
| |
| return can_open_keystore & can_open_truststore |
| |
| def can_open_jks_file_by_pass_file(self, pass_file_path, jks_file_path): |
| try: |
| password = open(pass_file_path, 'rb').read() |
| crypto.load_pkcs12(open(jks_file_path, 'rb').read(), password) |
| return True |
| except: |
| return False |
| |
| def create_mount_dir(self): |
| if not os.path.exists(MOUNT_PATH): |
| os.makedirs(MOUNT_PATH) |
| |
| def remove_mount_dir(self): |
| shutil.rmtree(MOUNT_PATH) |
| |
| def can_find_api_response_in_logs(self, container_name): |
| logs = self.get_container_logs(container_name) |
| api_logs = re.findall(ERROR_API_REGEX, logs) |
| if api_logs: |
| return True |
| else: |
| return False |
| |
| def get_api_response_from_logs(self, container_name): |
| logs = self.get_container_logs(container_name) |
| error_api_message = re.findall(ERROR_API_REGEX, logs) |
| code = re.findall(RESPONSE_CODE_REGEX, error_api_message[0]) |
| return code[0] |
| |
| def get_container_logs(self, container_name): |
| client = docker.from_env() |
| container = client.containers.get(container_name) |
| logs = container.logs() |
| return logs |