Merge "remove user to avoid permisson issue"
diff --git a/plans/oom-platform-cert-service/truststoremerger/setup.sh b/plans/oom-platform-cert-service/truststoremerger/setup.sh
new file mode 100644
index 0000000..9f61840
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/setup.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+#
+# Copyright 2020 Nokia.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#export container name
+export MergerContainerName=TrustStoreMerger
+
+#install docker sdk
+echo "Uninstall docker-py and reinstall docker."
+pip uninstall -y docker-py
+pip uninstall -y docker
+pip install -U docker==2.7.0
+
+#install pyjks for .jks files management
+pip install pyjks
diff --git a/plans/oom-platform-cert-service/truststoremerger/teardown.sh b/plans/oom-platform-cert-service/truststoremerger/teardown.sh
new file mode 100644
index 0000000..a0ee4d2
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/teardown.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+#
+# Copyright 2017 ZTE, Inc. and others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+kill-instance.sh ${MergerContainerName}
diff --git a/plans/oom-platform-cert-service/truststoremerger/testplan.txt b/plans/oom-platform-cert-service/truststoremerger/testplan.txt
new file mode 100755
index 0000000..11e0083
--- /dev/null
+++ b/plans/oom-platform-cert-service/truststoremerger/testplan.txt
@@ -0,0 +1,3 @@
+# Test suites are relative paths under [integration/csit.git]/tests/.
+# Place the suites in run order.
+oom-platform-cert-service/truststoremerger
diff --git a/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json b/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json
index bd13327..8aaca05 100644
--- a/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json
+++ b/plans/usecases-5G-bulkpm/5G-bulkpm/assets/dfc/datafile_endpoints.json
@@ -10,6 +10,9 @@
"dmaap.security.keyStorePath": "/opt/app/datafile/etc/cert/cert.jks",
"dmaap.security.keyStorePasswordPath": "/opt/app/datafile/etc/cert/jks.pass",
"dmaap.security.enableDmaapCertAuth": "false",
+ "dmaap.dmaapConsumerConfiguration.consumerGroup": "OpenDcae-c12",
+ "dmaap.dmaapConsumerConfiguration.consumerId": "C12",
+ "dmaap.dmaapConsumerConfiguration.timeoutMs": -1,
"sftp.security.strictHostKeyChecking": "true",
"streams_publishes": {
"PM_MEAS_FILES": {
@@ -27,7 +30,7 @@
"streams_subscribes": {
"dmaap_subscriber": {
"dmaap_info": {
- "topic_url":"http://dradmin:dradmin@dmaap-message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT/OpenDcae-c12/C12"
+ "topic_url":"http://dmaap-message-router:3904/events/unauthenticated.VES_NOTIFICATION_OUTPUT"
},
"type": "message_router"
}
diff --git a/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml b/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml
index dff4824..46fab55 100644
--- a/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml
+++ b/plans/usecases-5G-bulkpm/5G-bulkpm/composefile/docker-compose-e2e.yml
@@ -112,6 +112,7 @@
- dcaegen2-datafile-collector
environment:
KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts"
+ CONFIG_BINDING_SERVICE_SERVICE_PORT: 10000
cbs-sim:
container_name: config-binding-service-sim
diff --git a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
index f92d19f..2ea2882 100644
--- a/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
+++ b/scripts/dcaegen2-collectors-datafile/dfc-management/docker-compose.yml
@@ -21,5 +21,7 @@
CONSUL_HOST: "consul-server"
CONSUL_PORT: 8500
CONFIG_BINDING_SERVICE: "config-binding-service"
+ CONFIG_BINDING_SERVICE_SERVICE_PORT: 10000
HOSTNAME: "dfc_app0"
KNOWN_HOSTS_FILE_PATH: "/home/datafile/.ssh/known_hosts"
+
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
new file mode 100644
index 0000000..1c9f111
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
Binary files differ
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
new file mode 100644
index 0000000..978e682
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
@@ -0,0 +1,63 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
+Bag Attributes
+ friendlyName: trusted-certificate-1
+ 2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
+subject=UID = c-0b8462793092c1adf, CN = ManagementCA, O = EJBCA Container Quickstart
+
+issuer=UID = c-0b8462793092c1adf, CN = ManagementCA, O = EJBCA Container Quickstart
+
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
new file mode 100644
index 0000000..9edfaa4
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
new file mode 100644
index 0000000..f98b336
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreJks.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
new file mode 100644
index 0000000..95c00fc
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/empty.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
new file mode 100644
index 0000000..840728b
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
new file mode 100644
index 0000000..5b97161
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.txt:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
new file mode 100644
index 0000000..1a19511
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
new file mode 100644
index 0000000..b397f9a
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks_invalid.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
new file mode 100644
index 0000000..52fa88c
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/invalid/truststore.jks:/invalid/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/empty.pem
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
new file mode 100644
index 0000000..3bd85a0
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
Binary files differ
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12 b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
new file mode 100644
index 0000000..3a98c4a
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
Binary files differ
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
new file mode 100644
index 0000000..8815d6c
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEszCCAxugAwIBAgIUZrzliCEcld8Q7Fa20QOooFrkewAwDQYJKoZIhvcNAQEL
+BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI4NDYyNzkzMDkyYzFhZGYxFTATBgNV
+BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr
+c3RhcnQwHhcNMjAwNzE1MTI1NTI1WhcNMzAwNzE1MTI1NTI1WjBhMSMwIQYKCZIm
+iZPyLGQBAQwTYy0wYjg0NjI3OTMwOTJjMWFkZjEVMBMGA1UEAwwMTWFuYWdlbWVu
+dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAPKU+p62gXve2rCo2ojyyKcy9T/yEZJi
+9eZJoawets18FNKzWgXDz3ZK+dgc8hVHZahmIzfh9ovcEALYvCx1bLKN5tqbV7O0
+lUFGI+DGlP9QzGKopCh/uMXas4/lfVNogEB7cXu62ak6FuIuaKHETeqez5wC0d1d
+KcilG4loaN3tGXn8j1rnUq1fVu4QyxYfDekRzFiLOvdGeYfZlMkGcVYq3jDV9/sH
+5wKUKIxRwa+t1GlvzJqjVY6K3UvxS8ZBrNYTAtsvI/s6fd8Ah4FIM0Zsc8X1CIb4
+rxqhU6CDx1fQCgKyO6FG/3kVA9Y6+VLeRXsa/VaZxRwQWn0XfVrVpajiD+q3m9xd
+/NJUEAu1xEyfZw43ZSduGjrf5pwHR871noo+7pEbTDlM92ktDFW3go1DowrhEUlf
+XaU6C25yuzThl8f9pFD9/Bo82nHL5n8BENLCmaYrioVWQBAmrQKo1Y3uFgY+fP7y
+CL1POlJTuoXO++KhnEvhGfiIVBlzwdBATwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD
+AQH/MB8GA1UdIwQYMBaAFAZ6Sy3QQ0dNORdnfg5ppmOI6ngpMB0GA1UdDgQWBBQG
+ekst0ENHTTkXZ34OaaZjiOp4KTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggGBAM8MyROdYt0458uCRM/8KZYU9q5xRDGXUGXVpEcGyu1hVlnzlnv7YJSX
+BWQenl092IVM7B0hsttpQIAXK4lS3hQ1fTaYWub0TPbK7xORGwi2uTDEagWXMc5e
+c2J6Sb9IFl2UqX8cERRCJNuENnuf10MU3rXa2TfydaELDXxr49KPPx3tgl/OfbtY
+MmFWLiyxo1jIZ/LeIiaN1m0OtGskkR8TF2D/ZA7YPzEWl2R3PhYNR1gkfAtYPWya
+DTXgiQwXuWDhdSTqiN3QuxRDVXFiQgoV0wqjgkqh4NiOXWB2ryaPvqiYRCvoM6Ly
+OcYy4LidGz9J+jQGAJPh4fI/1G4SgwVAT0bgYREy4IP6Y8R4zGoU0rGKnknfL70E
+t4Xm2ASu5jEcne2l1UOPPctFmei+QHmZ0c8V8HNmP5XRf+47OSi+ryCrRQfKrkyw
+UgvoB49yV3M1+IgCx18daEQCYal98hhQMn/3NVrOJeOjzDcF6Gxb679Cu/biZ8Wx
+li7RV0Xt1g==
+-----END CERTIFICATE-----
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
new file mode 100644
index 0000000..817b619
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
@@ -0,0 +1 @@
+WkTGRmhSe%PM;it?NRY888Ak
\ No newline at end of file
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass
new file mode 100644
index 0000000..48036ab
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreP12.pass
@@ -0,0 +1 @@
+0TZd_x#qp$78hJsm0wzc1dm_
\ No newline at end of file
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
new file mode 100644
index 0000000..4afa1a2
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass::/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
new file mode 100644
index 0000000..e0240a7
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.pem:/var/certs/truststore.p12
+TRUSTSTORES_PASSWORDS_PATHS=:/var/certs/truststoreP12.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env b/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
new file mode 100644
index 0000000..66b6f66
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
@@ -0,0 +1,2 @@
+TRUSTSTORES_PATHS=/var/certs/truststore.jks
+TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py b/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py
new file mode 100644
index 0000000..cc60eed
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/EnvsReader.py
@@ -0,0 +1,11 @@
+
+class EnvsReader:
+
+ def read_env_list_from_file(self, path):
+ f = open(path, "r")
+ r_list = []
+ for line in f:
+ line = line.strip()
+ if line[0] != "#":
+ r_list.append(line)
+ return r_list
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py b/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py
new file mode 100644
index 0000000..e18ca12
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/JksTruststoreValidator.py
@@ -0,0 +1,18 @@
+
+import jks
+
+class JksTruststoreValidator:
+
+ def get_truststore(self, truststore_path, password_path):
+ truststore = jks.KeyStore.load(truststore_path, open(password_path, 'rb').read())
+ return truststore.certs
+
+ def assert_jks_truststores_equal(self, result_truststore_path, password_path, expected_truststore_path):
+ result_certs = self.get_truststore(result_truststore_path, password_path)
+ expected_certs = self.get_truststore(expected_truststore_path, password_path)
+ if len(result_certs) != len(expected_certs):
+ return False
+ for k in result_certs:
+ if not (k in expected_certs and result_certs[k].cert == expected_certs[k].cert):
+ return False
+ return True
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py b/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py
new file mode 100644
index 0000000..8dc9623
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/PemTruststoreValidator.py
@@ -0,0 +1,19 @@
+import re
+
+BEGIN_CERT = "-----BEGIN CERTIFICATE-----"
+END_CERT = "-----END CERTIFICATE-----"
+
+class PemTruststoreValidator:
+
+ def assert_pem_truststores_equal(self, result_pem_path, expected_pem_path):
+ result_certs = self.get_list_of_pem_certificates(result_pem_path)
+ expected_certs = self.get_list_of_pem_certificates(expected_pem_path)
+ result_certs.sort()
+ expected_certs.sort()
+ if len(result_certs) != len(expected_certs):
+ return False
+ return result_certs == expected_certs
+
+
+ def get_list_of_pem_certificates(self, path):
+ return re.findall(BEGIN_CERT + '(.+?)' + END_CERT, open(path, 'rb').read(), re.DOTALL)
diff --git a/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py b/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py
new file mode 100644
index 0000000..f7a493c
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/libraries/TrustMergerManager.py
@@ -0,0 +1,47 @@
+import docker
+import os
+import shutil
+from EnvsReader import EnvsReader
+from docker.types import Mount
+
+ARCHIVES_PATH = os.getenv("WORKSPACE") + "/archives/"
+
+
+class TrustMergerManager:
+
+ def __init__(self, mount_path, truststores_path):
+ self.mount_path = mount_path
+ self.truststores_path = truststores_path
+
+ def run_merger_container(self, merger_image, merger_name, path_to_env):
+ self.remove_mount_dir()
+ shutil.copytree(self.truststores_path, self.mount_path)
+ client = docker.from_env()
+ environment = EnvsReader().read_env_list_from_file(path_to_env)
+ container = client.containers.run(
+ image=merger_image,
+ name=merger_name,
+ environment=environment,
+ user='root', # Run container as root to avoid permission issues with volume mount access
+ mounts=[Mount(target='/var/certs', source=self.mount_path, type='bind')],
+ detach=True
+ )
+ exitcode = container.wait()
+ return exitcode
+
+ def create_mount_dir(self):
+ if not os.path.exists(self.mount_path):
+ os.makedirs(self.mount_path)
+
+ def remove_mount_dir(self):
+ if os.path.exists(self.mount_path):
+ shutil.rmtree(self.mount_path)
+
+ def remove_merger_container_and_save_logs(self, container_name, log_file_name):
+ client = docker.from_env()
+ container = client.containers.get(container_name)
+ text_file = open(ARCHIVES_PATH + "merger_container_" + log_file_name + ".log", "w")
+ text_file.write(container.logs())
+ text_file.close()
+ container.remove()
+ self.remove_mount_dir()
diff --git a/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot
new file mode 100644
index 0000000..1040afa
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-keywords.robot
@@ -0,0 +1,34 @@
+*** Settings ***
+
+Resource ../../../common.robot
+Resource ./trust-merger-properties.robot
+Library ../libraries/TrustMergerManager.py ${MOUNT_PATH} ${TRUSTSTORES_PATH}
+Library ../libraries/JksTruststoreValidator.py
+Library ../libraries/PemTruststoreValidator.py
+
+*** Keywords ***
+
+Run Trust Merger And Expect Error
+ [Documentation] Run Truststore Merger Container And Validate Exit Code
+ [Arguments] ${env_file} ${expected_exit_code}
+ ${exit_code}= Run Merger Container ${DOCKER_MERGER_IMAGE} ${MERGER_CONTAINER_NAME} ${env_file}
+ Remove Merger Container And Save Logs ${MERGER_CONTAINER_NAME} negative_path
+ Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+
+Run Trust Merger And Merge Truststore Files To Jks
+ [Documentation] Run Truststore Merger Container And Validate Exit Code And Files
+ [Arguments] ${env_file} ${expected_exit_code} ${jks_path} ${jks_password} ${expected_jks_path}
+ ${exit_code}= Run Merger Container ${DOCKER_MERGER_IMAGE} ${MERGER_CONTAINER_NAME} ${env_file}
+ ${files_equal}= Assert Jks Truststores Equal ${jks_path} ${jks_password} ${expected_jks_path}
+ Remove Merger Container And Save Logs ${MERGER_CONTAINER_NAME} positive_path
+ Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+ Should Be True ${files_equal}
+
+Run Trust Merger And Merge Truststore Files To Pem
+ [Documentation] Run Truststore Merger Container And Validate Exit Code And Files
+ [Arguments] ${env_file} ${expected_exit_code} ${pem_path} ${expected_pem_path}
+ ${exit_code}= Run Merger Container ${DOCKER_MERGER_IMAGE} ${MERGER_CONTAINER_NAME} ${env_file}
+ ${files_equal}= Assert Pem Truststores Equal ${pem_path} ${expected_pem_path}
+ Remove Merger Container And Save Logs ${MERGER_CONTAINER_NAME} positive_path
+ Should Be Equal As Strings ${exit_code} ${expected_exit_code} Client return unexpected exit code return: ${exitcode} , but expected: ${expected_exit_code}
+ Should Be True ${files_equal}
diff --git a/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot
new file mode 100644
index 0000000..d356f60
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/resources/trust-merger-properties.robot
@@ -0,0 +1,35 @@
+*** Variables ***
+
+${DOCKER_MERGER_IMAGE} nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-truststore-merger:latest
+${MERGER_CONTAINER_NAME} %{MergerContainerName}
+${MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp
+${TRUSTSTORES_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores
+${EXPECTED_TRUSTSTORES_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores
+
+${JKS_TRUSTSTORE_MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.jks
+${JKS_PASSWORD_MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststoreJks.pass
+${P12_TRUSTSTORE_MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.p12
+${P12_PASSWORD_MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststoreP12.pass
+${PEM_TRUSTSTORE_MOUNT_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/tmp/truststore.pem
+
+${JKS_TRUSTSTORE_EXPECTED_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/jksAndPemAndP12.jks
+${PEM_TRUSTSTORE_EXPECTED_PATH} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/expected_truststores/pemAndP12.pem
+
+${INVALID_ENV_EMPTY_FILE} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_file.env
+${INVALID_ENV_LIST_SIZE} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_different_lists_size.env
+${INVALID_ENV_EMPTY_PASSWORDS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_passwords.env
+${INVALID_PASSWORD_PATHS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_password_path.env
+${INVALID_ENV_TRUSTSTORE_PATHS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_truststore_paths.env
+${INVALID_ENV_FILE_PASSWORD} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_file_password_pair.env
+${INVALID_ENV_EXTENSION} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_extension.env
+${INVALID_ENV_DUPLICATED_ALIASES} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_duplicated_aliases.env
+${INVALID_ENV_EMPTY_CERTS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/invalid_empty_certs.env
+${VALID_ENV_JKS_PEM_P12} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_jks_pem_p12.env
+${VALID_ENV_PEM_P12} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_pem_p12.env
+${VALID_ENV_SINGLE_TRUSTSTORE} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/valid_single_truststore.env
+
+${TRUSTSTORE_JKS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.jks
+${TRUSTSTORE_JKS_PASS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststoreJks.pass
+${TRUSTSTORE_P12} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.p12
+${TRUSTSTORE_P12_PASS} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pass
+${TRUSTSTORE_PEM} %{WORKSPACE}/tests/oom-platform-cert-service/truststoremerger/assets/truststores/truststore.pem
diff --git a/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot b/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot
new file mode 100644
index 0000000..966a424
--- /dev/null
+++ b/tests/oom-platform-cert-service/truststoremerger/trust-merger-test.robot
@@ -0,0 +1,67 @@
+*** Settings ***
+
+Documentation Truststore merger test case scenarios
+Library RequestsLibrary
+Resource ./resources/trust-merger-keywords.robot
+
+*** Test Cases ***
+
+Trust Merger fails when file extension is invalid
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with invalid truststore extension env and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_EXTENSION} 1
+
+Trust Merger fails when truststore and passwords envs not provided
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with invalid empty envs and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_EMPTY_FILE} 1
+
+Trust Merger fails when list sizes are different
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with different truststore and password envs size and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_LIST_SIZE} 2
+
+Trust Merger fails when a variable is empty
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with empty truststore password path env and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_EMPTY_PASSWORDS} 2
+
+Trust Merger fails when truststore paths are invalid
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with invalid truststore path and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_TRUSTSTORE_PATHS} 3
+
+Trust Merger fails when password path is invalid
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with invalid password path and expect error code
+ Run Trust Merger And Expect Error ${INVALID_PASSWORD_PATHS} 4
+
+Trust Merger fails when password file pair is invalid
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with incorrect password env and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_FILE_PASSWORD} 7
+
+Trust Merger fails when pem does not contain cert
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with empty pem truststore and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_EMPTY_CERTS} 9
+
+Trust Merger fails when aliases are duplicated
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with duplicated aliases in truststores and expect error code
+ Run Trust Merger And Expect Error ${INVALID_ENV_DUPLICATED_ALIASES} 10
+
+Trust Merger merges successfully jks pem p12
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with valid env file and expect merged certs from jks, pem and p12
+ Run Trust Merger And Merge Truststore Files To Jks ${VALID_ENV_JKS_PEM_P12} 0 ${JKS_TRUSTSTORE_MOUNT_PATH} ${TRUSTSTORE_JKS_PASS} ${JKS_TRUSTSTORE_EXPECTED_PATH}
+
+Trust Merger merges successfully pem p12
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with valid env file and expect merged certs from pem and p12
+ Run Trust Merger And Merge Truststore Files To Pem ${VALID_ENV_PEM_P12} 0 ${PEM_TRUSTSTORE_MOUNT_PATH} ${PEM_TRUSTSTORE_EXPECTED_PATH}
+
+Trust Merger ends successfully with single truststore
+ [Tags] OOM-TRUST-STORE-MERGER
+ [Documentation] Run with one truststore in env file and expect code 0
+ Run Trust Merger And Merge Truststore Files To Jks ${VALID_ENV_SINGLE_TRUSTSTORE} 0 ${JKS_TRUSTSTORE_MOUNT_PATH} ${TRUSTSTORE_JKS_PASS} ${TRUSTSTORE_JKS}