blob: 0e2a4653ec870d24e3389f7b4fa9e3ede62d15b8 [file] [log] [blame]
Aleksandra Maciaga6def5972020-02-20 09:42:03 +01001#!/bin/bash
2#
Bogumil Zebek78bc8f32020-02-27 07:39:38 +01003# Copyright 2020 Nokia.
Aleksandra Maciaga6def5972020-02-20 09:42:03 +01004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#
17
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010018# ------------------------------------
Aleksandra Maciaga93f9ea42020-03-03 13:38:58 +010019# Resolve path to script's directory and cmp servers configuration
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010020
21SCRIPT=`realpath $0`
22CURRENT_WORKDIR_PATH=`dirname $SCRIPT`
Pawelb7a057e2020-08-07 14:53:48 +020023PROJECT_DIRECTORY="plans/oom-platform-cert-service/certservice"
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010024
Piotr Marcinkiewicz3bbc1c72020-11-19 14:13:45 +010025RESOURCES_DIRECTORY="resources"
Aleksandra Maciaga93f9ea42020-03-03 13:38:58 +010026
Piotr Marcinkiewicz3bbc1c72020-11-19 14:13:45 +010027JENKINS_RESOURCES_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$RESOURCES_DIRECTORY"
28LOCAL_RESOURCES_PATH="$CURRENT_WORKDIR_PATH/$RESOURCES_DIRECTORY"
Aleksandra Maciaga93f9ea42020-03-03 13:38:58 +010029
Tomasz Wrobel75573b02020-03-05 16:43:50 +010030# ------------------------------------
31#Prepare enviroment for client
32#install docker sdk
33echo "Uninstall docker-py and reinstall docker."
34pip uninstall -y docker-py
35pip uninstall -y docker
36pip install -U docker==2.7.0
37
Joanna Jeremicz9c14f192020-03-19 14:51:51 +010038#reinstall pyopenssl library
39echo "Reinstall pyopenssl library."
40pip uninstall pyopenssl -y
41pip install pyopenssl==17.5.0
42
Joanna Jeremiczc21b0082020-06-15 16:21:55 +020043#install pyjks for .jks files management
44pip install pyjks
45
kjaniak25fac3a2020-03-18 13:01:36 +010046#Disable proxy - for local run
47unset http_proxy https_proxy
48
Tomasz Wrobel75573b02020-03-05 16:43:50 +010049#export container name
50export ClientContainerName=CertServiceClient
51# ------------------------------------
52
Piotr Marcinkiewicz3bbc1c72020-11-19 14:13:45 +010053if test -d "$JENKINS_RESOURCES_PATH"; then
54 RESOURCES_PATH=$JENKINS_RESOURCES_PATH
55else test -f "$LOCAL_RESOURCES_PATH";
56 RESOURCES_PATH=$LOCAL_RESOURCES_PATH
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010057fi
Piotr Marcinkiewicz3bbc1c72020-11-19 14:13:45 +010058echo "Use resources from: $RESOURCES_PATH"
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010059
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010060CONFIGURATION_FILE="cmpServers.json"
Aleksandra Maciaga93f9ea42020-03-03 13:38:58 +010061
62JENKINS_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$PROJECT_DIRECTORY/$CONFIGURATION_FILE"
63LOCAL_CONFIGURATION_PATH="$CURRENT_WORKDIR_PATH/$CONFIGURATION_FILE"
64
65if test -f "$JENKINS_CONFIGURATION_PATH"; then
66 CONFIGURATION_PATH="$JENKINS_CONFIGURATION_PATH"
67else test -f "$LOCAL_CONFIGURATION_PATH";
68 CONFIGURATION_PATH=$LOCAL_CONFIGURATION_PATH
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010069fi
70echo "Use configuration from: $CONFIGURATION_PATH"
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010071
Bogumil Zebek78bc8f32020-02-27 07:39:38 +010072# -------------------------------------
73
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010074export CONFIGURATION_PATH=${CONFIGURATION_PATH}
Piotr Marcinkiewicz3bbc1c72020-11-19 14:13:45 +010075export RESOURCES_PATH=${RESOURCES_PATH}
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010076
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010077#Generate keystores, truststores, certificates and keys
Pawelb7a057e2020-08-07 14:53:48 +020078mkdir -p ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010079make all -C ./certs/
Pawelb7a057e2020-08-07 14:53:48 +020080cp ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/root.crt ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/root.crt
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010081echo "Generated keystores"
Pawelb7a057e2020-08-07 14:53:48 +020082openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.crt
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010083echo "Generated server certificate"
Pawelb7a057e2020-08-07 14:53:48 +020084openssl pkcs12 -in ${WORKSPACE}/plans/oom-platform-cert-service/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/oom-platform-cert-service/certservice/assets/certs/certServiceServer.key
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010085echo "Generated server key"
86
Aleksandra Maciaga7a5e3f62020-03-03 12:35:16 +010087docker-compose up -d
Aleksandra Maciaga6def5972020-02-20 09:42:03 +010088
Pawelb7a057e2020-08-07 14:53:48 +020089OOMCERT_IP='none'
Aleksandra Maciaga6def5972020-02-20 09:42:03 +010090# Wait container ready
Aleksandra Maciaga7ce07992020-03-09 10:01:12 +010091for i in {1..9}
92do
Pawelb7a057e2020-08-07 14:53:48 +020093 OOMCERT_IP=`get-instance-ip.sh oomcert-service`
Aleksandra Maciaga13b7d052020-03-26 17:28:47 +010094 RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \
95 python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]')
96 if [[ "$RESP_CODE" == "UP" ]]; then
Pawelb7a057e2020-08-07 14:53:48 +020097 echo 'OOM Cert Service is ready'
98 export OOMCERT_IP=${OOMCERT_IP}
99 docker exec oomcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
Aleksandra Maciaga7ce07992020-03-09 10:01:12 +0100100 break
101 fi
Pawelb7a057e2020-08-07 14:53:48 +0200102 echo 'Waiting for OOM Cert Service to start up...'
Aleksandra Maciaga7ce07992020-03-09 10:01:12 +0100103 sleep 30s
104done
Aleksandra Maciaga6def5972020-02-20 09:42:03 +0100105
Pawelb7a057e2020-08-07 14:53:48 +0200106if [ "$OOMCERT_IP" == 'none' -o "$OOMCERT_IP" == '' ]; then
107 echo "OOM Cert Service is not ready!"
Aleksandra Maciaga7ce07992020-03-09 10:01:12 +0100108 exit 1 # Return error code
109fi