Add default certificates for mrstub

    The default certificates are in folder /usr/src/app/cert
    The default certificates can be overriden by mounting a volume in 'docker run' command or in a docker-compose.yml file
    ex:
    in 'docker run':
    docker run -it -p 3905:3905 -p 3906:3906 -v "$PWD/certificate:/usr/src/app/cert" mrstub
    in 'docker-compose.yml':
    volumes:
          - ./certificate:/usr/src/app/cert:ro

Issue-ID: NONRTRIC-208
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
Change-Id: Id903fb745736e053984bc71061e3c1f2d58fafde

diff --git a/test/mrstub/Dockerfile b/test/mrstub/Dockerfile
index 9a15bc3..07101ad 100644 (file)
--- a/test/mrstub/Dockerfile
+++ b/test/mrstub/Dockerfile
@@ -18,6 +18,7 @@
 FROM python:3.8-slim-buster
 
 COPY app/ /usr/src/app/
+COPY cert/ /usr/src/app/cert/
 
 WORKDIR /usr/src/app/
 

diff --git a/test/mrstub/README.md b/test/mrstub/README.md
index f6d0dde..16d846e 100644 (file)
--- a/test/mrstub/README.md
+++ b/test/mrstub/README.md
@@ -65,7 +65,24 @@ There are a number of counters that can be read to monitor the message processin
 ```docker run -it -p 3905:3905 mrstub```
 
 >Start the image on http and https<br>
+By default, this image has default certificates under /usr/src/app/cert
+file "cert.crt" is the certificate file
+file "key.crt" is the key file
+file "generate_cert_and_key.sh" is a shell script to generate certificate and key
+file "pass" stores the password when you run the shell script
+
+Start the a1-interface container without specifing external certificates:
+```docker run -it -p 3905:3905 -p 3906:3906 mrstub```
+
+It will listen to http 3905 port and https 3906 port(using default certificates) at the same time.
+
+This certificates/key can be overriden by mounting a volume when using "docker run" or "docker-compose"
+In 'docker run', use field:
+--volume "$PWD/certificate:/usr/src/app/cert" a1test
 ```docker run -it -p 3905:3905 -p 3906:3906 -v "/PATH_TO_CERT/cert:/usr/src/app/cert" mrstub```
+In 'docker-compose.yml', use field:
+volumes:
+      - ./certificate:/usr/src/app/cert:ro
 
 The script ```mrstub-build-start.sh``` do the build and docker run in one go. This starts the stub container in stand-alone mode for basic test.<br>If the mrstub should be executed manually with the agent, replace docker run with this command to connect to the docker network with the correct service name (--name shall be the same as configured in consul for the read and write streams).
 ```docker run -it -p 3905:3905 --network nonrtric-docker-net --name message-router mrstub```

diff --git a/test/mrstub/cert/generate_cert_and_key.sh b/test/mrstub/cert/generate_cert_and_key.sh
new file mode 100755 (executable)
index 0000000..0f79bbf
--- /dev/null
+++ b/test/mrstub/cert/generate_cert_and_key.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+#  ============LICENSE_START===============================================
+#  Copyright (C) 2020 Nordix Foundation. All rights reserved.
+#  ========================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#  ============LICENSE_END=================================================
+#
+
+# This will generate a self-signed certificate with password 'test'
+openssl req -x509 -passout pass:"test" -newkey rsa:2048 -keyout key.crt -out cert.crt -days 9999