Add enterprise testing containers and configurations

This adds enterprise containers and enterprise tests and updates configurations and versioning

Dockerfile.nginx

@@ -1,4 +1,4 @@
-FROM nginx:1.13.3
+FROM nginx:1.13.6
 
 MAINTAINER Conjur Inc
 

Dockerfile.test

@@ -1,4 +1,4 @@
-FROM java:8
+FROM openjdk:8
 
 MAINTAINER Conjur Inc
 

Jenkinsfile

@@ -8,6 +8,10 @@ pipeline {
     buildDiscarder(logRotator(numToKeepStr: '30'))
   }
 
+  triggers {
+    cron(getDailyCronString())
+  }
+
   stages {
     stage('Create and archive the Maven package') {
       steps {

docker-compose.yml

@@ -4,7 +4,7 @@ services:
     image: postgres:9.3
 
   conjur:
-    image: cyberark/conjur:0.1.0-stable
+    image: cyberark/conjur:latest
     command: server -a cucumber
     environment:
       PORT: 3000
@@ -15,23 +15,31 @@ services:
     depends_on:
       - postgres
 
+  # Create EE container
+  cuke-master:
+    image: registry2.itci.conjur.net/conjur-appliance-cuke-master:5.0-stable
+    ports:
+      - "443:443"
+    security_opt:
+      - "seccomp:unconfined"
+
   conjur-proxy-nginx:
     build:
       context: .
       dockerfile: Dockerfile.nginx
     entrypoint: nginx-debug -g 'daemon off;'
     environment:
-        TERM: xterm
+      TERM: xterm
     ports:
-    - "8080:80"
-    - "8443:443"
+      - "8080:80"
+      - "8443:443"
     depends_on:
       - conjur
       - client
 
 
   client:
-    image: conjurinc/cli5
+    image: cyberark/conjur-cli:5
     volumes:
       - ./test-cert:/test-cert
     entrypoint: sleep
@@ -43,6 +51,18 @@ services:
     depends_on:
       - conjur
 
+  client-dap:
+    image: cyberark/conjur-cli:5
+    entrypoint: sleep
+    command: infinity
+    environment:
+      CONJUR_APPLIANCE_URL: https://cuke-master
+      CONJUR_ACCOUNT: cucumber
+      CONJUR_AUTHN_LOGIN: admin
+      CONJUR_SSL_CERTIFICATE:
+    depends_on:
+      - cuke-master
+
   test:
     build:
       context: .
@@ -53,6 +73,21 @@ services:
       CONJUR_APPLIANCE_URL: http://conjur:3000
       CONJUR_ACCOUNT: cucumber
 
+  # Spin up container for EE testing
+  test-dap:
+    build:
+      context: .
+      dockerfile: Dockerfile.test
+    volumes:
+      - ./target:/conjurinc/api-java/target
+    entrypoint: sleep
+    command: infinity
+    environment:
+      CONJUR_APPLIANCE_URL: https://cuke-master
+      CONJUR_ACCOUNT: cucumber
+      CONJUR_SSL_CERTIFICATE:
+    depends_on:
+      - cuke-master
 
   test-https:
     build:
@@ -67,4 +102,4 @@ services:
       CONJUR_APPLIANCE_URL: https://conjur-proxy-nginx
       CONJUR_ACCOUNT: cucumber
     depends_on:
-      - conjur-proxy-nginx
+      - conjur-proxy-nginx

pom.xml

@@ -108,8 +108,8 @@
                 <artifactId>maven-compiler-plugin</artifactId>
                 <version>2.3.2</version>
                 <configuration>
-                    <source>1.5</source>
-                    <target>1.5</target>
+                    <source>1.6</source>
+                    <target>1.6</target>
                 </configuration>
             </plugin>
 

test.sh

@@ -1,21 +1,28 @@
 #!/usr/bin/env bash
 
-function finish {
-  echo '-----------------------test.sh------------------------------'
-  echo 'Removing test environment'
-  echo '------------------------------------------------------------'
-  docker-compose down -v
+function main() {
+#    runOSS
+    runDAP
 }
-trap finish EXIT
 
-function main() {
+function runOSS () {
   prepareOutputDir
-  createTestEnvironment
-  loadTestPolicy
-  runTests
-  printProxyConfiguration
-  initializeCert
-  runHTTPSTests
+  createOSSTestEnvironment
+  loadOSSTestPolicy
+  runOSSTests
+  printOSSProxyConfiguration
+  initializeOSSCert
+  runOSSHTTPSTests
+}
+
+# Run DAP Enterprise test suite
+function runDAP() {
+  prepareOutputDir
+  createDAPTestEnvironment
+  loadDAPTestPolicy
+  runDAPTests
+  initializeDAPCert
+
 }
 
 function prepareOutputDir() {
@@ -24,12 +31,92 @@ function prepareOutputDir() {
   mkdir -p output
 }
 
-function createTestEnvironment() {
+# Build DAP test container & start the cluster
+function createDAPTestEnvironment() {
+  docker-compose build --pull client-dap cuke-master postgres test-dap
+  docker-compose up -d client-dap cuke-master postgres test-dap
+
+  # Delay to allow time for conjur to come up
+  echo 'Waiting for conjur server to be healthy'
+  docker-compose run --rm test ./wait_for_server.sh
+}
+
+function loadDAPTestPolicy() {
   echo '-----------------------test.sh------------------------------'
-  echo "Creating test environment"
+  echo "Loading DAP test policy"
   echo '------------------------------------------------------------'
 
-  # Build test container & start the cluster
+#  ssl_cert=$(docker-compose exec cuke-master cat /opt/conjur/etc/ssl/conjur.pem)
+#  export CONJUR_SSL_CERTIFICATE=$(docker-compose exec cuke-master cat /opt/conjur/etc/ssl/conjur.pem)
+
+  # get DAP container id
+  dap_client_cid=$(docker-compose ps -q client-dap)
+
+#  docker-compose up -d client-dap
+# secret=api key
+  docker-compose exec client-dap conjur authn login -u admin -p secret
+
+   # copy test-policy into a /tmp/test-policy within the client container
+  docker cp test-policy ${dap_client_cid}:/tmp
+
+  docker-compose exec client-dap bash -c "conjur policy load root /tmp/test-policy/root.yml"
+}
+
+function initializeDAPCert () {
+  dap_client_cid=$(docker-compose ps -q client-dap)
+    # get the pem file from conjur server
+  CONJUR_ACCOUNT="cucumber"
+  CONJUR_PROXY="https://cuke-master"
+
+#  NOT WORKING
+  echo "remove old pem file"
+  rm -rf /test-cert/*
+
+  echo "fetch pem file from proxy https server"
+  exec_command='echo yes | conjur init -u '${CONJUR_PROXY}' -a '${CONJUR_ACCOUNT}' > tmp.out 2>&1'
+  docker exec ${dap_client_cid} /bin/bash -c "$exec_command"
+
+  echo "print command output"
+  print_command="cat tmp.out"
+  docker exec ${dap_client_cid} ${print_command}
+
+  echo "convert pem to der file and copy it to share memory"
+  convert_command="openssl x509 -outform der -in /root/conjur-cucumber.pem -out /test-cert/conjur-cucumber.der"
+  docker exec ${dap_client_cid} ${convert_command}
+
+  echo "import cert inside DAP test container"
+  # get conjur test https container id
+  dap_test_cid=$(docker-compose ps -q test-dap)
+
+  JRE_HOME='/usr/lib/jvm/java-8-openjdk-amd64/jre'
+  import_command="keytool -import -alias cucumber -v -trustcacerts -noprompt \
+     -keystore $JRE_HOME/lib/security/cacerts \
+     -file /conjurinc/api-java/test-cert/conjur-cucumber.der -storepass changeit"
+  docker exec ${dap_test_cid} ${import_command}
+}
+
+function runDAPTests() {
+  echo '-----------------------test.sh------------------------------'
+  echo "Running DAP tests"
+  echo '------------------------------------------------------------'
+
+  dap_test_cid=$(docker-compose ps -q test-dap)
+
+  export CONJUR_AUTHN_API_KEY=$(docker-compose exec client-dap conjur user rotate_api_key)
+
+  # Execute tests
+  docker exec \
+    -e CONJUR_AUTHN_API_KEY \
+    -e CONJUR_AUTHN_LOGIN="admin" \
+    ${dap_test_cid} bash -c "mvn test"
+}
+
+function createOSSTestEnvironment() {
+  echo '-----------------------test.sh------------------------------'
+  echo "Creating OSS test environment"
+  echo '------------------------------------------------------------'
+
+  # Build OSS test container & start the cluster
   docker-compose build --pull client conjur postgres test test-https conjur-proxy-nginx
   docker-compose up -d client conjur postgres test-https
 
@@ -39,9 +126,10 @@ function createTestEnvironment() {
   docker-compose run --rm test ./wait_for_server.sh
 }
 
-function loadTestPolicy() {
+
+function loadOSSTestPolicy() {
   echo '-----------------------test.sh------------------------------'
-  echo "Loading test policy"
+  echo "Loading OSS test policy"
   echo '------------------------------------------------------------'
 
   # get conjur container id
@@ -57,7 +145,7 @@ function loadTestPolicy() {
     /bin/bash -c "conjur policy load root /tmp/test-policy/root.yml"
 }
 
-function printProxyConfiguration() {
+function printOSSProxyConfiguration() {
   echo '-----------------------test.sh------------------------------'
   echo "Print Nginx proxy server configuration"
   echo '------------------------------------------------------------'
@@ -70,10 +158,9 @@ function printProxyConfiguration() {
 
 }
 
-
-function initializeCert() {
+function initializeOSSCert() {
   echo '-----------------------test.sh------------------------------'
-  echo "Fetch certificate using client cli"
+  echo "Fetch certificate for OSS using client cli"
   echo '------------------------------------------------------------'
 
   # get conjur client container id
@@ -103,16 +190,15 @@ function initializeCert() {
   # get conjur test https container id
   conjur_test_cid=$(docker-compose ps -q test-https)
 
-  JRE_HOME='/usr/lib/jvm/java-7-openjdk-amd64/jre'
+  JRE_HOME='/usr/lib/jvm/java-8-openjdk-amd64/jre'
   import_command="keytool -import -alias cucumber -v -trustcacerts -noprompt \
      -keystore $JRE_HOME/lib/security/cacerts \
      -file /test-cert/conjur-cucumber.der -storepass changeit"
   docker exec ${conjur_test_cid} ${import_command}
 
-
 }
 
-function runTests() {
+function runOSSTests() {
   echo '-----------------------test.sh------------------------------'
   echo "Running tests"
   echo '------------------------------------------------------------'
@@ -125,12 +211,9 @@ function runTests() {
     -e CONJUR_AUTHN_API_KEY="$api_key_admin" \
     test \
       bash -c "mvn test"
-
-
-
 }
 
-function runHTTPSTests() {
+function runOSSHTTPSTests() {
   echo '-----------------------test.sh------------------------------'
   echo "Running https tests"
   echo '------------------------------------------------------------'
@@ -165,4 +248,13 @@ function runHTTPSTests() {
   ${conjur_test_cid} ${tests_command}
 }
 
+#function finish {
+#  echo '-----------------------test.sh------------------------------'
+#  echo 'Removing test environment'
+#  echo '------------------------------------------------------------'
+#  docker-compose down -v
+#}
+
 main
+
+trap finish EXIT