caddy-frontend: Drop non zero knowledge certificate management

The kedifa way is working for long time and users has been warned about moving
there, so now it's time to drop the insecure approach totally.

software/rapid-cdn/README.rst

@@ -123,8 +123,6 @@ This replaces old request parameters:
  * ``apache-key``
  * ``apache-ca-certificate``
 
-(*Note*: They are still supported for backward compatibility, but any value send to the ``master-key-upload-url`` will supersede information from SlapOS Master.)
-
 Slave partition
 ---------------
 
@@ -151,8 +149,6 @@ This replaces old request parameters:
  * ``ssl_key``
  * ``ssl_ca_crt``
 
-(*Note*: They are still supported for backward compatibility, but any value send to the ``key-upload-url`` will supersede information from SlapOS Master.)
-
 
 Instance Parameters
 ===================

software/rapid-cdn/buildout.hash.cfg

@@ -14,7 +14,7 @@
 # not need these here).
 [template]
 filename = instance.cfg.in
-md5sum = f249b268bd3e74f6f2dcdd437b1c9f71
+md5sum = 0332119cf7865ebe5293dcb229a905e9
 
 [profile-common]
 filename = instance-common.cfg.in
@@ -22,15 +22,15 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
 
 [profile-frontend]
 filename = instance-frontend.cfg.in
-md5sum = f6a7678e8dc18871d6b18e2138e95f7f
+md5sum = 50abd64af8eb81bd50db8e77c3bb7792
 
 [profile-master]
 filename = instance-master.cfg.in
-md5sum = 2aaab85bad51136b38f6a16d662a7b3e
+md5sum = f46d319fac4e20a89448bbda4cf28faf
 
 [profile-slave-list]
 filename = instance-slave-list.cfg.in
-md5sum = 939f475b5a1a67ade2617802e5dde3a9
+md5sum = 188e00e3bb5623a5b22c1ab290879470
 
 [profile-master-publish-slave-information]
 filename = instance-master-publish-slave-information.cfg.in

software/rapid-cdn/instance-frontend.cfg.in

@@ -168,9 +168,6 @@ etc-run = ${:etc}/run
 
 ca-dir = ${:srv}/ssl
 backend-client-dir = ${:srv}/backend-client
-# BBB: SlapOS Master non-zero knowledge BEGIN
-bbb-ssl-dir = ${:srv}/bbb-ssl
-# BBB: SlapOS Master non-zero knowledge END
 
 frontend_cluster = ${:var}/frontend_cluster
 
@@ -393,13 +390,7 @@ extra-context =
     key version_hash version-hash:value
     key software_release_url version-hash:software-release-url
     key node_information frontend-node-information:value
-# BBB: SlapOS Master non-zero knowledge BEGIN
-    key apache_certificate apache-certificate:output
-# BBB: SlapOS Master non-zero knowledge END
     key custom_ssl_directory frontend-directory:custom-ssl-directory
-## frontend haproxy
-    key template_frontend_haproxy_configuration software-release-path:template-frontend-haproxy-configuration
-    key template_frontend_haproxy_crt_list software-release-path:template-frontend-haproxy-crt-list
 ## backend haproxy
     key template_backend_haproxy_configuration software-release-path:template-backend-haproxy-configuration
 ## Configuration passed by section
@@ -440,9 +431,6 @@ extra-context =
     key error_log frontend-haproxy-configuration:error-log
     key username monitor-instance-parameter:username
     key password monitor-htpasswd:passwd
-# BBB: SlapOS Master non-zero knowledge BEGIN
-    key apache_certificate apache-certificate:output
-# BBB: SlapOS Master non-zero knowledge END
     section configuration frontend-haproxy-rsyslogd-config
 
 [frontend-haproxy-rsyslogd]
@@ -490,31 +478,6 @@ node-id = ${frontend-node-id:value}
 quic = {{ FRONTEND_HAPROXY_QUIC }}
 quic-port = {{ QUIC_PORT }}
 
-# BBB: SlapOS Master non-zero knowledge BEGIN
-[get-self-signed-fallback-access]
-recipe = slapos.recipe.build
-certificate-file = ${self-signed-fallback-access:certificate}
-init =
-  import os
-  options['certificate'] = ''
-  if os.path.exists(options['certificate-file']):
-    with open(options['certificate-file'], 'r') as fh:
-      options['certificate'] = fh.read()
-
-[apache-certificate]
-recipe = slapos.recipe.template:jinja2
-inline =
-{% raw %}
-  {{ certificate or fallback_certificate }}
-  {{ key or '' }}
-{% endraw %}
-context =
-  key certificate configuration:apache-certificate
-  key key configuration:apache-key
-  key fallback_certificate get-self-signed-fallback-access:certificate
-output = ${directory:bbb-ssl-dir}/frontend.crt
-# BBB: SlapOS Master non-zero knowledge END
-
 [frontend-directory]
 recipe = slapos.cookbook:mkdirectory
 slave-configuration = ${directory:etc}/frontend-haproxy.d/
@@ -677,7 +640,7 @@ command = ${trafficserver-rotate-script:output}
 url = {{ software_parameter_dict['template_configuration_state_script'] }}
 output = ${directory:bin}/${:_buildout_section_name_}
 
-path_list = ${frontend-haproxy-configuration:file} ${frontend-haproxy-configuration:crt-list} ${frontend-directory:master-autocert-dir}/*.key ${frontend-directory:master-autocert-dir}/*.crt ${frontend-directory:master-autocert-dir}/*.pem ${frontend-directory:autocert}/*.pem ${frontend-directory:custom-ssl-directory}/*.proxy_ca_crt ${directory:bbb-ssl-dir}/*.crt
+path_list = ${frontend-haproxy-configuration:file} ${frontend-haproxy-configuration:crt-list} ${frontend-directory:master-autocert-dir}/*.key ${frontend-directory:master-autocert-dir}/*.crt ${frontend-directory:master-autocert-dir}/*.pem ${frontend-directory:autocert}/*.pem ${frontend-directory:custom-ssl-directory}/*.proxy_ca_crt
 sha256sum = {{ software_parameter_dict['sha256sum'] }}
 
 extra-context =

software/rapid-cdn/instance-input-schema.json

@@ -6,18 +6,6 @@
       "title": "Frontend Replication Quantity",
       "type": "integer"
     },
-    "apache-certificate": {
-      "description": "SSL Certificate used by the server. By appending to it CA certificate it is possible to use this field to replace not implemented apache-ca-certificate. Deprecated, please use master-key-upload-url.",
-      "textarea": true,
-      "title": "[DEPRECATED] SSL Certificate, with optional CA certificate",
-      "type": "string"
-    },
-    "apache-key": {
-      "description": "SSL Key used by the server. Deprecated, please use master-key-upload-url.",
-      "textarea": true,
-      "title": "[DEPRECATED] SSL Key",
-      "type": "string"
-    },
     "domain": {
       "description": "Domain used to generate automatic hostnames for slaves. For example 'example.com' will result with slave hostname 'slaveref.example.com'.",
       "pattern": "^([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}$",

software/rapid-cdn/instance-master.cfg.in

@@ -30,8 +30,6 @@
 {%- set FRONTEND_NODE_PASSED_KEY_LIST = [
         'plain_http_port',
         'port',
-        'apache-certificate',
-        'apache-key',
         'domain',
         'enable-http2-by-default',
         're6st-verification-url',
@@ -81,9 +79,6 @@
       'request-timeout',
       'server-alias',
       'ssl-proxy-verify',
-      'ssl_ca_crt',
-      'ssl_crt',
-      'ssl_key',
       'ssl_proxy_ca_crt',
       'strict-transport-security',
       'strict-transport-security-preload',
@@ -316,25 +311,11 @@ context =
 {%       endif %}
 {%     endif %}
 {%   endfor %}
-{# BBB: SlapOS Master non-zero knowledge BEGIN #}
 {%   for key in ['ssl_key', 'ssl_crt', 'ssl_ca_crt'] %}
 {%     if key in slave %}
-{%       do slave_warning_list.append('%s is obsolete, please use key-upload-url' % (key,)) %}
+{%       do slave_warning_list.append('%s is discontinued, key-upload-url must be used instead' % (key,)) %}
 {%     endif %}
 {%   endfor %}
-{%   if slave.get('ssl_ca_crt') and not (slave.get('ssl_crt') and slave.get('ssl_key')) %}
-{%     do slave_error_list.append('ssl_ca_crt is present, so ssl_crt and ssl_key are required')  %}
-{%   endif %}
-{%   if slave.get('ssl_key') and slave.get('ssl_crt') %}
-{%     set key_popen = popen([software_parameter_dict['openssl'], 'rsa', '-noout', '-modulus']) %}
-{%     set crt_popen = popen([software_parameter_dict['openssl'], 'x509', '-noout', '-modulus']) %}
-{%     set key_modulus = key_popen.communicate(slave['ssl_key'].encode())[0] | trim %}
-{%     set crt_modulus = crt_popen.communicate(slave['ssl_crt'].encode())[0] | trim %}
-{%     if not key_modulus or key_modulus != crt_modulus  %}
-{%       do slave_error_list.append('slave ssl_key and ssl_crt does not match')  %}
-{%     endif %}
-{%   endif %}
-{# BBB: SlapOS Master non-zero knowledge END #}
 {%   if slave.get('custom_domain') %}
 {%     set slave_custom_domain = '' ~ slave['custom_domain'] %}
 {%     if slave_custom_domain.startswith('*.') %}
@@ -429,7 +410,7 @@ return =
 {%  set warning_list = [] %}
 {%  for key in ['apache-certificate', 'apache-key'] %}
 {%    if key in slapparameter_dict %}
-{%      do warning_list.append('%s is obsolete, please use master-key-upload-url' % (key, )) %}
+{%      do warning_list.append('%s is discontinued, master-key-upload-url must be used instead' % (key, )) %}
 {%    endif %}
 {%  endfor %}
 

software/rapid-cdn/instance-slave-input-schema.json

@@ -154,27 +154,6 @@
       "title": "Verify Backend Certificates",
       "type": "string"
     },
-    "ssl_crt": {
-      "default": "",
-      "description": "Content of the SSL Certificate file. Deprecated, please use key-upload-url.",
-      "textarea": true,
-      "title": "[DEPRECATED] SSL Certificate",
-      "type": "string"
-    },
-    "ssl_key": {
-      "default": "",
-      "description": "Content of the SSL Key file. Deprecated, please use key-upload-url.",
-      "textarea": true,
-      "title": "[DEPRECATED] SSL Key",
-      "type": "string"
-    },
-    "ssl_ca_crt": {
-      "default": "",
-      "description": "Content of the CA certificate file. Deprecated, please use key-upload-url.",
-      "textarea": true,
-      "title": "[DEPRECATED] SSL Certificate Authority's Certificate",
-      "type": "string"
-    },
     "ssl_proxy_ca_crt": {
       "default": "",
       "description": "Content of the SSL Certificate Authority file of the backend (to be used with ssl-proxy-verify)",

software/rapid-cdn/instance-slave-list.cfg.in

@@ -23,9 +23,9 @@
 {%-   do slave_instance_list.extend(json_module.loads(configuration['extra_slave_instance_list'])) %}
 {%- endif %}
 {%- if master_key_download_url %}
-{%-   do kedifa_updater_mapping.append((master_key_download_url, frontend_haproxy_configuration['master-certificate'], apache_certificate)) %}
+{%-   do kedifa_updater_mapping.append((master_key_download_url, frontend_haproxy_configuration['master-certificate'], frontend_haproxy_configuration['self-signed-fallback-certificate'])) %}
 {%- else %}
-{%-   do kedifa_updater_mapping.append(('notreadyyet', frontend_haproxy_configuration['master-certificate'], apache_certificate)) %}
+{%-   do kedifa_updater_mapping.append(('notreadyyet', frontend_haproxy_configuration['master-certificate'], frontend_haproxy_configuration['self-signed-fallback-certificate'])) %}
 {%- endif %}
 {%- if kedifa_configuration['slave_kedifa_information'] %}
 {%-   set slave_kedifa_information = json_module.loads(kedifa_configuration['slave_kedifa_information']) %}
@@ -329,7 +329,6 @@ url = {{ empty_template }}
 output = {{ cert_file }}
 extra-context =
     key content {{ cert_title + '-config:value' }}
-{#-         BBB: SlapOS Master non-zero knowledge BEGIN #}
 {#-         Store certificate in config #}
 [{{ cert_title + '-config' }}]
 value = {{ dumps(slave_instance.get(cert_name)) }}
@@ -338,24 +337,7 @@ value = {{ dumps(slave_instance.get(cert_name)) }}
 {%-       endif %} {#- if cert_name in slave_instance #}
 {%-     endfor %}
 {#-   Set Up Certs #}
-{%-   if 'ssl_key' in slave_instance and 'ssl_crt' in slave_instance %}
-{%-     set cert_title = '%s-crt' % (slave_reference) %}
-{%-     set cert_file = '/'.join([directory['bbb-ssl-dir'], cert_title.replace('-','.')]) %}
-{%-     do kedifa_updater_mapping.append((key_download_url, certificate, cert_file)) %}
-{%-     do part_list.append(cert_title) %}
-{%-     do slave_parameter_dict.__setitem__("ssl_crt", cert_file) %}
-
-[{{cert_title}}]
-< = jinja2-template-base
-url = {{ empty_template }}
-output = {{ cert_file }}
-cert-content = {{ dumps(slave_instance.get('ssl_crt') + '\n' + slave_instance.get('ssl_ca_crt', '') + '\n' + slave_instance.get('ssl_key')) }}
-extra-context =
-    key content :cert-content
-{%-   else %}
-{%-     do kedifa_updater_mapping.append((key_download_url, certificate, frontend_haproxy_configuration['master-certificate'])) %}
-{%-   endif %}
-{#-   BBB: SlapOS Master non-zero knowledge END #}
+{%-   do kedifa_updater_mapping.append((key_download_url, certificate, caddy_configuration['master-certificate'])) %}
 
 {#-   ########################################## #}
 {#-   Set Slave Configuration                    #}

software/rapid-cdn/instance.cfg.in

@@ -89,8 +89,6 @@ configuration.kedifa_port = 7879
 # Warning: Caucase takes also cacuase_port+1
 configuration.caucase_port = 8890
 configuration.caucase_backend_client_port = 8990
-configuration.apache-key =
-configuration.apache-certificate =
 configuration.disk-cache-size = 8G
 configuration.ram-cache-size = 1G
 configuration.re6st-verification-url = http://[2001:67c:1254:4::1]/index.html

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test00file_list_log.txt

-T-0/var/log/monitor-httpd-access.log
-T-0/var/log/monitor-httpd-error.log
-T-0/var/log/slapgrid-T-0-error.log
-T-1/var/log/expose-csr.log
-T-1/var/log/kedifa.log
-T-1/var/log/monitor-httpd-access.log
-T-1/var/log/monitor-httpd-error.log
-T-2/var/log/backend-haproxy.log
-T-2/var/log/expose-csr.log
-T-2/var/log/frontend-haproxy.log
-T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_access_log
-T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_backend_log
-T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_access_log
-T-2/var/log/httpd/_custom_domain_ssl_crt_ssl_key_ssl_ca_crt_backend_log
-T-2/var/log/httpd/_ssl_ca_crt_does_not_match_access_log
-T-2/var/log/httpd/_ssl_ca_crt_does_not_match_backend_log
-T-2/var/log/httpd/_ssl_ca_crt_garbage_access_log
-T-2/var/log/httpd/_ssl_ca_crt_garbage_backend_log
-T-2/var/log/httpd/_ssl_from_master_access_log
-T-2/var/log/httpd/_ssl_from_master_backend_log
-T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_access_log
-T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_backend_log
-T-2/var/log/httpd/_ssl_from_slave_access_log
-T-2/var/log/httpd/_ssl_from_slave_backend_log
-T-2/var/log/httpd/_ssl_from_slave_kedifa_overrides_access_log
-T-2/var/log/httpd/_ssl_from_slave_kedifa_overrides_backend_log
-T-2/var/log/httpd/_type-notebook-ssl_from_master_access_log
-T-2/var/log/httpd/_type-notebook-ssl_from_master_backend_log
-T-2/var/log/httpd/_type-notebook-ssl_from_master_kedifa_overrides_access_log
-T-2/var/log/httpd/_type-notebook-ssl_from_master_kedifa_overrides_backend_log
-T-2/var/log/httpd/_type-notebook-ssl_from_slave_access_log
-T-2/var/log/httpd/_type-notebook-ssl_from_slave_backend_log
-T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_access_log
-T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_backend_log
-T-2/var/log/monitor-httpd-access.log
-T-2/var/log/monitor-httpd-error.log
-T-2/var/log/slave-introspection-access.log
-T-2/var/log/slave-introspection-error.log
-T-2/var/log/trafficserver/manager.log

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test00file_list_run.txt

-T-0/var/run/monitor-httpd.pid
-T-1/var/run/kedifa.pid
-T-1/var/run/logrotate-setup.state
-T-1/var/run/monitor-httpd.pid
-T-2/var/run/backend-haproxy-rsyslogd.pid
-T-2/var/run/backend-haproxy.pid
-T-2/var/run/backend_haproxy_configuration_last_state
-T-2/var/run/backend_haproxy_graceful_configuration_state_signature
-T-2/var/run/bhlog.sck
-T-2/var/run/fhlog.sck
-T-2/var/run/frontend-haproxy-rsyslogd.pid
-T-2/var/run/graceful_configuration_state_signature
-T-2/var/run/httpd.pid
-T-2/var/run/logrotate-setup.state
-T-2/var/run/monitor-httpd.pid
-T-2/var/run/slave-introspection.pid
-T-2/var/run/slave_introspection_configuration_last_state
-T-2/var/run/slave_introspection_graceful_configuration_state_signature

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test00supervisor_state.txt

-T-0:aibcc-user-caucase-updater-on-watch RUNNING
-T-0:aikc-user-caucase-updater-on-watch RUNNING
-T-0:bootstrap-monitor EXITED
-T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
-T-0:certificate_authority-{hash-generic}-on-watch RUNNING
-T-0:crond-{hash-generic}-on-watch RUNNING
-T-0:master-introspection-server-{hash-master-introspection}-on-watch RUNNING
-T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-0:monitor-httpd-graceful EXITED
-T-1:bootstrap-monitor EXITED
-T-1:caucase-updater-on-watch RUNNING
-T-1:caucased-{hash-generic}-on-watch RUNNING
-T-1:certificate_authority-{hash-generic}-on-watch RUNNING
-T-1:crond-{hash-generic}-on-watch RUNNING
-T-1:expose-csr-{hash-generic}-on-watch RUNNING
-T-1:kedifa-{hash-generic}-on-watch RUNNING
-T-1:kedifa-reloader EXITED
-T-1:logrotate-setup-validate EXITED
-T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-1:monitor-httpd-graceful EXITED
-T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
-T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-safe-graceful EXITED
-T-2:bootstrap-monitor EXITED
-T-2:certificate_authority-{hash-generic}-on-watch RUNNING
-T-2:crond-{hash-generic}-on-watch RUNNING
-T-2:expose-csr-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-safe-graceful EXITED
-T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
-T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
-T-2:logrotate-setup-validate EXITED
-T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-2:monitor-httpd-graceful EXITED
-T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
-T-2:slave-introspection-safe-graceful EXITED
-T-2:trafficserver-{hash-generic}-on-watch RUNNING
-T-2:trafficserver-reload EXITED

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_etc_cron_d.txt

-T-0/etc/cron.d/logrotate
-T-0/etc/cron.d/monitor-configurator
-T-0/etc/cron.d/monitor-globalstate
-T-0/etc/cron.d/monitor_collect
-T-1/etc/cron.d/logrotate
-T-1/etc/cron.d/monitor-configurator
-T-1/etc/cron.d/monitor-globalstate
-T-1/etc/cron.d/monitor_collect
-T-2/etc/cron.d/logrotate
-T-2/etc/cron.d/monitor-configurator
-T-2/etc/cron.d/monitor-globalstate
-T-2/etc/cron.d/monitor_collect
-T-2/etc/cron.d/trafficserver-logrotate

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_plugin.txt

-T-0/etc/plugin/__init__.py
-T-0/etc/plugin/aibcc-sign-promise.py
-T-0/etc/plugin/aibcc-user-caucase-updater.py
-T-0/etc/plugin/aikc-sign-promise.py
-T-0/etc/plugin/aikc-user-caucase-updater.py
-T-0/etc/plugin/buildout-T-0-status.py
-T-0/etc/plugin/caucased-backend-client.py
-T-0/etc/plugin/check-backend-haproxy-statistic-url-frontend-node-1.py
-T-0/etc/plugin/check-free-disk-space.py
-T-0/etc/plugin/master-introspection-server-ip-port-listening.py
-T-0/etc/plugin/master-key-download-url-ready-promise.py
-T-0/etc/plugin/master-key-generate-auth-url-ready-promise.py
-T-0/etc/plugin/master-key-upload-url-ready-promise.py
-T-0/etc/plugin/monitor-bootstrap-status.py
-T-0/etc/plugin/monitor-http-frontend.py
-T-0/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-0/etc/plugin/publish-failsafe-error.py
-T-0/etc/plugin/rejected-slave.py
-T-1/etc/plugin/__init__.py
-T-1/etc/plugin/buildout-T-1-status.py
-T-1/etc/plugin/caucased.py
-T-1/etc/plugin/check-free-disk-space.py
-T-1/etc/plugin/expose-csr-ip-port-listening.py
-T-1/etc/plugin/kedifa-http-reply.py
-T-1/etc/plugin/monitor-bootstrap-status.py
-T-1/etc/plugin/monitor-http-frontend.py
-T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-1/etc/plugin/promise-kedifa-auth-ready.py
-T-1/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/__init__.py
-T-2/etc/plugin/backend-client-caucase-updater.py
-T-2/etc/plugin/backend-haproxy-configuration.py
-T-2/etc/plugin/backend-haproxy-statistic-frontend.py
-T-2/etc/plugin/backend_haproxy_http.py
-T-2/etc/plugin/backend_haproxy_https.py
-T-2/etc/plugin/buildout-T-2-status.py
-T-2/etc/plugin/caucase-updater.py
-T-2/etc/plugin/check-free-disk-space.py
-T-2/etc/plugin/expose-csr-ip-port-listening.py
-T-2/etc/plugin/frontend-frontend-haproxy-configuration-promise.py
-T-2/etc/plugin/frontend_haproxy_ipv4_http.py
-T-2/etc/plugin/frontend_haproxy_ipv4_https.py
-T-2/etc/plugin/frontend_haproxy_ipv6_http.py
-T-2/etc/plugin/frontend_haproxy_ipv6_https.py
-T-2/etc/plugin/monitor-bootstrap-status.py
-T-2/etc/plugin/monitor-http-frontend.py
-T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-2/etc/plugin/promise-key-download-url-ready.py
-T-2/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/re6st-connectivity.py
-T-2/etc/plugin/slave-introspection-configuration.py
-T-2/etc/plugin/slave_introspection_https.py
-T-2/etc/plugin/trafficserver-cache-availability.py
-T-2/etc/plugin/trafficserver-port-listening.py

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test00cluster_request_instance_parameter_dict.txt

-[
-  {
-    "apache-certificate": "@@certificate_pem@@",
-    "apache-key": "@@key_pem@@",
-    "caucase_port": "15090",
-    "domain": "example.com",
-    "full_address_list": [],
-    "instance_title": "testing partition 0",
-    "ip_list": [
-      [
-        "T-0",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-0",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "kedifa_port": "15080",
-    "plain_http_port": "11080",
-    "port": "11443",
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-0",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "RootSoftwareInstance",
-    "slave_instance_list": [
-      {
-        "enable_cache": true,
-        "slap_software_type": "RootSoftwareInstance",
-        "slave_reference": "_ssl_from_master_kedifa_overrides_master_certificate",
-        "slave_title": "_ssl_from_master_kedifa_overrides_master_certificate",
-        "url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
-      }
-    ],
-    "timestamp": "@@TIMESTAMP@@"
-  },
-  {
-    "_": {
-      "caucase_port": "15090",
-      "cluster-identification": "testing partition 0",
-      "kedifa_port": "15080",
-      "monitor-cors-domains": "monitor.app.officejs.com",
-      "monitor-httpd-port": "8402",
-      "monitor-password": "@@monitor-password@@",
-      "monitor-username": "admin",
-      "slave-list": [
-        {
-          "enable_cache": true,
-          "slave_reference": "_ssl_from_master_kedifa_overrides_master_certificate",
-          "url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
-        }
-      ]
-    },
-    "full_address_list": [],
-    "instance_title": "kedifa",
-    "ip_list": [
-      [
-        "T-1",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-1",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-1",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "kedifa",
-    "slave_instance_list": [],
-    "timestamp": "@@TIMESTAMP@@"
-  },
-  {
-    "_": {
-      "apache-certificate": "@@certificate_pem@@",
-      "apache-key": "@@key_pem@@",
-      "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
-      "cluster-identification": "testing partition 0",
-      "domain": "example.com",
-      "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master_kedifa_overrides_master_certificate\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
-      "frontend-haproxy-flavour": "basic",
-      "frontend-haproxy-quic": "False",
-      "frontend-name": "caddy-frontend-1",
-      "frontend-quic-port": "443",
-      "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
-      "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
-      "monitor-cors-domains": "monitor.app.officejs.com",
-      "monitor-httpd-port": 8411,
-      "monitor-password": "@@monitor-password@@",
-      "monitor-username": "admin",
-      "plain_http_port": "11080",
-      "port": "11443",
-      "slave-kedifa-information": "{\"_ssl_from_master_kedifa_overrides_master_certificate\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_kedifa_overrides_master_certificate_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_kedifa_overrides_master_certificate_key-generate-auth-url@@/@@ssl_from_master_kedifa_overrides_master_certificate_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_kedifa_overrides_master_certificate_key-generate-auth-url@@?auth=\"}}"
-    },
-    "full_address_list": [],
-    "instance_title": "caddy-frontend-1",
-    "ip_list": [
-      [
-        "T-2",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-2",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-2",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "single-custom-personal",
-    "slave_instance_list": [],
-    "timestamp": "@@TIMESTAMP@@"
-  }
-]

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test00file_list_log.txt

-T-0/var/log/monitor-httpd-access.log
-T-0/var/log/monitor-httpd-error.log
-T-0/var/log/slapgrid-T-0-error.log
-T-1/var/log/expose-csr.log
-T-1/var/log/kedifa.log
-T-1/var/log/monitor-httpd-access.log
-T-1/var/log/monitor-httpd-error.log
-T-2/var/log/backend-haproxy.log
-T-2/var/log/expose-csr.log
-T-2/var/log/frontend-haproxy.log
-T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_access_log
-T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_backend_log
-T-2/var/log/monitor-httpd-access.log
-T-2/var/log/monitor-httpd-error.log
-T-2/var/log/slave-introspection-access.log
-T-2/var/log/slave-introspection-error.log
-T-2/var/log/trafficserver/manager.log

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test00file_list_run.txt

-T-0/var/run/monitor-httpd.pid
-T-1/var/run/kedifa.pid
-T-1/var/run/logrotate-setup.state
-T-1/var/run/monitor-httpd.pid
-T-2/var/run/backend-haproxy-rsyslogd.pid
-T-2/var/run/backend-haproxy.pid
-T-2/var/run/backend_haproxy_configuration_last_state
-T-2/var/run/backend_haproxy_graceful_configuration_state_signature
-T-2/var/run/bhlog.sck
-T-2/var/run/fhlog.sck
-T-2/var/run/frontend-haproxy-rsyslogd.pid
-T-2/var/run/graceful_configuration_state_signature
-T-2/var/run/httpd.pid
-T-2/var/run/logrotate-setup.state
-T-2/var/run/monitor-httpd.pid
-T-2/var/run/slave-introspection.pid
-T-2/var/run/slave_introspection_configuration_last_state
-T-2/var/run/slave_introspection_graceful_configuration_state_signature

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test00supervisor_state.txt

-T-0:aibcc-user-caucase-updater-on-watch RUNNING
-T-0:aikc-user-caucase-updater-on-watch RUNNING
-T-0:bootstrap-monitor EXITED
-T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
-T-0:certificate_authority-{hash-generic}-on-watch RUNNING
-T-0:crond-{hash-generic}-on-watch RUNNING
-T-0:master-introspection-server-{hash-master-introspection}-on-watch RUNNING
-T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-0:monitor-httpd-graceful EXITED
-T-1:bootstrap-monitor EXITED
-T-1:caucase-updater-on-watch RUNNING
-T-1:caucased-{hash-generic}-on-watch RUNNING
-T-1:certificate_authority-{hash-generic}-on-watch RUNNING
-T-1:crond-{hash-generic}-on-watch RUNNING
-T-1:expose-csr-{hash-generic}-on-watch RUNNING
-T-1:kedifa-{hash-generic}-on-watch RUNNING
-T-1:kedifa-reloader EXITED
-T-1:logrotate-setup-validate EXITED
-T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-1:monitor-httpd-graceful EXITED
-T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
-T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-safe-graceful EXITED
-T-2:bootstrap-monitor EXITED
-T-2:certificate_authority-{hash-generic}-on-watch RUNNING
-T-2:crond-{hash-generic}-on-watch RUNNING
-T-2:expose-csr-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-safe-graceful EXITED
-T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
-T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
-T-2:logrotate-setup-validate EXITED
-T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-2:monitor-httpd-graceful EXITED
-T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
-T-2:slave-introspection-safe-graceful EXITED
-T-2:trafficserver-{hash-generic}-on-watch RUNNING
-T-2:trafficserver-reload EXITED

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_etc_cron_d.txt

-T-0/etc/cron.d/logrotate
-T-0/etc/cron.d/monitor-configurator
-T-0/etc/cron.d/monitor-globalstate
-T-0/etc/cron.d/monitor_collect
-T-1/etc/cron.d/logrotate
-T-1/etc/cron.d/monitor-configurator
-T-1/etc/cron.d/monitor-globalstate
-T-1/etc/cron.d/monitor_collect
-T-2/etc/cron.d/logrotate
-T-2/etc/cron.d/monitor-configurator
-T-2/etc/cron.d/monitor-globalstate
-T-2/etc/cron.d/monitor_collect
-T-2/etc/cron.d/trafficserver-logrotate

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_plugin.txt

-T-0/etc/plugin/__init__.py
-T-0/etc/plugin/aibcc-sign-promise.py
-T-0/etc/plugin/aibcc-user-caucase-updater.py
-T-0/etc/plugin/aikc-sign-promise.py
-T-0/etc/plugin/aikc-user-caucase-updater.py
-T-0/etc/plugin/buildout-T-0-status.py
-T-0/etc/plugin/caucased-backend-client.py
-T-0/etc/plugin/check-backend-haproxy-statistic-url-frontend-node-1.py
-T-0/etc/plugin/check-free-disk-space.py
-T-0/etc/plugin/master-introspection-server-ip-port-listening.py
-T-0/etc/plugin/master-key-download-url-ready-promise.py
-T-0/etc/plugin/master-key-generate-auth-url-ready-promise.py
-T-0/etc/plugin/master-key-upload-url-ready-promise.py
-T-0/etc/plugin/monitor-bootstrap-status.py
-T-0/etc/plugin/monitor-http-frontend.py
-T-0/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-0/etc/plugin/publish-failsafe-error.py
-T-0/etc/plugin/rejected-slave.py
-T-1/etc/plugin/__init__.py
-T-1/etc/plugin/buildout-T-1-status.py
-T-1/etc/plugin/caucased.py
-T-1/etc/plugin/check-free-disk-space.py
-T-1/etc/plugin/expose-csr-ip-port-listening.py
-T-1/etc/plugin/kedifa-http-reply.py
-T-1/etc/plugin/monitor-bootstrap-status.py
-T-1/etc/plugin/monitor-http-frontend.py
-T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-1/etc/plugin/promise-kedifa-auth-ready.py
-T-1/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/__init__.py
-T-2/etc/plugin/backend-client-caucase-updater.py
-T-2/etc/plugin/backend-haproxy-configuration.py
-T-2/etc/plugin/backend-haproxy-statistic-frontend.py
-T-2/etc/plugin/backend_haproxy_http.py
-T-2/etc/plugin/backend_haproxy_https.py
-T-2/etc/plugin/buildout-T-2-status.py
-T-2/etc/plugin/caucase-updater.py
-T-2/etc/plugin/check-free-disk-space.py
-T-2/etc/plugin/expose-csr-ip-port-listening.py
-T-2/etc/plugin/frontend-frontend-haproxy-configuration-promise.py
-T-2/etc/plugin/frontend_haproxy_ipv4_http.py
-T-2/etc/plugin/frontend_haproxy_ipv4_https.py
-T-2/etc/plugin/frontend_haproxy_ipv6_http.py
-T-2/etc/plugin/frontend_haproxy_ipv6_https.py
-T-2/etc/plugin/monitor-bootstrap-status.py
-T-2/etc/plugin/monitor-http-frontend.py
-T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-2/etc/plugin/promise-key-download-url-ready.py
-T-2/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/re6st-connectivity.py
-T-2/etc/plugin/slave-introspection-configuration.py
-T-2/etc/plugin/slave_introspection_https.py
-T-2/etc/plugin/trafficserver-cache-availability.py
-T-2/etc/plugin/trafficserver-port-listening.py

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test00cluster_request_instance_parameter_dict.txt

-[
-  {
-    "apache-certificate": "@@certificate_pem@@",
-    "apache-key": "@@key_pem@@",
-    "caucase_port": "15090",
-    "domain": "example.com",
-    "full_address_list": [],
-    "instance_title": "testing partition 0",
-    "ip_list": [
-      [
-        "T-0",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-0",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "kedifa_port": "15080",
-    "plain_http_port": "11080",
-    "port": "11443",
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-0",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "RootSoftwareInstance",
-    "slave_instance_list": [
-      {
-        "enable_cache": true,
-        "slap_software_type": "RootSoftwareInstance",
-        "slave_reference": "_ssl_from_master",
-        "slave_title": "_ssl_from_master",
-        "url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
-      }
-    ],
-    "timestamp": "@@TIMESTAMP@@"
-  },
-  {
-    "_": {
-      "caucase_port": "15090",
-      "cluster-identification": "testing partition 0",
-      "kedifa_port": "15080",
-      "monitor-cors-domains": "monitor.app.officejs.com",
-      "monitor-httpd-port": "8402",
-      "monitor-password": "@@monitor-password@@",
-      "monitor-username": "admin",
-      "slave-list": [
-        {
-          "enable_cache": true,
-          "slave_reference": "_ssl_from_master",
-          "url": "http://@@_ipv4_address@@:@@_server_http_port@@/"
-        }
-      ]
-    },
-    "full_address_list": [],
-    "instance_title": "kedifa",
-    "ip_list": [
-      [
-        "T-1",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-1",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-1",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "kedifa",
-    "slave_instance_list": [],
-    "timestamp": "@@TIMESTAMP@@"
-  },
-  {
-    "_": {
-      "apache-certificate": "@@certificate_pem@@",
-      "apache-key": "@@key_pem@@",
-      "backend-client-caucase-url": "http://[@@_ipv6_address@@]:8990",
-      "cluster-identification": "testing partition 0",
-      "domain": "example.com",
-      "extra_slave_instance_list": "[{\"enable_cache\": true, \"slave_reference\": \"_ssl_from_master\", \"url\": \"http://@@_ipv4_address@@:@@_server_http_port@@/\"}]",
-      "frontend-haproxy-flavour": "basic",
-      "frontend-haproxy-quic": "False",
-      "frontend-name": "caddy-frontend-1",
-      "frontend-quic-port": "443",
-      "kedifa-caucase-url": "http://[@@_ipv6_address@@]:15090",
-      "master-key-download-url": "https://[@@_ipv6_address@@]:15080/@@master-key-download-url_endpoint@@",
-      "monitor-cors-domains": "monitor.app.officejs.com",
-      "monitor-httpd-port": 8411,
-      "monitor-password": "@@monitor-password@@",
-      "monitor-username": "admin",
-      "plain_http_port": "11080",
-      "port": "11443",
-      "slave-kedifa-information": "{\"_ssl_from_master\": {\"kedifa-caucase-url\": \"http://[@@_ipv6_address@@]:15090\", \"key-download-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_key-generate-auth-url@@\", \"key-generate-auth-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_key-generate-auth-url@@/@@ssl_from_master_key-upload-url@@\", \"key-upload-url\": \"https://[@@_ipv6_address@@]:15080/@@ssl_from_master_key-generate-auth-url@@?auth=\"}}"
-    },
-    "full_address_list": [],
-    "instance_title": "caddy-frontend-1",
-    "ip_list": [
-      [
-        "T-2",
-        "@@_ipv4_address@@"
-      ],
-      [
-        "T-2",
-        "@@_ipv6_address@@"
-      ]
-    ],
-    "root_instance_title": "testing partition 0",
-    "slap_computer_id": "local",
-    "slap_computer_partition_id": "T-2",
-    "slap_software_release_url": "@@00getSoftwareURL@@",
-    "slap_software_type": "single-custom-personal",
-    "slave_instance_list": [],
-    "timestamp": "@@TIMESTAMP@@"
-  }
-]

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test00file_list_log.txt

-T-0/var/log/monitor-httpd-access.log
-T-0/var/log/monitor-httpd-error.log
-T-0/var/log/slapgrid-T-0-error.log
-T-1/var/log/expose-csr.log
-T-1/var/log/kedifa.log
-T-1/var/log/monitor-httpd-access.log
-T-1/var/log/monitor-httpd-error.log
-T-2/var/log/backend-haproxy.log
-T-2/var/log/expose-csr.log
-T-2/var/log/frontend-haproxy.log
-T-2/var/log/httpd/_ssl_from_master_access_log
-T-2/var/log/httpd/_ssl_from_master_backend_log
-T-2/var/log/monitor-httpd-access.log
-T-2/var/log/monitor-httpd-error.log
-T-2/var/log/slave-introspection-access.log
-T-2/var/log/slave-introspection-error.log
-T-2/var/log/trafficserver/manager.log

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test00file_list_run.txt

-T-0/var/run/monitor-httpd.pid
-T-1/var/run/kedifa.pid
-T-1/var/run/logrotate-setup.state
-T-1/var/run/monitor-httpd.pid
-T-2/var/run/backend-haproxy-rsyslogd.pid
-T-2/var/run/backend-haproxy.pid
-T-2/var/run/backend_haproxy_configuration_last_state
-T-2/var/run/backend_haproxy_graceful_configuration_state_signature
-T-2/var/run/bhlog.sck
-T-2/var/run/fhlog.sck
-T-2/var/run/frontend-haproxy-rsyslogd.pid
-T-2/var/run/graceful_configuration_state_signature
-T-2/var/run/httpd.pid
-T-2/var/run/logrotate-setup.state
-T-2/var/run/monitor-httpd.pid
-T-2/var/run/slave-introspection.pid
-T-2/var/run/slave_introspection_configuration_last_state
-T-2/var/run/slave_introspection_graceful_configuration_state_signature

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test00supervisor_state.txt

-T-0:aibcc-user-caucase-updater-on-watch RUNNING
-T-0:aikc-user-caucase-updater-on-watch RUNNING
-T-0:bootstrap-monitor EXITED
-T-0:caucased-backend-client-{hash-generic}-on-watch RUNNING
-T-0:certificate_authority-{hash-generic}-on-watch RUNNING
-T-0:crond-{hash-generic}-on-watch RUNNING
-T-0:master-introspection-server-{hash-master-introspection}-on-watch RUNNING
-T-0:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-0:monitor-httpd-graceful EXITED
-T-1:bootstrap-monitor EXITED
-T-1:caucase-updater-on-watch RUNNING
-T-1:caucased-{hash-generic}-on-watch RUNNING
-T-1:certificate_authority-{hash-generic}-on-watch RUNNING
-T-1:crond-{hash-generic}-on-watch RUNNING
-T-1:expose-csr-{hash-generic}-on-watch RUNNING
-T-1:kedifa-{hash-generic}-on-watch RUNNING
-T-1:kedifa-reloader EXITED
-T-1:logrotate-setup-validate EXITED
-T-1:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-1:monitor-httpd-graceful EXITED
-T-2:backend-client-login-certificate-caucase-updater-on-watch RUNNING
-T-2:backend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:backend-haproxy-safe-graceful EXITED
-T-2:bootstrap-monitor EXITED
-T-2:certificate_authority-{hash-generic}-on-watch RUNNING
-T-2:crond-{hash-generic}-on-watch RUNNING
-T-2:expose-csr-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-rsyslogd-{hash-generic}-on-watch RUNNING
-T-2:frontend-haproxy-safe-graceful EXITED
-T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
-T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
-T-2:logrotate-setup-validate EXITED
-T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
-T-2:monitor-httpd-graceful EXITED
-T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
-T-2:slave-introspection-safe-graceful EXITED
-T-2:trafficserver-{hash-generic}-on-watch RUNNING
-T-2:trafficserver-reload EXITED

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_etc_cron_d.txt

-T-0/etc/cron.d/logrotate
-T-0/etc/cron.d/monitor-configurator
-T-0/etc/cron.d/monitor-globalstate
-T-0/etc/cron.d/monitor_collect
-T-1/etc/cron.d/logrotate
-T-1/etc/cron.d/monitor-configurator
-T-1/etc/cron.d/monitor-globalstate
-T-1/etc/cron.d/monitor_collect
-T-2/etc/cron.d/logrotate
-T-2/etc/cron.d/monitor-configurator
-T-2/etc/cron.d/monitor-globalstate
-T-2/etc/cron.d/monitor_collect
-T-2/etc/cron.d/trafficserver-logrotate

software/rapid-cdn/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_plugin.txt

-T-0/etc/plugin/__init__.py
-T-0/etc/plugin/aibcc-sign-promise.py
-T-0/etc/plugin/aibcc-user-caucase-updater.py
-T-0/etc/plugin/aikc-sign-promise.py
-T-0/etc/plugin/aikc-user-caucase-updater.py
-T-0/etc/plugin/buildout-T-0-status.py
-T-0/etc/plugin/caucased-backend-client.py
-T-0/etc/plugin/check-backend-haproxy-statistic-url-frontend-node-1.py
-T-0/etc/plugin/check-free-disk-space.py
-T-0/etc/plugin/master-introspection-server-ip-port-listening.py
-T-0/etc/plugin/master-key-download-url-ready-promise.py
-T-0/etc/plugin/master-key-generate-auth-url-ready-promise.py
-T-0/etc/plugin/master-key-upload-url-ready-promise.py
-T-0/etc/plugin/monitor-bootstrap-status.py
-T-0/etc/plugin/monitor-http-frontend.py
-T-0/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-0/etc/plugin/publish-failsafe-error.py
-T-0/etc/plugin/rejected-slave.py
-T-1/etc/plugin/__init__.py
-T-1/etc/plugin/buildout-T-1-status.py
-T-1/etc/plugin/caucased.py
-T-1/etc/plugin/check-free-disk-space.py
-T-1/etc/plugin/expose-csr-ip-port-listening.py
-T-1/etc/plugin/kedifa-http-reply.py
-T-1/etc/plugin/monitor-bootstrap-status.py
-T-1/etc/plugin/monitor-http-frontend.py
-T-1/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-1/etc/plugin/promise-kedifa-auth-ready.py
-T-1/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/__init__.py
-T-2/etc/plugin/backend-client-caucase-updater.py
-T-2/etc/plugin/backend-haproxy-configuration.py
-T-2/etc/plugin/backend-haproxy-statistic-frontend.py
-T-2/etc/plugin/backend_haproxy_http.py
-T-2/etc/plugin/backend_haproxy_https.py
-T-2/etc/plugin/buildout-T-2-status.py
-T-2/etc/plugin/caucase-updater.py
-T-2/etc/plugin/check-free-disk-space.py
-T-2/etc/plugin/expose-csr-ip-port-listening.py
-T-2/etc/plugin/frontend-frontend-haproxy-configuration-promise.py
-T-2/etc/plugin/frontend_haproxy_ipv4_http.py
-T-2/etc/plugin/frontend_haproxy_ipv4_https.py
-T-2/etc/plugin/frontend_haproxy_ipv6_http.py
-T-2/etc/plugin/frontend_haproxy_ipv6_https.py
-T-2/etc/plugin/monitor-bootstrap-status.py
-T-2/etc/plugin/monitor-http-frontend.py
-T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
-T-2/etc/plugin/promise-key-download-url-ready.py
-T-2/etc/plugin/promise-logrotate-setup.py
-T-2/etc/plugin/re6st-connectivity.py
-T-2/etc/plugin/slave-introspection-configuration.py
-T-2/etc/plugin/slave_introspection_https.py
-T-2/etc/plugin/trafficserver-cache-availability.py
-T-2/etc/plugin/trafficserver-port-listening.py