Mercurial > hg > release > thermostat-0.5
view agent/cli/src/test/java/com/redhat/thermostat/agent/cli/impl/db/MongoProcessRunnerTest.java @ 899:40be72a1345c
Add SSL (option) to storage command.
This is the first step towards adding TLS to mongo<-->agent|client|webservice
communication. It adds appropriate options to the mongod command if thermostat
is so configured. In order to test this better, I've refactored
MongoProcessRunner a bit. Also, DBStartupConfiguration does the parsing of the
db.properties file now. As such it's also easier to test. Tests have been added
for it too. Finally, I've renamed the c.r.t.agent.cli.db package to
c.r.t.agent.cli.impl.db to better reflect in the package name that it is an
internal package.
Note that you'll need to have a mongod available on your system which
understands --ssl* options in order to be able to fire mongod up with SSL
enabled. These options are only added if appropriate config is in place in
db.properties. Since it defaults to false, it should be OK to be pushed now
without breaking existing behaviour.
What comes next is adding support on agent/client/webservice side so that they
can talk SSL over the mongodb channel as well.
Reviewed-by: vanaltj, rkennke
Review-thread: http://icedtea.classpath.org/pipermail/thermostat/2012-December/004940.html
PR1243
| author | Severin Gehwolf <sgehwolf@redhat.com> |
|---|---|
| date | Fri, 21 Dec 2012 14:19:06 +0100 |
| parents | |
| children |
line wrap: on
line source
package com.redhat.thermostat.agent.cli.impl.db; import static org.junit.Assert.assertEquals; import static org.junit.Assert.fail; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import java.io.File; import java.io.IOException; import java.util.List; import org.junit.After; import org.junit.Before; import org.junit.Test; import com.redhat.thermostat.agent.cli.impl.db.MongoProcessRunner; import com.redhat.thermostat.common.config.InvalidConfigurationException; public class MongoProcessRunnerTest { private MongoProcessRunner runner; private DBStartupConfiguration config; private static final String NO_JOURNAL_MONGODB_VERSION = "2.0.0"; private static final String JOURNAL_MONGODB_VERSION = "1.8.0"; private static final String BIND_IP = "127.0.0.1"; private static final long PORT = 12456; @Before public void setUp() { File dbPath = new File("/path/to/db"); File logPath = new File("/path/to/log"); File pidFile = new File("/path/to/pid"); config = mock(DBStartupConfiguration.class); when(config.getBindIP()).thenReturn(BIND_IP); when(config.getPort()).thenReturn(PORT); when(config.getDBPath()).thenReturn(dbPath); when(config.getLogFile()).thenReturn(logPath); when(config.getPidFile()).thenReturn(pidFile); runner = new MongoProcessRunner(config, false); } @After public void tearDown() { runner = null; config = null; } @Test public void testCommandArgumentsWithJournalVersion() throws Exception { String[] expected = { "mongod", "--nojournal", "--quiet", "--fork", "--auth", "--nohttpinterface", "--bind_ip", config.getBindIP(), "--dbpath", config.getDBPath().getCanonicalPath(), "--logpath", config.getLogFile().getCanonicalPath(), "--pidfilepath", config.getPidFile().getCanonicalPath(), "--port", Long.toString(config.getPort()) }; List<String> cmds = runner.getStartupCommand(NO_JOURNAL_MONGODB_VERSION); String[] actual = cmds.toArray(new String[0]); verifyEquals(expected, actual); } @Test public void testCommandArgumentsWithNoJournalVersion() throws Exception { String[] expected = { "mongod", "--quiet", "--fork", "--auth", "--nohttpinterface", "--bind_ip", config.getBindIP(), "--dbpath", config.getDBPath().getCanonicalPath(), "--logpath", config.getLogFile().getCanonicalPath(), "--pidfilepath", config.getPidFile().getCanonicalPath(), "--port", Long.toString(config.getPort()) }; List<String> cmds = runner.getStartupCommand(JOURNAL_MONGODB_VERSION); String[] actual = cmds.toArray(new String[0]); verifyEquals(expected, actual); } @Test public void testCommandArgumentsWithSSLEnabled() throws Exception { when(config.isSslEnabled()).thenReturn(true); File pemFile = new File("/path/to/cert_and_key.pem"); when(config.getSslPemFile()).thenReturn(pemFile); when(config.getSslKeyPassphrase()).thenReturn("non-null"); String[] expected = { "mongod", "--quiet", "--fork", "--auth", "--nohttpinterface", "--bind_ip", config.getBindIP(), "--dbpath", config.getDBPath().getCanonicalPath(), "--logpath", config.getLogFile().getCanonicalPath(), "--pidfilepath", config.getPidFile().getCanonicalPath(), "--port", Long.toString(config.getPort()), "--sslOnNormalPorts", "--sslPEMKeyFile", config.getSslPemFile().getCanonicalPath(), "--sslPEMKeyPassword", config.getSslKeyPassphrase() }; List<String> cmds = runner.getStartupCommand(JOURNAL_MONGODB_VERSION); String[] actual = cmds.toArray(new String[0]); verifyEquals(expected, actual); } @Test public void testCommandArgumentsWithSSLEnabledThrowsInvalidConfigException() throws IOException { when(config.isSslEnabled()).thenReturn(true); // PEM file can't be null when SSL == true when(config.getSslPemFile()).thenReturn(null); try { runner.getStartupCommand(JOURNAL_MONGODB_VERSION); fail("Should have thrown exception!"); } catch (InvalidConfigurationException e) { assertEquals("No SSL PEM file specified!", e.getMessage()); } // Key password can't be null when SSL == true and keyfile present File pemFile = new File("/path/to/ssl.pem"); when(config.getSslPemFile()).thenReturn(pemFile); when(config.getSslKeyPassphrase()).thenReturn(null); try { runner.getStartupCommand(JOURNAL_MONGODB_VERSION); fail("Should have thrown exception!"); } catch (InvalidConfigurationException e) { assertEquals("No SSL key passphrase set!", e.getMessage()); } } private void verifyEquals(String[] expected, String[] actual) { assertEquals(expected.length, actual.length); for (int i=0; i < expected.length; i++) { assertEquals(expected[i], actual[i]); } } }