Re: [PR] Splunk, splunk-hec SSL tests [camel-quarkus]

[via GitHub]

JiriOndrusek commented on code in PR #6314:
URL: https://github.com/apache/camel-quarkus/pull/6314#discussion_r1730939755


##########
integration-tests-support/splunk/src/test/java/org/apache/camel/quarkus/test/support/splunk/SplunkTestResource.java:
##########
@@ -36,59 +56,172 @@ public class SplunkTestResource implements 
QuarkusTestResourceLifecycleManager {
     private static final int REMOTE_PORT = 8089;
     private static final int WEB_PORT = 8000;
     private static final int HEC_PORT = 8088;
-    private static final Logger LOG = 
Logger.getLogger(SplunkTestResource.class);
+    private static final Logger LOG = 
LoggerFactory.getLogger(SplunkTestResource.class);
 
     private GenericContainer<?> container;
 
+    private String localhostCertPath;
+    private String localhostKeystorePath;
+    private String caCertPath;
+    private String keystorePassword;
+
+    @Override
+    public void init(Map<String, String> initArgs) {
+        localhostCertPath = initArgs.get("localhost_cert");
+        caCertPath = initArgs.get("ca_cert");
+        localhostKeystorePath = initArgs.get("localhost_keystore");
+        keystorePassword = initArgs.get("keystore_password");
+    }
+
     @Override
     public Map<String, String> start() {
+
+        String banner = StringUtils.repeat("*", 50);
+
         try {
             container = new GenericContainer<>(SPLUNK_IMAGE_NAME)
                     .withExposedPorts(REMOTE_PORT, SplunkConstants.TCP_PORT, 
WEB_PORT, HEC_PORT)
                     .withEnv("SPLUNK_START_ARGS", "--accept-license")
                     .withEnv("SPLUNK_PASSWORD", "changeit")
                     .withEnv("SPLUNK_HEC_TOKEN", HEC_TOKEN)
                     .withEnv("SPLUNK_LICENSE_URI", "Free")
+                    .withEnv("SPLUNK_USER", "root")//does not work
                     .withEnv("TZ", TimeZone.getDefault().getID())
+                    //                    .withLogConsumer(new 
Slf4jLogConsumer(LOG))
                     .waitingFor(
                             Wait.forLogMessage(".*Ansible playbook 
complete.*\\n", 1)
                                     
.withStartupTimeout(Duration.ofMinutes(5)));
 
+            if (localhostCertPath != null && localhostKeystorePath != null && 
caCertPath != null && keystorePassword != null) {
+                //combine key + certificates into 1 pem - required for splunk
+                //extraction of private key can not be done by keytool (only 
openssl), but it can be done programmatically
+                byte[] concatenate = concatenateKeyAndCertificates(banner);
+
+                container.withCopyToContainer(Transferable.of(concatenate), 
"/opt/splunk/etc/auth/mycerts/myServerCert.pem")
+                        
.withCopyToContainer(Transferable.of(Files.readAllBytes(Paths.get(caCertPath))),
+                                "/opt/splunk/etc/auth/mycerts/cacert.pem");
+            } else {
+                LOG.debug("Internal certificates are used for Splunk server.");
+            }
+
             container.start();
 
-            container.execInContainer("sudo", "sed", "-i", 
"s/allowRemoteLogin=requireSetPassword/allowRemoteLogin=always/",
-                    "/opt/splunk/etc/system/default/server.conf");
-            container.execInContainer("sudo", "sed", "-i", "s/enableSplunkdSSL 
= true/enableSplunkdSSL = false/",
-                    "/opt/splunk/etc/system/default/server.conf");
+            
container.copyFileToContainer(MountableFile.forClasspathResource("local_server.conf"),
+                    "/opt/splunk/etc/system/local/server.conf");
+            
container.copyFileToContainer(MountableFile.forClasspathResource("local_inputs.conf"),
+                    "/opt/splunk/etc/system/local/inputs.conf");
+
+            
container.copyFileToContainer(MountableFile.forClasspathResource("local_server.conf"),
+                    "/opt/splunk/etc/system/local/server.conf");
+            
container.copyFileToContainer(MountableFile.forClasspathResource("local_inputs.conf"),
+                    "/opt/splunk/etc/system/local/inputs.conf");
+
             container.execInContainer("sudo", "sed", "-i", "s/minFreeSpace = 
5000/minFreeSpace = 100/",
-                    "/opt/splunk/etc/system/default/server.conf");
+                    "/opt/splunk/etc/system/local/server.conf");
+
+            //copy configuration for troubleshooting
+            
container.copyFileFromContainer("/opt/splunk/etc/system/local/server.conf",
+                    
Path.of(getClass().getResource("/").getPath()).resolve("local_server_from_container.conf").toFile()
+                            .getAbsolutePath());
 
-            container.execInContainer("sudo", "microdnf", "--nodocs", 
"update", "tzdata");//install tzdata package so we can specify tz other than UTC
+            asserExecResult(container.execInContainer("sudo", "microdnf", 
"--nodocs", "update", "tzdata"), "tzdata install");//install tzdata package so 
we can specify tz other than UTC

Review Comment:
   fixed



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@camel.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org