This is an automated email from the ASF dual-hosted git repository.
nizhikov pushed a commit to branch ignite-ducktape
in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/ignite-ducktape by this push:
new e60dea1 IGNITE-14023 Password based authentication support in
ducktape tests (#8686)
e60dea1 is described below
commit e60dea1b412a2c54f9ac71f0682013274c2ce622
Author: Mikhail Filatov <[email protected]>
AuthorDate: Mon Mar 15 19:15:41 2021 +0300
IGNITE-14023 Password based authentication support in ducktape tests (#8686)
Co-authored-by: Ryzhov Sergei <[email protected]>
---
.../authentication/UserModifyingApplication.java | 74 ++++++++++++
.../utils/check_get_credentials_from_globals.py | 51 ++++++++
.../utils/check_get_ssl_params_from_globals.py | 128 +++++++++++++++++++++
.../ducktests/tests/ignitetest/services/ignite.py | 5 -
.../tests/ignitetest/services/ignite_app.py | 5 -
.../ignitetest/services/utils/auth/__init__.py | 46 ++++++++
.../ignitetest/services/utils/control_utility.py | 51 ++++----
.../ignitetest/services/utils/ignite_aware.py | 35 +++---
.../utils/ignite_configuration/__init__.py | 6 +-
.../tests/ignitetest/services/utils/jmx_utils.py | 2 +-
.../services/utils/ssl/connector_configuration.py | 4 +-
.../ignitetest/services/utils/ssl/ssl_factory.py | 45 --------
.../ignitetest/services/utils/ssl/ssl_params.py | 99 ++++++++++++++++
.../utils/templates/connector_configuration.j2 | 4 +-
.../services/utils/templates/ignite.xml.j2 | 7 +-
.../{ssl_factory_macro.j2 => ssl_params_macro.j2} | 10 +-
.../ducktests/tests/ignitetest/tests/auth_test.py | 121 +++++++++++++++++++
.../tests/ignitetest/tests/pme_free_switch_test.py | 3 +-
.../ducktests/tests/ignitetest/tests/ssl_test.py | 16 ++-
19 files changed, 585 insertions(+), 127 deletions(-)
diff --git
a/modules/ducktests/src/main/java/org/apache/ignite/internal/ducktest/tests/authentication/UserModifyingApplication.java
b/modules/ducktests/src/main/java/org/apache/ignite/internal/ducktest/tests/authentication/UserModifyingApplication.java
new file mode 100644
index 0000000..836d21f
--- /dev/null
+++
b/modules/ducktests/src/main/java/org/apache/ignite/internal/ducktest/tests/authentication/UserModifyingApplication.java
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ignite.internal.ducktest.tests.authentication;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import org.apache.ignite.IgniteCheckedException;
+import org.apache.ignite.internal.IgniteEx;
+import org.apache.ignite.internal.ducktest.utils.IgniteAwareApplication;
+import
org.apache.ignite.internal.processors.authentication.AuthorizationContext;
+import
org.apache.ignite.internal.processors.authentication.IgniteAuthenticationProcessor;
+import org.apache.ignite.internal.processors.rest.GridRestCommand;
+
+/**
+ * Simple application that modify users.
+ */
+public class UserModifyingApplication extends IgniteAwareApplication {
+ /** {@inheritDoc} */
+ @Override public void run(JsonNode jsonNode) throws IgniteCheckedException
{
+ String restKey = jsonNode.get("rest_key").asText();
+
+ String authName = jsonNode.get("auth_username").asText();
+
+ String authPwd = jsonNode.get("auth_password").asText();
+
+ String name = jsonNode.get("username").asText();
+
+ String pwd = jsonNode.get("password").asText();
+
+ markInitialized();
+
+ log.info("Input data: " + jsonNode.toString());
+
+ IgniteAuthenticationProcessor auth =
((IgniteEx)ignite).context().authentication();
+
+ AuthorizationContext actx = auth.authenticate(authName, authPwd);
+ AuthorizationContext.context(actx);
+
+ GridRestCommand cmd = GridRestCommand.fromKey(restKey);
+
+ switch (cmd) {
+ case ADD_USER:
+ auth.addUser(name, pwd);
+ break;
+
+ case UPDATE_USER:
+ auth.updateUser(name, pwd);
+ break;
+
+ case REMOVE_USER:
+ auth.removeUser(name);
+ break;
+
+ default:
+ throw new IgniteCheckedException("Unknown operation: " + cmd +
".");
+ }
+
+ markFinished();
+ }
+}
diff --git
a/modules/ducktests/tests/checks/utils/check_get_credentials_from_globals.py
b/modules/ducktests/tests/checks/utils/check_get_credentials_from_globals.py
new file mode 100644
index 0000000..2d45b64
--- /dev/null
+++ b/modules/ducktests/tests/checks/utils/check_get_credentials_from_globals.py
@@ -0,0 +1,51 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Check that get_credentials correctly parse Credentials from globals
+"""
+
+import pytest
+from ignitetest.services.utils.auth import get_credentials,
DEFAULT_AUTH_USERNAME, DEFAULT_AUTH_PASSWORD, \
+ USERNAME_KEY, PASSWORD_KEY, AUTHENTICATION_KEY, ENABLED_KEY
+
+TEST_USERNAME = "admin"
+TEST_PASSWORD = "qwe123"
+
+
+class CheckCaseJks:
+ """
+ Check that get_credentials correctly parse Credentials from globals
+ Posible structure is:
+ {"authentication": {
+ "enabled": true,
+ "username": "admin",
+ "password": "qwe123"}}
+ """
+
+ @staticmethod
+ @pytest.mark.parametrize('test_globals, expected_username,
expected_password',
+ [({AUTHENTICATION_KEY: {
+ ENABLED_KEY: True,
+ USERNAME_KEY: TEST_USERNAME,
+ PASSWORD_KEY: TEST_PASSWORD}}, TEST_USERNAME,
+ TEST_PASSWORD),
+ ({AUTHENTICATION_KEY: {
+ ENABLED_KEY: True}},
DEFAULT_AUTH_USERNAME, DEFAULT_AUTH_PASSWORD)])
+ def check_parse(test_globals, expected_username, expected_password):
+ """
+ Check function for pytest
+ """
+ assert (expected_username, expected_password) ==
get_credentials(test_globals)
diff --git
a/modules/ducktests/tests/checks/utils/check_get_ssl_params_from_globals.py
b/modules/ducktests/tests/checks/utils/check_get_ssl_params_from_globals.py
new file mode 100644
index 0000000..63a0f38
--- /dev/null
+++ b/modules/ducktests/tests/checks/utils/check_get_ssl_params_from_globals.py
@@ -0,0 +1,128 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+Check that SslParams correctly parse SSL params from globals
+"""
+
+import pytest
+from ignitetest.services.utils.ssl.ssl_params import get_ssl_params,
SslParams, DEFAULT_TRUSTSTORE, \
+ DEFAULT_CLIENT_KEYSTORE, DEFAULT_PASSWORD, IGNITE_CLIENT_ALIAS, SSL_KEY,
SSL_PARAMS_KEY, ENABLED_KEY
+
+INSTALL_ROOT = '/opt/'
+CERTIFICATE_DIR = '/opt/ignite-dev/modules/ducktests/tests/certs/'
+TEST_KEYSTORE_JKS = "client1.jks"
+TEST_TRUSTSTORE_JKS = "truststore.jks"
+TEST_PASSWORD = "qwe123"
+TEST_CERTIFICATE_DIR = "/opt/certs/"
+
+
+def _compare(expected, actual):
+ """
+ Compare SslParams object with dictionary
+ """
+
+ if expected is None and actual is None:
+ return True
+ if isinstance(expected, dict) and isinstance(actual, SslParams):
+ return expected == actual.__dict__
+ return False
+
+
+class TestParams:
+ """
+ Globals for tests
+ Possible structure is:
+ {"ssl": {
+ "enabled": true,
+ "params": {
+ "server": {
+ "key_store_jks": "server.jks",
+ "key_store_password": "123456",
+ "trust_store_jks": "truststore.jks",
+ "trust_store_password": "123456"
+ },
+ "client": {
+ "key_store_jks": "client.jks",
+ "key_store_password": "123456",
+ "trust_store_jks": "truststore.jks",
+ "trust_store_password": "123456"
+ },
+ "admin": {
+ "key_store_jks": "admin.jks",
+ "key_store_password": "123456",
+ "trust_store_jks": "truststore.jks",
+ "trust_store_password": "123456"
+ }
+ }
+ }
+ }
+ """
+
+ test_globals_jks = {
+ "install_root": INSTALL_ROOT,
+ SSL_KEY: {
+ ENABLED_KEY: True,
+ SSL_PARAMS_KEY: {
+ IGNITE_CLIENT_ALIAS: {
+ "key_store_jks": TEST_KEYSTORE_JKS,
+ "key_store_password": TEST_PASSWORD,
+ "trust_store_jks": TEST_TRUSTSTORE_JKS,
+ "trust_store_password": TEST_PASSWORD}}}}
+ test_globals_path = {
+ "install_root": INSTALL_ROOT,
+ SSL_KEY: {
+ ENABLED_KEY: True,
+ SSL_PARAMS_KEY: {
+ IGNITE_CLIENT_ALIAS: {
+ "key_store_path": TEST_CERTIFICATE_DIR + TEST_KEYSTORE_JKS,
+ "key_store_password": TEST_PASSWORD,
+ "trust_store_path": TEST_CERTIFICATE_DIR +
TEST_TRUSTSTORE_JKS,
+ "trust_store_password": TEST_PASSWORD}}}}
+ test_globals_default = {
+ "install_root": INSTALL_ROOT,
+ SSL_KEY: {ENABLED_KEY: True}}
+ test_globals_no_ssl = {
+ "install_root": INSTALL_ROOT}
+
+ expected_ssl_params_jks = {'key_store_path': CERTIFICATE_DIR +
TEST_KEYSTORE_JKS,
+ 'key_store_password': TEST_PASSWORD,
+ 'trust_store_path': CERTIFICATE_DIR +
TEST_TRUSTSTORE_JKS,
+ 'trust_store_password': TEST_PASSWORD}
+ expected_ssl_params_path = {'key_store_path': TEST_CERTIFICATE_DIR +
TEST_KEYSTORE_JKS,
+ 'key_store_password': TEST_PASSWORD,
+ 'trust_store_path': TEST_CERTIFICATE_DIR +
TEST_TRUSTSTORE_JKS,
+ 'trust_store_password': TEST_PASSWORD}
+ expected_ssl_params_default = {'key_store_path': CERTIFICATE_DIR +
DEFAULT_CLIENT_KEYSTORE,
+ 'key_store_password': DEFAULT_PASSWORD,
+ 'trust_store_path': CERTIFICATE_DIR +
DEFAULT_TRUSTSTORE,
+ 'trust_store_password': DEFAULT_PASSWORD}
+
+
+class CheckCaseJks:
+ """
+ Check that SslParams correctly parse SSL params from globals
+ """
+
+ @staticmethod
+ @pytest.mark.parametrize('test_globals, expected',
+ [(TestParams.test_globals_jks,
TestParams.expected_ssl_params_jks),
+ (TestParams.test_globals_path,
TestParams.expected_ssl_params_path),
+ (TestParams.test_globals_default,
TestParams.expected_ssl_params_default)])
+ def check_parse(test_globals, expected):
+ """
+ Check that SslParams correctly parse SSL params from globals
+ """
+ assert _compare(expected, get_ssl_params(test_globals,
IGNITE_CLIENT_ALIAS))
diff --git a/modules/ducktests/tests/ignitetest/services/ignite.py
b/modules/ducktests/tests/ignitetest/services/ignite.py
index 059b249..483ef2c 100644
--- a/modules/ducktests/tests/ignitetest/services/ignite.py
+++ b/modules/ducktests/tests/ignitetest/services/ignite.py
@@ -24,7 +24,6 @@ from datetime import datetime
from ducktape.cluster.remoteaccount import RemoteCommandError
from ignitetest.services.utils.ignite_aware import IgniteAwareService
-from ignitetest.services.utils.ssl.ssl_factory import DEFAULT_SERVER_KEYSTORE
class IgniteService(IgniteAwareService):
@@ -62,10 +61,6 @@ class IgniteService(IgniteAwareService):
except (RemoteCommandError, ValueError):
return []
- def update_config_with_globals(self):
- if self.globals.get("use_ssl", False):
- self._update_ssl_config_with_globals("server",
DEFAULT_SERVER_KEYSTORE)
-
def node_failed_event_pattern(failed_node_id=None):
"""Failed node pattern in log."""
diff --git a/modules/ducktests/tests/ignitetest/services/ignite_app.py
b/modules/ducktests/tests/ignitetest/services/ignite_app.py
index 7414afc..a77f6e3 100644
--- a/modules/ducktests/tests/ignitetest/services/ignite_app.py
+++ b/modules/ducktests/tests/ignitetest/services/ignite_app.py
@@ -23,7 +23,6 @@ from ducktape.errors import TimeoutError
from ignitetest.services.ignite_execution_exception import
IgniteExecutionException
from ignitetest.services.utils.ignite_aware import IgniteAwareService
-from ignitetest.services.utils.ssl.ssl_factory import DEFAULT_CLIENT_KEYSTORE
class IgniteApplicationService(IgniteAwareService):
@@ -107,7 +106,3 @@ class IgniteApplicationService(IgniteAwareService):
res.append(re.search("%s(.*)%s" % (name + "->", "<-"),
line).group(1))
return res
-
- def update_config_with_globals(self):
- if self.globals.get("use_ssl", False):
- self._update_ssl_config_with_globals("client",
DEFAULT_CLIENT_KEYSTORE)
diff --git a/modules/ducktests/tests/ignitetest/services/utils/auth/__init__.py
b/modules/ducktests/tests/ignitetest/services/utils/auth/__init__.py
new file mode 100644
index 0000000..0730ad5
--- /dev/null
+++ b/modules/ducktests/tests/ignitetest/services/utils/auth/__init__.py
@@ -0,0 +1,46 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module contains authentication classes and utilities.
+"""
+
+DEFAULT_AUTH_PASSWORD = 'ignite'
+DEFAULT_AUTH_USERNAME = 'ignite'
+
+AUTHENTICATION_KEY = "authentication"
+ENABLED_KEY = "enabled"
+USERNAME_KEY = "username"
+PASSWORD_KEY = "password"
+
+
+def get_credentials(_globals: dict):
+ """
+ Gets Credentials from Globals
+ Structure may be found in
modules/ducktests/tests/checks/utils/check_get_credentials.py
+ This function return default username and password, defaults may be
overriden throw globals
+ """
+ if USERNAME_KEY in _globals[AUTHENTICATION_KEY] and PASSWORD_KEY in
_globals[AUTHENTICATION_KEY]:
+ return _globals[AUTHENTICATION_KEY][USERNAME_KEY],
_globals[AUTHENTICATION_KEY][PASSWORD_KEY]
+ return DEFAULT_AUTH_USERNAME, DEFAULT_AUTH_PASSWORD
+
+
+def is_auth_enabled(_globals: dict):
+ """
+ Return True if Authentication enabled throw globals
+ :param _globals:
+ :return: bool
+ """
+ return AUTHENTICATION_KEY in _globals and
_globals[AUTHENTICATION_KEY][ENABLED_KEY]
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/control_utility.py
b/modules/ducktests/tests/ignitetest/services/utils/control_utility.py
index f46a620..1744195 100644
--- a/modules/ducktests/tests/ignitetest/services/utils/control_utility.py
+++ b/modules/ducktests/tests/ignitetest/services/utils/control_utility.py
@@ -16,7 +16,6 @@
"""
This module contains control utility wrapper.
"""
-import os
import random
import re
import socket
@@ -26,7 +25,8 @@ from typing import NamedTuple
from ducktape.cluster.remoteaccount import RemoteCommandError
-from ignitetest.services.utils.ssl.ssl_factory import DEFAULT_PASSWORD,
DEFAULT_TRUSTSTORE, DEFAULT_ADMIN_KEYSTORE
+from ignitetest.services.utils.auth import get_credentials, is_auth_enabled
+from ignitetest.services.utils.ssl.ssl_params import get_ssl_params,
is_ssl_enabled, IGNITE_ADMIN_ALIAS
from ignitetest.services.utils.jmx_utils import JmxClient
@@ -37,33 +37,19 @@ class ControlUtility:
BASE_COMMAND = "control.sh"
# pylint: disable=R0913
- def __init__(self, cluster,
- key_store_jks: str = None, key_store_password: str =
DEFAULT_PASSWORD,
- trust_store_jks: str = DEFAULT_TRUSTSTORE,
trust_store_password: str = DEFAULT_PASSWORD):
+ def __init__(self, cluster, ssl_params=None, username=None, password=None):
self._cluster = cluster
self.logger = cluster.context.logger
- if cluster.context.globals.get("use_ssl", False):
- admin_dict = cluster.globals.get("admin", dict())
+ if ssl_params:
+ self.ssl_params = ssl_params
+ elif is_ssl_enabled(cluster.context.globals):
+ self.ssl_params = get_ssl_params(cluster.context.globals,
IGNITE_ADMIN_ALIAS)
- self.key_store_path = admin_dict.get("key_store_path",
-
self.jks_path(admin_dict.get('key_store_jks', DEFAULT_ADMIN_KEYSTORE)))
- self.key_store_password = admin_dict.get('key_store_password',
DEFAULT_PASSWORD)
- self.trust_store_path = admin_dict.get("trust_store_path",
-
self.jks_path(admin_dict.get('trust_store_jks', DEFAULT_TRUSTSTORE)))
- self.trust_store_password = admin_dict.get('trust_store_password',
DEFAULT_PASSWORD)
-
- elif key_store_jks is not None:
- self.key_store_path = self.jks_path(key_store_jks)
- self.key_store_password = key_store_password
- self.trust_store_path = self.jks_path(trust_store_jks)
- self.trust_store_password = trust_store_password
-
- def jks_path(self, jks_name: str):
- """
- :return Path to jks file.
- """
- return os.path.join(self._cluster.certificate_dir, jks_name)
+ if username and password:
+ self.username, self.password = username, password
+ elif is_auth_enabled(cluster.context.globals):
+ self.username, self.password =
get_credentials(cluster.context.globals)
def baseline(self):
"""
@@ -355,11 +341,15 @@ class ControlUtility:
def __form_cmd(self, node_ip, cmd):
ssl = ""
- if hasattr(self, 'key_store_path'):
- ssl = f" --keystore {self.key_store_path} --keystore-password
{self.key_store_password} " \
- f"--truststore {self.trust_store_path} --truststore-password
{self.trust_store_password}"
-
- return self._cluster.script(f"{self.BASE_COMMAND} --host {node_ip}
{cmd} {ssl}")
+ if hasattr(self, "ssl_params"):
+ ssl = f" --keystore {self.ssl_params.key_store_path} " \
+ f"--keystore-password {self.ssl_params.key_store_password} "
\
+ f"--truststore {self.ssl_params.trust_store_path} " \
+ f"--truststore-password
{self.ssl_params.trust_store_password}"
+ auth = ""
+ if hasattr(self, "username"):
+ auth = f" --user {self.username} --password {self.password} "
+ return self._cluster.script(f"{self.BASE_COMMAND} --host {node_ip}
{cmd} {ssl} {auth}")
@staticmethod
def __parse_output(raw_output):
@@ -437,6 +427,7 @@ class ControlUtilityError(RemoteCommandError):
"""
Error is raised when control utility failed.
"""
+
def __init__(self, account, cmd, exit_status, output):
super().__init__(account, cmd, exit_status, "".join(output))
diff --git a/modules/ducktests/tests/ignitetest/services/utils/ignite_aware.py
b/modules/ducktests/tests/ignitetest/services/utils/ignite_aware.py
index fa4c5c4..794cdf1 100644
--- a/modules/ducktests/tests/ignitetest/services/utils/ignite_aware.py
+++ b/modules/ducktests/tests/ignitetest/services/utils/ignite_aware.py
@@ -39,7 +39,8 @@ from ignitetest.utils.enum import constructible
# pylint: disable=too-many-public-methods
from ignitetest.services.utils.ssl.connector_configuration import
ConnectorConfiguration
-from ignitetest.services.utils.ssl.ssl_factory import SslContextFactory
+from ignitetest.services.utils.ssl.ssl_params import get_ssl_params,
is_ssl_enabled, IGNITE_SERVER_ALIAS, \
+ IGNITE_CLIENT_ALIAS
class IgniteAwareService(BackgroundThreadService, IgnitePathAware,
metaclass=ABCMeta):
@@ -92,18 +93,27 @@ class IgniteAwareService(BackgroundThreadService,
IgnitePathAware, metaclass=ABC
"""
Starts in async way.
"""
- self.update_config_with_globals()
+ self.update_ssl_config_with_globals()
super().start(**kwargs)
def start(self, **kwargs):
self.start_async(**kwargs)
self.await_started()
- @abstractmethod
- def update_config_with_globals(self):
+ def update_ssl_config_with_globals(self):
"""
- Update configuration with global parameters.
+ Update ssl configuration from globals.
"""
+ ssl_params = None
+ if self.config.ssl_params is None and is_ssl_enabled(self.globals):
+ ssl_params = get_ssl_params(
+ self.globals,
+ IGNITE_CLIENT_ALIAS if self.config.client_mode else
IGNITE_SERVER_ALIAS
+ )
+ if ssl_params:
+ self.config = self.config._replace(ssl_params=ssl_params,
+
connector_configuration=ConnectorConfiguration(
+ ssl_enabled=True,
ssl_params=ssl_params))
def await_started(self):
"""
@@ -416,21 +426,6 @@ class IgniteAwareService(BackgroundThreadService,
IgnitePathAware, metaclass=ABC
self.logger.debug(f"rotating {node.log_file} to {rotated_log} on
{node.name}")
node.account.ssh(f"mv {node.log_file} {rotated_log}")
- def _update_ssl_config_with_globals(self, dict_name: str, default_jks:
str):
- """
- Update ssl configuration.
- """
- _dict = self.globals.get(dict_name)
-
- if _dict is not None:
- ssl_context_factory = SslContextFactory(self.install_root, **_dict)
- else:
- ssl_context_factory = SslContextFactory(self.install_root,
default_jks)
-
- self.config =
self.config._replace(ssl_context_factory=ssl_context_factory)
- self.config =
self.config._replace(connector_configuration=ConnectorConfiguration(
- ssl_enabled=True, ssl_context_factory=ssl_context_factory))
-
@staticmethod
def exec_command(node, cmd):
"""Executes the command passed on the given node and returns result as
string."""
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/ignite_configuration/__init__.py
b/modules/ducktests/tests/ignitetest/services/utils/ignite_configuration/__init__.py
index 7d1c907..e0d1494 100644
---
a/modules/ducktests/tests/ignitetest/services/utils/ignite_configuration/__init__.py
+++
b/modules/ducktests/tests/ignitetest/services/utils/ignite_configuration/__init__.py
@@ -23,7 +23,7 @@ from
ignitetest.services.utils.ignite_configuration.communication import Communi
from ignitetest.services.utils.ssl.connector_configuration import
ConnectorConfiguration
from ignitetest.services.utils.ignite_configuration.data_storage import
DataStorageConfiguration
from ignitetest.services.utils.ignite_configuration.discovery import
DiscoverySpi, TcpDiscoverySpi
-from ignitetest.services.utils.ssl.ssl_factory import SslContextFactory
+from ignitetest.services.utils.ssl.ssl_params import SslParams
from ignitetest.utils.version import IgniteVersion, DEV_BRANCH
@@ -43,8 +43,10 @@ class IgniteConfiguration(NamedTuple):
data_storage: DataStorageConfiguration = None
caches: list = []
local_host: str = None
- ssl_context_factory: SslContextFactory = None
+ ssl_params: SslParams = None
connector_configuration: ConnectorConfiguration = None
+ auth_enabled: bool = False
+ plugins: list = []
metric_exporter: str = None
diff --git a/modules/ducktests/tests/ignitetest/services/utils/jmx_utils.py
b/modules/ducktests/tests/ignitetest/services/utils/jmx_utils.py
index 5666f38..1683938 100644
--- a/modules/ducktests/tests/ignitetest/services/utils/jmx_utils.py
+++ b/modules/ducktests/tests/ignitetest/services/utils/jmx_utils.py
@@ -96,7 +96,7 @@ class JmxClient:
return iter(s.strip() for s in self.__run_cmd(cmd))
def __run_cmd(self, cmd):
- return self.node.account.ssh_capture(cmd, allow_fail=False,
callback=str)
+ return self.node.account.ssh_capture(cmd, allow_fail=False,
callback=str, combine_stderr=False)
class DiscoveryInfo:
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/ssl/connector_configuration.py
b/modules/ducktests/tests/ignitetest/services/utils/ssl/connector_configuration.py
index 4d75b78..6da08c1 100644
---
a/modules/ducktests/tests/ignitetest/services/utils/ssl/connector_configuration.py
+++
b/modules/ducktests/tests/ignitetest/services/utils/ssl/connector_configuration.py
@@ -19,7 +19,7 @@ This module contains classes and utilities for Ignite
ConnectorConfiguration.
from typing import NamedTuple
-from ignitetest.services.utils.ssl.ssl_factory import SslContextFactory
+from ignitetest.services.utils.ssl.ssl_params import SslParams
class ConnectorConfiguration(NamedTuple):
@@ -28,4 +28,4 @@ class ConnectorConfiguration(NamedTuple):
Used to connect from ControlUtility (control.sh).
"""
ssl_enabled: bool = False
- ssl_context_factory: SslContextFactory = None
+ ssl_params: SslParams = None
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_factory.py
b/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_factory.py
deleted file mode 100644
index 51468aa..0000000
--- a/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_factory.py
+++ /dev/null
@@ -1,45 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-
-"""
-This module contains classes and utilities for SslContextFactory.
-"""
-import os
-
-DEFAULT_PASSWORD = "123456"
-DEFAULT_SERVER_KEYSTORE = "server.jks"
-DEFAULT_CLIENT_KEYSTORE = "client.jks"
-DEFAULT_ADMIN_KEYSTORE = "admin.jks"
-DEFAULT_TRUSTSTORE = "truststore.jks"
-
-
-class SslContextFactory:
- """
- Ignite SslContextFactory.
- """
-
- # pylint: disable=R0913
- def __init__(self, root_dir: str = "/opt",
- key_store_jks: str = DEFAULT_SERVER_KEYSTORE,
key_store_password: str = DEFAULT_PASSWORD,
- trust_store_jks: str = DEFAULT_TRUSTSTORE,
trust_store_password: str = DEFAULT_PASSWORD,
- key_store_path: str = None, trust_store_path: str = None):
- certificate_dir = os.path.join(root_dir, "ignite-dev", "modules",
"ducktests", "tests", "certs")
-
- self.key_store_path = key_store_path if key_store_path is not None \
- else os.path.join(certificate_dir, key_store_jks)
- self.key_store_password = key_store_password
- self.trust_store_path = trust_store_path if trust_store_path is not
None \
- else os.path.join(certificate_dir, trust_store_jks)
- self.trust_store_password = trust_store_password
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_params.py
b/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_params.py
new file mode 100644
index 0000000..eb74b47
--- /dev/null
+++ b/modules/ducktests/tests/ignitetest/services/utils/ssl/ssl_params.py
@@ -0,0 +1,99 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License
+
+"""
+This module contains classes and utilities for Ignite SslContextFactory.
+"""
+import os
+
+IGNITE_SERVER_ALIAS = 'server'
+IGNITE_CLIENT_ALIAS = 'client'
+IGNITE_ADMIN_ALIAS = 'admin'
+
+DEFAULT_SERVER_KEYSTORE = 'server.jks'
+DEFAULT_CLIENT_KEYSTORE = 'client.jks'
+DEFAULT_ADMIN_KEYSTORE = 'admin.jks'
+DEFAULT_PASSWORD = "123456"
+DEFAULT_TRUSTSTORE = "truststore.jks"
+DEFAULT_ROOT = "/opt/"
+
+SSL_PARAMS_KEY = "params"
+SSL_KEY = "ssl"
+ENABLED_KEY = "enabled"
+
+default_keystore = {
+ IGNITE_SERVER_ALIAS: DEFAULT_SERVER_KEYSTORE,
+ IGNITE_CLIENT_ALIAS: DEFAULT_CLIENT_KEYSTORE,
+ IGNITE_ADMIN_ALIAS: DEFAULT_ADMIN_KEYSTORE
+}
+
+
+class SslParams:
+ """
+ Params for Ignite SslContextFactory.
+ """
+
+ # pylint: disable=R0913
+ def __init__(self, key_store_jks: str = None, key_store_password: str =
DEFAULT_PASSWORD,
+ trust_store_jks: str = DEFAULT_TRUSTSTORE,
trust_store_password: str = DEFAULT_PASSWORD,
+ key_store_path: str = None, trust_store_path: str = None,
root_dir: str = DEFAULT_ROOT):
+ if not key_store_jks and not key_store_path:
+ raise Exception("Keystore must be specified to init SslParams")
+
+ certificate_dir = os.path.join(root_dir, "ignite-dev", "modules",
"ducktests", "tests", "certs")
+
+ self.key_store_path = key_store_path if key_store_path else
os.path.join(certificate_dir, key_store_jks)
+ self.key_store_password = key_store_password
+ self.trust_store_path = trust_store_path if trust_store_path else
os.path.join(certificate_dir, trust_store_jks)
+ self.trust_store_password = trust_store_password
+
+
+def get_ssl_params(_globals: dict, alias: str):
+ """
+ Gets SSL params from Globals
+ Structure may be found in
modules/ducktests/tests/checks/utils/check_get_ssl_params.py
+
+ There are three possible interactions with a cluster in a ducktape, each
of them has its own alias,
+ which corresponds to keystore:
+ Ignite(clientMode = False) - server
+ Ignite(clientMode = True) - client
+ ControlUtility - admin
+
+ If we enable SSL in globals, these SSL params will be injected in
corresponding
+ configuration
+ You can also override keystore corresponding to alias throw globals
+
+ Default keystores for these services are generated automaticaly on
creating envoriment
+ If you specyfy ssl_params in test, you override globals
+ """
+
+ root_dir = _globals.get("install_root", DEFAULT_ROOT)
+ if SSL_PARAMS_KEY in _globals[SSL_KEY] and alias in
_globals[SSL_KEY][SSL_PARAMS_KEY]:
+ ssl_param = _globals[SSL_KEY][SSL_PARAMS_KEY][alias]
+ elif alias in default_keystore:
+ ssl_param = {'key_store_jks': default_keystore[alias]}
+ else:
+ raise Exception("We don't have SSL params for: " + alias)
+
+ return SslParams(root_dir=root_dir, **ssl_param) if ssl_param else None
+
+
+def is_ssl_enabled(_globals: dict):
+ """
+ Return True if SSL enabled throw globals
+ :param _globals:
+ :return: bool
+ """
+ return SSL_KEY in _globals and _globals[SSL_KEY][ENABLED_KEY]
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/templates/connector_configuration.j2
b/modules/ducktests/tests/ignitetest/services/utils/templates/connector_configuration.j2
index 7a43f99..1fe7207 100644
---
a/modules/ducktests/tests/ignitetest/services/utils/templates/connector_configuration.j2
+++
b/modules/ducktests/tests/ignitetest/services/utils/templates/connector_configuration.j2
@@ -15,14 +15,14 @@
limitations under the License.
#}
-{% import 'ssl_factory_macro.j2' as ssl_factory_util %}
+{% import 'ssl_params_macro.j2' as ssl_params_util %}
{% macro connector_configuration(config) %}
<bean class="org.apache.ignite.configuration.ConnectorConfiguration">
<property name="sslEnabled" value="{{ config.ssl_enabled }}"/>
{% if config.ssl_enabled %}
<property name="sslFactory">
- {{
ssl_factory_util.ssl_factory(config.ssl_context_factory) }}
+ {{ ssl_params_util.ssl_params(config.ssl_params) }}
</property>
{% endif %}
</bean>
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/templates/ignite.xml.j2
b/modules/ducktests/tests/ignitetest/services/utils/templates/ignite.xml.j2
index 96eef5b..a25c659 100644
--- a/modules/ducktests/tests/ignitetest/services/utils/templates/ignite.xml.j2
+++ b/modules/ducktests/tests/ignitetest/services/utils/templates/ignite.xml.j2
@@ -22,7 +22,7 @@
{% import 'cache_macro.j2' as cache_utils %}
{% import 'datastorage_macro.j2' as datastorage_utils %}
{% import 'misc_macro.j2' as misc_utils %}
-{% import 'ssl_factory_macro.j2' as ssl_factory_util %}
+{% import 'ssl_params_macro.j2' as ssl_params_util %}
{% import 'connector_configuration.j2' as connector_configuration_util %}
<beans xmlns="http://www.springframework.org/schema/beans";
@@ -41,6 +41,7 @@
<property name="consistentId" value="{{ config.consistent_id }}"/>
<property name="failureDetectionTimeout" value="{{
config.failure_detection_timeout }}"/>
<property name="systemWorkerBlockedTimeout" value="{{
config.sys_worker_blocked_timeout }}"/>
+ <property name="authenticationEnabled" value="{{ config.auth_enabled |
lower }}"/>
{% if config.metric_exporter %}
<property name="metricExporterSpi">
@@ -66,9 +67,9 @@
{{ config.properties }}
{% endif %}
- {% if config.ssl_context_factory %}
+ {% if config.ssl_params %}
<property name="sslContextFactory">
- {{ ssl_factory_util.ssl_factory(config.ssl_context_factory) }}
+ {{ ssl_params_util.ssl_params(config.ssl_params) }}
</property>
{% endif %}
{% if config.connector_configuration %}
diff --git
a/modules/ducktests/tests/ignitetest/services/utils/templates/ssl_factory_macro.j2
b/modules/ducktests/tests/ignitetest/services/utils/templates/ssl_params_macro.j2
similarity index 72%
rename from
modules/ducktests/tests/ignitetest/services/utils/templates/ssl_factory_macro.j2
rename to
modules/ducktests/tests/ignitetest/services/utils/templates/ssl_params_macro.j2
index 2f8878c..8d519c9 100644
---
a/modules/ducktests/tests/ignitetest/services/utils/templates/ssl_factory_macro.j2
+++
b/modules/ducktests/tests/ignitetest/services/utils/templates/ssl_params_macro.j2
@@ -15,11 +15,11 @@
limitations under the License.
#}
-{% macro ssl_factory(factory) %}
+{% macro ssl_params(ctx) %}
<bean class="org.apache.ignite.ssl.SslContextFactory">
- <property name="keyStoreFilePath" value="{{ factory.key_store_path }}"/>
- <property name="keyStorePassword" value="{{ factory.key_store_password
}}"/>
- <property name="trustStoreFilePath" value="{{ factory.trust_store_path
}}"/>
- <property name="trustStorePassword" value="{{ factory.trust_store_password
}}"/>
+ <property name="keyStoreFilePath" value="{{ ctx.key_store_path }}"/>
+ <property name="keyStorePassword" value="{{ ctx.key_store_password }}"/>
+ <property name="trustStoreFilePath" value="{{ ctx.trust_store_path }}"/>
+ <property name="trustStorePassword" value="{{ ctx.trust_store_password
}}"/>
</bean>
{% endmacro %}
diff --git a/modules/ducktests/tests/ignitetest/tests/auth_test.py
b/modules/ducktests/tests/ignitetest/tests/auth_test.py
new file mode 100644
index 0000000..73d4bc04
--- /dev/null
+++ b/modules/ducktests/tests/ignitetest/tests/auth_test.py
@@ -0,0 +1,121 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""
+This module contains password based authentication tests
+"""
+
+from ignitetest.services.ignite import IgniteService
+from ignitetest.services.ignite_app import IgniteApplicationService
+from ignitetest.services.utils.auth import DEFAULT_AUTH_PASSWORD,
DEFAULT_AUTH_USERNAME
+from ignitetest.services.utils.control_utility import ControlUtility,
ControlUtilityError
+from ignitetest.services.utils.ignite_configuration import
IgniteConfiguration, DataStorageConfiguration
+from ignitetest.services.utils.ignite_configuration.data_storage import
DataRegionConfiguration
+from ignitetest.utils import ignite_versions, cluster
+from ignitetest.services.utils.ignite_configuration.discovery import
from_ignite_cluster
+from ignitetest.utils.ignite_test import IgniteTest
+from ignitetest.utils.version import DEV_BRANCH, LATEST, IgniteVersion
+
+WRONG_PASSWORD = "wrong_password"
+TEST_USERNAME = "admin"
+TEST_PASSWORD = "qwe123"
+TEST_PASSWORD2 = "123qwe"
+
+ADD_USER = 'adduser'
+UPDATE_USER = 'updateuser'
+REMOVE_USER = 'removeuser'
+
+
+# pylint: disable=W0223
+class AuthenticationTests(IgniteTest):
+ """
+ Tests Ignite Authentication
+ https://ignite.apache.org/docs/latest/security/authentication
+ """
+ NUM_NODES = 2
+
+ @cluster(num_nodes=NUM_NODES)
+ @ignite_versions(str(DEV_BRANCH), str(LATEST))
+ def test_change_users(self, ignite_version):
+ """
+ Test add, update and remove user
+ """
+ config = IgniteConfiguration(
+ cluster_state="INACTIVE",
+ auth_enabled=True,
+ version=IgniteVersion(ignite_version),
+ data_storage=DataStorageConfiguration(
+ default=DataRegionConfiguration(persistent=True),
+ )
+ )
+
+ servers = IgniteService(self.test_context, config=config,
num_nodes=self.NUM_NODES - 1)
+
+ servers.start()
+
+ ControlUtility(cluster=servers, username=DEFAULT_AUTH_USERNAME,
password=DEFAULT_AUTH_PASSWORD).activate()
+
+ client_cfg = config._replace(client_mode=True,
discovery_spi=from_ignite_cluster(servers))
+
+ # Add new user
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD, True)
+ self.run_with_creds(client_cfg, ADD_USER, TEST_USERNAME, TEST_PASSWORD)
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD)
+
+ # Update user password
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD2, True)
+ self.run_with_creds(client_cfg, UPDATE_USER, TEST_USERNAME,
TEST_PASSWORD2)
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD, True)
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD2)
+
+ # Remove user
+ self.run_with_creds(client_cfg, REMOVE_USER, TEST_USERNAME, free=False)
+ check_authenticate(servers, TEST_USERNAME, TEST_PASSWORD2, True)
+
+ # pylint: disable=R0913
+ def run_with_creds(self, client_configuration, rest_key: str, name: str,
password: str = None, clean=False,
+ free=True):
+ """
+ Run user modifying command
+ """
+ app = IgniteApplicationService(
+ self.test_context,
+ client_configuration,
+
java_class_name="org.apache.ignite.internal.ducktest.tests.authentication.UserModifyingApplication",
+ params={"rest_key": rest_key,
+ "auth_username": DEFAULT_AUTH_USERNAME,
+ "auth_password": DEFAULT_AUTH_PASSWORD,
+ "username": name,
+ "password": password}
+ )
+ app.start(clean=clean)
+ app.stop()
+ if free:
+ app.free()
+
+
+def check_authenticate(servers, username: str, password: str,
exception_expected: bool = False):
+ """
+ Check if user can run control.sh command
+ """
+ control_utility = ControlUtility(cluster=servers, username=username,
password=password)
+ if exception_expected:
+ try:
+ control_utility.cluster_state()
+ raise Exception("Something went wrong.")
+ except ControlUtilityError:
+ pass
+ else:
+ control_utility.cluster_state()
diff --git a/modules/ducktests/tests/ignitetest/tests/pme_free_switch_test.py
b/modules/ducktests/tests/ignitetest/tests/pme_free_switch_test.py
index 94b702f..5712df8 100644
--- a/modules/ducktests/tests/ignitetest/tests/pme_free_switch_test.py
+++ b/modules/ducktests/tests/ignitetest/tests/pme_free_switch_test.py
@@ -32,6 +32,7 @@ from ignitetest.utils import ignite_versions, cluster,
ignore_if
from ignitetest.utils.enum import constructible
from ignitetest.utils.ignite_test import IgniteTest
from ignitetest.utils.version import DEV_BRANCH, V_2_8_0, IgniteVersion, LATEST
+from ignitetest.services.utils.ssl.ssl_params import is_ssl_enabled
@constructible
@@ -54,7 +55,7 @@ class PmeFreeSwitchTest(IgniteTest):
EXTRA_CACHES_AMOUNT = 100
@cluster(num_nodes=NUM_NODES + 2)
- @ignore_if(lambda version, globals: version < V_2_8_0 and
globals.get("use_ssl"))
+ @ignore_if(lambda version, globals: version < V_2_8_0 and
is_ssl_enabled(globals))
@ignite_versions(str(DEV_BRANCH), str(LATEST))
@matrix(load_type=[LoadType.NONE, LoadType.EXTRA_CACHES,
LoadType.LONG_TXS])
def test(self, ignite_version, load_type):
diff --git a/modules/ducktests/tests/ignitetest/tests/ssl_test.py
b/modules/ducktests/tests/ignitetest/tests/ssl_test.py
index 4eac087..4dd8de0 100644
--- a/modules/ducktests/tests/ignitetest/tests/ssl_test.py
+++ b/modules/ducktests/tests/ignitetest/tests/ssl_test.py
@@ -21,7 +21,8 @@ from ignitetest.services.ignite_app import
IgniteApplicationService
from ignitetest.services.utils.control_utility import ControlUtility
from ignitetest.services.utils.ignite_configuration import IgniteConfiguration
from ignitetest.services.utils.ssl.connector_configuration import
ConnectorConfiguration
-from ignitetest.services.utils.ssl.ssl_factory import SslContextFactory
+from ignitetest.services.utils.ssl.ssl_params import SslParams,
DEFAULT_SERVER_KEYSTORE, DEFAULT_CLIENT_KEYSTORE, \
+ DEFAULT_ADMIN_KEYSTORE
from ignitetest.utils import ignite_versions, cluster
from ignitetest.utils.ignite_test import IgniteTest
from ignitetest.utils.version import IgniteVersion, DEV_BRANCH, LATEST
@@ -32,6 +33,7 @@ class SslTest(IgniteTest):
"""
Ssl test.
"""
+
@cluster(num_nodes=3)
@ignite_versions(str(DEV_BRANCH), str(LATEST))
def test_ssl_connection(self, ignite_version):
@@ -41,18 +43,19 @@ class SslTest(IgniteTest):
"""
root_dir = self.test_context.globals.get("install_root", "/opt")
- server_ssl = SslContextFactory(root_dir=root_dir)
+ server_ssl = SslParams(root_dir=root_dir,
key_store_jks=DEFAULT_SERVER_KEYSTORE)
server_configuration = IgniteConfiguration(
- version=IgniteVersion(ignite_version),
ssl_context_factory=server_ssl,
- connector_configuration=ConnectorConfiguration(ssl_enabled=True,
ssl_context_factory=server_ssl))
+ version=IgniteVersion(ignite_version), ssl_params=server_ssl,
+ connector_configuration=ConnectorConfiguration(ssl_enabled=True,
ssl_params=server_ssl))
ignite = IgniteService(self.test_context, server_configuration,
num_nodes=2,
startup_timeout_sec=180)
client_configuration = server_configuration._replace(
client_mode=True,
- ssl_context_factory=SslContextFactory(root_dir,
key_store_jks="client.jks"))
+ ssl_params=SslParams(root_dir=root_dir,
key_store_jks=DEFAULT_CLIENT_KEYSTORE),
+ connector_configuration=None)
app = IgniteApplicationService(
self.test_context,
@@ -60,7 +63,8 @@ class SslTest(IgniteTest):
java_class_name="org.apache.ignite.internal.ducktest.tests.smoke_test.SimpleApplication",
startup_timeout_sec=180)
- control_utility = ControlUtility(cluster=ignite,
key_store_jks="admin.jks")
+ admin_ssl = SslParams(root_dir=root_dir,
key_store_jks=DEFAULT_ADMIN_KEYSTORE)
+ control_utility = ControlUtility(cluster=ignite, ssl_params=admin_ssl)
ignite.start()
app.start()
