adoroszlai commented on PR #4389: URL: https://github.com/apache/ozone/pull/4389#issuecomment-1478387338
> > > It was tested mannually with HashiCorp Vault instanse but unfortenatly its impossible to run in memory instance of Vault in Java code, this is a main reasone why new integration tests doesn't added. > > > > > > Hashicorp provides [official Docker image for Vault](https://hub.docker.com/r/hashicorp/vault), which can probably be integrated with the Docker-based acceptance tests. > > Thank you for this information. May I do it in a separate ticket? Sure, it can be done in separate task to keep scope manageable. > Also, could you please provide some example how already used some docker images for testing? Ozone has a few docker-compose environments, defined in subdirectories of `hadoop-ozone/dist/src/main/compose`. Most of these have `test.sh`, which is executed by CI. Helper functions are defined in `hadoop-ozone/dist/src/main/compose/testlib.sh`. The actual tests are implemented in Robot Framework in `hadoop-ozone/dist/src/main/smoketest`. But I don't think you need to change the Robot scripts, since the remote secret store feature should be transparent. As a start, we can: * copy `ozonesecure` (single OM and SCM) or `ozonesecure-ha` (OM and SCM HA) to a new `ozonesecure-vault` directory * add a container for Vault in `docker-compose.yaml` * set up Ozone to use it by adding the relevant config properties in `docker-config` * remove unnecessary tests from `test.sh`, only keeping the ones specific to S3 Gateway -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
