hanahmily commented on code in PR #642:
URL:
https://github.com/apache/skywalking-banyandb/pull/642#discussion_r2044740430
##########
go.mod:
##########
@@ -80,7 +80,7 @@ require (
github.com/dchest/siphash v1.2.3 // indirect
github.com/dgryski/go-metro v0.0.0-20250106013310-edb8663e5e33 //
indirect
github.com/dustin/go-humanize v1.0.1
- github.com/fsnotify/fsnotify v1.9.0
+ github.com/fsnotify/fsnotify v1.8.0
Review Comment:
Why did you downgrade the version to 1.8.0?
##########
pkg/timestamp/clock.go:
##########
@@ -47,7 +47,18 @@ func NewClock() Clock {
// NewMockClock returns an instance of a mock clock.
func NewMockClock() MockClock {
- return clock.NewMock()
+ return &mockClockWrapper{clock.NewMock()}
+}
+
+type mockClockWrapper struct {
+ *clock.Mock
+}
+
+// TriggerTimer sends the current time to timer.C.
+func (m *mockClockWrapper) TriggerTimer() bool {
Review Comment:
Where do you use it?
##########
test/integration/standalone/other/tls_test.go:
##########
@@ -36,19 +43,58 @@ import (
casesMeasureData
"github.com/apache/skywalking-banyandb/test/cases/measure/data"
)
+// generateSelfSignedCert creates a new self-signed certificate for testing.
+func generateSelfSignedCert(commonName string) (certPEM, keyPEM []byte, err
error) {
Review Comment:
Can you combine this function with the one in reloader_test.go? They share
most of the logic for creating the certificate and key.
##########
test/integration/standalone/other/tls_test.go:
##########
@@ -74,4 +120,71 @@ var _ = g.Describe("Query service_cpm_minute", func() {
}, helpers.Args{Input: "all", Duration: 25 *
time.Minute, Offset: -20 * time.Minute})
}, flags.EventuallyTimeout).Should(gm.Succeed())
})
+
+ g.It("queries an updated TLS server", func() {
+ // Create a temporary directory for certificate files
+ tempDir, err := os.MkdirTemp("", "tls-test-*")
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+ defer os.RemoveAll(tempDir)
+
+ // Copy the original certificate and key to the temporary
directory
+ tempCertFile := filepath.Join(tempDir, "cert.pem")
+ tempKeyFile := filepath.Join(tempDir, "key.pem")
+
+ // Read original certificate and key
+ originalCert, err := os.ReadFile(certFile)
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+ originalKey, err := os.ReadFile(keyFile)
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+
+ // Write to temporary location
+ err = os.WriteFile(tempCertFile, originalCert, 0o600)
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+ err = os.WriteFile(tempKeyFile, originalKey, 0o600)
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+
+ // Start a new server using the temporary certificate files
+ tempAddr, _, tempDeferFn :=
setup.StandaloneWithTLS(tempCertFile, tempKeyFile)
+ defer tempDeferFn()
+
+ // Create initial connection with the original certificate
+ creds, err := credentials.NewClientTLSFromFile(tempCertFile,
"localhost")
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+ tempConn, err := grpchelper.Conn(tempAddr, 10*time.Second,
grpclib.WithTransportCredentials(creds))
+ gm.Expect(err).NotTo(gm.HaveOccurred())
+ defer tempConn.Close()
+
Review Comment:
Could you run the verification query using the tempConn before updating the
key and cert?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
