From 176bc8fd97a63e129a3c72053edd6308752f35e3 Mon Sep 17 00:00:00 2001 From: Suneet Saldanha <44787917+suneet-s@users.noreply.github.com> Date: Thu, 19 Dec 2019 14:53:36 -0800 Subject: [PATCH] Remove resolve-ip dependency for integration-tests (#9065) * Remove resolve-ip dependency for integration-tests * use host hostname and fallback to dscacheutil * better shell script comparisons --- integration-tests/README.md | 3 +- .../tls/generate-expired-client-cert.sh | 4 ++- .../docker/tls/generate-good-client-cert.sh | 4 ++- ...generate-incorrect-hostname-client-cert.sh | 4 ++- ...nerate-invalid-intermediate-client-cert.sh | 6 ++-- .../tls/generate-to-be-revoked-client-cert.sh | 4 ++- .../generate-untrusted-root-client-cert.sh | 4 ++- ...generate-valid-intermediate-client-cert.sh | 6 ++-- .../docker/tls/set-docker-host-ip.sh | 29 +++++++++++++++++++ 9 files changed, 54 insertions(+), 10 deletions(-) create mode 100755 integration-tests/docker/tls/set-docker-host-ip.sh diff --git a/integration-tests/README.md b/integration-tests/README.md index 1f7b4de0e6b..93ccfe5a20b 100644 --- a/integration-tests/README.md +++ b/integration-tests/README.md @@ -36,7 +36,8 @@ Integration Testing Using Docker For running integration tests using docker there are 2 approaches. If your platform supports docker natively, you can simply set `DOCKER_IP` -environment variable to localhost and skip to [Running tests](#running-tests) section. +environment variable to localhost and skip to [Running tests](#running-tests) section. Ensure that you have +at least 4GiB of memory allocated to the docker engine (This can be set under Preferences > Advanced). ``` export DOCKER_IP=127.0.0.1 diff --git a/integration-tests/docker/tls/generate-expired-client-cert.sh b/integration-tests/docker/tls/generate-expired-client-cert.sh index 71fb8b7f633..dd05847644a 100755 --- a/integration-tests/docker/tls/generate-expired-client-cert.sh +++ b/integration-tests/docker/tls/generate-expired-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" cat < expired_csr.conf [req] diff --git a/integration-tests/docker/tls/generate-good-client-cert.sh b/integration-tests/docker/tls/generate-good-client-cert.sh index e166d090860..895e6c34bad 100755 --- a/integration-tests/docker/tls/generate-good-client-cert.sh +++ b/integration-tests/docker/tls/generate-good-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" cat < csr.conf [req] diff --git a/integration-tests/docker/tls/generate-incorrect-hostname-client-cert.sh b/integration-tests/docker/tls/generate-incorrect-hostname-client-cert.sh index b778aa2aa3b..41a7a7d6bef 100755 --- a/integration-tests/docker/tls/generate-incorrect-hostname-client-cert.sh +++ b/integration-tests/docker/tls/generate-incorrect-hostname-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" # Generate a client cert with an incorrect hostname for testing cat < invalid_hostname_csr.conf diff --git a/integration-tests/docker/tls/generate-invalid-intermediate-client-cert.sh b/integration-tests/docker/tls/generate-invalid-intermediate-client-cert.sh index fc777168325..4744e9f4a8f 100755 --- a/integration-tests/docker/tls/generate-invalid-intermediate-client-cert.sh +++ b/integration-tests/docker/tls/generate-invalid-intermediate-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" cat < invalid_ca_intermediate.conf [req] @@ -89,4 +91,4 @@ cat invalid_ca_intermediate.pem >> invalid_ca_client.pem # Create a Java keystore containing the generated certificate openssl pkcs12 -export -in invalid_ca_client.pem -inkey invalid_ca_client.key -out invalid_ca_client.p12 -name invalid_ca_client -CAfile invalid_ca_intermediate.pem -caname druid-it-root -password pass:druid123 -keytool -importkeystore -srckeystore invalid_ca_client.p12 -srcstoretype PKCS12 -destkeystore invalid_ca_client.jks -deststoretype JKS -srcstorepass druid123 -deststorepass druid123 \ No newline at end of file +keytool -importkeystore -srckeystore invalid_ca_client.p12 -srcstoretype PKCS12 -destkeystore invalid_ca_client.jks -deststoretype JKS -srcstorepass druid123 -deststorepass druid123 diff --git a/integration-tests/docker/tls/generate-to-be-revoked-client-cert.sh b/integration-tests/docker/tls/generate-to-be-revoked-client-cert.sh index effcad5e309..e1d9c6687cc 100755 --- a/integration-tests/docker/tls/generate-to-be-revoked-client-cert.sh +++ b/integration-tests/docker/tls/generate-to-be-revoked-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" # Generate a client cert that will be revoked cat < revoked_csr.conf diff --git a/integration-tests/docker/tls/generate-untrusted-root-client-cert.sh b/integration-tests/docker/tls/generate-untrusted-root-client-cert.sh index c133a5df1ea..b68c66f43be 100755 --- a/integration-tests/docker/tls/generate-untrusted-root-client-cert.sh +++ b/integration-tests/docker/tls/generate-untrusted-root-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" cat < csr_another_root.conf [req] diff --git a/integration-tests/docker/tls/generate-valid-intermediate-client-cert.sh b/integration-tests/docker/tls/generate-valid-intermediate-client-cert.sh index 914a7031100..53e630db021 100755 --- a/integration-tests/docker/tls/generate-valid-intermediate-client-cert.sh +++ b/integration-tests/docker/tls/generate-valid-intermediate-client-cert.sh @@ -15,7 +15,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -export DOCKER_HOST_IP=$(resolveip -s $HOSTNAME) +tls_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +# shellcheck source=set-docker-host-ip.sh +source "$tls_dir/set-docker-host-ip.sh" cat < ca_intermediate.conf [req] @@ -89,4 +91,4 @@ cat ca_intermediate.pem >> intermediate_ca_client.pem # Create a Java keystore containing the generated certificate openssl pkcs12 -export -in intermediate_ca_client.pem -inkey intermediate_ca_client.key -out intermediate_ca_client.p12 -name intermediate_ca_client -CAfile ca_intermediate.pem -caname druid-it-root -password pass:druid123 -keytool -importkeystore -srckeystore intermediate_ca_client.p12 -srcstoretype PKCS12 -destkeystore intermediate_ca_client.jks -deststoretype JKS -srcstorepass druid123 -deststorepass druid123 \ No newline at end of file +keytool -importkeystore -srckeystore intermediate_ca_client.p12 -srcstoretype PKCS12 -destkeystore intermediate_ca_client.jks -deststoretype JKS -srcstorepass druid123 -deststorepass druid123 diff --git a/integration-tests/docker/tls/set-docker-host-ip.sh b/integration-tests/docker/tls/set-docker-host-ip.sh new file mode 100755 index 00000000000..38fe6ae6e39 --- /dev/null +++ b/integration-tests/docker/tls/set-docker-host-ip.sh @@ -0,0 +1,29 @@ +#!/bin/bash -eu + +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +DOCKER_HOST_IP="$(host "$(hostname)" | perl -nle '/has address (.*)/ && print $1')" +if [ -z "$DOCKER_HOST_IP" ]; then + # Mac specific way to get host ip + DOCKER_HOST_IP="$(dscacheutil -q host -a name "$(HOSTNAME)" | perl -nle '/ip_address: (.*)/ && print $1')" +fi + +if [ -z "$DOCKER_HOST_IP" ]; then + >&2 echo "Could not set docker host IP - integration tests can not run" + exit 1 +fi + +export DOCKER_HOST_IP