This is an automated email from the ASF dual-hosted git repository.
hemant pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ozone.git
The following commit(s) were added to refs/heads/master by this push:
new 10e75695d9 HDDS-9286. Migrate TestSecureOzoneCluster to JUnit5 (#5296)
10e75695d9 is described below
commit 10e75695d9b3bdad03270b362fbd6f7b89e8c83e
Author: Doroszlai, Attila <[email protected]>
AuthorDate: Fri Sep 15 19:04:53 2023 +0200
HDDS-9286. Migrate TestSecureOzoneCluster to JUnit5 (#5296)
---
.../hadoop/ozone/TestSecureOzoneCluster.java | 103 ++++++++++-----------
1 file changed, 48 insertions(+), 55 deletions(-)
diff --git
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/TestSecureOzoneCluster.java
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/TestSecureOzoneCluster.java
index 4fcd463366..7a590adbcf 100644
---
a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/TestSecureOzoneCluster.java
+++
b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/TestSecureOzoneCluster.java
@@ -42,7 +42,6 @@ import java.util.concurrent.Callable;
import org.apache.commons.validator.routines.DomainValidator;
import org.apache.hadoop.hdds.HddsConfigKeys;
-import org.apache.hadoop.hdds.annotation.InterfaceAudience;
import org.apache.hadoop.hdds.conf.DefaultConfigManager;
import org.apache.hadoop.hdds.conf.OzoneConfiguration;
import org.apache.hadoop.hdds.protocol.proto.HddsProtos;
@@ -150,6 +149,8 @@ import static
org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_S3_GPRC_SERVER_EN
import static org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_TRANSPORT_CLASS;
import static
org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.TOKEN_EXPIRED;
import static
org.apache.hadoop.security.UserGroupInformation.AuthenticationMethod.KERBEROS;
+
+import org.apache.ozone.test.tag.Flaky;
import org.apache.ratis.protocol.ClientId;
import org.apache.ratis.util.ExitUtils;
import org.bouncycastle.asn1.x500.RDN;
@@ -157,27 +158,25 @@ import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.junit.After;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotEquals;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThrows;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Ignore;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
-import org.junit.rules.Timeout;
+import org.junit.jupiter.api.AfterEach;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.Timeout;
+import org.junit.jupiter.api.io.TempDir;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import static org.mockito.ArgumentMatchers.anyObject;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@@ -186,19 +185,16 @@ import static org.slf4j.event.Level.INFO;
/**
* Test class to for security enabled Ozone cluster.
*/
[email protected]
-public final class TestSecureOzoneCluster {
+@Timeout(80)
+final class TestSecureOzoneCluster {
private static final String COMPONENT = "om";
private static final String OM_CERT_SERIAL_ID = "9879877970576";
private static final Logger LOG = LoggerFactory
.getLogger(TestSecureOzoneCluster.class);
- @Rule
- public Timeout timeout = Timeout.seconds(80);
-
- @Rule
- public TemporaryFolder folder = new TemporaryFolder();
+ @TempDir
+ private File tempDir;
private MiniKdc miniKdc;
private OzoneConfiguration conf;
@@ -221,7 +217,7 @@ public final class TestSecureOzoneCluster {
private int certGraceTime = 10 * 1000; // 10s
private int delegationTokenMaxTime = 9 * 1000; // 9s
- @Before
+ @BeforeEach
public void init() {
try {
conf = new OzoneConfiguration();
@@ -244,7 +240,7 @@ public final class TestSecureOzoneCluster {
DefaultMetricsSystem.setMiniClusterMode(true);
ExitUtils.disableSystemExit();
- final String path = folder.newFolder().toString();
+ final String path = tempDir.getAbsolutePath();
omMetaDirPath = Paths.get(path, "om-meta");
conf.set(OZONE_METADATA_DIRS, omMetaDirPath.toString());
conf.setBoolean(OZONE_SECURITY_ENABLED_KEY, true);
@@ -261,7 +257,7 @@ public final class TestSecureOzoneCluster {
conf.setLong(OMConfigKeys.DELEGATION_TOKEN_MAX_LIFETIME_KEY,
delegationTokenMaxTime);
- workDir = GenericTestUtils.getTestDir(getClass().getSimpleName());
+ workDir = new File(tempDir, "workdir");
clusterId = UUID.randomUUID().toString();
scmId = UUID.randomUUID().toString();
omId = UUID.randomUUID().toString();
@@ -276,7 +272,7 @@ public final class TestSecureOzoneCluster {
}
}
- @After
+ @AfterEach
public void stop() {
try {
stopMiniKdc();
@@ -405,7 +401,7 @@ public final class TestSecureOzoneCluster {
IOException ioException = assertThrows(IOException.class,
securityClient::getCACertificate);
assertTrue(ioException.getMessage().contains(cannotAuthMessage));
- assertThrows(IOException.class,
+ ioException = assertThrows(IOException.class,
() -> securityClient.getCertificate("1"));
assertTrue(ioException.getMessage().contains(cannotAuthMessage));
}
@@ -452,8 +448,7 @@ public final class TestSecureOzoneCluster {
}
private void initSCM() throws IOException {
- final String path = folder.newFolder().toString();
- Path scmPath = Paths.get(path, "scm-meta");
+ Path scmPath = new File(tempDir, "scm-meta").toPath();
Files.createDirectories(scmPath);
conf.set(OZONE_METADATA_DIRS, scmPath.toString());
@@ -598,8 +593,8 @@ public final class TestSecureOzoneCluster {
IOException ioException = assertThrows(IOException.class,
() -> unsecureClient.listAllVolumes(null, null, 0));
assertTrue(ioException.getMessage().contains(exMessage));
- assertEquals("There should be no retry on AccessControlException", 1,
- StringUtils.countMatches(logs.getOutput(), exMessage));
+ assertEquals(1, StringUtils.countMatches(logs.getOutput(), exMessage),
+ "There should be no retry on AccessControlException");
}
private void generateKeyPair() throws Exception {
@@ -958,7 +953,7 @@ public final class TestSecureOzoneCluster {
.build();
SCMSecurityProtocolClientSideTranslatorPB scmClient =
mock(SCMSecurityProtocolClientSideTranslatorPB.class);
- when(scmClient.getOMCertChain(anyObject(), anyString()))
+ when(scmClient.getOMCertChain(any(), anyString()))
.thenReturn(responseProto);
try (OMCertificateClient client =
@@ -989,7 +984,7 @@ public final class TestSecureOzoneCluster {
.setX509Certificate(pemCert)
.setX509CACertificate(pemCert)
.build();
- when(scmClient.getOMCertChain(anyObject(), anyString()))
+ when(scmClient.getOMCertChain(any(), anyString()))
.thenReturn(responseProto);
String id2 = newCertHolder.getSerialNumber().toString();
@@ -1043,7 +1038,7 @@ public final class TestSecureOzoneCluster {
.SCMGetCertResponseProto.ResponseCode.success)
.setX509Certificate(pemCert)
.build();
- when(scmClient.getOMCertChain(anyObject(), anyString()))
+ when(scmClient.getOMCertChain(any(), anyString()))
.thenReturn(responseProto);
try (OMCertificateClient client =
@@ -1055,19 +1050,16 @@ public final class TestSecureOzoneCluster {
// check that new cert ID should not equal to current cert ID
String certId1 = newCertHolder.getSerialNumber().toString();
- Assert.assertFalse(certId1.equals(
- client.getCertificate().getSerialNumber().toString()));
+ assertNotEquals(certId1,
+ client.getCertificate().getSerialNumber().toString());
// certificate failed to renew, client still hold the old expired cert.
Thread.sleep(certificateLifetime * 1000);
- Assert.assertTrue(certId.equals(
- client.getCertificate().getSerialNumber().toString()));
- try {
- client.getCertificate().checkValidity();
- } catch (Exception e) {
- Assert.assertTrue(e instanceof CertificateExpiredException);
- }
- Assert.assertTrue(omLogs.getOutput().contains(
+ assertEquals(certId,
+ client.getCertificate().getSerialNumber().toString());
+ assertThrows(CertificateExpiredException.class,
+ () -> client.getCertificate().checkValidity());
+ assertTrue(omLogs.getOutput().contains(
"Error while signing and storing SCM signed certificate."));
// provide a new valid SCMGetCertResponseProto
@@ -1080,7 +1072,7 @@ public final class TestSecureOzoneCluster {
.setX509Certificate(pemCert)
.setX509CACertificate(pemCert)
.build();
- when(scmClient.getOMCertChain(anyObject(), anyString()))
+ when(scmClient.getOMCertChain(any(), anyString()))
.thenReturn(responseProto);
String certId2 = newCertHolder.getSerialNumber().toString();
@@ -1096,7 +1088,7 @@ public final class TestSecureOzoneCluster {
* Test the directory rollback failure case.
*/
@Test
- @Ignore("Run it locally since it will terminate the process.")
+ @Disabled("Run it locally since it will terminate the process.")
public void testCertificateRotationUnRecoverableFailure() throws Exception {
LogCapturer omLogs = LogCapturer.captureLogs(OzoneManager.getLogger());
OMStorage omStorage = new OMStorage(conf);
@@ -1129,9 +1121,9 @@ public final class TestSecureOzoneCluster {
DNCertificateClient mockClient = mock(DNCertificateClient.class);
when(mockClient.getCertificate()).thenReturn(
CertificateCodec.getX509Certificate(newCertHolder));
- when(mockClient.timeBeforeExpiryGracePeriod(anyObject()))
+ when(mockClient.timeBeforeExpiryGracePeriod(any()))
.thenReturn(Duration.ZERO);
- when(mockClient.renewAndStoreKeyAndCertificate(anyObject())).thenThrow(
+ when(mockClient.renewAndStoreKeyAndCertificate(any())).thenThrow(
new CertificateException("renewAndStoreKeyAndCert failed ",
CertificateException.ErrorCode.ROLLBACK_ERROR));
@@ -1151,6 +1143,7 @@ public final class TestSecureOzoneCluster {
* Tests delegation token renewal after a certificate renew.
*/
@Test
+ @Flaky("HDDS-8622")
public void testDelegationTokenRenewCrossCertificateRenew() throws Exception
{
try {
// Setup secure OM for start.
@@ -1230,7 +1223,7 @@ public final class TestSecureOzoneCluster {
* Test functionality to get SCM signed certificate for OM.
*/
@Test
- @Ignore("HDDS-8764")
+ @Disabled("HDDS-8764")
public void testOMGrpcServerCertificateRenew() throws Exception {
initSCM();
try {
@@ -1302,7 +1295,7 @@ public final class TestSecureOzoneCluster {
ServiceInfoEx serviceInfoEx = client.getObjectStore()
.getClientProxy().getOzoneManagerClient().getServiceInfo();
- Assert.assertTrue(serviceInfoEx.getCaCertificate().equals(
+ assertTrue(serviceInfoEx.getCaCertificate().equals(
CertificateCodec.getPEMEncodedString(caCert)));
// Wait for OM certificate to renewed
@@ -1314,7 +1307,7 @@ public final class TestSecureOzoneCluster {
// rerun the command using old client, it should succeed
serviceInfoEx = client.getObjectStore()
.getClientProxy().getOzoneManagerClient().getServiceInfo();
- Assert.assertTrue(serviceInfoEx.getCaCertificate().equals(
+ assertTrue(serviceInfoEx.getCaCertificate().equals(
CertificateCodec.getPEMEncodedString(caCert)));
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
