This is an automated email from the ASF dual-hosted git repository.
engelen pushed a commit to branch 1.0.x
in repository https://gitbox.apache.org/repos/asf/pekko.git
The following commit(s) were added to refs/heads/1.0.x by this push:
new 2b0d8df896 add test for netty ssl cluster (#1861)
2b0d8df896 is described below
commit 2b0d8df8969ee1e1c8c6139d4ee700664d038416
Author: PJ Fanning <[email protected]>
AuthorDate: Thu May 22 15:00:09 2025 +0100
add test for netty ssl cluster (#1861)
* add test for netty ssl cluster
* Update keystore.readme
* ubuntu 20 no longer supported by GitHub CI
---
.github/workflows/binary-compatibility-checks.yml | 2 +-
.github/workflows/build-test-prValidation.yml | 2 +-
.github/workflows/generate-doc-check.yml | 2 +-
.github/workflows/headers.yml | 2 +-
.github/workflows/link-validator.yml | 2 +-
.github/workflows/nightly-builds-aeron.yml | 2 +-
.github/workflows/nightly-builds-latest-jdks.yml | 6 +-
.github/workflows/nightly-builds.yml | 6 +-
.github/workflows/publish-1.0-docs.yml | 2 +-
.github/workflows/publish-nightly.yml | 2 +-
.github/workflows/scala3-build.yml | 2 +-
.github/workflows/scala3-compile.yml | 2 +-
.github/workflows/timing-tests.yml | 2 +-
cluster/src/main/resources/reference.conf | 2 +-
cluster/src/test/resources/keystore | Bin 0 -> 2429 bytes
cluster/src/test/resources/keystore.readme | 4 +
cluster/src/test/resources/truststore | Bin 0 -> 1206 bytes
.../scala/org/apache/pekko/cluster/ClusterJoinSpec | 92 +++++++++++++++++++++
docs/src/main/paradox/project/migration-guides.md | 1 +
19 files changed, 115 insertions(+), 18 deletions(-)
diff --git a/.github/workflows/binary-compatibility-checks.yml
b/.github/workflows/binary-compatibility-checks.yml
index 3629855d88..161262b45a 100644
--- a/.github/workflows/binary-compatibility-checks.yml
+++ b/.github/workflows/binary-compatibility-checks.yml
@@ -12,7 +12,7 @@ permissions: {}
jobs:
check-binary-compatibility:
name: Check / Binary Compatibility
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
diff --git a/.github/workflows/build-test-prValidation.yml
b/.github/workflows/build-test-prValidation.yml
index b3dfebb95c..75374265d7 100644
--- a/.github/workflows/build-test-prValidation.yml
+++ b/.github/workflows/build-test-prValidation.yml
@@ -40,7 +40,7 @@ jobs:
javafmtCheckAll
pull-request-validation:
name: Check / Tests
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
diff --git a/.github/workflows/generate-doc-check.yml
b/.github/workflows/generate-doc-check.yml
index 22e9c65130..fd41ce17f1 100644
--- a/.github/workflows/generate-doc-check.yml
+++ b/.github/workflows/generate-doc-check.yml
@@ -27,7 +27,7 @@ permissions:
jobs:
generate-doc-check:
name: Generate doc check
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
- name: Checkout
diff --git a/.github/workflows/headers.yml b/.github/workflows/headers.yml
index 278d69e536..6b9a0811c9 100644
--- a/.github/workflows/headers.yml
+++ b/.github/workflows/headers.yml
@@ -8,7 +8,7 @@ permissions: {}
jobs:
check-headers:
name: Check headers
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4
diff --git a/.github/workflows/link-validator.yml
b/.github/workflows/link-validator.yml
index 53142fd6dd..cdaaf7c53f 100644
--- a/.github/workflows/link-validator.yml
+++ b/.github/workflows/link-validator.yml
@@ -10,7 +10,7 @@ on:
jobs:
validate-links:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
- name: Checkout
diff --git a/.github/workflows/nightly-builds-aeron.yml
b/.github/workflows/nightly-builds-aeron.yml
index 1e9c5b897c..2311e743e5 100644
--- a/.github/workflows/nightly-builds-aeron.yml
+++ b/.github/workflows/nightly-builds-aeron.yml
@@ -11,7 +11,7 @@ jobs:
pekko-artery-aeron-tests:
name: Pekko Artery Aeron Tests
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
diff --git a/.github/workflows/nightly-builds-latest-jdks.yml
b/.github/workflows/nightly-builds-latest-jdks.yml
index 16221aec9b..e11c9a01f6 100644
--- a/.github/workflows/nightly-builds-latest-jdks.yml
+++ b/.github/workflows/nightly-builds-latest-jdks.yml
@@ -8,7 +8,7 @@ permissions: {}
jobs:
pekko-cluster-metrics-sigar:
name: Pekko Cluster Metrics Test with Sigar
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
- name: Checkout
@@ -58,7 +58,7 @@ jobs:
pekko-classic-remoting-tests:
name: Pekko Classic Remoting Tests
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
@@ -102,7 +102,7 @@ jobs:
jdk-nightly-build:
name: JDK ${{ matrix.javaVersion }} / Scala ${{ matrix.scalaVersion }}
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
diff --git a/.github/workflows/nightly-builds.yml
b/.github/workflows/nightly-builds.yml
index 7dcb57bfeb..9d02087415 100644
--- a/.github/workflows/nightly-builds.yml
+++ b/.github/workflows/nightly-builds.yml
@@ -10,7 +10,7 @@ permissions: {}
jobs:
pekko-cluster-metrics-sigar:
name: Pekko Cluster Metrics Test with Sigar
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
- name: Checkout
@@ -76,7 +76,7 @@ jobs:
pekko-classic-remoting-tests:
name: Pekko Classic Remoting Tests
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
@@ -136,7 +136,7 @@ jobs:
jdk-nightly-build:
name: JDK ${{ matrix.javaVersion }} / Scala ${{ matrix.scalaVersion }}
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
fail-fast: false
diff --git a/.github/workflows/publish-1.0-docs.yml
b/.github/workflows/publish-1.0-docs.yml
index bd8dce306e..d69cf823ed 100644
--- a/.github/workflows/publish-1.0-docs.yml
+++ b/.github/workflows/publish-1.0-docs.yml
@@ -28,7 +28,7 @@ permissions:
jobs:
publish:
name: Publish 1.0 docs
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
# TODO we will need to change to use a release tag in future
diff --git a/.github/workflows/publish-nightly.yml
b/.github/workflows/publish-nightly.yml
index c1dfa56d8b..e6acc5456c 100644
--- a/.github/workflows/publish-nightly.yml
+++ b/.github/workflows/publish-nightly.yml
@@ -30,7 +30,7 @@ permissions:
jobs:
publish-nightly:
name: Publish nightly
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
- name: Checkout
diff --git a/.github/workflows/scala3-build.yml
b/.github/workflows/scala3-build.yml
index 18f7c3e433..b803a851f0 100644
--- a/.github/workflows/scala3-build.yml
+++ b/.github/workflows/scala3-build.yml
@@ -15,7 +15,7 @@ concurrency:
jobs:
test:
name: Test
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
matrix:
diff --git a/.github/workflows/scala3-compile.yml
b/.github/workflows/scala3-compile.yml
index 65c1b2189a..4b4a58b86e 100644
--- a/.github/workflows/scala3-compile.yml
+++ b/.github/workflows/scala3-compile.yml
@@ -13,7 +13,7 @@ concurrency:
jobs:
compile:
name: Compile
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
strategy:
matrix:
diff --git a/.github/workflows/timing-tests.yml
b/.github/workflows/timing-tests.yml
index 1c60337ceb..d540e20455 100644
--- a/.github/workflows/timing-tests.yml
+++ b/.github/workflows/timing-tests.yml
@@ -11,7 +11,7 @@ jobs:
pekko-timing-sensitive-tests:
name: Pekko Tests taggedAs TimingTest
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-22.04
if: github.repository == 'apache/pekko'
steps:
diff --git a/cluster/src/main/resources/reference.conf
b/cluster/src/main/resources/reference.conf
index d2616eebd4..78d989321f 100644
--- a/cluster/src/main/resources/reference.conf
+++ b/cluster/src/main/resources/reference.conf
@@ -325,7 +325,7 @@ pekko {
"socksNonProxyHosts", "http.nonProxyHosts", "ftp.nonProxyHosts",
"pekko.remote.secure-cookie",
"pekko.remote.classic.netty.ssl.security",
- # Pre 2.6 path, keep around to avoid sending things misconfigured
with old paths
+ # Pre Akka 2.6 path, keep around to avoid sending things
misconfigured with old paths
"pekko.remote.netty.ssl.security",
"pekko.remote.artery.ssl"
]
diff --git a/cluster/src/test/resources/keystore
b/cluster/src/test/resources/keystore
new file mode 100644
index 0000000000..7685885383
Binary files /dev/null and b/cluster/src/test/resources/keystore differ
diff --git a/cluster/src/test/resources/keystore.readme
b/cluster/src/test/resources/keystore.readme
new file mode 100644
index 0000000000..6080c21ccc
--- /dev/null
+++ b/cluster/src/test/resources/keystore.readme
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: Apache-2.0
+
+The keystore and truststore are copies of the remote/src/test/resources files.
+There is a Makefile in remote/src/test/resources that describes how to create
new keystore and truststore.
diff --git a/cluster/src/test/resources/truststore
b/cluster/src/test/resources/truststore
new file mode 100644
index 0000000000..8e0af84787
Binary files /dev/null and b/cluster/src/test/resources/truststore differ
diff --git a/cluster/src/test/scala/org/apache/pekko/cluster/ClusterJoinSpec
b/cluster/src/test/scala/org/apache/pekko/cluster/ClusterJoinSpec
new file mode 100644
index 0000000000..d7abdbade5
--- /dev/null
+++ b/cluster/src/test/scala/org/apache/pekko/cluster/ClusterJoinSpec
@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.pekko.cluster
+
+import com.typesafe.config.{ Config, ConfigFactory }
+
+import org.apache.pekko
+import pekko.testkit.{ LongRunningTest, PekkoSpec }
+
+object ClusterJoinSpec {
+
+ import PekkoSpec._
+
+ val baseConfig: Config =
+ ConfigFactory.parseString("""
+ pekko.actor.provider = "cluster"
+ pekko.coordinated-shutdown.terminate-actor-system = on
+
+ pekko.remote.artery.canonical.port = 0
+ pekko.remote.classic.netty.tcp.port = 0
+ pekko.remote.artery.advanced.aeron.idle-cpu-level = 3
+
+ pekko.cluster.jmx.multi-mbeans-in-same-jvm = on
+ pekko.cluster.configuration-compatibility-check.enforce-on-join = off""")
+
+
+ val configWithNetty: Config =
+ ConfigFactory.parseString("""
+ pekko.remote.artery.enabled = false
+ pekko.remote.classic {
+ enabled-transports = ["pekko.remote.classic.netty.tcp"]
+ }
+ """).withFallback(baseConfig)
+
+ val configWithNettySsl: Config =
+ ConfigFactory.parseString(s"""
+ pekko.remote.classic {
+ enabled-transports = ["pekko.remote.classic.netty.ssl"]
+ netty.ssl.hostname = "localhost"
+ netty.ssl.port = 0
+ netty.ssl.security = {
+ key-store = "${resourcePath("keystore")}"
+ trust-store = "${resourcePath("truststore")}"
+ key-store-password = "changeme"
+ key-password = "changeme"
+ trust-store-password = "changeme"
+ protocol = "TLSv1.2"
+ enabled-algorithms = [TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
+ }
+ }
+ """).withFallback(configWithNetty)
+}
+
+class ClusterJoinSpec extends PekkoSpec with ClusterTestKit {
+
+ import ClusterJoinSpec._
+
+ "Cluster Forming" must {
+
+ "allow a cluster with just pekko nodes (netty ssl)" taggedAs
LongRunningTest in {
+ val clusterTestUtil = new ClusterTestUtil(system.name)
+ try {
+ // create the first node with the "pekko" protocol
+ clusterTestUtil.newActorSystem(configWithPekkoNettySsl)
+
+ // have a node using the "pekko" protocol join
+ val joiningNode =
clusterTestUtil.newActorSystem(configWithPekkoNettySsl)
+ clusterTestUtil.formCluster()
+
+ awaitCond(clusterTestUtil.isMemberUp(joiningNode), message = "awaiting
joining node to be 'Up'")
+ } finally {
+ clusterTestUtil.shutdownAll()
+ }
+ }
+
+ }
+}
diff --git a/docs/src/main/paradox/project/migration-guides.md
b/docs/src/main/paradox/project/migration-guides.md
index 2887a98216..97e78aaadf 100644
--- a/docs/src/main/paradox/project/migration-guides.md
+++ b/docs/src/main/paradox/project/migration-guides.md
@@ -19,6 +19,7 @@ These migration notes are designed for users migrating from
Akka 2.6 to Pekko 1.
* The Pekko node URLs use different URL schemes.
* `pekko://` instead of `akka://`
* `pekko.tcp://` instead of `akka.tcp://`
+ * `pekko.ssl.tcp://` instead of `akka.ssl.tcp://`
* We have changed the default ports used by the pekko-remote module.
* With @ref:[Classic Remoting](../remoting.md), Akka defaults to 2552,
while Pekko defaults to 7355.
* With @ref:[Artery Remoting](../remoting-artery.md), Akka defaults to
25520, while Pekko defaults to 17355.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
