Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test: refactor setup and get all tests passing #442

Merged
merged 13 commits into from
Jan 1, 2022
Merged

Test: refactor setup and get all tests passing #442

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
7820628
CI: drop customized Dockerfile
kares Dec 30, 2021
b9e38b4
bring back apt install openssl
kares Dec 30, 2021
70de9ea
Test: fix failure when ECS mode is on (8.x)
kares Dec 30, 2021
138400a
Test: refactor for easier debugging
kares Dec 30, 2021
77c6d46
Temp: only run it spec - debug Ubuntu 8.x fail
kares Dec 30, 2021
6d57bf9
Refactor to using a before(:all) hook
kares Dec 30, 2021
46eebb1
Test: print failures when retry-ing
kares Dec 30, 2021
66eb0ea
proper -subj (second try)
kares Dec 30, 2021
9bf7fea
Temp: debug plugin
kares Dec 30, 2021
3a5e351
restore the it spec working again (on 7.x)
kares Dec 30, 2021
35f5c83
revert temp LOG_LEVEL=debug
kares Dec 30, 2021
8adfc30
will need to keep using -v1 algorithm
kares Dec 30, 2021
a73f353
revert back to running all specs
kares Dec 30, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 0 additions & 23 deletions .ci/Dockerfile
View file
Open in desktop

This file was deleted.

7 changes: 4 additions & 3 deletions .ci/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ env

set -ex

bundle exec rspec spec
bundle exec rake test:integration:setup
bundle exec rspec spec --tag integration -fd
jruby -rbundler/setup -S rspec -fd

jruby -rbundler/setup -S rake test:integration:setup
jruby -rbundler/setup -S rspec spec --tag integration -fd
7 changes: 7 additions & 0 deletions .ci/setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/bin/bash

if [ $(command -v apt) ]; then
sudo apt install -y openssl
else
sudo yum install -y openssl
fi
9 changes: 8 additions & 1 deletion spec/inputs/beats_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,14 @@
end

context "tls meta-data" do
let(:config) { super().merge("host" => host, "ssl_peer_metadata" => true, "ssl_certificate_authorities" => [ certificate.ssl_cert ]) }
let(:config) do
super().merge(
"host" => host,
"ssl_peer_metadata" => true,
"ssl_certificate_authorities" => [ certificate.ssl_cert ],
"ecs_compatibility" => 'disabled'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we don't have a test case for tls metadata in ecs mode, isn't it?

Copy link
Contributor Author

@kares kares Dec 30, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

might be elsewhere - recall writing this spec as specifically guarding against a NPE regression,
the bug surfaced regardless of ecs_compatibility and the test's intention isn't verifying ECS vs non-ECS field behavior (I understand it might seem so on first sight).

)
end
let(:host) { "192.168.1.20" }
let(:port) { 9002 }

Expand Down
49 changes: 28 additions & 21 deletions spec/integration/filebeat_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,27 +177,34 @@
# Refactor this to use Flores's PKI instead of openssl command line
# see: https://github.com/jordansissel/ruby-flores/issues/7
context "with a passphrase" do
let!(:temporary_directory) { Stud::Temporary.pathname }
let(:certificate_key_file) { ::File.join(temporary_directory, "certificate.key") }
let(:certificate_key_file_pkcs8) { ::File.join(temporary_directory, "certificate.pkcs8.key") }
let(:certificate_file) { ::File.join(temporary_directory, "certificate.crt") }
let(:passphrase) { "foobar" }
let(:beats) {
# Since we are using a shared context, this not obvious to make sure the openssl command
# is run before starting beats so we do it just before initializing it.
FileUtils.mkdir_p(temporary_directory)
openssl_cmd = "openssl req -x509 -batch -newkey rsa:2048 -keyout #{temporary_directory}/certificate.key -out #{temporary_directory}/certificate.crt -subj /CN=localhost -passout pass:#{passphrase}"
system(openssl_cmd)
convert_key_cmd = "openssl pkcs8 -topk8 -in #{temporary_directory}/certificate.key -out #{certificate_key_file_pkcs8} -passin pass:#{passphrase} -passout pass:#{passphrase}"
system(convert_key_cmd)

LogStash::Inputs::Beats.new(input_config)
}
let(:input_config) {
super().merge({
"ssl_key_passphrase" => passphrase,
"ssl_key" => certificate_key_file_pkcs8
})}

before(:all) do
@passphrase = "foobar".freeze

FileUtils.mkdir_p temporary_directory = Stud::Temporary.pathname

cert_key = ::File.join(temporary_directory, "certificate.key")
@cert_pub = ::File.join(temporary_directory, "certificate.crt")
@cert_key_pkcs8 = ::File.join(temporary_directory, "certificate.key.pkcs8")

cmd = "openssl req -x509 -batch -newkey rsa:2048 -keyout #{cert_key} -out #{@cert_pub} -passout pass:#{@passphrase} -subj \"/C=EU/O=Logstash/CN=localhost\""
unless system(cmd)
fail "failed to run openssl command: #{$?} \n#{cmd}"
end

# NOTE: CentOS 7 base image (LS < 7.17) uses OpenSSL 1.0 while later is using Ubuntu 20.04 with OpenSSL 1.1.1
# the default algorithm for `openssl pkcs8 -topk8` changed to -v2 which Java does not support (see GH-443)
cmd = "openssl pkcs8 -topk8 -in #{cert_key} -out #{@cert_key_pkcs8} -v1 PBE-SHA1-RC2-128 -passin pass:#{@passphrase} -passout pass:#{@passphrase}"
unless system(cmd)
fail "failed to run openssl command: #{$?} \n#{cmd}"
end
end

let(:certificate_authorities) { [ @cert_pub ] }

let(:input_config) do
super().merge("ssl_key_passphrase" => @passphrase, "ssl_key" => @cert_key_pkcs8, "ssl_certificate" => @cert_pub)
end

include_examples "send events"
end
Expand Down
1 change: 1 addition & 0 deletions spec/support/integration_shared_context.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@
begin
beats.run(queue)
rescue => e
warn e.inspect if $VERBOSE
retry unless beats.stop?
end
end
Expand Down