use of com.aws.greengrass.lifecyclemanager.GreengrassService.WINDOWS_USER_KEY in project aws-greengrass-nucleus by aws-greengrass.
the class DeploymentTaskIntegrationTest method GIVEN_a_deployment_with_runwith_config_WHEN_submitted_THEN_runwith_updated.
/**
* Start a service running with a user, then deploy an update to change the user and ensure the correct user stops
* the process and starts the new one.
*/
@Test
// deploy before tests that break services
@Order(9)
void GIVEN_a_deployment_with_runwith_config_WHEN_submitted_THEN_runwith_updated() throws Exception {
((Map) kernel.getContext().getvIfExists(Kernel.SERVICE_TYPE_TO_CLASS_MAP_KEY).get()).put("plugin", GreengrassService.class.getName());
countDownLatch = new CountDownLatch(2);
// Set up stdout listener to capture stdout for verifying users
List<String> stdouts = new CopyOnWriteArrayList<>();
Consumer<GreengrassLogMessage> listener = m -> {
String messageOnStdout = m.getMessage();
if (messageOnStdout != null && messageOnStdout.contains("with user")) {
stdouts.add(messageOnStdout);
countDownLatch.countDown();
}
};
final boolean isWindows = PlatformResolver.isWindows;
final String currentUser = System.getProperty("user.name");
final String posixDefaultUser = "nobody";
final String posixPrivilegedUser = "root";
final String testServiceName = "CustomerAppStartupShutdown";
try (AutoCloseable ignored = TestUtils.createCloseableLogListener(listener)) {
/*
* 1st deployment. Default Config.
*/
Future<DeploymentResult> resultFuture = submitSampleJobDocument(DeploymentTaskIntegrationTest.class.getResource("SampleJobDocumentWithUser_1.json").toURI(), System.currentTimeMillis());
resultFuture.get(10, TimeUnit.SECONDS);
// verify configs
String posixUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, POSIX_USER_KEY));
String windowsUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, WINDOWS_USER_KEY));
assertEquals("nobody", posixUser);
assertEquals(WINDOWS_TEST_UESRNAME, windowsUser);
long memory = Coerce.toLong(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, SYSTEM_RESOURCE_LIMITS_TOPICS, "memory"));
assertEquals(1024000, memory);
double cpus = Coerce.toDouble(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, SYSTEM_RESOURCE_LIMITS_TOPICS, "cpus"));
assertEquals(1.5, cpus);
// verify user
countDownLatch.await(10, TimeUnit.SECONDS);
// Install has RequiresPrivilege. On Windows, expect current user is the privileged user
if (isWindows) {
assertThat(stdouts, hasItem(containsString("installing app with user " + currentUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + WINDOWS_TEST_UESRNAME)));
} else {
assertThat(stdouts, hasItem(containsString("installing app with user " + posixPrivilegedUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + posixDefaultUser)));
}
stdouts.clear();
}
/*
* 2nd deployment. Change user
*/
countDownLatch = new CountDownLatch(3);
// update component to runas the user running the test
String doc = Utils.inputStreamToString(DeploymentTaskIntegrationTest.class.getResource("SampleJobDocumentWithUser_2.json").openStream());
// Set posixUser to currentUser. Set windowsUser to alternative test user
doc = String.format(doc, currentUser, WINDOWS_TEST_UESRNAME_2);
File f = File.createTempFile("user-deployment", ".json");
f.deleteOnExit();
Files.write(f.toPath(), doc.getBytes(StandardCharsets.UTF_8));
try (AutoCloseable ignored = TestUtils.createCloseableLogListener(listener)) {
Future<DeploymentResult> resultFuture = submitSampleJobDocument(f.toURI(), System.currentTimeMillis());
resultFuture.get(DEPLOYMENT_TIMEOUT, TimeUnit.SECONDS);
String posixUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, POSIX_USER_KEY));
String windowsUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, WINDOWS_USER_KEY));
assertEquals(currentUser, posixUser);
assertEquals(WINDOWS_TEST_UESRNAME_2, windowsUser);
countDownLatch.await(10, TimeUnit.SECONDS);
if (isWindows) {
assertThat(stdouts, hasItem(containsString("stopping app with user " + WINDOWS_TEST_UESRNAME)));
assertThat(stdouts, hasItem(containsString("installing app with user " + currentUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + WINDOWS_TEST_UESRNAME_2)));
} else {
assertThat(stdouts, hasItem(containsString("stopping app with user " + posixDefaultUser)));
assertThat(stdouts, hasItem(containsString("installing app with user " + posixPrivilegedUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + currentUser)));
}
stdouts.clear();
}
/*
* 3rd deployment. Set runWith user to null and use default
*/
countDownLatch = new CountDownLatch(3);
// update component to runas the user running the test
try (AutoCloseable ignored = TestUtils.createCloseableLogListener(listener)) {
Future<DeploymentResult> resultFuture = submitSampleJobDocument(DeploymentTaskIntegrationTest.class.getResource("SampleJobDocumentRemovingUser.json").toURI(), System.currentTimeMillis());
resultFuture.get(10, TimeUnit.SECONDS);
String posixUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, POSIX_USER_KEY));
String windowsUser = Coerce.toString(kernel.findServiceTopic(testServiceName).find(RUN_WITH_NAMESPACE_TOPIC, WINDOWS_USER_KEY));
assertThat(posixUser, is(nullValue()));
assertThat(windowsUser, is(nullValue()));
// Assert fall back to runWithDefault
countDownLatch.await(10, TimeUnit.SECONDS);
if (isWindows) {
assertThat(stdouts, hasItem(containsString("stopping app with user " + WINDOWS_TEST_UESRNAME_2)));
assertThat(stdouts, hasItem(containsString("installing app with user " + currentUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + WINDOWS_TEST_UESRNAME)));
} else {
assertThat(stdouts, hasItem(containsString("stopping app with user " + currentUser)));
assertThat(stdouts, hasItem(containsString("installing app with user " + posixPrivilegedUser)));
assertThat(stdouts, hasItem(containsString("starting app with user " + posixDefaultUser)));
}
}
}
Aggregations