use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.
the class DatabaseServerSslCertificateSyncServiceTest method syncSslCertificateIfNeededTestWhenFailureSslAwsCloudProviderOwnedMismatchingActiveSslRootCertificateInvalidCertificateEntryBlankPem.
@Test
void syncSslCertificateIfNeededTestWhenFailureSslAwsCloudProviderOwnedMismatchingActiveSslRootCertificateInvalidCertificateEntryBlankPem() throws Exception {
DBStack dbStack = getDBStack(createSslConfig(SslCertificateType.CLOUD_PROVIDER_OWNED, CERT_ID_1));
dbStack.setCloudPlatform(CloudPlatform.AWS.name());
setupCloudConnectorMock();
when(resourceConnector.getDatabaseServerActiveSslRootCertificate(authenticatedContext, databaseStack)).thenReturn(new CloudDatabaseServerSslCertificate(CloudDatabaseServerSslCertificateType.ROOT, CERT_ID_2));
SslCertificateEntry cert = new SslCertificateEntry(CERT_VERSION, CERT_ID_2, "", x509Cert);
when(databaseServerSslCertificateConfig.getCertByCloudPlatformAndRegionAndCloudProviderIdentifier(CloudPlatform.AWS.name(), REGION, CERT_ID_2)).thenReturn(cert);
IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.syncSslCertificateIfNeeded(cloudContext, cloudCredential, dbStack, databaseStack));
assertThat(illegalStateException).hasMessage(String.format("Blank PEM in SSL certificate with CloudProviderIdentifier \"%s\" for cloud platform \"%s\"", CERT_ID_2, CloudPlatform.AWS.name()));
verify(dbStackService, never()).save(any(DBStack.class));
}
use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.
the class AllocateDatabaseServerV4RequestToDBStackConverterTest method conversionTestWhenSslEnabledAndAwsAndSingleCertErrorBlankPem.
@Test
void conversionTestWhenSslEnabledAndAwsAndSingleCertErrorBlankPem() {
setupMinimalValid(createSslConfigV4Request(SslMode.ENABLED), AWS_CLOUD_PLATFORM);
when(databaseServerSslCertificateConfig.getNumberOfCertsByCloudPlatformAndRegion(AWS_CLOUD_PLATFORM.name(), REGION)).thenReturn(SINGLE_CERT);
SslCertificateEntry sslCertificateEntryV3Broken = new SslCertificateEntry(VERSION_3, CLOUD_PROVIDER_IDENTIFIER_V3, "", x509Certificate);
when(databaseServerSslCertificateConfig.getCertByCloudPlatformAndRegionAndVersion(AWS_CLOUD_PLATFORM.name(), REGION, VERSION_3)).thenReturn(sslCertificateEntryV3Broken);
IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.convert(allocateRequest, OWNER_CRN));
assertThat(illegalStateException).hasMessage("Blank PEM in SSL certificate version 3 for cloud platform \"AWS\"");
verify(databaseServerSslCertificateConfig, never()).getCertsByCloudPlatformAndRegionAndVersions(anyString(), anyString(), any());
}
use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.
the class AllocateDatabaseServerV4RequestToDBStackConverterTest method setUp.
@BeforeEach
public void setUp() {
ReflectionTestUtils.setField(underTest, FIELD_DB_SERVICE_SUPPORTED_PLATFORMS, Set.of("AWS", "AZURE"));
ReflectionTestUtils.setField(underTest, FIELD_REDBEAMS_DB_MAJOR_VERSION, REDBEAMS_DB_MAJOR_VERSION);
ReflectionTestUtils.setField(underTest, FIELD_SSL_ENABLED, true);
allocateRequest = new AllocateDatabaseServerV4Request();
networkRequest = new NetworkV4StackRequest();
allocateRequest.setNetwork(networkRequest);
databaseServerRequest = new DatabaseServerV4StackRequest();
allocateRequest.setDatabaseServer(databaseServerRequest);
securityGroupRequest = new SecurityGroupV4StackRequest();
databaseServerRequest.setSecurityGroup(securityGroupRequest);
when(crnUserDetailsService.loadUserByUsername(OWNER_CRN)).thenReturn(getCrnUser());
when(uuidGeneratorService.randomUuid()).thenReturn("uuid");
when(accountTagService.list()).thenReturn(new HashMap<>());
when(uuidGeneratorService.uuidVariableParts(anyInt())).thenReturn("parts");
when(entitlementService.internalTenant(anyString())).thenReturn(true);
sslCertificateEntryV2 = new SslCertificateEntry(VERSION_2, CLOUD_PROVIDER_IDENTIFIER_V2, CERT_PEM_V2, x509Certificate);
sslCertificateEntryV3 = new SslCertificateEntry(VERSION_3, CLOUD_PROVIDER_IDENTIFIER_V3, CERT_PEM_V3, x509Certificate);
when(databaseServerSslCertificateConfig.getMaxVersionByCloudPlatformAndRegion(anyString(), eq(REGION))).thenReturn(MAX_VERSION);
when(clock.getCurrentInstant()).thenReturn(NOW);
when(crnService.createCrn(any(DBStack.class))).thenReturn(CrnTestUtil.getDatabaseServerCrnBuilder().setAccountId("accountid").setResource("1").build());
}
use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.
the class AllocateDatabaseServerV4RequestToDBStackConverterTest method conversionTestWhenSslEnabledAndAzureAndTwoCertsErrorVersionMismatch.
@Test
void conversionTestWhenSslEnabledAndAzureAndTwoCertsErrorVersionMismatch() {
setupMinimalValid(createSslConfigV4Request(SslMode.ENABLED), AZURE_CLOUD_PLATFORM);
SslCertificateEntry sslCertificateEntryV2Broken = new SslCertificateEntry(VERSION_1, CLOUD_PROVIDER_IDENTIFIER_V2, CERT_PEM_V2, x509Certificate);
when(databaseServerSslCertificateConfig.getNumberOfCertsByCloudPlatformAndRegion(AZURE_CLOUD_PLATFORM.name(), REGION)).thenReturn(TWO_CERTS);
when(databaseServerSslCertificateConfig.getCertsByCloudPlatformAndRegionAndVersions(AZURE_CLOUD_PLATFORM.name(), REGION, VERSION_2, VERSION_3)).thenReturn(Set.of(sslCertificateEntryV2Broken, sslCertificateEntryV3));
IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.convert(allocateRequest, OWNER_CRN));
assertThat(illegalStateException).hasMessage("Could not find SSL certificate version 2 for cloud platform \"AZURE\"");
verify(databaseServerSslCertificateConfig, never()).getCertByCloudPlatformAndRegionAndVersion(anyString(), anyString(), anyInt());
}
use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.
the class AllocateDatabaseServerV4RequestToDBStackConverter method findAndValidateCertByVersion.
private SslCertificateEntry findAndValidateCertByVersion(String cloudPlatform, int version, Set<SslCertificateEntry> certs) {
SslCertificateEntry result = certs.stream().filter(c -> c.getVersion() == version).findFirst().orElse(null);
validateCert(cloudPlatform, version, result);
return result;
}
Aggregations