Search in sources :

Example 1 with SslCertificateEntry

use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.

the class DatabaseServerSslCertificateSyncServiceTest method syncSslCertificateIfNeededTestWhenFailureSslAwsCloudProviderOwnedMismatchingActiveSslRootCertificateInvalidCertificateEntryBlankPem.

@Test
void syncSslCertificateIfNeededTestWhenFailureSslAwsCloudProviderOwnedMismatchingActiveSslRootCertificateInvalidCertificateEntryBlankPem() throws Exception {
    DBStack dbStack = getDBStack(createSslConfig(SslCertificateType.CLOUD_PROVIDER_OWNED, CERT_ID_1));
    dbStack.setCloudPlatform(CloudPlatform.AWS.name());
    setupCloudConnectorMock();
    when(resourceConnector.getDatabaseServerActiveSslRootCertificate(authenticatedContext, databaseStack)).thenReturn(new CloudDatabaseServerSslCertificate(CloudDatabaseServerSslCertificateType.ROOT, CERT_ID_2));
    SslCertificateEntry cert = new SslCertificateEntry(CERT_VERSION, CERT_ID_2, "", x509Cert);
    when(databaseServerSslCertificateConfig.getCertByCloudPlatformAndRegionAndCloudProviderIdentifier(CloudPlatform.AWS.name(), REGION, CERT_ID_2)).thenReturn(cert);
    IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.syncSslCertificateIfNeeded(cloudContext, cloudCredential, dbStack, databaseStack));
    assertThat(illegalStateException).hasMessage(String.format("Blank PEM in SSL certificate with CloudProviderIdentifier \"%s\" for cloud platform \"%s\"", CERT_ID_2, CloudPlatform.AWS.name()));
    verify(dbStackService, never()).save(any(DBStack.class));
}
Also used : DBStack(com.sequenceiq.redbeams.domain.stack.DBStack) CloudDatabaseServerSslCertificate(com.sequenceiq.cloudbreak.cloud.model.database.CloudDatabaseServerSslCertificate) SslCertificateEntry(com.sequenceiq.redbeams.configuration.SslCertificateEntry) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 2 with SslCertificateEntry

use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.

the class AllocateDatabaseServerV4RequestToDBStackConverterTest method conversionTestWhenSslEnabledAndAwsAndSingleCertErrorBlankPem.

@Test
void conversionTestWhenSslEnabledAndAwsAndSingleCertErrorBlankPem() {
    setupMinimalValid(createSslConfigV4Request(SslMode.ENABLED), AWS_CLOUD_PLATFORM);
    when(databaseServerSslCertificateConfig.getNumberOfCertsByCloudPlatformAndRegion(AWS_CLOUD_PLATFORM.name(), REGION)).thenReturn(SINGLE_CERT);
    SslCertificateEntry sslCertificateEntryV3Broken = new SslCertificateEntry(VERSION_3, CLOUD_PROVIDER_IDENTIFIER_V3, "", x509Certificate);
    when(databaseServerSslCertificateConfig.getCertByCloudPlatformAndRegionAndVersion(AWS_CLOUD_PLATFORM.name(), REGION, VERSION_3)).thenReturn(sslCertificateEntryV3Broken);
    IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.convert(allocateRequest, OWNER_CRN));
    assertThat(illegalStateException).hasMessage("Blank PEM in SSL certificate version 3 for cloud platform \"AWS\"");
    verify(databaseServerSslCertificateConfig, never()).getCertsByCloudPlatformAndRegionAndVersions(anyString(), anyString(), any());
}
Also used : SslCertificateEntry(com.sequenceiq.redbeams.configuration.SslCertificateEntry) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 3 with SslCertificateEntry

use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.

the class AllocateDatabaseServerV4RequestToDBStackConverterTest method setUp.

@BeforeEach
public void setUp() {
    ReflectionTestUtils.setField(underTest, FIELD_DB_SERVICE_SUPPORTED_PLATFORMS, Set.of("AWS", "AZURE"));
    ReflectionTestUtils.setField(underTest, FIELD_REDBEAMS_DB_MAJOR_VERSION, REDBEAMS_DB_MAJOR_VERSION);
    ReflectionTestUtils.setField(underTest, FIELD_SSL_ENABLED, true);
    allocateRequest = new AllocateDatabaseServerV4Request();
    networkRequest = new NetworkV4StackRequest();
    allocateRequest.setNetwork(networkRequest);
    databaseServerRequest = new DatabaseServerV4StackRequest();
    allocateRequest.setDatabaseServer(databaseServerRequest);
    securityGroupRequest = new SecurityGroupV4StackRequest();
    databaseServerRequest.setSecurityGroup(securityGroupRequest);
    when(crnUserDetailsService.loadUserByUsername(OWNER_CRN)).thenReturn(getCrnUser());
    when(uuidGeneratorService.randomUuid()).thenReturn("uuid");
    when(accountTagService.list()).thenReturn(new HashMap<>());
    when(uuidGeneratorService.uuidVariableParts(anyInt())).thenReturn("parts");
    when(entitlementService.internalTenant(anyString())).thenReturn(true);
    sslCertificateEntryV2 = new SslCertificateEntry(VERSION_2, CLOUD_PROVIDER_IDENTIFIER_V2, CERT_PEM_V2, x509Certificate);
    sslCertificateEntryV3 = new SslCertificateEntry(VERSION_3, CLOUD_PROVIDER_IDENTIFIER_V3, CERT_PEM_V3, x509Certificate);
    when(databaseServerSslCertificateConfig.getMaxVersionByCloudPlatformAndRegion(anyString(), eq(REGION))).thenReturn(MAX_VERSION);
    when(clock.getCurrentInstant()).thenReturn(NOW);
    when(crnService.createCrn(any(DBStack.class))).thenReturn(CrnTestUtil.getDatabaseServerCrnBuilder().setAccountId("accountid").setResource("1").build());
}
Also used : NetworkV4StackRequest(com.sequenceiq.redbeams.api.endpoint.v4.stacks.NetworkV4StackRequest) DatabaseServerV4StackRequest(com.sequenceiq.redbeams.api.endpoint.v4.stacks.DatabaseServerV4StackRequest) DBStack(com.sequenceiq.redbeams.domain.stack.DBStack) SslCertificateEntry(com.sequenceiq.redbeams.configuration.SslCertificateEntry) AllocateDatabaseServerV4Request(com.sequenceiq.redbeams.api.endpoint.v4.databaseserver.requests.AllocateDatabaseServerV4Request) SecurityGroupV4StackRequest(com.sequenceiq.redbeams.api.endpoint.v4.stacks.SecurityGroupV4StackRequest) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 4 with SslCertificateEntry

use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.

the class AllocateDatabaseServerV4RequestToDBStackConverterTest method conversionTestWhenSslEnabledAndAzureAndTwoCertsErrorVersionMismatch.

@Test
void conversionTestWhenSslEnabledAndAzureAndTwoCertsErrorVersionMismatch() {
    setupMinimalValid(createSslConfigV4Request(SslMode.ENABLED), AZURE_CLOUD_PLATFORM);
    SslCertificateEntry sslCertificateEntryV2Broken = new SslCertificateEntry(VERSION_1, CLOUD_PROVIDER_IDENTIFIER_V2, CERT_PEM_V2, x509Certificate);
    when(databaseServerSslCertificateConfig.getNumberOfCertsByCloudPlatformAndRegion(AZURE_CLOUD_PLATFORM.name(), REGION)).thenReturn(TWO_CERTS);
    when(databaseServerSslCertificateConfig.getCertsByCloudPlatformAndRegionAndVersions(AZURE_CLOUD_PLATFORM.name(), REGION, VERSION_2, VERSION_3)).thenReturn(Set.of(sslCertificateEntryV2Broken, sslCertificateEntryV3));
    IllegalStateException illegalStateException = assertThrows(IllegalStateException.class, () -> underTest.convert(allocateRequest, OWNER_CRN));
    assertThat(illegalStateException).hasMessage("Could not find SSL certificate version 2 for cloud platform \"AZURE\"");
    verify(databaseServerSslCertificateConfig, never()).getCertByCloudPlatformAndRegionAndVersion(anyString(), anyString(), anyInt());
}
Also used : SslCertificateEntry(com.sequenceiq.redbeams.configuration.SslCertificateEntry) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 5 with SslCertificateEntry

use of com.sequenceiq.redbeams.configuration.SslCertificateEntry in project cloudbreak by hortonworks.

the class AllocateDatabaseServerV4RequestToDBStackConverter method findAndValidateCertByVersion.

private SslCertificateEntry findAndValidateCertByVersion(String cloudPlatform, int version, Set<SslCertificateEntry> certs) {
    SslCertificateEntry result = certs.stream().filter(c -> c.getVersion() == version).findFirst().orElse(null);
    validateCert(cloudPlatform, version, result);
    return result;
}
Also used : SslCertificateEntry(com.sequenceiq.redbeams.configuration.SslCertificateEntry)

Aggregations

SslCertificateEntry (com.sequenceiq.redbeams.configuration.SslCertificateEntry)11 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)7 Test (org.junit.jupiter.api.Test)6 DBStack (com.sequenceiq.redbeams.domain.stack.DBStack)4 CloudDatabaseServerSslCertificate (com.sequenceiq.cloudbreak.cloud.model.database.CloudDatabaseServerSslCertificate)3 SslConfig (com.sequenceiq.redbeams.domain.stack.SslConfig)2 AllocateDatabaseServerV4Request (com.sequenceiq.redbeams.api.endpoint.v4.databaseserver.requests.AllocateDatabaseServerV4Request)1 DatabaseServerV4StackRequest (com.sequenceiq.redbeams.api.endpoint.v4.stacks.DatabaseServerV4StackRequest)1 NetworkV4StackRequest (com.sequenceiq.redbeams.api.endpoint.v4.stacks.NetworkV4StackRequest)1 SecurityGroupV4StackRequest (com.sequenceiq.redbeams.api.endpoint.v4.stacks.SecurityGroupV4StackRequest)1 Objects (java.util.Objects)1 Set (java.util.Set)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 MethodSource (org.junit.jupiter.params.provider.MethodSource)1