class CertificateTest(unittest.TestCase): @classmethod def setUpClass(cls): print(f"SetUp {cls.__name__}") # We can't use start-test-env. because it only mounts ./ and # doesn't work with --build_ouput-directory cls.test_environment = \ ExaslctTestEnvironment( cls, utils.INTEGRATION_TEST_DOCKER_ENVIRONMENT_DEFAULT_BIN, clean_images_at_close=False) cls.spawned_docker_test_environments = None if db_version_supports_custom_certificates(check_db_version_from_env()): # Important: The test environment will create a hostname consisting of a prefix + the class name + # the docker environment in the following parameter # However, host name length is limited to 63 characters. A the class name itself already creates # a unique environment, we must keep the parameter empty. cls.docker_environment_name = "" cls.spawned_docker_test_environments = \ cls.test_environment.spawn_docker_test_environments(cls.docker_environment_name, additional_parameter=["--deactivate-database-setup", "--create-certificates"]) @classmethod def tearDownClass(cls): utils.close_environments(cls.spawned_docker_test_environments, cls.test_environment) @unittest.skipIf(not db_version_supports_custom_certificates(check_db_version_from_env()), "Database not supported") def test_certificate(self): on_host_docker_environment = self.spawned_docker_test_environments.on_host_docker_environment with ContextDockerClient() as docker_client: test_container = docker_client.containers.get(f"test_container_{on_host_docker_environment.name}") host_name = f"{on_host_docker_environment.environment_info.database_info.container_info.container_name}." \ f"{on_host_docker_environment.environment_info.network_info.network_name}" db_port = f"{on_host_docker_environment.environment_info.database_info.db_port}" openssl_check_cmd = f"openssl s_client -connect {host_name}:{db_port}" print(f"OpenSSL cmd:{openssl_check_cmd}") exit_code, output = test_container.exec_run(openssl_check_cmd) print(f"fOpenSSL out:{output}") self.assertEqual(exit_code, 0) log = output.decode("utf-8") expected_subject = f"subject=C = XX, ST = N/A, L = N/A, O = Self-signed certificate, " \ f"CN = {host_name}" self.assertIn(expected_subject, log, "Certificate check")
def create_ssl_certificates(self): if not db_version_supports_custom_certificates( self.docker_db_image_version): raise ValueError( "Minimal supported Database with custom certificates is '7.0.6'" ) return \ self.create_child_task_with_common_params( CreateSSLCertificatesTask, environment_name=self.environment_name, test_container_name=self.test_container_name, db_container_name=self.db_container_name, network_name=self.network_name, docker_runtime=self.docker_runtime, volume_name=self.certificate_volume_name, reuse=self.reuse_database or self.reuse_test_container, no_cleanup_after_success=self.no_database_cleanup_after_success or self.no_test_container_cleanup_after_success, no_cleanup_after_failure=self.no_database_cleanup_after_failure or self.no_test_container_cleanup_after_failure, )
def setUpClass(cls): print(f"SetUp {cls.__name__}") # We can't use start-test-env. because it only mounts ./ and # doesn't work with --build_ouput-directory cls.test_environment = \ ExaslctTestEnvironment( cls, utils.INTEGRATION_TEST_DOCKER_ENVIRONMENT_DEFAULT_BIN, clean_images_at_close=False) cls.spawned_docker_test_environments = None if db_version_supports_custom_certificates(check_db_version_from_env()): # Important: The test environment will create a hostname consisting of a prefix + the class name + # the docker environment in the following parameter # However, host name length is limited to 63 characters. A the class name itself already creates # a unique environment, we must keep the parameter empty. cls.docker_environment_name = "" cls.spawned_docker_test_environments = \ cls.test_environment.spawn_docker_test_environments(cls.docker_environment_name, additional_parameter=["--deactivate-database-setup", "--create-certificates"])
def test_default(self): self.assertTrue(db_version_supports_custom_certificates("default"))
def test_7_1_3_d_1(self): self.assertTrue(db_version_supports_custom_certificates("7.1.3-d1"))
def test_6_0_0_d_1(self): self.assertFalse(db_version_supports_custom_certificates("6.0.0-d1"))
def test_7_0_14(self): self.assertTrue(db_version_supports_custom_certificates("7.0.14"))
def test_7_0_5(self): self.assertFalse(db_version_supports_custom_certificates("7.0.5"))
def test_none(self): self.assertTrue(db_version_supports_custom_certificates(None))