diff options
author | Jon Marius Venstad <jonmv@users.noreply.github.com> | 2023-04-24 10:41:39 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-04-24 10:41:39 +0200 |
commit | 3c409bf97a972757066599b63f7127c80ebee6f9 (patch) | |
tree | 80b00de89870b3bc2c325fd0c14a0dfc9709eaa4 /controller-server/src/test | |
parent | cbc9101ce4f895b665b0e9a25c63f0ab7c5a7577 (diff) | |
parent | aa2a46e9043dbd7974f4eb3b291822bab94cd94c (diff) |
Merge pull request #26823 from vespa-engine/hmusum/fail-deployment-id-certificate-file-is-missing
Fail deployment if no certificate file exists in application package
Diffstat (limited to 'controller-server/src/test')
2 files changed, 22 insertions, 4 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java index 7f578d3017e..e915a204e4b 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java @@ -5,7 +5,6 @@ import com.yahoo.config.application.api.DeploymentSpec; import com.yahoo.config.application.api.ValidationId; import com.yahoo.io.LazyInputStream; import org.junit.jupiter.api.Test; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.IOException; @@ -97,7 +96,7 @@ public class ApplicationPackageTest { "jdisc.xml", jdiscXml, "content/content.xml", contentXml, "content/nodes.xml", nodesXml), - unzip(new ApplicationPackage(zip, false).metaDataZip())); + unzip(new ApplicationPackage(zip).metaDataZip())); } @Test @@ -105,7 +104,7 @@ public class ApplicationPackageTest { byte[] zip = filesZip(Map.of("services.xml", servicesXml.getBytes(UTF_8))); try { - new ApplicationPackage(zip, false).metaDataZip(); + new ApplicationPackage(zip).metaDataZip(); fail("Should fail on missing include file"); } catch (RuntimeException e) { @@ -152,6 +151,21 @@ public class ApplicationPackageTest { assertEquals(originalPackage.bundleHash(), similarDeploymentXml.bundleHash()); } + @Test + void testCertificateFileExists() throws Exception { + getApplicationZip("with-certificate.zip", true); + } + + @Test + void testCertificateFileMissing() throws Exception { + try { + getApplicationZip("original.zip", true); + fail("Should fail on missing certificate file file"); + } catch (RuntimeException e) { + assertEquals("No client certificate found in security/ in application package, see https://cloud.vespa.ai/en/security/guide", e.getMessage()); + } + } + static Map<String, String> unzip(byte[] zip) { return ZipEntries.from(zip, __ -> true, 1 << 24, true) .asList().stream() @@ -160,7 +174,11 @@ public class ApplicationPackageTest { } private ApplicationPackage getApplicationZip(String path) throws IOException { - return new ApplicationPackage(Files.readAllBytes(Path.of("src/test/resources/application-packages/" + path)), true); + return getApplicationZip(path, false); + } + + private ApplicationPackage getApplicationZip(String path, boolean checkCertificateFile) throws IOException { + return new ApplicationPackage(Files.readAllBytes(Path.of("src/test/resources/application-packages/" + path)), true, checkCertificateFile); } static byte[] zip(Map<String, String> content) { diff --git a/controller-server/src/test/resources/application-packages/with-certificate.zip b/controller-server/src/test/resources/application-packages/with-certificate.zip Binary files differnew file mode 100644 index 00000000000..1540b96c7ef --- /dev/null +++ b/controller-server/src/test/resources/application-packages/with-certificate.zip |