You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pulsar.apache.org by ba...@apache.org on 2023/04/09 12:09:26 UTC
[pulsar-client-node] 04/06: [fix] Add tests for produce and consume with TLS enabled (#313)
This is an automated email from the ASF dual-hosted git repository.
baodi pushed a commit to branch branch-1.8
in repository https://gitbox.apache.org/repos/asf/pulsar-client-node.git
commit 8598e3101d7f5d4e83afcd540d07c8a52ec37311
Author: Masahiro Sakamoto <ma...@yahoo-corp.jp>
AuthorDate: Thu Apr 6 18:36:18 2023 +0900
[fix] Add tests for produce and consume with TLS enabled (#313)
* Add tests for produce and consume with TLS enabled
* Add error message output
(cherry picked from commit 74461ca90b20c5871b8cad60600071ed1940ca2f)
---
binding.gyp | 4 ++--
build-support/pulsar-test-container-start.sh | 10 +++++++++-
build-support/pulsar-test-service-start.sh | 2 ++
tests/certificate/server.crt | 20 ++++++++++++++++++++
tests/certificate/server.key | 28 ++++++++++++++++++++++++++++
tests/conf/standalone.conf | 15 +++++++++++++++
tests/end_to_end.test.js | 10 ++++++++--
7 files changed, 84 insertions(+), 5 deletions(-)
diff --git a/binding.gyp b/binding.gyp
index 24309d6..5a751f4 100644
--- a/binding.gyp
+++ b/binding.gyp
@@ -21,9 +21,9 @@
"targets": [
{
"target_name": "pulsar",
- "cflags_cc": ["-std=gnu++11"],
+ "cflags_cc": ["-std=gnu++11", "-fvisibility=hidden"],
"cflags!": ["-fno-exceptions"],
- "cflags_cc!": ["-fno-exceptions", "-std=gnu++14", "-std=gnu++17", "-fvisibility=hidden"],
+ "cflags_cc!": ["-fno-exceptions", "-std=gnu++14", "-std=gnu++17"],
"include_dirs": [
"<!@(node -p \"require('node-addon-api').include\")",
],
diff --git a/build-support/pulsar-test-container-start.sh b/build-support/pulsar-test-container-start.sh
index 96c7758..ecbe296 100755
--- a/build-support/pulsar-test-container-start.sh
+++ b/build-support/pulsar-test-container-start.sh
@@ -30,6 +30,14 @@ bin/pulsar-daemon start standalone \
--bookkeeper-dir data/bookkeeper
echo "-- Wait for Pulsar service to be ready"
-until curl http://localhost:8080/metrics > /dev/null 2>&1 ; do sleep 1; done
+for i in $(seq 30); do
+ curl http://localhost:8080/metrics > /dev/null 2>&1 && break
+ if [ $i -lt 30 ]; then
+ sleep 1
+ else
+ echo '-- Pulsar standalone server startup timed out'
+ exit 1
+ fi
+done
echo "-- Ready to start tests"
diff --git a/build-support/pulsar-test-service-start.sh b/build-support/pulsar-test-service-start.sh
index e897c2b..ded136c 100755
--- a/build-support/pulsar-test-service-start.sh
+++ b/build-support/pulsar-test-service-start.sh
@@ -30,6 +30,8 @@ CONTAINER_ID=$(docker run -i -p 8080:8080 -p 6650:6650 -p 8443:8443 -p 6651:6651
echo $CONTAINER_ID >.tests-container-id.txt
docker cp $SRC_DIR/tests/conf $CONTAINER_ID:/pulsar/test-conf
+docker cp $SRC_DIR/tests/certificate/server.crt $CONTAINER_ID:/pulsar/test-conf
+docker cp $SRC_DIR/tests/certificate/server.key $CONTAINER_ID:/pulsar/test-conf
docker cp $SRC_DIR/build-support/pulsar-test-container-start.sh $CONTAINER_ID:pulsar-test-container-start.sh
docker exec -i $CONTAINER_ID /pulsar-test-container-start.sh
diff --git a/tests/certificate/server.crt b/tests/certificate/server.crt
new file mode 100644
index 0000000..7efb4d0
--- /dev/null
+++ b/tests/certificate/server.crt
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDSDCCAjACCQDP7B74131FAzANBgkqhkiG9w0BAQsFADBmMQswCQYDVQQGEwJK
+UDEOMAwGA1UECAwFVG9reW8xFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UE
+CgwTRGVmYXVsdCBDb21wYW55IEx0ZDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIz
+MDQwNDAzNTYxNVoXDTMzMDQwMTAzNTYxNVowZjELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgMBVRva3lvMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1
+bHQgQ29tcGFueSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALpN39t4b52CT58D3XO0pbAHaBmJ3BHsL/HZnLhl
+4O+Dalv97PrW1cJNzPB07jmc6ffxWXYzLgFGHq+FkqqMg294UV2qgP3P2UgmAXnJ
+i0KMkoDBw1vkbfCiOpDESqJeN2NBJpPG1IJ5SvbBvHmUDhG767H9m3PeDckEm2II
+h9EPu4HCvBK3XDPeF6jSk9vnpfSceaoq7FAb9QBmvXY7h9qe3UkEOtaCEfOvMxJL
+CliMWjFk8lZ8fLBemryVHb0/KsqJclfSoHtpcBE41nsRb9MrKraQdDjj17laiGia
+rA9z2wlLH4L946ypzoikJiqsLRvPHfDVZUd3+jI2nGxn2M8CAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEAMyey0tpbu9n5eUolkVwDdPw1bM/W5WHwe8fu9CF4Vddmliwb
+PidCUe/b5iTemHFM/ayZdplN+oiQKWyri4Guyz/cBIMI+sypj8RXB9hhPDtqk+yf
+b+6TjJPAZIbRZv/vLfCHdyRwxhc8LcmlUe+nfJN6EwNz3mDu4dDfysbzLcQMj+R6
+MM+mBvhkiZO4k0pQkGmSQkKXfVCiTxRJDLrmLADNCMs1FgyuvlBlu3DhoYn8gLfs
+ftL4W/0/aQp0BLfDa1eL5nH14WQxGMvlC5SZ9EKpX5HwB9iYHBuh7V4UMKSAJSlK
+SN6dVn1fPAfBPcBZ0i3ZgIOb2nRE9AMlqkaTgQ==
+-----END CERTIFICATE-----
diff --git a/tests/certificate/server.key b/tests/certificate/server.key
new file mode 100644
index 0000000..0cb46f9
--- /dev/null
+++ b/tests/certificate/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6Td/beG+dgk+f
+A91ztKWwB2gZidwR7C/x2Zy4ZeDvg2pb/ez61tXCTczwdO45nOn38Vl2My4BRh6v
+hZKqjINveFFdqoD9z9lIJgF5yYtCjJKAwcNb5G3wojqQxEqiXjdjQSaTxtSCeUr2
+wbx5lA4Ru+ux/Ztz3g3JBJtiCIfRD7uBwrwSt1wz3heo0pPb56X0nHmqKuxQG/UA
+Zr12O4fant1JBDrWghHzrzMSSwpYjFoxZPJWfHywXpq8lR29PyrKiXJX0qB7aXAR
+ONZ7EW/TKyq2kHQ449e5WohomqwPc9sJSx+C/eOsqc6IpCYqrC0bzx3w1WVHd/oy
+NpxsZ9jPAgMBAAECggEAUKjioIyWFmWSv0/XEv9FNN8gDN6I7yGI6HbEyXkiV9BX
+vhhD/53/0i4I6ppVgZAUJArUJr6lzltjca6s/zXyudInuBvX2QuiEQCTZv0BVAC0
+dRZu1Fwj1SkHniG+BmowJMLSRuywmQSWlhru1Nxq8vafZuJb6WBcK4nZFCqJUtN1
+wmOQLbDBj/OGM6gDTXrItQZE4GLkfJJeDxdXRyTBDu00S0y+nl75V/yb0rVKpHO9
+WE4yagN2ds9FjwBMY4Eo4+oMqELAFleuVKnjClliLJ97WTwXL+I73jJHxMP8I6hj
+Ff0YSGuZMXxwpPUml6nGww5josvFT+xuOQaxs/Kw0QKBgQDeXlItBHWkDMtq3Hhz
+/Ju0pHauWLIGTtekP3EnkLiML9kuDwXD9jpG0rwrS8ThjnFulMiCP1T35r38Ev0p
+dS9hWy+7A8+/phwLInJmV0+HY5I7r9kl89h7AZQ1LM0RzulNlzNhs0VXknHP3EEp
+2qyoyasq3fCCUYoCFAIkWRoBrQKBgQDWezcU0+RKap9ZmgFj3oUbRMnpW1OldsQj
+aY5nFZB6istuAiwi3jV/rNmpSBfJLEhpsIlbrhTNUyX8GGzjFjCyYdg0SOtKa740
+HmSjdOaNT2ileDjhfx4PCBccjHuwhcGCixU/s5J+mF9ZXxXGxD0ZfSFqwOeFJipT
+ztYNeslr6wKBgGtLS49ZJYJAgi5PrvcYHfEtoe5B8bRFeptP2UNj+wf5Vmt46ClD
+t57Qs+aYKqlC18ypkY33DQKInYbxiqHkXzY0j3VHQ4iPl9xvhI+I9WC4VKjkEnzT
+idLgUijOMyyyj7PWjv5HR+AXUz8eYXrWfpT6qdKHQDNBMLwL93SeYYQJAoGATf9n
+C4r3FVzq8DHCWag9bao5Z0SQCbdEIsCrSa+c6AN7cVkW5eM7P2ADk70k8ULKXq0V
+dqK66+RWBvR2/KpAMU7FylXOQzUlaVy4Kn1DrpX3L12mCdMpgjvl87re7FXoBmo/
+4veRybntytl6WNtagN9xfJoEV/aGJA4u554Ei9sCgYEAtLscB69G9XbWo6YAsgbG
+cBcbwFZku7tyyrcnqptxSza95w0Y9MDVUtMcgOEehLkSeIpdnIgq14Alln753BYJ
+WyNI6s+fYrusaK/aqNniQJaZRFF6K/55dVwKETUwBhsT8a1JuDVKuAXhq0YF/0Ji
+Z/yve3En4WV+agiOP0teQJM=
+-----END PRIVATE KEY-----
diff --git a/tests/conf/standalone.conf b/tests/conf/standalone.conf
index b75f725..5b39772 100755
--- a/tests/conf/standalone.conf
+++ b/tests/conf/standalone.conf
@@ -26,9 +26,11 @@ zookeeperServers=
globalZookeeperServers=
brokerServicePort=6650
+brokerServicePortTls=6651
# Port to use to server HTTP request
webServicePort=8080
+webServicePortTls=8443
# Hostname or IP address the service binds on, default is 0.0.0.0.
bindAddress=0.0.0.0
@@ -90,6 +92,19 @@ delayedDeliveryEnabled=true
# Default is 1 second.
delayedDeliveryTickTimeMillis=1000
+### --- TLS --- ###
+# Path for the TLS certificate file
+tlsCertificateFilePath=/pulsar/test-conf/server.crt
+
+# Path for the TLS private key file
+tlsKeyFilePath=/pulsar/test-conf/server.key
+
+# Path for the trusted TLS certificate file.
+# This cert is used to verify that any certs presented by connecting clients
+# are signed by a certificate authority. If this verification
+# fails, then the certs are untrusted and the connections are dropped.
+tlsTrustCertsFilePath=/pulsar/test-conf/server.crt
+
### --- Authentication --- ###
# Enable authentication
diff --git a/tests/end_to_end.test.js b/tests/end_to_end.test.js
index 66f21df..ba4c448 100644
--- a/tests/end_to_end.test.js
+++ b/tests/end_to_end.test.js
@@ -22,9 +22,15 @@ const Pulsar = require('../index.js');
(() => {
describe('End To End', () => {
- test('Produce/Consume', async () => {
+ test.each([
+ ['pulsar://localhost:6650'],
+ ['pulsar+ssl://localhost:6651'],
+ ['http://localhost:8080'],
+ ['https://localhost:8443'],
+ ])('Produce/Consume to %s', async (serviceUrl) => {
const client = new Pulsar.Client({
- serviceUrl: 'pulsar://localhost:6650',
+ serviceUrl,
+ tlsTrustCertsFilePath: `${__dirname}/certificate/server.crt`,
operationTimeoutSeconds: 30,
});