You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by sw...@apache.org on 2013/06/18 22:58:55 UTC
svn commit: r1494297 - in /incubator/ambari/trunk/ambari-server: sbin/
src/main/java/org/apache/ambari/server/configuration/
src/main/java/org/apache/ambari/server/controller/ src/main/python/
src/test/java/org/apache/ambari/server/configuration/ src/t...
Author: swagle
Date: Tue Jun 18 20:58:54 2013
New Revision: 1494297
URL: http://svn.apache.org/r1494297
Log:
AMBARI-2103. Support for configuring and running Ambari Web Server https. (Dmitry Lysnichenko via swagle)
Modified:
incubator/ambari/trunk/ambari-server/sbin/ambari-server
incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py
incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
incubator/ambari/trunk/ambari-server/src/test/python/TestAmbaryServer.py
Modified: incubator/ambari/trunk/ambari-server/sbin/ambari-server
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/sbin/ambari-server?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/sbin/ambari-server (original)
+++ incubator/ambari/trunk/ambari-server/sbin/ambari-server Tue Jun 18 20:58:54 2013
@@ -105,8 +105,12 @@ case "$1" in
echo -e "Reseting master key for credential store"
$PYTHON /usr/sbin/ambari-server.py $@
;;
+ setup-https)
+ echo -e "Ambari-server setup-https"
+ $PYTHON /usr/sbin/ambari-server.py $@
+ ;;
*)
- echo "Usage: /usr/sbin/ambari-server {start|stop|restart|setup|upgrade|status|upgradestack|setupldap|resetmasterkey} [options]"
+ echo "Usage: /usr/sbin/ambari-server {start|stop|restart|setup|upgrade|status|upgradestack|setupldap|resetmasterkey|setup-https} [options]"
exit 1
esac
Modified: incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java (original)
+++ incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/configuration/Configuration.java Tue Jun 18 20:58:54 2013
@@ -76,6 +76,7 @@ public class Configuration {
public static final String CLIENT_SECURITY_KEY = "client.security";
public static final String CLIENT_API_PORT_KEY = "client.api.port";
+ public static final String CLIENT_API_SSL_PORT_KEY = "client.api.ssl.port";
public static final String SERVER_DB_NAME_KEY = "server.jdbc.database";
public static final String SERVER_DB_NAME_DEFAULT = "postgres";
public static final String ORACLE_DB_NAME = "oracle";
@@ -179,6 +180,7 @@ public class Configuration {
private static final String CLIENT_SECURITY_DEFAULT = "local";
private static final int CLIENT_API_PORT_DEFAULT = 8080;
+ private static final int CLIENT_API_SSL_PORT_DEFAULT = 8443;
private static final String USER_ROLE_NAME_DEFAULT = "user";
private static final String ADMIN_ROLE_NAME_DEFAULT = "admin";
@@ -283,6 +285,7 @@ public class Configuration {
LOG.info("Reading password from existing file");
try {
randStr = FileUtils.readFileToString(passFile);
+ randStr = randStr.replaceAll("\\p{Cntrl}", "");
} catch (IOException e) {
e.printStackTrace();
}
@@ -436,6 +439,14 @@ public class Configuration {
}
/**
+ * Gets ssl api port
+ * @return int
+ */
+ public int getClientSSLApiPort() {
+ return Integer.parseInt(properties.getProperty(CLIENT_API_SSL_PORT_KEY, String.valueOf(CLIENT_API_SSL_PORT_DEFAULT)));
+ }
+
+ /**
* Check to see if the API should be authenticated via ssl or not
* @return false if not, true if ssl needs to be used.
*/
Modified: incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java (original)
+++ incubator/ambari/trunk/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java Tue Jun 18 20:58:54 2013
@@ -80,7 +80,7 @@ public class AmbariServer {
private static Logger LOG = LoggerFactory.getLogger(AmbariServer.class);
public static final int AGENT_ONE_WAY_AUTH = 8440;
public static final int AGENT_TWO_WAY_AUTH = 8441;
- public static final int CLIENT_SSL_API_PORT = 8443;
+
private Server server = null;
private Server serverForAgent = null;
@@ -287,7 +287,7 @@ public class AmbariServer {
if (configs.getApiSSLAuthentication()) {
SslSelectChannelConnector sapiConnector = new SslSelectChannelConnector();
- sapiConnector.setPort(CLIENT_SSL_API_PORT);
+ sapiConnector.setPort(configs.getClientSSLApiPort());
sapiConnector.setKeystore(keystore);
sapiConnector.setTruststore(keystore);
sapiConnector.setPassword(srvrCrtPass);
Modified: incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py (original)
+++ incubator/ambari/trunk/ambari-server/src/main/python/ambari-server.py Tue Jun 18 20:58:54 2013
@@ -54,6 +54,7 @@ UPGRADE_ACTION = "upgrade"
UPGRADE_STACK_ACTION = "upgradestack"
UPDATE_METAINFO_ACTION = "update-metainfo"
STATUS_ACTION = "status"
+SETUP_HTTPS_ACTION = "setup-https"
LDAP_SETUP_ACTION = "setupldap"
RESET_MASTER_KEY_ACTION = "resetmasterkey"
@@ -88,6 +89,9 @@ NR_ADD_USER_TO_GROUP = 'usermod -G {0} {
NR_CHMOD_CMD = 'chmod {0} {1}'
NR_CHOWN_CMD = 'chown {0}:{1} {2}'
+# openssl command
+EXPRT_KSTR_CMD = "openssl pkcs12 -export -in {0} -inkey {1} -certfile {0} -out {3} -password pass:{2} -passin pass:{2}"
+
# constants
STACK_NAME_VER_SEP = "-"
JAVA_SHARE_PATH="/usr/share/java"
@@ -146,6 +150,17 @@ SECURITY_KEY_IS_PERSISTED = "security.ma
SECURITY_KEY_ENV_VAR_NAME = "ambari.security.master.key"
SECURITY_MASTER_KEY_FILENAME = "master"
+SSL_KEY_DIR = 'security.server.keys_dir'
+SSL_API_PORT = 'client.api.ssl.port'
+SSL_API = 'api.ssl'
+SSL_SERVER_CERT_NAME = 'security.server.cert_name'
+SSL_SERVER_KEY_NAME = 'security.server.key_name'
+SSL_CERT_FILE_NAME = "ca.crt"
+SSL_KEY_FILE_NAME = "ca.key"
+SSL_KEYSTORE_FILE_NAME = "keystore.p12"
+SSL_KEY_PASSWORD_FILE_NAME = "pass.txt"
+DEFAULT_SSL_API_PORT = 8443
+
JDBC_RCA_PASSWORD_ALIAS = "ambari.db.password"
LDAP_MGR_PASSWORD_ALIAS = "ambari.ldap.manager.password"
LDAP_MGR_PASSWORD_PROPERTY = "authentication.ldap.managerPassword"
@@ -2074,19 +2089,12 @@ def upgrade(args):
# The Ambari Server status.
#
def status(args):
- if os.path.exists(PID_DIR + os.sep + PID_NAME):
- f = open(PID_DIR + os.sep + PID_NAME, "r")
- pid = int(f.readline())
- print "Found Ambari Server PID: '" + str(pid) + "'"
- f.close()
- retcode, out, err = run_os_command("ps -p " + str(pid))
- if retcode == 0:
- print "Ambari Server running"
- print "Ambari Server PID at: " + PID_DIR + os.sep + PID_NAME
- else:
- print "Ambari Server not running. Stale PID File at: " + PID_DIR + os.sep + PID_NAME
+ status, pid = is_server_runing()
+ if status:
+ print "Ambari Server running"
+ print "Found Ambari Server PID: '" + str(pid) + " at: " + PID_DIR + os.sep + PID_NAME
else:
- print "Ambari Server not running"
+ print "Ambari Server not running. Stale PID File at: " + PID_DIR + os.sep + PID_NAME
@@ -2159,7 +2167,7 @@ def get_validated_string_input(prompt, d
input = default
break #done here and picking up default
else:
- if not re.search(pattern,input.strip()):
+ if not pattern==None and not re.search(pattern,input.strip()):
print description
input=""
return input
@@ -2478,6 +2486,128 @@ def update_properties(propertyMap):
return 0
+def setup_https(args):
+ if not SILENT:
+ properties = get_ambari_properties()
+ try:
+ security_server_keys_dir = properties.get_property(SSL_KEY_DIR)
+ client_api_ssl_port = DEFAULT_SSL_API_PORT if properties.get_property(SSL_API_PORT) in ("")\
+ else properties.get_property(SSL_API_PORT)
+ api_ssl = properties.get_property(SSL_API) in ['true']
+ cert_was_imported = False
+ if api_ssl:
+ if get_YN_input("Do you want to disable SSL (y/n) n? ", False):
+ properties.process_pair(SSL_API, "false")
+ else:
+ properties.process_pair(SSL_API_PORT, \
+ get_validated_string_input(\
+ "SSL port ["+str(client_api_ssl_port)+"] ? ",\
+ str(client_api_ssl_port),\
+ "^[0-9]{1,5}$", "Invalid port.", False))
+ if get_YN_input(\
+ "Do you want to import trusted certificate and private key (y/n) y? ",\
+ True):
+ import_cert_and_key_action(security_server_keys_dir, properties)
+ cert_was_imported = True
+ else:
+ if get_YN_input("Do you want to configure HTTPS (y/n) y? ", True):
+ properties.process_pair(SSL_API_PORT,\
+ get_validated_string_input("SSL port ["+str(client_api_ssl_port)+"] ? ",\
+ str(client_api_ssl_port), "^[0-9]{1,5}$", "Invalid port.", False))
+ if get_YN_input(\
+ "Do you want to import trusted certificate and private key (y/n) y? ",\
+ True):
+ import_cert_and_key_action(security_server_keys_dir, properties)
+ cert_was_imported = True
+ else:
+ return
+
+ conf_file = find_properties_file()
+ f = open(conf_file, 'w')
+ properties.store(f, "Changed by 'ambari-server setup-https' command")
+ if cert_was_imported:
+ print "NOTE: If cluster have been already created,"+\
+ " agent's keystors should be cleared manually!"
+ if is_server_runing():
+ print "To apply changes server should be restarted"+\
+ " by command: ambari-server restart|(stop|start)"
+ except (KeyError), e:
+ err = 'Property ' + str(e) + ' is not defined at ' + conf_file
+ raise FatalException(1, err)
+ else:
+ print "setup-https is not enabled in silent mode."
+
+def is_server_runing():
+ if os.path.exists(PID_DIR + os.sep + PID_NAME):
+ f = open(PID_DIR + os.sep + PID_NAME, "r")
+ pid = int(f.readline())
+ f.close()
+ retcode, out, err = run_os_command("ps -p " + str(pid))
+ if retcode == 0:
+ return True, pid
+ else:
+ return False, None
+ else:
+ return False, None
+
+
+def import_cert_and_key_action(security_server_keys_dir, properties):
+ if import_cert_and_key(security_server_keys_dir):
+ properties.process_pair(SSL_SERVER_CERT_NAME, SSL_CERT_FILE_NAME)
+ properties.process_pair(SSL_SERVER_KEY_NAME, SSL_KEY_FILE_NAME)
+ properties.process_pair(SSL_API, "true")
+
+def import_cert_and_key(security_server_keys_dir):
+ import_cert_path = get_validated_filepath_input(\
+ "Please enter path to certificate: ",\
+ "Certificate not found")
+ import_key_path = get_validated_filepath_input(\
+ "Please enter path to key: ", "Key not found")
+ pem_password = get_validated_string_input("Please enter password for private key: ", "", None, None, True)
+ keystoreFilePath = os.path.join(security_server_keys_dir,\
+ SSL_KEYSTORE_FILE_NAME)
+ passFilePath = os.path.join(security_server_keys_dir,\
+ SSL_KEY_PASSWORD_FILE_NAME)
+ retcode, out, err = run_os_command(EXPRT_KSTR_CMD.format(import_cert_path,\
+ import_key_path, pem_password, keystoreFilePath))
+
+ if retcode == 0:
+ print 'Successfully imported trusted cerificate and private key'
+ set_file_permissions(keystoreFilePath, "660", read_ambari_user(), "root")
+ with open(passFilePath, 'w+') as passFile:
+ passFile.write(pem_password)
+ pass
+ set_file_permissions(passFilePath, "660", read_ambari_user(), "root")
+ import_file_to_keystore(import_cert_path, os.path.join(\
+ security_server_keys_dir, SSL_CERT_FILE_NAME))
+ import_file_to_keystore(import_key_path, os.path.join(\
+ security_server_keys_dir, SSL_KEY_FILE_NAME))
+ return True
+ else:
+ print 'Could not import trusted cerificate and private key:'
+ print err
+ return False
+
+def import_file_to_keystore(source, destination):
+ shutil.copy(source, destination)
+ set_file_permissions(destination, "660", read_ambari_user(), "root")
+
+
+def get_validated_filepath_input(prompt, description, default=None):
+ input = False
+ while not input:
+ if SILENT:
+ print (prompt)
+ return default
+ else:
+ input = raw_input(prompt)
+ if not input==None:
+ input = input.strip()
+ if not input==None and not ""==input and os.path.exists(input):
+ return input
+ else:
+ print description
+ input=False
#
# Main.
@@ -2621,6 +2751,8 @@ def main():
reset_master_key()
elif action == UPDATE_METAINFO_ACTION:
update_metainfo(options)
+ elif action == SETUP_HTTPS_ACTION:
+ setup_https(options)
else:
parser.error("Invalid action")
except FatalException as e:
@@ -2698,18 +2830,20 @@ class Properties(object):
oldkey = oldkey.strip()
oldvalue = self.unescape(oldvalue)
value = self.unescape(value)
- self._props[key] = value.strip()
+ self._props[key] = None if value is None else value.strip()
if self._keymap.has_key(key):
oldkey = self._keymap.get(key)
- self._origprops[oldkey] = oldvalue.strip()
+ self._origprops[oldkey] = None if oldvalue is None else oldvalue.strip()
else:
- self._origprops[oldkey] = oldvalue.strip()
+ self._origprops[oldkey] = None if oldvalue is None else oldvalue.strip()
self._keymap[key] = oldkey
def unescape(self, value):
- newvalue = value.replace('\:', ':')
- newvalue = newvalue.replace('\=', '=')
+ newvalue = value
+ if not value is None:
+ newvalue = value.replace('\:', ':')
+ newvalue = newvalue.replace('\=', '=')
return newvalue
def removeOldProp(self, key):
Modified: incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java (original)
+++ incubator/ambari/trunk/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java Tue Jun 18 20:58:54 2013
@@ -80,5 +80,14 @@ public class ConfigurationTest {
Assert.assertFalse(conf.getTwoWaySsl());
}
+ @Test
+ public void testGetClientSSLApiPort() throws Exception {
+ Properties ambariProperties = new Properties();
+ ambariProperties.setProperty(Configuration.CLIENT_API_SSL_PORT_KEY, "6666");
+ Configuration conf = new Configuration(ambariProperties);
+ Assert.assertEquals(6666, conf.getClientSSLApiPort());
+ conf = new Configuration();
+ Assert.assertEquals(8443, conf.getClientSSLApiPort());
+ }
}
Modified: incubator/ambari/trunk/ambari-server/src/test/python/TestAmbaryServer.py
URL: http://svn.apache.org/viewvc/incubator/ambari/trunk/ambari-server/src/test/python/TestAmbaryServer.py?rev=1494297&r1=1494296&r2=1494297&view=diff
==============================================================================
--- incubator/ambari/trunk/ambari-server/src/test/python/TestAmbaryServer.py (original)
+++ incubator/ambari/trunk/ambari-server/src/test/python/TestAmbaryServer.py Tue Jun 18 20:58:54 2013
@@ -802,7 +802,9 @@ class TestAmbariServer(TestCase):
@patch("os.path.join")
@patch("os.path.exists")
@patch.object(ambari_server, "get_ambari_properties")
- def test_install_jce_manualy(self, get_ambari_properties_mock, os_path_exists_mock, os_path_join_mock, shutil_copy_mock):
+ def test_install_jce_manualy(self, get_ambari_properties_mock,\
+ os_path_exists_mock, os_path_join_mock,\
+ shutil_copy_mock):
args = MagicMock()
args.jce_policy = "somewhere"
p = MagicMock()
@@ -810,14 +812,195 @@ class TestAmbariServer(TestCase):
p.__getitem__.side_effect = None
p.__getitem__.return_value = "somewhere"
os_path_exists_mock.return_value = True
- os_path_join_mock.return_value = "/var/lib/ambari-server/resources/jce_policy-6.zip"
+ os_path_join_mock.return_value = \
+ "/var/lib/ambari-server/resources/jce_policy-6.zip"
ambari_server.install_jce_manualy(args)
self.assertTrue(shutil_copy_mock.called)
- os_path_exists_mock.return_value = False
+ shutil_copy_mock.side_effect = Exception("exception")
+ try:
+ ambari_server.install_jce_manualy(args)
+ self.fail("Should throw exception because of not found jce_policy-6.zip")
+ except Exception:
+ # Expected
+ self.assertTrue(shutil_copy_mock.called)
+ pass
+
+ shutil_copy_mock.side_effect = None
args.jce_policy = None
+ ambari_server.install_jce_manualy(args)
+
+ @patch.object(ambari_server, "get_validated_string_input")
+ @patch.object(ambari_server, "find_properties_file")
+ @patch.object(ambari_server, "get_ambari_properties")
+ @patch.object(ambari_server, "is_server_runing")
+ @patch.object(ambari_server, "import_cert_and_key_action")
+ @patch.object(ambari_server, "get_YN_input")
+ @patch("__builtin__.open")
+ @patch("ambari-server.Properties")
+ def test_setup_https(self, Properties_mock, open_Mock, get_YN_input_mock,\
+ import_cert_and_key_action_mock,
+ is_server_runing_mock, get_ambari_properties_mock,\
+ find_properties_file_mock,\
+ get_validated_string_input_mock):
+ args = MagicMock()
+ open_Mock.return_value = file
+ p = get_ambari_properties_mock.return_value
+ #Case #1: if client ssl is on and user didnt choose
+ #disable ssl option and choose import certs and keys
+ p.get_property.side_effect = ["key_dir","5555","6666", "true"]
+ get_YN_input_mock.side_effect = [False,True]
+ get_validated_string_input_mock.side_effect = ["4444"]
+ get_property_expected = "[call('security.server.keys_dir'),\n"+\
+ " call('client.api.ssl.port'),\n"+\
+ " call('client.api.ssl.port'),\n call('api.ssl')]"
+ process_pair_expected = "[call('client.api.ssl.port', '4444')]"
+ ambari_server.SILENT = False
+ ambari_server.setup_https(args)
+
+ self.assertTrue(p.process_pair.called)
+ self.assertTrue(p.get_property.call_count == 4)
+ self.assertEqual(str(p.get_property.call_args_list), get_property_expected)
+ self.assertEqual(str(p.process_pair.call_args_list), process_pair_expected)
+ self.assertTrue(p.store.called)
+ self.assertTrue(import_cert_and_key_action_mock.called)
+
+ p.process_pair.reset_mock()
+ p.get_property.reset_mock()
+ p.store.reset_mock()
+ import_cert_and_key_action_mock.reset_mock()
+
+ #Case #2: if client ssl is on and user choose to disable ssl option
+ p.get_property.side_effect = ["key_dir","", "true"]
+ get_YN_input_mock.side_effect = [True]
+ get_validated_string_input_mock.side_effect = ["4444"]
+ get_property_expected = "[call('security.server.keys_dir'),\n"+\
+ " call('client.api.ssl.port'),\n call('api.ssl')]"
+ process_pair_expected = "[call('api.ssl', 'false')]"
+ ambari_server.setup_https(args)
+
+ self.assertTrue(p.process_pair.called)
+ self.assertTrue(p.get_property.call_count == 3)
+ self.assertEqual(str(p.get_property.call_args_list), get_property_expected)
+ self.assertEqual(str(p.process_pair.call_args_list), process_pair_expected)
+ self.assertTrue(p.store.called)
+ self.assertFalse(import_cert_and_key_action_mock.called)
+
+ p.process_pair.reset_mock()
+ p.get_property.reset_mock()
+ p.store.reset_mock()
+ import_cert_and_key_action_mock.reset_mock()
+
+ #Case #3: if client ssl is off and user choose option
+ #to import cert and keys
+ p.get_property.side_effect = ["key_dir","", None]
+ get_YN_input_mock.side_effect = [True, True]
+ get_validated_string_input_mock.side_effect = ["4444"]
+ get_property_expected = "[call('security.server.keys_dir'),\n"+\
+ " call('client.api.ssl.port'),\n call('api.ssl')]"
+ process_pair_expected = "[call('client.api.ssl.port', '4444')]"
+ ambari_server.setup_https(args)
+
+ self.assertTrue(p.process_pair.called)
+ self.assertTrue(p.get_property.call_count == 3)
+ self.assertEqual(str(p.get_property.call_args_list), get_property_expected)
+ self.assertEqual(str(p.process_pair.call_args_list), process_pair_expected)
+ self.assertTrue(p.store.called)
+ self.assertTrue(import_cert_and_key_action_mock.called)
+
+ p.process_pair.reset_mock()
+ p.get_property.reset_mock()
+ p.store.reset_mock()
+ import_cert_and_key_action_mock.reset_mock()
+
+ #Case #4: if client ssl is off and
+ #user did not choose option to import cert and keys
+ p.get_property.side_effect = ["key_dir","", None]
+ get_YN_input_mock.side_effect = [False]
+ get_validated_string_input_mock.side_effect = ["4444"]
+ get_property_expected = "[call('security.server.keys_dir'),\n"+\
+ " call('client.api.ssl.port'),\n call('api.ssl')]"
+ process_pair_expected = "[]"
+ ambari_server.setup_https(args)
+
+ self.assertFalse(p.process_pair.called)
+ self.assertTrue(p.get_property.call_count == 3)
+ self.assertEqual(str(p.get_property.call_args_list), get_property_expected)
+ self.assertEqual(str(p.process_pair.call_args_list), process_pair_expected)
+ self.assertFalse(p.store.called)
+ self.assertFalse(import_cert_and_key_action_mock.called)
+
+ p.process_pair.reset_mock()
+ p.get_property.reset_mock()
+ p.store.reset_mock()
+ import_cert_and_key_action_mock.reset_mock()
+ ambari_server.SILENT = True
+
+ @patch.object(ambari_server, "import_cert_and_key")
+ def test_import_cert_and_key_action(self, import_cert_and_key_mock):
+ import_cert_and_key_mock.return_value = True
+ properties = MagicMock()
+ properties.get_property.side_effect = ["key_dir","5555","6666", "true"]
+ properties.process_pair = MagicMock()
+ expect_process_pair = "[call('security.server.cert_name', 'ca.crt'),\n"+\
+ " call('security.server.key_name', 'ca.key'),\n"+\
+ " call('api.ssl', 'true')]"
+ ambari_server.import_cert_and_key_action("key_dir", properties)
+
+ self.assertEqual(str(properties.process_pair.call_args_list),\
+ expect_process_pair)
+
+ @patch.object(ambari_server, "read_ambari_user")
+ @patch.object(ambari_server, "set_file_permissions")
+ @patch.object(ambari_server, "import_file_to_keystore")
+ @patch("__builtin__.open")
+ @patch.object(ambari_server, "run_os_command")
+ @patch("os.path.join")
+ @patch.object(ambari_server, "get_validated_filepath_input")
+ @patch.object(ambari_server, "get_validated_string_input")
+ def test_import_cert_and_key(self, get_validated_string_input_mock,\
+ get_validated_filepath_input_mock,\
+ os_path_join_mock, run_os_command_mock,\
+ open_mock, import_file_to_keystore_mock,\
+ set_file_permissions_mock, read_ambari_user_mock):
+ get_validated_string_input_mock.return_value = "password"
+ get_validated_filepath_input_mock.side_effect = \
+ ["cert_file_path","key_file_path"]
+ os_path_join_mock.side_effect = ["cert_file_path","key_file_path",\
+ "keystore_cert_file_path",\
+ "keystore_cert_key_file_path",]
+ run_os_command_mock.return_value = (0, "", "")
+ om = open_mock.return_value
+ expect_import_file_to_keystore = "[call('cert_file_path',"+\
+ " 'keystore_cert_file_path'),\n"+\
+ " call('key_file_path',"+\
+ " 'keystore_cert_key_file_path')]"
+
+ ambari_server.import_cert_and_key("key_dir")
+ self.assertTrue(get_validated_filepath_input_mock.call_count == 2)
+ self.assertTrue(get_validated_string_input_mock.called)
+ self.assertTrue(os_path_join_mock.call_count == 4)
+ self.assertTrue(set_file_permissions_mock.call_count == 2)
+ self.assertEqual(str(import_file_to_keystore_mock.call_args_list),\
+ expect_import_file_to_keystore)
+ @patch.object(ambari_server, "run_os_command")
+ @patch("__builtin__.open")
+ @patch("os.path.exists")
+ def test_is_server_runing(self, os_path_exists_mock, open_mock,\
+ run_os_command_mock):
+ os_path_exists_mock.return_value = True
+ f = open_mock.return_value
+ f.readline.return_value = "111"
+ run_os_command_mock.return_value = 0, "", ""
+ status, pid = ambari_server.is_server_runing()
+ self.assertTrue(status)
+ self.assertEqual(111, pid)
+ os_path_exists_mock.return_value = False
+ status, pid = ambari_server.is_server_runing()
+ self.assertFalse(status)
+
@patch.object(ambari_server, "install_jce_manualy")
@patch("os.stat")
@patch("os.path.isfile")
@@ -829,10 +1012,11 @@ class TestAmbariServer(TestCase):
@patch.object(ambari_server, "print_info_msg")
@patch.object(ambari_server, "get_JAVA_HOME")
@patch.object(ambari_server, "get_ambari_properties")
- def test_download_jdk(self, get_ambari_properties_mock, get_JAVA_HOME_mock, print_info_msg_mock,
- write_property_mock, run_os_command_mock, get_YN_input_mock, track_jdk_mock,
- path_existsMock,
- path_isfileMock, statMock, install_jce_manualy_mock):
+ def test_download_jdk(self, get_ambari_properties_mock, get_JAVA_HOME_mock,\
+ print_info_msg_mock, write_property_mock,\
+ run_os_command_mock, get_YN_input_mock, track_jdk_mock,
+ path_existsMock, path_isfileMock, statMock,\
+ install_jce_manualy_mock):
args = MagicMock()
args.java_home = "somewhere"
path_existsMock.return_value = False