You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Friðvin Logi Oddbjörnsson <fr...@greenqloud.com> on 2017/03/09 13:46:36 UTC
Unit testing with (database) encryption enabled
Hello all,
I’ve encountered a couple of issues when running CloudStack’s unit tests
after adding the following to cloudstack/utils/conf/db.properties:
db.cloud.encryption.type=env
db.cloud.encrypt.secret=secret
and setting environment variable CLOUD_SECRET_KEY with a non-empty value.
Unit test UriUtilsTest.getUpdateUri has the following check:
// there is password param but still no request for encryption,
should
// be unchanged
Assert.assertEquals("http://localhost/foo/bar?password=1234",
UriUtils
.getUpdateUri("http://localhost/foo/bar?password=1234",
false));
However, looking at the implementation of UriUtils.getUpdateUri(String url,
boolean encrypt), when parameter encrypt is specified as false, a parameter
with name “password” will have its value decrypted! This means that, when
encryption is actually enabled, this check will fail because “1234” is not
an encrypted value (the value will actually be replaced by “null”).
Should UriUtils.getUpdateUri(String url, boolean encrypt) really be
decrypting the value of “password” parameter and, if so, shouldn’t it check
whether the decryption returned null? (in which case, it would leave the
original value)
As for the other issue I encountered, unit test
EncryptionSecretKeyCheckerTest.testKeyFileDoesNotExists failing, just
mentioning here that this unit test fails when encryption is enabled.
Unlike the UriUtilsTest issue, the cause for this fail is straightforward
(the test simply assumes that encryption isn’t enabled) and I’ve already
fixed the unit test locally so that it works properly regardless of whether
encryption is enabled or not.
P.s. running the unit tests simply by executing `mvn -Pdeveloper -Dnoredist
-Dsimulator -Djna.nosys=true clean install`
Friðvin Logi Oddbjörnsson
Senior Developer
Tel: (+354) 415 0200 | fridvin@greenqloud.com
Mobile: (+354) 696 6528 | PGP Key: 57CA1B00
<ht...@greenqloud.com>
Twitter: @greenqloud <https://twitter.com/greenqloud> | @qstackcloud
<https://twitter.com/qstackcloud>
www.greenqloud.com | www.qstack.com
[image: qstack_blue_landscape_byqreenqloud-01.png]