kafka git commit: KAFKA-3985; Transient system test failure ZooKeeperSecurityUpgradeTest.test_zk_security_upgrade.security_protocol

[ij...@apache.org]

Repository: kafka
Updated Branches:
  refs/heads/trunk 3e9f357fb -> b049606ae


KAFKA-3985; Transient system test failure ZooKeeperSecurityUpgradeTest.test_zk_security_upgrade.security_protocol

Author: Flavio Junqueira <fp...@apache.org>

Reviewers: Rajini Sivaram <ra...@googlemail.com>, Geoff Anderson <ge...@confluent.io>, Ismael Juma <is...@juma.me.uk>

Closes #1973 from fpj/KAFKA-3985


Project: http://git-wip-us.apache.org/repos/asf/kafka/repo
Commit: http://git-wip-us.apache.org/repos/asf/kafka/commit/b049606a
Tree: http://git-wip-us.apache.org/repos/asf/kafka/tree/b049606a
Diff: http://git-wip-us.apache.org/repos/asf/kafka/diff/b049606a

Branch: refs/heads/trunk
Commit: b049606aebbb6c08120e53a6bf3d9519bb14b076
Parents: 3e9f357
Author: Flavio Junqueira <fp...@apache.org>
Authored: Wed Oct 5 23:01:30 2016 +0100
Committer: Ismael Juma <is...@juma.me.uk>
Committed: Wed Oct 5 23:01:53 2016 +0100

----------------------------------------------------------------------
 .../services/security/security_config.py        | 24 ++++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kafka/blob/b049606a/tests/kafkatest/services/security/security_config.py
----------------------------------------------------------------------
diff --git a/tests/kafkatest/services/security/security_config.py b/tests/kafkatest/services/security/security_config.py
index a37a889..665c4b0 100644
--- a/tests/kafkatest/services/security/security_config.py
+++ b/tests/kafkatest/services/security/security_config.py
@@ -13,6 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import atexit
 import os
 import subprocess
 from tempfile import mkdtemp
@@ -23,20 +24,19 @@ import itertools
 
 class SslStores(object):
     def __init__(self):
-        self.ca_crt_path = "/tmp/test.ca.crt"
-        self.ca_jks_path = "/tmp/test.ca.jks"
+        self.ca_and_truststore_dir = mkdtemp(dir="/tmp")
+        self.ca_crt_path = os.path.join(self.ca_and_truststore_dir, "test.ca.crt")
+        self.ca_jks_path = os.path.join(self.ca_and_truststore_dir, "test.ca.jks")
         self.ca_passwd = "test-ca-passwd"
 
-        self.truststore_path = "/tmp/test.truststore.jks"
+        self.truststore_path = os.path.join(self.ca_and_truststore_dir, "test.truststore.jks")
         self.truststore_passwd = "test-ts-passwd"
         self.keystore_passwd = "test-ks-passwd"
         self.key_passwd = "test-key-passwd"
         # Allow upto one hour of clock skew between host and VMs
         self.startdate = "-1H"
-
-        for file in [self.ca_crt_path, self.ca_jks_path, self.truststore_path]:
-            if os.path.exists(file):
-                os.remove(file)
+        # Register rmtree to run on exit
+        atexit.register(rmtree, self.ca_and_truststore_dir)
 
     def generate_ca(self):
         """
@@ -64,11 +64,11 @@ class SslStores(object):
         csr_path = os.path.join(ks_dir, "test.kafka.csr")
         crt_path = os.path.join(ks_dir, "test.kafka.crt")
 
-	self.runcmd("keytool -genkeypair -alias kafka -keyalg RSA -keysize 2048 -keystore %s -storepass %s -keypass %s -dname CN=systemtest -ext SAN=DNS:%s -startdate %s" % (ks_path, self.keystore_passwd, self.key_passwd, self.hostname(node), self.startdate))
-	self.runcmd("keytool -certreq -keystore %s -storepass %s -keypass %s -alias kafka -file %s" % (ks_path, self.keystore_passwd, self.key_passwd, csr_path))
-	self.runcmd("keytool -gencert -keystore %s -storepass %s -alias ca -infile %s -outfile %s -dname CN=systemtest -ext SAN=DNS:%s -startdate %s" % (self.ca_jks_path, self.ca_passwd, csr_path, crt_path, self.hostname(node), self.startdate))
-	self.runcmd("keytool -importcert -keystore %s -storepass %s -alias ca -file %s -noprompt" % (ks_path, self.keystore_passwd, self.ca_crt_path))
-	self.runcmd("keytool -importcert -keystore %s -storepass %s -keypass %s -alias kafka -file %s -noprompt" % (ks_path, self.keystore_passwd, self.key_passwd, crt_path))
+        self.runcmd("keytool -genkeypair -alias kafka -keyalg RSA -keysize 2048 -keystore %s -storepass %s -keypass %s -dname CN=systemtest -ext SAN=DNS:%s -startdate %s" % (ks_path, self.keystore_passwd, self.key_passwd, self.hostname(node), self.startdate))
+        self.runcmd("keytool -certreq -keystore %s -storepass %s -keypass %s -alias kafka -file %s" % (ks_path, self.keystore_passwd, self.key_passwd, csr_path))
+        self.runcmd("keytool -gencert -keystore %s -storepass %s -alias ca -infile %s -outfile %s -dname CN=systemtest -ext SAN=DNS:%s -startdate %s" % (self.ca_jks_path, self.ca_passwd, csr_path, crt_path, self.hostname(node), self.startdate))
+        self.runcmd("keytool -importcert -keystore %s -storepass %s -alias ca -file %s -noprompt" % (ks_path, self.keystore_passwd, self.ca_crt_path))
+        self.runcmd("keytool -importcert -keystore %s -storepass %s -keypass %s -alias kafka -file %s -noprompt" % (ks_path, self.keystore_passwd, self.key_passwd, crt_path))
         node.account.scp_to(ks_path, SecurityConfig.KEYSTORE_PATH)
         rmtree(ks_dir)