Adds a compute engine auth GCE interop test

- also fixes the service_account test assertions
pull/340/head
Tim Emiola 10 years ago
parent 2e2085693b
commit 8c750f44f4
  1. 122
      src/ruby/bin/interop/interop_client.rb

@ -56,6 +56,8 @@ require 'test/cpp/interop/empty'
require 'signet/ssl_config' require 'signet/ssl_config'
include Google::RPC::Auth
# loads the certificates used to access the test server securely. # loads the certificates used to access the test server securely.
def load_test_certs def load_test_certs
this_dir = File.expand_path(File.dirname(__FILE__)) this_dir = File.expand_path(File.dirname(__FILE__))
@ -67,47 +69,54 @@ end
# loads the certificates used to access the test server securely. # loads the certificates used to access the test server securely.
def load_prod_cert def load_prod_cert
fail 'could not find a production cert' if ENV['SSL_CERT_FILE'].nil? fail 'could not find a production cert' if ENV['SSL_CERT_FILE'].nil?
p "loading prod certs from #{ENV['SSL_CERT_FILE']}" logger.info("loading prod certs from #{ENV['SSL_CERT_FILE']}")
File.open(ENV['SSL_CERT_FILE']).read File.open(ENV['SSL_CERT_FILE']).read
end end
# creates a Credentials from the test certificates. # creates SSL Credentials from the test certificates.
def test_creds def test_creds
certs = load_test_certs certs = load_test_certs
GRPC::Core::Credentials.new(certs[0]) GRPC::Core::Credentials.new(certs[0])
end end
RX_CERT = /-----BEGIN CERTIFICATE-----\n.*?-----END CERTIFICATE-----\n/m # creates SSL Credentials from the production certificates.
# creates a Credentials from the production certificates.
def prod_creds def prod_creds
cert_text = load_prod_cert cert_text = load_prod_cert
GRPC::Core::Credentials.new(cert_text) GRPC::Core::Credentials.new(cert_text)
end end
# creates the SSL Credentials.
def ssl_creds(use_test_ca)
return test_creds if use_test_ca
prod_creds
end
# creates a test stub that accesses host:port securely. # creates a test stub that accesses host:port securely.
def create_stub(opts) def create_stub(opts)
address = "#{opts.host}:#{opts.port}" address = "#{opts.host}:#{opts.port}"
if opts.secure if opts.secure
creds = nil
if opts.use_test_ca
creds = test_creds
else
creds = prod_creds
end
stub_opts = { stub_opts = {
:creds => creds, :creds => ssl_creds(opts.use_test_ca),
GRPC::Core::Channel::SSL_TARGET => opts.host_override GRPC::Core::Channel::SSL_TARGET => opts.host_override
} }
# Allow service account updates if specified # Add service account creds if specified
if %w(all service_account_creds).include?(opts.test_case)
unless opts.oauth_scope.nil?
fd = StringIO.new(File.read(opts.oauth_key_file))
logger.info("loading oauth certs from #{opts.oauth_key_file}")
auth_creds = ServiceAccountCredentials.new(opts.oauth_scope, fd)
stub_opts[:update_metadata] = lambda(&auth_creds.method(:apply))
end
end
# Add compute engine creds if specified
if %w(all compute_engine_creds).include?(opts.test_case)
unless opts.oauth_scope.nil? unless opts.oauth_scope.nil?
cred_clz = Google::RPC::Auth::ServiceAccountCredentials auth_creds = GCECredentials.new
json_key_io = StringIO.new(File.read(opts.oauth_key_file))
auth_creds = cred_clz.new(opts.oauth_scope, json_key_io)
stub_opts[:update_metadata] = lambda(&auth_creds.method(:apply)) stub_opts[:update_metadata] = lambda(&auth_creds.method(:apply))
end end
end
logger.info("... connecting securely to #{address}") logger.info("... connecting securely to #{address}")
Grpc::Testing::TestService::Stub.new(address, **stub_opts) Grpc::Testing::TestService::Stub.new(address, **stub_opts)
@ -166,10 +175,10 @@ class NamedTests
include Grpc::Testing::PayloadType include Grpc::Testing::PayloadType
attr_accessor :assertions # required by Minitest::Assertions attr_accessor :assertions # required by Minitest::Assertions
def initialize(stub, opts) def initialize(stub, args)
@assertions = 0 # required by Minitest::Assertions @assertions = 0 # required by Minitest::Assertions
@stub = stub @stub = stub
@opts = opts @args = args
end end
def empty_unary def empty_unary
@ -185,18 +194,30 @@ class NamedTests
def service_account_creds def service_account_creds
# ignore this test if the oauth options are not set # ignore this test if the oauth options are not set
if @opts.oauth_scope.nil? || @opts.oauth_key_file.nil? if @args.oauth_scope.nil? || @args.oauth_key_file.nil?
p 'NOT RUN: service_account_creds; no service_account settings' p 'NOT RUN: service_account_creds; no service_account settings'
end end
json_key = File.read(@opts.oauth_key_file) json_key = File.read(@args.oauth_key_file)
wanted_email = MultiJson.load(json_key)['client_email'] wanted_email = MultiJson.load(json_key)['client_email']
resp = perform_large_unary resp = perform_large_unary(fill_username: true,
assert_equal(@opts.oauth_scope, resp.oauth_scope, fill_oauth_scope: true)
assert_equal(wanted_email, resp.username,
'service_account_creds: incorrect username')
assert(@args.oauth_scope.include?(resp.oauth_scope),
'service_account_creds: incorrect oauth_scope') 'service_account_creds: incorrect oauth_scope')
assert_equal(wanted_email, resp.username)
p 'OK: service_account_creds' p 'OK: service_account_creds'
end end
def compute_engine_creds
resp = perform_large_unary(fill_username: true,
fill_oauth_scope: true)
assert(@args.oauth_scope.include?(resp.oauth_scope),
'service_account_creds: incorrect oauth_scope')
assert_equal(@args.default_service_account, resp.username,
'service_account_creds: incorrect username')
p 'OK: compute_engine_creds'
end
def client_streaming def client_streaming
msg_sizes = [27_182, 8, 1828, 45_904] msg_sizes = [27_182, 8, 1828, 45_904]
wanted_aggregate_size = 74_922 wanted_aggregate_size = 74_922
@ -264,66 +285,65 @@ class NamedTests
end end
end end
Options = Struct.new(:oauth_scope, :oauth_key_file, :secure, :host, # Args is used to hold the command line info.
:host_override, :port, :test_case, :use_test_ca) Args = Struct.new(:default_service_account, :host, :host_override,
:oauth_scope, :oauth_key_file, :port, :secure, :test_case,
:use_test_ca)
# validates the the command line options, returning them as a Hash. # validates the the command line options, returning them as a Hash.
def parse_options def parse_args
options = Options.new args = Args.new
options.host_override = 'foo.test.google.com' args.host_override = 'foo.test.google.com'
OptionParser.new do |opts| OptionParser.new do |opts|
opts.banner = 'Usage: --server_host <server_host> --server_port server_port'
opts.on('--oauth_scope scope', opts.on('--oauth_scope scope',
'Scope for OAuth tokens') do |v| 'Scope for OAuth tokens') { |v| args['oauth_scope'] = v }
options['oauth_scope'] = v
end
opts.on('--server_host SERVER_HOST', 'server hostname') do |v| opts.on('--server_host SERVER_HOST', 'server hostname') do |v|
options['host'] = v args['host'] = v
end
opts.on('--default_service_account email_address',
'email address of the default service account') do |v|
args['default_service_account'] = v
end end
opts.on('--service_account_key_file PATH', opts.on('--service_account_key_file PATH',
'Path to the service account json key file') do |v| 'Path to the service account json key file') do |v|
options['oauth_key_file'] = v args['oauth_key_file'] = v
end end
opts.on('--server_host_override HOST_OVERRIDE', opts.on('--server_host_override HOST_OVERRIDE',
'override host via a HTTP header') do |v| 'override host via a HTTP header') do |v|
options['host_override'] = v args['host_override'] = v
end
opts.on('--server_port SERVER_PORT', 'server port') do |v|
options['port'] = v
end end
opts.on('--server_port SERVER_PORT', 'server port') { |v| args['port'] = v }
# instance_methods(false) gives only the methods defined in that class # instance_methods(false) gives only the methods defined in that class
test_cases = NamedTests.instance_methods(false).map(&:to_s) test_cases = NamedTests.instance_methods(false).map(&:to_s)
test_case_list = test_cases.join(',') test_case_list = test_cases.join(',')
opts.on('--test_case CODE', test_cases, {}, 'select a test_case', opts.on('--test_case CODE', test_cases, {}, 'select a test_case',
" (#{test_case_list})") do |v| " (#{test_case_list})") { |v| args['test_case'] = v }
options['test_case'] = v
end
opts.on('-s', '--use_tls', 'require a secure connection?') do |v| opts.on('-s', '--use_tls', 'require a secure connection?') do |v|
options['secure'] = v args['secure'] = v
end end
opts.on('-t', '--use_test_ca', opts.on('-t', '--use_test_ca',
'if secure, use the test certificate?') do |v| 'if secure, use the test certificate?') do |v|
options['use_test_ca'] = v args['use_test_ca'] = v
end end
end.parse! end.parse!
_check_options(options) _check_args(args)
end end
def _check_options(opts) def _check_args(args)
%w(host port test_case).each do |arg| %w(host port test_case).each do |a|
if opts[arg].nil? if args[a].nil?
fail(OptionParser::MissingArgument, "please specify --#{arg}") fail(OptionParser::MissingArgument, "please specify --#{arg}")
end end
end end
if opts['oauth_key_file'].nil? ^ opts['oauth_scope'].nil? if args['oauth_key_file'].nil? ^ args['oauth_scope'].nil?
fail(OptionParser::MissingArgument, fail(OptionParser::MissingArgument,
'please specify both of --service_account_key_file and --oauth_scope') 'please specify both of --service_account_key_file and --oauth_scope')
end end
opts args
end end
def main def main
opts = parse_options opts = parse_args
stub = create_stub(opts) stub = create_stub(opts)
NamedTests.new(stub, opts).method(opts['test_case']).call NamedTests.new(stub, opts).method(opts['test_case']).call
end end

Loading…
Cancel
Save