diff options
author | Daniel Schaefer <git@danielschaefer.me> | 2019-04-26 01:13:26 +0200 |
---|---|---|
committer | Daniel Schaefer <git@danielschaefer.me> | 2019-06-13 04:36:41 +0200 |
commit | 8e5ba87b36c8640ada623811ec5f22af6fe60d44 (patch) | |
tree | 91892ee4c37ca738fa843aa26a0e5bfc58ea8d7f | |
parent | 79f7f89442d9132c35b6417187cb1567eca2b910 (diff) |
nixos/cassandra: Test remote auth only on v3.11+
Below that it works but only when supplying a custom password file with
restricted permissions (i.e. outside the nix-store). We can't do that
using an absolute path in the tests.
-rw-r--r-- | nixos/tests/cassandra.nix | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/nixos/tests/cassandra.nix b/nixos/tests/cassandra.nix index c67239931e10..aea4fa4d1c95 100644 --- a/nixos/tests/cassandra.nix +++ b/nixos/tests/cassandra.nix @@ -1,12 +1,13 @@ -import ./make-test.nix ({ pkgs, ...}: +import ./make-test.nix ({ pkgs, lib, ... }: let # Change this to test a different version of Cassandra: testPackage = pkgs.cassandra; clusterName = "NixOS Automated-Test Cluster"; + testRemoteAuth = lib.versionAtLeast testPackage.version "3.11"; jmxRoles = [{ username = "me"; password = "password"; }]; + jmxRolesFile = ./cassandra-jmx-roles; jmxAuthArgs = "-u ${(builtins.elemAt jmxRoles 0).username} -pw ${(builtins.elemAt jmxRoles 0).password}"; - clusterName = "NixOS Test Cluster"; # Would usually be assigned to 512M numMaxHeapSize = "400"; @@ -45,7 +46,7 @@ in nodes = { cass0 = nodeCfg "192.168.1.1" {}; - cass1 = nodeCfg "192.168.1.2" { remoteJmx = true; inherit jmxRoles; }; + cass1 = nodeCfg "192.168.1.2" (lib.optionalAttrs testRemoteAuth { inherit jmxRoles; remoteJmx = true; }); cass2 = nodeCfg "192.168.1.3" { jvmOpts = [ "-Dcassandra.replace_address=cass1" ]; }; }; @@ -82,6 +83,7 @@ in $cass1->waitUntilSucceeds("nodetool ${jmxAuthArgs} status | egrep -c '^UN' | grep 2"); $cass0->succeed("nodetool status --resolve-ip | egrep '^UN[[:space:]]+cass1'"); }; + '' + lib.optionalString testRemoteAuth '' subtest "Remote authenticated jmx", sub { # Doesn't work if not enabled $cass0->waitUntilSucceeds("nc -z localhost 7199"); @@ -92,6 +94,7 @@ in $cass1->waitUntilSucceeds("nc -z localhost 7199"); $cass0->succeed("nodetool -h 192.168.1.2 ${jmxAuthArgs} status"); }; + '' + '' subtest "Break and fix node", sub { $cass1->block; $cass0->waitUntilSucceeds("nodetool status --resolve-ip | egrep -c '^DN[[:space:]]+cass1'"); |