Make integration tests environment agnostic

psx95 · Dec 27, 2024 · 7b3ef22 · 7b3ef22
1 parent 2cd373e
commit 7b3ef22
Show file tree

Hide file tree

Showing 3 changed files with 72 additions and 4 deletions.
diff --git a/javaagent-extensions/gcp-auth/build.gradle b/javaagent-extensions/gcp-auth/build.gradle
@@ -103,7 +103,10 @@ test {
 	dependsOn 'copyAgent'
 	useJUnitPlatform()
 
-	environment("GOOGLE_CLOUD_QUOTA_PROJECT", "test-project-id")
+	def fakeCredsFilePath = project.file("src/test/resources/fakecreds.json").getAbsolutePath()
+
+	environment("GOOGLE_CLOUD_QUOTA_PROJECT", "quota-project-id")
+	environment("GOOGLE_APPLICATION_CREDENTIALS", fakeCredsFilePath.toString())
 	jvmArgs = [
 		"-javaagent:${javaAgentJarPath}",
 		"-Dotel.javaagent.extensions=${authExtensionJarPath}",

diff --git a/...rc/test/java/com/google/cloud/opentelemetry/extension/auth/GcpAuthExtensionSmokeTest.java b/...rc/test/java/com/google/cloud/opentelemetry/extension/auth/GcpAuthExtensionSmokeTest.java
@@ -31,11 +31,18 @@
 import io.opentelemetry.proto.common.v1.KeyValue;
 import io.opentelemetry.proto.trace.v1.ResourceSpans;
 import java.net.URI;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Optional;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
@@ -61,7 +68,7 @@ public class GcpAuthExtensionSmokeTest {
 
   @Autowired private TestRestTemplate template;
 
-  // The port at which the backend server will recieve telemetry
+  // The port at which the backend server will receive telemetry
   private static final int EXPORTER_ENDPOINT_PORT = 4318;
   // The port at which the mock GCP metadata server will run
   private static final int MOCK_GCP_METADATA_PORT = 8090;
@@ -78,12 +85,19 @@ public class GcpAuthExtensionSmokeTest {
   private static final String DUMMY_GCP_PROJECT = System.getProperty("google.cloud.project");
 
   @BeforeAll
-  public static void setup() {
+  public static void setup() throws NoSuchAlgorithmException, KeyManagementException {
     // Set up the mock server to always respond with 200
     // Setup proxy host
     System.setProperty("http.proxyHost", "localhost");
     System.setProperty("http.proxyPort", MOCK_GCP_METADATA_PORT + "");
+    System.setProperty("https.proxyHost", "localhost");
+    System.setProperty("https.proxyPort", MOCK_GCP_METADATA_PORT + "");
     System.setProperty("http.nonProxyHost", "localhost");
+    System.setProperty("https.nonProxyHost", "localhost");
+
+    // Disable SSL validation for integration test
+    // The OAuth2 token validation requires SSL validation
+    disableSSLValidation();
 
     // Set up mock OTLP backend server to which traces will be exported
     backendServer = ClientAndServer.startClientAndServer(EXPORTER_ENDPOINT_PORT);
@@ -93,7 +107,19 @@ public static void setup() {
     String accessTokenResponse =
         "{\"access_token\": \"fake.access_token\",\"expires_in\": 3600, \"token_type\": \"Bearer\"}";
     mockGcpMetadataServer = ClientAndServer.startClientAndServer(MOCK_GCP_METADATA_PORT);
-    MockServerClient mockServerClient = new MockServerClient("localhost", MOCK_GCP_METADATA_PORT);
+
+    MockServerClient mockServerClient =
+        new MockServerClient("localhost", MOCK_GCP_METADATA_PORT).withSecure(true);
+
+    // mock the token refresh
+    mockServerClient
+        .when(request().withMethod("POST").withPath("/token"))
+        .respond(
+            response()
+                .withStatusCode(200)
+                .withHeader("Content-Type", "application/json")
+                .withBody(new JsonBody(accessTokenResponse)));
+    // mock the gcp metadata server
     mockServerClient
         .when(
             request()
@@ -138,6 +164,32 @@ public void authExtensionSmokeTest() {
 
   // Helper methods
 
+  private static void disableSSLValidation() throws NoSuchAlgorithmException, KeyManagementException {
+    TrustManager[] trustAllCerts =
+        new TrustManager[] {
+            new X509TrustManager() {
+              @Override
+              public void checkClientTrusted(X509Certificate[] chain, String authType) {
+                System.out.println("Reached checkClientTrusted");
+              }
+
+              @Override
+              public void checkServerTrusted(X509Certificate[] chain, String authType) {
+                System.out.println("Reached checkServerTrusted");
+              }
+
+              @Override
+              public X509Certificate[] getAcceptedIssuers() {
+                System.out.println("No acceptedIssuers");
+                return null;
+              }
+            }
+        };
+    SSLContext sc = SSLContext.getInstance("SSL");
+    sc.init(null, trustAllCerts, new java.security.SecureRandom());
+    HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
+  }
+
   private void verifyResourceAttributes(List<ResourceSpans> extractedResourceSpans) {
     extractedResourceSpans.forEach(
         resourceSpan ->

diff --git a/javaagent-extensions/gcp-auth/src/test/resources/fakecreds.json b/javaagent-extensions/gcp-auth/src/test/resources/fakecreds.json
@@ -0,0 +1,13 @@
+{
+  "type": "service_account",
+  "project_id": "quota-project-id",
+  "private_key_id": "aljmafmlamlmmasma",
+  "private_key": "-----BEGIN PRIVATE KEY-----\nMIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKNwapOQ6rQJHetP\nHRlJBIh1OsOsUBiXb3rXXE3xpWAxAha0MH+UPRblOko+5T2JqIb+xKf9Vi3oTM3t\nKvffaOPtzKXZauscjq6NGzA3LgeiMy6q19pvkUUOlGYK6+Xfl+B7Xw6+hBMkQuGE\nnUS8nkpR5mK4ne7djIyfHFfMu4ptAgMBAAECgYA+s0PPtMq1osG9oi4xoxeAGikf\nJB3eMUptP+2DYW7mRibc+ueYKhB9lhcUoKhlQUhL8bUUFVZYakP8xD21thmQqnC4\nf63asad0ycteJMLb3r+z26LHuCyOdPg1pyLk3oQ32lVQHBCYathRMcVznxOG16VK\nI8BFfstJTaJu0lK/wQJBANYFGusBiZsJQ3utrQMVPpKmloO2++4q1v6ZR4puDQHx\nTjLjAIgrkYfwTJBLBRZxec0E7TmuVQ9uJ+wMu/+7zaUCQQDDf2xMnQqYknJoKGq+\noAnyC66UqWC5xAnQS32mlnJ632JXA0pf9pb1SXAYExB1p9Dfqd3VAwQDwBsDDgP6\nHD8pAkEA0lscNQZC2TaGtKZk2hXkdcH1SKru/g3vWTkRHxfCAznJUaza1fx0wzdG\nGcES1Bdez0tbW4llI5By/skZc2eE3QJAFl6fOskBbGHde3Oce0F+wdZ6XIJhEgCP\niukIcKZoZQzoiMJUoVRrA5gqnmaYDI5uRRl/y57zt6YksR3KcLUIuQJAd242M/WF\n6YAZat3q/wEeETeQq1wrooew+8lHl05/Nt0cCpV48RGEhJ83pzBm3mnwHf8lTBJH\nx6XroMXsmbnsEw==\n-----END PRIVATE KEY-----\n",
+  "client_email": "[email protected]",
+  "client_id": "100000000000000000221",
+  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+  "token_uri": "https://oauth2.googleapis.com/token",
+  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/quota-project-id%40appspot.gserviceaccount.com",
+  "universe_domain": "googleapis.com"
+}