Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Make integration tests environment agnostic
Browse files Browse the repository at this point in the history
psx95 committed Dec 27, 2024
1 parent 2cd373e commit 942977b
Showing 3 changed files with 72 additions and 4 deletions.
5 changes: 4 additions & 1 deletion javaagent-extensions/gcp-auth/build.gradle
Original file line number Diff line number Diff line change
@@ -103,7 +103,10 @@ test {
dependsOn 'copyAgent'
useJUnitPlatform()

environment("GOOGLE_CLOUD_QUOTA_PROJECT", "test-project-id")
def fakeCredsFilePath = project.file("src/test/resources/fakecreds.json").getAbsolutePath()

environment("GOOGLE_CLOUD_QUOTA_PROJECT", "quota-project-id")
environment("GOOGLE_APPLICATION_CREDENTIALS", fakeCredsFilePath.toString())
jvmArgs = [
"-javaagent:${javaAgentJarPath}",
"-Dotel.javaagent.extensions=${authExtensionJarPath}",
Original file line number Diff line number Diff line change
@@ -31,11 +31,18 @@
import io.opentelemetry.proto.common.v1.KeyValue;
import io.opentelemetry.proto.trace.v1.ResourceSpans;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
@@ -61,7 +68,7 @@ public class GcpAuthExtensionSmokeTest {

@Autowired private TestRestTemplate template;

// The port at which the backend server will recieve telemetry
// The port at which the backend server will receive telemetry
private static final int EXPORTER_ENDPOINT_PORT = 4318;
// The port at which the mock GCP metadata server will run
private static final int MOCK_GCP_METADATA_PORT = 8090;
@@ -78,12 +85,19 @@ public class GcpAuthExtensionSmokeTest {
private static final String DUMMY_GCP_PROJECT = System.getProperty("google.cloud.project");

@BeforeAll
public static void setup() {
public static void setup() throws NoSuchAlgorithmException, KeyManagementException {
// Set up the mock server to always respond with 200
// Setup proxy host
System.setProperty("http.proxyHost", "localhost");
System.setProperty("http.proxyPort", MOCK_GCP_METADATA_PORT + "");
System.setProperty("https.proxyHost", "localhost");
System.setProperty("https.proxyPort", MOCK_GCP_METADATA_PORT + "");
System.setProperty("http.nonProxyHost", "localhost");
System.setProperty("https.nonProxyHost", "localhost");

// Disable SSL validation for integration test
// The OAuth2 token validation requires SSL validation
disableSSLValidation();

// Set up mock OTLP backend server to which traces will be exported
backendServer = ClientAndServer.startClientAndServer(EXPORTER_ENDPOINT_PORT);
@@ -93,7 +107,19 @@ public static void setup() {
String accessTokenResponse =
"{\"access_token\": \"fake.access_token\",\"expires_in\": 3600, \"token_type\": \"Bearer\"}";
mockGcpMetadataServer = ClientAndServer.startClientAndServer(MOCK_GCP_METADATA_PORT);
MockServerClient mockServerClient = new MockServerClient("localhost", MOCK_GCP_METADATA_PORT);

MockServerClient mockServerClient =
new MockServerClient("localhost", MOCK_GCP_METADATA_PORT).withSecure(true);

// mock the token refresh
mockServerClient
.when(request().withMethod("POST").withPath("/token"))
.respond(
response()
.withStatusCode(200)
.withHeader("Content-Type", "application/json")
.withBody(new JsonBody(accessTokenResponse)));
// mock the gcp metadata server
mockServerClient
.when(
request()
@@ -138,6 +164,32 @@ public void authExtensionSmokeTest() {

// Helper methods

private static void disableSSLValidation() throws NoSuchAlgorithmException, KeyManagementException {
TrustManager[] trustAllCerts =
new TrustManager[] {
new X509TrustManager() {
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType) {
System.out.println("Reached checkClientTrusted");
}

@Override
public void checkServerTrusted(X509Certificate[] chain, String authType) {
System.out.println("Reached checkServerTrusted");
}

@Override
public X509Certificate[] getAcceptedIssuers() {
System.out.println("No acceptedIssuers");
return null;
}
}
};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}

private void verifyResourceAttributes(List<ResourceSpans> extractedResourceSpans) {
extractedResourceSpans.forEach(
resourceSpan ->
13 changes: 13 additions & 0 deletions javaagent-extensions/gcp-auth/src/test/resources/fakecreds.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"type": "service_account",
"project_id": "quota-project-id",
"private_key_id": "aljmafmlamlmmasma",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKNwapOQ6rQJHetP\nHRlJBIh1OsOsUBiXb3rXXE3xpWAxAha0MH+UPRblOko+5T2JqIb+xKf9Vi3oTM3t\nKvffaOPtzKXZauscjq6NGzA3LgeiMy6q19pvkUUOlGYK6+Xfl+B7Xw6+hBMkQuGE\nnUS8nkpR5mK4ne7djIyfHFfMu4ptAgMBAAECgYA+s0PPtMq1osG9oi4xoxeAGikf\nJB3eMUptP+2DYW7mRibc+ueYKhB9lhcUoKhlQUhL8bUUFVZYakP8xD21thmQqnC4\nf63asad0ycteJMLb3r+z26LHuCyOdPg1pyLk3oQ32lVQHBCYathRMcVznxOG16VK\nI8BFfstJTaJu0lK/wQJBANYFGusBiZsJQ3utrQMVPpKmloO2++4q1v6ZR4puDQHx\nTjLjAIgrkYfwTJBLBRZxec0E7TmuVQ9uJ+wMu/+7zaUCQQDDf2xMnQqYknJoKGq+\noAnyC66UqWC5xAnQS32mlnJ632JXA0pf9pb1SXAYExB1p9Dfqd3VAwQDwBsDDgP6\nHD8pAkEA0lscNQZC2TaGtKZk2hXkdcH1SKru/g3vWTkRHxfCAznJUaza1fx0wzdG\nGcES1Bdez0tbW4llI5By/skZc2eE3QJAFl6fOskBbGHde3Oce0F+wdZ6XIJhEgCP\niukIcKZoZQzoiMJUoVRrA5gqnmaYDI5uRRl/y57zt6YksR3KcLUIuQJAd242M/WF\n6YAZat3q/wEeETeQq1wrooew+8lHl05/Nt0cCpV48RGEhJ83pzBm3mnwHf8lTBJH\nx6XroMXsmbnsEw==\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "100000000000000000221",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/quota-project-id%40appspot.gserviceaccount.com",
"universe_domain": "googleapis.com"
}

0 comments on commit 942977b

Please sign in to comment.