integration-cli: Replace sleeps with polling in swarm lock/unlock tests
This will hopefully make the tests more robust by replacing a fixed 3s sleep with a polling loop that looks at whether the key PEM file is encrypted or not. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This commit is contained in:
Aaron Lehmann
parent
8b1adf55c2
commit
17173efbe0
1 changed files with 22 additions and 17 deletions
|
|
@ -4,7 +4,9 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"crypto/x509"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"encoding/pem"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
@ -992,32 +994,35 @@ func getNodeStatus(c *check.C, d *daemon.Swarm) swarm.LocalNodeState {
|
||||||
return info.LocalNodeState
|
return info.LocalNodeState
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkSwarmLockedToUnlocked(c *check.C, d *daemon.Swarm, unlockKey string) {
|
func checkKeyIsEncrypted(d *daemon.Swarm) func(*check.C) (interface{}, check.CommentInterface) {
|
||||||
d.Restart(c)
|
return func(c *check.C) (interface{}, check.CommentInterface) {
|
||||||
status := getNodeStatus(c, d)
|
keyBytes, err := ioutil.ReadFile(filepath.Join(d.Folder, "root", "swarm", "certificates", "swarm-node.key"))
|
||||||
if status == swarm.LocalNodeStateLocked {
|
if err != nil {
|
||||||
// it must not have updated to be unlocked in time - unlock, wait 3 seconds, and try again
|
return fmt.Errorf("error reading key: %v", err), nil
|
||||||
cmd := d.Command("swarm", "unlock")
|
|
||||||
cmd.Stdin = bytes.NewBufferString(unlockKey)
|
|
||||||
icmd.RunCmd(cmd).Assert(c, icmd.Success)
|
|
||||||
|
|
||||||
c.Assert(getNodeStatus(c, d), checker.Equals, swarm.LocalNodeStateActive)
|
|
||||||
|
|
||||||
time.Sleep(3 * time.Second)
|
|
||||||
d.Restart(c)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
keyBlock, _ := pem.Decode(keyBytes)
|
||||||
|
if keyBlock == nil {
|
||||||
|
return fmt.Errorf("invalid PEM-encoded private key"), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return x509.IsEncryptedPEMBlock(keyBlock), nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func checkSwarmLockedToUnlocked(c *check.C, d *daemon.Swarm, unlockKey string) {
|
||||||
|
// Wait for the PEM file to become unencrypted
|
||||||
|
waitAndAssert(c, defaultReconciliationTimeout, checkKeyIsEncrypted(d), checker.Equals, false)
|
||||||
|
|
||||||
|
d.Restart(c)
|
||||||
c.Assert(getNodeStatus(c, d), checker.Equals, swarm.LocalNodeStateActive)
|
c.Assert(getNodeStatus(c, d), checker.Equals, swarm.LocalNodeStateActive)
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkSwarmUnlockedToLocked(c *check.C, d *daemon.Swarm) {
|
func checkSwarmUnlockedToLocked(c *check.C, d *daemon.Swarm) {
|
||||||
|
// Wait for the PEM file to become encrypted
|
||||||
|
waitAndAssert(c, defaultReconciliationTimeout, checkKeyIsEncrypted(d), checker.Equals, true)
|
||||||
|
|
||||||
d.Restart(c)
|
d.Restart(c)
|
||||||
status := getNodeStatus(c, d)
|
|
||||||
if status == swarm.LocalNodeStateActive {
|
|
||||||
// it must not have updated to be unlocked in time - wait 3 seconds, and try again
|
|
||||||
time.Sleep(3 * time.Second)
|
|
||||||
d.Restart(c)
|
|
||||||
}
|
|
||||||
c.Assert(getNodeStatus(c, d), checker.Equals, swarm.LocalNodeStateLocked)
|
c.Assert(getNodeStatus(c, d), checker.Equals, swarm.LocalNodeStateLocked)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue