thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-26 09:32:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

test_for_basic_auth_registry - mock up

Browse Source
This commit is contained in:
Ilya Golshtein 2023-04-29 21:23:55 +00:00
parent 46e03432a9
commit 8b0fc82834
5 changed files with 43 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docker/test/integration/runner/compose/docker_compose_kafka.yml
View File

@ -39,7 +39,17 @@ services:
environment: environment:
SCHEMA_REGISTRY_HOST_NAME: schema-registry SCHEMA_REGISTRY_HOST_NAME: schema-registry
SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: PLAINTEXT SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: PLAINTEXT
# SCHEMA_REGISTRY_KAFKASTORE_SECURITY_PROTOCOL: BASIC
SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: PLAINTEXT://kafka1:19092 SCHEMA_REGISTRY_KAFKASTORE_BOOTSTRAP_SERVERS: PLAINTEXT://kafka1:19092
SCHEMA_REGISTRY_AUTHENTICATION_METHOD: BASIC
# SCHEMA_REGISTRY_BASIC_AUTH_CREDENTIALS_SOURCE: USER_INFO
# SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO: fred:letmein
# SCHEMA_REGISTRY_SCHEMA_REGISTRY_BASIC_AUTH_USER_INFO: fred:letmein
SCHEMA_REGISTRY_AUTHENTICATION_ROLES: schemaadmin, schemauser
SCHEMA_REGISTRY_AUTHENTICATION_REALM: RealmFooBar
SCHEMA_REGISTRY_OPTS: "-Djava.security.auth.login.config=/etc/schema-registry/secrets/schema_registry_jaas.conf"
volumes:
- ${SCHEMA_REGISTRY_DIR:-}/secrets:/etc/schema-registry/secrets
depends_on: depends_on:
- kafka_zookeeper - kafka_zookeeper
- kafka1 - kafka1

22
tests/integration/helpers/cluster.py
View File

@ -1159,10 +1159,13 @@ class ClickHouseCluster:
] ]
return self.base_kerberized_hdfs_cmd return self.base_kerberized_hdfs_cmd
def setup_kafka_cmd(self, instance, env_variables, docker_compose_yml_dir): def setup_kafka_cmd(
self, instance, env_variables, docker_compose_yml_dir
):
self.with_kafka = True self.with_kafka = True
env_variables["KAFKA_HOST"] = self.kafka_host env_variables["KAFKA_HOST"] = self.kafka_host
env_variables["KAFKA_EXTERNAL_PORT"] = str(self.kafka_port) env_variables["KAFKA_EXTERNAL_PORT"] = str(self.kafka_port)
env_variables["SCHEMA_REGISTRY_DIR"] = instance.path + "/"
env_variables["SCHEMA_REGISTRY_EXTERNAL_PORT"] = str(self.schema_registry_port) env_variables["SCHEMA_REGISTRY_EXTERNAL_PORT"] = str(self.schema_registry_port)
env_variables["SCHEMA_REGISTRY_INTERNAL_PORT"] = "8081" env_variables["SCHEMA_REGISTRY_INTERNAL_PORT"] = "8081"
self.base_cmd.extend( self.base_cmd.extend(
@ -1498,6 +1501,7 @@ class ClickHouseCluster:
with_kafka=False, with_kafka=False,
with_kerberized_kafka=False, with_kerberized_kafka=False,
with_kerberos_kdc=False, with_kerberos_kdc=False,
with_secrets=False,
with_rabbitmq=False, with_rabbitmq=False,
with_nats=False, with_nats=False,
clickhouse_path_dir=None, clickhouse_path_dir=None,
@ -1604,6 +1608,7 @@ class ClickHouseCluster:
with_nats=with_nats, with_nats=with_nats,
with_nginx=with_nginx, with_nginx=with_nginx,
with_kerberized_hdfs=with_kerberized_hdfs, with_kerberized_hdfs=with_kerberized_hdfs,
with_secrets=with_secrets or with_kerberized_hdfs or with_kerberos_kdc or with_kerberized_kafka,
with_mongo=with_mongo or with_mongo_secure, with_mongo=with_mongo or with_mongo_secure,
with_meili=with_meili, with_meili=with_meili,
with_redis=with_redis, with_redis=with_redis,
@ -3135,6 +3140,7 @@ class ClickHouseInstance:
with_nats, with_nats,
with_nginx, with_nginx,
with_kerberized_hdfs, with_kerberized_hdfs,
with_secrets,
with_mongo, with_mongo,
with_meili, with_meili,
with_redis, with_redis,
@ -3197,7 +3203,7 @@ class ClickHouseInstance:
if clickhouse_path_dir if clickhouse_path_dir
else None else None
) )
self.kerberos_secrets_dir = p.abspath(p.join(base_path, "secrets")) self.secrets_dir = p.abspath(p.join(base_path, "secrets"))
self.macros = macros if macros is not None else {} self.macros = macros if macros is not None else {}
self.with_zookeeper = with_zookeeper self.with_zookeeper = with_zookeeper
self.zookeeper_config_path = zookeeper_config_path self.zookeeper_config_path = zookeeper_config_path
@ -3220,6 +3226,7 @@ class ClickHouseInstance:
self.with_nats = with_nats self.with_nats = with_nats
self.with_nginx = with_nginx self.with_nginx = with_nginx
self.with_kerberized_hdfs = with_kerberized_hdfs self.with_kerberized_hdfs = with_kerberized_hdfs
self.with_secrets = with_secrets
self.with_mongo = with_mongo self.with_mongo = with_mongo
self.with_meili = with_meili self.with_meili = with_meili
self.with_redis = with_redis self.with_redis = with_redis
@ -4217,17 +4224,16 @@ class ClickHouseInstance:
if self.with_zookeeper: if self.with_zookeeper:
shutil.copy(self.zookeeper_config_path, conf_d_dir) shutil.copy(self.zookeeper_config_path, conf_d_dir)
if ( if self.with_secrets:
self.with_kerberized_kafka
or self.with_kerberized_hdfs
or self.with_kerberos_kdc
):
if self.with_kerberos_kdc: if self.with_kerberos_kdc:
base_secrets_dir = self.cluster.instances_dir base_secrets_dir = self.cluster.instances_dir
else: else:
base_secrets_dir = self.path base_secrets_dir = self.path
from_dir=self.secrets_dir
to_dir=p.abspath(p.join(base_secrets_dir, "secrets"))
logging.debug(f"Copy secret from {from_dir} to {to_dir}")
shutil.copytree( shutil.copytree(
self.kerberos_secrets_dir, self.secrets_dir,
p.abspath(p.join(base_secrets_dir, "secrets")), p.abspath(p.join(base_secrets_dir, "secrets")),
dirs_exist_ok=True, dirs_exist_ok=True,
) )

1
tests/integration/test_format_avro_confluent/secrets/password Normal file
View File

@ -0,0 +1 @@
schemauser: MD5:0d107d09f5bbe40cade3de5c71e9e9b7,user

5
tests/integration/test_format_avro_confluent/secrets/schema_registry_jaas.conf Normal file
View File

@ -0,0 +1,5 @@
RealmFooBar {
org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
file="/etc/schema-registry/secrets/password"
debug="true";
};

18
tests/integration/test_format_avro_confluent/test.py
View File

@ -14,7 +14,7 @@ from helpers.cluster import ClickHouseCluster, ClickHouseInstance
def started_cluster(): def started_cluster():
try: try:
cluster = ClickHouseCluster(__file__) cluster = ClickHouseCluster(__file__)
cluster.add_instance("dummy", with_kafka=True) cluster.add_instance("dummy", with_kafka=True, with_secrets=True)
logging.info("Starting cluster...") logging.info("Starting cluster...")
cluster.start() cluster.start()
logging.info("Cluster started") logging.info("Cluster started")
@ -39,10 +39,13 @@ def run_query(instance, query, data=None, settings=None):
def test_select(started_cluster): def test_select(started_cluster):
# type: (ClickHouseCluster) -> None # type: (ClickHouseCluster) -> None
input("Cluster created, press any key to destroy...")
schema_registry_client = CachedSchemaRegistryClient( reg_url="http://localhost:{}".format(
"http://localhost:{}".format(started_cluster.schema_registry_port) started_cluster.schema_registry_port)
) arg={'url':reg_url,'basic.auth.credentials.source':'USER_INFO','basic.auth.user.info':'schemauser:letmein'}
schema_registry_client = CachedSchemaRegistryClient(arg)
serializer = MessageSerializer(schema_registry_client) serializer = MessageSerializer(schema_registry_client)
schema = avro.schema.make_avsc_object( schema = avro.schema.make_avsc_object(
@ -62,7 +65,12 @@ def test_select(started_cluster):
data = buf.getvalue() data = buf.getvalue()
instance = started_cluster.instances["dummy"] # type: ClickHouseInstance instance = started_cluster.instances["dummy"] # type: ClickHouseInstance
schema_registry_url = "http://{}:{}".format( # schema_registry_url = "http://{}:{}@{}:{}".format(
# 'schemauser', 'letmein',
# started_cluster.schema_registry_host, 8081
# )
schema_registry_url = "http://{}:{}@{}:{}".format(
'schemauser', 'letmein',
started_cluster.schema_registry_host, 8081 started_cluster.schema_registry_host, 8081
) )