test: test using --service-password-file

3879c4d2 · Georgy Moshkin · Yaroslav Dynnikov · ba1457b3 · 3879c4d2 · 3879c4d2
Commit 3879c4d2 authored 1 year ago by Georgy Moshkin Committed by Yaroslav Dynnikov 1 year ago
--- a/test/conftest.py
+++ b/test/conftest.py
@@ -475,6 +475,7 @@ class Instance:
    instance_id: str | None = None
    replicaset_id: str | None = None
    failure_domain: dict[str, str] = field(default_factory=dict)
+    service_password_file: str | None = None
    env: dict[str, str] = field(default_factory=dict)
    process: subprocess.Popen | None = None
    raft_id: int = INVALID_RAFT_ID
@@ -512,6 +513,7 @@ class Instance:
    @property
    def command(self):
        audit = self.audit_flag_value
+        service_password = self.service_password_file

        # fmt: off
        return [
@@ -529,6 +531,7 @@ class Instance:
              if self.init_cfg_path is not None else []),
            *(["--tier", self.tier] if self.tier is not None else []),
            *(["--audit", audit] if audit else []),
+            *(["--service-password-file", service_password] if service_password else []),
        ]
        # fmt: on

@@ -541,6 +544,11 @@ class Instance:
    ):
        if user is None:
            user = "pico_service"
+            if password is None and self.service_password_file is not None:
+                with open(self.service_password_file, "r") as f:
+                    password = f.readline()
+                    if password.endswith("\n"):
+                        password = password[:-1]

        c = Connection(
            self.host,

--- a/test/int/test_basics.py
+++ b/test/int/test_basics.py
@@ -10,6 +10,7 @@ from conftest import (
    TarantoolError,
    ReturnError,
    MalformedAPI,
+    log_crawler,
 )


@@ -503,3 +504,28 @@ def test_file_shredding(cluster: Cluster, tmp_path):

    assert xlog_before_shred != xlog_after_shred
    assert snap_before_shred != snap_after_shred
+
+
+def test_pico_service_password_security_warning(cluster: Cluster):
+    password_file = f"{cluster.data_dir}/service-password.txt"
+    with open(password_file, "w") as f:
+        print("secret", file=f)
+
+    i1 = cluster.add_instance(wait_online=False)
+    i1.service_password_file = password_file
+
+    message = "service password file's permissions are too open, this is a security risk"  # noqa: E501
+    lc = log_crawler(i1, message)
+    i1.start()
+    i1.wait_online()
+    assert lc.matched
+
+    i1.terminate()
+    i1.remove_data()
+
+    os.chmod(password_file, 0o600)
+
+    lc.matched = False
+    i1.start()
+    i1.wait_online()
+    assert not lc.matched
--- a/test/int/test_joining.py
+++ b/test/int/test_joining.py
 import re
 import pytest
+import time

 from conftest import (
    Cluster,
    Instance,
    Retriable,
    TarantoolError,
+    log_crawler,
 )


@@ -344,3 +346,38 @@ def test_fail_to_join(cluster: Cluster):
    """
    )
    assert {tuple(i) for i in joined_instances} == {(i1.instance_id, i1.raft_id)}
+
+
+def test_pico_service_invalid_password(cluster: Cluster):
+    password_file = f"{cluster.data_dir}/service-password.txt"
+    with open(password_file, "w") as f:
+        print("secret", file=f)
+
+    i1 = cluster.add_instance(wait_online=False)
+    i1.service_password_file = password_file
+    i1.start()
+    i1.wait_online()
+
+    i2 = cluster.add_instance(wait_online=False)
+    lc = log_crawler(i2, "User not found or supplied credentials are invalid")
+    i2.start()
+    # i2 blocks on the "discovery" stage, because only pico_service is allowed
+    # to call .proc_discover, but i2 doesn't know the password.
+    #
+    # And we don't exit from "discovery" stage on error
+    time.sleep(1)
+    assert lc.matched
+    i2.terminate()
+
+    # Now i2 knows the password so it successfully joins
+    i2.service_password_file = password_file
+    i2.start()
+    i2.wait_online()
+    i2.terminate()
+
+    # i2 forgets the password again, and now it does exit with error,
+    # because self activation fails
+    i2.service_password_file = None
+    lc.matched = False
+    i2.fail_to_start()
+    assert lc.matched