jamesnetherton commented on code in PR #6912:
URL: https://github.com/apache/camel-quarkus/pull/6912#discussion_r1918616192
##########
integration-tests/ssh/src/test/java/org/apache/camel/quarkus/component/ssh/it/SshTestResource.java:
##########
@@ -45,33 +54,77 @@ public Map<String, String> start() {
container = new GenericContainer(SSH_IMAGE)
.withExposedPorts(SSH_PORT)
.withEnv("PASSWORD_ACCESS", "true")
- .withEnv("USER_NAME", "test")
- .withEnv("USER_PASSWORD", "password")
+ .withEnv("USER_NAME", USERNAME)
+ .withEnv("USER_PASSWORD", PASSWORD)
.waitingFor(Wait.forListeningPort());
container.start();
LOGGER.info("Started SSH container to {}:{}", container.getHost(),
container.getMappedPort(SSH_PORT).toString());
- return CollectionHelper.mapOf(
- "quarkus.ssh.host",
- container.getHost(),
- "quarkus.ssh.port",
- container.getMappedPort(SSH_PORT).toString());
+ securedPort = AvailablePortFinder.getNextAvailable();
+
+ var sshd = SshServer.setUpDefaultServer();
+ sshd.setPort(securedPort);
+ sshd.setKeyPairProvider(new
FileKeyPairProvider(Paths.get(getHostKey())));
+ sshd.setCommandFactory(new TestEchoCommandFactory());
+ sshd.setPasswordAuthenticator((username, password, session) ->
true);
+ sshd.setPublickeyAuthenticator((username, key, session) -> true);
+ sshd.start();
+
+ sshds.add(sshd);
+
+ edPort = AvailablePortFinder.getNextAvailable();
+
+ sshd = SshServer.setUpDefaultServer();
+ sshd.setPort(edPort);
+ sshd.setKeyPairProvider(new
FileKeyPairProvider(Paths.get("target/classes/edDSA/key_ed25519.pem")));
+ sshd.setCommandFactory(new TestEchoCommandFactory());
+ sshd.setPasswordAuthenticator((username, password, session) ->
true);
+ sshd.setPublickeyAuthenticator((username, key, session) -> true);
+ sshd.start();
+
+ sshds.add(sshd);
+
+ LOGGER.info("Started SSHD server to {}:{}", container.getHost(),
+ securedPort);
+
+ return Map.of(
+ "quarkus.ssh.host", "localhost",
+ "quarkus.ssh.port",
container.getMappedPort(SSH_PORT).toString(),
+ "quarkus.ssh.secured-port", securedPort + "",
+ "quarkus.ssh.ed-port", edPort + "",
+ "ssh.username", USERNAME,
+ "ssh.password", PASSWORD);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
+ //todo proper path (no target)
+ protected String getHostKey() {
+ //todo test
+ // return "target/classes/hostkey.pem";
+ return "target/certs/user01.key";
+ }
+
@Override
public void stop() {
- LOGGER.info("Stopping SSH container");
+ LOGGER.info("Stopping SSH container and servers");
try {
if (container != null) {
container.stop();
}
+ sshds.stream().forEach(s -> {
Review Comment:
```suggestion
sshds.forEach(s -> {
```
##########
integration-tests/ssh/pom.xml:
##########
@@ -51,6 +59,11 @@
<artifactId>rest-assured</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.assertj</groupId>
+ <artifactId>assertj-core</artifactId>
Review Comment:
Do we need this?
##########
integration-tests/ssh/pom.xml:
##########
@@ -98,6 +115,48 @@
</plugins>
</build>
</profile>
+ <profile>
+ <id>non-fips</id>
+ <activation>
+ <property>
+ <name>!fips</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>generate-certs.sh</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>exec</goal>
+ </goals>
+ <configuration>
+ <executable>bash</executable>
+ <arguments>
+
<argument>${basedir}/generate-certs.sh</argument>
Review Comment:
> generation script requires open-ssh -> if it would be a problem for CLI,
I'll switch from automatic generation to storing generated certificates into
github
For now, I think we should just commit the certs, remove this
`exec-maven-plugin` execution and keep the script so that certs can be
regenerated manually if needed. The README note about the script / FIPS profile
could also be removed.
Might be worth opening a follow up issue to see if we can somehow get the
cert generator to do this.
##########
integration-tests/ssh/src/test/java/org/apache/camel/quarkus/component/ssh/it/SshTestResource.java:
##########
@@ -45,33 +54,77 @@ public Map<String, String> start() {
container = new GenericContainer(SSH_IMAGE)
.withExposedPorts(SSH_PORT)
.withEnv("PASSWORD_ACCESS", "true")
- .withEnv("USER_NAME", "test")
- .withEnv("USER_PASSWORD", "password")
+ .withEnv("USER_NAME", USERNAME)
+ .withEnv("USER_PASSWORD", PASSWORD)
.waitingFor(Wait.forListeningPort());
container.start();
LOGGER.info("Started SSH container to {}:{}", container.getHost(),
container.getMappedPort(SSH_PORT).toString());
- return CollectionHelper.mapOf(
- "quarkus.ssh.host",
- container.getHost(),
- "quarkus.ssh.port",
- container.getMappedPort(SSH_PORT).toString());
+ securedPort = AvailablePortFinder.getNextAvailable();
+
+ var sshd = SshServer.setUpDefaultServer();
+ sshd.setPort(securedPort);
+ sshd.setKeyPairProvider(new
FileKeyPairProvider(Paths.get(getHostKey())));
+ sshd.setCommandFactory(new TestEchoCommandFactory());
+ sshd.setPasswordAuthenticator((username, password, session) ->
true);
+ sshd.setPublickeyAuthenticator((username, key, session) -> true);
+ sshd.start();
+
+ sshds.add(sshd);
+
+ edPort = AvailablePortFinder.getNextAvailable();
+
+ sshd = SshServer.setUpDefaultServer();
+ sshd.setPort(edPort);
+ sshd.setKeyPairProvider(new
FileKeyPairProvider(Paths.get("target/classes/edDSA/key_ed25519.pem")));
+ sshd.setCommandFactory(new TestEchoCommandFactory());
+ sshd.setPasswordAuthenticator((username, password, session) ->
true);
+ sshd.setPublickeyAuthenticator((username, key, session) -> true);
+ sshd.start();
+
+ sshds.add(sshd);
+
+ LOGGER.info("Started SSHD server to {}:{}", container.getHost(),
+ securedPort);
+
+ return Map.of(
+ "quarkus.ssh.host", "localhost",
+ "quarkus.ssh.port",
container.getMappedPort(SSH_PORT).toString(),
+ "quarkus.ssh.secured-port", securedPort + "",
+ "quarkus.ssh.ed-port", edPort + "",
+ "ssh.username", USERNAME,
+ "ssh.password", PASSWORD);
} catch (Exception e) {
throw new RuntimeException(e);
}
}
+ //todo proper path (no target)
+ protected String getHostKey() {
+ //todo test
+ // return "target/classes/hostkey.pem";
+ return "target/certs/user01.key";
+ }
+
@Override
public void stop() {
- LOGGER.info("Stopping SSH container");
+ LOGGER.info("Stopping SSH container and servers");
try {
if (container != null) {
container.stop();
}
+ sshds.stream().forEach(s -> {
+ try {
+ s.stop(true);
+ Thread.sleep(50);
Review Comment:
Do we need to sleep?
##########
integration-tests/ssh/src/test/java/org/apache/camel/quarkus/component/ssh/it/SshTestResource.java:
##########
@@ -45,33 +54,77 @@ public Map<String, String> start() {
container = new GenericContainer(SSH_IMAGE)
Review Comment:
If we're going to use the embedded SSHD server, then we should probably
replace usage of the container with the embedded server for consistency.
Could done as a future follow up.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
