[#497] config: Add examples and unit tests

Add examples and unit tests for tree.authorized_keys section.

Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com>
This commit is contained in:
Dmitrii Stepanov 2023-07-12 15:37:35 +03:00 committed by Evgenii Stratonikov
parent 486287c2f7
commit d8e37a827f
4 changed files with 20 additions and 1 deletions

View file

@ -7,6 +7,7 @@ import (
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config" "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
configtest "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/test" configtest "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/test"
treeconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/tree" treeconfig "git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config/tree"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
@ -21,10 +22,19 @@ func TestTreeSection(t *testing.T) {
require.Equal(t, 0, treeSec.ReplicationChannelCapacity()) require.Equal(t, 0, treeSec.ReplicationChannelCapacity())
require.Equal(t, 0, treeSec.ReplicationWorkerCount()) require.Equal(t, 0, treeSec.ReplicationWorkerCount())
require.Equal(t, time.Duration(0), treeSec.ReplicationTimeout()) require.Equal(t, time.Duration(0), treeSec.ReplicationTimeout())
require.Equal(t, 0, len(treeSec.AuthorizedKeys()))
}) })
const path = "../../../../config/example/node" const path = "../../../../config/example/node"
var expectedKeys keys.PublicKeys
key, err := keys.NewPublicKeyFromString("0397d207ea77909f7d66fa6f36d08daae22ace672be7ea4f53513484dde8a142a0")
require.NoError(t, err)
expectedKeys = append(expectedKeys, key)
key, err = keys.NewPublicKeyFromString("02053819235c20d784132deba10bb3061629e3a5c819a039ef091841d9d35dad56")
require.NoError(t, err)
expectedKeys = append(expectedKeys, key)
var fileConfigTest = func(c *config.Config) { var fileConfigTest = func(c *config.Config) {
treeSec := treeconfig.Tree(c) treeSec := treeconfig.Tree(c)
@ -34,6 +44,7 @@ func TestTreeSection(t *testing.T) {
require.Equal(t, 32, treeSec.ReplicationWorkerCount()) require.Equal(t, 32, treeSec.ReplicationWorkerCount())
require.Equal(t, 5*time.Second, treeSec.ReplicationTimeout()) require.Equal(t, 5*time.Second, treeSec.ReplicationTimeout())
require.Equal(t, time.Hour, treeSec.SyncInterval()) require.Equal(t, time.Hour, treeSec.SyncInterval())
require.Equal(t, expectedKeys, treeSec.AuthorizedKeys())
} }
configtest.ForEachFileType(path, fileConfigTest) configtest.ForEachFileType(path, fileConfigTest)

View file

@ -36,6 +36,7 @@ FROSTFS_TREE_REPLICATION_CHANNEL_CAPACITY=32
FROSTFS_TREE_REPLICATION_WORKER_COUNT=32 FROSTFS_TREE_REPLICATION_WORKER_COUNT=32
FROSTFS_TREE_REPLICATION_TIMEOUT=5s FROSTFS_TREE_REPLICATION_TIMEOUT=5s
FROSTFS_TREE_SYNC_INTERVAL=1h FROSTFS_TREE_SYNC_INTERVAL=1h
FROSTFS_TREE_AUTHORIZED_KEYS="0397d207ea77909f7d66fa6f36d08daae22ace672be7ea4f53513484dde8a142a0 02053819235c20d784132deba10bb3061629e3a5c819a039ef091841d9d35dad56"
# gRPC section # gRPC section
## 0 server ## 0 server

View file

@ -75,7 +75,11 @@
"replication_channel_capacity": 32, "replication_channel_capacity": 32,
"replication_worker_count": 32, "replication_worker_count": 32,
"replication_timeout": "5s", "replication_timeout": "5s",
"sync_interval": "1h" "sync_interval": "1h",
"authorized_keys": [
"0397d207ea77909f7d66fa6f36d08daae22ace672be7ea4f53513484dde8a142a0",
"02053819235c20d784132deba10bb3061629e3a5c819a039ef091841d9d35dad56"
]
}, },
"control": { "control": {
"authorized_keys": [ "authorized_keys": [

View file

@ -62,6 +62,9 @@ tree:
replication_channel_capacity: 32 replication_channel_capacity: 32
replication_timeout: 5s replication_timeout: 5s
sync_interval: 1h sync_interval: 1h
authorized_keys: # list of hex-encoded public keys that have rights to use the Tree Service with frostfs-cli
- 0397d207ea77909f7d66fa6f36d08daae22ace672be7ea4f53513484dde8a142a0
- 02053819235c20d784132deba10bb3061629e3a5c819a039ef091841d9d35dad56
control: control:
authorized_keys: # list of hex-encoded public keys that have rights to use the Control Service authorized_keys: # list of hex-encoded public keys that have rights to use the Control Service