Enable SecureStore configuration during init
Add new flag for the init program: * --secure-store-lib That enables configuration of SecureStore during init. It will automatically discover implementations of SecureStore interface inside jar file. If there is not exactly one implementation the init will fail. During init the SecureStore jar file will be added to Gerrit classpath. Then after init this file will be copied to $gerrit_site/lib directory. The discovered value of 'secureStoreImpl' will be saved in the gerrit.config file. This change also introduces a @SecureStoreClassName String binding early in the startup so that this can be injected anywhere without worrying about having the @GerritServerConfig bound (which itself requires an injection of the SecureStore). If an already initialized site with a custom secure store is init-ed again and the --secure-store-lib option is not specified then the gerrit.secureStoreClass is honored to ensure we use the same secure store implementation. If the --secure-store-lib option is specified then the gerrit.secureStoreClass is ignored during init and will be overwritten with the new secure store. Without this modification schema updates will fail because of wrong password when custom SecureStore is used. Change-Id: Iae22bbdace0d9c7e7db0690c4bf522176fc3308e Signed-off-by: Dariusz Luksza <dariusz@luksza.org>
This commit is contained in:
Dariusz Luksza
committed by
David Pursehouse
David Pursehouse
parent
f62a233cc4
commit
256ec34af2
@@ -28,8 +28,10 @@ import com.google.gerrit.pgm.init.api.ConsoleUI;
|
||||
import com.google.gerrit.pgm.init.api.InitFlags;
|
||||
import com.google.gerrit.pgm.init.api.Section;
|
||||
import com.google.gerrit.server.config.SitePaths;
|
||||
import com.google.gerrit.server.securestore.SecureStore;
|
||||
|
||||
import org.eclipse.jgit.errors.ConfigInvalidException;
|
||||
import org.eclipse.jgit.lib.Config;
|
||||
import org.eclipse.jgit.storage.file.FileBasedConfig;
|
||||
import org.eclipse.jgit.util.FS;
|
||||
import org.eclipse.jgit.util.IO;
|
||||
@@ -40,6 +42,7 @@ import java.io.FileWriter;
|
||||
import java.io.IOException;
|
||||
import java.io.Writer;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
public class UpgradeFrom2_0_xTest extends InitTestCase {
|
||||
@@ -71,13 +74,14 @@ public class UpgradeFrom2_0_xTest extends InitTestCase {
|
||||
old.setString("sendemail", null, "smtpPass", "email.s3kr3t");
|
||||
old.save();
|
||||
|
||||
final InMemorySecureStore secureStore = new InMemorySecureStore();
|
||||
final InitFlags flags =
|
||||
new InitFlags(site, Collections.<String> emptyList());
|
||||
new InitFlags(site, secureStore, Collections.<String> emptyList());
|
||||
final ConsoleUI ui = createStrictMock(ConsoleUI.class);
|
||||
Section.Factory sections = new Section.Factory() {
|
||||
@Override
|
||||
public Section get(String name, String subsection) {
|
||||
return new Section(flags, site, ui, name, subsection);
|
||||
return new Section(flags, site, secureStore, ui, name, subsection);
|
||||
}
|
||||
};
|
||||
|
||||
@@ -99,18 +103,46 @@ public class UpgradeFrom2_0_xTest extends InitTestCase {
|
||||
}
|
||||
|
||||
FileBasedConfig cfg = new FileBasedConfig(site.gerrit_config, FS.DETECTED);
|
||||
FileBasedConfig sec = new FileBasedConfig(site.secure_config, FS.DETECTED);
|
||||
cfg.load();
|
||||
sec.load();
|
||||
|
||||
assertEquals("email.user", cfg.getString("sendemail", null, "smtpUser"));
|
||||
assertNull(cfg.getString("sendemail", null, "smtpPass"));
|
||||
assertEquals("email.s3kr3t", sec.getString("sendemail", null, "smtpPass"));
|
||||
assertEquals("email.s3kr3t", secureStore.get("sendemail", null, "smtpPass"));
|
||||
|
||||
assertEquals("ldap.user", cfg.getString("ldap", null, "username"));
|
||||
assertNull(cfg.getString("ldap", null, "password"));
|
||||
assertEquals("ldap.s3kr3t", sec.getString("ldap", null, "password"));
|
||||
assertEquals("ldap.s3kr3t", secureStore.get("ldap", null, "password"));
|
||||
|
||||
u.run();
|
||||
}
|
||||
|
||||
private static class InMemorySecureStore implements SecureStore {
|
||||
private final Config cfg = new Config();
|
||||
|
||||
@Override
|
||||
public String get(String section, String subsection, String name) {
|
||||
return cfg.getString(section, subsection, name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getList(String section, String subsection, String name) {
|
||||
return cfg.getStringList(section, subsection, name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void set(String section, String subsection, String name, String value) {
|
||||
cfg.setString(section, subsection, name, value);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setList(String section, String subsection, String name,
|
||||
List<String> values) {
|
||||
cfg.setStringList(section, subsection, name, values);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void unset(String section, String subsection, String name) {
|
||||
cfg.unset(section, subsection, name);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user