tahoe-lafs/integration/test_grid_manager.py

import sys
import time
import json
import shutil
from os import mkdir, unlink, listdir, utime
from os.path import join, exists, getmtime

from allmydata.crypto import ed25519
from allmydata.util import base32
from allmydata.util import configutil

import util

import pytest_twisted


@pytest_twisted.inlineCallbacks
def test_create_certificate(reactor):
    """
    The Grid Manager produces a valid, correctly-signed certificate.
    """
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "create",
    )
    privkey_bytes = json.loads(gm_config)['private_key'].encode('ascii')
    privkey, pubkey = ed25519.signing_keypair_from_string(privkey_bytes)

    # Note that zara + her key here are arbitrary and don't match any
    # "actual" clients in the test-grid; we're just checking that the
    # Grid Manager signs this properly.
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "add",
        "zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",
        stdin=gm_config,
    )
    zara_cert_bytes = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "sign", "zara",
        stdin=gm_config,
    )
    zara_cert = json.loads(zara_cert_bytes)

    # confirm that zara's certificate is made by the Grid Manager
    # (.verify returns None on success, raises exception on error)
    pubkey.verify(
        base32.a2b(zara_cert['signature'].encode('ascii')),
        zara_cert['certificate'].encode('ascii'),
    )


@pytest_twisted.inlineCallbacks
def test_remove_client(reactor):
    """
    A Grid Manager can add and successfully remove a client
    """
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "create",
    )

    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "add",
        "zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",
        stdin=gm_config,
    )
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "add",
        "yakov", "pub-v0-kvxhb3nexybmipkrar2ztfrwp4uxxsmrjzkpzafit3ket4u5yldq",
        stdin=gm_config,
    )
    assert "zara" in json.loads(gm_config)['storage_servers']
    assert "yakov" in json.loads(gm_config)['storage_servers']

    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "remove",
        "zara",
        stdin=gm_config,
    )
    assert "zara" not in json.loads(gm_config)['storage_servers']
    assert "yakov" in json.loads(gm_config)['storage_servers']


@pytest_twisted.inlineCallbacks
def test_remove_last_client(reactor):
    """
    A Grid Manager can remove all clients
    """
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "create",
    )

    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "add",
        "zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",
        stdin=gm_config,
    )
    assert "zara" in json.loads(gm_config)['storage_servers']

    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "remove",
        "zara",
        stdin=gm_config,
    )
    # there are no storage servers left at all now
    assert "storage_servers" not in json.loads(gm_config)


@pytest_twisted.inlineCallbacks
def test_reject_storage_server(reactor, request, storage_nodes, temp_dir, introducer_furl, flog_gatherer):
    """
    A client with happines=3 fails to upload to a Grid when it is
    using Grid Manager and there are only two storage-servers with
    valid certificates.
    """
    gm_config = yield util.run_tahoe(
        reactor, "grid-manager", "--config", "-", "create",
    )
    privkey_bytes = json.loads(gm_config)['private_key'].encode('ascii')
    privkey, _ = ed25519.signing_keypair_from_string(privkey_bytes)

    # create certificates for first 2 storage-servers
    for idx, storage in enumerate(storage_nodes[:2]):
        pubkey_fname = join(storage._node_dir, "node.pubkey")
        with open(pubkey_fname, 'r') as f:
            pubkey = f.read().strip()

        gm_config = yield util.run_tahoe(
            reactor, "grid-manager", "--config", "-", "add",
            "storage{}".format(idx), pubkey,
            stdin=gm_config,
        )
    assert sorted(json.loads(gm_config)['storage_servers'].keys()) == ['storage0', 'storage1']

    # XXX FIXME need to shut-down and nuke carol when we're done this
    # test (i.d. request.addfinalizer)
    carol = yield util._create_node(
        reactor, request, temp_dir, introducer_furl, flog_gatherer, "carol",
        web_port="tcp:9982:interface=localhost",
        storage=False,
    )

    print("inserting certificates")
    # insert their certificates
    for idx, storage in enumerate(storage_nodes[:2]):
        print(idx, storage)
        cert = yield util.run_tahoe(
            reactor, "grid-manager", "--config", "-", "sign",
            "storage{}".format(idx),
            stdin=gm_config,
        )
        with open(join(storage._node_dir, "gridmanager.cert"), "w") as f:
            f.write(cert)
        config = configutil.get_config(join(storage._node_dir, "tahoe.cfg"))
        config.set("storage", "grid_management", "True")
        config.add_section("grid_manager_certificates")
        config.set("grid_manager_certificates", "default", "gridmanager.cert")
        config.write(open(join(storage._node_dir, "tahoe.cfg"), "w"))

        # re-start this storage server
        storage.signalProcess('TERM')
        yield storage._protocol.exited
        time.sleep(1)
        storage_nodes[idx] = yield util._run_node(
            reactor, storage._node_dir, request, None,
        )

    # now only two storage-servers have certificates .. configure
    # carol to have the grid-manager certificate

    config = configutil.get_config(join(carol._node_dir, "tahoe.cfg"))
    print(dir(config))
    config.add_section("grid_managers")
    config.set("grid_managers", "test", ed25519.string_from_verifying_key(pubkey))
    config.write(open(join(carol._node_dir, "tahoe.cfg"), "w"))
    carol.signalProcess('TERM')
    yield carol._protocol.exited

    carol = yield util._run_node(
        reactor, carol._node_dir, request, None,
    )

    # try to put something into the grid, which should fail (because
    # carol has happy=3 but should only find storage0, storage1 to be
    # acceptable to upload to)

    try:
        yield util.run_tahoe(
            reactor, "--node-directory", carol._node_dir,
            "put", "-",
            stdin="some content" * 200,
        )
        assert False, "Should get a failure"
    except util.ProcessFailed as e:
        assert 'UploadUnhappinessError' in e.output.getvalue()
add some integration tests 2018-11-28 08:06:53 +00:00			`import sys`
			`import time`
			`import json`
			`import shutil`
			`from os import mkdir, unlink, listdir, utime`
			`from os.path import join, exists, getmtime`

keyutil -> ed25519 2020-05-08 02:57:06 +00:00			`from allmydata.crypto import ed25519`
add some integration tests 2018-11-28 08:06:53 +00:00			`from allmydata.util import base32`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`from allmydata.util import configutil`
add some integration tests 2018-11-28 08:06:53 +00:00
			`import util`

pytest API 2019-04-09 01:42:39 +00:00			`import pytest_twisted`
add some integration tests 2018-11-28 08:06:53 +00:00

pytest API 2019-04-09 01:42:39 +00:00			`@pytest_twisted.inlineCallbacks`
add some integration tests 2018-11-28 08:06:53 +00:00			`def test_create_certificate(reactor):`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"""`
			`The Grid Manager produces a valid, correctly-signed certificate.`
			`"""`
add some integration tests 2018-11-28 08:06:53 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "create",`
			`)`
			`privkey_bytes = json.loads(gm_config)['private_key'].encode('ascii')`
keyutil -> ed25519 2020-05-08 02:57:06 +00:00			`privkey, pubkey = ed25519.signing_keypair_from_string(privkey_bytes)`
add some integration tests 2018-11-28 08:06:53 +00:00
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`# Note that zara + her key here are arbitrary and don't match any`
			`# "actual" clients in the test-grid; we're just checking that the`
			`# Grid Manager signs this properly.`
add some integration tests 2018-11-28 08:06:53 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "add",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",`
add some integration tests 2018-11-28 08:06:53 +00:00			`stdin=gm_config,`
			`)`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`zara_cert_bytes = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "sign", "zara",`
add some integration tests 2018-11-28 08:06:53 +00:00			`stdin=gm_config,`
			`)`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`zara_cert = json.loads(zara_cert_bytes)`
add some integration tests 2018-11-28 08:06:53 +00:00
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`# confirm that zara's certificate is made by the Grid Manager`
fix assert 2018-11-28 08:22:49 +00:00			`# (.verify returns None on success, raises exception on error)`
			`pubkey.verify(`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`base32.a2b(zara_cert['signature'].encode('ascii')),`
			`zara_cert['certificate'].encode('ascii'),`
add some integration tests 2018-11-28 08:06:53 +00:00			`)`


pytest API 2019-04-09 01:42:39 +00:00			`@pytest_twisted.inlineCallbacks`
add some integration tests 2018-11-28 08:06:53 +00:00			`def test_remove_client(reactor):`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"""`
			`A Grid Manager can add and successfully remove a client`
			`"""`
add some integration tests 2018-11-28 08:06:53 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "create",`
			`)`

more integration tests 2018-11-28 08:20:51 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "add",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",`
more integration tests 2018-11-28 08:20:51 +00:00			`stdin=gm_config,`
			`)`
			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "add",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"yakov", "pub-v0-kvxhb3nexybmipkrar2ztfrwp4uxxsmrjzkpzafit3ket4u5yldq",`
more integration tests 2018-11-28 08:20:51 +00:00			`stdin=gm_config,`
			`)`
.has_key -> 'in' 2020-05-07 20:40:10 +00:00			`assert "zara" in json.loads(gm_config)['storage_servers']`
			`assert "yakov" in json.loads(gm_config)['storage_servers']`
more integration tests 2018-11-28 08:20:51 +00:00
			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "remove",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"zara",`
more integration tests 2018-11-28 08:20:51 +00:00			`stdin=gm_config,`
			`)`
.has_key -> 'in' 2020-05-07 20:40:10 +00:00			`assert "zara" not in json.loads(gm_config)['storage_servers']`
			`assert "yakov" in json.loads(gm_config)['storage_servers']`
more integration tests 2018-11-28 08:20:51 +00:00

pytest API 2019-04-09 01:42:39 +00:00			`@pytest_twisted.inlineCallbacks`
more integration tests 2018-11-28 08:20:51 +00:00			`def test_remove_last_client(reactor):`
docstring 2020-05-07 20:50:10 +00:00			`"""`
			`A Grid Manager can remove all clients`
			`"""`
more integration tests 2018-11-28 08:20:51 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "create",`
			`)`

add some integration tests 2018-11-28 08:06:53 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "add",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"zara", "pub-v0-kzug3ut2m7ziihf3ndpqlquuxeie4foyl36wn54myqc4wmiwe4ga",`
add some integration tests 2018-11-28 08:06:53 +00:00			`stdin=gm_config,`
			`)`
.has_key -> 'in' 2020-05-07 20:40:10 +00:00			`assert "zara" in json.loads(gm_config)['storage_servers']`
add some integration tests 2018-11-28 08:06:53 +00:00
			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "remove",`
alice -> zara, bob -> yakov and docstrings 2020-05-07 20:37:45 +00:00			`"zara",`
add some integration tests 2018-11-28 08:06:53 +00:00			`stdin=gm_config,`
			`)`
			`# there are no storage servers left at all now`
.has_key -> 'in' 2020-05-07 20:40:10 +00:00			`assert "storage_servers" not in json.loads(gm_config)`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00

pytest API 2019-04-09 01:42:39 +00:00			`@pytest_twisted.inlineCallbacks`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`def test_reject_storage_server(reactor, request, storage_nodes, temp_dir, introducer_furl, flog_gatherer):`
docstring 2020-05-07 20:50:10 +00:00			`"""`
better docstring 2020-05-07 20:56:24 +00:00			`A client with happines=3 fails to upload to a Grid when it is`
			`using Grid Manager and there are only two storage-servers with`
			`valid certificates.`
docstring 2020-05-07 20:50:10 +00:00			`"""`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "create",`
			`)`
			`privkey_bytes = json.loads(gm_config)['private_key'].encode('ascii')`
keyutil -> ed25519 2020-05-08 02:57:06 +00:00			`privkey, _ = ed25519.signing_keypair_from_string(privkey_bytes)`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00
			`# create certificates for first 2 storage-servers`
			`for idx, storage in enumerate(storage_nodes[:2]):`
			`pubkey_fname = join(storage._node_dir, "node.pubkey")`
			`with open(pubkey_fname, 'r') as f:`
			`pubkey = f.read().strip()`

			`gm_config = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "add",`
			`"storage{}".format(idx), pubkey,`
			`stdin=gm_config,`
			`)`
			`assert sorted(json.loads(gm_config)['storage_servers'].keys()) == ['storage0', 'storage1']`

some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`# XXX FIXME need to shut-down and nuke carol when we're done this`
			`# test (i.d. request.addfinalizer)`
			`carol = yield util._create_node(`
			`reactor, request, temp_dir, introducer_furl, flog_gatherer, "carol",`
			`web_port="tcp:9982:interface=localhost",`
			`storage=False,`
			`)`

test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`print("inserting certificates")`
			`# insert their certificates`
			`for idx, storage in enumerate(storage_nodes[:2]):`
			`print(idx, storage)`
			`cert = yield util.run_tahoe(`
			`reactor, "grid-manager", "--config", "-", "sign",`
			`"storage{}".format(idx),`
			`stdin=gm_config,`
			`)`
			`with open(join(storage._node_dir, "gridmanager.cert"), "w") as f:`
			`f.write(cert)`
			`config = configutil.get_config(join(storage._node_dir, "tahoe.cfg"))`
switch around how we do config (avoid space-separated filenames) 2019-04-09 05:33:40 +00:00			`config.set("storage", "grid_management", "True")`
			`config.add_section("grid_manager_certificates")`
			`config.set("grid_manager_certificates", "default", "gridmanager.cert")`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`config.write(open(join(storage._node_dir, "tahoe.cfg"), "w"))`

			`# re-start this storage server`
			`storage.signalProcess('TERM')`
			`yield storage._protocol.exited`
			`time.sleep(1)`
			`storage_nodes[idx] = yield util._run_node(`
			`reactor, storage._node_dir, request, None,`
			`)`

			`# now only two storage-servers have certificates .. configure`
alice->carol 2018-12-11 19:54:22 +00:00			`# carol to have the grid-manager certificate`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00
			`config = configutil.get_config(join(carol._node_dir, "tahoe.cfg"))`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`print(dir(config))`
			`config.add_section("grid_managers")`
keyutil -> ed25519 2020-05-08 02:57:06 +00:00			`config.set("grid_managers", "test", ed25519.string_from_verifying_key(pubkey))`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`config.write(open(join(carol._node_dir, "tahoe.cfg"), "w"))`
			`carol.signalProcess('TERM')`
			`yield carol._protocol.exited`
timeouts not required 2020-05-07 20:54:50 +00:00
alice->carol 2018-12-11 19:54:22 +00:00			`carol = yield util._run_node(`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`reactor, carol._node_dir, request, None,`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`)`

			`# try to put something into the grid, which should fail (because`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`# carol has happy=3 but should only find storage0, storage1 to be`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`# acceptable to upload to)`

			`try:`
			`yield util.run_tahoe(`
some tweaks and fixes for integration tests 2018-12-11 19:48:37 +00:00			`reactor, "--node-directory", carol._node_dir,`
test of certificates on not-enough-servers causing uploads to fail 2018-11-28 09:54:49 +00:00			`"put", "-",`
			`stdin="some content" * 200,`
			`)`
			`assert False, "Should get a failure"`
specific exception for failing subprocess 2020-05-07 21:24:07 +00:00			`except util.ProcessFailed as e:`
			`assert 'UploadUnhappinessError' in e.output.getvalue()`