47b744f1c0
ipfs-cluster-service now has a migration subcommand that upgrades persistant state snapshots with an out-of-date format version to the newest version of raft state. If all cluster members shutdown with consistent state, upgrade ipfs-cluster, and run the state upgrade command, the new version of cluster will be compatible with persistent storage. ipfs-cluster now validates its persistent state upon loading it and exits with a clear error in the case the state format version is not up to date. Raft snapshotting is enforced on all shutdowns and the json backup is no longer run. This commit makes use of recent changes to libp2p-raft allowing raft states to implement their own marshaling strategies. Now mapstate handles the logic for its (de)serialization. In the interest of supporting various potential upgrade formats the state serialization begins with a varint (right now one byte) describing the version. Some go tests are modified and a go test is added to cover new ipfs-cluster raft snapshot reading functions. Sharness tests are added to cover the state upgrade command.
45 lines
1.6 KiB
Bash
Executable File
45 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
test_description="Test service + ctl SSL interaction"
|
|
|
|
config="`pwd`/config/basic_auth"
|
|
|
|
. lib/test-lib.sh
|
|
|
|
test_ipfs_init
|
|
cleanup test_clean_ipfs
|
|
test_cluster_init "$config"
|
|
cleanup test_clean_cluster
|
|
|
|
test_expect_success "prerequisites" '
|
|
test_have_prereq IPFS && test_have_prereq CLUSTER
|
|
'
|
|
|
|
test_expect_success "BasicAuth fails without credentials" '
|
|
id=`cluster_id`
|
|
{ test_must_fail ipfs-cluster-ctl id; } | grep -A1 "401" | grep "Unauthorized"
|
|
'
|
|
|
|
test_expect_success "BasicAuth fails with bad credentials" '
|
|
id=`cluster_id`
|
|
{ test_must_fail ipfs-cluster-ctl --basic-auth "userwithoutpass:pass" --force-http id; } | grep -A1 "401" | grep "Unauthorized" &&
|
|
{ test_must_fail ipfs-cluster-ctl --basic-auth "testuser" --force-http id; } | grep -A1 "401" | grep "Unauthorized" &&
|
|
{ test_must_fail ipfs-cluster-ctl --basic-auth "testuser:badpass" --force-http id; } | grep -A1 "401" | grep "Unauthorized" &&
|
|
{ test_must_fail ipfs-cluster-ctl --basic-auth "baduser:testpass" --force-http id; } | grep -A1 "401" | grep "Unauthorized" &&
|
|
{ test_must_fail ipfs-cluster-ctl --basic-auth "baduser:badpass" --force-http id; } | grep -A1 "401" | grep "Unauthorized"
|
|
'
|
|
|
|
test_expect_success "BasicAuth over HTTP succeeds with CLI flag credentials" '
|
|
id=`cluster_id`
|
|
ipfs-cluster-ctl --basic-auth "userwithoutpass" --force-http id | grep -q "$id" &&
|
|
ipfs-cluster-ctl --basic-auth "testuser:testpass" --force-http id | grep -q "$id"
|
|
'
|
|
|
|
test_expect_success "BasicAuth succeeds with env var credentials" '
|
|
id=`cluster_id`
|
|
export CLUSTER_CREDENTIALS="testuser:testpass"
|
|
ipfs-cluster-ctl --force-http id | egrep -q "$id"
|
|
'
|
|
|
|
test_done
|