RANGER-4730: Migrate Ranger modules to junit5 - phase 2
diff --git a/kms/pom.xml b/kms/pom.xml
index 2739bb8..0b37ce5 100644
--- a/kms/pom.xml
+++ b/kms/pom.xml
@@ -542,12 +542,6 @@
<scope>test</scope>
</dependency>
<dependency>
- <groupId>org.junit.vintage</groupId>
- <artifactId>junit-vintage-engine</artifactId>
- <version>${junit.jupiter.version}</version>
- <scope>test</scope>
- </dependency>
- <dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<scope>test</scope>
@@ -559,6 +553,12 @@
<scope>test</scope>
</dependency>
<dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-junit-jupiter</artifactId>
+ <version>${mockito.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<version>${hadoop.version}</version>
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/TestRangerKeyStore.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/TestRangerKeyStore.java
index bcdf2e3..16b374b 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/TestRangerKeyStore.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/TestRangerKeyStore.java
@@ -32,17 +32,18 @@
import org.apache.hadoop.crypto.key.RangerKeyStore;
import org.apache.ranger.kms.dao.DaoManager;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.FixMethodOrder;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.MethodSorters;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.TestMethodOrder;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.jupiter.api.MethodOrderer;
import org.mockito.Mockito;
-import org.mockito.junit.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
-@RunWith(MockitoJUnitRunner.class)
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
+@ExtendWith(MockitoExtension.class)
+@TestMethodOrder(MethodOrderer.MethodName.class)
public class TestRangerKeyStore {
String fileFormat = "jceks";
@@ -51,62 +52,70 @@
char[] keyPass = "none".toCharArray();
char[] masterKey = "MasterPassword".toCharArray();
- @Before
+ @BeforeEach
public void checkFileIfExists() {
deleteKeyStoreFile();
}
- @After
+ @AfterEach
public void cleanKeystoreFile() {
deleteKeyStoreFile();
}
- @Test(expected=IOException.class)
- public void testInvalidKey1() throws NoSuchAlgorithmException,
- CertificateException, IOException, KeyStoreException {
+ @Test
+ public void testInvalidKey1() {
DaoManager daoManager = Mockito.mock(DaoManager.class);
RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
String keyValue = "enckey:1";
- InputStream inputStream = generateKeyStoreFile(keyValue);
- rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
- inputStream.close();
+ Exception exception = Assertions.assertThrows(IOException.class, () -> {
+ InputStream inputStream = generateKeyStoreFile(keyValue);
+ rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
+ inputStream.close();
+ });
}
- @Test(expected=IOException.class)
+ @Test
public void testInvalidKey2() throws NoSuchAlgorithmException,
CertificateException, IOException, KeyStoreException {
DaoManager daoManager = Mockito.mock(DaoManager.class);
RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
String keyValue = "1%enckey";
- InputStream inputStream = generateKeyStoreFile(keyValue);
- rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
- inputStream.close();
+ Assertions.assertThrows(IOException.class, () -> {
+ InputStream inputStream = generateKeyStoreFile(keyValue);
+ rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
+ inputStream.close();
+ });
}
- @Test(expected=IOException.class)
+ @Test
public void testInvalidKey3() throws NoSuchAlgorithmException,
CertificateException, IOException, KeyStoreException {
DaoManager daoManager = Mockito.mock(DaoManager.class);
RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
String keyValue = "1 enckey";
- InputStream inputStream = generateKeyStoreFile(keyValue);
- rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
- inputStream.close();
+ Assertions.assertThrows(IOException.class, () -> {
+ InputStream inputStream = generateKeyStoreFile(keyValue);
+ rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
+ inputStream.close();
+ });
+
}
- @Test(expected=IOException.class)
+ @Test
public void testInvalidKey4() throws NoSuchAlgorithmException,
CertificateException, IOException, KeyStoreException {
DaoManager daoManager = Mockito.mock(DaoManager.class);
RangerKeyStore rangerKeyStore = new RangerKeyStore(daoManager);
String keyValue = "_1-enckey";
- InputStream inputStream = generateKeyStoreFile(keyValue);
- rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
- inputStream.close();
+ Assertions.assertThrows(IOException.class, () -> {
+ InputStream inputStream = generateKeyStoreFile(keyValue);
+ rangerKeyStore.engineLoadKeyStoreFile(inputStream, storePass, keyPass, masterKey, fileFormat);
+ inputStream.close();
+ });
}
@Test
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerKeyStoreProviderTest.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerKeyStoreProviderTest.java
index 5fde0af..f899718 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerKeyStoreProviderTest.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerKeyStoreProviderTest.java
@@ -30,10 +30,10 @@
import org.apache.hadoop.crypto.key.KeyProvider.KeyVersion;
import org.apache.hadoop.crypto.key.KeyProvider.Options;
import org.apache.hadoop.crypto.key.RangerKeyStoreProvider;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
/**
* A test for the RangerKeyStoreProvider, which is an implementation of the Hadoop KeyProvider interface, which stores keys in a database.
@@ -61,7 +61,7 @@
UNRESTRICTED_POLICIES_INSTALLED = ok;
}
- @BeforeClass
+ @BeforeAll
public static void startServers() throws Exception {
if (!UNRESTRICTED_POLICIES_INSTALLED) {
return;
@@ -69,7 +69,7 @@
DerbyTestUtils.startDerby();
}
- @AfterClass
+ @AfterAll
public static void stopServers() throws Exception {
if (UNRESTRICTED_POLICIES_INSTALLED) {
DerbyTestUtils.stopDerby();
@@ -93,21 +93,21 @@
options.setBitLength(128);
options.setCipher("AES");
KeyVersion keyVersion = keyProvider.createKey("newkey1", options);
- Assert.assertEquals("newkey1", keyVersion.getName());
- Assert.assertEquals(128 / 8, keyVersion.getMaterial().length);
- Assert.assertEquals("newkey1@0", keyVersion.getVersionName());
+ Assertions.assertEquals("newkey1", keyVersion.getName());
+ Assertions.assertEquals(128 / 8, keyVersion.getMaterial().length);
+ Assertions.assertEquals("newkey1@0", keyVersion.getVersionName());
keyProvider.flush();
- Assert.assertEquals(1, keyProvider.getKeys().size());
+ Assertions.assertEquals(1, keyProvider.getKeys().size());
keyProvider.deleteKey("newkey1");
keyProvider.flush();
- Assert.assertEquals(0, keyProvider.getKeys().size());
+ Assertions.assertEquals(0, keyProvider.getKeys().size());
// Try to delete a key that isn't there
try {
keyProvider.deleteKey("newkey2");
- Assert.fail("Failure expected on trying to delete an unknown key");
+ Assertions.fail("Failure expected on trying to delete an unknown key");
} catch (IOException ex) {
// expected
}
@@ -130,24 +130,24 @@
options.setBitLength(192);
options.setCipher("AES");
KeyVersion keyVersion = keyProvider.createKey("newkey1", options);
- Assert.assertEquals("newkey1", keyVersion.getName());
- Assert.assertEquals(192 / 8, keyVersion.getMaterial().length);
- Assert.assertEquals("newkey1@0", keyVersion.getVersionName());
+ Assertions.assertEquals("newkey1", keyVersion.getName());
+ Assertions.assertEquals(192 / 8, keyVersion.getMaterial().length);
+ Assertions.assertEquals("newkey1@0", keyVersion.getVersionName());
keyProvider.flush();
// Rollover a new key
byte[] oldKey = keyVersion.getMaterial();
keyVersion = keyProvider.rollNewVersion("newkey1");
- Assert.assertEquals("newkey1", keyVersion.getName());
- Assert.assertEquals(192 / 8, keyVersion.getMaterial().length);
- Assert.assertEquals("newkey1@1", keyVersion.getVersionName());
- Assert.assertFalse(Arrays.equals(oldKey, keyVersion.getMaterial()));
+ Assertions.assertEquals("newkey1", keyVersion.getName());
+ Assertions.assertEquals(192 / 8, keyVersion.getMaterial().length);
+ Assertions.assertEquals("newkey1@1", keyVersion.getVersionName());
+ Assertions.assertFalse(Arrays.equals(oldKey, keyVersion.getMaterial()));
keyProvider.deleteKey("newkey1");
keyProvider.flush();
- Assert.assertEquals(0, keyProvider.getKeys().size());
+ Assertions.assertEquals(0, keyProvider.getKeys().size());
}
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerMasterKeyTest.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerMasterKeyTest.java
index f420322..a86ea02 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerMasterKeyTest.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/RangerMasterKeyTest.java
@@ -28,10 +28,10 @@
import org.apache.hadoop.crypto.key.RangerKeyStoreProvider;
import org.apache.hadoop.crypto.key.RangerMasterKey;
import org.apache.ranger.kms.dao.DaoManager;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
/**
* A test for the RangerMasterKey.
@@ -58,7 +58,7 @@
UNRESTRICTED_POLICIES_INSTALLED = ok;
}
- @BeforeClass
+ @BeforeAll
public static void startServers() throws Exception {
if (!UNRESTRICTED_POLICIES_INSTALLED) {
return;
@@ -66,7 +66,7 @@
DerbyTestUtils.startDerby();
}
- @AfterClass
+ @AfterAll
public static void stopServers() throws Exception {
if (UNRESTRICTED_POLICIES_INSTALLED) {
DerbyTestUtils.stopDerby();
@@ -90,21 +90,21 @@
+ "password0password0password0password0password0password0password0password0password0password0";
RangerMasterKey rangerMasterKey = new RangerMasterKey(daoManager);
- Assert.assertTrue(rangerMasterKey.generateMasterKey(masterKeyPassword));
- Assert.assertNotNull(rangerMasterKey.getMasterKey(masterKeyPassword));
+ Assertions.assertTrue(rangerMasterKey.generateMasterKey(masterKeyPassword));
+ Assertions.assertNotNull(rangerMasterKey.getMasterKey(masterKeyPassword));
try {
rangerMasterKey.getMasterKey("badpass");
- Assert.fail("Failure expected on retrieving a key with the wrong password");
+ Assertions.fail("Failure expected on retrieving a key with the wrong password");
} catch (Exception ex) {
// expected
}
- Assert.assertNotNull(rangerMasterKey.getMasterSecretKey(masterKeyPassword));
+ Assertions.assertNotNull(rangerMasterKey.getMasterSecretKey(masterKeyPassword));
try {
rangerMasterKey.getMasterSecretKey("badpass");
- Assert.fail("Failure expected on retrieving a key with the wrong password");
+ Assertions.fail("Failure expected on retrieving a key with the wrong password");
} catch (Exception ex) {
// expected
}
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSACLs.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSACLs.java
index 80564d4..03eaee8 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSACLs.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSACLs.java
@@ -24,26 +24,23 @@
import org.apache.hadoop.crypto.key.kms.server.KMSACLsType.Type;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AccessControlList;
-import org.junit.Assert;
-import org.junit.Rule;
-import org.junit.rules.Timeout;
-import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
public class TestKMSACLs {
- @Rule
- public final Timeout globalTimeout = new Timeout(180000);
String ipAddress = "192.168.90.1";
@Test
public void testDefaults() {
final KMSACLs acls = new KMSACLs(new Configuration(false));
for (Type type : Type.values()) {
- Assert.assertTrue(acls.hasAccess(type,
+ Assertions.assertTrue(acls.hasAccess(type,
UserGroupInformation.createRemoteUser("foo"), ipAddress));
}
}
@@ -56,9 +53,9 @@
}
final KMSACLs acls = new KMSACLs(conf);
for (Type type : Type.values()) {
- Assert.assertTrue(acls.hasAccess(type,
+ Assertions.assertTrue(acls.hasAccess(type,
UserGroupInformation.createRemoteUser(type.toString()), ipAddress));
- Assert.assertFalse(acls.hasAccess(type,
+ Assertions.assertFalse(acls.hasAccess(type,
UserGroupInformation.createRemoteUser("foo"), ipAddress));
}
}
@@ -74,14 +71,11 @@
conf.set(DEFAULT_KEY_ACL_PREFIX + "ALL", "invalid");
conf.set(WHITELIST_KEY_ACL_PREFIX + "ALL", "invalid");
final KMSACLs acls = new KMSACLs(conf);
- Assert.assertTrue("expected key ACL size is 2 but got "
- + acls.keyAcls.size(), acls.keyAcls.size() == 2);
- Assert.assertTrue("expected whitelist ACL size is 1 but got "
- + acls.whitelistKeyAcls.size(), acls.whitelistKeyAcls.size() == 1);
- Assert.assertFalse("ALL should not be allowed for whitelist ACLs.", acls.whitelistKeyAcls.containsKey(KeyOpType.ALL));
- Assert.assertTrue("expected default ACL size is 1 but got "
- + acls.defaultKeyAcls.size(), acls.defaultKeyAcls.size() == 1);
- Assert.assertTrue("ALL should not be allowed for default ACLs.", acls.defaultKeyAcls.size() == 1);
+ Assertions.assertEquals(2, acls.keyAcls.size(), "expected key ACL size is 2 but got " + acls.keyAcls.size());
+ Assertions.assertEquals(1, acls.whitelistKeyAcls.size(), "expected whitelist ACL size is 1 but got " + acls.whitelistKeyAcls.size());
+ Assertions.assertFalse(acls.whitelistKeyAcls.containsKey(KeyOpType.ALL), "ALL should not be allowed for whitelist ACLs.");
+ Assertions.assertEquals(1, acls.defaultKeyAcls.size(), "expected default ACL size is 1 but got " + acls.defaultKeyAcls.size());
+ Assertions.assertEquals(1, acls.defaultKeyAcls.size(), "ALL should not be allowed for default ACLs.");
}
@Test
@@ -98,15 +92,14 @@
conf.set(WHITELIST_KEY_ACL_PREFIX + "DECRYPT_EEK", "whitelist1");
conf.set(WHITELIST_KEY_ACL_PREFIX + "DECRYPT_EEK", "*");
final KMSACLs acls = new KMSACLs(conf);
- Assert.assertTrue("expected key ACL size is 2 but got "
- + acls.keyAcls.size(), acls.keyAcls.size() == 2);
+ Assertions.assertEquals(2, acls.keyAcls.size(), "expected key ACL size is 2 but got " + acls.keyAcls.size());
assertKeyAcl("test_key_1", acls, KeyOpType.DECRYPT_EEK, "decrypt2");
assertKeyAcl("test_key_2", acls, KeyOpType.ALL, "all1", "all3");
assertDefaultKeyAcl(acls, KeyOpType.MANAGEMENT);
assertDefaultKeyAcl(acls, KeyOpType.DECRYPT_EEK);
AccessControlList acl = acls.whitelistKeyAcls.get(KeyOpType.DECRYPT_EEK);
- Assert.assertNotNull(acl);
- Assert.assertTrue(acl.isAllAllowed());
+ Assertions.assertNotNull(acl);
+ Assertions.assertTrue(acl.isAllAllowed());
}
@Test
@@ -161,8 +154,8 @@
conf.set(DEFAULT_KEY_ACL_PREFIX + "DECRYPT_EEK", "*");
acls.setKeyACLs(conf);
AccessControlList acl = acls.defaultKeyAcls.get(KeyOpType.DECRYPT_EEK);
- Assert.assertTrue(acl.isAllAllowed());
- Assert.assertTrue(acl.getUsers().isEmpty());
+ Assertions.assertTrue(acl.isAllAllowed());
+ Assertions.assertTrue(acl.getUsers().isEmpty());
// everything else should still be the same.
assertDefaultKeyAcl(acls, KeyOpType.READ, "read2");
assertDefaultKeyAcl(acls, KeyOpType.MANAGEMENT, "mgmt1", "mgmt2");
@@ -178,10 +171,9 @@
conf.set(DEFAULT_KEY_ACL_PREFIX + "DECRYPT_EEK", "new");
acls.setKeyACLs(conf);
assertDefaultKeyAcl(acls, KeyOpType.DECRYPT_EEK, "new");
- Assert.assertTrue(acls.keyAcls.isEmpty());
- Assert.assertTrue(acls.whitelistKeyAcls.isEmpty());
- Assert.assertEquals("Got unexpected sized acls:"
- + acls.defaultKeyAcls, 1, acls.defaultKeyAcls.size());
+ Assertions.assertTrue(acls.keyAcls.isEmpty());
+ Assertions.assertTrue(acls.whitelistKeyAcls.isEmpty());
+ Assertions.assertEquals(1, acls.defaultKeyAcls.size(), "Got unexpected sized acls:" + acls.defaultKeyAcls);
}
private void assertDefaultKeyAcl(final KMSACLs acls, final KeyOpType op,
@@ -198,22 +190,19 @@
private void assertKeyAcl(final String keyName, final KMSACLs acls,
final KeyOpType op, final String... names) {
- Assert.assertTrue(acls.keyAcls.containsKey(keyName));
+ Assertions.assertTrue(acls.keyAcls.containsKey(keyName));
final HashMap<KeyOpType, AccessControlList> keyacl = acls.keyAcls.get(keyName);
- Assert.assertNotNull(keyacl.get(op));
+ Assertions.assertNotNull(keyacl.get(op));
assertAcl(keyacl.get(op), op, names);
}
private void assertAcl(final AccessControlList acl,
final KeyOpType op, final String... names) {
- Assert.assertNotNull(acl);
- Assert.assertFalse(acl.isAllAllowed());
+ Assertions.assertNotNull(acl);
+ Assertions.assertFalse(acl.isAllAllowed());
final Collection<String> actual = acl.getUsers();
- final HashSet<String> expected = new HashSet<>();
- for (String name : names) {
- expected.add(name);
- }
- Assert.assertEquals("defaultKeyAcls don't match for op:" + op, expected, actual);
+ final HashSet<String> expected = new HashSet<>(Arrays.asList(names));
+ Assertions.assertEquals(expected, actual, "defaultKeyAcls don't match for op:" + op);
}
}
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
index ec0bae8..9a46e3a 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
@@ -26,8 +26,10 @@
import org.apache.hadoop.crypto.key.kms.server.KMS.KMSOp;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.test.GenericTestUtils;
-import org.junit.*;
-import org.junit.rules.Timeout;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
import org.mockito.internal.util.reflection.Whitebox;
public class TestKMSAudit {
@@ -50,10 +52,7 @@
}
}
- @Rule
- public final Timeout testTimeout = new Timeout(180000);
-
- @Before
+ @BeforeEach
public void setUp() {
originalOut = System.err;
memOut = new ByteArrayOutputStream();
@@ -64,7 +63,7 @@
this.kmsAudit = new KMSAudit(conf);
}
- @After
+ @AfterEach
public void cleanUp() {
System.setErr(originalOut);
kmsAudit.shutdown();
@@ -102,7 +101,7 @@
kmsAudit.evictCacheForTesting();
String out = getAndResetLogOutput();
System.out.println(out);
- Assert.assertTrue(
+ Assertions.assertTrue(
out.matches(
"OK\\[op=DECRYPT_EEK, key=k1, user=luser@REALM, accessCount=1, interval=[^m]{1,4}ms\\] testmsg"
// Not aggregated !!
@@ -138,7 +137,7 @@
// The UNAUTHORIZED will trigger cache invalidation, which then triggers
// the aggregated OK (accessCount=5). But the order of the UNAUTHORIZED and
// the aggregated OK is arbitrary - no correctness concerns, but flaky here.
- Assert.assertTrue(
+ Assertions.assertTrue(
out.matches(
"UNAUTHORIZED\\[op=GENERATE_EEK, key=k2, user=luser@REALM\\] "
+ "OK\\[op=GENERATE_EEK, key=k3, user=luser@REALM, accessCount=1, interval=[^m]{1,4}ms\\] testmsg"
@@ -162,7 +161,7 @@
kmsAudit.unauthenticated("remotehost", "method", "url", "testmsg");
String out = getAndResetLogOutput();
System.out.println(out);
- Assert.assertTrue(out.matches(
+ Assertions.assertTrue(out.matches(
"OK\\[op=GENERATE_EEK, key=k4, user=luser@REALM, accessCount=1, interval=[^m]{1,4}ms\\] testmsg"
+ "OK\\[op=GENERATE_EEK, user=luser@REALM\\] testmsg"
+ "OK\\[op=GENERATE_EEK, key=k4, user=luser@REALM, accessCount=1, interval=[^m]{1,4}ms\\] testmsg"
@@ -177,8 +176,8 @@
// Default should be the simple logger
List<KMSAuditLogger> loggers = (List<KMSAuditLogger>) Whitebox
.getInternalState(kmsAudit, "auditLoggers");
- Assert.assertEquals(1, loggers.size());
- Assert.assertEquals(SimpleKMSAuditLogger.class, loggers.get(0).getClass());
+ Assertions.assertEquals(1, loggers.size());
+ Assertions.assertEquals(SimpleKMSAuditLogger.class, loggers.get(0).getClass());
// Explicitly configure the simple logger. Duplicates are ignored.
final Configuration conf = new Configuration();
@@ -188,19 +187,19 @@
final KMSAudit audit = new KMSAudit(conf);
loggers =
(List<KMSAuditLogger>) Whitebox.getInternalState(audit, "auditLoggers");
- Assert.assertEquals(1, loggers.size());
- Assert.assertEquals(SimpleKMSAuditLogger.class, loggers.get(0).getClass());
+ Assertions.assertEquals(1, loggers.size());
+ Assertions.assertEquals(SimpleKMSAuditLogger.class, loggers.get(0).getClass());
// If any loggers unable to load, init should fail.
conf.set(KMSConfiguration.KMS_AUDIT_LOGGER_KEY,
SimpleKMSAuditLogger.class.getName() + ",unknown");
- try {
+
+ Exception exception = Assertions.assertThrows(Exception.class, () -> {
new KMSAudit(conf);
- Assert.fail("loggers configured but invalid, init should fail.");
- } catch (Exception ex) {
- GenericTestUtils
- .assertExceptionContains(KMSConfiguration.KMS_AUDIT_LOGGER_KEY, ex);
- }
+ Assertions.fail("loggers configured but invalid, init should fail.");
+ });
+
+ Assertions.assertTrue(exception.getMessage().contains(KMSConfiguration.KMS_AUDIT_LOGGER_KEY));
}
}
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAuthenticationFilter.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAuthenticationFilter.java
index e8ca7b7..8742328 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAuthenticationFilter.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAuthenticationFilter.java
@@ -21,10 +21,11 @@
import org.apache.hadoop.crypto.key.kms.KMSDelegationToken;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticationHandler;
import org.apache.hadoop.security.token.delegation.web.PseudoDelegationTokenAuthenticationHandler;
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
+
import java.util.Properties;
-import static org.junit.Assert.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertEquals;
/**
* Test KMS Authentication Filter.
diff --git a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKeyAuthorizationKeyProvider.java b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKeyAuthorizationKeyProvider.java
index d7988e7..3b74e3e 100644
--- a/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKeyAuthorizationKeyProvider.java
+++ b/kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKeyAuthorizationKeyProvider.java
@@ -37,8 +37,8 @@
import org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider.KeyACLs;
import org.apache.hadoop.crypto.key.kms.server.KeyAuthorizationKeyProvider.KeyOpType;
import org.apache.hadoop.security.UserGroupInformation;
-import org.junit.Assert;
-import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
public class TestKeyAuthorizationKeyProvider {
@@ -68,7 +68,7 @@
SECURE_RANDOM.nextBytes(seed);
kpExt.createKey("foo", seed, newOptions(conf));
} catch (IOException ioe) {
- Assert.fail("User should be Authorized !!");
+ Assertions.fail("User should be Authorized !!");
}
// "bar" key not configured
@@ -76,7 +76,7 @@
byte[] seed = new byte[16];
SECURE_RANDOM.nextBytes(seed);
kpExt.createKey("bar", seed, newOptions(conf));
- Assert.fail("User should NOT be Authorized !!");
+ Assertions.fail("User should NOT be Authorized !!");
} catch (IOException ioe) {
// Ignore
}
@@ -94,7 +94,7 @@
byte[] seed = new byte[16];
SECURE_RANDOM.nextBytes(seed);
kpExt.createKey("foo", seed, newOptions(conf));
- Assert.fail("User should NOT be Authorized !!");
+ Assertions.fail("User should NOT be Authorized !!");
} catch (IOException ioe) {
// Ignore
}
@@ -146,7 +146,7 @@
kpExt.rollNewVersion(kv.getName(), seed);
kpExt.deleteKey(kv.getName());
} catch (IOException ioe) {
- Assert.fail("User should be Authorized !!");
+ Assertions.fail("User should be Authorized !!");
}
KeyVersion retkv = null;
@@ -155,10 +155,10 @@
SECURE_RANDOM.nextBytes(seed);
retkv = kpExt.createKey("bar", seed, opt);
kpExt.generateEncryptedKey(retkv.getName());
- Assert.fail("User should NOT be Authorized to generate EEK !!");
+ Assertions.fail("User should NOT be Authorized to generate EEK !!");
} catch (IOException ioe) {
}
- Assert.assertNotNull(retkv);
+ Assertions.assertNotNull(retkv);
return retkv;
}
}
@@ -171,7 +171,7 @@
public EncryptedKeyVersion run() throws Exception {
try {
kpExt.deleteKey(barKv.getName());
- Assert.fail("User should NOT be Authorized to "
+ Assertions.fail("User should NOT be Authorized to "
+ "perform any other operation !!");
} catch (IOException ioe) {
}
@@ -185,7 +185,7 @@
public KeyVersion run() throws Exception {
try {
kpExt.deleteKey(barKv.getName());
- Assert.fail("User should NOT be Authorized to "
+ Assertions.fail("User should NOT be Authorized to "
+ "perform any other operation !!");
} catch (IOException ioe) {
}
@@ -214,7 +214,7 @@
kpExt.decryptEncryptedKey(ekv);
kpExt.deleteKey(kv.getName());
} catch (IOException ioe) {
- Assert.fail("User should be Allowed to do everything !!");
+ Assertions.fail("User should be Allowed to do everything !!");
}
return null;
}
@@ -230,7 +230,7 @@
}
- @Test(expected = IllegalArgumentException.class)
+ @Test
public void testDecryptWithKeyVersionNameKeyMismatch() throws Exception {
final Configuration conf = new Configuration();
KeyProvider kp =
@@ -257,33 +257,35 @@
KeyProviderCryptoExtension.createKeyProviderCryptoExtension(kp),
mock);
- sudo.doAs(
- new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- Options opt = newOptions(conf);
- Map<String, String> m = new HashMap<String, String>();
- m.put("key.acl.name", "testKey");
- opt.setAttributes(m);
- byte[] seed = new byte[16];
- SECURE_RANDOM.nextBytes(seed);
- KeyVersion kv =
- kpExt.createKey("foo", seed, opt);
- kpExt.rollNewVersion(kv.getName());
- seed = new byte[16];
- SECURE_RANDOM.nextBytes(seed);
- kpExt.rollNewVersion(kv.getName(), seed);
- EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName());
- ekv = EncryptedKeyVersion.createForDecryption(
- ekv.getEncryptionKeyName() + "x",
- ekv.getEncryptionKeyVersionName(),
- ekv.getEncryptedKeyIv(),
- ekv.getEncryptedKeyVersion().getMaterial());
- kpExt.decryptEncryptedKey(ekv);
- return null;
- }
- }
- );
- }
+ Assertions.assertThrows(IllegalArgumentException.class, () -> {
+ sudo.doAs(
+ new PrivilegedExceptionAction<Void>() {
+ @Override
+ public Void run() throws Exception {
+ Options opt = newOptions(conf);
+ Map<String, String> m = new HashMap<String, String>();
+ m.put("key.acl.name", "testKey");
+ opt.setAttributes(m);
+ byte[] seed = new byte[16];
+ SECURE_RANDOM.nextBytes(seed);
+ KeyVersion kv =
+ kpExt.createKey("foo", seed, opt);
+ kpExt.rollNewVersion(kv.getName());
+ seed = new byte[16];
+ SECURE_RANDOM.nextBytes(seed);
+ kpExt.rollNewVersion(kv.getName(), seed);
+ EncryptedKeyVersion ekv = kpExt.generateEncryptedKey(kv.getName());
+ ekv = EncryptedKeyVersion.createForDecryption(
+ ekv.getEncryptionKeyName() + "x",
+ ekv.getEncryptionKeyVersionName(),
+ ekv.getEncryptedKeyIv(),
+ ekv.getEncryptedKeyVersion().getMaterial());
+ kpExt.decryptEncryptedKey(ekv);
+ return null;
+ }
+ }
+ );
+ });
+ }
}
diff --git a/kms/src/test/java/org/apache/ranger/kms/metrics/TestKMSMetricsWrapper.java b/kms/src/test/java/org/apache/ranger/kms/metrics/TestKMSMetricsWrapper.java
index 2092510..4609d1e 100644
--- a/kms/src/test/java/org/apache/ranger/kms/metrics/TestKMSMetricsWrapper.java
+++ b/kms/src/test/java/org/apache/ranger/kms/metrics/TestKMSMetricsWrapper.java
@@ -20,7 +20,8 @@
import org.apache.hadoop.metrics2.lib.DefaultMetricsSystem;
import org.apache.ranger.kms.metrics.collector.KMSMetricsCollector;
-import org.junit.*;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
import java.lang.reflect.Field;
@@ -57,8 +58,8 @@
DefaultMetricsSystem.instance().publishMetricsNow();
- Assert.assertEquals(1L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_COUNT.getKey()));
- Assert.assertEquals(100L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_ELAPSED_TIME.getKey()));
+ Assertions.assertEquals(1L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_COUNT.getKey()));
+ Assertions.assertEquals(100L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_ELAPSED_TIME.getKey()));
}
@Test
@@ -76,8 +77,8 @@
DefaultMetricsSystem.instance().publishMetricsNow();
- Assert.assertEquals(1L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_COUNT.getKey()));
- Assert.assertEquals(200L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_ELAPSED_TIME.getKey()));
+ Assertions.assertEquals(1L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_COUNT.getKey()));
+ Assertions.assertEquals(200L, kmsMetricWrapper.getRangerMetricsInJsonFormat().get("KMS").get(KMSMetrics.KMSMetric.KEY_CREATE_ELAPSED_TIME.getKey()));
}
private void setKmsMetricsCollectorThreadSafelyFlag(boolean isMetricCollectionThreadsafe) throws IllegalAccessException, NoSuchFieldException {
diff --git a/plugin-kms/pom.xml b/plugin-kms/pom.xml
index 42e8ec2..b2ca0da 100644
--- a/plugin-kms/pom.xml
+++ b/plugin-kms/pom.xml
@@ -60,9 +60,9 @@
<scope>test</scope>
</dependency>
<dependency>
- <groupId>org.junit.vintage</groupId>
- <artifactId>junit-vintage-engine</artifactId>
- <version>${junit.jupiter.version}</version>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-junit-jupiter</artifactId>
+ <version>${mockito.version}</version>
<scope>test</scope>
</dependency>
<dependency>
@@ -71,11 +71,6 @@
<version>${derby.version}</version>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-core</artifactId>
- <scope>test</scope>
- </dependency>
</dependencies>
<build>
<testResources>
diff --git a/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java b/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
index 4baec7b..97afd81 100644
--- a/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
+++ b/plugin-kms/src/test/java/org/apache/ranger/authorization/kms/authorizer/RangerKmsAuthorizerTest.java
@@ -32,13 +32,13 @@
import org.apache.hadoop.crypto.key.kms.server.KMSWebApp;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AuthorizationException;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
-import org.mockito.runners.MockitoJUnitRunner;
+import org.mockito.junit.jupiter.MockitoExtension;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -49,7 +49,7 @@
*
* The user "bob" can do anything. The group "IT" can only call the "get" methods
*/
-@RunWith(MockitoJUnitRunner.class)
+@ExtendWith(MockitoExtension.class)
public class RangerKmsAuthorizerTest {
private static final Logger LOG = LoggerFactory.getLogger(RangerKmsAuthorizerTest.class);
@@ -76,7 +76,7 @@
UNRESTRICTED_POLICIES_INSTALLED = ok;
}
- @BeforeClass
+ @BeforeAll
public static void startServers() throws Exception {
if (!UNRESTRICTED_POLICIES_INSTALLED) {
return;
@@ -98,7 +98,7 @@
kmsWebapp.contextInitialized(servletContextEvent);
}
- @AfterClass
+ @AfterAll
public static void stopServers() throws Exception {
DerbyTestUtils.stopDerby();
}
@@ -126,7 +126,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi2, KMSOp.CREATE_KEY, "newkey2", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -141,7 +141,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.CREATE, ugi3, KMSOp.CREATE_KEY, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -173,7 +173,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi2, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -188,7 +188,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.DELETE, ugi3, KMSOp.DELETE_KEY, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -221,7 +221,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi2, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -236,7 +236,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.ROLLOVER, ugi3, KMSOp.ROLL_NEW_VERSION, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -269,7 +269,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.GET_KEYS, ugi2, KMSOp.GET_KEYS, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -311,7 +311,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.GET_METADATA, ugi2, KMSOp.GET_METADATA, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -354,7 +354,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi2, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -369,7 +369,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.GENERATE_EEK, ugi3, KMSOp.GENERATE_EEK, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -402,7 +402,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi2, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
@@ -417,7 +417,7 @@
public Void run() throws Exception {
try {
KMSWebApp.getACLs().assertAccess(Type.DECRYPT_EEK, ugi3, KMSOp.DECRYPT_EEK, "newkey1", "127.0.0.1");
- Assert.fail("Failure expected");
+ Assertions.fail("Failure expected");
} catch (AuthorizationException ex) {
LOG.error("", ex);
}
