func initializeETCDDB(logger lager.Logger, etcdClient *etcd.Client) *etcddb.ETCDDB { key, keys, err := encryptionFlags.Parse() if err != nil { logger.Fatal("cannot-setup-encryption", err) } keyManager, err := encryption.NewKeyManager(key, keys) if err != nil { logger.Fatal("cannot-setup-encryption", err) } cryptor := encryption.NewCryptor(keyManager, rand.Reader) return etcddb.NewETCD(format.ENCRYPTED_PROTO, 1000, 1000, 1*time.Minute, cryptor, etcddb.NewStoreClient(etcdClient), clock.NewClock()) }
func initializeEtcdStoreClient(logger lager.Logger, etcdOptions *etcddb.ETCDOptions) etcddb.StoreClient { var etcdClient *etcdclient.Client var tr *http.Transport if etcdOptions.IsSSL { if etcdOptions.CertFile == "" || etcdOptions.KeyFile == "" { logger.Fatal("failed-to-construct-etcd-tls-client", errors.New("Require both cert and key path")) } var err error etcdClient, err = etcdclient.NewTLSClient(etcdOptions.ClusterUrls, etcdOptions.CertFile, etcdOptions.KeyFile, etcdOptions.CAFile) if err != nil { logger.Fatal("failed-to-construct-etcd-tls-client", err) } tlsCert, err := tls.LoadX509KeyPair(etcdOptions.CertFile, etcdOptions.KeyFile) if err != nil { logger.Fatal("failed-to-construct-etcd-tls-client", err) } tlsConfig := &tls.Config{ Certificates: []tls.Certificate{tlsCert}, InsecureSkipVerify: true, ClientSessionCache: tls.NewLRUClientSessionCache(etcdOptions.ClientSessionCacheSize), } tr = &http.Transport{ TLSClientConfig: tlsConfig, Dial: etcdClient.DefaultDial, MaxIdleConnsPerHost: etcdOptions.MaxIdleConnsPerHost, } etcdClient.SetTransport(tr) etcdClient.AddRootCA(etcdOptions.CAFile) } else { etcdClient = etcdclient.NewClient(etcdOptions.ClusterUrls) } etcdClient.SetConsistency(etcdclient.STRONG_CONSISTENCY) return etcddb.NewStoreClient(etcdClient) }
Expect(rawSQLDB.Ping()).NotTo(HaveOccurred()) flavor = sqlRunner.DriverName() encryptionKey, err := encryption.NewKey("label", "passphrase") Expect(err).NotTo(HaveOccurred()) keyManager, err := encryption.NewKeyManager(encryptionKey, nil) Expect(err).NotTo(HaveOccurred()) cryptor = encryption.NewCryptor(keyManager, rand.Reader) fakeClock = fakeclock.NewFakeClock(time.Now()) }) var _ = AfterSuite(func() { etcdRunner.Stop() Expect(rawSQLDB.Close()).NotTo(HaveOccurred()) ginkgomon.Kill(sqlProcess, 5*time.Second) }) var _ = BeforeEach(func() { etcdRunner.Reset() etcdClient = etcdRunner.Client() etcdClient.SetConsistency(etcdclient.STRONG_CONSISTENCY) storeClient = etcd.NewStoreClient(etcdClient) sqlRunner.Reset() })
migrations = []migration.Migration{fakeMigration} }) JustBeforeEach(func() { manager = migration.NewManager(logger, fakeETCDDB, etcdStoreClient, fakeSQLDB, rawSQLDB, cryptor, migrations, migrationsDone, clock.NewClock(), "db-driver") migrationProcess = ifrit.Background(manager) }) AfterEach(func() { ginkgomon.Kill(migrationProcess) }) Context("when both a etcd and sql configurations are present", func() { BeforeEach(func() { rawSQLDB = &sql.DB{} etcdStoreClient = etcd.NewStoreClient(nil) }) Context("but SQL does not have a version", func() { BeforeEach(func() { fakeSQLDB.VersionReturns(nil, models.ErrResourceNotFound) }) It("fetches the version from etcd", func() { Eventually(fakeSQLDB.VersionCallCount).Should(Equal(1)) Consistently(fakeSQLDB.VersionCallCount).Should(Equal(1)) Eventually(fakeETCDDB.VersionCallCount).Should(Equal(1)) Consistently(fakeETCDDB.VersionCallCount).Should(Equal(1)) ginkgomon.Interrupt(migrationProcess)