func initializeETCDDB(logger lager.Logger, etcdClient *etcd.Client) *etcddb.ETCDDB {
key, keys, err := encryptionFlags.Parse()
if err != nil {
logger.Fatal("cannot-setup-encryption", err)
}
keyManager, err := encryption.NewKeyManager(key, keys)
if err != nil {
logger.Fatal("cannot-setup-encryption", err)
}
cryptor := encryption.NewCryptor(keyManager, rand.Reader)
return etcddb.NewETCD(format.ENCRYPTED_PROTO, 1000, 1000, 1*time.Minute, cryptor, etcddb.NewStoreClient(etcdClient), clock.NewClock())
}
func initializeEtcdStoreClient(logger lager.Logger, etcdOptions *etcddb.ETCDOptions) etcddb.StoreClient {
var etcdClient *etcdclient.Client
var tr *http.Transport
if etcdOptions.IsSSL {
if etcdOptions.CertFile == "" || etcdOptions.KeyFile == "" {
logger.Fatal("failed-to-construct-etcd-tls-client", errors.New("Require both cert and key path"))
}
var err error
etcdClient, err = etcdclient.NewTLSClient(etcdOptions.ClusterUrls, etcdOptions.CertFile, etcdOptions.KeyFile, etcdOptions.CAFile)
if err != nil {
logger.Fatal("failed-to-construct-etcd-tls-client", err)
}
tlsCert, err := tls.LoadX509KeyPair(etcdOptions.CertFile, etcdOptions.KeyFile)
if err != nil {
logger.Fatal("failed-to-construct-etcd-tls-client", err)
}
tlsConfig := &tls.Config{
Certificates: []tls.Certificate{tlsCert},
InsecureSkipVerify: true,
ClientSessionCache: tls.NewLRUClientSessionCache(etcdOptions.ClientSessionCacheSize),
}
tr = &http.Transport{
TLSClientConfig: tlsConfig,
Dial: etcdClient.DefaultDial,
MaxIdleConnsPerHost: etcdOptions.MaxIdleConnsPerHost,
}
etcdClient.SetTransport(tr)
etcdClient.AddRootCA(etcdOptions.CAFile)
} else {
etcdClient = etcdclient.NewClient(etcdOptions.ClusterUrls)
}
etcdClient.SetConsistency(etcdclient.STRONG_CONSISTENCY)
return etcddb.NewStoreClient(etcdClient)
}
Expect(rawSQLDB.Ping()).NotTo(HaveOccurred())
flavor = sqlRunner.DriverName()
encryptionKey, err := encryption.NewKey("label", "passphrase")
Expect(err).NotTo(HaveOccurred())
keyManager, err := encryption.NewKeyManager(encryptionKey, nil)
Expect(err).NotTo(HaveOccurred())
cryptor = encryption.NewCryptor(keyManager, rand.Reader)
fakeClock = fakeclock.NewFakeClock(time.Now())
})
var _ = AfterSuite(func() {
etcdRunner.Stop()
Expect(rawSQLDB.Close()).NotTo(HaveOccurred())
ginkgomon.Kill(sqlProcess, 5*time.Second)
})
var _ = BeforeEach(func() {
etcdRunner.Reset()
etcdClient = etcdRunner.Client()
etcdClient.SetConsistency(etcdclient.STRONG_CONSISTENCY)
storeClient = etcd.NewStoreClient(etcdClient)
sqlRunner.Reset()
})
migrations = []migration.Migration{fakeMigration}
})
JustBeforeEach(func() {
manager = migration.NewManager(logger, fakeETCDDB, etcdStoreClient, fakeSQLDB, rawSQLDB, cryptor, migrations, migrationsDone, clock.NewClock(), "db-driver")
migrationProcess = ifrit.Background(manager)
})
AfterEach(func() {
ginkgomon.Kill(migrationProcess)
})
Context("when both a etcd and sql configurations are present", func() {
BeforeEach(func() {
rawSQLDB = &sql.DB{}
etcdStoreClient = etcd.NewStoreClient(nil)
})
Context("but SQL does not have a version", func() {
BeforeEach(func() {
fakeSQLDB.VersionReturns(nil, models.ErrResourceNotFound)
})
It("fetches the version from etcd", func() {
Eventually(fakeSQLDB.VersionCallCount).Should(Equal(1))
Consistently(fakeSQLDB.VersionCallCount).Should(Equal(1))
Eventually(fakeETCDDB.VersionCallCount).Should(Equal(1))
Consistently(fakeETCDDB.VersionCallCount).Should(Equal(1))
ginkgomon.Interrupt(migrationProcess)