func (s *InitializeSuite) TestInitialize(c *gc.C) {
cfg := testing.EnvironConfig(c)
initial := cfg.AllAttrs()
st, err := state.Initialize(state.TestingMongoInfo(), cfg, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
c.Assert(st, gc.NotNil)
err = st.Close()
c.Assert(err, gc.IsNil)
s.openState(c)
cfg, err = s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(cfg.AllAttrs(), gc.DeepEquals, initial)
env, err := s.State.Environment()
c.Assert(err, gc.IsNil)
entity, err := s.State.FindEntity("environment-" + env.UUID())
c.Assert(err, gc.IsNil)
annotator := entity.(state.Annotator)
annotations, err := annotator.Annotations()
c.Assert(err, gc.IsNil)
c.Assert(annotations, gc.HasLen, 0)
cons, err := s.State.EnvironConstraints()
c.Assert(err, gc.IsNil)
c.Assert(&cons, jc.Satisfies, constraints.IsEmpty)
addrs, err := s.State.APIHostPorts()
c.Assert(err, gc.IsNil)
c.Assert(addrs, gc.HasLen, 0)
info, err := s.State.StateServerInfo()
c.Assert(err, gc.IsNil)
c.Assert(info, jc.DeepEquals, &state.StateServerInfo{})
}
func (s *InitializeSuite) TestInitialize(c *gc.C) {
cfg := testing.EnvironConfig(c)
uuid, _ := cfg.UUID()
initial := cfg.AllAttrs()
st, err := state.Initialize(state.TestingMongoInfo(), cfg, state.TestingDialOpts(), nil)
c.Assert(err, gc.IsNil)
c.Assert(st, gc.NotNil)
envTag := st.EnvironTag()
c.Assert(envTag.Id(), gc.Equals, uuid)
err = st.Close()
c.Assert(err, gc.IsNil)
s.openState(c)
cfg, err = s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(cfg.AllAttrs(), gc.DeepEquals, initial)
// Check that the environment has been created.
env, err := s.State.Environment()
c.Assert(err, gc.IsNil)
c.Assert(env.Tag(), gc.Equals, envTag)
// Check that the owner has been created.
owner := names.NewLocalUserTag("admin")
c.Assert(env.Owner(), gc.Equals, owner)
// Check that the owner can be retrieved by the tag.
entity, err := s.State.FindEntity(env.Owner())
c.Assert(err, gc.IsNil)
c.Assert(entity.Tag(), gc.Equals, owner)
// Check that the owner has an EnvUser created for the bootstrapped environment.
envUser, err := s.State.EnvironmentUser(env.Owner())
c.Assert(err, gc.IsNil)
c.Assert(envUser.UserTag().Username(), gc.Equals, env.Owner().Username())
c.Assert(envUser.EnvironmentTag(), gc.Equals, env.Tag())
// Check that the environment can be found through the tag.
entity, err = s.State.FindEntity(envTag)
c.Assert(err, gc.IsNil)
annotator := entity.(state.Annotator)
annotations, err := annotator.Annotations()
c.Assert(err, gc.IsNil)
c.Assert(annotations, gc.HasLen, 0)
cons, err := s.State.EnvironConstraints()
c.Assert(err, gc.IsNil)
c.Assert(&cons, jc.Satisfies, constraints.IsEmpty)
addrs, err := s.State.APIHostPorts()
c.Assert(err, gc.IsNil)
c.Assert(addrs, gc.HasLen, 0)
info, err := s.State.StateServerInfo()
c.Assert(err, gc.IsNil)
c.Assert(info, jc.DeepEquals, &state.StateServerInfo{EnvironmentTag: envTag})
}
func (s *InitializeSuite) TestDoubleInitializeConfig(c *gc.C) {
cfg := testing.EnvironConfig(c)
initial := cfg.AllAttrs()
st := TestingInitialize(c, cfg, nil)
st.Close()
// A second initialize returns an open *State, but ignores its params.
// TODO(fwereade) I think this is crazy, but it's what we were testing
// for originally...
cfg, err := cfg.Apply(map[string]interface{}{"authorized-keys": "something-else"})
c.Assert(err, gc.IsNil)
st, err = state.Initialize(state.TestingMongoInfo(), cfg, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
c.Assert(st, gc.NotNil)
st.Close()
s.openState(c)
cfg, err = s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(cfg.AllAttrs(), gc.DeepEquals, initial)
}
func (s *InitializeSuite) TestEnvironConfigWithAdminSecret(c *gc.C) {
// admin-secret blocks Initialize.
good := testing.EnvironConfig(c)
badUpdateAttrs := map[string]interface{}{"admin-secret": "foo"}
bad, err := good.Apply(badUpdateAttrs)
_, err = state.Initialize(state.TestingMongoInfo(), bad, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.ErrorMatches, "admin-secret should never be written to the state")
// admin-secret blocks UpdateEnvironConfig.
st := TestingInitialize(c, good, nil)
st.Close()
s.openState(c)
err = s.State.UpdateEnvironConfig(badUpdateAttrs, nil, nil)
c.Assert(err, gc.ErrorMatches, "admin-secret should never be written to the state")
// EnvironConfig remains inviolate.
cfg, err := s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(cfg.AllAttrs(), gc.DeepEquals, good.AllAttrs())
}
func (s *InitializeSuite) TestEnvironConfigWithoutAgentVersion(c *gc.C) {
// admin-secret blocks Initialize.
good := testing.EnvironConfig(c)
attrs := good.AllAttrs()
delete(attrs, "agent-version")
bad, err := config.New(config.NoDefaults, attrs)
c.Assert(err, gc.IsNil)
_, err = state.Initialize(state.TestingMongoInfo(), bad, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.ErrorMatches, "agent-version must always be set in state")
st := state.TestingInitialize(c, good, state.Policy(nil))
st.Close()
s.openState(c)
err = s.State.UpdateEnvironConfig(map[string]interface{}{}, []string{"agent-version"}, nil)
c.Assert(err, gc.ErrorMatches, "agent-version must always be set in state")
// EnvironConfig remains inviolate.
cfg, err := s.State.EnvironConfig()
c.Assert(err, gc.IsNil)
c.Assert(cfg.AllAttrs(), gc.DeepEquals, good.AllAttrs())
}
func (s *InitializeSuite) openState(c *gc.C) {
st, err := state.Open(state.TestingMongoInfo(), state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
s.State = st
}
func (s *UnitSuite) TestSetMongoPasswordOnUnitAfterConnectingAsMachineEntity(c *gc.C) {
// Make a second unit to use later. (Subordinate units can only be created
// as a side-effect of a principal entering relation scope.)
subUnit := s.addSubordinateUnit(c)
info := state.TestingMongoInfo()
st, err := state.Open(info, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st.Close()
// Turn on fully-authenticated mode.
err = st.SetAdminMongoPassword("admin-secret")
c.Assert(err, gc.IsNil)
// Add a new machine, assign the units to it
// and set its password.
m, err := st.AddMachine("quantal", state.JobHostUnits)
c.Assert(err, gc.IsNil)
unit, err := st.Unit(s.unit.Name())
c.Assert(err, gc.IsNil)
subUnit, err = st.Unit(subUnit.Name())
c.Assert(err, gc.IsNil)
err = unit.AssignToMachine(m)
c.Assert(err, gc.IsNil)
err = m.SetMongoPassword("foo")
c.Assert(err, gc.IsNil)
// Sanity check that we cannot connect with the wrong
// password
info.Tag = m.Tag()
info.Password = "******"
err = tryOpenState(info)
c.Assert(err, jc.Satisfies, errors.IsUnauthorized)
// Connect as the machine entity.
info.Tag = m.Tag()
info.Password = "******"
st1, err := state.Open(info, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st1.Close()
// Change the password for a unit derived from
// the machine entity's state.
unit, err = st1.Unit(s.unit.Name())
c.Assert(err, gc.IsNil)
err = unit.SetMongoPassword("bar")
c.Assert(err, gc.IsNil)
// Now connect as the unit entity and, as that
// that entity, change the password for a new unit.
info.Tag = unit.Tag()
info.Password = "******"
st2, err := state.Open(info, state.TestingDialOpts(), state.Policy(nil))
c.Assert(err, gc.IsNil)
defer st2.Close()
// Check that we can set its password.
unit, err = st2.Unit(subUnit.Name())
c.Assert(err, gc.IsNil)
err = unit.SetMongoPassword("bar2")
c.Assert(err, gc.IsNil)
// Clear the admin password, so tests can reset the db.
err = st.SetAdminMongoPassword("")
c.Assert(err, gc.IsNil)
}