"core": Shell tests must use the agent
This CL moves the veyron/tool/mgmt and veyron/services/identity
shell tests so that they only use a principal supplied by the agent
(as opposed to the VEYRON_CREDENTIALS directory).
With this CL, all shell tests in the core package would switch to
using the agent.
Change-Id: I986a646381d2b129698402f7fe82f9730b3b6a0c
diff --git a/services/identity/server/identityd.go b/services/identity/server/identityd.go
index 49e9bdc..c388d60 100644
--- a/services/identity/server/identityd.go
+++ b/services/identity/server/identityd.go
@@ -76,7 +76,10 @@
func (s *identityd) Serve() {
flag.Parse()
- runtime, err := rt.New(options.RuntimePrincipal{providerPrincipal(s.auditor)})
+ p, r := providerPrincipal(s.auditor)
+ defer r.Cleanup()
+
+ runtime, err := rt.New(options.RuntimePrincipal{p})
if err != nil {
vlog.Fatal(err)
}
@@ -226,14 +229,21 @@
}
// providerPrincipal returns the Principal to use for the identity provider (i.e., this program).
-func providerPrincipal(auditor audit.Auditor) security.Principal {
+//
+// TODO(ataly, suharhs, mattr): HACK!!! This method also returns the runtime that it creates
+// internally to read the principal supplied by the environment. This runtime must be cleaned up
+// whenever identity server is shutdown. The runtime cannot be cleaned up here as the server may
+// be running under an agent in which case cleaning up the runtime closes the connection to the
+// agent. Therefore we return the runtime so that it can be cleaned up eventually. This problem
+// would hopefully go away once we change the runtime to a context.T and have mechanisms for
+// constructing and managing derived context.Ts.
+func providerPrincipal(auditor audit.Auditor) (security.Principal, veyron2.Runtime) {
// TODO(ashankar): Somewhat silly to have to create a runtime, but oh-well.
r, err := rt.New()
if err != nil {
vlog.Fatal(err)
}
- defer r.Cleanup()
- return audit.NewPrincipal(r.Principal(), auditor)
+ return audit.NewPrincipal(r.Principal(), auditor), r
}
func httpaddress() string {
diff --git a/services/identity/test.sh b/services/identity/test.sh
index 5b30587..471e140 100755
--- a/services/identity/test.sh
+++ b/services/identity/test.sh
@@ -4,6 +4,9 @@
source "$(go list -f {{.Dir}} v.io/core/shell/lib)/shell_test.sh"
+# Run the test under the security agent.
+shell_test::enable_agent "$@"
+
readonly WORKDIR="${shell_test_WORK_DIR}"
build() {
@@ -32,14 +35,12 @@
main() {
cd "${WORKDIR}"
build
-
+
shell_test::setup_server_test || shell_test::fail "line ${LINENO} failed to setup server test"
- unset VEYRON_CREDENTIALS
# Start the identityd server in test identity server.
- shell_test::start_server "${IDENTITYD_BIN}" --host=localhost -veyron.tcp.address=127.0.0.1:0
+ shell_test::start_server "${VRUN}" "${IDENTITYD_BIN}" --host=localhost -veyron.tcp.address=127.0.0.1:0
echo Identityd Log File: $START_SERVER_LOG_FILE
- export VEYRON_CREDENTIALS="$(shell::tmp_dir)"
# Test an initial seekblessings call, with a specified VEYRON_CREDENTIALS.
WANT="Received blessings"
