This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch 3.8.x
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
The following commit(s) were added to refs/heads/3.8.x by this push:
new cae29d4514 jdbc-db2: fails in fips environment #5993
cae29d4514 is described below
commit cae29d45147e8f38eb97e31cc304f1d315b9ad12
Author: JiriOndrusek <ondrusek.j...@gmail.com>
AuthorDate: Fri Apr 12 10:24:45 2024 +0200
jdbc-db2: fails in fips environment #5993
---
integration-test-groups/jdbc/db2/pom.xml | 5 +++
.../component/jdbc/db2/CamelDb2JdbcTest.java | 2 +
.../camel/quarkus/test/DisabledIfFipsMode.java | 43 ++++++++++++++++++++++
...ition.java => DisabledIfFipsModeCondition.java} | 36 ++++++++----------
.../quarkus/test/EnabledIfFipsModeCondition.java | 27 ++++++++++++--
integration-tests/jdbc-grouped/pom.xml | 5 +++
6 files changed, 95 insertions(+), 23 deletions(-)
diff --git a/integration-test-groups/jdbc/db2/pom.xml
b/integration-test-groups/jdbc/db2/pom.xml
index 70cb5eff9b..d94ad37284 100644
--- a/integration-test-groups/jdbc/db2/pom.xml
+++ b/integration-test-groups/jdbc/db2/pom.xml
@@ -99,6 +99,11 @@
<type>test-jar</type>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-integration-test-support</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
diff --git
a/integration-test-groups/jdbc/db2/src/test/java/org/apache/camel/quarkus/component/jdbc/db2/CamelDb2JdbcTest.java
b/integration-test-groups/jdbc/db2/src/test/java/org/apache/camel/quarkus/component/jdbc/db2/CamelDb2JdbcTest.java
index 9ee03aa7e6..199fd1e583 100644
---
a/integration-test-groups/jdbc/db2/src/test/java/org/apache/camel/quarkus/component/jdbc/db2/CamelDb2JdbcTest.java
+++
b/integration-test-groups/jdbc/db2/src/test/java/org/apache/camel/quarkus/component/jdbc/db2/CamelDb2JdbcTest.java
@@ -21,6 +21,7 @@ import java.util.List;
import io.quarkus.test.junit.QuarkusTest;
import io.restassured.RestAssured;
import io.restassured.http.ContentType;
+import org.apache.camel.quarkus.test.DisabledIfFipsMode;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
@@ -35,6 +36,7 @@ import static org.wildfly.common.Assert.assertNotNull;
@QuarkusTest
@DisabledIfSystemProperty(named = "cq.jdbcKind", matches = "derby")
//https://github.com/quarkusio/quarkus/issues/23083
+@DisabledIfFipsMode //https://github.com/apache/camel-quarkus/issues/5993
public class CamelDb2JdbcTest {
String dbKind = "db2";
diff --git
a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsMode.java
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsMode.java
new file mode 100644
index 0000000000..579db50ffa
--- /dev/null
+++
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsMode.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.test;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import org.junit.jupiter.api.extension.ExtendWith;
+
+/**
+ * Advertises that a test should be disabled if the JDK has FIPS enabled
security providers present.
+ */
+@Target({ ElementType.TYPE, ElementType.METHOD })
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@ExtendWith(DisabledIfFipsModeCondition.class)
+public @interface DisabledIfFipsMode {
+ /**
+ * The list of FIPS security provider names to match against for enabling
the test.
+ * If no providers are specified, the default behaviour is to try to match
any provider that has
+ * FIPS in its name.
+ *
+ * @return The list of security provider names.
+ */
+ String[] providers() default {};
+}
diff --git
a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsModeCondition.java
similarity index 57%
copy from
integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
copy to
integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsModeCondition.java
index 34b8ddb7f7..984e8bde8a 100644
---
a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
+++
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/DisabledIfFipsModeCondition.java
@@ -16,43 +16,39 @@
*/
package org.apache.camel.quarkus.test;
-import java.security.Provider;
-import java.security.Security;
import java.util.List;
+import java.util.Optional;
import org.junit.jupiter.api.extension.ConditionEvaluationResult;
-import org.junit.jupiter.api.extension.ExecutionCondition;
import org.junit.jupiter.api.extension.ExtensionContext;
import static
org.junit.jupiter.api.extension.ConditionEvaluationResult.disabled;
import static
org.junit.jupiter.api.extension.ConditionEvaluationResult.enabled;
import static org.junit.platform.commons.util.AnnotationUtils.findAnnotation;
-public class EnabledIfFipsModeCondition implements ExecutionCondition {
- private static final ConditionEvaluationResult ENABLED_BY_DEFAULT =
enabled("@EnabledIfFipsMode is not present");
+/**
+ * Opposite of EnabledIfInFipsModeCondition.
+ */
+public class DisabledIfFipsModeCondition extends EnabledIfFipsModeCondition {
+ private static final ConditionEvaluationResult ENABLED_BY_DEFAULT =
enabled("@DisabledIfFipsMode is not present");
@Override
public ConditionEvaluationResult
evaluateExecutionCondition(ExtensionContext context) {
- return findAnnotation(context.getElement(),
EnabledIfFipsMode.class).map(this::map).orElse(ENABLED_BY_DEFAULT);
+ return findAnnotation(context.getElement(),
DisabledIfFipsMode.class).map(this::map).orElse(ENABLED_BY_DEFAULT);
}
- private ConditionEvaluationResult map(EnabledIfFipsMode annotation) {
+ private ConditionEvaluationResult map(DisabledIfFipsMode annotation) {
List<String> providersToMatch = List.of(annotation.providers());
- Provider[] jdkProviders = Security.getProviders();
- int matchCount = 0;
-
- for (Provider provider : jdkProviders) {
- if (providersToMatch.isEmpty() &&
provider.getName().toLowerCase().contains("fips")) {
- return enabled("Detected FIPS security provider " +
provider.getName());
- } else if (providersToMatch.contains(provider.getName())) {
- matchCount++;
- }
- }
+ Optional<String> fipsProviders = findFipsProvider(providersToMatch);
- if (!providersToMatch.isEmpty() && matchCount ==
providersToMatch.size()) {
- return enabled("Detected FIPS security providers");
+ if (fipsProviders == null) {
+ return enabled("No FIPS security providers were detected");
+ }
+ if (fipsProviders.isEmpty()) {
+ return disabled("Detected FIPS security providers");
}
- return disabled("No FIPS security providers were detected");
+ return disabled("Detected FIPS security provider " +
fipsProviders.get());
}
+
}
diff --git
a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
index 34b8ddb7f7..f858c2b835 100644
---
a/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
+++
b/integration-tests-support/test-support/src/main/java/org/apache/camel/quarkus/test/EnabledIfFipsModeCondition.java
@@ -19,6 +19,7 @@ package org.apache.camel.quarkus.test;
import java.security.Provider;
import java.security.Security;
import java.util.List;
+import java.util.Optional;
import org.junit.jupiter.api.extension.ConditionEvaluationResult;
import org.junit.jupiter.api.extension.ExecutionCondition;
@@ -38,21 +39,41 @@ public class EnabledIfFipsModeCondition implements
ExecutionCondition {
private ConditionEvaluationResult map(EnabledIfFipsMode annotation) {
List<String> providersToMatch = List.of(annotation.providers());
+ Optional<String> fipsProviders = findFipsProvider(providersToMatch);
+
+ if (fipsProviders == null) {
+ return disabled("No FIPS security providers were detected");
+ }
+ if (fipsProviders.isEmpty()) {
+ return enabled("Detected FIPS security providers");
+ }
+
+ return enabled("Detected FIPS security provider " +
fipsProviders.get());
+ }
+
+ /**
+ * Returns null if system is not in fips mode.
+ * Returns Optional.empty if system is in fips mode and there is some
provider containing "fips"
+ * Returns Optional.name if system is in fips mode and there is a match
with the provided providers
+ * (the last 2 options allows to differentiate reason of the
enablement/disablement)
+ */
+ Optional<String> findFipsProvider(List<String> providersToMatch) {
Provider[] jdkProviders = Security.getProviders();
int matchCount = 0;
for (Provider provider : jdkProviders) {
if (providersToMatch.isEmpty() &&
provider.getName().toLowerCase().contains("fips")) {
- return enabled("Detected FIPS security provider " +
provider.getName());
+ return Optional.of(provider.getName());
} else if (providersToMatch.contains(provider.getName())) {
matchCount++;
}
}
if (!providersToMatch.isEmpty() && matchCount ==
providersToMatch.size()) {
- return enabled("Detected FIPS security providers");
+ return Optional.empty();
}
- return disabled("No FIPS security providers were detected");
+ return null;
+
}
}
diff --git a/integration-tests/jdbc-grouped/pom.xml
b/integration-tests/jdbc-grouped/pom.xml
index 09f59eb82f..7f61e43bc4 100644
--- a/integration-tests/jdbc-grouped/pom.xml
+++ b/integration-tests/jdbc-grouped/pom.xml
@@ -119,6 +119,11 @@
<artifactId>awaitility</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-integration-test-support</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
