Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Audit Logging] End2end test for audit logging in authorization policy #33196

Merged
merged 19 commits into from
May 24, 2023
Merged

[Audit Logging] End2end test for audit logging in authorization policy #33196

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
c554691
end2end test for audit logging in authz policy
rockspore May 19, 2023
162ecb2
correct openssl command
rockspore May 19, 2023
4faa5fd
remove extra include
rockspore May 19, 2023
74b97ce
address PR comments
rockspore May 19, 2023
1801a96
name in README.
rockspore May 19, 2023
f302fa9
verify log content in test logger
rockspore May 19, 2023
bda164f
remove extra include
rockspore May 19, 2023
328224b
address PR comments
rockspore May 19, 2023
94af09e
add test case with no logging
rockspore May 22, 2023
648f581
make test logger as test util
rockspore May 23, 2023
12a385d
Merge branch 'master' of github.com:grpc/grpc into authz-e2e
rockspore May 23, 2023
7ecb862
newlines
rockspore May 23, 2023
86eed3b
sanity
rockspore May 23, 2023
71d239f
more sanity
rockspore May 23, 2023
aa29dd5
Automated change: Fix sanity tests
rockspore May 23, 2023
8636a49
Merge pull request #31 from rockspore/create-pull-request/patch-71d239f
rockspore May 23, 2023
1bef4ca
clang tidy
rockspore May 23, 2023
1ae9566
address PR comments
rockspore May 24, 2023
1be579d
clang tidy
rockspore May 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/core/tsi/test_creds/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ exports_files([
"server0.pem",
"client.key",
"client.pem",
"client3.key",
"client3.pem",
"badserver.key",
"badserver.pem",
"badclient.key",
Expand Down
13 changes: 13 additions & 0 deletions src/core/tsi/test_creds/README
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,19 @@ common name which is set to testclient2.
$ openssl x509 -req -CA ca.pem -CAkey ca.key -CAcreateserial -in client2.csr \
-out client2.pem -days 3650

client3 is issued by CA:
rockspore marked this conversation as resolved.
Show resolved Hide resolved
-----------------------

$ openssl genrsa -out client3.key.rsa 2048
$ openssl pkcs8 -topk8 -in client3.key.rsa -out client3.key -nocrypt
$ openssl req -new -key client3.key -out client3.csr -config client3-openssl.cnf

When prompted for certificate information, everything is default except the
common name which is set to testclient3.

$ openssl x509 -req -CA ca.pem -CAkey ca.key -CAcreateserial -in client3.csr \
-out client3.pem -extensions v3_req -extfile client3-openssl.cnf -days 3650

server0 is issued by CA:
------------------------

Expand Down
15 changes: 15 additions & 0 deletions src/core/tsi/test_creds/client3-openssl.cnf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no

[req_distinguished_name]
CN = testclient3

[v3_req]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names

[alt_names]
URI = spiffe://foo.com/bar/baz
28 changes: 28 additions & 0 deletions src/core/tsi/test_creds/client3.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDNLEJrQ4+tX7+I
vyMLYg1xlz0TBEnZqPM3A81QoB0w5XuE5/wYp2vLmqz3c8b3tIoxSjl+i0E9KPKG
4YgFkQCOQFu2UBTjzlt2+zlWsFwGPXkKsmCNRw8Ey8cJqH4krk974yw1TQVZ8S/h
0yiyEsCgxjSHR1+Zjv7IqNBVuw+zgwR5QyirxNuaddrwysxotESoROTlesXiURfK
ywHWcIGgaxmaOAszcLjIK4zNkSYziVf7AMq4NvDmZWH/fe40nBhh4AflufRkcI/j
xogrCF6zA1CWwJO4AtSbnLqw7okkZlWY4opKG8VQXB9JwztPBSadCEwYh48DDM5l
Gyk0QPQ7AgMBAAECggEAPUEPe1KqXIqPdlYKMmXNubH7a+gF3FPSeQRLkdybmnOI
0v8nhnzFc/3z0dTg/CcMcvbD/4G3sni9H4PJxk+qKM4SE3YJJpH/QKB0V+tDLiHA
N29V4Bfs5fOosrt5HZ5k4InMMwWRqW6WawdNyQxMMjO6jwDCC+hjLKkpuc6lO2RD
DxSbZ1qnoEFevhn/A6WUaq/aQ+S56NvczUksP/EDsGD0aPSDpYx/ghj1Ps8A/H75
K+TnDsWpdMgW3/BIAAvIGRm5AVROuISwoAAtgvB1+fm9lMGJ/EPCtmCm3UZwmtYO
+YFznC4zvTzNZ7QswstO9A1FRGm1X90G6Rkdr1CCcQKBgQD1nLMFS6WBBTZEDk74
7fOmf0wBWdPW7kzcJfSz8dcedBfsZSffBPo23ePFHamGGW8YZRk48lBfNjPEXT/v
Otn4CoQIbEWPq8xIWjkAEP8JPj+t1KPkxFcL2r5+XlkSj+lmrvTlzsncz/QcU++j
MsKq50jshX0R1nf9KkZHsqlz7QKBgQDV2bcR0T7LdYvNon5gPbHv046Oc3XEQLD4
qlUsCxoIiSJCMe/mVrUI6EJl5qUH6pUO9FEyUSgQcIHZ0cYl6LnUSTR0+v6VzSOL
fHVb470RmOEorcPVeTV3craMhyoFBWTBs5J1ipq7/1bjrt1mqqoIXtdaHARQ7g+j
l2m9T3pTxwKBgQCVjDP0pXrAdEv2ZD/xkfEpD5lXuTojRDXIVdQJPNee01E9vtno
ET/I6JInE0iFPjdGw0f4RJJrZrVeeujS4SKWxNBf0I0KTbC03TqXr8GZ/y0GytKA
GIxny2jxyMCzbKzQuPakdqSyrmwUU4c191JQfUMJwL3Gfq/Qlkz0mvRSgQKBgDLV
xVID9rRw5eHlHbuNDu5e0QWF5tnXMvp5qzOEFBUxXCZ2LnwH4pMSey40DMj796EN
bPvUFP0LcaKw3jSGxR30pPal77z2fdubo15LnddAC04bOHFXleEmMMTpIJD+/juZ
j1hHsY69HQ+UsubD7RV+Th0KifAfFzKhPK6W5RJjAoGADfvdJhDFh/EqlS0IwKcP
SkZeIEKZjXQoyQHQs9BSEKS/YljOh1T/bSUgHasvQBLru2DwBZtjOUOr3AnspUWc
Ds6esvYqCmrejbAgH339q3ljyUAszOE5sCsz924WhMDzSaGCG4diPqIdRvXmQEhs
MjLXW5+g+AJOBB2XhJaxmB8=
-----END PRIVATE KEY-----
23 changes: 23 additions & 0 deletions src/core/tsi/test_creds/client3.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
-----BEGIN CERTIFICATE-----
MIID1zCCAr+gAwIBAgIUM1A1YAb9yiRy8KEZ0Yw+Oqeyff0wDQYJKoZIhvcNAQEL
BQAwVjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGdGVzdGNhMB4XDTIz
MDUxODE3MTYwNVoXDTMzMDUxNTE3MTYwNVowFjEUMBIGA1UEAwwLdGVzdGNsaWVu
dDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNLEJrQ4+tX7+IvyML
Yg1xlz0TBEnZqPM3A81QoB0w5XuE5/wYp2vLmqz3c8b3tIoxSjl+i0E9KPKG4YgF
kQCOQFu2UBTjzlt2+zlWsFwGPXkKsmCNRw8Ey8cJqH4krk974yw1TQVZ8S/h0yiy
EsCgxjSHR1+Zjv7IqNBVuw+zgwR5QyirxNuaddrwysxotESoROTlesXiURfKywHW
cIGgaxmaOAszcLjIK4zNkSYziVf7AMq4NvDmZWH/fe40nBhh4AflufRkcI/jxogr
CF6zA1CWwJO4AtSbnLqw7okkZlWY4opKG8VQXB9JwztPBSadCEwYh48DDM5lGyk0
QPQ7AgMBAAGjgdwwgdkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwIwYDVR0RBBww
GoYYc3BpZmZlOi8vZm9vLmNvbS9iYXIvYmF6MB0GA1UdDgQWBBTnAcMwRonIKLo4
MPWq1QNGJFbt9TB7BgNVHSMEdDByoVqkWDBWMQswCQYDVQQGEwJBVTETMBEGA1UE
CAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
MQ8wDQYDVQQDDAZ0ZXN0Y2GCFFqz9Fbx3Mviz+lLmDbYi/YAYQ+aMA0GCSqGSIb3
DQEBCwUAA4IBAQA2rDFPPcQEbQbV8ywaKaSsAHP8te7GVxBC3F18TVD+i8HNL1UU
gYXdVXYMPPKaNgOTY2SXx/73J74T3rTBf4aL/GBe9qOiNtV1lwVJDvswBHZ5obtd
aeBq3o1z0af9lGX/Q6JjO97/uovAuqmDGXFSPafTZAcvepKmlvQcmJnEUantlUCG
UWchPMbyoaOFmgD+b1fmj2/A2jFUyaK1tk5KlJMYCrWK16tUtVZk4mWytjijhpaJ
QBYOaX2tE1+E7LaXIVg/ZmYi7yfXCakopKCLY8DKDbLpXZKtUFjQAA8xXCcRV2Zc
5/et+LMsmzeD8rn3m5KN7uzWNTbQl/pvJi1Y
-----END CERTIFICATE-----
4 changes: 2 additions & 2 deletions test/cpp/end2end/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -943,8 +943,8 @@ grpc_cc_test(
srcs = ["grpc_authz_end2end_test.cc"],
data = [
"//src/core/tsi/test_creds:ca.pem",
"//src/core/tsi/test_creds:client.key",
"//src/core/tsi/test_creds:client.pem",
"//src/core/tsi/test_creds:client3.key",
gtcooke94 marked this conversation as resolved.
Show resolved Hide resolved
"//src/core/tsi/test_creds:client3.pem",
"//src/core/tsi/test_creds:server1.key",
"//src/core/tsi/test_creds:server1.pem",
],
Expand Down