Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Making SSH Nodes work both on Linux and Windows based systems #25291

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from
Draft

Making SSH Nodes work both on Linux and Windows based systems #25291

wants to merge 5 commits into from

Conversation

dmatej
Copy link
Contributor

@dmatej dmatej commented Dec 17, 2024

When I implemented these tests I had to face quite a lot of issues even on Linux. When I finish, I will write some blog about it, it is another painful episode. However I have to make notes and it will be useful also for users and reviewers. In short:

Assumptions of the test

  • The private key doesn't have any passphrase
  • DAS uses create-node-ssh --install to "clone" GlassFish installation to another machine.
  • Test uses Temurin docker images as a base.

Node side: Environment

  • jar is not on PATH everywhere
    • however unzip might be already there - fix: add some autodetection code.

Node side: SSHD Configuration

  • SFTP has to be explicitly enabled on some systems
  • public key authentication can be disabled. Same applies to other types.
  • User interaction can be forbidden.
  • Port can be blocked by firewall or antivirus, etc.
  • Port can be different.
  • ...

DAS side: Environment

  • When using scripts, no TTY might be available. Scripts can fail or wait for user input forever.
    • Always set timeout when such risk exists
    • For ssh command is useful sshpass command. Test uses it, however GlassFish uses Jsch library instead.

DAS side: SSH Command Configuration

  • Applies to the test and user experiments, not to GlassFish
  • Empty passphrase - be careful, when you set it via execInContainer: "''" means apostrophes, not empty passphrase.
  • User interaction can be forbidden just like on the server (sshd)
  • StrictHostKeyChecking=accept-new should not be used on production; however would be useful if we would not enforce user to run the ssh command on his own and manually accept the server's key. That is TODO.

DAS side: JSCH SSH Implementation

  • "raw" and "resolved" password and passphrase. I doubt the implementation is correct.
  • logging - fixes will be pushed later
    • race condition - fix: use Jsch logger name.
    • impossible to guess which logger level I should set, overengineered antipattern of "set logger for Jsch once for asadmin, then for kernel, then for cluster, then just jsch, ..." - then you set 4 logger levels and it still doesn't print anything. - fix: always use Jsch logger name.

@dmatej
Fixed artifactId of ant based ejb tests - was duplicit
1bba746 
Signed-off-by: David Matějček <[email protected]>
@dmatej
Implemented test for SSH nodes on Linux-based system
530a422 
Signed-off-by: David Matějček <[email protected]>
@dmatej
Fixed unavailable jar command
d3b7e03 
- prefer unzip, if not detected, use jar

Signed-off-by: David Matějček <[email protected]>
@dmatej dmatej self-assigned this Dec 17, 2024
@dmatej dmatej added bug Something isn't working build and test improvement labels Dec 17, 2024
@dmatej dmatej added this to the 7.0.21 milestone Dec 17, 2024
@dmatej dmatej changed the title Making SSH Nodes working reliably both on Linux and Windows based systems Making SSH Nodes work both on Linux and Windows based systems Dec 17, 2024
@dmatej
Created linux workflow
a617b13 
- Because Eclipse Jenkins CI does not support TestContainers while GitHub
  Actions do.
- Synced Ubuntu and Windows workflow

Signed-off-by: David Matějček <[email protected]>
@dmatej
DO NOT MERGE without cleanup
c36b888 
- This commit servers as an experiment with TC on Windows on GitHub Actions!

Signed-off-by: David Matějček <[email protected]>
@arjantijms arjantijms requested a review from pzygielo December 24, 2024 13:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pzygielo pzygielo Awaiting requested review from pzygielo

At least 1 approving review is required to merge this pull request.

Assignees

@dmatej dmatej

Labels
bug Something isn't working build and test improvement
Projects
None yet
Milestone
7.0.21
Development

Successfully merging this pull request may close these issues.
2 participants
@dmatej @pzygielo