MCPcopy
hub / github.com/grpc/grpc-go / TestFileWatcher_RecoversFromReloadFailure

Method TestFileWatcher_RecoversFromReloadFailure

authz/grpc_authz_end2end_test.go:652–708  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

650}
651
652func (s) TestFileWatcher_RecoversFromReloadFailure(t *testing.T) {
653 valid1 := authzTests["DeniesRPCMatchInDenyAndAllow"]
654 file := createTmpPolicyFile(t, "recovers_from_reload_failure", []byte(valid1.authzPolicy))
655 i, _ := authz.NewFileWatcher(file, 100*time.Millisecond)
656 defer i.Close()
657
658 stub := &stubserver.StubServer{
659 UnaryCallF: func(context.Context, *testpb.SimpleRequest) (*testpb.SimpleResponse, error) {
660 return &testpb.SimpleResponse{}, nil
661 },
662 S: grpc.NewServer(grpc.ChainUnaryInterceptor(i.UnaryInterceptor)),
663 }
664 stubserver.StartTestService(t, stub)
665 defer stub.Stop()
666
667 // Establish a connection to the server.
668 cc, err := grpc.NewClient(stub.Address, grpc.WithTransportCredentials(insecure.NewCredentials()))
669 if err != nil {
670 t.Fatalf("grpc.NewClient(%v) failed: %v", stub.Address, err)
671 }
672 defer cc.Close()
673 client := testgrpc.NewTestServiceClient(cc)
674
675 ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
676 defer cancel()
677
678 // Verifying authorization decision.
679 _, err = client.UnaryCall(ctx, &testpb.SimpleRequest{})
680 if got := status.Convert(err); got.Code() != valid1.wantStatus.Code() || got.Message() != valid1.wantStatus.Message() {
681 t.Fatalf("client.UnaryCall(_, _) = %v; want = %v", got.Err(), valid1.wantStatus.Err())
682 }
683
684 // Skips the invalid policy update, and continues to use the valid policy.
685 if err := os.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
686 t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
687 }
688
689 // Wait 120 ms for background go routine to read updated files.
690 time.Sleep(120 * time.Millisecond)
691
692 // Verifying authorization decision.
693 _, err = client.UnaryCall(ctx, &testpb.SimpleRequest{})
694 if got := status.Convert(err); got.Code() != valid1.wantStatus.Code() || got.Message() != valid1.wantStatus.Message() {
695 t.Fatalf("client.UnaryCall(_, _) = %v; want = %v", got.Err(), valid1.wantStatus.Err())
696 }
697
698 // Rewrite the file with a different valid authorization policy.
699 valid2 := authzTests["AllowsRPCEmptyDenyMatchInAllow"]
700 if err := os.WriteFile(file, []byte(valid2.authzPolicy), os.ModePerm); err != nil {
701 t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
702 }
703
704 // Verifying authorization decision.
705 if got := retryUntil(ctx, client, valid2.wantStatus); got != nil {
706 t.Fatalf("client.UnaryCall(_, _) = %v; want = %v", got, valid2.wantStatus.Err())
707 }
708}

Callers

nothing calls this directly

Calls 15

StopMethod · 0.95
UnaryCallMethod · 0.95
NewFileWatcherFunction · 0.92
NewServerFunction · 0.92
ChainUnaryInterceptorFunction · 0.92
StartTestServiceFunction · 0.92
NewClientFunction · 0.92
WithTransportCredentialsFunction · 0.92
NewCredentialsFunction · 0.92
ConvertFunction · 0.92
createTmpPolicyFileFunction · 0.85
retryUntilFunction · 0.85

Tested by

no test coverage detected