Fix the pytest parameter error and Add the password in self signed mo…

…de. (#2994)

* Fix the pytest parameter error. Add the password in self signed mode.

* Fix error.

src/common/ssl/SSLConfig.cpp

@@ -8,6 +8,7 @@
 
 DEFINE_string(cert_path, "", "Path to cert pem.");
 DEFINE_string(key_path, "", "Path to cert key.");
+DEFINE_string(password_path, "", "Path to password.");
 DEFINE_string(ca_path, "", "Path to trusted CA file.");
 DEFINE_bool(enable_ssl, false, "Whether to enable ssl.");
 DEFINE_bool(enable_graph_ssl, false, "Whether to enable ssl of graph server.");
@@ -17,7 +18,7 @@ namespace nebula {
 
 std::shared_ptr<wangle::SSLContextConfig> sslContextConfig() {
   auto sslCfg = std::make_shared<wangle::SSLContextConfig>();
-  sslCfg->addCertificate(FLAGS_cert_path, FLAGS_key_path, "");
+  sslCfg->addCertificate(FLAGS_cert_path, FLAGS_key_path, FLAGS_password_path);
   sslCfg->isDefault = true;
   return sslCfg;
 }

tests/cert/test.ca.password

@@ -0,0 +1 @@
+vesoft

tests/common/nebula_service.py

@@ -65,6 +65,8 @@ def _copy_nebula_conf(self):
                     resources_dir)
         shutil.copy(self.src_dir + '/tests/cert/test.ca.pem',
                     resources_dir)
+        shutil.copy(self.src_dir + '/tests/cert/test.ca.password',
+                    resources_dir)
         shutil.copy(self.src_dir + '/tests/cert/test.derive.key',
                     resources_dir)
         shutil.copy(self.src_dir + '/tests/cert/test.derive.crt',
@@ -86,6 +88,7 @@ def _format_nebula_command(self, name, meta_port, ports, debug_log=True, ca_sign
         else:
             params.append('--cert_path=share/resources/test.ca.pem')
             params.append('--key_path=share/resources/test.ca.key')
+            params.append('--password_path=share/resources/test.ca.password')
 
         if name == 'graphd':
             params.append('--local_config=false')

tests/nebula-test-run.py

@@ -54,19 +54,19 @@ def init_parser():
                           help='Print verbose debug logs')
     opt_parser.add_option('--enable_ssl',
                           dest='enable_ssl',
-                          default=False,
+                          default='false',
                           help='Whether enable SSL for cluster.')
     opt_parser.add_option('--enable_graph_ssl',
                           dest='enable_graph_ssl',
-                          default=False,
+                          default='false',
                           help='Whether enable SSL for graph server.')
     opt_parser.add_option('--enable_meta_ssl',
                           dest='enable_meta_ssl',
-                          default=False,
+                          default='false',
                           help='Whether enable SSL for meta server.')
     opt_parser.add_option('--ca_signed',
                           dest='ca_signed',
-                          default=False,
+                          default='false',
                           help='Whether enable CA signed SSL/TLS mode.')
     return opt_parser
 
@@ -86,7 +86,11 @@ def start_nebula(nb, configs):
         nb.install()
         address = "localhost"
         debug = opt_is(configs.debug, "true")
-        ports = nb.start(debug_log=debug, multi_graphd=configs.multi_graphd, enable_ssl=configs.enable_ssl, enable_graph_ssl=configs.enable_graph_ssl, enable_meta_ssl=configs.enable_meta_ssl, ca_signed=configs.ca_signed)
+        enable_ssl = opt_is(configs.enable_ssl, "true")
+        enable_meta_ssl = opt_is(configs.enable_meta_ssl, "true")
+        enable_graph_ssl = opt_is(configs.enable_graph_ssl, "true")
+        ca_signed = opt_is(configs.ca_signed, "true")
+        ports = nb.start(debug_log=debug, multi_graphd=configs.multi_graphd, enable_ssl=enable_ssl, enable_graph_ssl=enable_graph_ssl, enable_meta_ssl=enable_meta_ssl, ca_signed=ca_signed)
 
     # Load csv data
     pool = get_conn_pool(address, ports[0])