Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 8535cb5bc5437960430ff94d3ea7280ccf931340^! / . / metropolis / test / e2e / main_test.go
commit8535cb5bc5437960430ff94d3ea7280ccf931340[log] [tgz]
authorSerge Bazanski <serge@monogon.tech>Wed Mar 29 14:15:08 2023 +0200
committerSerge Bazanski <serge@monogon.tech>Wed Mar 29 17:18:22 2023 +0000
tree57edb5cf064ad8b43aef52c1bbb974dd5cce7c26
parent30fd15406e2c9cba7391f6af96c775b313a115fa [diff] [blame]
m/n/core/rpc: implement node verification in authenticated connections

The current API of NewAuthenticatedCredentials is not easily extensible,
so switch over to such an API now.

This then adds a WantRemoteNode option which verifies that the remote
connection is established to a node with a given ID.

Change-Id: Ie9f6b33d8b032729181bae5591eba9856ea2f523
Reviewed-on: https://review.monogon.dev/c/monogon/+/1427
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

diff --git a/metropolis/test/e2e/main_test.go b/metropolis/test/e2e/main_test.go
index c3f6a3c..b57f3d3 100644
--- a/metropolis/test/e2e/main_test.go
+++ b/metropolis/test/e2e/main_test.go

@@ -101,7 +101,7 @@
 	launch.Log("E2E: Cluster running, starting tests...")
 
 	// Dial first node's curator.
-	creds := rpc.NewAuthenticatedCredentials(cluster.Owner, nil)
+	creds := rpc.NewAuthenticatedCredentials(cluster.Owner, rpc.WantInsecure())
 	remote := net.JoinHostPort(cluster.NodeIDs[0], common.CuratorServicePort.PortString())
 	cl, err := grpc.Dial(remote, grpc.WithContextDialer(cluster.DialNode), grpc.WithTransportCredentials(creds))
 	if err != nil {