add custom config file. add ssl test and document it

Author: mkorolyov

docs/modules/databases/scylladb.md

@@ -10,12 +10,20 @@ You can start a ScyllaDB container instance from any Java application by using:
 [Create container](../../../modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java) inside_block:container
 <!--/codeinclude-->
 
+<!--codeinclude-->
+[Custom config file](../../../modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java) inside_block:custom_configuration
+<!--/codeinclude-->
+
 ### Building CqlSession
 
 <!--codeinclude-->
 [Using CQL port](../../../modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java) inside_block:session
 <!--/codeinclude-->
 
+<!--codeinclude-->
+[Using SSL](../../../modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java) inside_block:sslContext
+<!--/codeinclude-->
+
 <!--codeinclude-->
 [Using Shard Awareness port](../../../modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java) inside_block:shardAwarenessSession
 <!--/codeinclude-->

modules/scylladb/src/main/java/org/testcontainers/scylladb/ScyllaDBContainer.java

@@ -3,8 +3,10 @@
 import org.testcontainers.containers.GenericContainer;
 import org.testcontainers.containers.wait.strategy.Wait;
 import org.testcontainers.utility.DockerImageName;
+import org.testcontainers.utility.MountableFile;
 
 import java.net.InetSocketAddress;
+import java.util.Optional;
 
 /**
  * Testcontainers implementation for ScyllaDB.
@@ -30,8 +32,12 @@ public class ScyllaDBContainer extends GenericContainer<ScyllaDBContainer> {
 
     private static final String COMMAND = "--developer-mode=1 --overprovisioned=1";
 
+    private static final String CONTAINER_CONFIG_LOCATION = "/etc/scylla";
+
     private boolean alternatorEnabled = false;
 
+    private String configLocation;
+
     public ScyllaDBContainer(String dockerImageName) {
         this(DockerImageName.parse(dockerImageName));
     }
@@ -54,6 +60,18 @@ protected void configure() {
                 COMMAND + " --alternator-port=" + ALTERNATOR_PORT + " --alternator-write-isolation=always";
             withCommand(newCommand);
         }
+
+        // Map (effectively replace) directory in Docker with the content of resourceLocation if resource location is
+        // not null.
+        Optional
+            .ofNullable(configLocation)
+            .map(MountableFile::forClasspathResource)
+            .ifPresent(mountableFile -> withCopyFileToContainer(mountableFile, CONTAINER_CONFIG_LOCATION));
+    }
+
+    public ScyllaDBContainer withConfigurationOverride(String configLocation) {
+        this.configLocation = configLocation;
+        return this;
     }
 
     public ScyllaDBContainer withAlternator() {

modules/scylladb/src/test/java/org/testcontainers/scylladb/ScyllaDBContainerTest.java

@@ -15,22 +15,34 @@
 import software.amazon.awssdk.services.dynamodb.model.KeyType;
 import software.amazon.awssdk.services.dynamodb.model.ScalarAttributeType;
 
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+import java.io.IOException;
 import java.net.URI;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 public class ScyllaDBContainerTest {
 
-    private static final DockerImageName SCYLLADB_IMAGE = DockerImageName.parse("scylladb/scylla:5.2.9");
+    private static final DockerImageName SCYLLADB_IMAGE = DockerImageName.parse("scylladb/scylla:6.2");
 
     private static final String BASIC_QUERY = "SELECT release_version FROM system.local";
 
     @Test
     public void testSimple() {
         try ( // container {
-            ScyllaDBContainer scylladb = new ScyllaDBContainer("scylladb/scylla:5.2.9")
-            // }
+              ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE)
+              // }
         ) {
             scylladb.start();
             // session {
@@ -47,6 +59,49 @@ public void testSimple() {
         }
     }
 
+    @Test
+    public void testSimpleSsl() throws NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableKeyException, KeyManagementException {
+        try (
+            // custom_configuration {
+            ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE)
+                .withConfigurationOverride("scylla-test-ssl")
+            // }
+        ) {
+
+            // sslContext {
+            String testResourcesDir = getClass().getClassLoader().getResource("scylla-test-ssl/").getPath();
+
+            KeyStore keyStore = KeyStore.getInstance("PKCS12");
+            keyStore.load(Files.newInputStream(Paths.get(testResourcesDir + "keystore.node0")), "scylla".toCharArray());
+
+            KeyStore trustStore = KeyStore.getInstance("PKCS12");
+            trustStore.load(Files.newInputStream(Paths.get(testResourcesDir + "truststore.node0")), "scylla".toCharArray());
+
+            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+            keyManagerFactory.init(keyStore, "scylla".toCharArray());
+
+            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+            trustManagerFactory.init(trustStore);
+
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
+            // }
+
+            scylladb.start();
+
+            CqlSession session = CqlSession
+                .builder()
+                .addContactPoint(scylladb.getContactPoint())
+                .withLocalDatacenter("datacenter1")
+                .withSslContext(sslContext)
+                .build();
+            ResultSet resultSet = session.execute(BASIC_QUERY);
+            assertThat(resultSet.wasApplied()).isTrue();
+            assertThat(resultSet.one().getString(0)).isNotNull();
+            assertThat(session.getMetadata().getNodes().values()).hasSize(1);
+        }
+    }
+
     @Test
     public void testShardAwareness() {
         try (ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE)) {
@@ -67,8 +122,8 @@ public void testShardAwareness() {
     @Test
     public void testAlternator() {
         try ( // alternator {
-            ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE).withAlternator()
-            // }
+              ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE).withAlternator()
+              // }
         ) {
             scylladb.start();
 
@@ -104,4 +159,15 @@ public void throwExceptionWhenAlternatorDisabled() {
                 .hasMessageContaining("Alternator is not enabled");
         }
     }
+
+    @Test
+    public void testSslConfiguration() {
+        try (ScyllaDBContainer scylladb = new ScyllaDBContainer(SCYLLADB_IMAGE)) {
+            scylladb.start();
+            assertThat(scylladb.getEnvMap().get("SCYLLA_SSL")).isEqualTo("1");
+            assertThat(scylladb.getEnvMap().get("SCYLLA_SSL_CERT_FILE")).isEqualTo("/etc/scylla/certs/scylla.crt");
+            assertThat(scylladb.getEnvMap().get("SCYLLA_SSL_KEY_FILE")).isEqualTo("/etc/scylla/certs/scylla.key");
+            assertThat(scylladb.getEnvMap().get("SCYLLA_SSL_CA_FILE")).isEqualTo("/etc/scylla/certs/ca.crt");
+        }
+    }
 }

modules/scylladb/src/test/resources/scylla-test-configuration-example/scylla.yaml

@@ -0,0 +1,30 @@
+Bag Attributes
+    friendlyName: node0
+    localKeyID: 54 69 6D 65 20 31 37 33 35 39 34 30 37 38 39 31 39 34 
+subject=C=None, L=None, O=None, OU=None, CN=None
+issuer=C=None, L=None, O=None, OU=None, CN=None
+-----BEGIN CERTIFICATE-----
+MIIEOzCCAqOgAwIBAgIIY4iVNsJSWiEwDQYJKoZIhvcNAQEMBQAwSzENMAsGA1UE
+BhMETm9uZTENMAsGA1UEBxMETm9uZTENMAsGA1UEChMETm9uZTENMAsGA1UECxME
+Tm9uZTENMAsGA1UEAxMETm9uZTAgFw0yNTAxMDMyMTM5MzFaGA8yMTI0MTIxMDIx
+MzkzMVowSzENMAsGA1UEBhMETm9uZTENMAsGA1UEBxMETm9uZTENMAsGA1UEChME
+Tm9uZTENMAsGA1UECxMETm9uZTENMAsGA1UEAxMETm9uZTCCAaIwDQYJKoZIhvcN
+AQEBBQADggGPADCCAYoCggGBAJuC18n+jlDcmR8CWxSK3fR2t1Am8P7IK5FY3ky8
+vEJSCMh+GoiqXVq67zhpOJnlgvEEZIDJGzBmJ/nIZvQwIAMxs792fHIEpEI2GTpf
+oaMf/9AAuPXuscg+5i4us1eVyVbrq3sREJ2NXHIPylcjtbwLjuepvmXTLp1d7oOJ
+Ad0X0W3UN/uwrlV3NPBuVLjJiCvJijWrCv1lFTuIcclqs478ozllp8UfcwJ57OH2
+Hq1ee9Ex9y7HouDPfFzmMRp1/jEcb0xbefpdW3Am6P9AXQuw2JMempwt5KbrAE+Z
+V1JnZCjSYSkspwid2bt5To/o60ypZUUswElasgAV/k8AxxDOkJGZusEqqVH7EFvk
+h3FiY/jb9cM1t5eLcpjx0wA+GOuErW3dgH5/WYugY2iiYjP1IQTb8Pk+gfAvq+2p
+SX3wISDCAh53j+aceUvNf+lItXsz66V9e+VH1xcOZcyO4gAMUVNYQFv/2wZ9knK4
+o30Aiqir1g2Hd5F/rWYNum+UbQIDAQABoyEwHzAdBgNVHQ4EFgQUqAWcYa3l/OHI
+JACasy+bZUwHP9kwDQYJKoZIhvcNAQEMBQADggGBAJQo55VJd8aEv6uiC5bKdACo
+M1GMvxWXUFzTdh2XKTOMF5GWwGJ3WRuW9o9wMZwXjvRihPfnx+DnfCCgZBOTGLXB
+3ObsogR9rij4uquUIkGJsshggY2gO82NVD7dRwGClncwTI+/RU7qGUym4SEdg6GP
+yfad3eTvqscQU1mNTxkaH0IDzPm0SWF8lcgGnrdHWlN+Nb8MJSHL5NFc9DA9pZck
+5/4MG1X8Hsk/UT04ln+8VrhYFkxkDv4fSKlr65slrst5721J0j+VLEwnuEl1onpW
+WHTTTIcOTDR5asrN9ZACCUsBxST8yfoJQ5G4HMO+UI1/1d928Ug6kHNWw2WR5FGG
+pJVu9vpTdA01MNkSeCuZhaPe2XgZcNPyHXcVxslNvFFZ0FVt6pSIhtmZ+4a8dRsm
+eU4NQ+PJ24En/8dErxaPqmi31wRZBg5Y9YlugJV4GQszCKHr0OYNK+Lpdq9dboUj
+6lxX7+gshUgKMzunUl/rTvddG7e/WuZbi9IvmJ4MYw==
+-----END CERTIFICATE-----

modules/scylladb/src/test/resources/scylla-test-ssl/keystore.node0

@@ -0,0 +1,44 @@
+Bag Attributes
+    friendlyName: node0
+    localKeyID: 54 69 6D 65 20 31 37 33 35 39 34 30 37 38 39 31 39 34 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIG/AIBADANBgkqhkiG9w0BAQEFAASCBuYwggbiAgEAAoIBgQCbgtfJ/o5Q3Jkf
+AlsUit30drdQJvD+yCuRWN5MvLxCUgjIfhqIql1auu84aTiZ5YLxBGSAyRswZif5
+yGb0MCADMbO/dnxyBKRCNhk6X6GjH//QALj17rHIPuYuLrNXlclW66t7ERCdjVxy
+D8pXI7W8C47nqb5l0y6dXe6DiQHdF9Ft1Df7sK5VdzTwblS4yYgryYo1qwr9ZRU7
+iHHJarOO/KM5ZafFH3MCeezh9h6tXnvRMfcux6Lgz3xc5jEadf4xHG9MW3n6XVtw
+Juj/QF0LsNiTHpqcLeSm6wBPmVdSZ2Qo0mEpLKcIndm7eU6P6OtMqWVFLMBJWrIA
+Ff5PAMcQzpCRmbrBKqlR+xBb5IdxYmP42/XDNbeXi3KY8dMAPhjrhK1t3YB+f1mL
+oGNoomIz9SEE2/D5PoHwL6vtqUl98CEgwgIed4/mnHlLzX/pSLV7M+ulfXvlR9cX
+DmXMjuIADFFTWEBb/9sGfZJyuKN9AIqoq9YNh3eRf61mDbpvlG0CAwEAAQKCAYAT
+SMt3qhB96I04cjNXPc0+ZoZe8yVJgwscEBgpDfKOitu5+SFTN0UyXiISLcIuG278
+cl4ANnAftVtZt0dFGr6thrlSkd/mx7qS12CTg45oyywO4DgPj1UOjvY+Xd4xi0qX
+c8wlC72yu/ft0RV3bt83fXtwMPWCbQjHzQEp4JCRmUWISBvVI1jLEmhHNHdfHua6
+/1gbRaWsPJ/AbTAnGQtBPQUEth1y7W52rSX582pkd2YFUBvl+i2xkSlL3+PQ8zar
+5giPYZrGh5pCu/bflAsBGZyRx9keSsRK/bzqE0xeRAwTOir2V6g7LbSKLC04xKNc
+06/rHf1gslHNNOC3SjHvPyPfTJFHG9Tm+J5OoGo/Rr/W+GNgFMsFJ1fIq1VedpTt
+ov4CBnBgew8uHTwCoiL6T7f/ttd206A6nhEZ9tWFf8v0o6+y6Z7g0VniU9IuLRLr
+hXuKkxbBDZQRO8equlAKtbkqv6YFbGImmF/1YwP1/Ct1TR1BDM3m1UB6eez7BWEC
+gcEAx2RL8dJCVbKoRMjsKqNNh0R3vIz0+S8PTi3yjFjhggUCWOzlwMVFv/y0ztGf
+pj6Y41eaIdTwQu76uZra748Uj1Vwj5zAKXhb/THWoAidONFRj+qJ3ylDobrO5Fme
+RiCFlIfjNc6wYQiGqSMXTF02O67to44G+4zsrz+syIZO3ANOR+uB+LUNqvFKL5Kk
+BUDtU+r9poIoXkgYylzRb/6H0J+D0fcPGg+LHeRvp3DL6uueDN7eGXxdy7hF/q3L
+DqHlAoHBAMepUZUe5m6h6wIYWoaXPwvSeuBSHWUiGEqoNCrA/1tBI49AOjfn6ccy
+vu51ng/hEI/XpQ+QXvM/MNk3wyKe3HMjaPKiRbro9EFtva3pz3SrLoRHHzSGkzW3
+iTavg8RKo76Pz7MNEVqfkFn0pYr85EMIe4hmmrdR6nwd1oJY1CEMf4wllhWG+v1y
+901xLisuRZFE/X4ASvyDyY0Nh+9Cfd+80QS9fpZwuCR+mHQvIpp89F/Ohqyhk9CU
+HLncQD2f6QKBwBJZUX/UeJRIV6HU157o3kaXb2ljk1unEAKCyfJOb5o2ecvTKSV/
+Qfbz+3OY6Nc0pX8uXZnFbcLLGTmhXYp0IVE7bJtasnhegiCfyH97q3RCFv5md/+Y
+XYfxl/59nMoZThGoG6mk9qhHT5UbDJbTcR028Nl/RXc6tcE+29isO2+VwktuCczo
+ZHSZtdkA5qUxH2X8lxEOo0Zh3h4pQoDK7JavR0M4OCSOz5+VmQzQnYNl4WqPy+KO
+hlcsAwz301rqXQKBwHkY2+9q924gbM4vgTBiqY19EqPdihCd1kfprwJDXl21q2Cm
+HulrkqILyDwPQFf3NLlZnLZM5Rn5uKH2rTbhTWnUD0IiY9KSmhrY+ZNy3S2w6Zy3
+GlkcSkrpT6LIX039y0S4Ksw5X84sOzwkIweijLuPeIVpXetUFrlCy6jxQW/uCaox
+3c6euLpiMVZaEBuGjBEo2+rBOLnhIKyZiVn3ZSr/dXK/j/ik0zrnQYYuVHmI0hsN
+wycPNPzr6GReDuSRiQKBwChoS1Vvv49agWjyViIohGm6GHsY1Y1FNIqddHN5KgfA
+LGZRm8JhlTBPX89KgWUpemDjRHw84vqF46Md9+eeuovr697/fEVQ1W4FWJs9JLej
+2zmRlZqQgFnR6hdeeg1l7V8bPLR1zfl0R7+UkguP1xuI55fZc9H5icMCrOOCo1ug
+vdBrhNl4Swzn+wTVY62J/GX86Rfeybvn+BJQW4RCuKFqcxqctPuR5i+wMOxKWZP3
+fMq1U6czbhYvEjp3Y42Exw==
+-----END PRIVATE KEY-----