What is the equivalent to --cacerts in Scala or Java? - scala

In my development and qa environments, I will be hitting a rest endpoint using internally signed certs. The policy where I work is to put internal certs in a separate bundle on our Linux servers.
The following works perfectly well in curl:
curl -X GET -H "Content-Type: application/json" -H "Accept: application/json" --negotiate --cacert /etc/pki/tls/out-internal-bundle.pem -u : "https://<dev or qa root>/api/profile/8461869a8b6e4558b20b14411337440b"
My actual client for this endpoint is written in Scala, however. Currently I'm making my call using scala.io.Source:
val url = s"$baseUrl/data-profiler/$id"
using(Source.fromURL(url)) { source => {
val result = source.mkString
val jsonAst = result.parseJson
jsonAst.convertTo[Job]
}}
I would like to figure out how, in my dev and qa environments, to use our internal bundle. Anyone doing that in Scala or Java?

You need to configure the "truststore" used by the JVM, with the "javax.net.ssl.trustStore" option when you launch java, i.e.
java -Djavax.net.ssl.trustStore=/etc/pki/tls/out-internal-bundle.jks ...
(sbt will take the same -D argument if you are using SBT to launch your app)
You'll need to get your CA certs into JKS format.
See:
Curl cacert to Java HttpClient equivalent
https://docs.oracle.com/cd/E19509-01/820-3503/6nf1il6er/index.html
http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#X509TrustManager

I would entirely recommend you to use Gatling for this kind of things. Gatling is a really cool framework for load-testing and it provides support for many protocols like jms, jdbc, and of course http among others. Please take a look on it here http://gatling.io/#/ (This framework is build on Scala) and it provides support for the things that you are searching for

Related

VMWare REST Api - access VM host details via REST API

I'm using the VMWare REST API (/api/vcenter/host) to query information about the VM Hosts registered on a vCenter. At the moment I can only seem to get basic info like this :
{
"host": "host-10",
"name": "192.168.18.89",
"connection_state": "CONNECTED",
"power_state": "POWERED_ON"
}
but the Powershell "Get-VMHost | Format-List" has much more useful information such as ESXi version, hardware specs etc.
Can I get this kind of information via the REST API as well?
Thanks!
Yes you can get that kind of information, depending on exactly what info you are wanting. The REST API references are here that you can use to look up what you need. https://developer.vmware.com/apis/vsphere-automation/latest/
For example if you want to know what software is installed you can do something like this.
export basepw=$(echo -n 'administrator#vsphere.local:{password}' | base64)
export token3=$(curl -k -X POST -H "Authorization: Basic ${basepw}" https://{vCenterIP}/api/session/ | tr -d '"')
curl -k -X GET -H "vmware-api-session-id: ${token}" "https://{vCenterIP}/api/esx/software" -H "Content-Type: application/json" -d '{ "auth_type": "EXISTING", "host": "{host-##}"}' | jq .
It looks like vSphere 8 has more options that might fit what you want, like extracting the config https://developer.vmware.com/apis/vsphere-automation/latest/esx/settings/hosts.configuration/
From the looks, some other SDKs would be more developed that the REST API current state. Personally I like govmomi and pyvmomi and both have a CLI tool that can get you started pretty fast. The cli tool for govmomi, govc, doesn't require anything extra to run, so it is fairly portable and might help you with what you are doing.
https://github.com/vmware/govmomi
https://github.com/vmware/pyvmomi

How to use mitmdump to translate http2 to local http?

I want to use curl http://127.0.0.1:8033/api/v1 to access https://http2.pro/api/v1 with HTTP/2
This API url will return whether the client using http2.
I have tried: (I'm using latest version 5.0.1)
./mitmdump -p 8033 --http2 --set http2_priority=true --mode reverse:https://http2.pro:443
However curl 127.0.0.1:8033/api/v1 still gives:
{"http2":0,"protocol":"HTTP\/1.1","push":0,"user_agent":"curl\/7.69.1-DEV"}
In contrast, curl https://http2.pro/api/v1 --http2 gives: (this is what I expected)
{"http2":1,"protocol":"HTTP\/2.0","push":0,"user_agent":"curl\/7.69.1-DEV"}
mitmproxy currently does not support converting between HTTP/1 and HTTP/2. For HTTP/2 to happen, both endpoints need to speak it. It is on our todo list and will hopefully be possible soon (https://github.com/mitmproxy/mitmproxy/issues/1775).

Unable to import test results to jira via rest api

i'm using the following curl command to import the output.xml file into jira test execution key and receiving error as below. I'm sure the test execution key is existing in jira and the project id is also correct. Any pointers?
curl -H "Content-Type: multipart/form-data" -u userid:pass -F "file=#output.xml" "https://server/rest/raven/latest/import/execution/robot?projectKey=PROJKEY+and+testExecKey=TESTEXNKEY" -o error.txt
The error i receive is as below
The User "userid" does not have permission to create issues
Why does it try to create new issue while the issue already exists? And why does it say the user doesn't have access when the access is there?
You probably mean Xray add-on and you probably use the same request per their documentation. The problem seems to be with your parameter syntax. It should be .../robot/?projectKey=PROJKEY&testExecKey=TESTEXNKEY (i.e. & instead of +and+).
Plus I would explicitly specify it's a POST request: curl -X POST ....
But their error message is not clear, anyway. I don't have Xray available right now, but if you keep having troubles, I would recommend checking with their support.

IBM Urbancode Deploy get current component versions deployed to an environment

I am trying get current component version of component that is deployed to an environment in UCD via REST API/Curl command . Below is sample code which returns all versions of that component which is available in UCD. It does not give me latest version of that component deployed to an environment. Any help / suggestion?
curl -k -u userName:passw0rd \
-H "Accept: application/json" \
"https://myserver.example.com:8443/rest/deploy/environment/{environmentID}/versions/{componentID}"
uDeploy has a bunch of api endpoints that are undocumented. I could not figure out how to do this from their docs but inspecting the uDeploy web interface many times can help you find the endpoint to hit.
https://{your-udeploy-url}/rest/deploy/environment/{your-environment-id}/latestDesiredInventory/true?rowsPerPage=10000&pageNumber=1&orderField=name&sortType=desc
This will return json that you can parse to get the versions deployed in an environment.

How to send -k or ignore cert verification in scala play framework wsclient?

Is there a way to ignore certs or send an curl -k equivalent when making a single wsclient post call in playframework?
You can do this by manually creating an instance of WSClient with a separate config, which has ssl-config.loose.acceptAnyCertificate=true and using it for this single call.
However you will be vulnerable to Man in the Middle attacks in this call, so don't use it for anything you need to trust.
More information on creating the WSClient instance in the Play official documentation:
https://www.playframework.com/documentation/2.6.x/ScalaWS#directly-creating-wsclient