I have created JMeter script that need to be used for different environments like Staging, Production, etc. I want to dynamically change the IP address.
Can someone let me know how can I proceed with this?
Remove all the IP, port, protocol details from the HTTP Sampler.
Add HTTP Request Defaults under test plan - in which you can update IP, Port & Protocol details. So, just changing it one place will do for entire test.
As you need to change it dynamically, use property file/properties. for example.. (these names can be anything)
host.ip=10.11.12.13
host.port=443
host.protocol=https
You can pass the properties via command line argument to the test.
jmeter -n -t /path/to/test.jmx -l /path/to/result.jtl -Jhost.ip=10.111.12.13 -Jhost.port=443 -Jhost.protocol=https -Jtest.duration=300
J - defines a local JMeter property.
In the test, access these values using ${__P(host.ip)},${__P(host.port)}..etc
If you have a lot of properties, You can have a look at the Property File Reader. I have been using this for a while & I love it.
Advantage is - even in the GUI mode, it will work great.
http://www.testautomationguru.com/jmeter-property-file-reader-a-custom-config-element/
If you use the Property File Reader & pass the property file name itself dynamically, then use
jmeter -n -t /path/to/test.jmx -l /path/to/result.jtl -Jproperty.file.path=/path/to/file.properties
Then access it using ${__P(property.file.path)} in the File Path.
Related
Currently, I use a single SSM parameter to store a set of properties separated by newlines, like this:
property1=value1
property2=value2
property3=value3
(I am aware of the 4K size limit, it's fine.)
This works well, for normal String type parameters that store non-sensitive information like environment configuration, but I'd also like to do similar for secrets using the SecureString parameter type.
The problem is that I can't edit the parameter value in the console because it's using a HTML input field of type="password" that doesn't handle newlines.
The multi-line value works fine with the actual parameter store backend - I can set a value with multiple lines with the SSM API no problem and they can be read with the EC2 CLI properly too.
But I can't edit them using the console. This is a problem because the whole point of using a SecureString parameter is that I intend the only place to edit/view these secrets to be via the console (so that permissions are controlled and access is audited).
There's a few infrastructure workarounds I could implement (one parameter for each secret, store the secrets on S3 or other secret storing service, etc.) but they all have drawbacks - I'm just trying to find out if there's a way around this using the console?
Is there any way I can work around this and use the console to edit multi-line SecureString parameters?
Any kind of browser workaround or hack that I might be able to use to tell the browser to use a textarea instead of a "password" type field?
I'm using Chrome, but I'd be happy to work around this by using another browser or something (editing the secrets is pretty rare, and viewing multi-line values in the console works fine).
EDIT
After posting this question, AWS notified me there was a whole new "AWS Systems Manager" UI, but it still has the same problem - I tried the below browser hacks on this new UI, but no luck.
Failed browser hack attempt 1: I tried opening the browser console, running document.getElementById("Value").value = "value1\nvalue2" and then clicking the save button, which set the value I injectec, but the newline was filtered out.
Failed browser hack attempt 2: I tried using the browser instpector to change the element to a TextArea and then typed in two lines of input and clicked save, but that didn't set the value at all.
From https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-file, I learned you can pass a file as parameter to the --value argument. So if your file is called secrets.properties, you can do this:
aws ssm put-parameter --type SecureString --name secrets --value file://secrets.properties
I found a way to do it, but it's too much effort and too weird - if anyone can find a simpler way, I will mark that as the answer.
The hacky workaround is to install the "Tamper Chrome" extension + app, then capture the XHR request as the browser sends it and edit the new lines into the JSON.
Blech. Plus "Tamper Chrome" is pretty awful, I don't want to run it on my machine.
This might be better to use the new secrets manager that was launched recently. The interface for it is very close to parameter store but it has better support for multiple parameters in one place.
I wonder if the change in the console was due to the expected release of the service since they have a pricing model around secrets whereas parameter store is free
In the end, I decided the answer to this question is "don't do that". Not that I would've wanted to hear that when I was trying to make it work.
You should use a separate SSM param per secret for these reasons:
ability to grant permissions at fine grained level; e.g. you have an API password for calling your service, and a DB password for the service talk to a DB - if you store them in the same secret you couldn't only grant access to the API password.
ability to track key access separately - the SSM access logs can only tell you that the target machine/user accessed the SSM param at that time, it won't be able to tell you which secret was accessed
ability to use separate KMS keys to encrypt
Just watch out for the fact that you can only request a max of 10 SSM params at a time.
if you want, you can try with my app https://github.com/ledongthuc/awssecretsmanagerui
I try to create it to easier to update multi-line values and binary easier. Hope it's helpful with your case.
I want to link Tasks to our Bitbucket server. However, when I try to add the server (Tools > Tasks & Content > Configure servers), it wants me to choose a server type.
Q1. I have no idea what type to select. I haven't found any reference for this question.
Q2. If a type is chosen, it asks for the server url. Do I need just https://bitbucket.org or do I need something more specific?
Tools > Tasks & Content > Configure servers
Add Server type Generic
Tab: General
Server URL: https://api.bitbucket.org/2.0/repositories/*YOUR LOGIN*/*REPO_NAME*
Fill Username & Password
Put a tick in the Use HTTP authentication
Tab: Commit message
{summary} #{id} - When commiting ID will be set tasks
Tab: Server Configuration
Tasks List URL: {serverUrl}/issues?status=new&status=open
Single Task URL: {serverUrl}/issues/{id}
Response Type : JSON
and then fill the data as shown is not the screenshot
(screenshot)
Adding to the accepted answer, please note that version 2.0 of the Bitbucket API uses a different format for parameters noted here: Bitbucket API 2.0: Filter and sort API objects
The Task List URL should be: {serverUrl}/issues?q=%28state+%3D+%22new%22+OR+state+%3D+%22open%22%29
I see that AWS posts a json file with all their IP ranges here (Actual JSON HERE)
I was thinking of using this json file to check against every incoming connection in my node app but firstly I was wondering if it would be far too much overhead to loop through it for every request?
Secondly, I wasn't sure exactly how to go about this, as many IP ranges are formatted differently eg.
43.250.192.0/24
46.51.128.0/18
27.0.0.0/22
I'm not too sure what them suffix's mean.
Has anyone don something similar?
Your first concern is correct - it's a lot of overhead to loop through Amazon's IPs for each request. This should be handled at the firewall.
Nevertheless, the ip_prefix field Amazon is providing can be used to ensure valid IP addresses exist within that subnet. The node-ip module can help with this. It has a cidrSubnet function that can be used to test a prefix against a user's IP. See the below coffeescript.
ip = require 'node-ip'
amazonIPs = require 'amazonIPs.json'
someUsersIP = '192.168.1.190'
for prefix in amazonIPs.prefix
if ip.cidrSubnet(prefix).contains(someUsersIP)
console.log "#{someUsersIP} is within the #{prefix} range"
I am trying to run play activator template named "playStartApp".
But, it is giving me following runtime exception:
RuntimeException: smtp.host needs to be set in application.conf in order to use this plugin (or set smtp.mock to true)\
java.lang.RuntimeException: smtp.host needs to be set in application.conf in order to use this plugin (or set smtp.mock to true)
com.typesafe.plugin.CommonsMailerPlugin$$anonfun$4.apply(MailerPlugin.scala:329)
com.typesafe.plugin.CommonsMailerPlugin$$anonfun$4.apply(MailerPlugin.scala:329)
scala.Option.getOrElse(Option.scala:120)
com.typesafe.plugin.CommonsMailerPlugin.mailerInstance$lzycompute(MailerPlugin.scala:329)
com.typesafe.plugin.CommonsMailerPlugin.mailerInstance(MailerPlugin.scala:326)
com.typesafe.plugin.CommonsMailerPlugin.onStart(MailerPlugin.scala:343)
play.api.Play$$anonfun$start$1$$anonfun$apply$mcV$sp$1.apply(Play.scala:91)`
I tried both:
- set mail.smtp=mock
- mail.smtp.host=smtp.gmail.com
mail.smtp.user=yourGmailLogin
mail.smtp.pass=yourGmailPassword
mail.smtp.channel=ssl
pls suggest how to resolve this?
In the "playStartApp" activator template, you can either -
Use a mock mailer, by entering the following in conf/application.conf
smtp.mock=true
The mock option will render email output to the console. If you are using the Activator UI, you'll be able to see the mail output in the logs on the "Run" tab.
Mention the SMTP server details in conf/application.conf
smtp.host=smtp.gmail.com
smtp.port=587
smtp.user="user#gmail.com"
smtp.password="password"
smtp.ssl=true
mail.from="PlayStartApp#yourdomain.com"
mail.sign=The PlayStartApp Team
You can use gmail servers for sending mails as well, which I have mentioned above.
Alternatively, in the "playStartApp", just rename conf/mail.conf.example to conf/mail.conf and move all your SMTP related configuration here. Please note that conf/mail.conf is mentioned in .gitignore.
Resources (Play Documentation):
Mail configuration parameters
SMTP Configuratoin
I am using R to write a program and perform some analyses. The data is being captured by an outside vendor with MongoDB in JSON format. They are providing it to me via a URI on port 443, which they want me to query using cURL. They have authentication in place and self signed SSL.
I can authenticate and dump the data via curl in Windows, however to create a long term sustainable solution it needs to all be done within R.
The vendor says that RCurl "should" work but they aren't providing any support and they basically just don't like the idea of using RMongo and have no comment on it (but if we could make it work that would be awesome, in my opinion).
I have the following packages loaded
- ggplot2
- DBI
- rjson
- RJSONIO (I sometimes don't load this one if I'm using rjson, or visa versa)
- RMongo
- rstudio
- RCurl
The self signed certificate caused issues even with curl, but those were resolved by editing settings in Ruby and then launching a cmd shell with Ruby and using curl that way. I'm not sure if the problems in R are related.
When trying to go the RCurl route I end up with commands/errors like this:
x <- getURL("https://xxx.xx.xxx.xxx:443/db/_authenticate", userpwd="xxxx:xxxxx") }{Error in function (type, msg, asError = TRUE) : couldn't connect to host
and when trying to use RMongo I'm even more clueless...
> mongo <- mongoDbConnect("xxx.xx.xxx.xxx")
username = "xxxx"
password="xxxxxxxxxxxxx"
authenticated <- dbAuthenticate(mongo, username, password)
Feb 25, 2013 4:00:09 PM com.mongodb.DBTCPConnector fetchMaxBsonObjectSize
WARNING: Exception determining maxBSON size using0
java.io.IOException: couldn't connect to [/127.0.0.1:27017] bc:java.net.ConnectException: Connection refused: connect
at com.mongodb.DBPort.open(DBPort.java:224)
at com.mongodb.DBPort.go(DBPort.java:101)
at com.mongodb.DBPort.go(DBPort.java:82)
at com.mongodb.DBPort.findOne(DBPort.java:142)
at com.mongodb.DBPort.runCommand(DBPort.java:151)
at com.mongodb.DBTCPConnector.fetchMaxBsonObjectSize(DBTCPConnector.java:429)
at com.mongodb.DBTCPConnector.checkMaster(DBTCPConnector.java:416)
at com.mongodb.DBTCPConnector.call(DBTCPConnector.java:193)
at com.mongodb.DBApiLayer$MyCollection._find(DBApiLayer.java:303)
at com.mongodb.DB.command(DB.java:159)
at com.mongodb.DB.command(DB.java:144)
at com.mongodb.DB._doauth(DB.java:503)
at com.mongodb.DB.authenticate(DB.java:440)
at rmongo.RMongo.dbAuthenticate(RMongo.scala:24)
Error in .jcall(rmongo.object#javaMongo, "Z", "dbAuthenticate", username, :
com.mongodb.MongoException$Network: can't call something
Feb 25, 2013 4:00:10 PM com.mongodb.DBPortPool gotError
WARNING: emptying DBPortPool to 127.0.0.1:27017 b/c of error
java.io.IOException: couldn't connect to [/127.0.0.1:27017] bc:java.net.ConnectException: Connection refused: connect
at com.mongodb.DBPort._open(DBPort.java:224)
at com.mongodb.DBPort.go(DBPort.java:101)
at com.mongodb.DBPort.go(DBPort.java:82)
at com.mongodb.DBPort.call(DBPort.java:72)
at com.mongodb.DBTCPConnector.call(DBTCPConnector.java:202)
at com.mongodb.DBApiLayer$MyCollection.__find(DBApiLayer.java:303)
at com.mongodb.DB.command(DB.java:159)
at com.mongodb.DB.command(DB.java:144)
at com.mongodb.DB._doauth(DB.java:503)
at com.mongodb.DB.authenticate(DB.java:440)
at rmongo.RMongo.dbAuthenticate(RMongo.scala:24)
any help would be greatly appreciated!
I had an issue in the past with RCurl where I needed to explicitly point it toward the security certificates to get it to work okay. I ended up needing something like this:
out <- postForm("https://url.org/api/",
token="IMATOKEN",
.opts=curlOptions(cainfo="C:/path/aaa.crt"))
I had manually exported the certificate I needed to get that working.
Also, it kind of looks like you should be doing a POST request given that URI, not a GET. Try the postForm() command, maybe?
EDITED TO ADD:
Okay, I think things might be a little more clear if we stepped back a second. Is your goal to get some file from a specific URL (basically, doing a wget but from within R)? Or is your goal to submit a form that subsequently returns the data you need?
IF you are just trying to get something that is behind basic (and also fairly INSECURE) HTTP authentication, you should do two things:
Tell your data provider to use a more secure option
Use the getURL() option as shown (using the www.omegahat.org example you posted about):
Code:
getURL("http://www.omegahat.org/RCurl/testPassword/",.opts=list(userpwd="bob:welcome"))
OR
getURL("http://bob:welcome#www.omegahat.org/RCurl/testPassword/")
Now, if you need to submit a form to get the data, you would generally pass authentication tokens, etc, as parameters (so, in the example above, `token='.