Revert "Security Provider Flag"

nebhale · nebhale · commit e06790a4e122 · 2018-02-15T11:36:38.000-08:00
This reverts commit acab25d.
diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
diff --git a/config/container_security_provider.yml b/config/container_security_provider.yml
@@ -17,4 +17,3 @@
 ---
 version: 1.+
 repository_root: "{default.repository.root}/container-security-provider"
-enabled: true
diff --git a/docs/framework-container_security_provider.md b/docs/framework-container_security_provider.md
@@ -22,7 +22,6 @@ The framework can be configured by modifying the [`config/container_security_pro
 | ---- | -----------
 | `repository_root` | The URL of the Container Customizer repository index ([details][repositories]).
 | `version` | The version of Container Customizer to use. Candidate versions can be found in [this listing][].
-| `enabled` | Whether to enable the `SecurityProvider`
 
 ## Security Provider
 The [security provider][] added by this framework contributes two types, a `TrustManagerFactory` and a `KeyManagerFactory`.  The `TrustManagerFactory` adds an additional new `TrustManager` after the configured system `TrustManager` which reads the contents of `/etc/ssl/certs/ca-certificates.crt` which is where [BOSH trusted certificates][] are placed.  The `KeyManagerFactory` adds an additional `KeyManager` after the configured system `KeyManager` which reads the contents of the files specified by `$CF_INSTANCE_CERT` and `$CF_INSTANCE_KEY` which are set by Diego to give each container a unique cryptographic identity.  These `TrustManager`s and `KeyManager`s are used transparently by any networking library that reads standard system SSL configuration and can be used to enable system-wide trust and [mutual TLS authentication][].
diff --git a/lib/java_buildpack/framework/container_security_provider.rb b/lib/java_buildpack/framework/container_security_provider.rb
@@ -44,13 +44,7 @@ def release
 
       # (see JavaBuildpack::Component::VersionedDependencyComponent#supports?)
       def supports?
-        enabled?
-      end
-
-      private
-
-      def enabled?
-        @configuration['enabled']
+        true
       end
 
     end
diff --git a/spec/java_buildpack/framework/container_security_provider_spec.rb b/spec/java_buildpack/framework/container_security_provider_spec.rb
@@ -22,70 +22,51 @@
 describe JavaBuildpack::Framework::ContainerSecurityProvider do
   include_context 'with component help'
 
-  let(:java_home) do
-    java_home         = JavaBuildpack::Component::MutableJavaHome.new
-    java_home.version = version_8
-    return java_home
+  it 'always detects' do
+    expect(component.detect).to eq("container-security-provider=#{version}")
   end
 
-  let(:version_8) { JavaBuildpack::Util::TokenizedVersion.new('1.8.0_162') }
+  it 'adds extension directory' do
+    component.release
 
-  let(:version_9) { JavaBuildpack::Util::TokenizedVersion.new('9.0.4_11') }
-
-  it 'does not detect if not enabled' do
-    expect(component.detect).to be_nil
+    expect(extension_directories).to include(droplet.sandbox)
   end
 
-  context 'when enabled' do
+  it 'adds security provider',
+     cache_fixture: 'stub-container-security-provider.jar' do
 
-    let(:configuration) { { 'enabled' => true } }
+    component.compile
+    expect(security_providers[1]).to eq('org.cloudfoundry.security.CloudFoundryContainerProvider')
+  end
 
-    it 'detects if enabled' do
-      expect(component.detect).to eq("container-security-provider=#{version}")
-    end
+  context do
 
-    it 'adds extension directory' do
-      component.release
+    let(:java_home_delegate) do
+      delegate         = JavaBuildpack::Component::MutableJavaHome.new
+      delegate.root    = app_dir + '.test-java-home'
+      delegate.version = JavaBuildpack::Util::TokenizedVersion.new('9.0.0')
 
-      expect(extension_directories).to include(droplet.sandbox)
+      delegate
     end
 
-    it 'adds security provider',
+    it 'adds JAR to classpath during compile in Java 9',
        cache_fixture: 'stub-container-security-provider.jar' do
 
       component.compile
 
-      expect(security_providers[1]).to eq('org.cloudfoundry.security.CloudFoundryContainerProvider')
+      expect(additional_libraries).to include(droplet.sandbox + "container_security_provider-#{version}.jar")
     end
 
-    context 'when java 9' do
-
-      it 'adds JAR to classpath during compile in Java 9',
-         cache_fixture: 'stub-container-security-provider.jar' do
-
-        java_home.version = version_9
-
-        component.compile
-
-        expect(additional_libraries).to include(droplet.sandbox + "container_security_provider-#{version}.jar")
-      end
-
-      it 'adds JAR to classpath during release in Java 9' do
-        java_home.version = version_9
-
-        component.release
-
-        expect(additional_libraries).to include(droplet.sandbox + "container_security_provider-#{version}.jar")
-      end
-
-      it 'adds does not add extension directory in Java 9' do
-        java_home.version = version_9
+    it 'adds JAR to classpath during release in Java 9' do
+      component.release
 
-        component.release
+      expect(additional_libraries).to include(droplet.sandbox + "container_security_provider-#{version}.jar")
+    end
 
-        expect(extension_directories).not_to include(droplet.sandbox)
-      end
+    it 'adds does not add extension directory in Java 9' do
+      component.release
 
+      expect(extension_directories).not_to include(droplet.sandbox)
     end
 
   end
