From e95e8d4eecf6b1ecbb2aa6e45a3f6c4c7e4c4d21 Mon Sep 17 00:00:00 2001
From: Matt Van Dijk <mvandijk@tesora.com>
Date: Fri, 4 Sep 2015 12:24:13 -0400
Subject: [PATCH] Disable MongoDB cluster security

Having the cluster secure without the trove cluster datastore action
features makes them inaccessible.
Fix by disabling the mongo security configuration settings for cluster
instances.

Change-Id: I1832b00eff0e7014129d3de67722d044e8e13ff9
Closes-bug: bug/1492378
---
 trove/guestagent/datastore/experimental/mongodb/service.py | 7 ++++---
 .../unittests/guestagent/test_mongodb_cluster_manager.py   | 7 ++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/trove/guestagent/datastore/experimental/mongodb/service.py b/trove/guestagent/datastore/experimental/mongodb/service.py
index 9a766024db..e0abe2016d 100644
--- a/trove/guestagent/datastore/experimental/mongodb/service.py
+++ b/trove/guestagent/datastore/experimental/mongodb/service.py
@@ -304,9 +304,10 @@ class MongoDBApp(object):
         # Store the cluster member authentication key.
         self.store_key(key_value)
 
-        self.configuration_manager.apply_system_override(
-            {'security.clusterAuthMode': 'keyFile',
-             'security.keyFile': self.get_key_file()}, CNF_CLUSTER)
+        # TODO(mvandijk): enable cluster security once Trove features are in
+        # self.configuration_manager.apply_system_override(
+        #     {'security.clusterAuthMode': 'keyFile',
+        #      'security.keyFile': self.get_key_file()}, CNF_CLUSTER)
 
     def _configure_network(self, port=None):
         """Make the service accessible at a given (or default if not) port.
diff --git a/trove/tests/unittests/guestagent/test_mongodb_cluster_manager.py b/trove/tests/unittests/guestagent/test_mongodb_cluster_manager.py
index 9d84650ef9..9d24ffd144 100644
--- a/trove/tests/unittests/guestagent/test_mongodb_cluster_manager.py
+++ b/trove/tests/unittests/guestagent/test_mongodb_cluster_manager.py
@@ -164,9 +164,10 @@ class GuestAgentMongoDBClusterManagerTest(trove_testtools.TestCase):
     def test_configure_cluster_security(self, get_key_mock, store_key_mock):
         self.manager.app._configure_cluster_security('key')
         store_key_mock.assert_called_once_with('key')
-        self.conf_mgr.apply_system_override.assert_called_once_with(
-            {'security.clusterAuthMode': 'keyFile',
-             'security.keyFile': '/var/keypath'}, 'clustering')
+        # TODO(mvandijk): enable cluster security once Trove features are in
+        # self.conf_mgr.apply_system_override.assert_called_once_with(
+        #     {'security.clusterAuthMode': 'keyFile',
+        #      'security.keyFile': '/var/keypath'}, 'clustering')
 
     @mock.patch.object(netutils, 'get_my_ipv4', return_value="10.0.0.2")
     def test_configure_network(self, ip_mock):