From fe09d43715bdd74c4f00ea517fdef95e44293775 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandeep=20More=CC=81?= <moresandeep@gmail.com>
Date: Mon, 23 Mar 2026 11:27:10 -0400
Subject: [PATCH 1/2] KNOX-3280 - Added Knoxshell Tests

---
 .github/workflows/compose/docker-compose.yml | 13 ++-
 .github/workflows/tests/test_knoxshell.py    | 92 ++++++++++++++++++++
 test-compose.yml                             | 16 ++++
 3 files changed, 117 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/tests/test_knoxshell.py
 create mode 100644 test-compose.yml

diff --git a/.github/workflows/compose/docker-compose.yml b/.github/workflows/compose/docker-compose.yml
index 3aa1798edc..a616d365fd 100644
--- a/.github/workflows/compose/docker-compose.yml
+++ b/.github/workflows/compose/docker-compose.yml
@@ -37,27 +37,32 @@ services:
 
   knox:
     image: apache/knox-dev:local-${GITHUB_RUN_ID:-local}-${GITHUB_RUN_ID:-local}
-    command: /gateway.sh
+    command: sh -c "cp -a /knox-runtime/knoxshell/. /shared-knoxshell/ && /gateway.sh"
     volumes:
 #      - ./topologies:/knox-runtime/conf/topologies
       - ./logs:/knox-runtime/logs
-#      - ./knoxshell:/knoxshell
+      - knoxshell-vol:/shared-knoxshell
     depends_on:
       - ldap
 
   tests:
-    image: python:3.9-slim
+    image: python:3.9-bullseye
     working_dir: /tests
     volumes:
       - ../tests:/tests
+      - knoxshell-vol:/knoxshell
     environment:
       - KNOX_GATEWAY_URL=https://knox:8443/
     command: >
-      bash -c "pip install -r requirements.txt 
+      bash -c "apt-get update && apt-get install -y openjdk-17-jre
+      && pip install -r requirements.txt 
       && echo 'Waiting for knox...' 
       && sleep 30 
       && pytest --junitxml=test-results.xml"
     depends_on:
       - knox
 
+volumes:
+  knoxshell-vol:
+
 
diff --git a/.github/workflows/tests/test_knoxshell.py b/.github/workflows/tests/test_knoxshell.py
new file mode 100644
index 0000000000..8be95af4b6
--- /dev/null
+++ b/.github/workflows/tests/test_knoxshell.py
@@ -0,0 +1,92 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to you under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+import os
+import unittest
+import subprocess
+
+class TestKnoxShell(unittest.TestCase):
+    def setUp(self):
+        self.base_url = os.environ.get("KNOX_GATEWAY_URL", "https://knox:8443/")
+        if not self.base_url.endswith("/"):
+            self.base_url += "/"
+        self.knoxshell_dir = "/knoxshell"
+        self.knoxshell_bin = os.path.join(self.knoxshell_dir, "bin", "knoxshell.sh")
+        
+        # Check if knoxshell exists
+        if not os.path.exists(self.knoxshell_bin):
+            self.fail(f"KnoxShell binary not found at {self.knoxshell_bin}")
+            
+        # Ensure it's executable
+        os.chmod(self.knoxshell_bin, 0o755)
+
+    def test_1_build_trust_store(self):
+        """
+        Test basic connection by building the trust store.
+        """
+        print(f"\nTesting buildTrustStore against {self.base_url}")
+
+        # Run buildTrustStore
+        result = subprocess.run(
+            [self.knoxshell_bin, "buildTrustStore", self.base_url],
+            cwd=self.knoxshell_dir,
+            capture_output=True,
+            text=True
+        )
+        
+        print(f"STDOUT: {result.stdout}")
+        print(f"STDERR: {result.stderr}")
+        
+        self.assertEqual(result.returncode, 0, f"buildTrustStore failed with return code {result.returncode}")
+
+    def test_2_init_and_list_token(self):
+        """
+        Test acquiring a token via init and verifying it via list.
+        """
+        topology_url = self.base_url + "gateway/knoxldap"
+        print(f"\nTesting init and list against {topology_url}")
+
+        # Run init and pass credentials via stdin
+        # The prompt expects username then password
+        credentials = "guest\nguest-password\n"
+        
+        init_result = subprocess.run(
+            [self.knoxshell_bin, "init", topology_url],
+            cwd=self.knoxshell_dir,
+            input=credentials,
+            capture_output=True,
+            text=True
+        )
+        
+        print(f"INIT STDOUT: {init_result.stdout}")
+        print(f"INIT STDERR: {init_result.stderr}")
+        
+        self.assertEqual(init_result.returncode, 0, f"init failed with return code {init_result.returncode}")
+        
+        # Run list to verify the token
+        list_result = subprocess.run(
+            [self.knoxshell_bin, "list"],
+            cwd=self.knoxshell_dir,
+            capture_output=True,
+            text=True
+        )
+        
+        print(f"LIST STDOUT: {list_result.stdout}")
+        print(f"LIST STDERR: {list_result.stderr}")
+        
+        self.assertEqual(list_result.returncode, 0, f"list failed with return code {list_result.returncode}")
+        self.assertIn("knoxldap", list_result.stdout, "Token for knoxldap not found in list output")
+
+if __name__ == '__main__':
+    unittest.main()
diff --git a/test-compose.yml b/test-compose.yml
new file mode 100644
index 0000000000..95695f93e1
--- /dev/null
+++ b/test-compose.yml
@@ -0,0 +1,16 @@
+services:
+  knox:
+    image: alpine
+    command: sh -c "mkdir -p /knox-runtime/knoxshell && echo 'hello' > /knox-runtime/knoxshell/test.txt && sleep 10"
+    volumes:
+      - knoxshell-vol:/knox-runtime/knoxshell
+  tests:
+    image: alpine
+    command: sh -c "sleep 2 && cat /knoxshell/test.txt"
+    volumes:
+      - knoxshell-vol:/knoxshell
+    depends_on:
+      - knox
+
+volumes:
+  knoxshell-vol:

From d26e253df05dd08f5a462cee953e3c09db4fc19f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandeep=20More=CC=81?= <moresandeep@gmail.com>
Date: Tue, 24 Mar 2026 10:40:13 -0400
Subject: [PATCH 2/2] KNOX-3280 - Remove file that is not required but used for
 testing

---
 test-compose.yml | 16 ----------------
 1 file changed, 16 deletions(-)
 delete mode 100644 test-compose.yml

diff --git a/test-compose.yml b/test-compose.yml
deleted file mode 100644
index 95695f93e1..0000000000
--- a/test-compose.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-services:
-  knox:
-    image: alpine
-    command: sh -c "mkdir -p /knox-runtime/knoxshell && echo 'hello' > /knox-runtime/knoxshell/test.txt && sleep 10"
-    volumes:
-      - knoxshell-vol:/knox-runtime/knoxshell
-  tests:
-    image: alpine
-    command: sh -c "sleep 2 && cat /knoxshell/test.txt"
-    volumes:
-      - knoxshell-vol:/knoxshell
-    depends_on:
-      - knox
-
-volumes:
-  knoxshell-vol: