Merge pull request #225 from betamaxteam/224

Leveraging /dev/urandom as the `SecureRandom` generation source

.travis.yml

@@ -1,21 +1,22 @@
-language: groovy
+sudo: required 
+
+services:
+  - docker
+
 env:
   global:
     - TERM=dumb 
     - SONATYPE_USERNAME=cowboygneox
     - secure: "DC7mxVvqGunaigj8rq2piYuOuISCnM4iwBF8iTSEm8pTjV2ZZfW8FqJ26ALhmQE97/YeUssGTZrcE+CcUWtoCupr6kkY05smm2PlEQxBynw2fWURfxFFIYSqsjqbpctMySS35vckfR9yie2LSDWrUHGBQ1dT9NOBY/w2VF6uazE="
-cache:
-  directories:
-    - $HOME/.gradle
+
 script:
-  - sudo keytool -importcert -keystore $JAVA_HOME/jre/lib/security/cacerts -file betamax.pem -storepass changeit -noprompt
-  - jdk_switcher use oraclejdk8
-  - ./gradlew clean build --info --stacktrace
-  - jdk_switcher use oraclejdk7
-  - ./gradlew clean build --info --stacktrace
+  - docker run --rm -v $PWD:/app betamax/betamax:jdk7 /bin/bash -c "cd /app; ./gradlew clean build"
+  - docker run --rm -v $PWD:/app betamax/betamax:jdk8 /bin/bash -c "cd /app; ./gradlew clean build"
+
 after_success:
-  - "[[ $TRAVIS_BRANCH == \"master\" ]] && { ./gradlew uploadArchives; };"
+  - "[[ $TRAVIS_BRANCH == \"master\" ]] && { docker run --rm -v $PWD:/app betamax/betamax:jdk8 /bin/bash -c \"cd /app; ./gradlew uploadArchives\"; };"
+
 notifications:
   slack:
     secure: q94sSrSItRWrkAw418c93vCyruOmvRPdX9B7KvIVyY6rN/3PGKN9HvkohmR12wEHxwBbYW2tgqKirDy24gphaEltDZOHvOT7o/RPHP26TMl8nhgD2L4tNztvUHZkLdULNke/7d6Wt48JctqDG/3o48EDcJ3444x6X7Met475vKc=
-sudo: required 
+

Dockerfile-jdk7

@@ -1,3 +1,4 @@
-FROM java:7
+FROM openjdk:7u111-jdk
 ADD betamax.pem /
 RUN keytool -importcert -keystore $JAVA_HOME/jre/lib/security/cacerts -file betamax.pem -storepass changeit -noprompt
+RUN sed -i -e 's/securerandom.source=file:\/dev\/random/securerandom.source=file:\/dev\/urandom/' $JAVA_HOME/jre/lib/security/java.security

Dockerfile-jdk8

@@ -1,3 +1,4 @@
-FROM java:8
+FROM openjdk:8u111-jdk
 ADD betamax.pem /
 RUN keytool -importcert -keystore $JAVA_HOME/jre/lib/security/cacerts -file betamax.pem -storepass changeit -noprompt
+RUN sed -i -e 's/securerandom.source=file:\/dev\/random/securerandom.source=file:\/dev\/urandom/' $JAVA_HOME/jre/lib/security/java.security

readme.md

@@ -50,14 +50,20 @@ JDK 7 dramatically increased the security of the JVM, making it much more diffic
 
 **For all environments where tests are being run, a one-time installation of the Betamax certificate into Java's `cacerts` is necessary.**
 
-	keytool -importcert -keystore $JAVA_HOME/jre/lib/security/cacerts -file betamax.pem -alias betamax -storepass changeit -noprompt
-	
+    keytool -importcert -keystore $JAVA_HOME/jre/lib/security/cacerts -file betamax.pem -alias betamax -storepass changeit -noprompt
+
 *Notes:*
 
 1. `sudo` will likely be required for unix-based operating systems
 2. `betamax.pem` is included in the `betamax-core.jar`, but it's probably best to pull it from GitHub.
 3. `betamax.pem` shouldn't have a need to change for the foreseeable future, so this installation should last for the life of the tests.
 
+`SecureRandom` requires a significant amount of entropy in order to generate random numbers, and when using SSL, Betamax stresses this aggressively. When `SecureRandom` fails to generate a random in a given time frame (usually around 3 seconds), a test will fail with almost no indiciation as to why, other than an SSL error occurred. It is likely best to get ahead of that issue before it becomes one, especially if your CI environment is Docker/Virtual Machine based.
+
+**To ensure `SecureRandom` will have adequate entropy on Unix-based systems:**
+
+    sed -i -e 's/securerandom.source=file:\/dev\/random/securerandom.source=file:\/dev\/urandom/' $JAVA_HOME/jre/lib/security/java.security
+
 **Files to Ignore:**
 
 Betamax generates files with the following extensions that should not be committed to source control: