diff options
| author | Jonathon Reinhart <Jonathon.Reinhart@gmail.com> | 2020-06-23 05:37:52 +0300 |
|---|---|---|
| committer | Jonathon Reinhart <Jonathon.Reinhart@gmail.com> | 2020-06-30 03:31:58 +0300 |
| commit | e8684587cd939bf32d9952a1d2ed3c4d288fd7e5 (patch) | |
| tree | 63b02f29d7166eefebbf89168b82ccf14568ecfe | |
| parent | 2efbc0cafb4d99955c4fdb9808ea8020fc532c1d (diff) | |
Add SSL_CERT_DIR acceptance test
| -rw-r--r-- | acceptance_test.go | 14 | ||||
| -rw-r--r-- | helpers_test.go | 56 |
2 files changed, 60 insertions, 10 deletions
diff --git a/acceptance_test.go b/acceptance_test.go index 9497511a..e8f7fe1a 100644 --- a/acceptance_test.go +++ b/acceptance_test.go @@ -1243,7 +1243,9 @@ func setupTransport(t *testing.T) { transport.ResponseHeaderTimeout = 5 * time.Second } -func TestAccessControl(t *testing.T) { +type runPagesFunc func(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, sslCertFile string, authServer string) func() + +func testAccessControl(t *testing.T, runPages runPagesFunc) { skipUnlessEnabled(t, "not-inplace-chroot") setupTransport(t) @@ -1340,7 +1342,7 @@ func TestAccessControl(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - teardown := RunPagesProcessWithAuthServerWithSSL(t, *pagesBinary, listeners, "", certFile, testServer.URL) + teardown := runPages(t, *pagesBinary, listeners, "", certFile, testServer.URL) defer teardown() rsp, err := GetRedirectPage(t, httpsListener, tt.host, tt.path) @@ -1406,6 +1408,14 @@ func TestAccessControl(t *testing.T) { } } +func TestAccessControlWithSSLCertFile(t *testing.T) { + testAccessControl(t, RunPagesProcessWithAuthServerWithSSLCertFile) +} + +func TestAccessControlWithSSLCertDir(t *testing.T) { + testAccessControl(t, RunPagesProcessWithAuthServerWithSSLCertDir) +} + func TestAcceptsSupportedCiphers(t *testing.T) { skipUnlessEnabled(t) teardown := RunPagesProcess(t, *pagesBinary, listeners, "") diff --git a/helpers_test.go b/helpers_test.go index 60fba9f5..32bea87c 100644 --- a/helpers_test.go +++ b/helpers_test.go @@ -12,6 +12,7 @@ import ( "net/http/httptest" "os" "os/exec" + "path" "path/filepath" "strings" "testing" @@ -196,22 +197,39 @@ func RunPagesProcessWithAuth(t *testing.T, pagesPath string, listeners []ListenS } func RunPagesProcessWithAuthServer(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, authServer string) func() { - configFile, cleanup := defaultConfigFileWith(t, - "auth-server="+authServer, - "auth-redirect-uri=https://projects.gitlab-example.com/auth") - defer cleanup() + return runPagesProcessWithAuthServer(t, pagesPath, listeners, promPort, nil, authServer) +} - return runPagesProcess(t, true, pagesPath, listeners, promPort, nil, - "-config="+configFile) +func RunPagesProcessWithAuthServerWithSSLCertFile(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, sslCertFile string, authServer string) func() { + return runPagesProcessWithAuthServer(t, pagesPath, listeners, promPort, + []string{"SSL_CERT_FILE=" + sslCertFile}, authServer) +} + +func RunPagesProcessWithAuthServerWithSSLCertDir(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, sslCertFile string, authServer string) func() { + // Create temporary cert dir + sslCertDir, err := ioutil.TempDir("", "pages-test-SSL_CERT_DIR") + require.NoError(t, err) + + // Copy sslCertFile into temp cert dir + err = copyFile(sslCertDir+"/"+path.Base(sslCertFile), sslCertFile) + require.NoError(t, err) + + innerCleanup := runPagesProcessWithAuthServer(t, pagesPath, listeners, promPort, + []string{"SSL_CERT_DIR=" + sslCertDir}, authServer) + + return func() { + innerCleanup() + os.RemoveAll(sslCertDir) + } } -func RunPagesProcessWithAuthServerWithSSL(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, sslCertFile string, authServer string) func() { +func runPagesProcessWithAuthServer(t *testing.T, pagesPath string, listeners []ListenSpec, promPort string, extraEnv []string, authServer string) func() { configFile, cleanup := defaultConfigFileWith(t, "auth-server="+authServer, "auth-redirect-uri=https://projects.gitlab-example.com/auth") defer cleanup() - return runPagesProcess(t, true, pagesPath, listeners, promPort, []string{"SSL_CERT_FILE=" + sslCertFile}, + return runPagesProcess(t, true, pagesPath, listeners, promPort, extraEnv, "-config="+configFile) } @@ -481,3 +499,25 @@ func defaultConfigFileWith(t *testing.T, configs ...string) (string, func()) { return name, cleanup } + +func copyFile(dest, src string) error { + srcFile, err := os.Open(src) + if err != nil { + return err + } + defer srcFile.Close() + + srcInfo, err := srcFile.Stat() + if err != nil { + return err + } + + destFile, err := os.OpenFile(dest, os.O_WRONLY|os.O_CREATE|os.O_EXCL, srcInfo.Mode()) + if err != nil { + return err + } + defer destFile.Close() + + _, err = io.Copy(destFile, srcFile) + return err +} |