Merge branch '571-support-custom-domains-config' into 'master'

Support custom domains in stub responses

See merge request gitlab-org/gitlab-pages!498

5 files changed, 93 insertions, 123 deletions

diff --git a/shared/pages/@hashed/67/06/670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf/pages_deployments/01/artifacts.zip b/shared/pages/@hashed/zip-from-disk.gitlab.io/public.zip
index f1278bce..f1278bce 100644
--- a/shared/pages/@hashed/67/06/670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf/pages_deployments/01/artifacts.zip
+++ b/shared/pages/@hashed/zip-from-disk.gitlab.io/public.zip
diff --git a/shared/pages/group.https-only/project1/public.zip b/shared/pages/group.https-only/project1/public.zip
new file mode 100644
index 00000000..ac74f320
--- /dev/null
+++ b/shared/pages/group.https-only/project1/public.zip
diff --git a/shared/pages/group.https-only/project2/public.zip b/shared/pages/group.https-only/project2/public.zip
new file mode 100644
index 00000000..ead779f5
--- /dev/null
+++ b/shared/pages/group.https-only/project2/public.zip
diff --git a/test/acceptance/serving_test.go b/test/acceptance/serving_test.go
index 92727d28..32291e52 100644
--- a/test/acceptance/serving_test.go
+++ b/test/acceptance/serving_test.go
@@ -163,8 +163,8 @@ func TestNestedSubgroups(t *testing.T) {
 
 func TestCustom404(t *testing.T) {
 	skipUnlessEnabled(t)
-	teardown := RunPagesProcess(t, *pagesBinary, supportedListeners(), "")
-	defer teardown()
+
+	RunPagesProcessWithStubGitLabServer(t)
 
 	tests := []struct {
 		host    string
@@ -334,30 +334,35 @@ func TestHttpToHttpsRedirectEnabled(t *testing.T) {
 	require.Equal(t, http.StatusOK, rsp.StatusCode)
 }
 
-func TestHttpsOnlyGroupEnabled(t *testing.T) {
-	skipUnlessEnabled(t)
-
-	teardown := RunPagesProcess(t, *pagesBinary, supportedListeners(), "")
-	defer teardown()
-
-	// TODO: allow configuring HTTPS responses from stub https://gitlab.com/gitlab-org/gitlab-pages/-/issues/571
-	// Related MR in progress https://gitlab.com/gitlab-org/gitlab-pages/-/merge_requests/498
-	rsp, err := GetRedirectPage(t, httpListener, "group.https-only.gitlab-example.com", "project1/")
-	require.NoError(t, err)
-	defer rsp.Body.Close()
-	require.Equal(t, http.StatusMovedPermanently, rsp.StatusCode)
-}
+func TestHTTPSRedirect(t *testing.T) {
+	RunPagesProcessWithStubGitLabServer(t,
+		withListeners([]ListenSpec{httpListener}),
+	)
 
-func TestHttpsOnlyGroupDisabled(t *testing.T) {
-	skipUnlessEnabled(t)
+	tests := map[string]struct {
+		path           string
+		expectedStatus int
+	}{
+		"domain_https_only_true": {
+			path:           "project1/",
+			expectedStatus: http.StatusMovedPermanently,
+		},
+		"domain_https_only_false": {
+			path:           "project2/",
+			expectedStatus: http.StatusOK,
+		},
+	}
 
-	teardown := RunPagesProcess(t, *pagesBinary, supportedListeners(), "")
-	defer teardown()
+	for name, test := range tests {
+		t.Run(name, func(t *testing.T) {
+			// see testdata/api_responses.go for per prefix configuration response from the API
+			rsp, err := GetRedirectPage(t, httpListener, "group.https-only.gitlab-example.com", test.path)
+			require.NoError(t, err)
+			defer rsp.Body.Close()
 
-	rsp, err := GetPageFromListener(t, httpListener, "group.https-only.gitlab-example.com", "project2/")
-	require.NoError(t, err)
-	defer rsp.Body.Close()
-	require.Equal(t, http.StatusOK, rsp.StatusCode)
+			require.Equal(t, test.expectedStatus, rsp.StatusCode)
+		})
+	}
 }
 
 func TestHttpsOnlyProjectEnabled(t *testing.T) {
diff --git a/test/acceptance/testdata/api_responses.go b/test/acceptance/testdata/api_responses.go
index a1c99955..8d423716 100644
--- a/test/acceptance/testdata/api_responses.go
+++ b/test/acceptance/testdata/api_responses.go
@@ -16,90 +16,40 @@ type responseFn func(*testing.T, string) api.VirtualDomain
 
 // DomainResponses holds the predefined API responses for certain domains
 // that can be used with the GitLab API stub in acceptance tests
+// Assume the working dir is inside shared/pages/
 var DomainResponses = map[string]responseFn{
-	"zip-from-disk.gitlab.io":           ZipFromFile,
-	"zip-from-disk-not-found.gitlab.io": ZipFromFileNotFound,
-	"zip-not-allowed-path.gitlab.io":    ZipFromNotAllowedPath,
-	// test assume the working dir is inside shared/pages/
-	"group.gitlab-example.com":        GenerateVirtualDomainFromDir("group", "group.gitlab-example.com"),
-	"CapitalGroup.gitlab-example.com": GenerateVirtualDomainFromDir("CapitalGroup", "CapitalGroup.gitlab-example.com"),
-	"group.404.gitlab-example.com":    GenerateVirtualDomainFromDir("group.404", "group.404.gitlab-example.com"),
-	"domain.404.com":                  domain404,
+	"zip-from-disk.gitlab.io": customDomain(projectConfig{
+		projectID:  123,
+		pathOnDisk: "@hashed/zip-from-disk.gitlab.io",
+	}),
+	"zip-from-disk-not-found.gitlab.io": customDomain(projectConfig{}),
+	// outside of working dir
+	"zip-not-allowed-path.gitlab.io":  customDomain(projectConfig{pathOnDisk: "../../../../"}),
+	"group.gitlab-example.com":        generateVirtualDomainFromDir("group", "group.gitlab-example.com", nil),
+	"CapitalGroup.gitlab-example.com": generateVirtualDomainFromDir("CapitalGroup", "CapitalGroup.gitlab-example.com", nil),
+	"group.404.gitlab-example.com":    generateVirtualDomainFromDir("group.404", "group.404.gitlab-example.com", nil),
+	"group.https-only.gitlab-example.com": generateVirtualDomainFromDir("group.https-only", "group.https-only.gitlab-example.com", map[string]projectConfig{
+		"/project1": {
+			projectID: 1000,
+			https:     true,
+		},
+		"/project2": {
+			projectID: 1100,
+			https:     false,
+		},
+	}),
+	"domain.404.com": customDomain(projectConfig{
+		projectID:  1000,
+		pathOnDisk: "group.404/domain.404",
+	}),
 	// NOTE: before adding more domains here, generate the zip archive by running (per project)
 	// make zip PROJECT_SUBDIR=group/serving
 	// make zip PROJECT_SUBDIR=group/project2
 }
 
-// ZipFromFile response for zip.gitlab.io
-func ZipFromFile(t *testing.T, wd string) api.VirtualDomain {
-	t.Helper()
-
-	return api.VirtualDomain{
-		Certificate: "",
-		Key:         "",
-		LookupPaths: []api.LookupPath{
-			{
-				ProjectID:     123,
-				AccessControl: false,
-				HTTPSOnly:     false,
-				Prefix:        "/",
-				Source: api.Source{
-					Type: "zip",
-					Path: fmt.Sprintf("file://%s/@hashed/67/06/670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf/pages_deployments/01/artifacts.zip", wd),
-				},
-			},
-		},
-	}
-}
-
-// ZipFromFileNotFound response for zip-from-disk-not-found.gitlab.io
-func ZipFromFileNotFound(t *testing.T, wd string) api.VirtualDomain {
-	t.Helper()
-
-	return api.VirtualDomain{
-		Certificate: "",
-		Key:         "",
-		LookupPaths: []api.LookupPath{
-			{
-				ProjectID:     123,
-				AccessControl: false,
-				HTTPSOnly:     false,
-				Prefix:        "/",
-				Source: api.Source{
-					Type: "zip",
-					Path: fmt.Sprintf("file://%s/@hashed/67/06/670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf/pages_deployments/01/unknown.zip", wd),
-				},
-			},
-		},
-	}
-}
-
-// ZipFromNotAllowedPath response for zip-not-allowed-path.gitlab.io
-func ZipFromNotAllowedPath(t *testing.T, wd string) api.VirtualDomain {
-	t.Helper()
-
-	return api.VirtualDomain{
-		Certificate: "",
-		Key:         "",
-		LookupPaths: []api.LookupPath{
-			{
-				ProjectID:     123,
-				AccessControl: false,
-				HTTPSOnly:     false,
-				Prefix:        "/",
-				Source: api.Source{
-					Type: "zip",
-					// path outside of `pages-root`
-					Path: "file:///some/random/path/public.zip",
-				},
-			},
-		},
-	}
-}
-
-// GenerateVirtualDomainFromDir walks the subdirectory inside of shared/pages/ to find any zip archives.
+// generateVirtualDomainFromDir walks the subdirectory inside of shared/pages/ to find any zip archives.
 // It works for subdomains of pages-domain but not for custom domains (yet)
-func GenerateVirtualDomainFromDir(dir, rootDomain string) responseFn {
+func generateVirtualDomainFromDir(dir, rootDomain string, perPrefixConfig map[string]projectConfig) responseFn {
 	return func(t *testing.T, wd string) api.VirtualDomain {
 		t.Helper()
 
@@ -139,12 +89,15 @@ func GenerateVirtualDomainFromDir(dir, rootDomain string) responseFn {
 				prefix = "/"
 			}
 
+			cfg, ok := perPrefixConfig[prefix]
+			if !ok {
+				cfg = projectConfig{}
+			}
+
 			lookupPath := api.LookupPath{
-				// TODO: allow configuring response
-				// Related MR in progress https://gitlab.com/gitlab-org/gitlab-pages/-/merge_requests/498
-				ProjectID:     123,
-				AccessControl: false,
-				HTTPSOnly:     false,
+				ProjectID:     cfg.projectID,
+				AccessControl: cfg.accessControl,
+				HTTPSOnly:     cfg.https,
 				Prefix:        prefix,
 				Source: api.Source{
 					Type: "zip",
@@ -161,25 +114,37 @@ func GenerateVirtualDomainFromDir(dir, rootDomain string) responseFn {
 	}
 }
 
-// domain404 hardcoding for now, will implement a better solution in a follow up MR
-//TODO: remove hardcoded custom domains: https://gitlab.com/gitlab-org/gitlab-pages/-/merge_requests/498
-func domain404(t *testing.T, wd string) api.VirtualDomain {
-	t.Helper()
-
-	return api.VirtualDomain{
-		Certificate: "",
-		Key:         "",
-		LookupPaths: []api.LookupPath{
-			{
-				ProjectID:     123,
-				AccessControl: false,
-				HTTPSOnly:     false,
-				Prefix:        "/",
-				Source: api.Source{
-					Type: "zip",
-					Path: fmt.Sprintf("file://%s/group.404/domain.404/public.zip", wd),
+type projectConfig struct {
+	// refer to makeGitLabPagesAccessStub for custom HTTP responses per projectID
+	projectID     int
+	accessControl bool
+	https         bool
+	pathOnDisk    string
+}
+
+// customDomain with per project config
+func customDomain(config projectConfig) responseFn {
+	return func(t *testing.T, wd string) api.VirtualDomain {
+		t.Helper()
+
+		return api.VirtualDomain{
+			Certificate: "",
+			Key:         "",
+			LookupPaths: []api.LookupPath{
+				{
+					ProjectID:     config.projectID,
+					AccessControl: config.accessControl,
+					HTTPSOnly:     config.https,
+					// prefix should always be `/` for custom domains, otherwise `resolvePath` will try
+					// to look for files under public/prefix/ when serving content instead of just public/
+					// see internal/serving/disk/ for details
+					Prefix: "/",
+					Source: api.Source{
+						Type: "zip",
+						Path: fmt.Sprintf("file://%s/%s/public.zip", wd, config.pathOnDisk),
+					},
 				},
 			},
-		},
+		}
 	}
 }