test: add zip for "group.auth"

and update acceptance tests using this project.

4 files changed, 53 insertions, 28 deletions

diff --git a/test/acceptance/artifacts_test.go b/test/acceptance/artifacts_test.go
index 398b62a6..443fedbb 100644
--- a/test/acceptance/artifacts_test.go
+++ b/test/acceptance/artifacts_test.go
@@ -227,12 +227,11 @@ func TestPrivateArtifactProxyRequest(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			configFile, cleanup := defaultConfigFileWith(t,
+			configFile := defaultConfigFileWith(t,
 				"gitlab-server="+testServer.URL,
 				"artifacts-server="+artifactServerURL,
 				"auth-redirect-uri=https://projects.gitlab-example.com/auth",
 				tt.binaryOption)
-			defer cleanup()
 
 			RunPagesProcessWithStubGitLabServer(t,
 				withListeners([]ListenSpec{httpsListener}),
diff --git a/test/acceptance/auth_test.go b/test/acceptance/auth_test.go
index c6948c13..4dceaad0 100644
--- a/test/acceptance/auth_test.go
+++ b/test/acceptance/auth_test.go
@@ -15,8 +15,9 @@ import (
 )
 
 func TestWhenAuthIsDisabledPrivateIsNotAccessible(t *testing.T) {
-	teardown := RunPagesProcess(t, *pagesBinary, supportedListeners(), "", "")
-	defer teardown()
+	RunPagesProcessWithStubGitLabServer(t,
+		withListeners([]ListenSpec{httpListener}),
+	)
 
 	rsp, err := GetPageFromListener(t, httpListener, "group.auth.gitlab-example.com", "private.project/")
 
@@ -26,8 +27,7 @@ func TestWhenAuthIsDisabledPrivateIsNotAccessible(t *testing.T) {
 }
 
 func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) {
-	teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com")
-	defer teardown()
+	runPagesWithAuth(t, []ListenSpec{httpsListener})
 
 	rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/")
 
@@ -57,8 +57,7 @@ func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) {
 }
 
 func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) {
-	teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com")
-	defer teardown()
+	runPagesWithAuth(t, []ListenSpec{httpsListener})
 
 	rsp, err := GetPageFromListener(t, httpsListener, "projects.gitlab-example.com", "/auth?error=access_denied")
 
@@ -68,8 +67,7 @@ func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) {
 	require.Equal(t, http.StatusUnauthorized, rsp.StatusCode)
 }
 func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) {
-	teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com")
-	defer teardown()
+	runPagesWithAuth(t, []ListenSpec{httpsListener})
 
 	rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/")
 
@@ -86,8 +84,7 @@ func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) {
 }
 
 func TestWhenLoginCallbackWithUnencryptedCode(t *testing.T) {
-	teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com")
-	defer teardown()
+	runPagesWithAuth(t, []ListenSpec{httpsListener})
 
 	rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/")
 
@@ -110,6 +107,7 @@ func TestWhenLoginCallbackWithUnencryptedCode(t *testing.T) {
 	require.Equal(t, http.StatusInternalServerError, authrsp.StatusCode)
 }
 
+//  TODO: NEED TO MOVE THIS to handler in api_responses
 func handleAccessControlArtifactRequests(t *testing.T, w http.ResponseWriter, r *http.Request) bool {
 	authorization := r.Header.Get("Authorization")
 
@@ -175,21 +173,19 @@ func sleepIfAuthorized(t *testing.T, authorization string, w http.ResponseWriter
 	}
 }
 
-func TestAccessControlUnderCustomDomain(t *testing.T) {
+func TestAccessControlUnderCustomDomainStandalone(t *testing.T) {
 	skipUnlessEnabled(t, "not-inplace-chroot")
 
-	testServer := makeGitLabPagesAccessStub(t)
-	testServer.Start()
-	defer testServer.Close()
-
-	teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com")
-	defer teardown()
+	//
+	//teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com")
+	//defer teardown()
+	runPagesWithAuth(t, []ListenSpec{httpListener})
 
 	tests := map[string]struct {
 		domain string
 		path   string
 	}{
-		"private_domain": {
+		"private_domain_only": {
 			domain: "private.domain.com",
 			path:   "",
 		},
@@ -722,3 +718,24 @@ func getValidCookieAndState(t *testing.T, domain string) (string, string) {
 
 	return cookie, state
 }
+
+func runPagesWithAuth(t *testing.T, listeners []ListenSpec) {
+	t.Helper()
+
+	testServer := makeGitLabPagesAccessStub(t)
+	testServer.Start()
+	t.Cleanup(testServer.Close)
+
+	configFile := defaultConfigFileWith(t,
+		"internal-gitlab-server="+testServer.URL,
+		"gitlab-server=https://public-gitlab-auth.com",
+		"auth-redirect-uri=https://projects.gitlab-example.com/auth",
+	)
+
+	RunPagesProcessWithStubGitLabServer(t,
+		withListeners(listeners),
+		withArguments([]string{
+			"-config=" + configFile,
+		}),
+	)
+}
diff --git a/test/acceptance/helpers_test.go b/test/acceptance/helpers_test.go
index a627cc00..20af4095 100644
--- a/test/acceptance/helpers_test.go
+++ b/test/acceptance/helpers_test.go
@@ -256,11 +256,10 @@ func RunPagesProcessWithStubGitLabServer(t *testing.T, opts ...processOption) *L
 }
 
 func RunPagesProcessWithAuth(t *testing.T, pagesBinary string, listeners []ListenSpec, internalServer string, publicServer string) func() {
-	configFile, cleanup := defaultConfigFileWith(t,
+	configFile := defaultConfigFileWith(t,
 		"internal-gitlab-server="+internalServer,
 		"gitlab-server="+publicServer,
 		"auth-redirect-uri=https://projects.gitlab-example.com/auth")
-	defer cleanup()
 
 	_, cleanup2 := runPagesProcess(t, true, pagesBinary, listeners, "", nil,
 		"-config="+configFile,
@@ -292,10 +291,9 @@ func RunPagesProcessWithGitlabServerWithSSLCertDir(t *testing.T, pagesBinary str
 }
 
 func runPagesProcessWithGitlabServer(t *testing.T, pagesBinary string, listeners []ListenSpec, promPort string, extraEnv []string, gitlabServer string) func() {
-	configFile, cleanup := defaultConfigFileWith(t,
+	configFile := defaultConfigFileWith(t,
 		"gitlab-server="+gitlabServer,
 		"auth-redirect-uri=https://projects.gitlab-example.com/auth")
-	defer cleanup()
 
 	_, cleanup2 := runPagesProcess(t, true, pagesBinary, listeners, promPort, extraEnv,
 		"-config="+configFile)
@@ -720,7 +718,7 @@ func newConfigFile(t *testing.T, configs ...string) string {
 	return f.Name()
 }
 
-func defaultConfigFileWith(t *testing.T, configs ...string) (string, func()) {
+func defaultConfigFileWith(t *testing.T, configs ...string) string {
 	t.Helper()
 
 	configs = append(configs, "auth-client-id=clientID",
@@ -731,12 +729,12 @@ func defaultConfigFileWith(t *testing.T, configs ...string) (string, func()) {
 
 	name := newConfigFile(t, configs...)
 
-	cleanup := func() {
+	t.Cleanup(func() {
 		err := os.Remove(name)
 		require.NoError(t, err)
-	}
+	})
 
-	return name, cleanup
+	return name
 }
 
 func copyFile(dest, src string) error {
diff --git a/test/acceptance/testdata/api_responses.go b/test/acceptance/testdata/api_responses.go
index b36563bb..80e761d7 100644
--- a/test/acceptance/testdata/api_responses.go
+++ b/test/acceptance/testdata/api_responses.go
@@ -66,6 +66,17 @@ var DomainResponses = map[string]responseFn{
 		https:      true,
 		pathOnDisk: "group.https-only/project5",
 	}),
+	"group.auth.gitlab-example.com": generateVirtualDomainFromDir("group.auth", "group.auth.gitlab-example.com", map[string]projectConfig{
+		"/private.project": {
+			projectID:     1005,
+			accessControl: true,
+		},
+	}),
+	"private.domain.com": customDomain(projectConfig{
+		projectID:     1006,
+		accessControl: true,
+		pathOnDisk:    "group.auth/private.project",
+	}),
 	// NOTE: before adding more domains here, generate the zip archive by running (per project)
 	// make zip PROJECT_SUBDIR=group/serving
 	// make zip PROJECT_SUBDIR=group/project2