1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00

ci: test local CA and update SNI tests (#3145)

* run caddy tests in process

* call main with run args

* exclude tests - windows

* include json example

* disable caddyfile tests, include json test with non trusted local ca

* converted SNI tests to json syntax
This commit is contained in:
Mark Sargent 2020-03-23 13:08:02 +13:00 committed by GitHub
parent bea8dedfb2
commit 8cc60e6896
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 306 additions and 69 deletions

View file

@ -18,6 +18,11 @@ import (
"strings"
"testing"
"time"
caddycmd "github.com/caddyserver/caddy/v2/cmd"
// plug in Caddy modules here
_ "github.com/caddyserver/caddy/v2/modules/standard"
)
// Defaults store any configuration required to make the tests run
@ -145,6 +150,30 @@ func validateTestPrerequisites() error {
}
}
if isCaddyAdminRunning() != nil {
// start inprocess caddy server
os.Args = []string{"caddy", "run"}
go func() {
caddycmd.Main()
}()
// wait for caddy to start
retries := 4
for ; retries > 0 && isCaddyAdminRunning() != nil; retries-- {
time.Sleep(10 * time.Millisecond)
}
}
// assert that caddy is running
if err := isCaddyAdminRunning(); err != nil {
return err
}
arePrerequisitesValid = true
return nil
}
func isCaddyAdminRunning() error {
// assert that caddy is running
client := &http.Client{
Timeout: time.Second * 2,
@ -154,7 +183,6 @@ func validateTestPrerequisites() error {
return errors.New("caddy integration test caddy server not running. Expected to be listening on localhost:2019")
}
arePrerequisitesValid = true
return nil
}

View file

@ -66,71 +66,3 @@ func TestDuplicateHosts(t *testing.T) {
"caddyfile",
"duplicate site address not allowed")
}
func TestDefaultSNI(t *testing.T) {
// arrange
caddytest.InitServer(t, `
{
http_port 9080
https_port 9443
default_sni *.caddy.localhost
}
127.0.0.1:9443 {
tls /caddy.localhost.crt /caddy.localhost.key
respond /version 200 {
body "hello from a"
}
}
`, "caddyfile")
// act and assert
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}
func TestDefaultSNIWithNamedHostAndExplicitIP(t *testing.T) {
// arrange
caddytest.InitServer(t, `
{
http_port 9080
https_port 9443
default_sni a.caddy.localhost
}
a.caddy.localhost:9443, 127.0.0.1:9443 {
tls /a.caddy.localhost.crt /a.caddy.localhost.key
respond /version 200 {
body "hello from a"
}
}
`, "caddyfile")
// act and assert
// makes a request with no sni
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}
func TestDefaultSNIWithPortMappingOnly(t *testing.T) {
// arrange
caddytest.InitServer(t, `
{
http_port 9080
https_port 9443
default_sni a.caddy.localhost
}
:9443 {
tls /a.caddy.localhost.crt /a.caddy.localhost.key
respond /version 200 {
body "hello from a.caddy.localhost"
}
}
`, "caddyfile")
// act and assert
// makes a request with no sni
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}

View file

@ -0,0 +1,277 @@
package integration
import (
"testing"
"github.com/caddyserver/caddy/v2/caddytest"
)
func TestDefaultSNI(t *testing.T) {
// arrange
caddytest.InitServer(t, `{
"apps": {
"http": {
"http_port": 9080,
"https_port": 9443,
"servers": {
"srv0": {
"listen": [
":9443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"body": "hello from a.caddy.localhost",
"handler": "static_response",
"status_code": 200
}
],
"match": [
{
"path": [
"/version"
]
}
]
}
]
}
],
"match": [
{
"host": [
"127.0.0.1"
]
}
],
"terminal": true
}
],
"tls_connection_policies": [
{
"certificate_selection": {
"policy": "custom",
"tag": "cert0"
},
"match": {
"sni": [
"127.0.0.1"
]
}
},
{
"default_sni": "*.caddy.localhost"
}
]
}
}
},
"tls": {
"certificates": {
"load_files": [
{
"certificate": "/caddy.localhost.crt",
"key": "/caddy.localhost.key",
"tags": [
"cert0"
]
}
]
}
},
"pki": {
"certificate_authorities" : {
"local" : {
"install_trust": false
}
}
}
}
}
`, "json")
// act and assert
// makes a request with no sni
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}
func TestDefaultSNIWithNamedHostAndExplicitIP(t *testing.T) {
// arrange
caddytest.InitServer(t, `
{
"apps": {
"http": {
"http_port": 9080,
"https_port": 9443,
"servers": {
"srv0": {
"listen": [
":9443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"body": "hello from a",
"handler": "static_response",
"status_code": 200
}
],
"match": [
{
"path": [
"/version"
]
}
]
}
]
}
],
"match": [
{
"host": [
"a.caddy.localhost",
"127.0.0.1"
]
}
],
"terminal": true
}
],
"tls_connection_policies": [
{
"certificate_selection": {
"policy": "custom",
"tag": "cert0"
},
"default_sni": "a.caddy.localhost",
"match": {
"sni": [
"a.caddy.localhost",
"127.0.0.1",
""
]
}
},
{
"default_sni": "a.caddy.localhost"
}
]
}
}
},
"tls": {
"certificates": {
"load_files": [
{
"certificate": "/a.caddy.localhost.crt",
"key": "/a.caddy.localhost.key",
"tags": [
"cert0"
]
}
]
}
},
"pki": {
"certificate_authorities" : {
"local" : {
"install_trust": false
}
}
}
}
}
`, "json")
// act and assert
// makes a request with no sni
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}
func TestDefaultSNIWithPortMappingOnly(t *testing.T) {
// arrange
caddytest.InitServer(t, `
{
"apps": {
"http": {
"http_port": 9080,
"https_port": 9443,
"servers": {
"srv0": {
"listen": [
":9443"
],
"routes": [
{
"handle": [
{
"body": "hello from a.caddy.localhost",
"handler": "static_response",
"status_code": 200
}
],
"match": [
{
"path": [
"/version"
]
}
]
}
],
"tls_connection_policies": [
{
"certificate_selection": {
"policy": "custom",
"tag": "cert0"
},
"default_sni": "a.caddy.localhost"
}
]
}
}
},
"tls": {
"certificates": {
"load_files": [
{
"certificate": "/a.caddy.localhost.crt",
"key": "/a.caddy.localhost.key",
"tags": [
"cert0"
]
}
]
}
},
"pki": {
"certificate_authorities" : {
"local" : {
"install_trust": false
}
}
}
}
}
`, "json")
// act and assert
// makes a request with no sni
caddytest.AssertGetResponse(t, "https://127.0.0.1:9443/version", 200, "hello from a")
}