This repository has been archived by the owner on Jul 6, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
functional tests: add golang tests for client TLS cert handling
Signed-off-by: John Mulligan <jmulligan@redhat.com>
- Loading branch information
1 parent
2ee8696
commit da761a7
Showing
3 changed files
with
240 additions
and
1 deletion.
There are no files selected for viewing
118 changes: 118 additions & 0 deletions
118
tests/functional/TestEnabledTLS/client_tls_test/client_tls_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
// +build functional | ||
|
||
// | ||
// Copyright (c) 2018 The heketi Authors | ||
// | ||
// This file is licensed to you under your choice of the GNU Lesser | ||
// General Public License, version 3 or any later version (LGPLv3 or | ||
// later), as published by the Free Software Foundation, | ||
// or under the Apache License, Version 2.0 <LICENSE-APACHE2 or | ||
// http://www.apache.org/licenses/LICENSE-2.0>. | ||
// | ||
// You may not use this file except in compliance with those terms. | ||
// | ||
|
||
package client_tls_test | ||
|
||
import ( | ||
"testing" | ||
|
||
client "github.com/heketi/heketi/client/api/go-client" | ||
"github.com/heketi/heketi/pkg/glusterfs/api" | ||
|
||
"github.com/heketi/tests" | ||
) | ||
|
||
var ( | ||
URL = "https://localhost:8080" | ||
User = "abc" | ||
Key = "xyz" | ||
CertPath = "../heketi.crt" | ||
) | ||
|
||
func TestCreateClusterTLSCert(t *testing.T) { | ||
heketiServer := NewServerCtlFromEnv("..") | ||
err := heketiServer.Start() | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
defer heketiServer.Stop() | ||
|
||
heketi, err := client.NewClientTLS(URL, User, Key, &client.ClientTLSOptions{ | ||
VerifyCerts: []string{CertPath}, | ||
}) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, heketi != nil, "expected heketi != nil, got:", heketi) | ||
|
||
testClientActions(t, heketi) | ||
} | ||
|
||
func TestCreateClusterTLSNoVerify(t *testing.T) { | ||
heketiServer := NewServerCtlFromEnv("..") | ||
err := heketiServer.Start() | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
defer heketiServer.Stop() | ||
|
||
heketi, err := client.NewClientTLS(URL, User, Key, &client.ClientTLSOptions{ | ||
InsecureSkipVerify: true, | ||
}) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, heketi != nil, "expected heketi != nil, got:", heketi) | ||
|
||
testClientActions(t, heketi) | ||
} | ||
|
||
// This test checks that the client fails when the server is using | ||
// a self signed cert and none of the options needed for it | ||
// are provided. | ||
func TestClientFailUnknownAuthority(t *testing.T) { | ||
heketiServer := NewServerCtlFromEnv("..") | ||
err := heketiServer.Start() | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
defer heketiServer.Stop() | ||
|
||
heketi, err := client.NewClientTLS(URL, User, Key, &client.ClientTLSOptions{}) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, heketi != nil, "expected heketi != nil, got:", heketi) | ||
|
||
clusterReq := &api.ClusterCreateRequest{ | ||
ClusterFlags: api.ClusterFlags{ | ||
Block: true, | ||
File: true, | ||
}, | ||
} | ||
_, err = heketi.ClusterCreate(clusterReq) | ||
tests.Assert(t, err != nil, "expected err != nil, got:", err) | ||
} | ||
|
||
func testClientActions(t *testing.T, heketi *client.Client) { | ||
clusterReq := &api.ClusterCreateRequest{ | ||
ClusterFlags: api.ClusterFlags{ | ||
Block: true, | ||
File: true, | ||
}, | ||
} | ||
cluster, err := heketi.ClusterCreate(clusterReq) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, cluster.Id != "", `expected cluster.Id != "", got ""`) | ||
|
||
nodeReq := &api.NodeAddRequest{} | ||
nodeReq.ClusterId = cluster.Id | ||
nodeReq.Hostnames.Manage = []string{"foo"} | ||
nodeReq.Hostnames.Storage = []string{"foo"} | ||
nodeReq.Zone = 1 | ||
node, err := heketi.NodeAdd(nodeReq) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, node.Id != "", `expected node.Id != "", got ""`) | ||
|
||
clusters, err := heketi.ClusterList() | ||
tests.Assert(t, err == nil, err) | ||
tests.Assert(t, len(clusters.Clusters) == 1, | ||
"expected len(clusters.Clusters) == 1, got:", len(clusters.Clusters)) | ||
|
||
clusterInfo, err := heketi.ClusterInfo(clusters.Clusters[0]) | ||
tests.Assert(t, err == nil, "expected err == nil, got:", err) | ||
tests.Assert(t, len(clusterInfo.Nodes) == 1, | ||
"expected len(clusterInfo.Nodes) == 1, got:", len(clusterInfo.Nodes)) | ||
tests.Assert(t, clusterInfo.Nodes[0] == node.Id, | ||
"expected clusterInfo.Nodes[0] == node.Id, got:", | ||
clusterInfo.Nodes[0] == node.Id) | ||
} |
103 changes: 103 additions & 0 deletions
103
tests/functional/TestEnabledTLS/client_tls_test/serverctl_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
// +build functional | ||
|
||
// | ||
// Copyright (c) 2018 The heketi Authors | ||
// | ||
// This file is licensed to you under your choice of the GNU Lesser | ||
// General Public License, version 3 or any later version (LGPLv3 or | ||
// later), as published by the Free Software Foundation, | ||
// or under the Apache License, Version 2.0 <LICENSE-APACHE2 or | ||
// http://www.apache.org/licenses/LICENSE-2.0>. | ||
// | ||
// You may not use this file except in compliance with those terms. | ||
// | ||
|
||
package client_tls_test | ||
|
||
import ( | ||
"errors" | ||
"os" | ||
"os/exec" | ||
"path" | ||
"syscall" | ||
"time" | ||
) | ||
|
||
type ServerCtl struct { | ||
serverDir string | ||
heketiBin string | ||
logPath string | ||
dbPath string | ||
keepDB bool | ||
// the real stuff | ||
cmd *exec.Cmd | ||
cmdExited bool | ||
cmdErr error | ||
logF *os.File | ||
} | ||
|
||
func getEnvValue(k, val string) string { | ||
if v := os.Getenv(k); v != "" { | ||
return v | ||
} | ||
return val | ||
} | ||
|
||
func NewServerCtlFromEnv(dir string) *ServerCtl { | ||
return &ServerCtl{ | ||
serverDir: getEnvValue("HEKETI_SERVER_DIR", dir), | ||
heketiBin: getEnvValue("HEKETI_SERVER", "./heketi-server"), | ||
logPath: getEnvValue("HEKETI_LOG", "./heketi.log"), | ||
dbPath: getEnvValue("HEKETI_DB_PATH", "./heketi.db"), | ||
} | ||
} | ||
|
||
func (s *ServerCtl) Start() error { | ||
if !s.keepDB { | ||
// do not preserve the heketi db between server instances | ||
os.Remove(path.Join(s.serverDir, s.dbPath)) | ||
} | ||
f, err := os.OpenFile(s.logPath, os.O_TRUNC|os.O_CREATE|os.O_RDWR, 0644) | ||
if err != nil { | ||
return err | ||
} | ||
s.logF = f | ||
s.cmd = exec.Command(s.heketiBin, "--config=heketi.json") | ||
s.cmd.Dir = s.serverDir | ||
s.cmd.Stdout = f | ||
s.cmd.Stderr = f | ||
if err := s.cmd.Start(); err != nil { | ||
return err | ||
} | ||
go func() { | ||
s.cmdErr = s.cmd.Wait() | ||
s.cmdExited = true | ||
}() | ||
time.Sleep(300 * time.Millisecond) | ||
if !s.IsAlive() { | ||
return errors.New("server exited early") | ||
} | ||
// dump some logs if heketi fails to start? | ||
return nil | ||
} | ||
|
||
func (s *ServerCtl) IsAlive() bool { | ||
if err := s.cmd.Process.Signal(syscall.Signal(0)); err != nil { | ||
return false | ||
} | ||
return true | ||
} | ||
|
||
func (s *ServerCtl) Stop() error { | ||
if err := s.cmd.Process.Signal(os.Interrupt); err != nil { | ||
return err | ||
} | ||
time.Sleep(100 * time.Millisecond) | ||
if !s.cmdExited { | ||
if err := s.cmd.Process.Kill(); err != nil { | ||
return err | ||
} | ||
} | ||
s.logF.Close() | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters