This is an automated email from the ASF dual-hosted git repository.
starsz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-dashboard.git
The following commit(s) were added to refs/heads/master by this push:
new 79ff37b chore: improve ssl e2e test coverage (#1571)
79ff37b is described below
commit 79ff37bb266f608a04f52905fc8b9c51719bb21a
Author: Peter Zhu <[email protected]>
AuthorDate: Thu Mar 11 16:22:10 2021 +0800
chore: improve ssl e2e test coverage (#1571)
---
api/test/e2enew/base/base.go | 11 +-
api/test/e2enew/ssl/ssl_suite_test.go | 3 +-
api/test/e2enew/ssl/ssl_test.go | 254 +++++++++++++++++++++-------------
3 files changed, 167 insertions(+), 101 deletions(-)
diff --git a/api/test/e2enew/base/base.go b/api/test/e2enew/base/base.go
index 15fd185..6fa319c 100644
--- a/api/test/e2enew/base/base.go
+++ b/api/test/e2enew/base/base.go
@@ -269,12 +269,11 @@ func CleanResource(resource string) {
for _, item := range list {
resourceObj := item.(map[string]interface{})
tc := HttpTestCase{
- Desc: "delete " + resource + "/" +
resourceObj["id"].(string),
- Object: ManagerApiExpect(),
- Method: http.MethodDelete,
- Path: "/apisix/admin/" + resource + "/" +
resourceObj["id"].(string),
- Headers: map[string]string{"Authorization":
GetToken()},
- ExpectStatus: http.StatusOK,
+ Desc: "delete " + resource + "/" +
resourceObj["id"].(string),
+ Object: ManagerApiExpect(),
+ Method: http.MethodDelete,
+ Path: "/apisix/admin/" + resource + "/" +
resourceObj["id"].(string),
+ Headers: map[string]string{"Authorization": GetToken()},
}
RunTestCase(tc)
}
diff --git a/api/test/e2enew/ssl/ssl_suite_test.go
b/api/test/e2enew/ssl/ssl_suite_test.go
index 5969613..a5b7c05 100644
--- a/api/test/e2enew/ssl/ssl_suite_test.go
+++ b/api/test/e2enew/ssl/ssl_suite_test.go
@@ -25,12 +25,11 @@ import (
"e2enew/base"
)
-func TestRoute(t *testing.T) {
+func TestSSL(t *testing.T) {
ginkgo.RunSpecs(t, "ssl suite")
}
var _ = ginkgo.AfterSuite(func() {
base.CleanResource("ssl")
- base.CleanResource("routes")
time.Sleep(base.SleepTime)
})
diff --git a/api/test/e2enew/ssl/ssl_test.go b/api/test/e2enew/ssl/ssl_test.go
index d93371d..76c3157 100644
--- a/api/test/e2enew/ssl/ssl_test.go
+++ b/api/test/e2enew/ssl/ssl_test.go
@@ -26,38 +26,80 @@ import (
"time"
"github.com/onsi/ginkgo"
+ "github.com/onsi/ginkgo/extensions/table"
"github.com/stretchr/testify/assert"
"e2enew/base"
)
var _ = ginkgo.Describe("SSL Basic", func() {
- ginkgo.It("test ssl basic", func() {
- // build test body
- t := ginkgo.GinkgoT()
- testCert, err := ioutil.ReadFile("../../certs/test2.crt")
- assert.Nil(t, err)
- testKey, err := ioutil.ReadFile("../../certs/test2.key")
- assert.Nil(t, err)
- apisixKey, err := ioutil.ReadFile("../../certs/apisix.key")
- assert.Nil(t, err)
- body, err := json.Marshal(map[string]interface{}{
- "id": "1",
- "cert": string(testCert),
- "key": string(testKey),
- "labels": map[string]string{
- "build": "16",
- "env": "production",
- "version": "v3",
+ t := ginkgo.GinkgoT()
+ var (
+ testCert []byte
+ testKey []byte
+ apisixKey []byte
+ validBody []byte
+ validBody2 []byte
+ invalidBody []byte
+ createRouteBody []byte
+ )
+
+ var err error
+ testCert, err = ioutil.ReadFile("../../certs/test2.crt")
+ assert.Nil(t, err)
+ testKey, err = ioutil.ReadFile("../../certs/test2.key")
+ assert.Nil(t, err)
+ apisixKey, err = ioutil.ReadFile("../../certs/apisix.key")
+ assert.Nil(t, err)
+
+ validBody, err = json.Marshal(map[string]interface{}{
+ "id": "1",
+ "cert": string(testCert),
+ "key": string(testKey),
+ "labels": map[string]string{
+ "build": "16",
+ "env": "production",
+ "version": "v3",
+ },
+ })
+ assert.Nil(t, err)
+ validBody2, err = json.Marshal(map[string]interface{}{
+ "id": "1",
+ "cert": string(testCert),
+ "key": string(testKey),
+ "labels": map[string]string{
+ "build": "16",
+ "env": "production",
+ "version": "v2",
+ },
+ })
+ assert.Nil(t, err)
+
+ invalidBody, err = json.Marshal(map[string]string{
+ "id": "1",
+ "cert": string(testCert),
+ "key": string(apisixKey),
+ })
+ assert.Nil(t, err)
+
+ tempBody := map[string]interface{}{
+ "uri": "/hello_",
+ "hosts": []string{"test2.com", "*.test2.com"},
+ "upstream": map[string]interface{}{
+ "nodes": []map[string]interface{}{
+ {
+ "host": base.UpstreamIp,
+ "port": 1980,
+ "weight": 1,
+ },
},
- })
- assert.Nil(t, err)
- invalidBody, err := json.Marshal(map[string]string{
- "id": "1",
- "cert": string(testCert),
- "key": string(apisixKey),
- })
- assert.Nil(t, err)
+ "type": "roundrobin",
+ },
+ }
+ createRouteBody, err = json.Marshal(tempBody)
+ assert.Nil(t, err)
+
+ ginkgo.It("without certificate", func() {
// Before configuring SSL, make a HTTPS request
http.DefaultTransport.(*http.Transport).TLSClientConfig =
&tls.Config{InsecureSkipVerify: true}
http.DefaultTransport.(*http.Transport).DialContext = func(ctx
context.Context, network, addr string) (net.Conn, error) {
@@ -67,78 +109,112 @@ var _ = ginkgo.Describe("SSL Basic", func() {
dialer := &net.Dialer{}
return dialer.DialContext(ctx, network, addr)
}
- _, err = http.Get("https://www.test2.com:9443";)
+
+ _, err := http.Get("https://www.test2.com:9443";)
assert.NotNil(t, err)
assert.EqualError(t, err, "Get https://www.test2.com:9443:
remote error: tls: internal error")
- //create ssl fail - key and cert not match
- base.RunTestCase(base.HttpTestCase{
+ })
+
+ table.DescribeTable("test ssl basic", func(testCase base.HttpTestCase) {
+ base.RunTestCase(testCase)
+ },
+ table.Entry("create ssl failed", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPost,
Path: "/apisix/admin/ssl",
Body: string(invalidBody),
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusBadRequest,
- })
- //create ssl successfully
- base.RunTestCase(base.HttpTestCase{
+ ExpectBody: "SSL parse failed: key and cert don't
match",
+ Sleep: base.SleepTime,
+ }),
+ table.Entry("create ssl successfully", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPost,
Path: "/apisix/admin/ssl",
- Body: string(body),
+ Body: string(validBody),
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
Sleep: base.SleepTime,
- })
- })
- ginkgo.It("check ssl labels", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("validate ssl cert and key (valid)",
base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodPost,
+ Path: "/apisix/admin/check_ssl_cert",
+ Body: string(validBody),
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectBody: "\"code\":0,\"message\":\"\"",
+ ExpectStatus: http.StatusOK,
+ }),
+ table.Entry("validate ssl cert and key (valid)",
base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodPost,
+ Path: "/apisix/admin/check_ssl_cert",
+ Body: string(invalidBody),
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectBody: "key and cert don't match",
+ ExpectStatus: http.StatusOK,
+ }),
+ table.Entry("check ssl labels", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodGet,
Path: "/apisix/admin/ssl/1",
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
ExpectBody:
"\"labels\":{\"build\":\"16\",\"env\":\"production\",\"version\":\"v3\"",
- })
- })
- ginkgo.It("create route", func() {
- t := ginkgo.GinkgoT()
- var createRouteBody map[string]interface{} =
map[string]interface{}{
- "uri": "/hello_",
- "hosts": []string{"test2.com", "*.test2.com"},
- "upstream": map[string]interface{}{
- "nodes": []map[string]interface{}{
- {
- "host": base.UpstreamIp,
- "port": 1980,
- "weight": 1,
- },
- },
- "type": "roundrobin",
- },
- }
- _createRouteBody, err := json.Marshal(createRouteBody)
- assert.Nil(t, err)
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("update ssl", base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodPut,
+ Path: "/apisix/admin/ssl/1",
+ Body: string(validBody2),
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectStatus: http.StatusOK,
+ Sleep: base.SleepTime,
+ }),
+ table.Entry("check ssl labels", base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodGet,
+ Path: "/apisix/admin/ssl/1",
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectStatus: http.StatusOK,
+ ExpectBody:
"\"labels\":{\"build\":\"16\",\"env\":\"production\",\"version\":\"v2\"",
+ Sleep: base.SleepTime,
+ }),
+ table.Entry("check host exist", base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodPost,
+ Path: "/apisix/admin/check_ssl_exists",
+ Body: `{"hosts": ["www.test2.com"]}`,
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectStatus: http.StatusOK,
+ }),
+ table.Entry("check host not exist", base.HttpTestCase{
+ Object: base.ManagerApiExpect(),
+ Method: http.MethodPost,
+ Path: "/apisix/admin/check_ssl_exists",
+ Body: `{"hosts": ["www.test3.com"]}`,
+ Headers: map[string]string{"Authorization":
base.GetToken()},
+ ExpectStatus: http.StatusNotFound,
+ ExpectBody: "SSL cert not exists for
sniļ¼www.test3.com",
+ }),
+ table.Entry("create route", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPut,
Path: "/apisix/admin/routes/r1",
- Body: string(_createRouteBody),
+ Body: string(createRouteBody),
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
- })
- })
- ginkgo.It("get the route just created to trigger removing `key`",
func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("get the route just created to trigger removing
`key`", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodGet,
Path: "/apisix/admin/routes/r1",
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
Sleep: base.SleepTime,
- })
- })
- ginkgo.It("hit the route just created using HTTPS", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("hit the route just created using HTTPS",
base.HttpTestCase{
Object: base.APISIXHTTPSExpect(),
Method: http.MethodGet,
Path: "/hello_",
@@ -146,10 +222,8 @@ var _ = ginkgo.Describe("SSL Basic", func() {
Headers: map[string]string{"Host":
"www.test2.com"},
ExpectBody: "hello world\n",
Sleep: base.SleepTime,
- })
- })
- ginkgo.It("disable SSL", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("disable SSL", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPatch,
Path: "/apisix/admin/ssl/1",
@@ -159,18 +233,21 @@ var _ = ginkgo.Describe("SSL Basic", func() {
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
ExpectBody: "\"status\":0",
- })
- })
+ }),
+ )
+
ginkgo.It("test disable SSL HTTPS request", func() {
// try again after disable SSL, make a HTTPS request
- t := ginkgo.GinkgoT()
time.Sleep(time.Duration(500) * time.Millisecond)
_, err := http.Get("https://www.test2.com:9443";)
assert.NotNil(t, err)
assert.EqualError(t, err, "Get https://www.test2.com:9443:
remote error: tls: internal error")
})
- ginkgo.It("enable SSL", func() {
- base.RunTestCase(base.HttpTestCase{
+
+ table.DescribeTable("test ssl basic", func(testCase base.HttpTestCase) {
+ base.RunTestCase(testCase)
+ },
+ table.Entry("enable SSL", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPatch,
Path: "/apisix/admin/ssl/1/status",
@@ -181,10 +258,8 @@ var _ = ginkgo.Describe("SSL Basic", func() {
},
ExpectStatus: http.StatusOK,
ExpectBody: "\"status\":1",
- })
- })
- ginkgo.It("hit the route using HTTPS, make sure enable successful",
func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("hit the route using HTTPS, make sure enable
successful", base.HttpTestCase{
Object: base.APISIXHTTPSExpect(),
Method: http.MethodGet,
Path: "/hello_",
@@ -192,34 +267,27 @@ var _ = ginkgo.Describe("SSL Basic", func() {
ExpectStatus: http.StatusOK,
ExpectBody: "hello world\n",
Sleep: base.SleepTime,
- })
- })
- ginkgo.It("delete SSL", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("delete SSL", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodDelete,
Path: "/apisix/admin/ssl/1",
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
- })
- })
- ginkgo.It("delete route", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("delete route", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodDelete,
Path: "/apisix/admin/routes/r1",
Headers: map[string]string{"Authorization":
base.GetToken()},
ExpectStatus: http.StatusOK,
- })
- })
- ginkgo.It("hit the route just deleted", func() {
- base.RunTestCase(base.HttpTestCase{
+ }),
+ table.Entry("hit the route just deleted", base.HttpTestCase{
Object: base.APISIXExpect(),
Method: http.MethodGet,
Path: "/hello_",
ExpectStatus: http.StatusNotFound,
ExpectBody: "{\"error_msg\":\"404 Route Not
Found\"}\n",
Sleep: base.SleepTime,
- })
- })
+ }))
})
