-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
1 parent
046accd
commit c66f67f
Showing
8 changed files
with
337 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
134 changes: 134 additions & 0 deletions
134
tlstest/zero_https/all_routes_tls/all_routes_tls_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
package all_routes_tls | ||
|
||
import ( | ||
"crypto/tls" | ||
"crypto/x509" | ||
"io/ioutil" | ||
"net/http" | ||
"strings" | ||
"testing" | ||
"time" | ||
|
||
"github.com/pkg/errors" | ||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
type testCase struct { | ||
url string | ||
statusCode int | ||
response string | ||
} | ||
|
||
var testCasesHttp = []testCase{ | ||
{ | ||
url: "http://localhost:6180/health", | ||
response: "OK", | ||
statusCode: 200, | ||
}, | ||
{ | ||
url: "http://localhost:6180/state", | ||
response: "Client sent an HTTP request to an HTTPS server.\n", | ||
statusCode: 400, | ||
}, | ||
{ | ||
url: "http://localhost:6180/removeNode?id=2&group=0", | ||
response: "Client sent an HTTP request to an HTTPS server.\n", | ||
statusCode: 400, | ||
}, | ||
} | ||
|
||
func TestZeroWithAllRoutesTLSWithHTTPClient(t *testing.T) { | ||
client := http.Client{ | ||
Timeout: time.Second * 10, | ||
} | ||
defer client.CloseIdleConnections() | ||
for _, test := range testCasesHttp { | ||
request, err := http.NewRequest("GET", test.url, nil) | ||
require.NoError(t, err) | ||
do, err := client.Do(request) | ||
require.NoError(t, err) | ||
if do != nil && do.StatusCode != test.statusCode { | ||
t.Fatalf("status code is not same. Got: %d Expected: %d", do.StatusCode, test.statusCode) | ||
} | ||
|
||
body := readResponseBody(t, do) | ||
if test.response != string(body) { | ||
t.Fatalf("response is not same. Got: %s Expected: %s", string(body), test.response) | ||
} | ||
} | ||
} | ||
|
||
var testCasesHttps = []testCase{ | ||
{ | ||
url: "https://localhost:6180/health", | ||
response: "OK", | ||
statusCode: 200, | ||
}, | ||
{ | ||
url: "https://localhost:6180/state", | ||
response: "\"id\":\"1\",\"addr\":\"zero1:5180\",\"leader\":true", | ||
statusCode: 200, | ||
}, | ||
} | ||
|
||
func TestZeroWithAllRoutesTLSWithTLSClient(t *testing.T) { | ||
pool, err := generateCertPool("../../tls/ca.crt", true) | ||
require.NoError(t, err) | ||
|
||
tlsCfg := &tls.Config{RootCAs: pool, ServerName: "localhost", InsecureSkipVerify: true} | ||
tr := &http.Transport{ | ||
IdleConnTimeout: 30 * time.Second, | ||
DisableCompression: true, | ||
TLSClientConfig: tlsCfg, | ||
} | ||
client := http.Client{ | ||
Transport: tr, | ||
} | ||
|
||
defer client.CloseIdleConnections() | ||
for _, test := range testCasesHttps { | ||
request, err := http.NewRequest("GET", test.url, nil) | ||
require.NoError(t, err) | ||
do, err := client.Do(request) | ||
require.NoError(t, err) | ||
if do != nil && do.StatusCode != test.statusCode { | ||
t.Fatalf("status code is not same. Got: %d Expected: %d", do.StatusCode, test.statusCode) | ||
} | ||
|
||
body := readResponseBody(t, do) | ||
if !strings.Contains(string(body), test.response) { | ||
t.Fatalf("response is not same. Got: %s Expected: %s", string(body), test.response) | ||
} | ||
} | ||
} | ||
|
||
func readResponseBody(t *testing.T, do *http.Response) []byte { | ||
defer func() { _ = do.Body.Close() }() | ||
body, err := ioutil.ReadAll(do.Body) | ||
require.NoError(t, err) | ||
return body | ||
} | ||
|
||
func generateCertPool(certPath string, useSystemCA bool) (*x509.CertPool, error) { | ||
var pool *x509.CertPool | ||
if useSystemCA { | ||
var err error | ||
if pool, err = x509.SystemCertPool(); err != nil { | ||
return nil, err | ||
} | ||
} else { | ||
pool = x509.NewCertPool() | ||
} | ||
|
||
if len(certPath) > 0 { | ||
caFile, err := ioutil.ReadFile(certPath) | ||
if err != nil { | ||
return nil, err | ||
} | ||
if !pool.AppendCertsFromPEM(caFile) { | ||
return nil, errors.Errorf("error reading CA file %q", certPath) | ||
} | ||
} | ||
|
||
return pool, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
version: "3.5" | ||
services: | ||
alpha1: | ||
image: dgraph/dgraph:latest | ||
container_name: alpha1 | ||
working_dir: /data/alpha1 | ||
labels: | ||
cluster: test | ||
ports: | ||
- 8180:8180 | ||
- 9180:9180 | ||
volumes: | ||
- type: bind | ||
source: $GOPATH/bin | ||
target: /gobin | ||
read_only: true | ||
command: /gobin/dgraph alpha -o 100 --my=alpha1:7180 --zero=zero1:5180 --logtostderr -v=2 --whitelist=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 | ||
zero1: | ||
image: dgraph/dgraph:latest | ||
container_name: zero1 | ||
working_dir: /data/zero1 | ||
labels: | ||
cluster: test | ||
ports: | ||
- 5180:5180 | ||
- 6180:6180 | ||
volumes: | ||
- type: bind | ||
source: $GOPATH/bin | ||
target: /gobin | ||
read_only: true | ||
- type: bind | ||
source: ../../tls | ||
target: /dgraph-tls | ||
read_only: true | ||
command: /gobin/dgraph zero -o 100 --idx=1 --my=zero1:5180 --tls_dir /dgraph-tls -v=2 --bindall | ||
volumes: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
version: "3.5" | ||
services: | ||
alpha1: | ||
image: dgraph/dgraph:latest | ||
container_name: alpha1 | ||
working_dir: /data/alpha1 | ||
labels: | ||
cluster: test | ||
ports: | ||
- 8180:8180 | ||
- 9180:9180 | ||
volumes: | ||
- type: bind | ||
source: $GOPATH/bin | ||
target: /gobin | ||
read_only: true | ||
command: /gobin/dgraph alpha -o 100 --my=alpha1:7180 --zero=zero1:5180 --logtostderr -v=2 --whitelist=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 | ||
zero1: | ||
image: dgraph/dgraph:latest | ||
container_name: zero1 | ||
working_dir: /data/zero1 | ||
labels: | ||
cluster: test | ||
ports: | ||
- 5180:5180 | ||
- 6180:6180 | ||
volumes: | ||
- type: bind | ||
source: $GOPATH/bin | ||
target: /gobin | ||
read_only: true | ||
command: /gobin/dgraph zero -o 100 --idx=1 --my=zero1:5180 -v=2 --bindall | ||
volumes: {} |
Oops, something went wrong.