From f75ea516e49a495580cebb64e20182ae00eb652f Mon Sep 17 00:00:00 2001 From: Ethan Donowitz Date: Mon, 29 Nov 2021 16:43:12 +0000 Subject: [PATCH] test: add Tokenserver integration tests to CI Closes #1174 --- docker-compose.e2e.mysql.yaml | 7 ++++++- docker-compose.e2e.spanner.yaml | 7 ++++++- src/server/mod.rs | 9 ++++----- tools/integration_tests/run.py | 17 +++++++++++++++-- tools/integration_tests/tokenserver/test_e2e.py | 5 ++--- .../tokenserver/test_support.py | 4 ++-- 6 files changed, 35 insertions(+), 14 deletions(-) diff --git a/docker-compose.e2e.mysql.yaml b/docker-compose.e2e.mysql.yaml index 318f87ab23..2d246833a8 100644 --- a/docker-compose.e2e.mysql.yaml +++ b/docker-compose.e2e.mysql.yaml @@ -25,7 +25,12 @@ services: SYNC_HOST: 0.0.0.0 SYNC_MASTER_SECRET: secret0 SYNC_DATABASE_URL: mysql://test:test@sync-db:3306/syncstorage - SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3307/tokenserver + SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver + SYNC_TOKENSERVER__ENABLED: true + SYNC_TOKENSERVER__FXA_EMAIL_DOMAIN: api-accounts.stage.mozaws.net + SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET: secret0 + SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL: https://oauth.stage.mozaws.net + TOKENSERVER_HOST: http://localhost:8000 entrypoint: > /bin/sh -c " sleep 28; pip3 install -r /app/tools/integration_tests/requirements.txt && python3 /app/tools/integration_tests/run.py 'http://localhost:8000#secret0' diff --git a/docker-compose.e2e.spanner.yaml b/docker-compose.e2e.spanner.yaml index 05b6044d95..12a86d4d7e 100644 --- a/docker-compose.e2e.spanner.yaml +++ b/docker-compose.e2e.spanner.yaml @@ -25,8 +25,13 @@ services: SYNC_HOST: 0.0.0.0 SYNC_MASTER_SECRET: secret0 SYNC_DATABASE_URL: spanner://projects/test-project/instances/test-instance/databases/test-database - SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver SYNC_SPANNER_EMULATOR_HOST: sync-db:9010 + SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver + SYNC_TOKENSERVER__ENABLED: true + SYNC_TOKENSERVER__FXA_EMAIL_DOMAIN: api-accounts.stage.mozaws.net + SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET: secret0 + SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL: https://oauth.stage.mozaws.net + TOKENSERVER_HOST: http://localhost:8000 entrypoint: > /bin/sh -c " sleep 28; pip3 install -r /app/tools/integration_tests/requirements.txt && python3 /app/tools/integration_tests/run.py 'http://localhost:8000#secret0' diff --git a/src/server/mod.rs b/src/server/mod.rs index 8f3e72f44c..fb94a0912d 100644 --- a/src/server/mod.rs +++ b/src/server/mod.rs @@ -132,12 +132,11 @@ macro_rules! build_app { .route(web::get().to(handlers::get_bso)) .route(web::put().to(handlers::put_bso)), ) - // XXX: This route will be enabled when we are ready to roll out Tokenserver // Tokenserver - // .service( - // web::resource("/1.0/{application}/{version}") - // .route(web::get().to(tokenserver::handlers::get_tokenserver_result)), - // ) + .service( + web::resource("/1.0/{application}/{version}") + .route(web::get().to(tokenserver::handlers::get_tokenserver_result)), + ) // Dockerflow // Remember to update .::web::middleware::DOCKER_FLOW_ENDPOINTS // when applying changes to endpoint names. diff --git a/tools/integration_tests/run.py b/tools/integration_tests/run.py index 14b553b647..792ca9e0d0 100644 --- a/tools/integration_tests/run.py +++ b/tools/integration_tests/run.py @@ -9,6 +9,7 @@ from test_storage import TestStorage from test_support import run_live_functional_tests import time +from tokenserver.run import run_end_to_end_tests, run_local_tests DEBUG_BUILD = "target/debug/syncstorage" RELEASE_BUILD = "/app/bin/syncstorage" @@ -48,8 +49,20 @@ def start_server(): return the_server_subprocess os.environ.setdefault('SYNC_MASTER_SECRET', 'secret0') + os.environ['SYNC_TOKENSERVER__TEST_MODE_ENABLED'] = 'true' the_server_subprocess = start_server() - atexit.register(lambda: terminate_process(the_server_subprocess)) - res = run_live_functional_tests(TestStorage, sys.argv) + try: + res = 0 + res |= run_live_functional_tests(TestStorage, sys.argv) + res |= run_local_tests() + finally: + terminate_process(the_server_subprocess) + + os.environ['SYNC_TOKENSERVER__TEST_MODE_ENABLED'] = 'false' + the_server_subprocess = start_server() + try: + res |= run_end_to_end_tests() + finally: + terminate_process(the_server_subprocess) sys.exit(res) diff --git a/tools/integration_tests/tokenserver/test_e2e.py b/tools/integration_tests/tokenserver/test_e2e.py index ddff93b005..6fc5d0992f 100644 --- a/tools/integration_tests/tokenserver/test_e2e.py +++ b/tools/integration_tests/tokenserver/test_e2e.py @@ -124,7 +124,7 @@ def _fxa_metrics_hash(self, value): hasher.update(value.encode('utf-8')) return hasher.hexdigest() - def _derive_secret(self, master_secret, node): + def _derive_secret(self, master_secret): info = "services.mozilla.com/mozsvc/v1/node_secret/%s" % self.NODE_URL hkdf_params = { "salt": None, @@ -205,8 +205,7 @@ def test_valid_request(self): signing_secret = binascii.b2a_hex( self.TOKEN_SIGNING_SECRET.encode("utf-8")).decode() - node_specific_secret = self._derive_secret(signing_secret, - self.NODE_URL) + node_specific_secret = self._derive_secret(signing_secret) expected_token = tokenlib.make_token(payload_dict, secret=node_specific_secret) expected_signature = urlsafe_b64decode(expected_token)[-32:] diff --git a/tools/integration_tests/tokenserver/test_support.py b/tools/integration_tests/tokenserver/test_support.py index 0b17fc55c8..f2964b77f6 100644 --- a/tools/integration_tests/tokenserver/test_support.py +++ b/tools/integration_tests/tokenserver/test_support.py @@ -15,13 +15,13 @@ class TestCase: FXA_EMAIL_DOMAIN = 'api-accounts.stage.mozaws.net' - FXA_METRICS_HASH_SECRET = 'secret' + FXA_METRICS_HASH_SECRET = 'secret0' NODE_ID = 800 NODE_URL = 'https://example.com' SYNC_1_1_SERVICE_ID = 1 SYNC_1_5_SERVICE_ID = 2 SYNC_1_5_SERVICE_NAME = 'sync-1.5' - TOKEN_SIGNING_SECRET = 'secret' + TOKEN_SIGNING_SECRET = 'secret0' TOKENSERVER_HOST = os.environ['TOKENSERVER_HOST'] def setUp(self):