From 9ca77beab89c591e93693721b5788a6a31a79b86 Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Fri, 24 Jan 2020 14:45:01 +0000
Subject: [PATCH] Pass hostname in docker-compose Rename getssl.test host to
 ubuntu16.getssl.test

---
 docker-compose.yml                          | 32 +++++++++++----------
 test/1-simple-http01.bats                   |  3 +-
 test/2-simple-dns01.bats                    |  3 +-
 test/3-dual-rsa-ecdsa.bats                  |  5 ++--
 test/4-more-than-10-hosts.bats              | 10 +++++--
 test/run-test.sh                            | 14 +++++++++
 test/test-config/getssl-http01-10-hosts.cfg |  2 +-
 test/test_helper.bash                       | 15 ++++++----
 8 files changed, 57 insertions(+), 27 deletions(-)
 create mode 100644 test/run-test.sh

diff --git a/docker-compose.yml b/docker-compose.yml
index 46c411f..7697625 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -23,30 +23,32 @@ services:
     networks:
       acmenet:
         ipv4_address: 10.30.50.3
-  getssl:
+  getssl-ubuntu16:
     build:
       context: .
       dockerfile: test/Dockerfile-ubuntu
-    container_name: getssl
+    container_name: getssl-ubuntu16
     volumes:
       - .:/getssl
+    environment:
+      GETSSL_HOST: ubuntu16.getssl.test
+      GETSSL_IP: 10.30.50.4
     networks:
       acmenet:
         ipv4_address: 10.30.50.4
         aliases:
-          - getssl.test
-          - a.getssl.test
-          - b.getssl.test
-          - c.getssl.test
-          - d.getssl.test
-          - e.getssl.test
-          - f.getssl.test
-          - g.getssl.test
-          - h.getssl.test
-          - i.getssl.test
-          - j.getssl.test
-          - k.getssl.test
-
+          - ubuntu16.getssl.test
+          - a.ubuntu16.getssl.test
+          - b.ubuntu16.getssl.test
+          - c.ubuntu16.getssl.test
+          - d.ubuntu16.getssl.test
+          - e.ubuntu16.getssl.test
+          - f.ubuntu16.getssl.test
+          - g.ubuntu16.getssl.test
+          - h.ubuntu16.getssl.test
+          - i.ubuntu16.getssl.test
+          - j.ubuntu16.getssl.test
+          - k.ubuntu16.getssl.test
 networks:
   acmenet:
     driver: bridge
diff --git a/test/1-simple-http01.bats b/test/1-simple-http01.bats
index 0870348..40416b2 100644
--- a/test/1-simple-http01.bats
+++ b/test/1-simple-http01.bats
@@ -22,6 +22,7 @@ setup() {
 
 @test "Force renewal of certificate using HTTP-01" {
     #!FIXME test certificate has been updated
-    run ${CODE_DIR}/getssl -f $HOST
+    run ${CODE_DIR}/getssl -f $GETSSL_HOST
     assert_success
+    cleanup_environment
 }
diff --git a/test/2-simple-dns01.bats b/test/2-simple-dns01.bats
index ce366bc..e1a37ec 100644
--- a/test/2-simple-dns01.bats
+++ b/test/2-simple-dns01.bats
@@ -22,6 +22,7 @@ setup() {
 
 @test "Force renewal of certificate using DNS-01" {
     #!FIXME test certificate has been updated
-    run ${CODE_DIR}/getssl -f $HOST
+    run ${CODE_DIR}/getssl -f $GETSSL_HOST
     assert_success
+    cleanup_environment
 }
diff --git a/test/3-dual-rsa-ecdsa.bats b/test/3-dual-rsa-ecdsa.bats
index 94212bc..2dc9257 100644
--- a/test/3-dual-rsa-ecdsa.bats
+++ b/test/3-dual-rsa-ecdsa.bats
@@ -22,7 +22,7 @@ setup() {
 
 @test "Force renewal of dual certificates using HTTP-01" {
     #!FIXME test certificate has been updated
-    run ${CODE_DIR}/getssl -f $HOST
+    run ${CODE_DIR}/getssl -f $GETSSL_HOST
     assert_success
 }
 
@@ -37,6 +37,7 @@ setup() {
 
 @test "Force renewal of dual certificates using DNS-01" {
     #!FIXME test certificate has been updated
-    run ${CODE_DIR}/getssl -f $HOST
+    run ${CODE_DIR}/getssl -f $GETSSL_HOST
     assert_success
+    cleanup_environment
 }
diff --git a/test/4-more-than-10-hosts.bats b/test/4-more-than-10-hosts.bats
index ec92a3f..0493197 100644
--- a/test/4-more-than-10-hosts.bats
+++ b/test/4-more-than-10-hosts.bats
@@ -17,7 +17,7 @@ setup() {
 
     # Add 11 hosts to DNS (also need to be added as aliases in docker-compose.yml)
     for prefix in a b c d e f g h i j k; do
-        curl -X POST -d '{"host":"'$prefix.$HOST'", "addresses":["10.30.50.4"]}' http://10.30.50.3:8055/add-a
+        curl -X POST -d '{"host":"'$prefix.$GETSSL_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/add-a
     done
 
     init_getssl
@@ -28,6 +28,12 @@ setup() {
 
 @test "Force renewal of more than 10 certificates using HTTP-01" {
     #!FIXME test certificate has been updated
-    run ${CODE_DIR}/getssl -f $HOST
+    run ${CODE_DIR}/getssl -f $GETSSL_HOST
     assert_success
+
+    # Remove all the dns aliases
+    cleanup_environment
+    for prefix in a b c d e f g h i j k; do
+        curl -X POST -d '{"host":"'$prefix.$GETSSL_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/del-a
+    done
 }
diff --git a/test/run-test.sh b/test/run-test.sh
new file mode 100644
index 0000000..6d500db
--- /dev/null
+++ b/test/run-test.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+# This runs getssl outside of the BATS framework for debugging, etc, against pebble
+# Usage: /getssl/test/run-test.sh getssl-http-01.cfg
+
+CONFIG_FILE=$1
+source /getssl/test/test_helper.bash
+
+setup_environment 3>&1
+export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
+
+"${CODE_DIR}/getssl" -c "$GETSSL_HOST" 3>&1
+cp "${CODE_DIR}/test/test-config/${CONFIG_FILE}" "${INSTALL_DIR}/.getssl/${GETSSL_HOST}/getssl.cfg"
+"${CODE_DIR}/getssl" "$GETSSL_HOST" 3>&1
diff --git a/test/test-config/getssl-http01-10-hosts.cfg b/test/test-config/getssl-http01-10-hosts.cfg
index 7d8fd5f..d6d1c41 100644
--- a/test/test-config/getssl-http01-10-hosts.cfg
+++ b/test/test-config/getssl-http01-10-hosts.cfg
@@ -6,7 +6,7 @@ CA="https://pebble:14000/dir"
 
 # Additional domains - this could be multiple domains / subdomains in a comma separated list
 # Note: this is Additional domains - so should not include the primary domain.
-SANS="a.getssl.test,b.getssl.test,c.getssl.test,d.getssl.test,e.getssl.test,f.getssl.test,g.getssl.test,h.getssl.test,i.getssl.test,j.getssl.test,k.getssl.test"
+SANS="a.${GETSSL_HOST},b.${GETSSL_HOST},c.${GETSSL_HOST},d.${GETSSL_HOST},e.${GETSSL_HOST},f.${GETSSL_HOST},g.${GETSSL_HOST},h.${GETSSL_HOST},i.${GETSSL_HOST},j.${GETSSL_HOST},k.${GETSSL_HOST}"
 
 # Acme Challenge Location.
 ACL=('/var/www/html/.well-known/acme-challenge')
diff --git a/test/test_helper.bash b/test/test_helper.bash
index 0a9c38f..837fa1f 100644
--- a/test/test_helper.bash
+++ b/test/test_helper.bash
@@ -1,6 +1,6 @@
 INSTALL_DIR=/root
 CODE_DIR=/getssl
-HOST=getssl.test
+
 
 setup_environment() {
     # One-off test setup
@@ -14,15 +14,20 @@ setup_environment() {
         cat /etc/ssl/certs/ca-certificates.crt ${INSTALL_DIR}/pebble.minica.pem > ${INSTALL_DIR}/pebble-ca-bundle.crt
     fi
 
-    curl -X POST -d '{"host":"'$HOST'", "addresses":["10.30.50.4"]}' http://10.30.50.3:8055/add-a
+    curl -X POST -d '{"host":"'"$GETSSL_HOST"'", "addresses":["'"$GETSSL_IP"'"]}' http://10.30.50.3:8055/add-a
     cp ${CODE_DIR}/test/test-config/nginx-ubuntu-no-ssl /etc/nginx/sites-enabled/default
     service nginx restart >&3-
 }
 
 
+cleanup_environment() {
+    curl -X POST -d '{"host":"'"$GETSSL_HOST"'", "addresses":["'"$GETSSL_IP"'"]}' http://10.30.50.3:8055/del-a
+}
+
+
 init_getssl() {
     # Run initialisation (create account key, etc)
-    run ${CODE_DIR}/getssl -c $HOST
+    run ${CODE_DIR}/getssl -c "$GETSSL_HOST"
     assert_success
     [ -d "$INSTALL_DIR/.getssl" ]
 }
@@ -30,7 +35,7 @@ init_getssl() {
 
 create_certificate() {
     # Create certificate
-    cp ${CODE_DIR}/test/test-config/${CONFIG_FILE} ${INSTALL_DIR}/.getssl/${HOST}/getssl.cfg
-    run ${CODE_DIR}/getssl $HOST
+    cp "${CODE_DIR}/test/test-config/${CONFIG_FILE}" "${INSTALL_DIR}/.getssl/${GETSSL_HOST}/getssl.cfg"
+    run ${CODE_DIR}/getssl "$GETSSL_HOST"
     #!FIXME test certificate has been placed in the expected location
 }