From 1dec15f1b5f626f5c2f3038817228b29527250b7 Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Fri, 6 Mar 2020 13:50:24 +0000 Subject: [PATCH 1/2] Test on centos7 against staging server --- .github/workflows/run-all-tests.yml | 20 +++++++--- test/7-duckdns-dns01.bats | 8 ---- test/8-duckdns-ecdsa.bats | 8 ---- test/Dockerfile-centos7-duckdns | 28 ++++++++++++++ ...file-duckdns => Dockerfile-ubuntu-duckdns} | 0 test/restart-nginx | 5 ++- test/run-test.cmd | 6 ++- test/run-test.sh | 5 ++- test/test-config/nginx-centos7.conf | 37 +++++++++++++++++++ test/test_helper.bash | 16 +++++++- 10 files changed, 105 insertions(+), 28 deletions(-) create mode 100644 test/Dockerfile-centos7-duckdns rename test/{Dockerfile-duckdns => Dockerfile-ubuntu-duckdns} (100%) create mode 100644 test/test-config/nginx-centos7.conf diff --git a/.github/workflows/run-all-tests.yml b/.github/workflows/run-all-tests.yml index 5a02eda..e6d80ed 100644 --- a/.github/workflows/run-all-tests.yml +++ b/.github/workflows/run-all-tests.yml @@ -23,22 +23,22 @@ jobs: run: docker-compose up -d --build - name: Run test suite on centos6 run: test/run-test.sh centos6 - test-debian: + test-centos7-duckdns: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Build the docker-compose stack run: docker-compose up -d --build - - name: Run test suite on Debian - run: test/run-test.sh debian - test-duckdns: + - name: Run test suite on CentOS7 against Staging using DuckDNS + run: test/run-test.sh centos7-duckdns + test-debian: runs-on: ubuntu-latest steps: - uses: actions/checkout@v1 - name: Build the docker-compose stack run: docker-compose up -d --build - - name: Run test suite on Ubuntu using DuckDNS - run: test/run-test.sh duckdns + - name: Run test suite on Debian + run: test/run-test.sh debian test-ubuntu: runs-on: ubuntu-latest steps: @@ -63,3 +63,11 @@ jobs: run: docker-compose up -d --build - name: Run test suite on Ubuntu18 run: test/run-test.sh ubuntu18 + test-ubuntu-duckdns: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - name: Build the docker-compose stack + run: docker-compose up -d --build + - name: Run test suite on Ubuntu against Staging using DuckDNS + run: test/run-test.sh ubuntu-duckdns diff --git a/test/7-duckdns-dns01.bats b/test/7-duckdns-dns01.bats index 9466f05..0c680ea 100644 --- a/test/7-duckdns-dns01.bats +++ b/test/7-duckdns-dns01.bats @@ -5,13 +5,6 @@ load '/bats-assert/load.bash' load '/getssl/test/test_helper.bash' -# These are run for every test, not once per file -setup() { - if [ -n "$STAGING" ]; then - export GETSSL_HOST=getssl.duckdns.org - fi -} - @test "Create new certificate using staging server and DuckDNS" { if [ -z "$STAGING" ]; then @@ -38,5 +31,4 @@ setup() { refute_output --regexp '[Ee][Rr][Rr][Oo][Rr]' refute_output --regexp '[Ww][Aa][Rr][Nn][Ii][Nn][Gg]' cleanup_environment - curl --silent -X POST -d '{"host":"getssl.duckdns.org"}' http://10.30.50.3:8055/clear-a } diff --git a/test/8-duckdns-ecdsa.bats b/test/8-duckdns-ecdsa.bats index 0950d96..dfe84fe 100644 --- a/test/8-duckdns-ecdsa.bats +++ b/test/8-duckdns-ecdsa.bats @@ -5,12 +5,6 @@ load '/bats-assert/load.bash' load '/getssl/test/test_helper.bash' -# These are run for every test, not once per file -setup() { - if [ -n "$STAGING" ]; then - export GETSSL_HOST=getssl.duckdns.org - fi -} @test "Create new certificate using staging server and prime256v1" { @@ -18,7 +12,6 @@ setup() { skip "Running internal tests, skipping external test" fi CONFIG_FILE="getssl-duckdns01.cfg" - GETSSL_HOST=getssl.duckdns.org setup_environment init_getssl @@ -49,7 +42,6 @@ setup() { skip "Running internal tests, skipping external test" fi CONFIG_FILE="getssl-duckdns01.cfg" - GETSSL_HOST=getssl.duckdns.org setup_environment init_getssl diff --git a/test/Dockerfile-centos7-duckdns b/test/Dockerfile-centos7-duckdns new file mode 100644 index 0000000..839ff76 --- /dev/null +++ b/test/Dockerfile-centos7-duckdns @@ -0,0 +1,28 @@ +FROM centos:centos7 + +# Note this image uses gawk + +# Update and install required software +RUN yum -y update +RUN yum -y install epel-release +RUN yum -y install git curl bind-utils wget which nginx + +ENV staging "true" +ENV DUCKDNS_TOKEN 1d616aa9-b8e4-4bb4-b312-3289de82badb + +WORKDIR /root +RUN mkdir /etc/nginx/pki +RUN mkdir /etc/nginx/pki/private +COPY ./test/test-config/nginx-ubuntu-no-ssl /etc/nginx/conf.d/default.conf +COPY ./test/test-config/nginx-centos7.conf /etc/nginx/nginx.conf + +# BATS (Bash Automated Testings) +RUN git clone https://github.com/bats-core/bats-core.git /bats-core +RUN git clone https://github.com/jasonkarns/bats-support /bats-support +RUN git clone https://github.com/jasonkarns/bats-assert-1 /bats-assert +RUN /bats-core/install.sh /usr/local + +EXPOSE 80 443 + +# Run eternal loop - for testing +CMD tail -f /dev/null diff --git a/test/Dockerfile-duckdns b/test/Dockerfile-ubuntu-duckdns similarity index 100% rename from test/Dockerfile-duckdns rename to test/Dockerfile-ubuntu-duckdns diff --git a/test/restart-nginx b/test/restart-nginx index f947d8d..e62433d 100755 --- a/test/restart-nginx +++ b/test/restart-nginx @@ -1,8 +1,11 @@ #!/usr/bin/env bash -if [ "$GETSSL_HOST" = "alpine.getssl.test" ]; then +if [ "$GETSSL_OS" = "alpine" ]; then killall -HUP nginx >&3- sleep 5 +elif [ "$GETSSL_OS" == "centos7" ]; then + pgrep nginx | head -1 | xargs kill -HUP + sleep 5 else service nginx restart >/dev/null >&3- fi diff --git a/test/run-test.cmd b/test/run-test.cmd index e951c44..d1cf263 100644 --- a/test/run-test.cmd +++ b/test/run-test.cmd @@ -7,7 +7,8 @@ IF %2.==. GOTO NoCmd set COMMAND=%2 %3 :CheckAlias -IF %OS%==duckdns GOTO duckdns +REM check if OS *contains* duckdns +IF NOT x%OS:duckdns=%==x%OS% GOTO duckdns set ALIAS=%OS%.getssl.test set STAGING= GOTO Run @@ -22,7 +23,7 @@ set COMMAND=bats /getssl/test GOTO CheckAlias :duckdns -set ALIAS=getssl.duckdns.org +set ALIAS=%OS:-duckdns=%-getssl.duckdns.org set STAGING=--env STAGING=true :Run @@ -32,6 +33,7 @@ docker build --rm -f "test\Dockerfile-%OS%" -t getssl-%OS% . @echo on docker run -it ^ --env GETSSL_HOST=%ALIAS% %STAGING% ^ + --env GETSSL_OS=%OS:-duckdns=% ^ -v %cd%:/getssl ^ --rm ^ --network %CurrDirName%_acmenet ^ diff --git a/test/run-test.sh b/test/run-test.sh index d85730f..07a1a49 100755 --- a/test/run-test.sh +++ b/test/run-test.sh @@ -14,8 +14,8 @@ else COMMAND="bats /getssl/test" fi -if [ "$OS" == "duckdns" ]; then - ALIAS="getssl.duckdns.org" +if [[ "$OS" == *"duckdns"* ]]; then + ALIAS="${OS%-duckdns}-getssl.duckdns.org" STAGING="--env STAGING=true" else ALIAS="$OS.getssl.test" @@ -26,6 +26,7 @@ docker build --rm -f "test/Dockerfile-$OS" -t "getssl-$OS" . # shellcheck disable=SC2086 docker run \ --env GETSSL_HOST="$OS.getssl.test" $STAGING \ + --env GETSSL_OS=${OS%-duckdns} \ -v "$(pwd)":/getssl \ --rm \ --network ${PWD##*/}_acmenet \ diff --git a/test/test-config/nginx-centos7.conf b/test/test-config/nginx-centos7.conf new file mode 100644 index 0000000..2327039 --- /dev/null +++ b/test/test-config/nginx-centos7.conf @@ -0,0 +1,37 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; +} diff --git a/test/test_helper.bash b/test/test_helper.bash index d151d5a..3ffcf51 100644 --- a/test/test_helper.bash +++ b/test/test_helper.bash @@ -35,10 +35,15 @@ create_certificate() { } # start nginx in background on alpine via supervisord +# shellcheck disable=SC2153 # Ignore GETSSL_OS looks like typo of GETSSL_IP if [[ -f /usr/bin/supervisord && -f /etc/supervisord.conf ]]; then if [[ ! $(pgrep supervisord) ]]; then /usr/bin/supervisord -c /etc/supervisord.conf >&3- fi +elif [ "$GETSSL_OS" == "centos7" ]; then + if [ -z "$(pgrep nginx)" ]; then + nginx >&3- + fi fi # Find NGINX configuration directory for HTTP-01 testing (need to add SSL to config) @@ -52,7 +57,16 @@ else fi # Find IP address -GETSSL_IP=$(ip address | awk '/10.30.50/ { print $2 }' | awk -F/ '{ print $1 }') +if [[ -n "$(command -v ip)" ]]; then + IP=$(ip address) +elif [[ -n "$(command -v hostname)" ]]; then + IP=$(hostname -I) +else + echo "Cannot find IP address" + exit 1 +fi + +GETSSL_IP=$(echo "$IP" | awk '/10.30.50/ { print $2 }' | awk -F/ '{ print $1 }') export GETSSL_IP if [ ! -f ${INSTALL_DIR}/pebble.minica.pem ]; then From 99bd342a5901326f7854a9ed6f3c79812ca297eb Mon Sep 17 00:00:00 2001 From: Tim Kimber Date: Fri, 6 Mar 2020 14:04:19 +0000 Subject: [PATCH 2/2] Update for multiple duckdns domains --- test/run-test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/run-test.sh b/test/run-test.sh index 07a1a49..97842a5 100755 --- a/test/run-test.sh +++ b/test/run-test.sh @@ -25,7 +25,7 @@ fi docker build --rm -f "test/Dockerfile-$OS" -t "getssl-$OS" . # shellcheck disable=SC2086 docker run \ - --env GETSSL_HOST="$OS.getssl.test" $STAGING \ + --env GETSSL_HOST=$ALIAS $STAGING \ --env GETSSL_OS=${OS%-duckdns} \ -v "$(pwd)":/getssl \ --rm \