From b007bda52f2acd8d9b2ae42a84b6547adaca6d50 Mon Sep 17 00:00:00 2001 From: Mo Balaa Date: Wed, 15 May 2024 19:47:49 -0500 Subject: [PATCH] Add test case for 4 part FQDN routing (#53) --- .github/workflows/ci.yaml | 7 +++++-- Makefile | 2 +- ci/create-link-ci.sh | 24 +++++++++++++++++------- src/gateway/http.conf.template | 9 +++++---- 4 files changed, 28 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 56520aa..0b23a2b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -13,5 +13,8 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Launch gateway and create link on gateway - run: make link-ci + - name: Run CI tests for subdomain.domain.tld + run: make link-ci GATEWAY=gateway-sshd FQDN=subdomain.domain.com + + - name: Run CI tests for app.subdomain.domain.tld + run: make link-ci GATEWAY=gateway-sshd FQDN=app.subdomain.domain.com diff --git a/Makefile b/Makefile index 5bc752c..658c6de 100644 --- a/Makefile +++ b/Makefile @@ -19,4 +19,4 @@ link-macos: docker run -v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" -v "$$PWD:/workdir" --rm -it fractalnetworks/gateway-cli:latest $(GATEWAY) $(FQDN) $(EXPOSE) link-ci: - ./ci/create-link-ci.sh gateway-sshd app.example.com nginx:80 + ./ci/create-link-ci.sh $(GATEWAY) $(FQDN) nginx:80 diff --git a/ci/create-link-ci.sh b/ci/create-link-ci.sh index 6da2af4..409d817 100755 --- a/ci/create-link-ci.sh +++ b/ci/create-link-ci.sh @@ -12,6 +12,10 @@ docker compose up -d --build eval $(ssh-agent -s) ssh-add ./gateway-sim-key +FQDN=$2 +DASHED_FQDN="${2//./-}" + + testLinkFile="" # Define the variable in a scope outside the cleanup function @@ -21,7 +25,7 @@ function cleanup { if [[ -n "$testLinkFile" ]]; then # Check if the variable is non-empty echo "******* Cleanup function: cleaning up $testLinkFile..." docker compose -f "$testLinkFile" down --timeout 0 || true - docker rm -f app-example-com || true + docker rm -f $DASHED_FQDN || true # stop and remove gateway and sshd containers docker compose down --timeout 0 || true @@ -42,14 +46,20 @@ if [ "$normal_test_proceed" = true ]; then docker run --network gateway -e SSH_AGENT_PID=$SSH_AGENT_PID -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK -v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK --rm fractalnetworks/gateway-cli:latest $1 $2 $3 >> $testLinkFile cat network.yaml >> $testLinkFile # set the gateway endpoint to the gateway link container - sed -i 's/^\(\s*GATEWAY_ENDPOINT:\).*/\1 app-example-com:18521/' $testLinkFile + sed -i "s/^\(\s*GATEWAY_ENDPOINT:\).*/\1 $DASHED_FQDN:18521/" $testLinkFile docker compose -f $testLinkFile up -d --wait docker compose -f $testLinkFile exec link ping 10.0.0.1 -c 1 # assert http response code was 200 # asserts basic auth is working with user: admin, password: admin - - if ! docker compose exec gateway curl -k -H "Authorization: Basic YWRtaW46YWRtaW4=" --resolve app.example.com:443:127.0.0.1 https://app.example.com -I |grep "HTTP/2 200"; then + + if ! docker compose exec gateway curl -k -H "Authorization: Basic YWRtaW46YWRtaW4=" --resolve $FQDN:80:127.0.0.1 http://$FQDN -I |grep "HTTP/1.1 308"; then + FAILED="true" + echo -e "\033[0;31m Default Link curl FAILED\033[0m" # red for failure + else + echo -e "\033[0;32m Default Link curl SUCCESS\033[0m" # green for success + fi + if ! docker compose exec gateway curl -k -H "Authorization: Basic YWRtaW46YWRtaW4=" --resolve $FQDN:443:127.0.0.1 https://$FQDN -I |grep "HTTP/2 200"; then FAILED="true" echo -e "\033[0;31m Default Link curl FAILED\033[0m" # red for failure else @@ -57,7 +67,7 @@ if [ "$normal_test_proceed" = true ]; then fi # remove test link so the next test can recreate it - docker rm -f app-example-com + docker rm -f $DASHED_FQDN rm $testLinkFile else echo "******************* Skipping normal link test... \n(normal_test_greenlight was false)" @@ -78,7 +88,7 @@ if [ "$caddy_greenlight" = true ]; then # Go inside $testLinkFile and change... (requires the commented options to be there! Can change later) # 1. gateway endpoint to the gateway link container - sed -i 's/^\(\s*GATEWAY_ENDPOINT:\).*/\1 app-example-com:18521/' $testLinkFile + sed -i "s/^\(\s*GATEWAY_ENDPOINT:\).*/\1 $DASHED_FQDN:18521/" $testLinkFile # 2. CADDY_TLS_PROXY to ------------------------------------- true sed -i 's/^\(\s*\)#\s*CADDY_TLS_PROXY: true/\1CADDY_TLS_PROXY: true/' $testLinkFile @@ -97,7 +107,7 @@ if [ "$caddy_greenlight" = true ]; then # assert http response code was 200 # asserts basic auth is working with user: admin, password: admin - if ! docker compose exec gateway curl -v -k -H "Authorization: Basic YWRtaW46YWRtaW4=" --resolve app.example.com:443:127.0.0.1 https://app.example.com -I 2>&1 |grep "HTTP/2 200"; then + if ! docker compose exec gateway curl -v -k -H "Authorization: Basic YWRtaW46YWRtaW4=" --resolve $FQDN:443:127.0.0.1 https://$FQDN -I 2>&1 |grep "HTTP/2 200"; then FAILED="true" echo -e "\033[0;31m Caddy TLS Link curl FAILED\033[0m" # red for failure else diff --git a/src/gateway/http.conf.template b/src/gateway/http.conf.template index 53b872e..824c48d 100644 --- a/src/gateway/http.conf.template +++ b/src/gateway/http.conf.template @@ -5,15 +5,16 @@ server { server_name "~^(?.+?)?\.(?.+?)?\.(?.+)\.(?.+)$" "~^(?.+)\.(?.+)\.(?.+)$" "~^(?.+)\.(?.+)$"; #access_log /var/log/nginx/host.access.log main; - set $target http://$subdomain-$domain-$tld; + set $target http://$subdomain-$domain-$tld; - if ($app != '') { - set $target http://$app-$subdomain-$domain-$tld; - } + if ($app != '') { + set $target http://$app-$subdomain-$domain-$tld; + } if ($subdomain = '') { set $target http://$domain-$tld; } + location /test { add_header Content-Type text/plain; return 200 "target: $target \napp: $app - subdomain: $subdomain - domain: $domain.$tld";