From fc4f2edeece1aecdd9ad981e2f6d651dadeddcb1 Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sat, 7 Nov 2020 08:55:52 +0800 Subject: [PATCH 1/9] fix: set ssl status, since it's default 0 --- api/internal/handler/ssl/ssl.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/api/internal/handler/ssl/ssl.go b/api/internal/handler/ssl/ssl.go index 4c89818400..0a98885027 100644 --- a/api/internal/handler/ssl/ssl.go +++ b/api/internal/handler/ssl/ssl.go @@ -147,6 +147,7 @@ func (h *Handler) Create(c droplet.Context) (interface{}, error) { } ssl.ID = input.ID + ssl.Status = 1 if err := h.sslStore.Create(c.Context(), ssl); err != nil { return handler.SpecCodeResponse(err), err } @@ -169,6 +170,8 @@ func (h *Handler) Update(c droplet.Context) (interface{}, error) { if input.ID != "" { ssl.ID = input.ID } + + ssl.Status = 1 if err := h.sslStore.Update(c.Context(), ssl, true); err != nil { return handler.SpecCodeResponse(err), err } From 7d57312ed1832565b39879784c720b71013f8bfd Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sat, 7 Nov 2020 23:16:38 +0800 Subject: [PATCH 2/9] add test cases --- api/test/certs/apisix.crt | 27 ++++++++++ api/test/certs/apisix.key | 39 ++++++++++++++ api/test/certs/test2.crt | 28 ++++++++++ api/test/certs/test2.key | 39 ++++++++++++++ api/test/e2e/base.go | 4 ++ api/test/e2e/go.mod | 1 + api/test/e2e/ssl_test.go | 106 ++++++++++++++++++++++++++++++++++++++ 7 files changed, 244 insertions(+) create mode 100644 api/test/certs/apisix.crt create mode 100644 api/test/certs/apisix.key create mode 100644 api/test/certs/test2.crt create mode 100644 api/test/certs/test2.key create mode 100644 api/test/e2e/ssl_test.go diff --git a/api/test/certs/apisix.crt b/api/test/certs/apisix.crt new file mode 100644 index 0000000000..503f277979 --- /dev/null +++ b/api/test/certs/apisix.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEojCCAwqgAwIBAgIJAK253pMhgCkxMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV +BAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxDzANBgNVBAcMBlpodUhhaTEPMA0G +A1UECgwGaXJlc3R5MREwDwYDVQQDDAh0ZXN0LmNvbTAgFw0xOTA2MjQyMjE4MDVa +GA8yMTE5MDUzMTIyMTgwNVowVjELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5n +RG9uZzEPMA0GA1UEBwwGWmh1SGFpMQ8wDQYDVQQKDAZpcmVzdHkxETAPBgNVBAMM +CHRlc3QuY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAyCM0rqJe +cvgnCfOw4fATotPwk5Ba0gC2YvIrO+gSbQkyxXF5jhZB3W6BkWUWR4oNFLLSqcVb +VDPitz/Mt46Mo8amuS6zTbQetGnBARzPLtmVhJfoeLj0efMiOepOSZflj9Ob4yKR +2bGdEFOdHPjm+4ggXU9jMKeLqdVvxll/JiVFBW5smPtW1Oc/BV5terhscJdOgmRr +abf9xiIis9/qVYfyGn52u9452V0owUuwP7nZ01jt6iMWEGeQU6mwPENgvj1olji2 +WjdG2UwpUVp3jp3l7j1ekQ6mI0F7yI+LeHzfUwiyVt1TmtMWn1ztk6FfLRqwJWR/ +Evm95vnfS3Le4S2ky3XAgn2UnCMyej3wDN6qHR1onpRVeXhrBajbCRDRBMwaNw/1 +/3Uvza8QKK10PzQR6OcQ0xo9psMkd9j9ts/dTuo2fzaqpIfyUbPST4GdqNG9NyIh +/B9g26/0EWcjyO7mYVkaycrtLMaXm1u9jyRmcQQI1cGrGwyXbrieNp63AgMBAAGj +cTBvMB0GA1UdDgQWBBSZtSvV8mBwl0bpkvFtgyiOUUcbszAfBgNVHSMEGDAWgBSZ +tSvV8mBwl0bpkvFtgyiOUUcbszAMBgNVHRMEBTADAQH/MB8GA1UdEQQYMBaCCHRl +c3QuY29tggoqLnRlc3QuY29tMA0GCSqGSIb3DQEBCwUAA4IBgQAHGEul/x7ViVgC +tC8CbXEslYEkj1XVr2Y4hXZXAXKd3W7V3TC8rqWWBbr6L/tsSVFt126V5WyRmOaY +1A5pju8VhnkhYxYfZALQxJN2tZPFVeME9iGJ9BE1wPtpMgITX8Rt9kbNlENfAgOl +PYzrUZN1YUQjX+X8t8/1VkSmyZysr6ngJ46/M8F16gfYXc9zFj846Z9VST0zCKob +rJs3GtHOkS9zGGldqKKCj+Awl0jvTstI4qtS1ED92tcnJh5j/SSXCAB5FgnpKZWy +hme45nBQj86rJ8FhN+/aQ9H9/2Ib6Q4wbpaIvf4lQdLUEcWAeZGW6Rk0JURwEog1 +7/mMgkapDglgeFx9f/XztSTrkHTaX4Obr+nYrZ2V4KOB4llZnK5GeNjDrOOJDk2y +IJFgBOZJWyS93dQfuKEj42hA79MuX64lMSCVQSjX+ipR289GQZqFrIhiJxLyA+Ve +U/OOcSRr39Kuis/JJ+DkgHYa/PWHZhnJQBxcqXXk1bJGw9BNbhM= +-----END CERTIFICATE----- diff --git a/api/test/certs/apisix.key b/api/test/certs/apisix.key new file mode 100644 index 0000000000..71050679e4 --- /dev/null +++ b/api/test/certs/apisix.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAyCM0rqJecvgnCfOw4fATotPwk5Ba0gC2YvIrO+gSbQkyxXF5 +jhZB3W6BkWUWR4oNFLLSqcVbVDPitz/Mt46Mo8amuS6zTbQetGnBARzPLtmVhJfo +eLj0efMiOepOSZflj9Ob4yKR2bGdEFOdHPjm+4ggXU9jMKeLqdVvxll/JiVFBW5s +mPtW1Oc/BV5terhscJdOgmRrabf9xiIis9/qVYfyGn52u9452V0owUuwP7nZ01jt +6iMWEGeQU6mwPENgvj1olji2WjdG2UwpUVp3jp3l7j1ekQ6mI0F7yI+LeHzfUwiy +Vt1TmtMWn1ztk6FfLRqwJWR/Evm95vnfS3Le4S2ky3XAgn2UnCMyej3wDN6qHR1o +npRVeXhrBajbCRDRBMwaNw/1/3Uvza8QKK10PzQR6OcQ0xo9psMkd9j9ts/dTuo2 +fzaqpIfyUbPST4GdqNG9NyIh/B9g26/0EWcjyO7mYVkaycrtLMaXm1u9jyRmcQQI +1cGrGwyXbrieNp63AgMBAAECggGBAJM8g0duoHmIYoAJzbmKe4ew0C5fZtFUQNmu +O2xJITUiLT3ga4LCkRYsdBnY+nkK8PCnViAb10KtIT+bKipoLsNWI9Xcq4Cg4G3t +11XQMgPPgxYXA6m8t+73ldhxrcKqgvI6xVZmWlKDPn+CY/Wqj5PA476B5wEmYbNC +GIcd1FLl3E9Qm4g4b/sVXOHARF6iSvTR+6ol4nfWKlaXSlx2gNkHuG8RVpyDsp9c +z9zUqAdZ3QyFQhKcWWEcL6u9DLBpB/gUjyB3qWhDMe7jcCBZR1ALyRyEjmDwZzv2 +jlv8qlLFfn9R29UI0pbuL1eRAz97scFOFme1s9oSU9a12YHfEd2wJOM9bqiKju8y +DZzePhEYuTZ8qxwiPJGy7XvRYTGHAs8+iDlG4vVpA0qD++1FTpv06cg/fOdnwshE +OJlEC0ozMvnM2rZ2oYejdG3aAnUHmSNa5tkJwXnmj/EMw1TEXf+H6+xknAkw05nh +zsxXrbuFUe7VRfgB5ElMA/V4NsScgQKBwQDmMRtnS32UZjw4A8DsHOKFzugfWzJ8 +Gc+3sTgs+4dNIAvo0sjibQ3xl01h0BB2Pr1KtkgBYB8LJW/FuYdCRS/KlXH7PHgX +84gYWImhNhcNOL3coO8NXvd6+m+a/Z7xghbQtaraui6cDWPiCNd/sdLMZQ/7LopM +RbM32nrgBKMOJpMok1Z6zsPzT83SjkcSxjVzgULNYEp03uf1PWmHuvjO1yELwX9/ +goACViF+jst12RUEiEQIYwr4y637GQBy+9cCgcEA3pN9W5OjSPDVsTcVERig8++O +BFURiUa7nXRHzKp2wT6jlMVcu8Pb2fjclxRyaMGYKZBRuXDlc/RNO3uTytGYNdC2 +IptU5N4M7iZHXj190xtDxRnYQWWo/PR6EcJj3f/tc3Itm1rX0JfuI3JzJQgDb9Z2 +s/9/ub8RRvmQV9LM/utgyOwNdf5dyVoPcTY2739X4ZzXNH+CybfNa+LWpiJIVEs2 +txXbgZrhmlaWzwA525nZ0UlKdfktdcXeqke9eBghAoHARVTHFy6CjV7ZhlmDEtqE +U58FBOS36O7xRDdpXwsHLnCXhbFu9du41mom0W4UdzjgVI9gUqG71+SXrKr7lTc3 +dMHcSbplxXkBJawND/Q1rzLG5JvIRHO1AGJLmRgIdl8jNgtxgV2QSkoyKlNVbM2H +Wy6ZSKM03lIj74+rcKuU3N87dX4jDuwV0sPXjzJxL7NpR/fHwgndgyPcI14y2cGz +zMC44EyQdTw+B/YfMnoZx83xaaMNMqV6GYNnTHi0TO2TAoHBAKmdrh9WkE2qsr59 +IoHHygh7Wzez+Ewr6hfgoEK4+QzlBlX+XV/9rxIaE0jS3Sk1txadk5oFDebimuSk +lQkv1pXUOqh+xSAwk5v88dBAfh2dnnSa8HFN3oz+ZfQYtnBcc4DR1y2X+fVNgr3i +nxruU2gsAIPFRnmvwKPc1YIH9A6kIzqaoNt1f9VM243D6fNzkO4uztWEApBkkJgR +4s/yOjp6ovS9JG1NMXWjXQPcwTq3sQVLnAHxZRJmOvx69UmK4QKBwFYXXjeXiU3d +bcrPfe6qNGjfzK+BkhWznuFUMbuxyZWDYQD5yb6ukUosrj7pmZv3BxKcKCvmONU+ +CHgIXB+hG+R9S2mCcH1qBQoP/RSm+TUzS/Bl2UeuhnFZh2jSZQy3OwryUi6nhF0u +LDzMI/6aO1ggsI23Ri0Y9ZtqVKczTkxzdQKR9xvoNBUufjimRlS80sJCEB3Qm20S +wzarryret/7GFW1/3cz+hTj9/d45i25zArr3Pocfpur5mfz3fJO8jg== +-----END RSA PRIVATE KEY----- diff --git a/api/test/certs/test2.crt b/api/test/certs/test2.crt new file mode 100644 index 0000000000..922a8f8b68 --- /dev/null +++ b/api/test/certs/test2.crt @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEsTCCAxmgAwIBAgIUMbgUUCYHkuKDaPy0bzZowlK0JG4wDQYJKoZIhvcNAQEL +BQAwVzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nRG9uZzEPMA0GA1UEBwwG +Wmh1SGFpMQ8wDQYDVQQKDAZpcmVzdHkxEjAQBgNVBAMMCXRlc3QyLmNvbTAgFw0y +MDA0MDQyMjE3NTJaGA8yMTIwMDMxMTIyMTc1MlowVzELMAkGA1UEBhMCQ04xEjAQ +BgNVBAgMCUd1YW5nRG9uZzEPMA0GA1UEBwwGWmh1SGFpMQ8wDQYDVQQKDAZpcmVz +dHkxEjAQBgNVBAMMCXRlc3QyLmNvbTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC +AYoCggGBAMQGBk35V3zaNVDWzEzVGd+EkZnUOrRpXQg5mmcnoKnrQ5rQQMsQCbMO +gFvLt/9OEZQmbE2HuEKsPzL79Yjdu8rGjSoQdbJZ9ccO32uvln1gn68iK79o7Tvm +TCi+BayyNA+lo9IxrBm1wGBkOU1ZPasGYzgBAbMLTSDps1EYxNR8t4l9PrTTRsh6 +NZyTYoDeVIsKZ9SckpjWVnxHOkF+AzZzIJJSe2pj572TDLYA/Xw9I4X3L+SHzwTl +iGWNXb2tU367LHERHvensQzdle7mQN2kE5GpB7QPWB+t9V4mn30jc/LyDvOaei6L ++pbl5CriGBTjaR80oXhK765K720BQeKUezri15bQlMaUGQRnzr53ZsqA4PEh6WCX +hUT2ibO32+uZFXzVQw8y/JUkPf76pZagi8DoLV+sfSbUtnpbQ8wyV2qqTM2eCuPi +RgUwXQi2WssKKzrqcgKil3vksHZozLtOmyZiNE4qfNxv+UGoIybJtZmB+9spY0Rw +5zBRuULycQIDAQABo3MwcTAdBgNVHQ4EFgQUCmZefzpizPrb3VbiIDhrA48ypB8w +HwYDVR0jBBgwFoAUCmZefzpizPrb3VbiIDhrA48ypB8wDAYDVR0TBAUwAwEB/zAh +BgNVHREEGjAYggl0ZXN0Mi5jb22CCyoudGVzdDIuY29tMA0GCSqGSIb3DQEBCwUA +A4IBgQA0nRTv1zm1ACugJFfYZfxZ0mLJfRUCFMmFfhy+vGiIu6QtnOFVw/tEOyMa +m78lBiqac15n3YWYiHiC5NFffTZ7XVlOjN2i4x2z2IJsHNa8tU80AX0Q/pizGK/d ++dzlcsGBb9MGT18h/B3/EYQFKLjUsr0zvDb1T0YDlRUsN3Bq6CvZmvfe9F7Yh4Z/ +XO5R+rX8w9c9A2jzM5isBw2qp/Ggn5RQodMwApEYkJdu80MuxaY6s3dssS4Ay8wP +VNFEeLcdauJ00ES1OnbnuNiYSiSMOgWBsnR+c8AaSRB/OZLYQQKGGYbq0tspwRjM +MGJRrI/jdKnvJQ8p02abdvA9ZuFChoD3Wg03qQ6bna68ZKPd9peBPpMrDDGDLkGI +NzZ6bLJKILnQkV6b1OHVnPDsKXfXjUTTNK/QLJejTXu9RpMBakYZMzs/SOSDtFlS +A+q25t6+46nvA8msUSBKyOGBX42mJcKvR4OgG44PfDjYfmjn2l+Dz/jNXDclpb+Q +XAzBnfM= +-----END CERTIFICATE----- diff --git a/api/test/certs/test2.key b/api/test/certs/test2.key new file mode 100644 index 0000000000..c25d4e5bde --- /dev/null +++ b/api/test/certs/test2.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5QIBAAKCAYEAxAYGTflXfNo1UNbMTNUZ34SRmdQ6tGldCDmaZyegqetDmtBA +yxAJsw6AW8u3/04RlCZsTYe4Qqw/Mvv1iN27ysaNKhB1sln1xw7fa6+WfWCfryIr +v2jtO+ZMKL4FrLI0D6Wj0jGsGbXAYGQ5TVk9qwZjOAEBswtNIOmzURjE1Hy3iX0+ +tNNGyHo1nJNigN5Uiwpn1JySmNZWfEc6QX4DNnMgklJ7amPnvZMMtgD9fD0jhfcv +5IfPBOWIZY1dva1TfrsscREe96exDN2V7uZA3aQTkakHtA9YH631XiaffSNz8vIO +85p6Lov6luXkKuIYFONpHzSheErvrkrvbQFB4pR7OuLXltCUxpQZBGfOvndmyoDg +8SHpYJeFRPaJs7fb65kVfNVDDzL8lSQ9/vqllqCLwOgtX6x9JtS2eltDzDJXaqpM +zZ4K4+JGBTBdCLZayworOupyAqKXe+SwdmjMu06bJmI0Tip83G/5QagjJsm1mYH7 +2yljRHDnMFG5QvJxAgMBAAECggGBAIELlkruwvGmlULKpWRPReEn3NJwLNVoJ56q +jUMri1FRWAgq4PzNahU+jrHfwxmHw3rMcK/5kQwTaOefh1y63E35uCThARqQroSE +/gBeb6vKWFVrIXG5GbQ9QBXyQroV9r/2Q4q0uJ+UTzklwbNx9G8KnXbY8s1zuyrX +rvzMWYepMwqIMSfJjuebzH9vZ4F+3BlMmF4XVUrYj8bw/SDwXB0UXXT2Z9j6PC1J +CS0oKbgIZ8JhoF3KKjcHBGwWTIf5+byRxeG+z99PBEBafm1Puw1vLfOjD3DN/fso +8xCEtD9pBPBJ+W97x/U+10oKetmP1VVEr2Ph8+s2VH1zsRF5jo5d0GtvJqOwIQJ7 +z3OHJ7lLODw0KAjB1NRXW4dTTUDm6EUuUMWFkGAV6YTyhNLAT0DyrUFJck9RiY48 +3QN8vSf3n/+3wwg1gzcJ9w3W4DUbvGqu86CaUQ4UegfYJlusY/3YGp5bGNQdxmws +lgIoSRrHp6UJKsP8Yl08MIvT/oNLgQKBwQD75SuDeyE0ukhEp0t6v+22d18hfSef +q3lLWMI1SQR9Kiem9Z1KdRkIVY8ZAHANm6D8wgjOODT4QZtiqJd2BJn3Xf+aLfCd +CW0hPvmGTcp/E4sDZ2u0HbIrUStz7ZcgXpjD2JJAJGEKY2Z7J65gnTqbqoBDrw1q +1+FqtikkHRte1UqxjwnWBpSdoRQFgNPHxPWffhML1xsD9Pk1B1b7JoakYcKsNoQM +oXUKPLxSZEtd0hIydqmhGYTa9QWBPNDlA5UCgcEAxzfGbOrPBAOOYZd3jORXQI6p +H7SddTHMQyG04i+OWUd0HZFkK7/k6r26GFmImNIsQMB26H+5XoKRFKn+sUl14xHY +FwB140j0XSav2XzT38UpJ9CptbgK1eKGQVp41xwRYjHVScE5hJuA3a1TKM0l26rp +hny/KaP+tXuqt9QbxcUN6efubNYyFP+m6nq2/XdX74bJuGpXLq8W0oFdiocO6tmF +4/Hsc4dCVrcwULqXQa0lJ57zZpfIPARqWM2847xtAoHBANVUNbDpg6rTJMc34722 +dAy3NhL3mqooH9aG+hsEls+l9uT4WFipqSScyU8ERuHPbt0BO1Hi2kFx1rYMUBG8 +PeT4b7NUutVUGV8xpUNv+FH87Bta6CUnjTAQUzuf+QCJ/NjIPrwh0yloG2+roIvk +PLF/CZfI1hUpdZfZZChYmkiLXPHZURw4gH6q33j1rOYf0WFc9aZua0vDmZame6zB +6P+oZ6VPmi/UQXoFC/y/QfDYK18fjfOI2DJTlnDoX4XErQKBwGc3M5xMz/MRcJyJ +oIwj5jzxbRibOJV2tpD1jsU9xG/nQHbtVEwCgTVKFXf2M3qSMhFeZn0xZ7ZayZY+ +OVJbcDO0lBPezjVzIAB/Qc7aCOBAQ4F4b+VRtHN6iPqlSESTK0KH9Szgas+UzeCM +o7BZEctNMu7WBSkq6ZXXu+zAfZ8q6HmPDA3hsFMG3dFQwSxzv+C/IhZlKkRqvNVV +50QVk5oEF4WxW0PECY/qG6NH+YQylDSB+zPlYf4Of5cBCWOoxQKBwQCeo37JpEAR +kYtqSjXkC5GpPTz8KR9lCY4SDuC1XoSVCP0Tk23GX6GGyEf4JWE+fb/gPEFx4Riu +7pvxRwq+F3LaAa/FFTNUpY1+8UuiMO7J0B1RkVXkyJjFUF/aQxAnOoZPmzrdZhWy +bpe2Ka+JS/aXSd1WRN1nmo/DarpWFvdLWZFwUt6zMziH40o1gyPHEuXOqVtf2QCe +Q6WC9xnEz4lbb/fR2TF9QRA4FtoRpDe/f3ZGIpWE0RdwyZZ6uA7T1+Q= +-----END RSA PRIVATE KEY----- diff --git a/api/test/e2e/base.go b/api/test/e2e/base.go index 71b61b5609..182eb4c7a6 100644 --- a/api/test/e2e/base.go +++ b/api/test/e2e/base.go @@ -67,6 +67,10 @@ func APISIXExpect(t *testing.T) *httpexpect.Expect { return httpexpect.New(t, "http://127.0.0.1:9080") } +func APISIXHTTPSExpect(t *testing.T) *httpexpect.Expect { + return httpexpect.New(t, "https://www.test2.com:9443") +} + var sleepTime = time.Duration(100) * time.Millisecond type HttpTestCase struct { diff --git a/api/test/e2e/go.mod b/api/test/e2e/go.mod index 18952af9c0..8e6d70262e 100644 --- a/api/test/e2e/go.mod +++ b/api/test/e2e/go.mod @@ -5,5 +5,6 @@ go 1.15 require ( github.com/gavv/httpexpect/v2 v2.1.0 github.com/gin-gonic/gin v1.6.3 + github.com/stretchr/testify v1.4.0 github.com/tidwall/gjson v1.6.1 ) diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go new file mode 100644 index 0000000000..53b89e4997 --- /dev/null +++ b/api/test/e2e/ssl_test.go @@ -0,0 +1,106 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package e2e + +import ( + "encoding/json" + "github.com/stretchr/testify/assert" + "io/ioutil" + "net/http" + "testing" +) + +func TestSSL_Basic(t *testing.T) { + testCert, err := ioutil.ReadFile("../certs/test2.crt") + assert.Nil(t, err) + testKey, err := ioutil.ReadFile("../certs/test2.key") + assert.Nil(t, err) + apisixKey, err := ioutil.ReadFile("../certs/apisix.key") + assert.Nil(t, err) + body, err := json.Marshal(map[string]string{ + "id": "1", + "cert": string(testCert), + "key": string(testKey), + }) + assert.Nil(t, err) + invalidBody, err := json.Marshal(map[string]string{ + "id": "1", + "cert": string(testCert), + "key": string(apisixKey), + }) + + tests := []HttpTestCase{ + { + caseDesc: "create ssl fail - key and cert not match", + Object: MangerApiExpect(t), + Method: http.MethodPost, + Path: "/apisix/admin/ssl", + Body: string(invalidBody), + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusBadRequest, + }, + { + caseDesc: "create ssl successful", + Object: MangerApiExpect(t), + Method: http.MethodPost, + Path: "/apisix/admin/ssl", + Body: string(body), + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusOK, + }, + { + caseDesc: "create route", + Object: MangerApiExpect(t), + Method: http.MethodPut, + Path: "/apisix/admin/routes/r1", + Body: `{ + "uri": "/hello_", + "hosts": ["test2.com", "*.test2.com"], + "upstream": { + "nodes": { + "172.16.238.20:1980": 1 + }, + "type": "roundrobin" + } + }`, + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusOK, + }, + { + caseDesc: "hit the route just created", + Object: APISIXHTTPSExpect(t), + Method: http.MethodGet, + Path: "/hello_", + Headers: map[string]string{"Host": "www.test2.com"}, + ExpectStatus: http.StatusOK, + ExpectBody: "hello world\n", + Sleep: sleepTime, + }, + { + caseDesc: "delete route", + Object: MangerApiExpect(t), + Method: http.MethodDelete, + Path: "/apisix/admin/routes/r1", + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusOK, + }, + } + + for _, tc := range tests { + testCaseCheck(tc) + } +} From 893253667ecaa9590de3cb92ad90d2dda5e0a9fa Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sat, 7 Nov 2020 23:43:43 +0800 Subject: [PATCH 3/9] test: add test cases --- .github/workflows/e2e-test-backend.yml | 7 +++++-- api/test/e2e/base.go | 11 +++++++++++ api/test/e2e/ssl_test.go | 9 +++++++++ 3 files changed, 25 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-test-backend.yml b/.github/workflows/e2e-test-backend.yml index 13b2c5eaa1..37dd4754a0 100644 --- a/.github/workflows/e2e-test-backend.yml +++ b/.github/workflows/e2e-test-backend.yml @@ -28,7 +28,10 @@ jobs: sleep 5 docker logs docker_managerapi_1 + - name: set hosts + working-directory: ./api/test/e2e + run: echo "127.0.0.1 www.test2.com" | sudo tee -a /etc/hosts + - name: run test working-directory: ./api/test/e2e - run: | - go test + run: go test diff --git a/api/test/e2e/base.go b/api/test/e2e/base.go index 182eb4c7a6..ffcd2e7c72 100644 --- a/api/test/e2e/base.go +++ b/api/test/e2e/base.go @@ -18,6 +18,7 @@ package e2e import ( "bytes" + "crypto/tls" "io/ioutil" "net/http" "testing" @@ -80,6 +81,7 @@ type HttpTestCase struct { Path string Body string Headers map[string]string + SkipVerify bool ExpectStatus int ExpectCode int ExpectMessage string @@ -109,6 +111,15 @@ func testCaseCheck(tc HttpTestCase) { panic("fail to init request") } + if tc.SkipVerify { + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + req.WithClient(&http.Client{ + Transport: tr, + }) + } + if tc.Sleep != 0 { time.Sleep(tc.Sleep) } diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 53b89e4997..7d959ebd23 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -88,6 +88,7 @@ func TestSSL_Basic(t *testing.T) { Headers: map[string]string{"Host": "www.test2.com"}, ExpectStatus: http.StatusOK, ExpectBody: "hello world\n", + SkipVerify: true, Sleep: sleepTime, }, { @@ -98,6 +99,14 @@ func TestSSL_Basic(t *testing.T) { Headers: map[string]string{"Authorization": token}, ExpectStatus: http.StatusOK, }, + { + caseDesc: "delete ssl", + Object: MangerApiExpect(t), + Method: http.MethodDelete, + Path: "/apisix/admin/ssl/1", + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusOK, + }, } for _, tc := range tests { From 9abb4031f1f4dda83627971b8581f334e7197e1c Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sun, 8 Nov 2020 00:56:33 +0800 Subject: [PATCH 4/9] fix: update test cases --- api/test/e2e/base.go | 24 +++++++++++++----------- api/test/e2e/ssl_test.go | 15 +++++++++++---- 2 files changed, 24 insertions(+), 15 deletions(-) diff --git a/api/test/e2e/base.go b/api/test/e2e/base.go index ffcd2e7c72..40fa6fc916 100644 --- a/api/test/e2e/base.go +++ b/api/test/e2e/base.go @@ -69,7 +69,19 @@ func APISIXExpect(t *testing.T) *httpexpect.Expect { } func APISIXHTTPSExpect(t *testing.T) *httpexpect.Expect { - return httpexpect.New(t, "https://www.test2.com:9443") + e := httpexpect.WithConfig(httpexpect.Config{ + BaseURL: "https://www.test2.com:9443", + Reporter: httpexpect.NewAssertReporter(t), + Client: &http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + // accept any certificate; for testing only! + InsecureSkipVerify: true, + }, + }, + }, + }) + return e } var sleepTime = time.Duration(100) * time.Millisecond @@ -81,7 +93,6 @@ type HttpTestCase struct { Path string Body string Headers map[string]string - SkipVerify bool ExpectStatus int ExpectCode int ExpectMessage string @@ -111,15 +122,6 @@ func testCaseCheck(tc HttpTestCase) { panic("fail to init request") } - if tc.SkipVerify { - tr := &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - } - req.WithClient(&http.Client{ - Transport: tr, - }) - } - if tc.Sleep != 0 { time.Sleep(tc.Sleep) } diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 7d959ebd23..1a7c3821d1 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -17,11 +17,13 @@ package e2e import ( + "crypto/tls" "encoding/json" - "github.com/stretchr/testify/assert" "io/ioutil" "net/http" "testing" + + "github.com/stretchr/testify/assert" ) func TestSSL_Basic(t *testing.T) { @@ -43,6 +45,12 @@ func TestSSL_Basic(t *testing.T) { "key": string(apisixKey), }) + //Before configuring SSL, make a HTTPS request + http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + _, err = http.Get("https://www.test2.com:9443") + assert.NotNil(t, err) + assert.EqualError(t, err, "Get \"https://www.test2.com:9443\": remote error: tls: internal error") + tests := []HttpTestCase{ { caseDesc: "create ssl fail - key and cert not match", @@ -54,7 +62,7 @@ func TestSSL_Basic(t *testing.T) { ExpectStatus: http.StatusBadRequest, }, { - caseDesc: "create ssl successful", + caseDesc: "create ssl successfully", Object: MangerApiExpect(t), Method: http.MethodPost, Path: "/apisix/admin/ssl", @@ -81,14 +89,13 @@ func TestSSL_Basic(t *testing.T) { ExpectStatus: http.StatusOK, }, { - caseDesc: "hit the route just created", + caseDesc: "hit the route just created using HTTPS", Object: APISIXHTTPSExpect(t), Method: http.MethodGet, Path: "/hello_", Headers: map[string]string{"Host": "www.test2.com"}, ExpectStatus: http.StatusOK, ExpectBody: "hello world\n", - SkipVerify: true, Sleep: sleepTime, }, { From b3724b9186d3de39944938a06475510a00966ca7 Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sun, 8 Nov 2020 14:00:51 +0800 Subject: [PATCH 5/9] fix: test case fail --- api/test/e2e/ssl_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 1a7c3821d1..9dd6a81127 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -49,7 +49,7 @@ func TestSSL_Basic(t *testing.T) { http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} _, err = http.Get("https://www.test2.com:9443") assert.NotNil(t, err) - assert.EqualError(t, err, "Get \"https://www.test2.com:9443\": remote error: tls: internal error") + assert.EqualError(t, err, "Get https://www.test2.com:9443: remote error: tls: internal error") tests := []HttpTestCase{ { From 56244ff38d0787187ca0d09eda9e5088beee4e54 Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sun, 8 Nov 2020 14:42:11 +0800 Subject: [PATCH 6/9] test: remove hosts in hosts setting --- .github/workflows/e2e-test-backend.yml | 4 ---- api/test/e2e/base.go | 10 ++++++++++ api/test/e2e/ssl_test.go | 9 +++++++++ 3 files changed, 19 insertions(+), 4 deletions(-) diff --git a/.github/workflows/e2e-test-backend.yml b/.github/workflows/e2e-test-backend.yml index 37dd4754a0..1bfe4ec341 100644 --- a/.github/workflows/e2e-test-backend.yml +++ b/.github/workflows/e2e-test-backend.yml @@ -28,10 +28,6 @@ jobs: sleep 5 docker logs docker_managerapi_1 - - name: set hosts - working-directory: ./api/test/e2e - run: echo "127.0.0.1 www.test2.com" | sudo tee -a /etc/hosts - - name: run test working-directory: ./api/test/e2e run: go test diff --git a/api/test/e2e/base.go b/api/test/e2e/base.go index 40fa6fc916..f05dabe50b 100644 --- a/api/test/e2e/base.go +++ b/api/test/e2e/base.go @@ -18,8 +18,10 @@ package e2e import ( "bytes" + "context" "crypto/tls" "io/ioutil" + "net" "net/http" "testing" "time" @@ -78,9 +80,17 @@ func APISIXHTTPSExpect(t *testing.T) *httpexpect.Expect { // accept any certificate; for testing only! InsecureSkipVerify: true, }, + DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) { + if addr == "www.test2.com:9443" { + addr = "127.0.0.1:9443" + } + dialer := &net.Dialer{} + return dialer.DialContext(ctx, network, addr) + }, }, }, }) + return e } diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 9dd6a81127..23a220bc82 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -17,9 +17,11 @@ package e2e import ( + "context" "crypto/tls" "encoding/json" "io/ioutil" + "net" "net/http" "testing" @@ -47,6 +49,13 @@ func TestSSL_Basic(t *testing.T) { //Before configuring SSL, make a HTTPS request http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + http.DefaultTransport.(*http.Transport).DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) { + if addr == "www.test2.com:9443" { + addr = "127.0.0.1:9443" + } + dialer := &net.Dialer{} + return dialer.DialContext(ctx, network, addr) + } _, err = http.Get("https://www.test2.com:9443") assert.NotNil(t, err) assert.EqualError(t, err, "Get https://www.test2.com:9443: remote error: tls: internal error") From 7aebbc5f97d0e93b4d6257909b023f455c530afa Mon Sep 17 00:00:00 2001 From: nic-chen Date: Sun, 8 Nov 2020 15:16:26 +0800 Subject: [PATCH 7/9] fix: according review --- api/conf/conf.go | 21 +++++++++++---------- api/internal/handler/ssl/ssl.go | 7 +++++-- api/test/e2e/base.go | 2 +- api/test/e2e/ssl_test.go | 7 +++++++ 4 files changed, 24 insertions(+), 13 deletions(-) diff --git a/api/conf/conf.go b/api/conf/conf.go index f7f5cfec2d..91eb89bc21 100644 --- a/api/conf/conf.go +++ b/api/conf/conf.go @@ -40,16 +40,17 @@ const ( ) var ( - ENV string - Schema gjson.Result - WorkDir = "." - ServerHost = "127.0.0.1" - ServerPort = 80 - ETCDEndpoints = []string{"127.0.0.1:2379"} - ErrorLogLevel = "warn" - ErrorLogPath = "logs/error.log" - UserList = make(map[string]User, 2) - AuthConf Authentication + ENV string + Schema gjson.Result + WorkDir = "." + ServerHost = "127.0.0.1" + ServerPort = 80 + ETCDEndpoints = []string{"127.0.0.1:2379"} + ErrorLogLevel = "warn" + ErrorLogPath = "logs/error.log" + UserList = make(map[string]User, 2) + AuthConf Authentication + SSLDefaultStatus = 1 //enable ssl by default ) type Etcd struct { diff --git a/api/internal/handler/ssl/ssl.go b/api/internal/handler/ssl/ssl.go index 0a98885027..08ed05b176 100644 --- a/api/internal/handler/ssl/ssl.go +++ b/api/internal/handler/ssl/ssl.go @@ -34,6 +34,7 @@ import ( "github.com/shiningrush/droplet/wrapper" wgin "github.com/shiningrush/droplet/wrapper/gin" + "github.com/apisix/manager-api/conf" "github.com/apisix/manager-api/internal/core/entity" "github.com/apisix/manager-api/internal/core/store" "github.com/apisix/manager-api/internal/handler" @@ -147,7 +148,8 @@ func (h *Handler) Create(c droplet.Context) (interface{}, error) { } ssl.ID = input.ID - ssl.Status = 1 + //set default value for SSL status, if not set, it will be 0 which means disable. + ssl.Status = conf.SSLDefaultStatus if err := h.sslStore.Create(c.Context(), ssl); err != nil { return handler.SpecCodeResponse(err), err } @@ -171,7 +173,8 @@ func (h *Handler) Update(c droplet.Context) (interface{}, error) { ssl.ID = input.ID } - ssl.Status = 1 + //set default value for SSL status, if not set, it will be 0 which means disable. + ssl.Status = conf.SSLDefaultStatus if err := h.sslStore.Update(c.Context(), ssl, true); err != nil { return handler.SpecCodeResponse(err), err } diff --git a/api/test/e2e/base.go b/api/test/e2e/base.go index f05dabe50b..72ec325707 100644 --- a/api/test/e2e/base.go +++ b/api/test/e2e/base.go @@ -94,7 +94,7 @@ func APISIXHTTPSExpect(t *testing.T) *httpexpect.Expect { return e } -var sleepTime = time.Duration(100) * time.Millisecond +var sleepTime = time.Duration(20) * time.Millisecond type HttpTestCase struct { caseDesc string diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 23a220bc82..113f9578af 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -24,6 +24,7 @@ import ( "net" "net/http" "testing" + "time" "github.com/stretchr/testify/assert" ) @@ -128,4 +129,10 @@ func TestSSL_Basic(t *testing.T) { for _, tc := range tests { testCaseCheck(tc) } + + //try again after deleting SSL, make a HTTPS request + time.Sleep(time.Duration(20) * time.Millisecond) + _, err = http.Get("https://www.test2.com:9443") + assert.NotNil(t, err) + assert.EqualError(t, err, "Get https://www.test2.com:9443: remote error: tls: internal error") } From 67dfb1b21e5c834f312c012551f3fd13f0f80992 Mon Sep 17 00:00:00 2001 From: nic-chen Date: Mon, 9 Nov 2020 10:54:05 +0800 Subject: [PATCH 8/9] fix: according review --- api/test/e2e/ssl_test.go | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 113f9578af..8cd9386612 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -49,6 +49,7 @@ func TestSSL_Basic(t *testing.T) { }) //Before configuring SSL, make a HTTPS request + // If use the test framework, errors will cause failure, so we need to make a separate https request for testing. http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} http.DefaultTransport.(*http.Transport).DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) { if addr == "www.test2.com:9443" { @@ -108,14 +109,6 @@ func TestSSL_Basic(t *testing.T) { ExpectBody: "hello world\n", Sleep: sleepTime, }, - { - caseDesc: "delete route", - Object: MangerApiExpect(t), - Method: http.MethodDelete, - Path: "/apisix/admin/routes/r1", - Headers: map[string]string{"Authorization": token}, - ExpectStatus: http.StatusOK, - }, { caseDesc: "delete ssl", Object: MangerApiExpect(t), @@ -130,9 +123,22 @@ func TestSSL_Basic(t *testing.T) { testCaseCheck(tc) } - //try again after deleting SSL, make a HTTPS request + // try again after deleting SSL, make a HTTPS request + // If use the test framework, errors will cause failure, so we need to make a separate https request for testing. time.Sleep(time.Duration(20) * time.Millisecond) _, err = http.Get("https://www.test2.com:9443") assert.NotNil(t, err) assert.EqualError(t, err, "Get https://www.test2.com:9443: remote error: tls: internal error") + + // clean test data + delRoute := HttpTestCase{ + caseDesc: "delete route", + Object: MangerApiExpect(t), + Method: http.MethodDelete, + Path: "/apisix/admin/routes/r1", + Headers: map[string]string{"Authorization": token}, + ExpectStatus: http.StatusOK, + } + testCaseCheck(delRoute) + } From 6b864bbcad677250272bfac821da81b30cf5e26b Mon Sep 17 00:00:00 2001 From: nic-chen Date: Mon, 9 Nov 2020 10:56:36 +0800 Subject: [PATCH 9/9] chore: add comment --- api/test/e2e/ssl_test.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/api/test/e2e/ssl_test.go b/api/test/e2e/ssl_test.go index 8cd9386612..3a1fb5557f 100644 --- a/api/test/e2e/ssl_test.go +++ b/api/test/e2e/ssl_test.go @@ -30,6 +30,7 @@ import ( ) func TestSSL_Basic(t *testing.T) { + // build test body testCert, err := ioutil.ReadFile("../certs/test2.crt") assert.Nil(t, err) testKey, err := ioutil.ReadFile("../certs/test2.key") @@ -48,7 +49,7 @@ func TestSSL_Basic(t *testing.T) { "key": string(apisixKey), }) - //Before configuring SSL, make a HTTPS request + // Before configuring SSL, make a HTTPS request // If use the test framework, errors will cause failure, so we need to make a separate https request for testing. http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} http.DefaultTransport.(*http.Transport).DialContext = func(ctx context.Context, network, addr string) (net.Conn, error) { @@ -62,6 +63,7 @@ func TestSSL_Basic(t *testing.T) { assert.NotNil(t, err) assert.EqualError(t, err, "Get https://www.test2.com:9443: remote error: tls: internal error") + // main test cases tests := []HttpTestCase{ { caseDesc: "create ssl fail - key and cert not match",