github.com/canhui/fabric_ca2_2@v2.0.0-alpha+incompatible/lib/server/operations/system_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package operations_test 8 9 import ( 10 "fmt" 11 "io/ioutil" 12 "net" 13 "net/http" 14 "os" 15 "path/filepath" 16 "time" 17 18 "github.com/hyperledger/fabric-ca/lib/server/operations" 19 "github.com/hyperledger/fabric/common/metrics/disabled" 20 "github.com/hyperledger/fabric/common/metrics/prometheus" 21 "github.com/hyperledger/fabric/common/metrics/statsd" 22 . "github.com/onsi/ginkgo" 23 . "github.com/onsi/gomega" 24 ) 25 26 var _ = Describe("System", func() { 27 var ( 28 tempDir string 29 30 authClient *http.Client 31 unauthClient *http.Client 32 options operations.Options 33 system *operations.System 34 ) 35 36 BeforeEach(func() { 37 var err error 38 tempDir, err = ioutil.TempDir("", "system") 39 Expect(err).NotTo(HaveOccurred()) 40 41 err = generateCertificates(tempDir) 42 Expect(err).NotTo(HaveOccurred()) 43 44 options = operations.Options{ 45 ListenAddress: "127.0.0.1:0", 46 Metrics: operations.MetricsOptions{ 47 Provider: "disabled", 48 }, 49 TLS: operations.TLS{ 50 Enabled: true, 51 CertFile: filepath.Join(tempDir, "server-cert.pem"), 52 KeyFile: filepath.Join(tempDir, "server-key.pem"), 53 ClientCertRequired: false, 54 ClientCACertFiles: []string{filepath.Join(tempDir, "client-ca.pem")}, 55 }, 56 } 57 58 system = operations.NewSystem(options) 59 60 authClient = newHTTPClient(tempDir, true) 61 unauthClient = newHTTPClient(tempDir, false) 62 }) 63 64 AfterEach(func() { 65 os.RemoveAll(tempDir) 66 if system != nil { 67 system.Stop() 68 } 69 }) 70 71 Context("when ClientCertRequired is true", func() { 72 BeforeEach(func() { 73 options.TLS.ClientCertRequired = true 74 system = operations.NewSystem(options) 75 }) 76 77 It("requires a client cert to connect", func() { 78 err := system.Start() 79 Expect(err).NotTo(HaveOccurred()) 80 81 _, err = unauthClient.Get(fmt.Sprintf("https://%s/metrics", system.Addr())) 82 Expect(err).To(HaveOccurred()) 83 Expect(err.Error()).To(ContainSubstring("remote error: tls: bad certificate")) 84 }) 85 }) 86 87 Context("when listen fails", func() { 88 var listener net.Listener 89 90 BeforeEach(func() { 91 var err error 92 listener, err = net.Listen("tcp", "127.0.0.1:0") 93 Expect(err).NotTo(HaveOccurred()) 94 95 options.ListenAddress = listener.Addr().String() 96 system = operations.NewSystem(options) 97 }) 98 99 AfterEach(func() { 100 listener.Close() 101 }) 102 103 It("returns an error", func() { 104 err := system.Start() 105 Expect(err).To(HaveOccurred()) 106 Expect(err.Error()).To(ContainSubstring("bind: address already in use")) 107 }) 108 }) 109 110 Context("when a bad TLS configuration is provided", func() { 111 BeforeEach(func() { 112 options.TLS.CertFile = "cert-file-does-not-exist" 113 system = operations.NewSystem(options) 114 }) 115 116 It("returns an error", func() { 117 err := system.Start() 118 Expect(err).To(MatchError("open cert-file-does-not-exist: no such file or directory")) 119 }) 120 }) 121 122 Context("when the metrics provider is disabled", func() { 123 BeforeEach(func() { 124 options.Metrics = operations.MetricsOptions{ 125 Provider: "disabled", 126 } 127 system = operations.NewSystem(options) 128 Expect(system).NotTo(BeNil()) 129 }) 130 131 It("sets up a disabled provider", func() { 132 Expect(system.Provider).To(Equal(&disabled.Provider{})) 133 }) 134 }) 135 136 Context("when the metrics provider is prometheus", func() { 137 BeforeEach(func() { 138 options.Metrics = operations.MetricsOptions{ 139 Provider: "prometheus", 140 } 141 system = operations.NewSystem(options) 142 Expect(system).NotTo(BeNil()) 143 }) 144 145 It("sets up prometheus as a provider", func() { 146 Expect(system.Provider).To(Equal(&prometheus.Provider{})) 147 }) 148 149 It("hosts a secure endpoint for metrics", func() { 150 err := system.Start() 151 Expect(err).NotTo(HaveOccurred()) 152 153 metricsURL := fmt.Sprintf("https://%s/metrics", system.Addr()) 154 resp, err := authClient.Get(metricsURL) 155 Expect(err).NotTo(HaveOccurred()) 156 Expect(resp.StatusCode).To(Equal(http.StatusOK)) 157 body, err := ioutil.ReadAll(resp.Body) 158 resp.Body.Close() 159 Expect(err).NotTo(HaveOccurred()) 160 Expect(body).To(ContainSubstring("# TYPE go_gc_duration_seconds summary")) 161 }) 162 }) 163 164 Context("when the metrics provider is statsd", func() { 165 var listener net.Listener 166 167 BeforeEach(func() { 168 var err error 169 listener, err = net.Listen("tcp", "127.0.0.1:0") 170 Expect(err).NotTo(HaveOccurred()) 171 172 options.Metrics = operations.MetricsOptions{ 173 Provider: "statsd", 174 Statsd: &operations.Statsd{ 175 Network: "tcp", 176 Address: listener.Addr().String(), 177 WriteInterval: 100 * time.Millisecond, 178 Prefix: "prefix", 179 }, 180 } 181 system = operations.NewSystem(options) 182 Expect(system).NotTo(BeNil()) 183 }) 184 185 AfterEach(func() { 186 listener.Close() 187 }) 188 189 It("sets up statsd as a provider", func() { 190 provider, ok := system.Provider.(*statsd.Provider) 191 Expect(ok).To(BeTrue()) 192 Expect(provider.Statsd).NotTo(BeNil()) 193 }) 194 195 Context("when checking the network and address fails", func() { 196 BeforeEach(func() { 197 options.Metrics.Statsd.Network = "bob-the-network" 198 system = operations.NewSystem(options) 199 }) 200 201 It("returns an error", func() { 202 err := system.Start() 203 Expect(err).To(HaveOccurred()) 204 Expect(err.Error()).To(ContainSubstring("bob-the-network")) 205 }) 206 }) 207 }) 208 209 Context("when the metrics provider is unknown", func() { 210 BeforeEach(func() { 211 options.Metrics.Provider = "something-unknown" 212 system = operations.NewSystem(options) 213 }) 214 215 It("sets up a disabled provider", func() { 216 Expect(system.Provider).To(Equal(&disabled.Provider{})) 217 }) 218 }) 219 })