github.com/deis/workflow-e2e@v2.12.2-0.20180227201524-4105be7001fe+incompatible/tests/certs_test.go (about) 1 package tests 2 3 import ( 4 "fmt" 5 "net/http" 6 "strconv" 7 "strings" 8 9 deis "github.com/deis/controller-sdk-go" 10 "github.com/deis/workflow-e2e/tests/cmd" 11 "github.com/deis/workflow-e2e/tests/cmd/apps" 12 "github.com/deis/workflow-e2e/tests/cmd/auth" 13 "github.com/deis/workflow-e2e/tests/cmd/builds" 14 "github.com/deis/workflow-e2e/tests/cmd/certs" 15 "github.com/deis/workflow-e2e/tests/cmd/domains" 16 "github.com/deis/workflow-e2e/tests/model" 17 "github.com/deis/workflow-e2e/tests/util" 18 19 . "github.com/onsi/ginkgo" 20 . "github.com/onsi/gomega" 21 . "github.com/onsi/gomega/gbytes" 22 . "github.com/onsi/gomega/gexec" 23 ) 24 25 var _ = Describe("deis certs", func() { 26 27 nonExistentCertName := "non-existent-cert" 28 29 var cert model.Cert 30 31 BeforeEach(func() { 32 cert = model.NewCert() 33 }) 34 35 Context("with an existing user", func() { 36 37 var user model.User 38 39 BeforeEach(func() { 40 user = auth.RegisterAndLogin() 41 }) 42 43 AfterEach(func() { 44 auth.Cancel(user) 45 }) 46 47 Specify("that user cannot add a cert with a malformed name", func() { 48 sess, err := cmd.Start("deis certs:add %s %s %s", &user, "bogus.cert.name", cert.CertPath, cert.KeyPath) 49 // TODO: Figure out spacing issues that necessitate this workaround. 50 output := sess.Wait().Err.Contents() 51 Expect(strings.TrimSpace(string(output))).To(Equal(util.PrependError(deis.ErrInvalidName))) 52 Expect(err).NotTo(HaveOccurred()) 53 Eventually(sess).Should(Exit(1)) 54 }) 55 56 Specify("that user cannot add a cert using a non-existent cert file", func() { 57 nonExistentCertFile := "non.existent.cert" 58 sess, err := cmd.Start("deis certs:add %s %s %s", &user, cert.Name, nonExistentCertFile, cert.KeyPath) 59 Eventually(sess.Err).Should(Say("open %s: no such file or directory", nonExistentCertFile)) 60 Expect(err).NotTo(HaveOccurred()) 61 Eventually(sess).Should(Exit(1)) 62 }) 63 64 Specify("that user cannot add a cert using a non-existent key file", func() { 65 nonExistentKeyFile := "non.existent.key" 66 sess, err := cmd.Start("deis certs:add %s %s %s", &user, cert.Name, cert.CertPath, nonExistentKeyFile) 67 Eventually(sess.Err).Should(Say("open %s: no such file or directory", nonExistentKeyFile)) 68 Expect(err).NotTo(HaveOccurred()) 69 Eventually(sess).Should(Exit(1)) 70 }) 71 72 Specify("that user cannot add a cert with the key and cert files swapped", func() { 73 sess, err := cmd.Start("deis certs:add %s %s %s", &user, cert.Name, cert.KeyPath, cert.CertPath) 74 Eventually(sess.Err).Should(Say(util.PrependError(deis.ErrInvalidCertificate))) 75 Expect(err).NotTo(HaveOccurred()) 76 Eventually(sess).Should(Exit(1)) 77 }) 78 79 Specify("that user cannot get info on a non-existent cert", func() { 80 sess, err := cmd.Start("deis certs:info %s", &user, nonExistentCertName) 81 Eventually(sess.Err).Should(Say(util.PrependError(certs.ErrNoCertMatch))) 82 Expect(err).NotTo(HaveOccurred()) 83 Eventually(sess).Should(Exit(1)) 84 }) 85 86 Specify("that user cannot remove a non-existent cert", func() { 87 sess, err := cmd.Start("deis certs:remove %s", &user, nonExistentCertName) 88 Eventually(sess.Err).Should(Say(util.PrependError(certs.ErrNoCertMatch))) 89 Expect(err).NotTo(HaveOccurred()) 90 Eventually(sess).Should(Exit(1)) 91 }) 92 93 Context("who owns an existing app", func() { 94 95 var app model.App 96 97 BeforeEach(func() { 98 app = apps.Create(user, "--no-remote") 99 }) 100 101 AfterEach(func() { 102 apps.Destroy(user, app) 103 }) 104 105 Context("with a domain added to it", func() { 106 107 var domain string 108 109 BeforeEach(func() { 110 domain = getRandDomain() 111 domains.Add(user, app, domain) 112 }) 113 114 AfterEach(func() { 115 domains.Remove(user, app, domain) 116 }) 117 118 Specify("that user cannot attach a non-existent cert to that domain", func() { 119 sess, err := cmd.Start("deis certs:attach %s %s", &user, nonExistentCertName, domain) 120 Eventually(sess.Err).Should(Say(util.PrependError(certs.ErrNoCertMatch))) 121 Expect(err).NotTo(HaveOccurred()) 122 Eventually(sess).Should(Exit(1)) 123 }) 124 125 Specify("that user cannot detatch a non-existent cert from that domain", func() { 126 sess, err := cmd.Start("deis certs:detach %s %s", &user, nonExistentCertName, domain) 127 Eventually(sess.Err).Should(Say(util.PrependError(certs.ErrNoCertMatch))) 128 Expect(err).NotTo(HaveOccurred()) 129 Eventually(sess).Should(Exit(1)) 130 }) 131 132 }) 133 134 }) 135 136 Context("who owns an existing cert", func() { 137 138 nonExistentDomain := "non.existent.domain" 139 140 BeforeEach(func() { 141 certs.Add(user, cert) 142 }) 143 144 AfterEach(func() { 145 certs.Remove(user, cert) 146 }) 147 148 Specify("that user cannot attach a cert to a non-existent domain", func() { 149 sess, err := cmd.Start("deis certs:attach %s %s", &user, cert.Name, nonExistentDomain) 150 Eventually(sess.Err).Should(Say(util.PrependError(domains.ErrNoDomainMatch))) 151 Expect(err).NotTo(HaveOccurred()) 152 Eventually(sess).Should(Exit(1)) 153 }) 154 155 Specify("that user cannot detach a cert from a non-existent domain", func() { 156 sess, err := cmd.Start("deis certs:detach %s %s", &user, cert.Name, nonExistentDomain) 157 Eventually(sess.Err).Should(Say(util.PrependError(domains.ErrNoDomainMatch))) 158 Expect(err).NotTo(HaveOccurred()) 159 Eventually(sess).Should(Exit(1)) 160 }) 161 162 }) 163 164 Context("who owns two existing certs", func() { 165 166 var cert1, cert2 model.Cert 167 168 BeforeEach(func() { 169 cert1 = model.NewCert() 170 cert2 = model.NewCert() 171 certs.Add(user, cert1) 172 certs.Add(user, cert2) 173 }) 174 175 AfterEach(func() { 176 certs.Remove(user, cert1) 177 certs.Remove(user, cert2) 178 }) 179 180 Specify("that user can limit the number of certs returned by certs:list", func() { 181 randCertRegExp := `\d{0,9}-cert` 182 183 // limit=0 is invalid as of DRF 3.4 184 // https://github.com/tomchristie/django-rest-framework/pull/4194 185 sess, err := cmd.Start("deis certs:list --limit=0", &user) 186 Eventually(sess).Should(Say(randCertRegExp)) 187 Eventually(sess).Should(Say(randCertRegExp)) 188 Expect(err).NotTo(HaveOccurred()) 189 Eventually(sess).Should(Exit(0)) 190 191 sess, err = cmd.Start("deis certs:list --limit=1", &user) 192 Eventually(sess).Should(Say(randCertRegExp)) 193 Eventually(sess).Should(Not(Say(randCertRegExp))) 194 Expect(err).NotTo(HaveOccurred()) 195 Eventually(sess).Should(Exit(0)) 196 197 sess, err = cmd.Start("deis certs:list", &user) 198 Eventually(sess).Should(Say(randCertRegExp)) 199 Eventually(sess).Should(Say(randCertRegExp)) 200 Expect(err).NotTo(HaveOccurred()) 201 Eventually(sess).Should(Exit(0)) 202 }) 203 204 }) 205 206 Context("who owns an existing app that has already been deployed", func() { 207 208 var app model.App 209 210 BeforeEach(func() { 211 app = apps.Create(user, "--no-remote") 212 builds.Create(user, app) 213 }) 214 215 AfterEach(func() { 216 apps.Destroy(user, app) 217 }) 218 219 Context("with a domain added to it", func() { 220 221 domain := "www.foo.com" 222 223 BeforeEach(func() { 224 domains.Add(user, app, domain) 225 }) 226 227 AfterEach(func() { 228 domains.Remove(user, app, domain) 229 }) 230 231 Context("and that user also owns an existing cert", func() { 232 233 BeforeEach(func() { 234 certs.Add(user, cert) 235 }) 236 237 AfterEach(func() { 238 certs.Remove(user, cert) 239 }) 240 241 Specify("that user can attach/detach that cert to/from that domain", func() { 242 certs.Attach(user, cert, domain) 243 curlCmd := model.Cmd{CommandLineString: fmt.Sprintf(`curl -k -H "Host: %s" -sL -w "%%{http_code}\\n" "%s" -o /dev/null`, domain, app.URL)} 244 Eventually(cmd.Retry(curlCmd, strconv.Itoa(http.StatusOK), 60)).Should(BeTrue()) 245 certs.Detach(user, cert, domain) 246 }) 247 248 }) 249 250 }) 251 252 }) 253 254 }) 255 256 })