github.com/drud/ddev@v1.21.5-alpha1.0.20230226034409-94fcc4b94453/containers/ddev-router/test/containertest.sh (about) 1 #!/bin/bash 2 3 set -o errexit 4 set -o pipefail 5 set -o nounset 6 7 if [ "${OS:-$(uname)}" = "Windows_NT" ]; then exit; fi 8 9 if [ $# != "1" ]; then echo "docker image spec must be \$1"; exit 1; fi 10 DOCKER_IMAGE=$1 11 CONTAINER_NAME=ddev-router-test 12 13 # Wait for container to be ready. 14 function containercheck { 15 for i in {15..0}; do 16 # fail if we can't find the container 17 if ! docker inspect ${CONTAINER_NAME} >/dev/null; then 18 break 19 fi 20 21 status="$(docker inspect ${CONTAINER_NAME} | jq -r '.[0].State.Status')" 22 if [ "${status}" != "running" ]; then 23 break 24 fi 25 health="$(docker inspect --format '{{json .State.Health }}' ${CONTAINER_NAME} | jq -r .Status)" 26 case ${health} in 27 healthy) 28 return 0 29 ;; 30 *) 31 sleep 1 32 ;; 33 esac 34 done 35 echo "# --- ddev-router FAIL -----" 36 return 1 37 } 38 39 function cleanup { 40 echo "Removing $CONTAINER_NAME" 41 docker rm -f $CONTAINER_NAME 2>/dev/null || true 42 } 43 trap cleanup EXIT 44 45 cleanup 46 47 # Make sure rootCA is created and installed on the ddev-global-cache/mkcert 48 mkcert -install 49 set -x 50 docker run -t --rm -v "$(mkcert -CAROOT):/mnt/mkcert" -v ddev-global-cache:/mnt/ddev-global-cache busybox:stable sh -c "mkdir -p /mnt/ddev-global-cache/mkcert && chmod -R ugo+w /mnt/ddev-global-cache/* && cp -R /mnt/mkcert /mnt/ddev-global-cache" 51 52 # Run the router alone 53 docker run --rm --name $CONTAINER_NAME -p 8080:80 -p 8443:443 --mount "type=bind,src=/var/run/docker.sock,target=/tmp/docker.sock" -v ddev-global-cache:/mnt/ddev-global-cache --name ddev-router-test -d $DOCKER_IMAGE 54 55 CONTAINER_NAME=ddev-router-test 56 57 if ! containercheck; then 58 printf "=============== FAIL: $CONTAINER_NAME failed to become ready ====================\n" 59 printf "=============== FAIL: $CONTAINER_NAME FAIL: information =================\n" 60 docker logs $CONTAINER_NAME 61 docker ps -a 62 docker inspect $CONTAINER_NAME 63 exit 101 64 fi 65 66 # Make sure we can access http and https ports successfully (and with valid cert) 67 (curl -s -I http://127.0.0.1:8080 | grep 503) || (echo "Failed to get 503 from nginx-router by default" && exit 102) 68 # mkcert is not respected by git-bash curl, so don't try the test on windows. 69 if [ "${OS:-$(uname)}" != "Windows_NT" ]; then 70 (curl -s -I https://127.0.0.1:8443 | grep 503) || (echo "Failed to get 503 from nginx-router via https by default" && exit 103) 71 fi 72 # Make sure internal access to https is working 73 docker exec -t $CONTAINER_NAME curl --fail https://127.0.0.1/healthcheck || (echo "Failed to run https healthcheck inside container" && exit 104) 74 75 76 DDEV_MAX_DAYS_BEFORE_CERT_EXPIRATION=${DDEV_MAX_DAYS_BEFORE_CERT_EXPIRATION:-90} 77 if [ "${DDEV_IGNORE_EXPIRING_KEYS:-}" = "true" ]; then 78 echo "Skipping test of expiring keys because DDEV_IGNORE_EXPIRING_KEYS is set" 79 else 80 docker exec -e "max=$DDEV_MAX_DAYS_BEFORE_CERT_EXPIRATION" ${CONTAINER_NAME} bash -x -c ' 81 dates=$(apt-key list 2>/dev/null | awk "/\[expires/ { gsub(/[\[\]]/, \"\"); print \$6;}") 82 for item in ${dates}; do 83 today=$(date -I) 84 let diff=($(date +%s -d ${item})-$(date +%s -d ${today}))/86400 85 if [ ${diff} -le ${max} ]; then 86 echo "An apt key is expiring in ${diff} days" 87 apt-key list 88 exit 1 89 fi 90 done 91 ' || (echo "apt keys are expiring in container" && exit 105) 92 fi