github.com/letsencrypt/boulder@v0.20251208.0/test/integration/srv_resolver_test.go

github.com/letsencrypt/boulder@v0.20251208.0/test/integration/srv_resolver_test.go (about)

     1  //go:build integration
     2  
     3  package integration
     4  
     5  import (
     6  	"context"
     7  	"testing"
     8  
     9  	"github.com/jmhodges/clock"
    10  	"google.golang.org/protobuf/types/known/emptypb"
    11  
    12  	"github.com/letsencrypt/boulder/cmd"
    13  	bgrpc "github.com/letsencrypt/boulder/grpc"
    14  	"github.com/letsencrypt/boulder/metrics"
    15  	"github.com/letsencrypt/boulder/nonce"
    16  	"github.com/letsencrypt/boulder/test"
    17  )
    18  
    19  type srvResolverTestConfig struct {
    20  	WebFooEnd struct {
    21  		TLS cmd.TLSConfig
    22  		// CaseOne config will have 2 SRV records. The first will have 0
    23  		// backends, the second will have 1.
    24  		CaseOne *cmd.GRPCClientConfig
    25  
    26  		// CaseTwo config will have 2 SRV records. The first will not be
    27  		// configured in Consul, the second will have 1 backend.
    28  		CaseTwo *cmd.GRPCClientConfig
    29  
    30  		// CaseThree config will have 2 SRV records. Neither will be configured
    31  		// in Consul.
    32  		CaseThree *cmd.GRPCClientConfig
    33  
    34  		// CaseFour config will have 2 SRV records. Neither will have backends.
    35  		CaseFour *cmd.GRPCClientConfig
    36  	}
    37  }
    38  
    39  func TestSRVResolver_CaseOne(t *testing.T) {
    40  	t.Parallel()
    41  
    42  	var c srvResolverTestConfig
    43  	err := cmd.ReadConfigFile("test/integration/testdata/srv-resolver-config.json", &c)
    44  	test.AssertNotError(t, err, "Could not read config file")
    45  
    46  	tlsConfig, err := c.WebFooEnd.TLS.Load(metrics.NoopRegisterer)
    47  	test.AssertNotError(t, err, "Could not load TLS config")
    48  	clk := clock.New()
    49  
    50  	getNonceConn, err := bgrpc.ClientSetup(c.WebFooEnd.CaseOne, tlsConfig, metrics.NoopRegisterer, clk)
    51  	test.AssertNotError(t, err, "Could not set up gRPC client")
    52  
    53  	// This should succeed, even though the first SRV record has no backends.
    54  	gnc := nonce.NewGetter(getNonceConn)
    55  	_, err = gnc.Nonce(context.Background(), &emptypb.Empty{})
    56  	test.AssertNotError(t, err, "Unexpected error getting nonce")
    57  }
    58  
    59  func TestSRVResolver_CaseTwo(t *testing.T) {
    60  	t.Parallel()
    61  
    62  	var c srvResolverTestConfig
    63  	err := cmd.ReadConfigFile("test/integration/testdata/srv-resolver-config.json", &c)
    64  	test.AssertNotError(t, err, "Could not read config file")
    65  
    66  	tlsConfig, err := c.WebFooEnd.TLS.Load(metrics.NoopRegisterer)
    67  	test.AssertNotError(t, err, "Could not load TLS config")
    68  	clk := clock.New()
    69  
    70  	getNonceConn, err := bgrpc.ClientSetup(c.WebFooEnd.CaseTwo, tlsConfig, metrics.NoopRegisterer, clk)
    71  	test.AssertNotError(t, err, "Could not set up gRPC client")
    72  
    73  	// This should succeed, even though the first SRV record is not configured
    74  	// in Consul.
    75  	gnc := nonce.NewGetter(getNonceConn)
    76  	_, err = gnc.Nonce(context.Background(), &emptypb.Empty{})
    77  	test.AssertNotError(t, err, "Unexpected error getting nonce")
    78  }
    79  
    80  func TestSRVResolver_CaseThree(t *testing.T) {
    81  	t.Parallel()
    82  
    83  	var c srvResolverTestConfig
    84  	err := cmd.ReadConfigFile("test/integration/testdata/srv-resolver-config.json", &c)
    85  	test.AssertNotError(t, err, "Could not read config file")
    86  
    87  	tlsConfig, err := c.WebFooEnd.TLS.Load(metrics.NoopRegisterer)
    88  	test.AssertNotError(t, err, "Could not load TLS config")
    89  	clk := clock.New()
    90  
    91  	getNonceConn, err := bgrpc.ClientSetup(c.WebFooEnd.CaseThree, tlsConfig, metrics.NoopRegisterer, clk)
    92  	test.AssertNotError(t, err, "Could not set up gRPC client")
    93  
    94  	// This should fail, neither SRV record is configured in Consul and the
    95  	// resolver will not return any backends.
    96  	gnc := nonce.NewGetter(getNonceConn)
    97  	_, err = gnc.Nonce(context.Background(), &emptypb.Empty{})
    98  	test.AssertError(t, err, "Expected error getting nonce")
    99  	test.AssertContains(t, err.Error(), "no children to pick from")
   100  }
   101  
   102  func TestSRVResolver_CaseFour(t *testing.T) {
   103  	t.Parallel()
   104  
   105  	var c srvResolverTestConfig
   106  	err := cmd.ReadConfigFile("test/integration/testdata/srv-resolver-config.json", &c)
   107  	test.AssertNotError(t, err, "Could not read config file")
   108  
   109  	tlsConfig, err := c.WebFooEnd.TLS.Load(metrics.NoopRegisterer)
   110  	test.AssertNotError(t, err, "Could not load TLS config")
   111  	clk := clock.New()
   112  
   113  	getNonceConn4, err := bgrpc.ClientSetup(c.WebFooEnd.CaseFour, tlsConfig, metrics.NoopRegisterer, clk)
   114  	test.AssertNotError(t, err, "Could not set up gRPC client")
   115  
   116  	// This should fail, neither SRV record resolves to backends.
   117  	gnc := nonce.NewGetter(getNonceConn4)
   118  	_, err = gnc.Nonce(context.Background(), &emptypb.Empty{})
   119  	test.AssertError(t, err, "Expected error getting nonce")
   120  	test.AssertContains(t, err.Error(), "no children to pick from")
   121  }