go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/tokenserver/testing/run_test.sh

go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/tokenserver/testing/run_test.sh (about)

     1  #!/bin/bash
     2  # Copyright 2016 The LUCI Authors. All rights reserved.
     3  # Use of this source code is governed under the Apache License, Version 2.0
     4  # that can be found in the LICENSE file.
     5  
     6  # run_test.sh runs the actual test.
     7  #
     8  # It assumes devserver.sh and crlserver.sh run in background already.
     9  
    10  cd $(dirname $0)
    11  . ./include.sh
    12  
    13  echo "Building go code..."
    14  go install -v go.chromium.org/luci/grpc/cmd/rpc
    15  go install -v go.chromium.org/luci/tokenserver/cmd/luci_machine_tokend
    16  
    17  function clean_tokens {
    18    local cert_name=$1
    19    rm -f "$WORKING_DIR/$cert_name.tok"
    20    rm -f "$WORKING_DIR/$cert_name.status"
    21  }
    22  
    23  function call_tokend {
    24    local cert_name=$1
    25    $GOBIN/luci_machine_tokend \
    26      -backend "localhost:$DEVSERVER_PORT" \
    27      -cert-pem "$CA_DIR/certs/$cert_name.pem" \
    28      -pkey-pem "$CA_DIR/private/$cert_name.pem" \
    29      -token-file "$WORKING_DIR/$cert_name.tok" \
    30      -status-file "$WORKING_DIR/$cert_name.status" \
    31      -ts-mon-endpoint "file://$WORKING_DIR/tsmon.txt"
    32  }
    33  
    34  function dump_status {
    35    local cert_name=$1
    36    echo "Status of luci_machine_tokend call:"
    37    echo "==================================="
    38    cat "$WORKING_DIR/$cert_name.status"
    39    echo
    40    echo "==================================="
    41  }
    42  
    43  function dump_token_file {
    44    local cert_name=$1
    45    echo "Token file:"
    46    echo "==================================="
    47    cat "$WORKING_DIR/$cert_name.tok"
    48    echo
    49    echo "==================================="
    50  }
    51  
    52  # Make a CA, feed its config to the token server.
    53  echo "Initializing CA..."
    54  initialize_ca
    55  import_config
    56  fetch_crl
    57  
    58  # Create a machine certificate.
    59  create_client_certificate luci-token-server-test-1.fake.domain
    60  
    61  # Make a new token.
    62  clean_tokens luci-token-server-test-1.fake.domain
    63  call_tokend luci-token-server-test-1.fake.domain
    64  ret=$?
    65  dump_token_file luci-token-server-test-1.fake.domain
    66  dump_status luci-token-server-test-1.fake.domain
    67  if [ $ret -ne 0 ]
    68  then
    69    echo "FAIL"
    70    exit 1
    71  fi
    72  
    73  # Revoke the cert, wait a bit (>100 ms) for CRL cache to expire.
    74  revoke_client_certificate luci-token-server-test-1.fake.domain
    75  fetch_crl
    76  sleep 1
    77  
    78  # Should fail now.
    79  clean_tokens luci-token-server-test-1.fake.domain
    80  call_tokend luci-token-server-test-1.fake.domain
    81  ret=$?
    82  dump_status luci-token-server-test-1.fake.domain
    83  if [ $ret -eq 0 ]
    84  then
    85    echo "FAIL, luci_machine_tokend should have failed with error"
    86    exit 1
    87  else
    88    echo "SUCCESS! luci_machine_tokend failed as it should have"
    89  fi