Test proxy copies in custom certificate

github · Aug 31, 2021 · d198c7d · d198c7d
1 parent 04e1538
commit d198c7d
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 2 deletions.
diff --git a/__tests__/proxy-integration.test.ts b/__tests__/proxy-integration.test.ts
@@ -4,6 +4,9 @@ import {ImageService} from '../src/image-service'
 import {PROXY_IMAGE_NAME} from '../src/main'
 import {ProxyBuilder} from '../src/proxy'
 import {removeDanglingUpdaterContainers} from './helpers'
+import {spawnSync} from 'child_process'
+import fs from 'fs'
+import path from 'path'
 
 describe('ProxyBuilder', () => {
   const docker = new Docker()
@@ -46,6 +49,7 @@ describe('ProxyBuilder', () => {
     }
 
     const proxy = await builder.run(details, credentials)
+    await proxy.container.start()
 
     expect(proxy.networkName).toBe('job-1-network')
     expect(proxy.url).toMatch(/^http:\/\/1:.+job-1-proxy:1080$/)
@@ -63,6 +67,41 @@ describe('ProxyBuilder', () => {
     expect(networkInfo.Name).toBe('job-1-network')
     expect(networkInfo.Internal).toBe(false)
 
+    // run a bash command that executes docker and returns contents of /config.json
+    const id = proxy.container.id
+    const proc = spawnSync('docker', ['exec', id, 'cat', '/config.json'])
+    const stdout = proc.stdout.toString()
+    const config = JSON.parse(stdout)
+    expect(config.all_credentials).toEqual(credentials)
+
     await proxy.shutdown()
   })
+
+  it('copies in a custom root CA if configured', async () => {
+    if (process.env.SKIP_INTEGRATION_TESTS) {
+      return
+    }
+
+    // make a tmp dir at the repo root unless it already exists
+    const tmpDir = path.join(__dirname, '../tmp')
+    if (!fs.existsSync(tmpDir)) {
+      fs.mkdirSync(tmpDir)
+    }
+    const certPath = path.join(__dirname, '../tmp/custom-cert.crt')
+    fs.writeFileSync(certPath, 'ca-pem-contents')
+    process.env.CUSTOM_CA_PATH = certPath
+
+    const proxy = await builder.run(details, credentials)
+    await proxy.container.start()
+
+    const id = proxy.container.id
+    const proc = spawnSync('docker', [
+      'exec',
+      id,
+      'cat',
+      '/usr/local/share/ca-certificates/custom-ca-cert.crt'
+    ])
+    const stdout = proc.stdout.toString()
+    expect(stdout).toEqual('ca-pem-contents')
+  })
 })
diff --git a/src/proxy.ts b/src/proxy.ts
@@ -78,7 +78,6 @@ export class ProxyBuilder {
     )
 
     if (process.env.CUSTOM_CA_PATH) {
-      // read the file defined at the CUSTOM_CA_PATH environment variable
       const customCert = fs
         .readFileSync(process.env.CUSTOM_CA_PATH, 'utf8')
         .toString()
@@ -101,7 +100,6 @@ export class ProxyBuilder {
       errStream('  proxy')
     )
 
-    container.start()
     const url = `http://${config.proxy_auth.username}:${config.proxy_auth.password}@${name}:1080`
     return {
       container,

diff --git a/src/updater.ts b/src/updater.ts
@@ -38,6 +38,7 @@ export class Updater {
         this.details,
         this.credentials
       )
+      proxy.container.start()
 
       try {
         const files = await this.runFileFetcher(proxy)