From a05edbbc8d7eccf300cf9ce47f95e8c31e5ed878 Mon Sep 17 00:00:00 2001 From: Timothy Dawson Date: Sun, 18 Jul 2021 20:23:41 +1200 Subject: [PATCH 1/9] Add .circleci/config.yml --- .circleci/config.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000..510b577 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,26 @@ +# Use the latest 2.1 version of CircleCI pipeline process engine. See: https://circleci.com/docs/2.0/configuration-reference +version: 2.1 +jobs: + build: + working_directory: ~/repo + docker: + - image: circleci/golang:1.16 + steps: + - checkout + - restore_cache: + keys: + - go-mod-v4-{{ checksum "go.sum" }} + - run: + name: Install Dependencies + command: go mod download + - save_cache: + key: go-mod-v4-{{ checksum "go.sum" }} + paths: + - "/go/pkg/mod" + - run: + name: Run tests + command: | + mkdir -p /tmp/test-reports + gotestsum --junitfile /tmp/test-reports/unit-tests.xml + - store_test_results: + path: /tmp/test-reports From 8c48c2824ddbfd451b59629015e25ca5ee818cf9 Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:15:24 +1200 Subject: [PATCH 2/9] Added download of kube test framwork --- .circleci/config.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 510b577..abac27e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -12,7 +12,9 @@ jobs: - go-mod-v4-{{ checksum "go.sum" }} - run: name: Install Dependencies - command: go mod download + command: | + go mod download + make _test/kubebuilde - save_cache: key: go-mod-v4-{{ checksum "go.sum" }} paths: From de3e7d08014e56d2e2ed19609ba0d8fb04d44bd1 Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:18:22 +1200 Subject: [PATCH 3/9] Fiexed typo --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index abac27e..94f3980 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -14,7 +14,7 @@ jobs: name: Install Dependencies command: | go mod download - make _test/kubebuilde + make _test/kubebuilder - save_cache: key: go-mod-v4-{{ checksum "go.sum" }} paths: From 3b6493cdd808d8334377f590cdd44383e6bd83be Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:28:25 +1200 Subject: [PATCH 4/9] Added other containers --- .circleci/config.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 94f3980..6151c5d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -5,6 +5,26 @@ jobs: working_directory: ~/repo docker: - image: circleci/golang:1.16 + - image: mariadb:10.1 + environment: + MYSQL_ROOT_PASSWORD: supersecret + - image: psitrax/powerdns + environment: + MYSQL_USER: root + MYSQL_PASS: supersecret + MYSQL_PORT: "3306" + command: + - "--webserver=yes" + - "--api=yes" + - "--api-key=password" + - "--webserver-port=8080" + - "--webserver-loglevel=detailed" + - "--loglevel=10" + - "--log-dns-queries=yes" + - "--master" + - "--disable-syslog" + - "--webserver-address=0.0.0.0" + - "--webserver-allow-from=0.0.0.0/0" steps: - checkout - restore_cache: From 81d437418303a08591a84475c1444d962ccd7aae Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:33:44 +1200 Subject: [PATCH 5/9] Added env for test and mysql host --- .circleci/config.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 6151c5d..61c3883 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -13,6 +13,7 @@ jobs: MYSQL_USER: root MYSQL_PASS: supersecret MYSQL_PORT: "3306" + MYSQL_HOST: localhost command: - "--webserver=yes" - "--api=yes" @@ -43,6 +44,6 @@ jobs: name: Run tests command: | mkdir -p /tmp/test-reports - gotestsum --junitfile /tmp/test-reports/unit-tests.xml + env TEST_ZONE_NAME=example.com. gotestsum --junitfile /tmp/test-reports/unit-tests.xml - store_test_results: path: /tmp/test-reports From ce48bedabe0ff7d6bba94ec8d49dd71ccf18c7ee Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:35:28 +1200 Subject: [PATCH 6/9] Fixed mysql trying to use unixsocket --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 61c3883..820929c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -13,7 +13,7 @@ jobs: MYSQL_USER: root MYSQL_PASS: supersecret MYSQL_PORT: "3306" - MYSQL_HOST: localhost + MYSQL_HOST: "127.0.0.1" command: - "--webserver=yes" - "--api=yes" From 62cab2be4fee3c1a5a2387a73180eb25ceaaf595 Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 00:42:45 +1200 Subject: [PATCH 7/9] Removed example tests --- example/dns.go | 69 ----------------------------- example/example.go | 68 ----------------------------- example/example_test.go | 96 ----------------------------------------- 3 files changed, 233 deletions(-) delete mode 100644 example/dns.go delete mode 100644 example/example.go delete mode 100644 example/example_test.go diff --git a/example/dns.go b/example/dns.go deleted file mode 100644 index e29597e..0000000 --- a/example/dns.go +++ /dev/null @@ -1,69 +0,0 @@ -package example - -import ( - "fmt" - - "github.com/miekg/dns" -) - -func (e *exampleSolver) handleDNSRequest(w dns.ResponseWriter, req *dns.Msg) { - msg := new(dns.Msg) - msg.SetReply(req) - switch req.Opcode { - case dns.OpcodeQuery: - for _, q := range msg.Question { - if err := e.addDNSAnswer(q, msg, req); err != nil { - msg.SetRcode(req, dns.RcodeServerFailure) - break - } - } - } - w.WriteMsg(msg) -} - -func (e *exampleSolver) addDNSAnswer(q dns.Question, msg *dns.Msg, req *dns.Msg) error { - switch q.Qtype { - // Always return loopback for any A query - case dns.TypeA: - rr, err := dns.NewRR(fmt.Sprintf("%s 5 IN A 127.0.0.1", q.Name)) - if err != nil { - return err - } - msg.Answer = append(msg.Answer, rr) - return nil - - // TXT records are the only important record for ACME dns-01 challenges - case dns.TypeTXT: - e.RLock() - record, found := e.txtRecords[q.Name] - e.RUnlock() - if !found { - msg.SetRcode(req, dns.RcodeNameError) - return nil - } - rr, err := dns.NewRR(fmt.Sprintf("%s 5 IN TXT %s", q.Name, record)) - if err != nil { - return err - } - msg.Answer = append(msg.Answer, rr) - return nil - - // NS and SOA are for authoritative lookups, return obviously invalid data - case dns.TypeNS: - rr, err := dns.NewRR(fmt.Sprintf("%s 5 IN NS ns.example-acme-webook.invalid.", q.Name)) - if err != nil { - return err - } - msg.Answer = append(msg.Answer, rr) - return nil - case dns.TypeSOA: - rr, err := dns.NewRR(fmt.Sprintf("%s 5 IN SOA %s 20 5 5 5 5", "ns.example-acme-webook.invalid.", "ns.example-acme-webook.invalid.")) - if err != nil { - return err - } - msg.Answer = append(msg.Answer, rr) - return nil - default: - return fmt.Errorf("unimplemented record type %v", q.Qtype) - } -} diff --git a/example/example.go b/example/example.go deleted file mode 100644 index d31b42d..0000000 --- a/example/example.go +++ /dev/null @@ -1,68 +0,0 @@ -// package example contains a self-contained example of a webhook that passes the cert-manager -// DNS conformance tests -package example - -import ( - "fmt" - "os" - "sync" - - "github.com/jetstack/cert-manager/pkg/acme/webhook" - acme "github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1" - "github.com/miekg/dns" - "k8s.io/client-go/rest" -) - -type exampleSolver struct { - name string - server *dns.Server - txtRecords map[string]string - sync.RWMutex -} - -func (e *exampleSolver) Name() string { - return e.name -} - -func (e *exampleSolver) Present(ch *acme.ChallengeRequest) error { - e.Lock() - e.txtRecords[ch.ResolvedFQDN] = ch.Key - e.Unlock() - return nil -} - -func (e *exampleSolver) CleanUp(ch *acme.ChallengeRequest) error { - e.Lock() - delete(e.txtRecords, ch.ResolvedFQDN) - e.Unlock() - return nil -} - -func (e *exampleSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error { - go func(done <-chan struct{}) { - <-done - if err := e.server.Shutdown(); err != nil { - fmt.Fprintf(os.Stderr, "%s\n", err.Error()) - } - }(stopCh) - go func() { - if err := e.server.ListenAndServe(); err != nil { - fmt.Fprintf(os.Stderr, "%s\n", err.Error()) - os.Exit(1) - } - }() - return nil -} - -func New(port string) webhook.Solver { - e := &exampleSolver{ - name: "example", - txtRecords: make(map[string]string), - } - e.server = &dns.Server{ - Addr: ":" + port, - Net: "udp", - Handler: dns.HandlerFunc(e.handleDNSRequest), - } - return e -} diff --git a/example/example_test.go b/example/example_test.go deleted file mode 100644 index 8c40df2..0000000 --- a/example/example_test.go +++ /dev/null @@ -1,96 +0,0 @@ -package example - -import ( - "crypto/rand" - "math/big" - "testing" - - acme "github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1" - "github.com/miekg/dns" - "github.com/stretchr/testify/assert" -) - -func TestExampleSolver_Name(t *testing.T) { - port, _ := rand.Int(rand.Reader, big.NewInt(50000)) - port = port.Add(port, big.NewInt(15534)) - solver := New(port.String()) - assert.Equal(t, "example", solver.Name()) -} - -func TestExampleSolver_Initialize(t *testing.T) { - port, _ := rand.Int(rand.Reader, big.NewInt(50000)) - port = port.Add(port, big.NewInt(15534)) - solver := New(port.String()) - done := make(chan struct{}) - err := solver.Initialize(nil, done) - assert.NoError(t, err, "Expected Initialize not to error") - close(done) -} - -func TestExampleSolver_Present_Cleanup(t *testing.T) { - port, _ := rand.Int(rand.Reader, big.NewInt(50000)) - port = port.Add(port, big.NewInt(15534)) - solver := New(port.String()) - done := make(chan struct{}) - err := solver.Initialize(nil, done) - assert.NoError(t, err, "Expected Initialize not to error") - - validTestData := []struct { - hostname string - record string - }{ - {"test1.example.com.", "testkey1"}, - {"test2.example.com.", "testkey2"}, - {"test3.example.com.", "testkey3"}, - } - for _, test := range validTestData { - err := solver.Present(&acme.ChallengeRequest{ - Action: acme.ChallengeActionPresent, - Type: "dns-01", - ResolvedFQDN: test.hostname, - Key: test.record, - }) - assert.NoError(t, err, "Unexpected error while presenting %v", t) - } - - // Resolve test data - for _, test := range validTestData { - msg := new(dns.Msg) - msg.Id = dns.Id() - msg.RecursionDesired = true - msg.Question = make([]dns.Question, 1) - msg.Question[0] = dns.Question{dns.Fqdn(test.hostname), dns.TypeTXT, dns.ClassINET} - in, err := dns.Exchange(msg, "127.0.0.1:"+port.String()) - - assert.NoError(t, err, "Presented record %s not resolvable", test.hostname) - assert.Len(t, in.Answer, 1, "RR response is of incorrect length") - assert.Equal(t, []string{test.record}, in.Answer[0].(*dns.TXT).Txt, "TXT record returned did not match presented record") - } - - // Cleanup test data - for _, test := range validTestData { - err := solver.CleanUp(&acme.ChallengeRequest{ - Action: acme.ChallengeActionCleanUp, - Type: "dns-01", - ResolvedFQDN: test.hostname, - Key: test.record, - }) - assert.NoError(t, err, "Unexpected error while cleaning up %v", t) - } - - // Resolve test data - for _, test := range validTestData { - msg := new(dns.Msg) - msg.Id = dns.Id() - msg.RecursionDesired = true - msg.Question = make([]dns.Question, 1) - msg.Question[0] = dns.Question{dns.Fqdn(test.hostname), dns.TypeTXT, dns.ClassINET} - in, err := dns.Exchange(msg, "127.0.0.1:"+port.String()) - - assert.NoError(t, err, "Presented record %s not resolvable", test.hostname) - assert.Len(t, in.Answer, 0, "RR response is of incorrect length") - assert.Equal(t, dns.RcodeNameError, in.Rcode, "Expexted NXDOMAIN") - } - - close(done) -} From 2f8fc1876b4d51cb53a5a4e9fba939aed3c2b7c9 Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 01:37:08 +1200 Subject: [PATCH 8/9] Added curl to create zone --- .circleci/config.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 820929c..288cd04 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,7 @@ # Use the latest 2.1 version of CircleCI pipeline process engine. See: https://circleci.com/docs/2.0/configuration-reference version: 2.1 jobs: - build: + test: working_directory: ~/repo docker: - image: circleci/golang:1.16 @@ -22,7 +22,7 @@ jobs: - "--webserver-loglevel=detailed" - "--loglevel=10" - "--log-dns-queries=yes" - - "--master" + - "--master=yes" - "--disable-syslog" - "--webserver-address=0.0.0.0" - "--webserver-allow-from=0.0.0.0/0" @@ -43,6 +43,8 @@ jobs: - run: name: Run tests command: | + while [[ "$(curl -s -o /dev/null -w ''%{http_code}'' localhost:8080)" != "200" ]]; do sleep 3; done + curl -sv -X post -H 'X-API-Key: password' --data '{"id":"example.com.","name":"example.com.", "type": "zone", "kind": "native"}' http://localhost:8080/api/v1/servers/localhost/zones mkdir -p /tmp/test-reports env TEST_ZONE_NAME=example.com. gotestsum --junitfile /tmp/test-reports/unit-tests.xml - store_test_results: From ba44eca21d39631b5c05416aebbf27b49c8d0c7e Mon Sep 17 00:00:00 2001 From: Tim Dawson Date: Tue, 20 Jul 2021 01:42:00 +1200 Subject: [PATCH 9/9] Added workflow --- .circleci/config.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 288cd04..02ca23d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -49,3 +49,8 @@ jobs: env TEST_ZONE_NAME=example.com. gotestsum --junitfile /tmp/test-reports/unit-tests.xml - store_test_results: path: /tmp/test-reports + +workflows: + test_publish: + jobs: + - test