Skip to content

Commit

Permalink
CI connectivity tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@lemaitre-aneo
lemaitre-aneo committed May 21, 2024
1 parent b32ebfc commit 9c3cdc8
Show file tree
Hide file tree
Showing 4 changed files with 213 additions and 19 deletions.
185 changes: 185 additions & 0 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,185 @@
name: Tests

on:
pull_request:

concurrency:
group: test-${{ github.ref }}
cancel-in-progress: true

jobs:
certs:
name: Generate certificates
runs-on: ubuntu-latest
outputs:
client-ca_pem: ${{ steps.certs.outputs.client-ca_pem }}
client_key: ${{ steps.certs.outputs.client_key }}
client_pem: ${{ steps.certs.outputs.client_pem }}
server1-ca_pem: ${{ steps.certs.outputs.server1-ca_pem }}
server1_key: ${{ steps.certs.outputs.server1_key }}
server1_pem: ${{ steps.certs.outputs.server1_pem }}
server2-ca_pem: ${{ steps.certs.outputs.server2-ca_pem }}
server2_key: ${{ steps.certs.outputs.server2_key }}
server2_pem: ${{ steps.certs.outputs.server2_pem }}
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
fetch-depth: 0
- name: Generate certificates
id: certs
run: |
mkdir certs
cd certs
../scripts/certs.sh
for file in *; do
echo "${file//./_}<<EOF"
cat "$file"
echo "EOF"
done >> "$GITHUB_OUTPUT"
csharp:
name: Test C#
needs:
- certs
strategy:
fail-fast: false
matrix:
dotnet:
- version: ''
framework: net4.7
- version: ''
framework: net4.8
- version: 6.0
framework: net6.0
- version: 8.0
framework: net8.0
platform:
- os: ubuntu-latest
runtime: linux-x64
- os: windows-2019
runtime: windows-x64
- os: windows-2022
runtime: windows-x64
exclude:
- dotnet:
version: ''
framework: net4.7
platform:
os: ubuntu-latest
runtime: linux-x64
- dotnet:
version: ''
framework: net4.8
platform:
os: ubuntu-latest
runtime: linux-x64
runs-on: ${{ matrix.platform.os }}

steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
with:
fetch-depth: 0

- name: Install local certs
working-directory: packages/csharp/
shell: bash
run: |
mkdir certs
cd certs
cat > client-ca.pem <<EOF
${{ needs.certs.outputs.client-ca_pem }}
EOF
cat > client.key <<EOF
${{ needs.certs.outputs.client_key }}
EOF
cat > client.pem <<EOF
${{ needs.certs.outputs.client_pem }}
EOF
cat > server1-ca.pem <<EOF
${{ needs.certs.outputs.server1-ca_pem }}
EOF
cat > server1.key <<EOF
${{ needs.certs.outputs.server1_key }}
EOF
cat > server1.pem <<EOF
${{ needs.certs.outputs.server1_pem }}
EOF
cat > server2-ca.pem <<EOF
${{ needs.certs.outputs.server2-ca_pem }}
EOF
cat > server2.key <<EOF
${{ needs.certs.outputs.server2_key }}
EOF
cat > server2.pem <<EOF
${{ needs.certs.outputs.server2_pem }}
EOF
- name: Install certs
if: ${{ matrix.platform.os == 'ubuntu-latest' }}
working-directory: packages/csharp/certs
run: |
sudo apt install ca-certificates
sudo mkdir -p /usr/local/share/ca-certificates/
sudo cp server2-ca.pem /usr/local/share/ca-certificates/ca.crt
sudo update-ca-certificates
- name: Install certs
if: ${{ contains(matrix.platform.os, 'windows') }}
working-directory: packages/csharp/certs
run: |
certutil -addstore -f "ROOT" server2-ca.pem
- name: Install .NET Core
uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4
if: ${{ matrix.dotnet.version }} != ""
with:
dotnet-version: ${{ matrix.dotnet.version }}

- name: Build Mock server
working-directory: packages/csharp/ArmoniK.Api.Mock
shell: bash
run: |
dotnet publish -o ../out
[ -e ../out/ArmoniK.Api.Mock.exe ] || ln -s ArmoniK.Api.Mock ../out/ArmoniK.Api.Mock.exe
- name: Test
working-directory: packages/csharp/
shell: bash
run: |
set +e
set -x
export CertFolder="$PWD/certs"
./out/ArmoniK.Api.Mock.exe \
grpc:port=5000 http:port=4999 \
& notls_pid=$!
./out/ArmoniK.Api.Mock.exe \
grpc:port=5001 http:port=5001 \
http:cert="$CertFolder/server1.pem" http:key="$CertFolder/server1.key" \
& tls_pid=$!
./out/ArmoniK.Api.Mock.exe \
grpc:port=5002 http:port=5002 \
http:cert="$CertFolder/server2.pem" http:key="$CertFolder/server2.key" \
& tlsstore_pid=$!
./out/ArmoniK.Api.Mock.exe \
grpc:port=5003 http:port=5003 \
http:cert="$CertFolder/server1.pem" http:key="$CertFolder/server1.key" http:clientcert="$CertFolder/client-ca.pem" \
& mtls_pid=$!
./out/ArmoniK.Api.Mock.exe \
grpc:port=5004 http:port=5004 \
http:cert="$CertFolder/server2.pem" http:key="$CertFolder/server2.key" http:clientcert="$CertFolder/client-ca.pem" \
& mtlsstore_pid=$!
sleep 5
cd ArmoniK.Api.Client.Test
dotnet test --runtime ${{ matrix.platform.runtime }} -f ${{ matrix.dotnet.framework }} --logger "trx;LogFileName=test-results.trx"; ret=$?
kill $notls_pid $tls_pid $tlsstore_pid $mtls_pid $mtlsstore_pid
exit $ret
- name: Test Report
uses: dorny/test-reporter@v1
if: always()
with:
name: ConnectivityTests ${{ matrix.platform.runtime }} ${{ matrix.dotnet.framework }}
path: ./packages/csharp/ArmoniK.Api.Client.Test/TestResults/test-results.trx
reporter: dotnet-trx
1 change: 1 addition & 0 deletions packages/csharp/ArmoniK.Api.Client.Test/ArmoniK.Api.Client.Tests.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@


<ItemGroup>
<PackageReference Include="Grpc.Core" Version="2.46.6" />
<PackageReference Include="NUnit" Version="3.13.3" />
<PackageReference Include="NUnit3TestAdapter" Version="4.5.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.1" />
Expand Down
39 changes: 23 additions & 16 deletions packages/csharp/ArmoniK.Api.Client.Test/ConnectivityKind.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,9 @@
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.

using System;
using System.IO;
using System.Runtime.InteropServices;

using ArmoniK.Api.Client.Options;
using ArmoniK.Api.Client.Submitter;
Expand All @@ -46,7 +48,8 @@ public enum ConnectivityKind

internal static class ConnectivityKindExt
{
private const string CertFolder = "../../../../certs";
private static string CertFolder
=> Environment.GetEnvironmentVariable("CertFolder") ?? "../../../../certs";

internal static bool IsTls(this ConnectivityKind kind)
=> kind switch
Expand All @@ -72,12 +75,21 @@ internal static bool IsMTls(this ConnectivityKind kind)
};

internal static string? GetCaCertPath(this ConnectivityKind kind)
=> kind switch
{
ConnectivityKind.TlsCert or ConnectivityKind.MTlsCert => Path.Combine(CertFolder,
"server-ca.pem"),
_ => null,
};
{
switch (kind)
{
case ConnectivityKind.TlsCert or ConnectivityKind.MTlsCert:
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
Assert.Inconclusive("Library loading bug on Windows");
}

return Path.Combine(CertFolder,
"server1-ca.pem");
default:
return null;
}
}

internal static (string?, string?) GetClientCertPath(this ConnectivityKind kind)
=> kind.IsMTls()
Expand All @@ -92,22 +104,17 @@ internal static string GetEndpoint(this ConnectivityKind kind)
ConnectivityKind.Unencrypted => "http://localhost:5000",
ConnectivityKind.TlsInsecure => "https://localhost:5001",
ConnectivityKind.TlsCert => "https://localhost:5001",
ConnectivityKind.TlsStore => "https://localhost:5001",
ConnectivityKind.MTlsInsecure => "https://localhost:5002",
ConnectivityKind.MTlsCert => "https://localhost:5002",
ConnectivityKind.MTlsStore => "https://localhost:5002",
ConnectivityKind.TlsStore => "https://localhost:5002",
ConnectivityKind.MTlsInsecure => "https://localhost:5003",
ConnectivityKind.MTlsCert => "https://localhost:5003",
ConnectivityKind.MTlsStore => "https://localhost:5004",
_ => "http://localhost:5000",
};

internal static ChannelBase GetChannel(this ConnectivityKind kind)
{
var (certPath, keyPath) = kind.GetClientCertPath();

if (kind.GetCaCertPath() is not null && false)
{
Assert.Inconclusive("CA is not yet supported");
}

return GrpcChannelFactory.CreateChannel(new GrpcClient
{
Endpoint = kind.GetEndpoint(),
Expand Down
7 changes: 4 additions & 3 deletions scripts/certs.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,10 @@
set -ex

chain() {
openssl req -x509 -newkey rsa:4096 -days 3650 -nodes -keyout "$1-ca.key" -out "$1-ca.pem" -subj "/C=FR/ST=France/L=/O=ArmoniK Ingress Root (NonTrusted)/OU=/CN=ArmoniK Ingress Root (NonTrusted) Private Certificate Authority/emailAddress="
openssl req -x509 -newkey rsa:4096 -days 3650 -nodes -keyout "$1-ca.key" -out "$1-ca.pem" -subj "/C=FR/ST=France/L=/O=ArmoniK Ingress Root (NonTrusted)/OU=$1/CN=ArmoniK Ingress Root (NonTrusted) Private Certificate Authority/emailAddress="

openssl genrsa -out "$1.key" 4096
openssl req -new -key "$1".key -out "$1".csr -subj "/C=FR/ST=France/L=/O=ArmoniK Ingress Root (NonTrusted)/OU=/CN=${2:-ArmoniK Root (NonTrusted}/emailAddress="
openssl req -new -key "$1".key -out "$1".csr -subj "/C=FR/ST=France/L=/O=ArmoniK Ingress Root (NonTrusted)/OU=$1/CN=${2:-ArmoniK Root (NonTrusted}/emailAddress="

cat > "$1.cnf" <<EOF
${2:+subjectAltName=DNS:$2}
Expand All @@ -15,5 +15,6 @@ EOF
openssl x509 -req -in "$1.csr" -CA "$1-ca.pem" -CAkey "$1-ca.key" -CAcreateserial -out "$1.pem" -days 3650 -extfile "$1.cnf"
}

chain server localhost
chain server1 localhost
chain server2 localhost
chain client

0 comments on commit 9c3cdc8

Please sign in to comment.