3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 16:59:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

autocert: add support for storage in gcs (#3794)

Browse source 
* autocert: add support for storage in s3

* go mod tidy

* skip on mac

* autocert: add support for storage in gcs
This commit is contained in:
Caleb Doxsey 2022-12-09 08:22:32 -07:00 committed by GitHub
parent 6c3ed201da
commit 8d61575ada
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 405 additions and 158 deletions
Download patch file Download diff file Expand all files Collapse all files

110
internal/autocert/storage_test.go
View file

@ -14,7 +14,24 @@ import (
"github.com/pomerium/pomerium/internal/testutil"
)
func TestStorage(t *testing.T) {
func TestGCSStorage(t *testing.T) {
t.Skip("fakeserver doesn't support multipart uploads")
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*30)
t.Cleanup(clearTimeout)
require.NoError(t, testutil.WithTestGCS(t, "bucket", func() error {
s, err := GetCertMagicStorage(ctx, "gs://bucket/some/prefix")
if !assert.NoError(t, err) {
return nil
}
runStorageTests(t, s)
return nil
}))
}
func TestS3Storage(t *testing.T) {
if os.Getenv("GITHUB_ACTION") != "" && runtime.GOOS == "darwin" {
t.Skip("Github action can not run docker on MacOS")
}
@ -22,50 +39,51 @@ func TestStorage(t *testing.T) {
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*30)
t.Cleanup(clearTimeout)
runTests := func(t *testing.T, s certmagic.Storage) {
t.Helper()
for _, key := range []string{"1", "a/1", "b/c/2"} {
assert.NoError(t, s.Store(ctx, key, []byte{1, 2, 3}))
assert.True(t, s.Exists(ctx, key))
data, err := s.Load(ctx, key)
if assert.NoError(t, err) {
assert.Equal(t, []byte{1, 2, 3}, data)
}
ki, err := s.Stat(ctx, key)
if assert.NoError(t, err) {
assert.Equal(t, true, ki.IsTerminal)
}
}
keys, err := s.List(ctx, "", true)
assert.NoError(t, err)
assert.Equal(t, []string{"1", "a/1", "b/c/2"}, keys)
keys, err = s.List(ctx, "b/", false)
assert.NoError(t, err)
assert.Equal(t, []string{"b/c/"}, keys)
assert.NoError(t, s.Delete(ctx, "a/b/c"))
_, err = s.Load(ctx, "a/b/c")
assert.Error(t, err)
assert.NoError(t, s.Lock(ctx, "a"))
time.AfterFunc(time.Second*2, func() {
s.Unlock(ctx, "a")
})
assert.NoError(t, s.Lock(ctx, "a"))
}
t.Run("s3", func(t *testing.T) {
require.NoError(t, testutil.WithTestMinIO(t, "bucket", func(endpoint string) error {
s, err := GetCertMagicStorage(ctx, "s3://"+endpoint+"/bucket/some/prefix")
if !assert.NoError(t, err) {
return nil
}
runTests(t, s)
require.NoError(t, testutil.WithTestMinIO(t, "bucket", func(endpoint string) error {
s, err := GetCertMagicStorage(ctx, "s3://"+endpoint+"/bucket/some/prefix")
if !assert.NoError(t, err) {
return nil
}))
})
}
runStorageTests(t, s)
return nil
}))
}
func runStorageTests(t *testing.T, s certmagic.Storage) {
t.Helper()
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*30)
t.Cleanup(clearTimeout)
for _, key := range []string{"1", "a/1", "b/c/2"} {
assert.NoError(t, s.Store(ctx, key, []byte{1, 2, 3}), "should store")
assert.True(t, s.Exists(ctx, key), "should exist after storing")
data, err := s.Load(ctx, key)
if assert.NoError(t, err, "should load") {
assert.Equal(t, []byte{1, 2, 3}, data)
}
ki, err := s.Stat(ctx, key)
if assert.NoError(t, err) {
assert.Equal(t, true, ki.IsTerminal)
}
}
keys, err := s.List(ctx, "", true)
assert.NoError(t, err, "should list recursively")
assert.Equal(t, []string{"1", "a/1", "b/c/2"}, keys)
keys, err = s.List(ctx, "b/", false)
assert.NoError(t, err, "should list non-recursively")
assert.Equal(t, []string{"b/c/"}, keys)
assert.NoError(t, s.Delete(ctx, "a/b/c"), "should delete")
_, err = s.Load(ctx, "a/b/c")
assert.Error(t, err)
assert.NoError(t, s.Lock(ctx, "a"), "should lock")
time.AfterFunc(time.Second*2, func() {
s.Unlock(ctx, "a")
})
assert.NoError(t, s.Lock(ctx, "a"), "should re-lock")
}