mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-26 13:09:47 +02:00
108 lines
2.6 KiB
Go
108 lines
2.6 KiB
Go
package config
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"encoding/base64"
|
|
"io"
|
|
"os"
|
|
"path/filepath"
|
|
"sync"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/rs/zerolog"
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/pomerium/pomerium/internal/log"
|
|
)
|
|
|
|
func TestFileWatcherSource(t *testing.T) {
|
|
ctx := context.Background()
|
|
|
|
// capture logs
|
|
var logOutput bytes.Buffer
|
|
logger := zerolog.New(io.MultiWriter(zerolog.SyncWriter(&logOutput), zerolog.NewTestWriter(t)))
|
|
originalLogger := log.Logger()
|
|
log.SetLogger(&logger)
|
|
t.Cleanup(func() {
|
|
log.SetLogger(originalLogger)
|
|
})
|
|
|
|
tmpdir := t.TempDir()
|
|
|
|
err := os.WriteFile(filepath.Join(tmpdir, "example.txt"), []byte{1}, 0o600)
|
|
if !assert.NoError(t, err) {
|
|
return
|
|
}
|
|
|
|
err = os.WriteFile(filepath.Join(tmpdir, "kubernetes-example.txt"), []byte{2}, 0o600)
|
|
if !assert.NoError(t, err) {
|
|
return
|
|
}
|
|
|
|
testCertFileRef := "./testdata/example-cert.pem"
|
|
testKeyFileRef := "./testdata/example-key.pem"
|
|
testCertFile, _ := os.ReadFile(testCertFileRef)
|
|
testKeyFile, _ := os.ReadFile(testKeyFileRef)
|
|
testCertAsBase64 := base64.StdEncoding.EncodeToString(testCertFile)
|
|
testKeyAsBase64 := base64.StdEncoding.EncodeToString(testKeyFile)
|
|
|
|
ssrc := NewStaticSource(&Config{
|
|
Options: &Options{
|
|
CertificateFiles: []certificateFilePair{{
|
|
CertFile: testCertAsBase64,
|
|
KeyFile: testKeyAsBase64,
|
|
}},
|
|
CAFile: filepath.Join(tmpdir, "example.txt"),
|
|
Policies: []Policy{{
|
|
KubernetesServiceAccountTokenFile: filepath.Join(tmpdir, "kubernetes-example.txt"),
|
|
}},
|
|
},
|
|
})
|
|
|
|
src := NewFileWatcherSource(ctx, ssrc)
|
|
var closeOnce sync.Once
|
|
ch := make(chan struct{})
|
|
src.OnConfigChange(context.Background(), func(ctx context.Context, cfg *Config) {
|
|
closeOnce.Do(func() {
|
|
close(ch)
|
|
})
|
|
})
|
|
|
|
err = os.WriteFile(filepath.Join(tmpdir, "example.txt"), []byte{1, 2}, 0o600)
|
|
if !assert.NoError(t, err) {
|
|
return
|
|
}
|
|
|
|
select {
|
|
case <-ch:
|
|
case <-time.After(time.Second):
|
|
t.Error("expected OnConfigChange to be fired after modifying a file")
|
|
}
|
|
|
|
err = os.WriteFile(filepath.Join(tmpdir, "kubernetes-example.txt"), []byte{2, 3}, 0o600)
|
|
if !assert.NoError(t, err) {
|
|
return
|
|
}
|
|
|
|
select {
|
|
case <-ch:
|
|
case <-time.After(time.Second):
|
|
t.Error("expected OnConfigChange to be fired after modifying a policy file")
|
|
}
|
|
|
|
ssrc.SetConfig(ctx, &Config{
|
|
Options: &Options{
|
|
CAFile: filepath.Join(tmpdir, "example.txt"),
|
|
},
|
|
})
|
|
|
|
select {
|
|
case <-ch:
|
|
case <-time.After(time.Second):
|
|
t.Error("expected OnConfigChange to be fired after triggering a change to the underlying source")
|
|
}
|
|
|
|
assert.NotContains(t, logOutput.String(), "failed to add file to polling-based file watcher")
|
|
}
|