diff --git a/.forgejo/workflows/linters.yml b/.forgejo/workflows/linters.yml deleted file mode 100644 index 96b729b5..00000000 --- a/.forgejo/workflows/linters.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Linters -on: [pull_request] - -jobs: - lint: - name: Lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - - name: Set up Go - uses: actions/setup-go@v3 - with: - go-version: '1.19' - cache: true - - - name: golangci-lint - uses: https://github.com/golangci/golangci-lint-action@v3 - with: - version: latest \ No newline at end of file diff --git a/.forgejo/workflows/tests.yml b/.forgejo/workflows/tests.yml new file mode 100644 index 00000000..7cc8d711 --- /dev/null +++ b/.forgejo/workflows/tests.yml @@ -0,0 +1,44 @@ +name: Tests and linters +on: [pull_request] + +jobs: + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: '1.19' + cache: true + + - name: golangci-lint + uses: https://github.com/golangci/golangci-lint-action@v3 + with: + version: latest + + tests: + name: Tests + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Build Docker image + uses: docker/build-push-action@v2 + with: + context: . + dockerfile: Dockerfile + load: true + tags: non-root-container:latest + + - name: Set up Go + uses: actions/setup-go@v3 + with: + go-version: '1.19' + cache: true + + - name: Run tests in non-root container + run: docker run -v $(pwd):/app -w /app non-root-container:latest make test + \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..8596afbf --- /dev/null +++ b/Dockerfile @@ -0,0 +1,12 @@ +FROM ubuntu:latest +RUN useradd -u 5000 app +WORKDIR /app + +USER root +RUN apt-get update && apt-get install -y make wget git && apt-get install -y build-essential +RUN wget https://golang.org/dl/go1.19.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.19.linux-amd64.tar.gz +RUN mkdir -p /home/app/.cache/go-build && chown -R app:app /home/app + +ENV PATH $PATH:/usr/local/go/bin + +USER app \ No newline at end of file diff --git a/Makefile b/Makefile index 9d81d11d..91c8a6db 100644 --- a/Makefile +++ b/Makefile @@ -106,8 +106,6 @@ generate: ######################################### # Test ######################################### -test: testdefault testtpmsimulator combinecoverage - testdefault: $Q $(GO_ENVS) gotestsum -- -coverprofile=defaultcoverage.out -short -covermode=atomic ./... @@ -180,3 +178,8 @@ run: # Run linters. Override old command lint: @golangci-lint --timeout=5m run + +# Run Unit Test with go test +test: + @echo "⇒ Running go test" + @go test ./... -count=1 diff --git a/acme/api/order_test.go b/acme/api/order_test.go index 9f03c547..f509078f 100644 --- a/acme/api/order_test.go +++ b/acme/api/order_test.go @@ -544,7 +544,7 @@ func TestHandler_newAuthorization(t *testing.T) { ExpiresAt: clock.Now(), } count := 0 - var ch1, ch2, ch3 **acme.Challenge + var ch1, ch2, ch3, ch4 **acme.Challenge return test{ prov: defaultProvisioner, db: &acme.MockDB{ @@ -555,13 +555,17 @@ func TestHandler_newAuthorization(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -579,7 +583,7 @@ func TestHandler_newAuthorization(t *testing.T) { assert.Equals(t, _az.Status, acme.StatusPending) assert.Equals(t, _az.Identifier, az.Identifier) assert.Equals(t, _az.ExpiresAt, az.ExpiresAt) - assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, _az.Wildcard, false) return errors.New("force") }, @@ -599,7 +603,7 @@ func TestHandler_newAuthorization(t *testing.T) { ExpiresAt: clock.Now(), } count := 0 - var ch1, ch2, ch3 **acme.Challenge + var ch1, ch2, ch3, ch4 **acme.Challenge return test{ prov: defaultProvisioner, db: &acme.MockDB{ @@ -610,13 +614,17 @@ func TestHandler_newAuthorization(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -634,7 +642,7 @@ func TestHandler_newAuthorization(t *testing.T) { assert.Equals(t, _az.Status, acme.StatusPending) assert.Equals(t, _az.Identifier, az.Identifier) assert.Equals(t, _az.ExpiresAt, az.ExpiresAt) - assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, _az.Wildcard, false) return nil }, @@ -652,18 +660,28 @@ func TestHandler_newAuthorization(t *testing.T) { Status: acme.StatusPending, ExpiresAt: clock.Now(), } - var ch1 **acme.Challenge + var ch1, ch2 **acme.Challenge return test{ prov: defaultProvisioner, db: &acme.MockDB{ MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error { - ch.ID = "dns" - assert.Equals(t, ch.Type, acme.DNS01) + switch ch.Type { + case acme.DNS01: + ch.ID = "dns" + assert.Equals(t, ch.Type, acme.DNS01) + ch1 = &ch + case acme.NNS01: + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) + ch2 = &ch + default: + assert.FatalError(t, errors.New("test logic error")) + return errors.New("force") + } assert.Equals(t, ch.AccountID, az.AccountID) assert.Equals(t, ch.Token, az.Token) assert.Equals(t, ch.Status, acme.StatusPending) assert.Equals(t, ch.Value, "zap.internal") - ch1 = &ch return nil }, MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error { @@ -675,7 +693,7 @@ func TestHandler_newAuthorization(t *testing.T) { Value: "zap.internal", }) assert.Equals(t, _az.ExpiresAt, az.ExpiresAt) - assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1}) + assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2}) assert.Equals(t, _az.Wildcard, true) return nil }, @@ -1154,9 +1172,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1170,13 +1188,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1195,7 +1217,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, fr.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -1230,9 +1252,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3, ch4 **acme.Challenge - az1ID, az2ID *string - chCount, azCount = 0, 0 + ch1, ch2, ch3, ch4, ch5, ch6 **acme.Challenge + az1ID, az2ID *string + chCount, azCount = 0, 0 ) return test{ ctx: ctx, @@ -1245,23 +1267,29 @@ func TestHandler_NewOrder(t *testing.T) { case 0: ch.ID = "dns" assert.Equals(t, ch.Type, acme.DNS01) - assert.Equals(t, ch.Value, "zap.internal") ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) - assert.Equals(t, ch.Value, "zap.internal") + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: - ch.ID = "tls" - assert.Equals(t, ch.Type, acme.TLSALPN01) - assert.Equals(t, ch.Value, "zap.internal") + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) ch3 = &ch case 3: + ch.ID = "tls" + assert.Equals(t, ch.Type, acme.TLSALPN01) + ch4 = &ch + case 4: ch.ID = "dns" assert.Equals(t, ch.Type, acme.DNS01) assert.Equals(t, ch.Value, "zar.internal") - ch4 = &ch + ch5 = &ch + case 5: + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) + assert.Equals(t, ch.Value, "zar.internal") + ch6 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1279,7 +1307,7 @@ func TestHandler_NewOrder(t *testing.T) { az1ID = &az.ID assert.Equals(t, az.Identifier, nor.Identifiers[0]) assert.Equals(t, az.Wildcard, false) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) case 1: az.ID = "az2ID" az2ID = &az.ID @@ -1288,7 +1316,7 @@ func TestHandler_NewOrder(t *testing.T) { Value: "zar.internal", }) assert.Equals(t, az.Wildcard, true) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch4}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch5, *ch6}) default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1350,9 +1378,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1367,13 +1395,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1392,7 +1424,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, nor.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -1447,9 +1479,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1464,13 +1496,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1489,7 +1525,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, nor.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -1543,9 +1579,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1560,13 +1596,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1585,7 +1625,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, nor.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -1640,9 +1680,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1657,13 +1697,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1682,7 +1726,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, nor.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -1740,9 +1784,9 @@ func TestHandler_NewOrder(t *testing.T) { ctx = context.WithValue(ctx, accContextKey, acc) ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b}) var ( - ch1, ch2, ch3 **acme.Challenge - az1ID *string - count = 0 + ch1, ch2, ch3, ch4 **acme.Challenge + az1ID *string + count = 0 ) return test{ ctx: ctx, @@ -1757,13 +1801,17 @@ func TestHandler_NewOrder(t *testing.T) { assert.Equals(t, ch.Type, acme.DNS01) ch1 = &ch case 1: - ch.ID = "http" - assert.Equals(t, ch.Type, acme.HTTP01) + ch.ID = "nns" + assert.Equals(t, ch.Type, acme.NNS01) ch2 = &ch case 2: + ch.ID = "http" + assert.Equals(t, ch.Type, acme.HTTP01) + ch3 = &ch + case 3: ch.ID = "tls" assert.Equals(t, ch.Type, acme.TLSALPN01) - ch3 = &ch + ch4 = &ch default: assert.FatalError(t, errors.New("test logic error")) return errors.New("force") @@ -1782,7 +1830,7 @@ func TestHandler_NewOrder(t *testing.T) { assert.NotEquals(t, az.Token, "") assert.Equals(t, az.Status, acme.StatusPending) assert.Equals(t, az.Identifier, nor.Identifiers[0]) - assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3}) + assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3, *ch4}) assert.Equals(t, az.Wildcard, false) return nil }, @@ -2176,7 +2224,7 @@ func TestHandler_challengeTypes(t *testing.T) { Wildcard: false, }, }, - want: []acme.ChallengeType{acme.DNS01, acme.HTTP01, acme.TLSALPN01}, + want: []acme.ChallengeType{acme.DNS01, acme.NNS01, acme.HTTP01, acme.TLSALPN01}, }, { name: "ok/wildcard", @@ -2186,7 +2234,7 @@ func TestHandler_challengeTypes(t *testing.T) { Wildcard: true, }, }, - want: []acme.ChallengeType{acme.DNS01}, + want: []acme.ChallengeType{acme.DNS01, acme.NNS01}, }, { name: "ok/ip", diff --git a/ca/testdata/ca.json b/ca/testdata/ca.json index 2a336f24..c26c8e5d 100644 --- a/ca/testdata/ca.json +++ b/ca/testdata/ca.json @@ -94,5 +94,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" } diff --git a/ca/testdata/federated-ca.json b/ca/testdata/federated-ca.json index 0b1c6c8d..3ef1e414 100644 --- a/ca/testdata/federated-ca.json +++ b/ca/testdata/federated-ca.json @@ -43,5 +43,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" } diff --git a/ca/testdata/rotate-ca-0.json b/ca/testdata/rotate-ca-0.json index aa9353ed..45bff8f7 100644 --- a/ca/testdata/rotate-ca-0.json +++ b/ca/testdata/rotate-ca-0.json @@ -42,5 +42,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" } diff --git a/ca/testdata/rotate-ca-1.json b/ca/testdata/rotate-ca-1.json index c78ba035..6deb2d32 100644 --- a/ca/testdata/rotate-ca-1.json +++ b/ca/testdata/rotate-ca-1.json @@ -42,5 +42,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" } diff --git a/ca/testdata/rotate-ca-2.json b/ca/testdata/rotate-ca-2.json index 2db1c992..bd228c07 100644 --- a/ca/testdata/rotate-ca-2.json +++ b/ca/testdata/rotate-ca-2.json @@ -42,5 +42,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" } diff --git a/ca/testdata/rotate-ca-3.json b/ca/testdata/rotate-ca-3.json index 50f4a118..c97688a2 100644 --- a/ca/testdata/rotate-ca-3.json +++ b/ca/testdata/rotate-ca-3.json @@ -42,5 +42,6 @@ "locality": "San Francisco", "organization": "Smallstep" } - } + }, + "nnsServer": "nns_server_url" }