Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Levin Zimmermann
slapos
Commits
85b8b32e
Commit
85b8b32e
authored
Mar 22, 2022
by
Thomas Gambier
🚴🏼
Browse files
Options
Browse Files
Download
Plain Diff
Update Release Candidate
parents
cbde3701
a8a2f06a
Changes
31
Show whitespace changes
Inline
Side-by-side
Showing
31 changed files
with
526 additions
and
936 deletions
+526
-936
.editorconfig
.editorconfig
+3
-2
component/apache/buildout.cfg
component/apache/buildout.cfg
+1
-1
component/firefox/buildout.cfg
component/firefox/buildout.cfg
+1
-1
component/libsecret/buildout.cfg
component/libsecret/buildout.cfg
+1
-1
component/libuuid/buildout.cfg
component/libuuid/buildout.cfg
+0
-26
component/pcre/buildout.cfg
component/pcre/buildout.cfg
+1
-1
component/qemu-kvm/buildout.cfg
component/qemu-kvm/buildout.cfg
+1
-1
component/quic_client-bin/buildout.cfg
component/quic_client-bin/buildout.cfg
+1
-1
component/rsyslogd/buildout.cfg
component/rsyslogd/buildout.cfg
+1
-1
component/serf/buildout.cfg
component/serf/buildout.cfg
+1
-1
component/subversion/buildout.cfg
component/subversion/buildout.cfg
+1
-1
component/trafficserver/buildout.cfg
component/trafficserver/buildout.cfg
+1
-0
component/trafficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
...fficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
+46
-0
component/unstable/accords/buildout.cfg
component/unstable/accords/buildout.cfg
+1
-1
component/unstable/apache-perl/buildout.cfg
component/unstable/apache-perl/buildout.cfg
+1
-1
component/util-linux/buildout.cfg
component/util-linux/buildout.cfg
+20
-2
component/xapian/buildout.cfg
component/xapian/buildout.cfg
+1
-1
component/xorg/buildout.cfg
component/xorg/buildout.cfg
+1
-1
component/zeromq/buildout.cfg
component/zeromq/buildout.cfg
+1
-1
software/caddy-frontend/buildout.hash.cfg
software/caddy-frontend/buildout.hash.cfg
+8
-8
software/caddy-frontend/instance-apache-frontend.cfg.in
software/caddy-frontend/instance-apache-frontend.cfg.in
+75
-0
software/caddy-frontend/instance-apache-replicate.cfg.in
software/caddy-frontend/instance-apache-replicate.cfg.in
+9
-1
software/caddy-frontend/setup.py
software/caddy-frontend/setup.py
+1
-0
software/caddy-frontend/software.cfg
software/caddy-frontend/software.cfg
+1
-0
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
.../caddy-frontend/templates/apache-custom-slave-list.cfg.in
+6
-0
software/caddy-frontend/templates/backend-haproxy.cfg.in
software/caddy-frontend/templates/backend-haproxy.cfg.in
+2
-0
software/caddy-frontend/templates/default-virtualhost.conf.in
...ware/caddy-frontend/templates/default-virtualhost.conf.in
+4
-0
software/caddy-frontend/templates/replicate-publish-slave-information.cfg.in
...tend/templates/replicate-publish-slave-information.cfg.in
+3
-0
software/caddy-frontend/templates/trafficserver/records.config.jinja2
...dy-frontend/templates/trafficserver/records.config.jinja2
+6
-7
software/caddy-frontend/test/test.py
software/caddy-frontend/test/test.py
+324
-875
stack/slapos.cfg
stack/slapos.cfg
+3
-1
No files found.
.editorconfig
View file @
85b8b32e
root = true
[*.{cfg,in,md,json}]
[*.{cfg,in,md,json
,py
}]
end_of_line = lf
charset = utf-8
insert_final_newline = true
trim_trailing_whitespace = true
[*
*.json
]
[*
.{json,py}
]
indent_style = space
indent_size = 2
...
...
component/apache/buildout.cfg
View file @
85b8b32e
...
...
@@ -7,7 +7,7 @@ extends =
../nghttp2/buildout.cfg
../gdbm/buildout.cfg
../libexpat/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../libxml2/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
...
...
component/firefox/buildout.cfg
View file @
85b8b32e
...
...
@@ -148,7 +148,7 @@ library =
${libpng:location}/lib
${libSM:location}/lib
${libtool:location}/lib
${
libuuid
:location}/lib
${
util-linux
:location}/lib
${libX11:location}/lib
${libXau:location}/lib
${libxcb:location}/lib
...
...
component/libsecret/buildout.cfg
View file @
85b8b32e
...
...
@@ -6,7 +6,7 @@ extends =
../pkgconfig/buildout.cfg
../glib/buildout.cfg
../gettext/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../xz-utils/buildout.cfg
...
...
component/libuuid/buildout.cfg
deleted
100644 → 0
View file @
cbde3701
[buildout]
parts =
libuuid
extends =
../perl/buildout.cfg
[libuuid]
recipe = slapos.recipe.cmmi
shared = true
url = http://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.2.tar.xz
md5sum = d659bf7cd417d93dc609872f6334b019
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
component/pcre/buildout.cfg
View file @
85b8b32e
...
...
@@ -7,7 +7,7 @@ parts =
[pcre]
recipe = slapos.recipe.cmmi
shared = true
url = https://
ftp.pcre.org/pub/pcre
/pcre-8.45.tar.bz2
url = https://
download.sourceforge.net/pcre/pcre/8.45
/pcre-8.45.tar.bz2
md5sum = 4452288e6a0eefb2ab11d36010a1eebb
configure-options =
--disable-static
...
...
component/qemu-kvm/buildout.cfg
View file @
85b8b32e
...
...
@@ -8,7 +8,7 @@ extends =
../libcap-ng/buildout.cfg
../libpng/buildout.cfg
../liburing/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../meson/buildout.cfg
../ncurses/buildout.cfg
../ninja/buildout.cfg
...
...
component/quic_client-bin/buildout.cfg
View file @
85b8b32e
...
...
@@ -11,7 +11,7 @@ extends =
../pcre/buildout.cfg
../libffi/buildout.cfg
../zlib/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
# compilation
../git/buildout.cfg
...
...
component/rsyslogd/buildout.cfg
View file @
85b8b32e
...
...
@@ -5,7 +5,7 @@ extends =
../curl/buildout.cfg
../libestr/buildout.cfg
../libfastjson/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../zlib/buildout.cfg
[rsyslogd]
...
...
component/serf/buildout.cfg
View file @
85b8b32e
...
...
@@ -3,7 +3,7 @@ parts =
serf
extends =
../apache/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../openssl/buildout.cfg
../zlib/buildout.cfg
...
...
component/subversion/buildout.cfg
View file @
85b8b32e
...
...
@@ -5,7 +5,7 @@
extends =
../apache/buildout.cfg
../libexpat/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg
../perl/buildout.cfg
...
...
component/trafficserver/buildout.cfg
View file @
85b8b32e
...
...
@@ -45,6 +45,7 @@ patch-options = -p1
# (see https://github.com/apache/trafficserver/issues/8539 for the detail)
patches =
${:_profile_base_location_}/trafficserver-9.1.1-TSHttpTxnCacheLookupStatusGet-fix.patch#d8ed3db3a48e97eb72aaaf7d7598a2d2
${:_profile_base_location_}/trafficserver-9.1.1-via-string-rapid-cdn.patch#8c39243d7525222385d5964485734f99
environment =
PATH=${libtool:location}/bin:${make:location}/bin:${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
LDFLAGS =-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${luajit:location}/lib -lm
...
...
component/trafficserver/trafficserver-9.1.1-via-string-rapid-cdn.patch
0 → 100644
View file @
85b8b32e
diff -ur trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc
--- trafficserver-9.1.1.orig/proxy/http/HttpTransactHeaders.cc 2022-02-09 12:21:56.591350540 +0100
+++ trafficserver-9.1.1/proxy/http/HttpTransactHeaders.cc 2022-03-07 13:02:31.503849619 +0100
@@ -758,15 +758,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
-
- *via_string++ = '[';
- memcpy(via_string, Machine::instance()->uuid.getString(), TS_UUID_STRING_LEN);
- via_string += TS_UUID_STRING_LEN;
- *via_string++ = ']';
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_request_via_string, s->http_config_param->proxy_request_via_string_len);
via_string += s->http_config_param->proxy_request_via_string_len;
@@ -793,7 +784,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
@@ -848,10 +838,6 @@
write_hdr_protocol_stack(via_string, via_limit - via_string, ProtocolStackDetail::Standard, proto_buf.data(), n_proto);
*via_string++ = ' ';
- via_string += nstrcpy(via_string, s->http_config_param->proxy_hostname);
- *via_string++ = ' ';
- *via_string++ = '(';
-
memcpy(via_string, s->http_config_param->proxy_response_via_string, s->http_config_param->proxy_response_via_string_len);
via_string += s->http_config_param->proxy_response_via_string_len;
@@ -877,7 +863,6 @@
}
}
- *via_string++ = ')';
*via_string = 0;
ink_assert((size_t)(via_string - new_via_string) < (sizeof(new_via_string) - 1));
component/unstable/accords/buildout.cfg
View file @
85b8b32e
...
...
@@ -5,7 +5,7 @@ extends =
../libtool/buildout.cfg
../git/buildout.cfg
../openssl/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
parts = accords
...
...
component/unstable/apache-perl/buildout.cfg
View file @
85b8b32e
...
...
@@ -4,7 +4,7 @@ parts = apache-perl perl-Apache2-Request
extends =
../apache/buildout.cfg
../perl/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[apache-perl]
# Note: Shall react on each build of apache and reinstall itself
...
...
component/util-linux/buildout.cfg
View file @
85b8b32e
...
...
@@ -7,8 +7,8 @@ extends =
[util-linux]
recipe = slapos.recipe.cmmi
shared = true
url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.
1
.tar.xz
md5sum =
6d244f0f59247e9109f47d6e5dd0556b
url = https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-2.37.
2
.tar.xz
md5sum =
d659bf7cd417d93dc609872f6334b019
configure-options =
--disable-static
--enable-libuuid
...
...
@@ -50,3 +50,21 @@ environment =
PATH=${perl:location}/bin:${xz-utils:location}/bin:%(PATH)s
LDFLAGS=-L${libcap-ng:location}/lib -Wl,-rpath=${libcap-ng:location}/lib
CFLAGS=-I${libcap-ng:location}/include
[libuuid]
# libuuid is inside util-linux source code with only libuuid feature enabled.
<= util-linux
configure-options =
--disable-static
--disable-all-programs
--enable-libuuid
--without-libiconv-prefix
--without-libintl-prefix
--without-ncurses
--without-slang
--without-pam
--without-selinux
--without-audit
environment =
PATH=${perl:location}/bin:%(PATH)s
component/xapian/buildout.cfg
View file @
85b8b32e
...
...
@@ -3,7 +3,7 @@ parts =
xapian
extends =
../zlib/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[xapian]
recipe = slapos.recipe.cmmi
...
...
component/xorg/buildout.cfg
View file @
85b8b32e
...
...
@@ -10,7 +10,7 @@ extends =
../icu/buildout.cfg
../intltool/buildout.cfg
../libtool/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
../libxml2/buildout.cfg
../libxslt/buildout.cfg
../meson/buildout.cfg
...
...
component/zeromq/buildout.cfg
View file @
85b8b32e
[buildout]
extends =
../libtool/buildout.cfg
../
libuuid
/buildout.cfg
../
util-linux
/buildout.cfg
[zeromq]
<= zeromq3
...
...
software/caddy-frontend/buildout.hash.cfg
View file @
85b8b32e
...
...
@@ -22,19 +22,19 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
[profile-caddy-frontend]
filename = instance-apache-frontend.cfg.in
md5sum =
3e3021b86c3cfe93553489441da85496
md5sum =
04e550480d3057ca65d87c6fadbaed6e
[profile-caddy-replicate]
filename = instance-apache-replicate.cfg.in
md5sum =
c028f1c5947494e7f25cf8266a3ecd2d
md5sum =
63b418626ef0f8ac54d6359fb6637371
[profile-slave-list]
_update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
md5sum =
6b6ab13d82bf9ecff6a37c3402ddbf95
md5sum =
e3ba0da5d137dcbd56c2604d200ac3b9
[profile-replicate-publish-slave-information]
_update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
md5sum =
df304a8aee87b6f2425241016a48f7a5
md5sum =
be54431846fe7f3cee65260eefc83d62
[profile-caddy-frontend-configuration]
_update_hash_filename_ = templates/Caddyfile.in
...
...
@@ -46,11 +46,11 @@ md5sum = 88af61e7abbf30dc99a1a2526161128d
[template-default-slave-virtualhost]
_update_hash_filename_ = templates/default-virtualhost.conf.in
md5sum =
37475d79f28c5f126bc1947fdb938fdb
md5sum =
57c86795293b11300a036f5f8cf2c868
[template-backend-haproxy-configuration]
_update_hash_filename_ = templates/backend-haproxy.cfg.in
md5sum =
ae4c9ce775ea003aa51eda5ecbbeec73
md5sum =
6d4ad68ac44ccc72fe9148bd8e05a6f0
[template-empty]
_update_hash_filename_ = templates/empty.in
...
...
@@ -62,7 +62,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce
[template-trafficserver-records-config]
_update_hash_filename_ = templates/trafficserver/records.config.jinja2
md5sum =
e87238c53d080ef9ef90040e57bc1395
md5sum =
715baa302d562a7e4eddc3d1bf72f981
[template-trafficserver-storage-config]
_update_hash_filename_ = templates/trafficserver/storage.config.jinja2
...
...
@@ -94,7 +94,7 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
[caddyprofiledeps-setup]
filename = setup.py
md5sum =
6aad2b4c271294f524214192ee197c15
md5sum =
f6f72d03af7d9dc29fb4d4fef1062e73
[caddyprofiledeps-dummy]
filename = caddyprofiledummy.py
...
...
software/caddy-frontend/instance-apache-frontend.cfg.in
View file @
85b8b32e
...
...
@@ -63,6 +63,75 @@ parts =
[caddyprofiledeps]
recipe = caddyprofiledeps
[frontend-node-id]
# Store id file in top of hierarchy, so it does not depend on directory creation
file = ${buildout:directory}/.frontend-node-id.txt
recipe = slapos.recipe.build
init =
import os
import secrets
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(secrets.token_urlsafe(4))
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
[frontend-node-private-salt]
# Private, not communicated, stable hash, which can be used to salt other
# hashes, so their values are connected to the node, but practicaly impossible
# to crack (until the node is hacked itself, but then those values are
# stolen anyway)
recipe = slapos.recipe.build
init =
import os
import uuid
if not os.path.exists(options['file']):
with open(options['file'], 'w') as fh:
fh.write(uuid.uuid4().hex)
with open(options['file'], 'r') as fh:
options['value'] = fh.read()
file = ${buildout:directory}/.frontend-node-private-salt.txt
[version-hash]
recipe = slapos.recipe.build
software-release-url = ${slap-connection:software-release-url}
hash-salt = ${frontend-node-private-salt:value}
init =
import hashlib
import base64
options['value'] = base64.urlsafe_b64encode(hashlib.md5(''.join([options['software-release-url'].strip(), options['hash-salt']])).digest())
[frontend-node-information]
recipe = slapos.recipe.build
file = ${buildout:directory}/.frontend-node-information.json
node-id = ${frontend-node-id:value}
current-hash = ${version-hash:value}
current-software-release-url = ${version-hash:software-release-url}
init =
import json
changed = False
try:
with open(options['file'], 'r') as fh:
data = json.load(fh)
except Exception:
changed = True
data = {
'node-id': options['node-id'],
'version-hash-history': {options['current-hash']: options['current-software-release-url']}
}
if 'node-id' not in data:
data['node-id'] = options['node-id']
changed = True
if 'version-hash-history' not in data:
data['version-hash-history'] = {}
changed = True
if options['current-hash'] not in data['version-hash-history']:
data['version-hash-history'][options['current-hash']] = options['current-software-release-url']
changed = True
if changed:
with open(options['file'], 'w') as fh:
json.dump(data, fh)
options['value'] = data
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
...
...
@@ -305,6 +374,10 @@ extra-context =
key software_type :software_type
key frontend_lazy_graceful_reload frontend-caddy-lazy-graceful:rendered
key monitor_base_url monitor-instance-parameter:monitor-base-url
key node_id frontend-node-id:value
key version_hash version-hash:value
key software_release_url version-hash:software-release-url
key node_information frontend-node-information:value
key custom_ssl_directory caddy-directory:custom-ssl-directory
# BBB: SlapOS Master non-zero knowledge BEGIN
key apache_certificate apache-certificate:rendered
...
...
@@ -462,6 +535,8 @@ disk-cache-size = ${configuration:disk-cache-size}
ram-cache-size = ${configuration:ram-cache-size}
templates-dir = {{ software_parameter_dict['trafficserver'] }}/etc/trafficserver/body_factory
request-timeout = ${configuration:request-timeout}
version-hash = ${version-hash:value}
node-id = ${frontend-node-id:value}
[trafficserver-configuration-directory]
recipe = plone.recipe.command
...
...
software/caddy-frontend/instance-apache-replicate.cfg.in
View file @
85b8b32e
...
...
@@ -286,7 +286,7 @@ config-monitor-username = ${monitor-instance-parameter:username}
config-monitor-password = ${monitor-htpasswd:passwd}
software-type = {{frontend_type}}
return = slave-instance-information-list monitor-base-url backend-client-csr-url kedifa-csr-url csr-certificate backend-haproxy-statistic-url
return = slave-instance-information-list monitor-base-url backend-client-csr-url kedifa-csr-url csr-certificate backend-haproxy-statistic-url
node-information-json
{#- Send only needed parameters to frontend nodes #}
{%- set base_node_configuration_dict = {} %}
...
...
@@ -376,6 +376,7 @@ kedifa-csr-certificate = ${request-kedifa:connection-csr-certificate}
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-backend-haproxy-statistic-url = {{ section_part }}:connection-backend-haproxy-statistic-url}
{{ frontend }}-node-information-json = ${frontend-information:{{ frontend }}-node-information-json}
{% endfor %}
{% if not aibcc_enabled %}
{% for frontend in frontend_list %}
...
...
@@ -461,6 +462,12 @@ warning-slave-dict = {{ dumps(warning_slave_dict) }}
{# sort_keys are important in order to avoid shuffling parameters on each run #}
active-slave-instance-list = {{ json_module.dumps(active_slave_instance_list, sort_keys=True) }}
[frontend-information]
{% for frontend in frontend_list %}
{% set section_part = '${request-' + frontend %}
{{ frontend }}-node-information-json = {{ section_part }}:connection-node-information-json}
{% endfor %}
[dynamic-publish-slave-information]
< = jinja2-template-base
template = {{ software_parameter_dict['profile_replicate_publish_slave_information'] }}
...
...
@@ -468,6 +475,7 @@ filename = dynamic-publish-slave-information.cfg
extensions = jinja2.ext.do
extra-context =
section slave_information slave-information
section frontend_information frontend-information
section rejected_slave_information rejected-slave-information
section active_slave_instance_dict active-slave-instance
section warning_slave_information warning-slave-information
...
...
software/caddy-frontend/setup.py
View file @
85b8b32e
...
...
@@ -10,6 +10,7 @@ setup(
'furl'
,
'orderedmultidict'
,
'caucase'
,
'python2-secrets'
,
],
entry_points
=
{
'zc.buildout'
:
[
...
...
software/caddy-frontend/software.cfg
View file @
85b8b32e
...
...
@@ -214,6 +214,7 @@ kedifa = 0.0.6
# Modern KeDiFa requires zc.lockfile
zc.lockfile = 1.4
python2-secrets = 1.0.5
validators = 0.12.2
PyRSS2Gen = 1.1
cns.recipe.symlink = 0.2.3
...
...
software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
View file @
85b8b32e
...
...
@@ -330,6 +330,8 @@ certificate = {{ certificate }}
https_port = {{ dumps('' ~ configuration['port']) }}
http_port = {{ dumps('' ~ configuration['plain_http_port']) }}
local_ipv4 = {{ dumps('' ~ instance_parameter_dict['ipv4-random']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
{%- for key, value in slave_instance.iteritems() %}
{%- if value is not none %}
{{ key }} = {{ dumps(value) }}
...
...
@@ -463,6 +465,8 @@ csr-certificate = ${expose-csr-certificate-get:certificate}
{#- We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #}
{%- set statistic_url = urlparse_module.unquote(furled.tostr()) %}
backend-haproxy-statistic-url = {{ statistic_url }}
{#- sort_keys are important in order to avoid shuffling parameters on each run #}
node-information-json = {{ json_module.dumps(node_information, sort_keys=True) }}
[kedifa-updater]
recipe = slapos.cookbook:wrapper
...
...
@@ -513,6 +517,8 @@ global-ipv6 = ${slap-configuration:ipv6-random}
request-timeout = {{ dumps('' ~ configuration['request-timeout']) }}
backend-connect-timeout = {{ dumps('' ~ configuration['backend-connect-timeout']) }}
backend-connect-retries = {{ dumps('' ~ configuration['backend-connect-retries']) }}
version-hash = {{ version_hash }}
node-id = {{ node_id }}
[template-expose-csr-link-csr]
recipe = plone.recipe.command
...
...
software/caddy-frontend/templates/backend-haproxy.cfg.in
View file @
85b8b32e
...
...
@@ -58,6 +58,8 @@ frontend statistic
frontend http-backend
bind {{ configuration['local-ipv4'] }}:{{ configuration['http-port'] }}
http-request add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash'] }}"
http-response add-header Via "%HV rapid-cdn-backend-{{ configuration['node-id'] }}-{{ configuration['version-hash']}}"
{%- for slave_instance in backend_slave_list -%}
{{ frontend_entry(slave_instance, 'http', False) }}
{%- endfor %}
...
...
software/caddy-frontend/templates/default-virtualhost.conf.in
View file @
85b8b32e
...
...
@@ -21,6 +21,10 @@
# workaround for lost connection to haproxy by reconnecting
try_duration 3s
try_interval 250ms
header_upstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- if not slave_parameter['disable-via-header'] %}
header_downstream +Via "{proto} rapid-cdn-frontend-{{ slave_parameter['node-id'] }}-{{ slave_parameter['version-hash'] }}"
{%- endif %}
{%- endmacro %} {# proxy_header #}
{%- macro hsts_header(tls) %}
...
...
software/caddy-frontend/templates/replicate-publish-slave-information.cfg.in
View file @
85b8b32e
...
...
@@ -72,6 +72,9 @@ log-access-url = {{ dumps(json_module.dumps(log_access_url, sort_keys=True)) }}
{{ key }} = {{ dumps(value) }}
{% endfor %}
{% endif %}
{% for frontend_key, frontend_value in frontend_information.iteritems() %}
{{ frontend_key }} = {{ frontend_value }}
{% endfor %}
{% endfor %}
[buildout]
...
...
software/caddy-frontend/templates/trafficserver/records.config.jinja2
View file @
85b8b32e
...
...
@@ -18,6 +18,12 @@ LOCAL proxy.local.incoming_ip_to_bind STRING {{ ats_configuration['local-ip'] }}
CONFIG proxy.config.log.logfile_dir STRING {{ ats_directory['log'] }}
# Never change Server header
CONFIG proxy.config.http.response_server_enabled INT 0
# Handle Via header
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.request_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
CONFIG proxy.config.http.insert_response_via_str INT 1
CONFIG proxy.config.http.response_via_str STRING rapid-cdn-cache-{{ ats_configuration['node-id'] }}-{{ ats_configuration['version-hash'] }}
# Implement RFC 5861 with core
CONFIG proxy.config.http.cache.open_write_fail_action INT 2
CONFIG proxy.config.body_factory.template_sets_dir STRING {{ ats_configuration['templates-dir'] }}
...
...
@@ -53,13 +59,6 @@ CONFIG proxy.config.exec_thread.affinity INT 1
##############################################################################
CONFIG proxy.config.http.server_ports STRING {{ ats_configuration['local-ip'] + ':' + ats_configuration['input-port'] }}
##############################################################################
# Via: headers. Docs:
# https://docs.trafficserver.apache.org/records.config#proxy-config-http-insert-response-via-str
##############################################################################
CONFIG proxy.config.http.insert_request_via_str INT 1
CONFIG proxy.config.http.insert_response_via_str INT 0
##############################################################################
# Parent proxy configuration, in addition to these settings also see parent.config. Docs:
# https://docs.trafficserver.apache.org/records.config#parent-proxy-configuration
...
...
software/caddy-frontend/test/test.py
View file @
85b8b32e
...
...
@@ -95,12 +95,6 @@ KEDIFA_PORT = '15080'
# has to be not partition one
SOURCE_IP
=
'127.0.0.1'
# ATS version expectation in Via string
VIA_STRING
=
(
r'^http\
/
1.1 caddy-frontend-1\
[.*
\] '
r'\
(Ap
acheTrafficServer\
/9
\.[0-9]\
.[
0-9]+\
)$
',
)[0]
# IP on which test run, in order to mimic HTTP[s] access
TEST_IP
=
os
.
environ
[
'SLAPOS_TEST_IPV4'
]
...
...
@@ -302,7 +296,7 @@ class TestDataMixin(object):
def
assertTestData
(
self
,
runtime_data
,
hash_value_dict
=
None
,
msg
=
None
):
if
hash_value_dict
is
None
:
hash_value_dict
=
{}
filename = '
%
s
-%
s
.
txt
' % (self.id(), '
CADDY
')
filename
=
'%s-%s.txt'
%
(
self
.
id
()
.
replace
(
'zz_'
,
''
)
,
'CADDY'
)
test_data_file
=
os
.
path
.
join
(
os
.
path
.
dirname
(
os
.
path
.
realpath
(
__file__
)),
'test_data'
,
filename
)
...
...
@@ -347,7 +341,9 @@ class TestDataMixin(object):
runtime_data
=
'
\
n
'
.
join
(
sorted
(
runtime_data
))
self
.
assertTestData
(
runtime_data
)
def test_file_list_log(self):
# convince test to be run last; it's a hack, but log files shall be checked
# after all other tests had chance to execute
def
zz_test_file_list_log
(
self
):
self
.
_test_file_list
([
'var'
,
'log'
],
[
# no control at all when cron would kick in, ignore it
'cron.log'
,
...
...
@@ -430,6 +426,8 @@ def fakeHTTPSResult(domain, path, port=HTTPS_PORT,
headers
.
setdefault
(
'X-Forwarded-For'
,
'192.168.0.1'
)
headers
.
setdefault
(
'X-Forwarded-Proto'
,
'irc'
)
headers
.
setdefault
(
'X-Forwarded-Port'
,
'17'
)
# Expose some Via to show how nicely it arrives to the backend
headers
.
setdefault
(
'Via'
,
'http/1.1 clientvia'
)
session
=
requests
.
Session
()
if
source_ip
is
not
None
:
...
...
@@ -470,6 +468,8 @@ def fakeHTTPResult(domain, path, port=HTTP_PORT,
headers
.
setdefault
(
'X-Forwarded-For'
,
'192.168.0.1'
)
headers
.
setdefault
(
'X-Forwarded-Proto'
,
'irc'
)
headers
.
setdefault
(
'X-Forwarded-Port'
,
'17'
)
# Expose some Via to show how nicely it arrives to the backend
headers
.
setdefault
(
'Via'
,
'http/1.1 clientvia'
)
headers
[
'Host'
]
=
'%s:%s'
%
(
domain
,
port
)
session
=
requests
.
Session
()
if
source_ip
is
not
None
:
...
...
@@ -572,9 +572,18 @@ class TestHandler(BaseHTTPRequestHandler):
header_dict
[
header
]
=
value
.
strip
()
if
response
is
None
:
if
'x-reply-body'
not
in
self
.
headers
.
dict
:
headers_dict
=
dict
()
for
header
in
self
.
headers
.
keys
():
content
=
self
.
headers
.
getheaders
(
header
)
if
len
(
content
)
==
0
:
headers_dict
[
header
]
=
None
elif
len
(
content
)
==
1
:
headers_dict
[
header
]
=
content
[
0
]
else
:
headers_dict
[
header
]
=
content
response
=
{
'Path'
:
self
.
path
,
'Incoming Headers'
:
self
.
headers
.
dict
'Incoming Headers'
:
headers_
dict
}
response
=
json
.
dumps
(
response
,
indent
=
2
)
else
:
...
...
@@ -595,6 +604,8 @@ class TestHandler(BaseHTTPRequestHandler):
self
.
send_header
(
'Set-Cookie'
,
'secured=value;secure'
)
self
.
send_header
(
'Set-Cookie'
,
'nonsecured=value'
)
if
'Via'
not
in
drop_header_list
:
self
.
send_header
(
'Via'
,
'http/1.1 backendvia'
)
if
compress
:
self
.
send_header
(
'Content-Encoding'
,
'gzip'
)
out
=
StringIO
.
StringIO
()
...
...
@@ -865,7 +876,8 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
except
Exception
as
e
:
self
.
fail
(
e
)
def
assertResponseHeaders
(
self
,
result
):
def
assertResponseHeaders
(
self
,
result
,
cached
=
False
,
via
=
True
,
backend_reached
=
True
):
headers
=
result
.
headers
.
copy
()
self
.
assertKeyWithPop
(
'Date'
,
headers
)
# drop vary-keys
...
...
@@ -874,8 +886,31 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
headers
.
pop
(
'Keep-Alive'
,
None
)
headers
.
pop
(
'Transfer-Encoding'
,
None
)
if
backend_reached
:
self
.
assertEqual
(
'TestBackend'
,
headers
.
pop
(
'Server'
,
''
))
via_id
=
'%s-%s'
%
(
self
.
node_information_dict
[
'node-id'
],
self
.
node_information_dict
[
'version-hash-history'
].
keys
()[
0
])
if
via
:
self
.
assertIn
(
'Via'
,
headers
)
if
cached
:
self
.
assertEqual
(
'http/1.1 backendvia, '
'HTTP/1.1 rapid-cdn-backend-%(via_id)s, '
'http/1.0 rapid-cdn-cache-%(via_id)s, '
'HTTP/1.1 rapid-cdn-frontend-%(via_id)s'
%
dict
(
via_id
=
via_id
),
headers
.
pop
(
'Via'
)
)
else
:
self
.
assertEqual
(
'http/1.1 backendvia, '
'HTTP/1.1 rapid-cdn-backend-%(via_id)s, '
'HTTP/1.1 rapid-cdn-frontend-%(via_id)s'
%
dict
(
via_id
=
via_id
),
headers
.
pop
(
'Via'
)
)
else
:
self
.
assertNotIn
(
'Via'
,
headers
)
return
headers
def
assertLogAccessUrlWithPop
(
self
,
parameter_dict
):
...
...
@@ -945,6 +980,23 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
return generate_auth_url, upload_url
def assertNodeInformationWithPop(self, parameter_dict):
key = '
caddy
-
frontend
-
1
-
node
-
information
-
json
'
node_information_json_dict = {}
for k in parameter_dict.keys():
if k.startswith('
caddy
-
frontend
') and k.endswith(
'
node
-
information
-
json
'):
node_information_json_dict[k] = parameter_dict.pop(k)
self.assertEqual(
[key],
node_information_json_dict.keys()
)
node_information_dict = json.loads(node_information_json_dict[key])
self.assertIn("node-id", node_information_dict)
self.assertIn("version-hash-history", node_information_dict)
self.node_information_dict = node_information_dict
def assertBackendHaproxyStatisticUrl(self, parameter_dict):
url_key = '
caddy
-
frontend
-
1
-
backend
-
haproxy
-
statistic
-
url
'
backend_haproxy_statistic_url_dict = {}
...
...
@@ -1267,20 +1319,27 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
]
)
def
assertSlaveBase
(
self
,
reference
):
def
assertSlaveBase
(
self
,
reference
,
expected_parameter_dict
=
None
,
hostname
=
None
):
if
expected_parameter_dict
is
None
:
expected_parameter_dict
=
{}
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
current_generate_auth
,
self
.
current_upload_url
=
\
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
if
hostname
is
None
:
hostname
=
reference
.
translate
(
None
,
'_-'
).
lower
()
self
.
assertEqual
(
{
expected_parameter_dict
.
update
(
**
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
})
self
.
assertEqual
(
expected_parameter_dict
,
parameter_dict
)
...
...
@@ -1314,6 +1373,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin):
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
...
...
@@ -1345,6 +1405,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'monitor-base-url'
:
'https://[%s]:8401'
%
self
.
_ipv6_address
,
...
...
@@ -1459,6 +1520,7 @@ class TestMasterAIKCDisabledAIBCCDisabledRequest(
'caddy-frontend-1-backend-client-csr-url'
,
parameter_dict
)
self
.
assertKeyWithPop
(
'caddy-frontend-1-csr-certificate'
,
parameter_dict
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'monitor-base-url'
:
'https://[%s]:8401'
%
self
.
_ipv6_address
,
...
...
@@ -1915,6 +1977,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
expected_parameter_dict
=
{
'monitor-base-url'
:
'https://[%s]:8401'
%
self
.
_ipv6_address
,
...
...
@@ -1946,6 +2009,40 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
os
.
path
.
join
(
partition_path
,
'etc'
,
'httpd-cors.cfg'
),
'r'
).
read
().
strip
())
def
test_node_information_json
(
self
):
node_information_file_path
=
glob
.
glob
(
os
.
path
.
join
(
self
.
instance_path
,
'*'
,
'.frontend-node-information.json'
))[
0
]
with
open
(
node_information_file_path
,
'r'
)
as
fh
:
current_node_information
=
json
.
load
(
fh
)
modified_node_information
=
current_node_information
.
copy
()
modified_node_information
[
'version-hash-history'
]
=
{
'testhash'
:
'testurl'
}
def
writeNodeInformation
(
node_information
,
path
):
with
open
(
path
,
'w'
)
as
fh
:
json
.
dump
(
node_information
,
fh
,
sort_keys
=
True
)
self
.
waitForInstance
()
self
.
waitForInstance
()
self
.
waitForInstance
()
self
.
addCleanup
(
writeNodeInformation
,
current_node_information
,
node_information_file_path
)
# simulate that upgrade happened
writeNodeInformation
(
modified_node_information
,
node_information_file_path
)
parameter_dict
=
self
.
parseConnectionParameterDict
()
expected_node_information
=
{
'node-id'
:
current_node_information
[
'node-id'
],
'version-hash-history'
:
current_node_information
[
'version-hash-history'
]
}
expected_node_information
[
'version-hash-history'
][
'testhash'
]
=
'testurl'
self
.
assertEqual
(
json
.
loads
(
parameter_dict
[
'caddy-frontend-1-node-information-json'
]),
expected_node_information
)
def
test_slave_partition_state
(
self
):
partition_path
=
self
.
getSlavePartitionPath
()
self
.
assertTrue
(
...
...
@@ -2032,7 +2129,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
def
assertBackendHeaders
(
self
,
backend_header_dict
,
domain
,
source_ip
=
SOURCE_IP
,
port
=
HTTPS_PORT
,
proto
=
'https'
,
ignore_header_list
=
None
):
proto
=
'https'
,
ignore_header_list
=
None
,
cached
=
False
):
if
ignore_header_list
is
None
:
ignore_header_list
=
[]
if
'Host'
not
in
ignore_header_list
:
...
...
@@ -2051,6 +2148,28 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
backend_header_dict
[
'x-forwarded-proto'
],
proto
)
via_id
=
'%s-%s'
%
(
self
.
node_information_dict
[
'node-id'
],
self
.
node_information_dict
[
'version-hash-history'
].
keys
()[
0
])
if
cached
:
self
.
assertEqual
(
[
'http/1.1 clientvia'
,
'HTTP/1.1 rapid-cdn-frontend-%(via_id)s, '
'http/1.1 rapid-cdn-cache-%(via_id)s'
%
dict
(
via_id
=
via_id
),
'HTTP/1.1 rapid-cdn-backend-%(via_id)s'
%
dict
(
via_id
=
via_id
)
],
backend_header_dict
[
'via'
]
)
else
:
self
.
assertEqual
(
[
'http/1.1 clientvia'
,
'HTTP/1.1 rapid-cdn-frontend-%(via_id)s'
%
dict
(
via_id
=
via_id
),
'HTTP/1.1 rapid-cdn-backend-%(via_id)s'
%
dict
(
via_id
=
via_id
)
],
backend_header_dict
[
'via'
]
)
def
test_telemetry_disabled
(
self
):
# here we trust that telemetry not present in error log means it was
...
...
@@ -2062,26 +2181,14 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertNotIn
(
'Sending telemetry'
,
fh
.
read
(),
'Telemetry enabled'
)
def
test_url
(
self
):
reference
=
'Url'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
hostname
=
reference
.
translate
(
None
,
'_-'
).
lower
()
self
.
assertEqual
(
parameter_dict
=
self
.
assertSlaveBase
(
'Url'
,
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'warning-list'
:
[
"slave url ' %s/?a=b&c= ' has been converted to '%s/?a=b&c='"
%
(
self
.
backend_url
,
self
.
backend_url
)],
},
parameter_dict
}
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path/deep/.././deeper'
,
...
...
@@ -2096,7 +2203,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
certificate_pem
,
der2pem
(
result
.
peercert
))
self
.
assertNotIn
(
'Strict-Transport-Security'
,
result
.
headers
)
headers
=
self
.
assertResponseHeaders
(
result
)
self
.
assertNotIn
(
'Strict-Transport-Security'
,
headers
)
self
.
assertEqualResultJson
(
result
,
'Path'
,
'?a=b&c=/test-path/deeper'
)
try
:
...
...
@@ -2105,12 +2213,12 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
raise
ValueError
(
'JSON decode problem in:
\
n
%s'
%
(
result
.
text
,))
self
.
assertEqual
(
j
[
'Incoming Headers'
][
'timeout'
],
'10'
)
self
.
assertFalse
(
'Content-Encoding'
in
result
.
headers
)
self
.
assertFalse
(
'Content-Encoding'
in
headers
)
self
.
assertBackendHeaders
(
j
[
'Incoming Headers'
],
parameter_dict
[
'domain'
])
self
.
assertEqual
(
'secured=value;secure, nonsecured=value'
,
result
.
headers
[
'Set-Cookie'
]
headers
[
'Set-Cookie'
]
)
self
.
assertLastLogLineRegexp
(
...
...
@@ -2141,9 +2249,11 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
result_http.status_code
)
headers = self.assertResponseHeaders(
result_http, via=False, backend_reached=False)
self.assertEqual(
'
https
:
//
url
.
example
.
com
:
%
s
/
test
-
path
/
deeper
' % (HTTP_PORT,),
result_http.
headers['
Location
']
headers['
Location
']
)
# check that timeouts are correctly set in the haproxy configuration
...
...
@@ -2309,24 +2419,13 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_compressed_result
(
self
):
reference
=
'Url'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
hostname
=
reference
.
translate
(
None
,
'_-'
).
lower
()
self
.
assertEqual
(
parameter_dict
=
self
.
assertSlaveBase
(
'Url'
,
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'warning-list'
:
[
"slave url ' %s/?a=b&c= ' has been converted to '%s/?a=b&c='"
%
(
self
.
backend_url
,
self
.
backend_url
)],
},
parameter_dict
}
)
result_compressed
=
fakeHTTPSResult
(
...
...
@@ -2361,24 +2460,13 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertFalse
(
'Content-Encoding'
in
result_not_compressed
.
headers
)
def
test_no_content_type_alter
(
self
):
reference
=
'Url'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
hostname
=
reference
.
translate
(
None
,
'_-'
).
lower
()
self
.
assertEqual
(
parameter_dict
=
self
.
assertSlaveBase
(
'Url'
,
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'warning-list'
:
[
"slave url ' %s/?a=b&c= ' has been converted to '%s/?a=b&c='"
%
(
self
.
backend_url
,
self
.
backend_url
)],
},
parameter_dict
}
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
...
...
@@ -2547,20 +2635,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_server_alias_wildcard
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'server-alias-wildcard'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'serveraliaswildcard.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://serveraliaswildcard.example.com'
,
'site_url'
:
'http://serveraliaswildcard.example.com'
,
'secure_access'
:
'https://serveraliaswildcard.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'server-alias-wildcard'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -2587,20 +2662,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_server_alias_duplicated
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'server-alias-duplicated'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'serveraliasduplicated.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://serveraliasduplicated.example.com'
,
'site_url'
:
'http://serveraliasduplicated.example.com'
,
'secure_access'
:
'https://serveraliasduplicated.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'server-alias-duplicated'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -2621,22 +2683,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_server_alias_custom_domain_duplicated
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'server-alias_custom_domain-duplicated'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'alias4.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://alias4.example.com'
,
'site_url'
:
'http://alias4.example.com'
,
'secure_access'
:
'https://alias4.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'server-alias_custom_domain-duplicated'
,
hostname
=
'alias4'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -2652,26 +2700,12 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
raise
NotImplementedError
(
self
.
id
())
def
test_ssl_ca_crt
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'customdomainsslcrtsslkeysslcacrt.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://customdomainsslcrtsslkeysslcacrt.example.com'
,
'site_url'
:
'http://customdomainsslcrtsslkeysslcacrt.example.com'
,
'secure_access'
:
'https://customdomainsslcrtsslkeysslcacrt.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
...
...
@@ -2680,7 +2714,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
ca
.
certificate_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -2704,31 +2738,17 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqual
(
data
,
out
.
read
())
def
test_ssl_ca_crt_only
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_ca_crt_only'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslcacrtonly.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslcacrtonly.example.com'
,
'site_url'
:
'http://sslcacrtonly.example.com'
,
'secure_access'
:
'https://sslcacrtonly.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
self
.
assertSlaveBase
(
'ssl_ca_crt_only'
)
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
ca
.
certificate_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
...
...
@@ -2736,25 +2756,11 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqual
(
'Key incorrect'
,
upload
.
text
)
def
test_ssl_ca_crt_garbage
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_ca_crt_garbage'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslcacrtgarbage.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslcacrtgarbage.example.com'
,
'site_url'
:
'http://sslcacrtgarbage.example.com'
,
'secure_access'
:
'https://sslcacrtgarbage.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_ca_crt_garbage'
)
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
...
...
@@ -2764,7 +2770,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
data
=
ca_certificate_pem
+
ca_key_pem
+
'some garbage'
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
...
...
@@ -2790,31 +2796,17 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqual
(
data
,
out
.
read
())
def
test_ssl_ca_crt_does_not_match
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_ca_crt_does_not_match'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslcacrtdoesnotmatch.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslcacrtdoesnotmatch.example.com'
,
'site_url'
:
'http://sslcacrtdoesnotmatch.example.com'
,
'secure_access'
:
'https://sslcacrtdoesnotmatch.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_ca_crt_does_not_match'
)
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
certificate_pem
+
self
.
key_pem
+
self
.
ca
.
certificate_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
...
...
@@ -2858,22 +2850,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result_http
,
'Path'
,
'/test-path/deeper'
)
def
test_custom_domain
(
self
):
reference
=
'custom_domain'
hostname
=
'mycustomdomain'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain'
,
hostname
=
'mycustomdomain'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -2885,22 +2863,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_custom_domain_server_alias
(
self
):
reference
=
'custom_domain_server_alias'
hostname
=
'mycustomdomainserveralias'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain_server_alias'
,
hostname
=
'mycustomdomainserveralias'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -2922,20 +2886,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path/deeper'
)
def
test_custom_domain_wildcard
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'custom_domain_wildcard'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'*.customdomain.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://*.customdomain.example.com'
,
'site_url'
:
'http://*.customdomain.example.com'
,
'secure_access'
:
'https://*.customdomain.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
self
.
assertSlaveBase
(
'custom_domain_wildcard'
,
hostname
=
'*.customdomain'
)
result
=
fakeHTTPSResult
(
'wild.customdomain.example.com'
,
...
...
@@ -2948,33 +2900,17 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_custom_domain_ssl_crt_ssl_key
(
self
):
reference
=
'custom_domain_ssl_crt_ssl_key'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain_ssl_crt_ssl_key'
)
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
self
.
customdomain_certificate_pem
+
\
self
.
customdomain_key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -3221,22 +3157,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_type_notebook
(
self
):
reference
=
'type-notebook'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'type-notebook'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
...
...
@@ -3495,22 +3416,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_type_redirect_custom_domain
(
self
):
reference
=
'type-redirect-custom_domain'
hostname
=
'customdomaintyperedirect'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'type-redirect-custom_domain'
,
hostname
=
'customdomaintyperedirect'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
...
...
@@ -3531,25 +3438,9 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_ssl_proxy_verify_ssl_proxy_ca_crt_unverified
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
parameter_dict
=
self
.
assertSlaveBase
(
'ssl-proxy-verify_ssl_proxy_ca_crt-unverified'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslproxyverifysslproxycacrtunverified.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslproxyverifysslproxycacrtunverified.example.com'
,
'site_url'
:
'http://sslproxyverifysslproxycacrtunverified.example.com'
,
'secure_access'
:
'https://sslproxyverifysslproxycacrtunverified.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -3740,22 +3631,9 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
def
test_enable_cache_custom_domain
(
self
):
reference
=
'enable_cache_custom_domain'
hostname
=
'customdomainenablecache'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable_cache_custom_domain'
,
hostname
=
'customdomainenablecache'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
...
...
@@ -3765,7 +3643,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path/deeper'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
True
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
self
.
assertEqual
(
...
...
@@ -3779,13 +3657,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
def
test_enable_cache_server_alias
(
self
):
parameter_dict
=
self
.
assertSlaveBase
(
'enable_cache_server_alias'
)
...
...
@@ -3798,7 +3671,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path/deeper'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
cached
=
True
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
self
.
assertEqual
(
...
...
@@ -3812,13 +3685,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
result
=
fakeHTTPResult
(
'enablecacheserveralias1.example.com'
,
...
...
@@ -3847,7 +3715,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path/deeper'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
cached
=
True
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
self
.
assertEqual
(
{
...
...
@@ -3868,17 +3736,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqual
(
httplib
.
OK
,
result
.
status_code
)
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/HTTPS/test'
)
self
.
assertResponseHeaders
(
result
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'HTTP/test'
,
headers
=
{
'X-Reply-Header-Cache-Control'
:
'max-age=1, stale-while-'
'revalidate=3600, stale-if-error=3600'
})
self
.
assertEqual
(
httplib
.
OK
,
result
.
status_code
)
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/HTTP/test'
)
self
.
assertResponseHeaders
(
result
)
self
.
assertResponseHeaders
(
result
,
cached
=
True
)
def
test_enable_cache
(
self
):
parameter_dict
=
self
.
assertSlaveBase
(
'enable_cache'
)
...
...
@@ -3895,7 +3753,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path/deeper'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
cached
=
True
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
...
...
@@ -3910,13 +3768,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
# BEGIN: Check that squid.log is correctly filled in
ats_log_file_list
=
glob
.
glob
(
...
...
@@ -4104,13 +3957,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
# check stale-if-error support is really respected if not present in the
# request
...
...
@@ -4226,7 +4074,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
cached
=
True
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
...
...
@@ -4239,13 +4087,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
try
:
j
=
result
.
json
()
...
...
@@ -4265,7 +4108,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
headers
=
self
.
assertResponseHeaders
(
result
)
headers
=
self
.
assertResponseHeaders
(
result
,
via
=
False
)
self
.
assertKeyWithPop
(
'Age'
,
headers
)
...
...
@@ -4278,13 +4121,8 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
)
backend_headers
=
result
.
json
()[
'Incoming Headers'
]
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
])
via
=
backend_headers
.
pop
(
'via'
,
None
)
self
.
assertNotEqual
(
via
,
None
)
self
.
assertRegexpMatches
(
via
,
VIA_STRING
)
self
.
assertBackendHeaders
(
backend_headers
,
parameter_dict
[
'domain'
],
cached
=
True
)
def
test_enable_http2_false
(
self
):
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-false'
)
...
...
@@ -4655,6 +4493,24 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'replicate'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
key_list
=
[
'caddy-frontend-1-node-information-json'
,
'caddy-frontend-2-node-information-json'
]
node_information_json_dict
=
{}
for
k
in
parameter_dict
.
keys
():
if
k
.
startswith
(
'caddy-frontend'
)
and
k
.
endswith
(
'node-information-json'
):
node_information_json_dict
[
k
]
=
parameter_dict
.
pop
(
k
)
self
.
assertEqual
(
key_list
,
node_information_json_dict
.
keys
()
)
node_information_dict
=
json
.
loads
(
node_information_json_dict
[
key_list
[
0
]])
self
.
assertIn
(
"node-id"
,
node_information_dict
)
self
.
assertIn
(
"version-hash-history"
,
node_information_dict
)
self
.
node_information_dict
=
node_information_dict
self
.
assertEqual
(
{
'domain'
:
'replicate.example.com'
,
...
...
@@ -4783,61 +4639,19 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
}
def
test_enable_http2_default
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2default.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2default.example.com'
,
'site_url'
:
'http://enablehttp2default.example.com'
,
'secure_access'
:
'https://enablehttp2default.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-default'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
def
test_enable_http2_false
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-false'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2false.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2false.example.com'
,
'site_url'
:
'http://enablehttp2false.example.com'
,
'secure_access'
:
'https://enablehttp2false.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-false'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
def
test_enable_http2_true
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-true'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2true.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2true.example.com'
,
'site_url'
:
'http://enablehttp2true.example.com'
,
'secure_access'
:
'https://enablehttp2true.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-true'
)
self
.
assertTrue
(
isHTTP2
(
parameter_dict
[
'domain'
]))
...
...
@@ -4873,61 +4687,19 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
}
def
test_enable_http2_default
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2default.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2default.example.com'
,
'site_url'
:
'http://enablehttp2default.example.com'
,
'secure_access'
:
'https://enablehttp2default.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-default'
)
self
.
assertTrue
(
isHTTP2
(
parameter_dict
[
'domain'
]))
def
test_enable_http2_false
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-false'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2false.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2false.example.com'
,
'site_url'
:
'http://enablehttp2false.example.com'
,
'secure_access'
:
'https://enablehttp2false.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-false'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
def
test_enable_http2_true
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-true'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2true.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2true.example.com'
,
'site_url'
:
'http://enablehttp2true.example.com'
,
'secure_access'
:
'https://enablehttp2true.example.com'
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-true'
)
self
.
assertTrue
(
isHTTP2
(
parameter_dict
[
'domain'
]))
...
...
@@ -4938,6 +4710,7 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
@
classmethod
def
getInstanceParameterDict
(
cls
):
return
{
'domain'
:
'example.com'
,
'port'
:
HTTPS_PORT
,
'plain_http_port'
:
HTTP_PORT
,
'kedifa_port'
:
KEDIFA_PORT
,
...
...
@@ -4959,20 +4732,7 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
return
True
def
test_default
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'default.None'
,
'replication_number'
:
'1'
,
'url'
:
'http://default.None'
,
'site_url'
:
'http://default.None'
,
'secure_access'
:
'https://default.None'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
self
.
assertSlaveBase
(
'default'
)
re6st_connectivity_promise_list
=
glob
.
glob
(
os
.
path
.
join
(
...
...
@@ -5025,20 +4785,7 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase,
except
Exception
:
pass
parameter_dict
=
self
.
parseSlaveParameterDict
(
'default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'domain'
:
'default.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://default.example.com'
,
'site_url'
:
'http://default.example.com'
,
'secure_access'
:
'https://default.example.com'
,
},
parameter_dict
)
self
.
assertSlaveBase
(
'default'
)
re6st_connectivity_promise_list
=
glob
.
glob
(
os
.
path
.
join
(
...
...
@@ -5065,21 +4812,7 @@ class TestSlaveGlobalDisableHttp2(TestSlave):
return
instance_parameter_dict
def
test_enable_http2_default
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2default.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2default.example.com'
,
'site_url'
:
'http://enablehttp2default.example.com'
,
'secure_access'
:
'https://enablehttp2default.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-default'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5114,21 +4847,7 @@ class TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2(
return
instance_parameter_dict
def
test_enable_http2_true
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-true'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2true.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2true.example.com'
,
'site_url'
:
'http://enablehttp2true.example.com'
,
'secure_access'
:
'https://enablehttp2true.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-true'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
...
...
@@ -5145,41 +4864,13 @@ class TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2(
return
instance_parameter_dict
def
test_enable_http2_true
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-true'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2true.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2true.example.com'
,
'site_url'
:
'http://enablehttp2true.example.com'
,
'secure_access'
:
'https://enablehttp2true.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-true'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
def
test_enable_http2_default
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'enable-http2-default'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'enablehttp2default.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://enablehttp2default.example.com'
,
'site_url'
:
'http://enablehttp2default.example.com'
,
'secure_access'
:
'https://enablehttp2default.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'enable-http2-default'
)
self
.
assertFalse
(
isHTTP2
(
parameter_dict
[
'domain'
]))
...
...
@@ -5220,22 +4911,8 @@ class TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster(
}
def
test_ssl_from_master_kedifa_overrides_master_certificate
(
self
):
reference
=
'ssl_from_master_kedifa_overrides_master_certificate'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_master_kedifa_overrides_master_certificate'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5417,6 +5094,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertKeyWithPop
(
'monitor-setup-url'
,
parameter_dict
)
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
expected_parameter_dict
=
{
...
...
@@ -5484,21 +5162,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
)
def
test_ssl_from_master
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_from_master'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
hostname
=
'ssl_from_master'
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_master'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5510,22 +5174,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_ssl_from_master_kedifa_overrides
(
self
):
reference
=
'ssl_from_master_kedifa_overrides'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_master_kedifa_overrides'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5541,14 +5190,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -5564,27 +5213,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_ssl_from_slave
(
self
):
reference
=
'ssl_from_slave'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_slave'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
,
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5596,27 +5232,12 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_ssl_from_slave_kedifa_overrides
(
self
):
reference
=
'ssl_from_slave_kedifa_overrides'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
,
]
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_slave_kedifa_overrides'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
]
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5632,14 +5253,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -5656,22 +5277,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_type_notebook_ssl_from_master
(
self
):
reference
=
'type-notebook-ssl_from_master'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'type-notebook-ssl_from_master'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
,
...
...
@@ -5684,22 +5290,8 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_type_notebook_ssl_from_master_kedifa_overrides
(
self
):
reference
=
'type-notebook-ssl_from_master_kedifa_overrides'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'type-notebook-ssl_from_master_kedifa_overrides'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
,
...
...
@@ -5716,14 +5308,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -5741,26 +5333,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_type_notebook_ssl_from_slave
(
self
):
reference
=
'type-notebook-ssl_from_slave'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'type-notebook-ssl_from_slave'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
,
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
,
...
...
@@ -5773,26 +5353,12 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_type_notebook_ssl_from_slave_kedifa_overrides
(
self
):
reference
=
'type-notebook-ssl_from_slave_kedifa_overrides'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
,
]
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'type-notebook-ssl_from_slave_kedifa_overrides'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
]
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
,
...
...
@@ -5809,14 +5375,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
# as now the place to put the key is known put the key there
auth
=
requests
.
get
(
generate_auth
,
self
.
current_
generate_auth
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
auth
.
status_code
)
data
=
certificate_pem
+
key_pem
upload
=
requests
.
put
(
upload_url
+
auth
.
text
,
self
.
current_
upload_url
+
auth
.
text
,
data
=
data
,
verify
=
self
.
kedifa_caucase_ca_certificate_file
)
self
.
assertEqual
(
httplib
.
CREATED
,
upload
.
status_code
)
...
...
@@ -5835,25 +5401,12 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
@
skip
(
'Not implemented in new test system'
)
def
test_custom_domain_ssl_crt_ssl_key
(
self
):
reference
=
'custom_domain_ssl_crt_ssl_key'
parameter_dict
=
self
.
parseSlaveParameterDict
(
reference
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
hostname
=
reference
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain_ssl_crt_ssl_key'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_key is obsolete, please use key-upload-url'
,
'ssl_crt is obsolete, please use key-upload-url'
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5865,27 +5418,15 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_ssl_ca_crt
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
generate_auth
,
upload_url
=
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'customdomainsslcrtsslkeysslcacrt.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://customdomainsslcrtsslkeysslcacrt.example.com'
,
'site_url'
:
'http://customdomainsslcrtsslkeysslcacrt.example.com'
,
'secure_access'
:
'https://customdomainsslcrtsslkeysslcacrt.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_ca_crt is obsolete, please use key-upload-url'
,
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5954,25 +5495,14 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
)
def
test_ssl_ca_crt_garbage
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_ca_crt_garbage'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslcacrtgarbage.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslcacrtgarbage.example.com'
,
'site_url'
:
'http://sslcacrtgarbage.example.com'
,
'secure_access'
:
'https://sslcacrtgarbage.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_ca_crt_garbage'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_ca_crt is obsolete, please use key-upload-url'
,
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -5985,26 +5515,15 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
self
.
assertEqualResultJson
(
result
,
'Path'
,
'/test-path'
)
def
test_ssl_ca_crt_does_not_match
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_ca_crt_does_not_match'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'sslcacrtdoesnotmatch.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://sslcacrtdoesnotmatch.example.com'
,
'site_url'
:
'http://sslcacrtdoesnotmatch.example.com'
,
'secure_access'
:
'https://sslcacrtdoesnotmatch.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_ca_crt_does_not_match'
,
expected_parameter_dict
=
{
'warning-list'
:
[
'ssl_ca_crt is obsolete, please use key-upload-url'
,
'ssl_crt is obsolete, please use key-upload-url'
,
'ssl_key is obsolete, please use key-upload-url'
]
},
parameter_dict
)
})
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -6071,6 +5590,7 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
self
.
assertKeyWithPop
(
'monitor-setup-url'
,
parameter_dict
)
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
expected_parameter_dict
=
{
...
...
@@ -6093,21 +5613,7 @@ class TestSlaveSlapOSMasterCertificateCompatibilityUpdate(
)
def
test_apache_key_apache_certificate_update
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'ssl_from_master'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
''
)
hostname
=
'ssl_from_master'
.
translate
(
None
,
'_-'
)
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'ssl_from_master'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -6176,6 +5682,7 @@ class TestSlaveCiphers(SlaveHttpFrontendTestCase, TestDataMixin):
self
.
assertKeyWithPop
(
'monitor-setup-url'
,
parameter_dict
)
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertRejectedSlavePromiseEmptyWithPop
(
parameter_dict
)
expected_parameter_dict
=
{
...
...
@@ -6444,6 +5951,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
self
.
assertKeyWithPop
(
'monitor-setup-url'
,
parameter_dict
)
self
.
assertBackendHaproxyStatisticUrl
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertRejectedSlavePromiseWithPop
(
parameter_dict
)
expected_parameter_dict
=
{
...
...
@@ -6533,6 +6041,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_url
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'URL'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6543,6 +6052,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_https_url
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'HTTPS-URL'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6554,6 +6064,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_ssl_proxy_verify_ssl_proxy_ca_crt_damaged
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SSL-PROXY-VERIFY_SSL_PROXY_CA_CRT_DAMAGED'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"ssl_proxy_ca_crt is invalid"
]},
parameter_dict
...
...
@@ -6562,6 +6073,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_ssl_proxy_verify_ssl_proxy_ca_crt_empty
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SSL-PROXY-VERIFY_SSL_PROXY_CA_CRT_EMPTY'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"ssl_proxy_ca_crt is invalid"
]},
parameter_dict
...
...
@@ -6570,6 +6082,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_health_check_failover_ssl_proxy_ca_crt_damaged
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'health-check-failover-SSL-PROXY-VERIFY_SSL_PROXY_CA_CRT_DAMAGED'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6581,6 +6094,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_health_check_failover_ssl_proxy_ca_crt_empty
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'health-check-failover-SSL-PROXY-VERIFY_SSL_PROXY_CA_CRT_EMPTY'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6590,20 +6104,8 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
)
def
test_server_alias_same
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SERVER-ALIAS-SAME'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'serveraliassame.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://serveraliassame.example.com'
,
'site_url'
:
'http://serveraliassame.example.com'
,
'secure_access'
:
'https://serveraliassame.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'SERVER-ALIAS-SAME'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -6616,6 +6118,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_custom_domain_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'CUSTOM_DOMAIN-UNSAFE'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6627,6 +6130,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_server_alias_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SERVER-ALIAS-UNSAFE'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6638,6 +6142,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_bad_ciphers
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'BAD-CIPHERS'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6651,6 +6156,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_virtualhostroot_http_port_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'VIRTUALHOSTROOT-HTTP-PORT-UNSAFE'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6663,6 +6169,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_virtualhostroot_https_port_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'VIRTUALHOSTROOT-HTTPS-PORT-UNSAFE'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6676,6 +6183,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'DEFAULT-PATH-UNSAFE'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
,
'master-'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'defaultpathunsafe.example.com'
,
...
...
@@ -6707,20 +6215,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
)
def
test_monitor_ipv4_test_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'MONITOR-IPV4-TEST-UNSAFE'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'monitoripv4testunsafe.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://monitoripv4testunsafe.example.com'
,
'site_url'
:
'http://monitoripv4testunsafe.example.com'
,
'secure_access'
:
'https://monitoripv4testunsafe.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'MONITOR-IPV4-TEST-UNSAFE'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -6751,20 +6246,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
)
def
test_monitor_ipv6_test_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'MONITOR-IPV6-TEST-UNSAFE'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'monitoripv6testunsafe.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://monitoripv6testunsafe.example.com'
,
'site_url'
:
'http://monitoripv6testunsafe.example.com'
,
'secure_access'
:
'https://monitoripv6testunsafe.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
parameter_dict
=
self
.
assertSlaveBase
(
'MONITOR-IPV6-TEST-UNSAFE'
)
result
=
fakeHTTPSResult
(
parameter_dict
[
'domain'
],
'test-path'
)
...
...
@@ -6793,23 +6275,11 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
)
def
test_site_1
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SITE_1'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict
)
self
.
assertKedifaKeysWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'domain'
:
'duplicate.example.com'
,
'replication_number'
:
'1'
,
'url'
:
'http://duplicate.example.com'
,
'site_url'
:
'http://duplicate.example.com'
,
'secure_access'
:
'https://duplicate.example.com'
,
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict
)
self
.
assertSlaveBase
(
'SITE_1'
,
hostname
=
'duplicate'
)
def
test_site_2
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SITE_2'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"custom_domain 'duplicate.example.com' clashes"
]
...
...
@@ -6819,6 +6289,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_site_3
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SITE_3'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"server-alias 'duplicate.example.com' clashes"
]
...
...
@@ -6828,6 +6299,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_site_4
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SITE_4'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"custom_domain 'duplicate.example.com' clashes"
]
...
...
@@ -6837,7 +6309,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_ssl_ca_crt_only
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SSL_CA_CRT_ONLY'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
parameter_dict
,
{
...
...
@@ -6851,6 +6323,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_ssl_key_ssl_crt_unsafe
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'SSL_KEY-SSL_CRT-UNSAFE'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
"slave ssl_key and ssl_crt does not match"
],
...
...
@@ -6863,6 +6336,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_bad_backend
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'BAD-BACKEND'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6874,6 +6348,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
def
test_empty_backend
(
self
):
parameter_dict
=
self
.
parseSlaveParameterDict
(
'EMPTY-BACKEND'
)
self
.
assertNodeInformationWithPop
(
parameter_dict
)
self
.
assertEqual
(
{
'request-error-list'
:
[
...
...
@@ -6916,36 +6391,10 @@ class TestSlaveHostHaproxyClash(SlaveHttpFrontendTestCase, TestDataMixin):
}
def
test
(
self
):
parameter_dict_wildcard
=
self
.
parseSlaveParameterDict
(
'wildcard'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict_wildcard
)
self
.
assertKedifaKeysWithPop
(
parameter_dict_wildcard
,
''
)
hostname
=
'*.alias1'
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict_wildcard
)
parameter_dict_specific
=
self
.
parseSlaveParameterDict
(
'zspecific'
)
self
.
assertLogAccessUrlWithPop
(
parameter_dict_specific
)
self
.
assertKedifaKeysWithPop
(
parameter_dict_specific
,
''
)
hostname
=
'zspecific.alias1'
self
.
assertEqual
(
{
'domain'
:
'%s.example.com'
%
(
hostname
,),
'replication_number'
:
'1'
,
'url'
:
'http://%s.example.com'
%
(
hostname
,
),
'site_url'
:
'http://%s.example.com'
%
(
hostname
,
),
'secure_access'
:
'https://%s.example.com'
%
(
hostname
,
),
'backend-client-caucase-url'
:
'http://[%s]:8990'
%
self
.
_ipv6_address
,
},
parameter_dict_specific
)
self
.
assertSlaveBase
(
'wildcard'
,
hostname
=
'*.alias1'
)
self
.
assertSlaveBase
(
'zspecific'
,
hostname
=
'zspecific.alias1'
)
result_wildcard
=
fakeHTTPSResult
(
'other.alias1.example.com'
,
...
...
stack/slapos.cfg
View file @
85b8b32e
...
...
@@ -190,7 +190,7 @@ setuptools-dso = 1.7
rubygemsrecipe = 0.4.3
six = 1.12.0
slapos.cookbook = 1.0.226
slapos.core = 1.7.
4
slapos.core = 1.7.
5
slapos.extension.strip = 0.4
slapos.extension.shared = 1.0
slapos.libnetworkcache = 0.22
...
...
@@ -249,10 +249,12 @@ certifi = 2020.6.20
chardet = 3.0.4
urllib3 = 1.25.9
pkgconfig = 1.5.1
distro = 1.7.0
[versions:python2]
Werkzeug = 1.0.1
distro = 1.6.0
[networkcache]
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment