Commit 0f1992e8 authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Matevz Golob

component/caddy: Upgrade to v1.0.0

This also means that caddy source is fetched directly from upstream, as all
required fixes has been incorporated into the upstream.

Drop direct usage of gowork for now, in order to have caddy built using go
module, support for gowork with go modules might come later.

Follow new way of certificate managament in Caddy 1 as noted
https://github.com/mholt/caddy/issues/2588#issuecomment-505367152
parent b5ec4b77
[buildout] [buildout]
extends = extends =
../../component/golang/buildout.cfg ../../component/golang/buildout.cfg
gowork.cfg
parts = parts =
gowork
caddy caddy
[gowork] [gowork]
# Caddy 1.x+ uses go modules, for which gowork does not work yet
golang = ${golang1.12:location} golang = ${golang1.12:location}
install = install =
github.com/mholt/caddy
[gowork.goinstall]
command = :
depends =
${caddy:recipe}
[caddy] [caddy]
recipe = slapos.recipe.cmmi # revision and repository can be used to control which caddy version is used
path = ${go_github.com_mholt_caddy:location} revision = v1.0.0
go = ${gowork:golang}/bin/go repository = github.com/mholt/caddy/caddy
configure-command = :
make-targets = recipe = plone.recipe.command
make-binary = cd ${:path}/caddy && ${:go} install -v update-command = ${:command}
environment = stop-on-error = True
PATH=${pkgconfig:location}/bin:${gowork:golang}/bin:${buildout:bin-directory}:%(PATH)s # GO111MODULE=on enables go modules support
GOPATH=${gowork:directory} # the chmod is needed as modules are fetched with u-w
command =
. ${gowork:env.sh} &&
cd ${gowork:directory} &&
export GO111MODULE=on &&
go get ${:repository}@${:revision} &&
chmod -R u+w .
output = ${gowork:bin}/caddy output = ${gowork:bin}/caddy
location = ${:output} location = ${:output}
# Code generated by gowork-snapshot; DO NOT EDIT.
# list of go git repositories to fetch
[gowork.goinstall]
depends_gitfetch =
${go_github.com_mholt_caddy:recipe}
[go_github.com_mholt_caddy]
<= go-git-package
go.importpath = github.com/mholt/caddy
repository = https://lab.nexedi.com/nexedi/caddy.git
revision = nxd-v0.11.5-4-g9d3151db
...@@ -4782,12 +4782,29 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -4782,12 +4782,29 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
@classmethod @classmethod
def setUpSlaves(cls): def setUpSlaves(cls):
_, cls.slave_key_pem, _, cls.slave_certificate_pem = \ _, cls.ssl_from_slave_key_pem, _, cls.ssl_from_slave_certificate_pem = \
createSelfSignedCertificate( createSelfSignedCertificate(
[ [
'*.customdomain.example.com', 'sslfromslave.example.com',
'*.example.com',
]) ])
_, cls.ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'sslfromslavekedifaoverrides.example.com',
])
_, cls.type_notebook_ssl_from_slave_key_pem, _, \
cls.type_notebook_ssl_from_slave_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslave.example.com',
])
_, cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslavekedifaoverrides.example.com',
])
cls.ca = CertificateAuthority( cls.ca = CertificateAuthority(
'TestSlaveSlapOSMasterCertificateCompatibility') 'TestSlaveSlapOSMasterCertificateCompatibility')
...@@ -4836,13 +4853,13 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -4836,13 +4853,13 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
}, },
'ssl_from_slave': { 'ssl_from_slave': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem, 'ssl_crt': cls.ssl_from_slave_certificate_pem,
'ssl_key': cls.slave_key_pem, 'ssl_key': cls.ssl_from_slave_key_pem,
}, },
'ssl_from_slave_kedifa_overrides': { 'ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem, 'ssl_crt': cls.ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key': cls.slave_key_pem, 'ssl_key': cls.ssl_from_slave_kedifa_overrides_key_pem,
}, },
'custom_domain_ssl_crt_ssl_key': { 'custom_domain_ssl_crt_ssl_key': {
'url': cls.backend_url, 'url': cls.backend_url,
...@@ -4883,8 +4900,8 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -4883,8 +4900,8 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
}, },
'type-notebook-ssl_from_slave': { 'type-notebook-ssl_from_slave': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem, 'ssl_crt': cls.type_notebook_ssl_from_slave_certificate_pem,
'ssl_key': cls.slave_key_pem, 'ssl_key': cls.type_notebook_ssl_from_slave_key_pem,
'type': 'notebook', 'type': 'notebook',
}, },
'type-notebook-ssl_from_master_kedifa_overrides': { 'type-notebook-ssl_from_master_kedifa_overrides': {
...@@ -4893,8 +4910,10 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -4893,8 +4910,10 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
}, },
'type-notebook-ssl_from_slave_kedifa_overrides': { 'type-notebook-ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem, 'ssl_crt':
'ssl_key': cls.slave_key_pem, cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key':
cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem,
'type': 'notebook', 'type': 'notebook',
} }
} }
...@@ -5079,7 +5098,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -5079,7 +5098,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
self.slave_certificate_pem, self.ssl_from_slave_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -5111,7 +5130,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -5111,7 +5130,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
self.slave_certificate_pem, self.ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -5256,7 +5275,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -5256,7 +5275,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT) HTTPS_PORT)
self.assertEqual( self.assertEqual(
self.slave_certificate_pem, self.type_notebook_ssl_from_slave_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -5288,7 +5307,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility( ...@@ -5288,7 +5307,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT) HTTPS_PORT)
self.assertEqual( self.assertEqual(
self.slave_certificate_pem, self.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment