software/jstestnode: serve test files on https

Now that we have a more modern firefox, it requires secure context for many things. This fixes `TypeError: crypto.subtle is undefined` test failures for JIO.

software/jstestnode: serve test files on https
Now that we have a more modern firefox, it requires secure context for many things. This fixes `TypeError: crypto.subtle is undefined` test failures for JIO.
b5b7360d · Jérome Perrin · 349df3cb · b5b7360d · b5b7360d · b5b7360d
Commit b5b7360d authored Jan 23, 2024 by Jérome Perrin
6 changed files
--- a/software/jstestnode/buildout.hash.cfg
+++ b/software/jstestnode/buildout.hash.cfg
@@ -15,16 +15,16 @@
 [instance]
 filename = instance.cfg.in
-md5sum = 84380fe6c268301a1e1f501e53943f58
+md5sum = ad2797e1b83b6b3221f831950075a057
 [template-nginx-service]
 filename = template-nginx-service.sh.in
-md5sum = 458870b70c33a1621b68961ae2372ad5
+md5sum = d718fb950862769e57100986cfabb180
 [template-nginx-configuration]
 filename = template-nginx.cfg.in
-md5sum = 98faa5ad8cfb23a11d97a459078a1d05
+md5sum = f15c5d9b8c2cf39cb6b2070d8d9d3a92
 [template-runTestSuite]
 filename = runTestSuite.in
-md5sum = 5db53d622bd68fb07e078ddc4403a240
+md5sum = 98b7d79eb6af1c4120e3848e9e6fca61
--- a/software/jstestnode/instance.cfg.in
+++ b/software/jstestnode/instance.cfg.in
@@ -10,7 +10,7 @@ offline = true
 [publish]
 recipe = slapos.cookbook:publish.serialised
-nginx = http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/
+nginx = https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/
 [directory]
 recipe = slapos.cookbook:mkdirectory
@@ -97,13 +97,13 @@ virtual-depends =
 recipe = slapos.recipe.template
 url = ${template-nginx-configuration:output}
 output = $${directory:etc}/nginx.cfg
-access_log = $${directory:log}/nginx-access.log
+access-log = $${directory:log}/nginx-access.log
-error_log = $${directory:log}/nginx-error.log
+error-log = $${directory:log}/nginx-error.log
 ip = $${instance-parameter:ipv6-random}
 port = 9443
-ssl_key = $${directory:ssl}/nginx.key
+ssl-csr = $${directory:ssl}/nginx.csr
-ssl_csr = $${directory:ssl}/nginx.csr
+ssl-key = $${directory:ssl}/nginx.key
-ssl_crt = $${directory:ssl}/nginx.crt
+ssl-crt = $${directory:ssl}/nginx.crt
 [nginx-listen-promise]
 recipe = slapos.cookbook:check_port_listening

--- a/software/jstestnode/runTestSuite.in
+++ b/software/jstestnode/runTestSuite.in
@@ -22,7 +22,7 @@ os.environ['XORG_LOCK_DIR'] = '$${xvfb-instance:lock-dir}'
 os.environ['DISPLAY'] = '$${xvfb-instance:display}'
 os.environ['FONTCONFIG_FILE'] = '$${fontconfig-conf:output}'
-BASE_URL = 'http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/'
+BASE_URL = 'https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/'
 ETC_DIRECTORY = '$${directory:etc}'
 def main():
@@ -91,6 +91,7 @@ def main():
      if target == 'firefox':
        firefox_capabilities = webdriver.common.desired_capabilities.DesiredCapabilities.FIREFOX
        firefox_capabilities['marionette'] = True
+        firefox_capabilities['acceptInsecureCerts'] = True
        browser = webdriver.Firefox(
            capabilities=firefox_capabilities,
            firefox_binary='${firefox-wrapper:location}',

--- a/software/jstestnode/template-nginx-service.sh.in
+++ b/software/jstestnode/template-nginx-service.sh.in
@@ -2,16 +2,16 @@
 # BEWARE: This file is operated by slapos node
 # BEWARE: It will be overwritten automatically
-if [ ! -e $${nginx-configuration:ssl_crt} ]
+if [ ! -e $${nginx-configuration:ssl-crt} ]
 then
-  ${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl_key} 2048
+  ${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl-key} 2048
  ${openssl-output:openssl} req -new \
    -subj "/C=AA/ST=Denial/L=Nowhere/O=Dis/CN=$${nginx-configuration:ip}" \
-    -key $${nginx-configuration:ssl_key} -out $${nginx-configuration:ssl_csr}
+    -key $${nginx-configuration:ssl-key} -out $${nginx-configuration:ssl-csr}
  ${openssl-output:openssl} x509 -req -days 365 \
-    -in $${nginx-configuration:ssl_csr} \
+    -in $${nginx-configuration:ssl-csr} \
-    -signkey $${nginx-configuration:ssl_key} \
+    -signkey $${nginx-configuration:ssl-key} \
-    -out $${nginx-configuration:ssl_crt}
+    -out $${nginx-configuration:ssl-crt}
 fi
 exec ${nginx-output:nginx} \

--- a/software/jstestnode/template-nginx.cfg.in
+++ b/software/jstestnode/template-nginx.cfg.in
@@ -8,7 +8,7 @@ events {
  # multi_accept on;
 }
-error_log $${nginx-configuration:error_log};
+error_log $${nginx-configuration:error-log};
 http {
@@ -33,8 +33,8 @@ http {
  # Logging Settings
  ##
-  access_log $${nginx-configuration:access_log};
+  access_log $${nginx-configuration:access-log};
-  error_log $${nginx-configuration:error_log};
+  error_log $${nginx-configuration:error-log};
  ##
  # Gzip Settings
@@ -51,11 +51,9 @@ http {
  gzip_types text/html text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
 server {
-  listen [$${nginx-configuration:ip}]:$${nginx-configuration:port};
+  listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
+  ssl_certificate $${nginx-configuration:ssl-crt};
-  # ssl                 on;
+  ssl_certificate_key $${nginx-configuration:ssl-key};
-  # ssl_certificate $${nginx-configuration:ssl_crt};
-  # ssl_certificate_key $${nginx-configuration:ssl_key};
  fastcgi_temp_path  $${directory:varnginx} 1 2;
  uwsgi_temp_path  $${directory:varnginx} 1 2;

--- a/software/jstestnode/test/test.py
+++ b/software/jstestnode/test/test.py
@@ -52,14 +52,14 @@ class TestJSTestNode(InstanceTestCase):
    self.assertEqual(
      {
-        'nginx': 'http://[%s]:9443/' % (self.computer_partition_ipv6_address, )
+        'nginx': 'https://[%s]:9443/' % (self.computer_partition_ipv6_address, )
      },
      connection_dict
    )
    # jio tests
    result = requests.get(
-      '%sjio/test/tests.html' % (connection_dict['nginx'], ), allow_redirects=False)
+      '%sjio/test/tests.html' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
    self.assertEqual(
      [requests.codes.ok, False],
      [result.status_code, result.is_redirect]
@@ -67,7 +67,7 @@ class TestJSTestNode(InstanceTestCase):
    # rjs tests
    result = requests.get(
-      '%srenderjs/test/' % (connection_dict['nginx'], ), allow_redirects=False)
+      '%srenderjs/test/' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
    self.assertEqual(
      [requests.codes.ok, False],
      [result.status_code, result.is_redirect]
@@ -75,7 +75,7 @@ class TestJSTestNode(InstanceTestCase):
    # rsvp tests
    result = requests.get(
-      '%srsvp/test/index.html' % (connection_dict['nginx'], ), allow_redirects=False)
+      '%srsvp/test/index.html' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
    self.assertEqual(
      [requests.codes.ok, False],
      [result.status_code, result.is_redirect]
@@ -83,7 +83,7 @@ class TestJSTestNode(InstanceTestCase):
    # Default access
    result = requests.get(
-      'http://[%s]:9443' % (self.computer_partition_ipv6_address, ), allow_redirects=False)
+      'https://[%s]:9443' % (self.computer_partition_ipv6_address, ), verify=False, allow_redirects=False)
    self.assertEqual(
      [requests.codes.forbidden, False],
      [result.status_code, result.is_redirect]