Commit 9bf0016e authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Łukasz Nowak

component/caddy: Upgrade to v1.0.0

This also means that caddy source is fetched directly from upstream, as all
required fixes has been incorporated into the upstream.

Drop direct usage of gowork for now, in order to have caddy built using go
module, support for gowork with go modules might come later.

Follow new way of certificate managament in Caddy 1 as noted
https://github.com/mholt/caddy/issues/2588#issuecomment-505367152
parent a97315ac
[buildout]
extends =
../../component/golang/buildout.cfg
gowork.cfg
parts =
gowork
caddy
[gowork]
# Caddy 1.x+ uses go modules, for which gowork does not work yet
golang = ${golang1.12:location}
install =
github.com/mholt/caddy
[gowork.goinstall]
command = :
depends =
${caddy:recipe}
[caddy]
recipe = slapos.recipe.cmmi
path = ${go_github.com_mholt_caddy:location}
go = ${gowork:golang}/bin/go
configure-command = :
make-targets =
make-binary = cd ${:path}/caddy && ${:go} install -v
environment =
PATH=${pkgconfig:location}/bin:${gowork:golang}/bin:${buildout:bin-directory}:%(PATH)s
GOPATH=${gowork:directory}
# revision and repository can be used to control which caddy version is used
revision = v1.0.0
repository = github.com/mholt/caddy/caddy
recipe = plone.recipe.command
update-command = ${:command}
stop-on-error = True
# GO111MODULE=on enables go modules support
# the chmod is needed as modules are fetched with u-w
command =
. ${gowork:env.sh} &&
cd ${gowork:directory} &&
export GO111MODULE=on &&
go get ${:repository}@${:revision} &&
chmod -R u+w .
output = ${gowork:bin}/caddy
location = ${:output}
# Code generated by gowork-snapshot; DO NOT EDIT.
# list of go git repositories to fetch
[gowork.goinstall]
depends_gitfetch =
${go_github.com_mholt_caddy:recipe}
[go_github.com_mholt_caddy]
<= go-git-package
go.importpath = github.com/mholt/caddy
repository = https://lab.nexedi.com/nexedi/caddy.git
revision = nxd-v0.11.5-4-g9d3151db
......@@ -4782,12 +4782,29 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
@classmethod
def setUpSlaves(cls):
_, cls.slave_key_pem, _, cls.slave_certificate_pem = \
_, cls.ssl_from_slave_key_pem, _, cls.ssl_from_slave_certificate_pem = \
createSelfSignedCertificate(
[
'*.customdomain.example.com',
'*.example.com',
'sslfromslave.example.com',
])
_, cls.ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'sslfromslavekedifaoverrides.example.com',
])
_, cls.type_notebook_ssl_from_slave_key_pem, _, \
cls.type_notebook_ssl_from_slave_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslave.example.com',
])
_, cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem, _, \
cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem = \
createSelfSignedCertificate(
[
'typenotebooksslfromslavekedifaoverrides.example.com',
])
cls.ca = CertificateAuthority(
'TestSlaveSlapOSMasterCertificateCompatibility')
......@@ -4836,13 +4853,13 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'ssl_from_slave': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.ssl_from_slave_certificate_pem,
'ssl_key': cls.ssl_from_slave_key_pem,
},
'ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key': cls.ssl_from_slave_kedifa_overrides_key_pem,
},
'custom_domain_ssl_crt_ssl_key': {
'url': cls.backend_url,
......@@ -4883,8 +4900,8 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'type-notebook-ssl_from_slave': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt': cls.type_notebook_ssl_from_slave_certificate_pem,
'ssl_key': cls.type_notebook_ssl_from_slave_key_pem,
'type': 'notebook',
},
'type-notebook-ssl_from_master_kedifa_overrides': {
......@@ -4893,8 +4910,10 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
},
'type-notebook-ssl_from_slave_kedifa_overrides': {
'url': cls.backend_url,
'ssl_crt': cls.slave_certificate_pem,
'ssl_key': cls.slave_key_pem,
'ssl_crt':
cls.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
'ssl_key':
cls.type_notebook_ssl_from_slave_kedifa_overrides_key_pem,
'type': 'notebook',
}
}
......@@ -5079,7 +5098,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.slave_certificate_pem,
self.ssl_from_slave_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5111,7 +5130,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.slave_certificate_pem,
self.ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5256,7 +5275,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
self.type_notebook_ssl_from_slave_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......@@ -5288,7 +5307,7 @@ class TestSlaveSlapOSMasterCertificateCompatibility(
HTTPS_PORT)
self.assertEqual(
self.slave_certificate_pem,
self.type_notebook_ssl_from_slave_kedifa_overrides_certificate_pem,
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment