diff --git a/test/config.sh b/test/config.sh index 8ddab09..5dfd12b 100755 --- a/test/config.sh +++ b/test/config.sh @@ -15,6 +15,7 @@ imageTests+=( certs_single_domain certs_standalone force_renew + acme_accounts container_restart permissions_default permissions_custom diff --git a/test/tests/acme_accounts/expected-std-out.txt b/test/tests/acme_accounts/expected-std-out.txt new file mode 100644 index 0000000..ba2246c --- /dev/null +++ b/test/tests/acme_accounts/expected-std-out.txt @@ -0,0 +1,8 @@ +Started letsencrypt container for test acme_accounts +Started test web server for le1.wtf +Symlink to le1.wtf certificate has been generated. +The link is pointing to the file ./le1.wtf/fullchain.pem +Started letsencrypt container for test acme_accounts_default +Started test web server for le2.wtf +Symlink to le2.wtf certificate has been generated. +The link is pointing to the file ./le2.wtf/fullchain.pem diff --git a/test/tests/acme_accounts/run.sh b/test/tests/acme_accounts/run.sh new file mode 100755 index 0000000..af85ce8 --- /dev/null +++ b/test/tests/acme_accounts/run.sh @@ -0,0 +1,83 @@ +#!/bin/bash + +## Test for ACME accounts handling. + +if [[ -z $TRAVIS ]]; then + le_container_name="$(basename "${0%/*}")_$(date "+%Y-%m-%d_%H.%M.%S")" +else + le_container_name="$(basename "${0%/*}")" +fi +run_le_container "${1:?}" "$le_container_name" + +# Create the $domains array from comma separated domains in TEST_DOMAINS. +IFS=',' read -r -a domains <<< "$TEST_DOMAINS" + +# Cleanup function with EXIT trap +function cleanup { + # Remove any remaining Nginx container(s) silently. + for domain in "${domains[@]}"; do + docker rm --force "$domain" > /dev/null 2>&1 + done + # Cleanup the files created by this run of the test to avoid foiling following test(s). + docker exec "$le_container_name" bash -c 'rm -rf /etc/nginx/certs/le?.wtf* && rm -rf /etc/acme.sh/default/le?.wtf*' + # Stop the LE container + docker stop "$le_container_name" > /dev/null +} +trap cleanup EXIT + +# Run an nginx container for ${domains[0]}. +docker run --rm -d \ + --name "${domains[0]}" \ + -e "VIRTUAL_HOST=${domains[0]}" \ + -e "LETSENCRYPT_HOST=${domains[0]}" \ + --network boulder_bluenet \ + nginx:alpine > /dev/null && echo "Started test web server for ${domains[0]}" + +# Wait for a symlink at /etc/nginx/certs/${domains[0]}.crt +wait_for_symlink "${domains[0]}" "$le_container_name" + +# Test if the expected folder / file / content are there. +json_file="/etc/acme.sh/default/ca/boulder/account.json" +if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/default" ]]; then + echo "The /etc/acme.sh/default folder does not exist." +elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then + echo "The $json_file file does not exist." +elif [[ "$(docker exec "$le_container_name" jq .contact "$json_file")" != '[]' ]]; then + echo "There is an address set on ${json_file}." + docker exec "$le_container_name" jq . "$json_file" +fi + +# Stop the nginx and companion containers silently. +docker stop "${domains[0]}" > /dev/null 2>&1 +docker stop "$le_container_name" > /dev/null 2>&1 + +# Run the companion container with the DEFAULT_EMAIL env var set. +default_email="contact@${domains[1]}" +le_container_name="${le_container_name}_default" +run_le_container "${1:?}" "$le_container_name" "--env DEFAULT_EMAIL=${default_email}" + +# Run an nginx container for ${domains[1]}. +docker run --rm -d \ + --name "${domains[1]}" \ + -e "VIRTUAL_HOST=${domains[1]}" \ + -e "LETSENCRYPT_HOST=${domains[1]}" \ + --network boulder_bluenet \ + nginx:alpine > /dev/null && echo "Started test web server for ${domains[1]}" + +# Wait for a symlink at /etc/nginx/certs/${domains[1]}.crt +wait_for_symlink "${domains[1]}" "$le_container_name" + +# Test if the expected folder / file / content are there. +# We exit in case of error to avoid deleting the companion container. +json_file="/etc/acme.sh/${default_email}/ca/boulder/account.json" +if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$default_email" ]]; then + echo "The /etc/acme.sh/$default_email folder does not exist." +elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then + echo "The $json_file file does not exist." +elif [[ "$(docker exec "$le_container_name" jq -r '.contact|.[0]' "$json_file")" != "mailto:${default_email}" ]]; then + echo "$default_email is not set on ${json_file}." + docker exec "$le_container_name" jq . "$json_file" +fi + +# Stop the nginx container silently. +docker stop "${domains[1]}" > /dev/null 2>&1 diff --git a/test/travis/containers-logs.sh b/test/travis/containers-logs.sh index 1fe7081..ff94851 100755 --- a/test/travis/containers-logs.sh +++ b/test/travis/containers-logs.sh @@ -20,4 +20,9 @@ for container in "${containers[@]}"; do fold_start "$container" "Docker container output for $container" docker logs "$container" fold_end "$container" + if [[ "$container" == "acme_accounts" ]]; then + fold_start "${container}_default" "Docker container output for ${container}_default" + docker logs "${container}_default" + fold_end "${container}_default" + fi done