From ecda193b43b1b77b4ce4c9e26af84e175554cb4d Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Fri, 27 Sep 2024 14:53:06 +0200 Subject: [PATCH] First attempt at CI --- .github/workflows/test-all.yml | 24 ++++++++++++++++++++++++ Makefile | 2 +- docker-compose.yml | 12 +++++++++++- tests/Makefile | 10 ++++++++++ tests/configCA.conf | 23 +++++++++++++++++++++++ tests/configServer.conf | 20 ++++++++++++++++++++ 6 files changed, 89 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/test-all.yml create mode 100644 tests/Makefile create mode 100644 tests/configCA.conf create mode 100644 tests/configServer.conf diff --git a/.github/workflows/test-all.yml b/.github/workflows/test-all.yml new file mode 100644 index 0000000..479a21c --- /dev/null +++ b/.github/workflows/test-all.yml @@ -0,0 +1,24 @@ +name: Test features + +on: + push: + pull_request: + +jobs: + runner-job: + runs-on: ubuntu-latest + services: + nats: + image: nats + ports: + - "4222:4222" + steps: + - name: Install Luarocks + run: sudo apt-get update && sudo apt-get -y --no-install-recommends install luarocks + - name: Install telescope + run: sudo luarocks install telescope + - uses: actions/checkout@v4 + - name: Install deps + run: make deps + - name: Test Features + run: make test diff --git a/Makefile b/Makefile index 5a4270b..d1415f0 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ test: - tsc -f tests/*.lua + make -C tests certs test test-deps: luarocks install telescope diff --git a/docker-compose.yml b/docker-compose.yml index 09935e8..93293f9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,4 +4,14 @@ services: nats: image: nats ports: - - "4222:4222" \ No newline at end of file + - "4222:4222" + + nats-tls: + image: nats + volumes: + - /tmp/server.pem:/tmp/server.cert + - /tmp/server.key:/tmp/server.key + - /tmp/ca.pem:/tmp/ca.pem + command: "--tlscert /tmp/server.cert --tlskey /tmp/server.key --tlscacert /tmp/ca.pem" + ports: + - "4223:4222" diff --git a/tests/Makefile b/tests/Makefile new file mode 100644 index 0000000..b297dd1 --- /dev/null +++ b/tests/Makefile @@ -0,0 +1,10 @@ +test: + tsc -f *.lua + +certs: + # Generate a new CA + openssl req -new -x509 -days 1 -extensions v3_ca -keyout /tmp/ca.key -out /tmp/ca.pem -nodes -config configCA.conf + # Generate a new server certificate request + openssl req -new -newkey rsa:2048 -nodes -keyout /tmp/server.key -out /tmp/server.csr -config configServer.conf + # Sign the server cert + openssl x509 -req -days 1 -CA /tmp/ca.pem -CAkey /tmp/ca.key -CAcreateserial -in /tmp/server.csr -out /tmp/server.pem -extfile configServer.conf -extensions v3_req diff --git a/tests/configCA.conf b/tests/configCA.conf new file mode 100644 index 0000000..a1e1d77 --- /dev/null +++ b/tests/configCA.conf @@ -0,0 +1,23 @@ +[req] +default_bits = 2048 +encrypt_key = no +x509_extensions = custom_extensions +prompt = no +distinguished_name = distinguished_name + +[v3_ca] +subjectKeyIdentifier = hash +authorityKeyIdentifier = keyid:always,issuer:always +basicConstraints = critical, CA:true + +[distinguished_name] +CN = lua-nats TLS regression tests CA +OU = PowerDNS.com BV +countryName = NL + +[custom_extensions] +basicConstraints = CA:true +keyUsage = cRLSign, keyCertSign + +[CA_default] +copy_extensions = copy diff --git a/tests/configServer.conf b/tests/configServer.conf new file mode 100644 index 0000000..a939a5d --- /dev/null +++ b/tests/configServer.conf @@ -0,0 +1,20 @@ +[req] +default_bits = 2048 +encrypt_key = no +prompt = no +distinguished_name = server_distinguished_name +req_extensions = v3_req + +[server_distinguished_name] +CN = tls.tests.lua-nats.powerdns.com +OU = PowerDNS.com BV +countryName = NL + +[v3_req] +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = @alt_names + +[alt_names] +DNS.1 = tls.tests.lua-nats.powerdns.com +IP.2 = 127.0.0.1