Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: integrate support of NODE_EXTRA_CA_CERTS
* forwarding externally defined NODE_EXTRA_CA_CERTS * internally using NODE_EXTRA_CA_CERTS Signed-off-by: Peter Schäfer <101886095+PeterSchafer@users.noreply.github.com>
- Loading branch information
1 parent
dd0dd88
commit 792999c
Showing
9 changed files
with
164 additions
and
78 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
import { runSnykCLI } from '../util/runSnykCLI'; | ||
import * as fs from 'fs'; | ||
import * as fsPromises from 'fs/promises'; | ||
import { runCommand } from '../util/runCommand'; | ||
import { fakeServer } from '../../../test/acceptance/fake-server'; | ||
import { isCLIV2 } from '../util/isCLIV2'; | ||
|
||
if (isCLIV2()) { | ||
console.debug("isCLIV2") | ||
} | ||
|
||
jest.setTimeout(1000 * 60 * 1); | ||
describe('Extra CA certificates specified with `NODE_EXTRA_CA_CERTS`', () => { | ||
it('using a not existing file', async () => { | ||
const { code } = await runSnykCLI(`woof --debug`, { | ||
env: { | ||
...process.env, | ||
NODE_EXTRA_CA_CERTS: "doesntexist.crt" | ||
}, | ||
}); | ||
|
||
expect(code).toBe(0); | ||
}); | ||
|
||
it('using an invalid file', async () => { | ||
const filename = "someotherfile.txt" | ||
var writeStream = fs.createWriteStream(filename); | ||
writeStream.write("Hello World"); | ||
writeStream.end(); | ||
|
||
const { code, stdout } = await runSnykCLI(`woof --debug`, { | ||
env: { | ||
...process.env, | ||
NODE_EXTRA_CA_CERTS: filename | ||
}, | ||
}); | ||
|
||
expect(code).toBe(0); | ||
fs.unlink(filename, () => {}) | ||
}); | ||
|
||
it('using an valid cert file', async () => { | ||
// generate certificate | ||
const res = await runCommand("go", ["run", "cmd/make-cert/main.go", "mytestcert"], {cwd: "cliv2", env: {...process.env, SNYK_DNS_NAMES: "localhost"}}) | ||
|
||
console.debug(res.stderr) | ||
expect(res.code).toBe(0) | ||
|
||
// setup https server | ||
const port = 2132; | ||
const token = '1234' | ||
const baseApi = '/api/v1'; | ||
const SNYK_API = 'https://localhost:' + port + baseApi; | ||
var server = fakeServer(baseApi, token) | ||
const certPem = await fsPromises.readFile("cliv2/mytestcert.pem", { encoding: 'utf8' }) | ||
const keyPem = await fsPromises.readFile("cliv2/mytestcert.key", { encoding: 'utf8' }) | ||
await server.listenWithHttps(port, {cert: certPem, key: keyPem}) | ||
|
||
// invoke WITHOUT additional certificate set => fails | ||
const res1 = await runSnykCLI(`test --debug`, { | ||
env: { | ||
...process.env, | ||
SNYK_API: SNYK_API, | ||
SNYK_TOKEN: token, | ||
}, | ||
}); | ||
|
||
// invoke WITH additional certificate set => succeeds | ||
const res2 = await runSnykCLI(`test --debug`, { | ||
env: { | ||
...process.env, | ||
NODE_EXTRA_CA_CERTS: "cliv2/mytestcert.crt", | ||
SNYK_API: SNYK_API, | ||
SNYK_TOKEN: token, | ||
}, | ||
}); | ||
|
||
await server.closePromise() | ||
|
||
expect(res1.code).toBe(2); | ||
expect(res2.code).toBe(0); | ||
fs.unlink("cliv2/mytestcert.crt", () => {}) | ||
fs.unlink("cliv2/mytestcert.key", () => {}) | ||
fs.unlink("cliv2/mytestcert.pem", () => {}) | ||
}); | ||
}); |