kopia lustrzana https://github.com/simonw/datasette
Move HTTPS test to a bash script
See https://github.com/simonw/datasette/issues/1955#issuecomment-1356627931pull/1965/head
rodzic
8b73fc6b47
commit
d1d369456a
|
@ -180,41 +180,6 @@ def ds_localhost_http_server():
|
|||
ds_proc.terminate()
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def ds_localhost_https_server(tmp_path_factory):
|
||||
cert_directory = tmp_path_factory.mktemp("certs")
|
||||
ca = trustme.CA()
|
||||
server_cert = ca.issue_cert("localhost")
|
||||
keyfile = str(cert_directory / "server.key")
|
||||
certfile = str(cert_directory / "server.pem")
|
||||
client_cert = str(cert_directory / "client.pem")
|
||||
server_cert.private_key_pem.write_to_path(path=keyfile)
|
||||
for blob in server_cert.cert_chain_pems:
|
||||
blob.write_to_path(path=certfile, append=True)
|
||||
ca.cert_pem.write_to_path(path=client_cert)
|
||||
ds_proc = subprocess.Popen(
|
||||
[
|
||||
"datasette",
|
||||
"--memory",
|
||||
"-p",
|
||||
"8042",
|
||||
"--ssl-keyfile",
|
||||
keyfile,
|
||||
"--ssl-certfile",
|
||||
certfile,
|
||||
],
|
||||
stdout=subprocess.PIPE,
|
||||
stderr=subprocess.STDOUT,
|
||||
cwd=tempfile.gettempdir(),
|
||||
)
|
||||
wait_until_responds("http://localhost:8042/", verify=client_cert)
|
||||
# Check it started successfully
|
||||
assert not ds_proc.poll(), ds_proc.stdout.read().decode("utf-8")
|
||||
yield ds_proc, client_cert
|
||||
# Shut it down at the end of the pytest session
|
||||
ds_proc.terminate()
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def ds_unix_domain_socket_server(tmp_path_factory):
|
||||
# This used to use tmp_path_factory.mktemp("uds") but that turned out to
|
||||
|
|
|
@ -13,17 +13,6 @@ def test_serve_localhost_http(ds_localhost_http_server):
|
|||
}.items() <= response.json().items()
|
||||
|
||||
|
||||
@pytest.mark.serial
|
||||
def test_serve_localhost_https(ds_localhost_https_server):
|
||||
_, client_cert = ds_localhost_https_server
|
||||
response = httpx.get("https://localhost:8042/_memory.json", verify=client_cert)
|
||||
assert {
|
||||
"database": "_memory",
|
||||
"path": "/_memory",
|
||||
"tables": [],
|
||||
}.items() <= response.json().items()
|
||||
|
||||
|
||||
@pytest.mark.serial
|
||||
@pytest.mark.skipif(
|
||||
not hasattr(socket, "AF_UNIX"), reason="Requires socket.AF_UNIX support"
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Generate certificates
|
||||
python -m trustme
|
||||
# This creates server.pem, server.key, client.pem
|
||||
|
||||
# Start the server in the background
|
||||
datasette --memory \
|
||||
--ssl-keyfile=server.key \
|
||||
--ssl-certfile=server.pem \
|
||||
-p 8152 &
|
||||
|
||||
# Store the background process ID in a variable
|
||||
server_pid=$!
|
||||
|
||||
# Wait for the server to start
|
||||
sleep 2
|
||||
|
||||
# Make a test request using curl
|
||||
curl -f --cacert client.pem 'https://localhost:8152/_memory.json'
|
||||
|
||||
# Save curl's exit code (-f option causes it to return one on HTTP errors)
|
||||
curl_exit_code=$?
|
||||
|
||||
# Shut down the server
|
||||
kill $server_pid
|
||||
sleep 1
|
||||
|
||||
# Clean up the certificates
|
||||
rm server.pem server.key client.pem
|
||||
|
||||
echo $curl_exit_code
|
||||
exit $curl_exit_code
|
Ładowanie…
Reference in New Issue