kopia lustrzana https://github.com/simonw/datasette
Move HTTPS test to a bash script
See https://github.com/simonw/datasette/issues/1955#issuecomment-1356627931pull/1965/head
rodzic
8b73fc6b47
commit
d1d369456a
|
@ -180,41 +180,6 @@ def ds_localhost_http_server():
|
||||||
ds_proc.terminate()
|
ds_proc.terminate()
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="session")
|
|
||||||
def ds_localhost_https_server(tmp_path_factory):
|
|
||||||
cert_directory = tmp_path_factory.mktemp("certs")
|
|
||||||
ca = trustme.CA()
|
|
||||||
server_cert = ca.issue_cert("localhost")
|
|
||||||
keyfile = str(cert_directory / "server.key")
|
|
||||||
certfile = str(cert_directory / "server.pem")
|
|
||||||
client_cert = str(cert_directory / "client.pem")
|
|
||||||
server_cert.private_key_pem.write_to_path(path=keyfile)
|
|
||||||
for blob in server_cert.cert_chain_pems:
|
|
||||||
blob.write_to_path(path=certfile, append=True)
|
|
||||||
ca.cert_pem.write_to_path(path=client_cert)
|
|
||||||
ds_proc = subprocess.Popen(
|
|
||||||
[
|
|
||||||
"datasette",
|
|
||||||
"--memory",
|
|
||||||
"-p",
|
|
||||||
"8042",
|
|
||||||
"--ssl-keyfile",
|
|
||||||
keyfile,
|
|
||||||
"--ssl-certfile",
|
|
||||||
certfile,
|
|
||||||
],
|
|
||||||
stdout=subprocess.PIPE,
|
|
||||||
stderr=subprocess.STDOUT,
|
|
||||||
cwd=tempfile.gettempdir(),
|
|
||||||
)
|
|
||||||
wait_until_responds("http://localhost:8042/", verify=client_cert)
|
|
||||||
# Check it started successfully
|
|
||||||
assert not ds_proc.poll(), ds_proc.stdout.read().decode("utf-8")
|
|
||||||
yield ds_proc, client_cert
|
|
||||||
# Shut it down at the end of the pytest session
|
|
||||||
ds_proc.terminate()
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope="session")
|
@pytest.fixture(scope="session")
|
||||||
def ds_unix_domain_socket_server(tmp_path_factory):
|
def ds_unix_domain_socket_server(tmp_path_factory):
|
||||||
# This used to use tmp_path_factory.mktemp("uds") but that turned out to
|
# This used to use tmp_path_factory.mktemp("uds") but that turned out to
|
||||||
|
|
|
@ -13,17 +13,6 @@ def test_serve_localhost_http(ds_localhost_http_server):
|
||||||
}.items() <= response.json().items()
|
}.items() <= response.json().items()
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.serial
|
|
||||||
def test_serve_localhost_https(ds_localhost_https_server):
|
|
||||||
_, client_cert = ds_localhost_https_server
|
|
||||||
response = httpx.get("https://localhost:8042/_memory.json", verify=client_cert)
|
|
||||||
assert {
|
|
||||||
"database": "_memory",
|
|
||||||
"path": "/_memory",
|
|
||||||
"tables": [],
|
|
||||||
}.items() <= response.json().items()
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.serial
|
@pytest.mark.serial
|
||||||
@pytest.mark.skipif(
|
@pytest.mark.skipif(
|
||||||
not hasattr(socket, "AF_UNIX"), reason="Requires socket.AF_UNIX support"
|
not hasattr(socket, "AF_UNIX"), reason="Requires socket.AF_UNIX support"
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Generate certificates
|
||||||
|
python -m trustme
|
||||||
|
# This creates server.pem, server.key, client.pem
|
||||||
|
|
||||||
|
# Start the server in the background
|
||||||
|
datasette --memory \
|
||||||
|
--ssl-keyfile=server.key \
|
||||||
|
--ssl-certfile=server.pem \
|
||||||
|
-p 8152 &
|
||||||
|
|
||||||
|
# Store the background process ID in a variable
|
||||||
|
server_pid=$!
|
||||||
|
|
||||||
|
# Wait for the server to start
|
||||||
|
sleep 2
|
||||||
|
|
||||||
|
# Make a test request using curl
|
||||||
|
curl -f --cacert client.pem 'https://localhost:8152/_memory.json'
|
||||||
|
|
||||||
|
# Save curl's exit code (-f option causes it to return one on HTTP errors)
|
||||||
|
curl_exit_code=$?
|
||||||
|
|
||||||
|
# Shut down the server
|
||||||
|
kill $server_pid
|
||||||
|
sleep 1
|
||||||
|
|
||||||
|
# Clean up the certificates
|
||||||
|
rm server.pem server.key client.pem
|
||||||
|
|
||||||
|
echo $curl_exit_code
|
||||||
|
exit $curl_exit_code
|
Ładowanie…
Reference in New Issue