Commit b5b7360d authored by Jérome Perrin's avatar Jérome Perrin

software/jstestnode: serve test files on https

Now that we have a more modern firefox, it requires secure context for
many things. This fixes `TypeError: crypto.subtle is undefined` test
failures for JIO.
parent 349df3cb
Pipeline #32353 failed with stage
in 0 seconds
......@@ -15,16 +15,16 @@
[instance]
filename = instance.cfg.in
md5sum = 84380fe6c268301a1e1f501e53943f58
md5sum = ad2797e1b83b6b3221f831950075a057
[template-nginx-service]
filename = template-nginx-service.sh.in
md5sum = 458870b70c33a1621b68961ae2372ad5
md5sum = d718fb950862769e57100986cfabb180
[template-nginx-configuration]
filename = template-nginx.cfg.in
md5sum = 98faa5ad8cfb23a11d97a459078a1d05
md5sum = f15c5d9b8c2cf39cb6b2070d8d9d3a92
[template-runTestSuite]
filename = runTestSuite.in
md5sum = 5db53d622bd68fb07e078ddc4403a240
md5sum = 98b7d79eb6af1c4120e3848e9e6fca61
......@@ -10,7 +10,7 @@ offline = true
[publish]
recipe = slapos.cookbook:publish.serialised
nginx = http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/
nginx = https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/
[directory]
recipe = slapos.cookbook:mkdirectory
......@@ -97,13 +97,13 @@ virtual-depends =
recipe = slapos.recipe.template
url = ${template-nginx-configuration:output}
output = $${directory:etc}/nginx.cfg
access_log = $${directory:log}/nginx-access.log
error_log = $${directory:log}/nginx-error.log
access-log = $${directory:log}/nginx-access.log
error-log = $${directory:log}/nginx-error.log
ip = $${instance-parameter:ipv6-random}
port = 9443
ssl_key = $${directory:ssl}/nginx.key
ssl_csr = $${directory:ssl}/nginx.csr
ssl_crt = $${directory:ssl}/nginx.crt
ssl-csr = $${directory:ssl}/nginx.csr
ssl-key = $${directory:ssl}/nginx.key
ssl-crt = $${directory:ssl}/nginx.crt
[nginx-listen-promise]
recipe = slapos.cookbook:check_port_listening
......
......@@ -22,7 +22,7 @@ os.environ['XORG_LOCK_DIR'] = '$${xvfb-instance:lock-dir}'
os.environ['DISPLAY'] = '$${xvfb-instance:display}'
os.environ['FONTCONFIG_FILE'] = '$${fontconfig-conf:output}'
BASE_URL = 'http://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/'
BASE_URL = 'https://[$${nginx-configuration:ip}]:$${nginx-configuration:port}/'
ETC_DIRECTORY = '$${directory:etc}'
def main():
......@@ -91,6 +91,7 @@ def main():
if target == 'firefox':
firefox_capabilities = webdriver.common.desired_capabilities.DesiredCapabilities.FIREFOX
firefox_capabilities['marionette'] = True
firefox_capabilities['acceptInsecureCerts'] = True
browser = webdriver.Firefox(
capabilities=firefox_capabilities,
firefox_binary='${firefox-wrapper:location}',
......
......@@ -2,16 +2,16 @@
# BEWARE: This file is operated by slapos node
# BEWARE: It will be overwritten automatically
if [ ! -e $${nginx-configuration:ssl_crt} ]
if [ ! -e $${nginx-configuration:ssl-crt} ]
then
${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl_key} 2048
${openssl-output:openssl} genrsa -out $${nginx-configuration:ssl-key} 2048
${openssl-output:openssl} req -new \
-subj "/C=AA/ST=Denial/L=Nowhere/O=Dis/CN=$${nginx-configuration:ip}" \
-key $${nginx-configuration:ssl_key} -out $${nginx-configuration:ssl_csr}
-key $${nginx-configuration:ssl-key} -out $${nginx-configuration:ssl-csr}
${openssl-output:openssl} x509 -req -days 365 \
-in $${nginx-configuration:ssl_csr} \
-signkey $${nginx-configuration:ssl_key} \
-out $${nginx-configuration:ssl_crt}
-in $${nginx-configuration:ssl-csr} \
-signkey $${nginx-configuration:ssl-key} \
-out $${nginx-configuration:ssl-crt}
fi
exec ${nginx-output:nginx} \
......
......@@ -8,7 +8,7 @@ events {
# multi_accept on;
}
error_log $${nginx-configuration:error_log};
error_log $${nginx-configuration:error-log};
http {
......@@ -33,8 +33,8 @@ http {
# Logging Settings
##
access_log $${nginx-configuration:access_log};
error_log $${nginx-configuration:error_log};
access_log $${nginx-configuration:access-log};
error_log $${nginx-configuration:error-log};
##
# Gzip Settings
......@@ -51,11 +51,9 @@ http {
gzip_types text/html text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port};
# ssl on;
# ssl_certificate $${nginx-configuration:ssl_crt};
# ssl_certificate_key $${nginx-configuration:ssl_key};
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
ssl_certificate $${nginx-configuration:ssl-crt};
ssl_certificate_key $${nginx-configuration:ssl-key};
fastcgi_temp_path $${directory:varnginx} 1 2;
uwsgi_temp_path $${directory:varnginx} 1 2;
......
......@@ -52,14 +52,14 @@ class TestJSTestNode(InstanceTestCase):
self.assertEqual(
{
'nginx': 'http://[%s]:9443/' % (self.computer_partition_ipv6_address, )
'nginx': 'https://[%s]:9443/' % (self.computer_partition_ipv6_address, )
},
connection_dict
)
# jio tests
result = requests.get(
'%sjio/test/tests.html' % (connection_dict['nginx'], ), allow_redirects=False)
'%sjio/test/tests.html' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
self.assertEqual(
[requests.codes.ok, False],
[result.status_code, result.is_redirect]
......@@ -67,7 +67,7 @@ class TestJSTestNode(InstanceTestCase):
# rjs tests
result = requests.get(
'%srenderjs/test/' % (connection_dict['nginx'], ), allow_redirects=False)
'%srenderjs/test/' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
self.assertEqual(
[requests.codes.ok, False],
[result.status_code, result.is_redirect]
......@@ -75,7 +75,7 @@ class TestJSTestNode(InstanceTestCase):
# rsvp tests
result = requests.get(
'%srsvp/test/index.html' % (connection_dict['nginx'], ), allow_redirects=False)
'%srsvp/test/index.html' % (connection_dict['nginx'], ), verify=False, allow_redirects=False)
self.assertEqual(
[requests.codes.ok, False],
[result.status_code, result.is_redirect]
......@@ -83,7 +83,7 @@ class TestJSTestNode(InstanceTestCase):
# Default access
result = requests.get(
'http://[%s]:9443' % (self.computer_partition_ipv6_address, ), allow_redirects=False)
'https://[%s]:9443' % (self.computer_partition_ipv6_address, ), verify=False, allow_redirects=False)
self.assertEqual(
[requests.codes.forbidden, False],
[result.status_code, result.is_redirect]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment