Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

test(e2e): Add test for connect http #5423

Merged
merged 3 commits into from
Jan 9, 2025
Merged

test(e2e): Add test for connect http #5423

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2daa40f
test(e2e): Add comment to test
moduli Jan 7, 2025
b1de6d7
test(e2e): Add test for connect http
moduli Jan 7, 2025
b2f7056
CR
moduli Jan 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions enos/modules/docker_openssh_server/custom-cont-init.d/01-allow-tcp-forwarding
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/usr/bin/with-contenv bash
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: BUSL-1.1

sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/' /config/sshd/sshd_config
4 changes: 4 additions & 0 deletions enos/modules/docker_openssh_server/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,10 @@ resource "docker_container" "openssh_server" {
internal = 2222
external = 2222
}
volumes {
host_path = format("%s/%s", abspath(path.module), "/custom-cont-init.d")
container_path = "/custom-cont-init.d"
}
}

resource "enos_local_exec" "wait" {
Expand Down
97 changes: 97 additions & 0 deletions testing/internal/e2e/tests/base/target_tcp_connect_http_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1

package base_test

import (
"context"
"fmt"
"io"
"os/exec"
"testing"

"github.com/creack/pty"
"github.com/hashicorp/boundary/internal/session"
"github.com/hashicorp/boundary/internal/target"
"github.com/hashicorp/boundary/testing/internal/e2e"
"github.com/hashicorp/boundary/testing/internal/e2e/boundary"
"github.com/stretchr/testify/require"
)

// TestCliTcpTargetConnectHttp validates the usage of "boundary connect http".
// This is done by first connecting to an SSH target, starting a webserver on
// that target, and then creating another target that connects to the webserver
func TestCliTcpTargetConnectHttp(t *testing.T) {
e2e.MaybeSkipTest(t)
c, err := loadTestConfig()
require.NoError(t, err)

ctx := context.Background()
boundary.AuthenticateAdminCli(t, ctx)
orgId, err := boundary.CreateOrgCli(t, ctx)
require.NoError(t, err)
t.Cleanup(func() {
output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("scopes", "delete", "-id", orgId))
require.NoError(t, output.Err, string(output.Stderr))
})
projectId, err := boundary.CreateProjectCli(t, ctx, orgId)
require.NoError(t, err)
targetId, err := boundary.CreateTargetCli(t, ctx, projectId, c.TargetPort, target.WithAddress(c.TargetAddress))
require.NoError(t, err)
storeId, err := boundary.CreateCredentialStoreStaticCli(t, ctx, projectId)
require.NoError(t, err)
credentialId, err := boundary.CreateStaticCredentialPrivateKeyCli(t, ctx, storeId, c.TargetSshUser, c.TargetSshKeyPath)
require.NoError(t, err)
err = boundary.AddBrokeredCredentialSourceToTargetCli(t, ctx, targetId, credentialId)
require.NoError(t, err)

// Connect to a target and enable port forwarding
localPort := "8080"
destPort := "8000"
var cmd *exec.Cmd
cmd = exec.CommandContext(ctx,
"boundary",
"connect", "ssh",
"-target-id", targetId, "--",
"-o", "UserKnownHostsFile=/dev/null",
"-o", "StrictHostKeyChecking=no",
"-L", fmt.Sprintf("%s:localhost:%s", localPort, destPort),
)
f, err := pty.Start(cmd)
require.NoError(t, err)
t.Cleanup(func() {
err := f.Close()
require.NoError(t, err)
})

t.Log("Starting a webserver on the target...")
htmlPage := `HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: netcat-can-you-believe-it

<html>Hello World!</html>
`
go func() {
_, err = f.Write([]byte(fmt.Sprintf("echo '%s' > somepage.html\n", htmlPage)))
require.NoError(t, err)
_, err = f.Write([]byte(fmt.Sprintf("while true; do nc -l -p %s -q 1 < somepage.html; done\n", destPort)))
require.NoError(t, err)
_, _ = io.Copy(io.Discard, f) // Not checking error here since it will return an error on session close
}()

s := boundary.WaitForSessionCli(t, ctx, projectId)
boundary.WaitForSessionStatusCli(t, ctx, s.Id, session.StatusActive.String())

// Create http target and connect to it
httpTargetId, err := boundary.CreateTargetCli(t, ctx, projectId, destPort, target.WithAddress(c.TargetAddress))
require.NoError(t, err)
output := e2e.RunCommand(ctx, "boundary",
e2e.WithArgs(
"connect", "http",
"-target-id", httpTargetId,
"-scheme", "http",
),
)
require.NoError(t, output.Err, string(output.Stderr))
require.Contains(t, string(output.Stdout), "<html>Hello World!</html>")
}
2 changes: 2 additions & 0 deletions testing/internal/e2e/tests/base_with_vault/auth_method_oidc_vault_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ import (
"github.com/stretchr/testify/require"
)

// TestAuthMethodOidcVault validates the creation and usage of an OIDC auth
// method. This test uses Vault as the OIDC provider.
func TestAuthMethodOidcVault(t *testing.T) {
e2e.MaybeSkipTest(t)
c, err := loadTestConfig()
Expand Down
Loading