forked from UKHomeOffice/docker-nginx-proxy
-
Notifications
You must be signed in to change notification settings - Fork 3
149 lines (111 loc) · 5.38 KB
/
run-tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Build and Test Nginx Proxy Docker Image
on:
pull_request:
workflow_call:
jobs:
detect-secrets:
runs-on: ubuntu-latest
steps:
- name: Git checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
- name: Detect secrets
uses: alphagov/pay-ci/actions/detect-secrets@master
test:
name: Build & Test Pay Nginx Proxy
runs-on: ubuntu-latest
# Runs locally in about 4.5 minutes - if it takes longer than this, something has gone wrong.
timeout-minutes: 10
defaults:
run:
shell: bash
working-directory: tests
steps:
- name: Checkout Repo
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
fetch-depth: '1'
- name: Run Shell Check on go.sh
working-directory: ./
run: docker run --rm -v "${GITHUB_WORKSPACE}:/mnt" koalaman/shellcheck:stable@sha256:ec26f2ad1492bf4343a7f82227fec67a19e4729b5ad02f6a2fe1a2b44cc037ff -x go.sh
- name: Build Docker Compose Testing Stack
run: docker-compose build
- name: Test Minimal Server
run: |
docker-compose up -d test-minimal
until docker inspect tests_test-minimal_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Testing Minimal Server..."
curl --fail -sk -o /dev/null "https://localhost:10443"
echo "Check the log output"
docker-compose logs test-minimal | grep -E '\{[^:]+:'10443' [0-9a-f]+ - [0-9.]+ - \[[0-9]+/[A-Z][a-z][a-z]/[0-9:]{13} \+[0-9]{4}\] "GET / HTTP/1\.1" [0-9]{3} [0-9]+ [0-9]+\.[0-9]{3} - "-" "[^"]+"\}'
echo "Test limited protcol and SSL cipher... "
docker-compose run --rm --entrypoint bash nginx -c "echo GET / | /usr/bin/openssl s_client -cipher 'AES256+EECDH' -tls1_2 -connect test-minimal:10443" &> /dev/null;
docker-compose stop test-minimal
- name: Test GZip Config
run: |
docker-compose up -d test-gzip
until docker inspect tests_test-gzip_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test that GZip is configured..."
curl -s -I -X GET -k --compressed https://localhost:10443/gzip | grep -q 'Content-Encoding: gzip'
docker-compose stop test-gzip
- name: Test Multi-Proxy Config
run: |
docker-compose up -d --force-recreate test-multi-proxy
until docker inspect tests_test-multi-proxy_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for location 1 @ /..."
curl --fail -sk -o /dev/null https://localhost:10443/
docker-compose logs mockserver-1 | grep -E '(Matched on All OK)'
echo "Test for location 2 @ /path/to/resource"
curl --fail -sk -o /dev/null https://localhost:10443/path/to/resource
docker-compose logs mockserver-2 | grep -E '(Matched on All OK with path)'
docker-compose stop test-multi-proxy
- name: Test Multi-Location, Single Proxy and NAXSI Config
run: |
docker-compose up -d test-multi-location-naxsi
until docker inspect tests_test-multi-location-naxsi_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl --fail -sk -o /dev/null -H "Host: selfservice.payments.service.gov.uk" https://localhost:10443/
docker-compose stop test-multi-location-naxsi
- name: Test Custom Upload Size Config
run: |
docker-compose up -d test-custom-upload
until docker inspect tests_test-custom-upload_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Generate a random test file..."
dd if=/dev/urandom of=/tmp/bigfile.txt bs=1048576 count=10
echo "Upload the large test file..."
curl -sk -o /tmp/upload_test.txt -F "file=@/tmp/bigfile.txt;filename=nameinpost" https://localhost:10443/uploads/doc
echo "Grepping the response..."
grep "Thanks for the big doc" /tmp/upload_test.txt &> /dev/null
docker-compose stop test-custom-upload
- name: Test Static File Cache Setting
run: |
docker-compose up -d test-static-cache
until docker inspect tests_test-static-cache_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl -s -I -X GET -k --compressed https://localhost:10443/file.json | grep -q 'Cache-Control: max-age=3600'
docker-compose stop test-static-cache
- name: Test Big Buffers Setting
run: |
docker-compose up -d test-big-buffers
until docker inspect tests_test-big-buffers_1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl -s -I -X GET -k --compressed https://localhost:10443/gzip | grep -q 'Content-Encoding: gzip'
docker-compose stop test-big-buffers
- name: Shutdown Docker Compose Stack (Local Only)
if: ${{ env.ACT }}
run: docker-compose down
check-docker-base-images-are-manifests:
uses: alphagov/pay-ci/.github/workflows/_validate_docker_image_is_manifest.yml@master