forked from UKHomeOffice/docker-nginx-proxy
-
Notifications
You must be signed in to change notification settings - Fork 3
149 lines (111 loc) · 5.38 KB
/
run-tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Build and Test Nginx Proxy Docker Image
on:
pull_request:
workflow_call:
jobs:
detect-secrets:
runs-on: ubuntu-latest
steps:
- name: Git checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
- name: Detect secrets
uses: alphagov/pay-ci/actions/detect-secrets@master
test:
name: Build & Test Pay Nginx Proxy
runs-on: ubuntu-latest
# Runs locally in about 4.5 minutes - if it takes longer than this, something has gone wrong.
timeout-minutes: 10
defaults:
run:
shell: bash
working-directory: tests
steps:
- name: Checkout Repo
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
fetch-depth: '1'
- name: Run Shell Check on go.sh
working-directory: ./
run: docker run --rm -v "${GITHUB_WORKSPACE}:/mnt" koalaman/shellcheck:stable@sha256:ec26f2ad1492bf4343a7f82227fec67a19e4729b5ad02f6a2fe1a2b44cc037ff -x go.sh
- name: Build Docker Compose Testing Stack
run: docker compose build
- name: Test Minimal Server
run: |
docker compose up -d test-minimal
until docker inspect tests-test-minimal-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Testing Minimal Server..."
curl --fail -sk -o /dev/null "https://localhost:10443"
echo "Check the log output"
docker compose logs test-minimal | grep -E '[^:]+:'10443' [0-9a-f]+ - [0-9.]+ - \[[0-9]+/[A-Z][a-z][a-z]/[0-9:]{13} \+[0-9]{4}\] "GET / HTTP/1\.1" [0-9]{3} [0-9]+ [0-9]+\.[0-9]{3} - "-" "[^"]+"'
echo "Test limited protcol and SSL cipher... "
docker compose run --rm --entrypoint bash nginx -c "echo GET / | /usr/bin/openssl s_client -cipher 'AES256+EECDH' -tls1_2 -connect test-minimal:10443" &> /dev/null;
docker compose stop test-minimal
- name: Test GZip Config
run: |
docker compose up -d test-gzip
until docker inspect tests-test-gzip-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test that GZip is configured..."
curl -s -I -X GET -k --compressed https://localhost:10443/gzip | grep -q 'Content-Encoding: gzip'
docker compose stop test-gzip
- name: Test Multi-Proxy Config
run: |
docker compose up -d --force-recreate test-multi-proxy
until docker inspect tests-test-multi-proxy-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for location 1 @ /..."
curl --fail -sk -o /dev/null https://localhost:10443/
docker compose logs mockserver-1 | grep -E '(Matched on All OK)'
echo "Test for location 2 @ /path/to/resource"
curl --fail -sk -o /dev/null https://localhost:10443/path/to/resource
docker compose logs mockserver-2 | grep -E '(Matched on All OK with path)'
docker compose stop test-multi-proxy
- name: Test Multi-Location, Single Proxy and NAXSI Config
run: |
docker compose up -d test-multi-location-naxsi
until docker inspect tests-test-multi-location-naxsi-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl --fail -sk -o /dev/null -H "Host: selfservice.payments.service.gov.uk" https://localhost:10443/
docker compose stop test-multi-location-naxsi
- name: Test Custom Upload Size Config
run: |
docker compose up -d test-custom-upload
until docker inspect tests-test-custom-upload-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Generate a random test file..."
dd if=/dev/urandom of=/tmp/bigfile.txt bs=1048576 count=10
echo "Upload the large test file..."
curl -sk -o /tmp/upload_test.txt -F "file=@/tmp/bigfile.txt;filename=nameinpost" https://localhost:10443/uploads/doc
echo "Grepping the response..."
grep "Thanks for the big doc" /tmp/upload_test.txt &> /dev/null
docker compose stop test-custom-upload
- name: Test Static File Cache Setting
run: |
docker compose up -d test-static-cache
until docker inspect tests-test-static-cache-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl -s -I -X GET -k --compressed https://localhost:10443/file.json | grep -q 'Cache-Control: max-age=3600'
docker compose stop test-static-cache
- name: Test Big Buffers Setting
run: |
docker compose up -d test-big-buffers
until docker inspect tests-test-big-buffers-1 --format='{{.State.Health.Status}}' | grep -q healthy; do
sleep 2
done
echo "Test for all OK..."
curl -s -I -X GET -k --compressed https://localhost:10443/gzip | grep -q 'Content-Encoding: gzip'
docker compose stop test-big-buffers
- name: Shutdown Docker Compose Stack (Local Only)
if: ${{ env.ACT }}
run: docker compose down
check-docker-base-images-are-manifests:
uses: alphagov/pay-ci/.github/workflows/_validate_docker_image_is_manifest.yml@master