cloudflare/cloudflared
Publicmirrored from https://github.com/cloudflare/cloudflaredAvailable
config/configuration_test.go
219lines · modecode
| 1 | package config |
| 2 | |
| 3 | import ( |
| 4 | "encoding/json" |
| 5 | "testing" |
| 6 | "time" |
| 7 | |
| 8 | "github.com/stretchr/testify/assert" |
| 9 | "github.com/stretchr/testify/require" |
| 10 | yaml "gopkg.in/yaml.v3" |
| 11 | ) |
| 12 | |
| 13 | func TestConfigFileSettings(t *testing.T) { |
| 14 | var ( |
| 15 | firstIngress = UnvalidatedIngressRule{ |
| 16 | Hostname: "tunnel1.example.com", |
| 17 | Path: "/id", |
| 18 | Service: "https://localhost:8000", |
| 19 | } |
| 20 | secondIngress = UnvalidatedIngressRule{ |
| 21 | Hostname: "*", |
| 22 | Path: "", |
| 23 | Service: "https://localhost:8001", |
| 24 | } |
| 25 | warpRouting = WarpRoutingConfig{ |
| 26 | ConnectTimeout: &CustomDuration{Duration: 2 * time.Second}, |
| 27 | TCPKeepAlive: &CustomDuration{Duration: 10 * time.Second}, |
| 28 | } |
| 29 | ) |
| 30 | rawYAML := ` |
| 31 | tunnel: config-file-test |
| 32 | originRequest: |
| 33 | ipRules: |
| 34 | - prefix: "10.0.0.0/8" |
| 35 | ports: |
| 36 | - 80 |
| 37 | - 8080 |
| 38 | allow: false |
| 39 | - prefix: "fc00::/7" |
| 40 | ports: |
| 41 | - 443 |
| 42 | - 4443 |
| 43 | allow: true |
| 44 | ingress: |
| 45 | - hostname: tunnel1.example.com |
| 46 | path: /id |
| 47 | service: https://localhost:8000 |
| 48 | - hostname: "*" |
| 49 | service: https://localhost:8001 |
| 50 | warp-routing: |
| 51 | enabled: true |
| 52 | connectTimeout: 2s |
| 53 | tcpKeepAlive: 10s |
| 54 | |
| 55 | retries: 5 |
| 56 | grace-period: 30s |
| 57 | percentage: 3.14 |
| 58 | hostname: example.com |
| 59 | tag: |
| 60 | - test |
| 61 | - central-1 |
| 62 | counters: |
| 63 | - 123 |
| 64 | - 456 |
| 65 | ` |
| 66 | var config configFileSettings |
| 67 | err := yaml.Unmarshal([]byte(rawYAML), &config) |
| 68 | assert.NoError(t, err) |
| 69 | |
| 70 | assert.Equal(t, "config-file-test", config.TunnelID) |
| 71 | assert.Equal(t, firstIngress, config.Ingress[0]) |
| 72 | assert.Equal(t, secondIngress, config.Ingress[1]) |
| 73 | assert.Equal(t, warpRouting, config.WarpRouting) |
| 74 | privateV4 := "10.0.0.0/8" |
| 75 | privateV6 := "fc00::/7" |
| 76 | ipRules := []IngressIPRule{ |
| 77 | { |
| 78 | Prefix: &privateV4, |
| 79 | Ports: []int{80, 8080}, |
| 80 | Allow: false, |
| 81 | }, |
| 82 | { |
| 83 | Prefix: &privateV6, |
| 84 | Ports: []int{443, 4443}, |
| 85 | Allow: true, |
| 86 | }, |
| 87 | } |
| 88 | assert.Equal(t, ipRules, config.OriginRequest.IPRules) |
| 89 | |
| 90 | retries, err := config.Int("retries") |
| 91 | assert.NoError(t, err) |
| 92 | assert.Equal(t, 5, retries) |
| 93 | |
| 94 | gracePeriod, err := config.Duration("grace-period") |
| 95 | assert.NoError(t, err) |
| 96 | assert.Equal(t, time.Second*30, gracePeriod) |
| 97 | |
| 98 | percentage, err := config.Float64("percentage") |
| 99 | assert.NoError(t, err) |
| 100 | assert.Equal(t, 3.14, percentage) |
| 101 | |
| 102 | hostname, err := config.String("hostname") |
| 103 | assert.NoError(t, err) |
| 104 | assert.Equal(t, "example.com", hostname) |
| 105 | |
| 106 | tags, err := config.StringSlice("tag") |
| 107 | assert.NoError(t, err) |
| 108 | assert.Equal(t, "test", tags[0]) |
| 109 | assert.Equal(t, "central-1", tags[1]) |
| 110 | |
| 111 | counters, err := config.IntSlice("counters") |
| 112 | assert.NoError(t, err) |
| 113 | assert.Equal(t, 123, counters[0]) |
| 114 | assert.Equal(t, 456, counters[1]) |
| 115 | |
| 116 | } |
| 117 | |
| 118 | var rawJsonConfig = []byte(` |
| 119 | { |
| 120 | "connectTimeout": 10, |
| 121 | "tlsTimeout": 30, |
| 122 | "tcpKeepAlive": 30, |
| 123 | "noHappyEyeballs": true, |
| 124 | "keepAliveTimeout": 60, |
| 125 | "keepAliveConnections": 10, |
| 126 | "httpHostHeader": "app.tunnel.com", |
| 127 | "originServerName": "app.tunnel.com", |
| 128 | "caPool": "/etc/capool", |
| 129 | "noTLSVerify": true, |
| 130 | "disableChunkedEncoding": true, |
| 131 | "bastionMode": true, |
| 132 | "proxyAddress": "127.0.0.3", |
| 133 | "proxyPort": 9000, |
| 134 | "proxyType": "socks", |
| 135 | "ipRules": [ |
| 136 | { |
| 137 | "prefix": "10.0.0.0/8", |
| 138 | "ports": [80, 8080], |
| 139 | "allow": false |
| 140 | }, |
| 141 | { |
| 142 | "prefix": "fc00::/7", |
| 143 | "ports": [443, 4443], |
| 144 | "allow": true |
| 145 | } |
| 146 | ], |
| 147 | "http2Origin": true |
| 148 | } |
| 149 | `) |
| 150 | |
| 151 | func TestMarshalUnmarshalOriginRequest(t *testing.T) { |
| 152 | testCases := []struct { |
| 153 | name string |
| 154 | marshalFunc func(in interface{}) (out []byte, err error) |
| 155 | unMarshalFunc func(in []byte, out interface{}) (err error) |
| 156 | }{ |
| 157 | {"json", json.Marshal, json.Unmarshal}, |
| 158 | {"yaml", yaml.Marshal, yaml.Unmarshal}, |
| 159 | } |
| 160 | |
| 161 | for _, tc := range testCases { |
| 162 | t.Run(tc.name, func(t *testing.T) { |
| 163 | assertConfig(t, tc.marshalFunc, tc.unMarshalFunc) |
| 164 | }) |
| 165 | } |
| 166 | } |
| 167 | |
| 168 | func assertConfig( |
| 169 | t *testing.T, |
| 170 | marshalFunc func(in interface{}) (out []byte, err error), |
| 171 | unMarshalFunc func(in []byte, out interface{}) (err error), |
| 172 | ) { |
| 173 | var config OriginRequestConfig |
| 174 | var config2 OriginRequestConfig |
| 175 | |
| 176 | assert.NoError(t, json.Unmarshal(rawJsonConfig, &config)) |
| 177 | |
| 178 | assert.Equal(t, time.Second*10, config.ConnectTimeout.Duration) |
| 179 | assert.Equal(t, time.Second*30, config.TLSTimeout.Duration) |
| 180 | assert.Equal(t, time.Second*30, config.TCPKeepAlive.Duration) |
| 181 | assert.Equal(t, true, *config.NoHappyEyeballs) |
| 182 | assert.Equal(t, time.Second*60, config.KeepAliveTimeout.Duration) |
| 183 | assert.Equal(t, 10, *config.KeepAliveConnections) |
| 184 | assert.Equal(t, "app.tunnel.com", *config.HTTPHostHeader) |
| 185 | assert.Equal(t, "app.tunnel.com", *config.OriginServerName) |
| 186 | assert.Equal(t, "/etc/capool", *config.CAPool) |
| 187 | assert.Equal(t, true, *config.NoTLSVerify) |
| 188 | assert.Equal(t, true, *config.DisableChunkedEncoding) |
| 189 | assert.Equal(t, true, *config.BastionMode) |
| 190 | assert.Equal(t, "127.0.0.3", *config.ProxyAddress) |
| 191 | assert.Equal(t, true, *config.NoTLSVerify) |
| 192 | assert.Equal(t, uint(9000), *config.ProxyPort) |
| 193 | assert.Equal(t, "socks", *config.ProxyType) |
| 194 | assert.Equal(t, true, *config.Http2Origin) |
| 195 | |
| 196 | privateV4 := "10.0.0.0/8" |
| 197 | privateV6 := "fc00::/7" |
| 198 | ipRules := []IngressIPRule{ |
| 199 | { |
| 200 | Prefix: &privateV4, |
| 201 | Ports: []int{80, 8080}, |
| 202 | Allow: false, |
| 203 | }, |
| 204 | { |
| 205 | Prefix: &privateV6, |
| 206 | Ports: []int{443, 4443}, |
| 207 | Allow: true, |
| 208 | }, |
| 209 | } |
| 210 | assert.Equal(t, ipRules, config.IPRules) |
| 211 | |
| 212 | // validate that serializing and deserializing again matches the deserialization from raw string |
| 213 | result, err := marshalFunc(config) |
| 214 | require.NoError(t, err) |
| 215 | err = unMarshalFunc(result, &config2) |
| 216 | require.NoError(t, err) |
| 217 | |
| 218 | require.Equal(t, config2, config) |
| 219 | } |
| 220 | |