test: start proxy server before suite and shutdown at end of suite

author: mo khan <mo.khan@gmail.com> 2020-09-10 16:19:12 -0600
committer: mo khan <mo.khan@gmail.com> 2020-09-10 16:19:12 -0600
commit: 6a56e4ff0047921f5afc4e106659e2bae1411da4 (patch)
tree: 905cd6a9aefba50769185d96e20578860a6a8e57 /spec
parent: 60e0be6501010961a8e6ac3248d2b0c976e75cda (diff)
14 files changed, 73 insertions, 67 deletions
diff --git a/spec/integration/dotnet/nuget_spec.rb b/spec/integration/dotnet/nuget_spec.rb
index fb8cb91..849011e 100644
--- a/spec/integration/dotnet/nuget_spec.rb
+++ b/spec/integration/dotnet/nuget_spec.rb
@@ -206,7 +206,7 @@ RSpec.describe "nuget" do
     end
 
     context "when the CA certificate is provided" do
-      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read } }
+      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read } }
 
       specify do
         expect(subject).to match_schema
diff --git a/spec/integration/go/modules_spec.rb b/spec/integration/go/modules_spec.rb
index 788e264..fb70db6 100644
--- a/spec/integration/go/modules_spec.rb
+++ b/spec/integration/go/modules_spec.rb
@@ -113,7 +113,7 @@ RSpec.describe "modules" do
     context "when the CA certificate is provided" do
       let(:env) do
         {
-          'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
+          'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read,
           'GOPROXY' => 'https://goproxy.test'
         }
       end
diff --git a/spec/integration/java/gradle_spec.rb b/spec/integration/java/gradle_spec.rb
index 48a602f..e6fbc1d 100644
--- a/spec/integration/java/gradle_spec.rb
+++ b/spec/integration/java/gradle_spec.rb
@@ -54,7 +54,7 @@ plugins {
   context 'when scanning a project that needs to connect to multiple TLS endpoints with different custom certificate chains' do
     subject do
       runner.scan(env: {
-        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
+        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read,
         'PRIVATE_MAVEN_HOST' => 'maven.test'
       })
     end
diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb
index 4061b65..b112fd2 100644
--- a/spec/integration/java/maven_spec.rb
+++ b/spec/integration/java/maven_spec.rb
@@ -91,7 +91,7 @@ RSpec.describe "maven" do
   end
 
   context "when connecting to a custom package registry with a self signed certificate" do
-    let(:report) { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+    let(:report) { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read }) }
 
     before do
       runner.add_file('pom.xml') do
diff --git a/spec/integration/js/bower_spec.rb b/spec/integration/js/bower_spec.rb
index 95617d6..720bdf8 100644
--- a/spec/integration/js/bower_spec.rb
+++ b/spec/integration/js/bower_spec.rb
@@ -27,7 +27,7 @@ RSpec.describe "bower" do
   end
 
   context "when scanning a bower project with a dependency from a custom npm registry" do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read }) }
 
     before do
       runner.add_file(".npmrc", "registry = https://npm.test")
diff --git a/spec/integration/js/npm_spec.rb b/spec/integration/js/npm_spec.rb
index bd74fd7..b61aa0f 100644
--- a/spec/integration/js/npm_spec.rb
+++ b/spec/integration/js/npm_spec.rb
@@ -470,7 +470,7 @@ RSpec.describe "npm" do
   end
 
   context "when scanning a project with dependencies sourced from a custom registry" do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read }) }
 
     let(:private_npm_host) { 'npm.test' }
 
diff --git a/spec/integration/js/yarn_spec.rb b/spec/integration/js/yarn_spec.rb
index 8fcda9c..9f0ff56 100644
--- a/spec/integration/js/yarn_spec.rb
+++ b/spec/integration/js/yarn_spec.rb
@@ -153,7 +153,7 @@ RSpec.describe "yarn" do
   end
 
   context "when scanning a project with dependencies sourced from a custom registry" do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read }) }
 
     let(:private_npm_host) { 'npm.test' }
 
diff --git a/spec/integration/php/composer_spec.rb b/spec/integration/php/composer_spec.rb
index 383bc94..685e5ad 100644
--- a/spec/integration/php/composer_spec.rb
+++ b/spec/integration/php/composer_spec.rb
@@ -105,7 +105,7 @@ RSpec.describe "composer" do
     end
 
     context "when the CA certificate is provided" do
-      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read } }
+      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read } }
 
       specify do
         expect(subject).to match_schema
diff --git a/spec/integration/python/pip_spec.rb b/spec/integration/python/pip_spec.rb
index b2e55b2..856d463 100644
--- a/spec/integration/python/pip_spec.rb
+++ b/spec/integration/python/pip_spec.rb
@@ -182,7 +182,7 @@ RSpec.describe "pip" do
 
     it 'downloads the packages and trusts the certificate' do
       report = runner.scan(env: {
-        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
+        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read,
         'PIP_INDEX_URL' => index_url
       })
 
diff --git a/spec/integration/python/pipenv_spec.rb b/spec/integration/python/pipenv_spec.rb
index 74e1c6e..b7847fd 100644
--- a/spec/integration/python/pipenv_spec.rb
+++ b/spec/integration/python/pipenv_spec.rb
@@ -213,7 +213,7 @@ RSpec.describe "pipenv" do
     let(:index_url) { "https://pypi.test/simple" }
     let(:env) do
       {
-        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
+        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read,
         'PIP_INDEX_URL' => index_url
       }
     end
diff --git a/spec/integration/ruby/bundler_spec.rb b/spec/integration/ruby/bundler_spec.rb
index 5020d3f..953aec9 100644
--- a/spec/integration/ruby/bundler_spec.rb
+++ b/spec/integration/ruby/bundler_spec.rb
@@ -101,7 +101,7 @@ RSpec.describe "bundler" do
     context "when the CA certificate is provided" do
       let(:env) do
         {
-          'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
+          'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read,
           'LOG_LEVEL' => 'debug'
         }
       end
diff --git a/spec/integration/rust/cargo_spec.rb b/spec/integration/rust/cargo_spec.rb
index cdb4834..c8794f8 100644
--- a/spec/integration/rust/cargo_spec.rb
+++ b/spec/integration/rust/cargo_spec.rb
@@ -33,7 +33,7 @@ RSpec.describe "cargo" do
     end
 
     context "when the CA certificate is provided" do
-      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read } }
+      let(:env) { { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate.read } }
 
       specify do
         expect(subject).to match_schema
diff --git a/spec/support/proxy_helper.rb b/spec/support/proxy_helper.rb
index 8238167..1f4cd4f 100644
--- a/spec/support/proxy_helper.rb
+++ b/spec/support/proxy_helper.rb
@@ -1,67 +1,21 @@
 # frozen_string_literal: true
+require 'support/proxy_server'
 
 module ProxyHelper
-  DOMAINS = [
-    'composer.test',
-    'goproxy.test',
-    'maven.test',
-    'npm.test',
-    'nuget.test',
-    'pypi.test',
-    'rubygems.test'
-  ].freeze
-
-  def x509_certificate(host)
-    License::Management.root.join("tmp/#{host}.crt")
-  end
-
-  def generate_self_signed_certificate_for(host)
-    Dir.chdir License::Management.root.join('tmp') do
-      subject_alternative_names = DOMAINS.map { |x| "DNS:#{x}" }.join(',')
-      system([
-        "rm -f #{host}.*",
-        "/usr/bin/openssl req -x509 -newkey rsa:4096 -keyout #{host}.key -out #{host}.crt -days 999 -nodes -subj '/C=/ST=/L=/O=/OU=/CN=*.test' -addext 'subjectAltName=#{subject_alternative_names}'",
-        "cat #{host}.* > #{host}.pem"
-      ].join("&&"))
-    end
-  end
-
-  def start_proxy_server
-    @proxy_server_pid ||=
-      begin
-        DOMAINS.each { |domain| add_host(domain, '127.0.0.1') }
-        generate_self_signed_certificate_for('wildcard.test')
-        spawn("/usr/sbin/haproxy -f #{fixture_file('haproxy.cfg')}")
-      end
-  end
-
-  def add_host(name, ip)
-    return if system("grep #{name} /etc/hosts")
-
-    system("echo '#{ip} #{name}' >> /etc/hosts")
-  end
-
-  def stop_proxy_server
-    return if !defined?(@proxy_server_pid) || @proxy_server_pid.nil?
-
-    Process.kill("TERM", @proxy_server_pid)
-    Process.wait(@proxy_server_pid)
-    @proxy_server_pid = nil
+  def x509_certificate
+    License::Management.root.join("tmp/wildcard.test.crt")
   end
 end
 
 RSpec.configure do |config|
   config.include(ProxyHelper, type: :integration)
-  config.before(:example, type: :integration) do
-    start_proxy_server
+  config.before(:suite) do
+    pid = ProxyServer.instance.start
+    puts "START PROXY SERVER (#{pid})"
   end
 
-  config.after(:example, type: :integration) do
-    stop_proxy_server
-    system("rm -f /usr/local/share/ca-certificates/custom.*")
-    system("rm -f /usr/lib/ssl/certs/custom.*")
-    system("update-ca-certificates -v")
-    system("c_rehash -v")
-    system("/opt/asdf/installs/mono/6.8.0.123/bin/cert-sync /etc/ssl/certs/ca-certificates.crt")
+  config.after(:suite) do
+    puts "STOP PROXY SERVER (#{ProxyServer.instance.pid})"
+    ProxyServer.instance.stop
   end
 end
diff --git a/spec/support/proxy_server.rb b/spec/support/proxy_server.rb
new file mode 100644
index 0000000..721921a
--- /dev/null
+++ b/spec/support/proxy_server.rb
@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+class ProxyServer
+  DOMAINS = [
+    'composer.test',
+    'goproxy.test',
+    'maven.test',
+    'npm.test',
+    'nuget.test',
+    'pypi.test',
+    'rubygems.test'
+  ].freeze
+
+  include Singleton
+
+  attr_accessor :pid
+
+  def start
+    DOMAINS.each { |domain| add_host(domain, '127.0.0.1') }
+    Dir.chdir License::Management.root.join('tmp') do
+      host = 'wildcard.test'
+      subject_alternative_names = DOMAINS.map { |x| "DNS:#{x}" }.join(',')
+      system([
+        "rm -f #{host}.*",
+        "/usr/bin/openssl req -x509 -newkey rsa:4096 -keyout #{host}.key -out #{host}.crt -days 999 -nodes -subj '/C=/ST=/L=/O=/OU=/CN=*.test' -addext 'subjectAltName=#{subject_alternative_names}'",
+        "cat #{host}.* > #{host}.pem"
+      ].join("&&"))
+    end
+    config_file = License::Management.root.join("spec/fixtures/haproxy.cfg")
+    self.pid = spawn("/usr/sbin/haproxy -f #{config_file}")
+  end
+
+  def stop(pid = self.pid)
+    return unless pid
+
+    Process.kill("TERM", pid)
+    Process.wait(pid)
+    system("rm -f /usr/local/share/ca-certificates/custom.*")
+    system("rm -f /usr/lib/ssl/certs/custom.*")
+    system("update-ca-certificates -v")
+    system("c_rehash -v")
+    system("/opt/asdf/installs/mono/6.8.0.123/bin/cert-sync /etc/ssl/certs/ca-certificates.crt")
+  end
+
+  private
+
+  def add_host(name, ip)
+    return if system("grep #{name} /etc/hosts")
+
+    system("echo '#{ip} #{name}' >> /etc/hosts")
+  end
+end
author	mo khan <mo.khan@gmail.com>	2020-09-10 16:19:12 -0600
committer	mo khan <mo.khan@gmail.com>	2020-09-10 16:19:12 -0600
commit	6a56e4ff0047921f5afc4e106659e2bae1411da4 (patch)
tree	905cd6a9aefba50769185d96e20578860a6a8e57 /spec
parent	60e0be6501010961a8e6ac3248d2b0c976e75cda (diff)