diff --git a/.golangci.yml b/.golangci.yml index 8c73eb833..f8ba2ae24 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -211,7 +211,7 @@ linters: text: Logger is a global variable linters: - gochecknoglobals - - path: e2e/(dnschallenge/|eab/)?[\d\w]+_test.go + - path: e2e/(dnschallenge/|eab/|configuration/)?[\d\w]+_test.go text: load is a global variable linters: - gochecknoglobals diff --git a/e2e/configuration/challenges_test.go b/e2e/configuration/challenges_test.go new file mode 100644 index 000000000..96eb41177 --- /dev/null +++ b/e2e/configuration/challenges_test.go @@ -0,0 +1,33 @@ +package configuration + +import ( + "context" + "os" + "testing" + + "github.com/go-acme/lego/v5/e2e/loader" +) + +const caDirectory = "https://localhost:17000/dir" + +var load = loader.EnvLoader{ + PebbleOptions: &loader.CmdOption{ + HealthCheckURL: caDirectory, + Args: []string{"-strict", "-config", "fixtures/pebble-config-file.json", "-dnsserver", "localhost:8853"}, + Env: []string{"PEBBLE_VA_NOSLEEP=1", "PEBBLE_WFE_NONCEREJECT=20"}, + Dir: "../", + }, + LegoOptions: []string{ + "LEGO_CA_CERTIFICATES=../fixtures/certs/pebble.minica.pem", + "EXEC_PATH=../fixtures/update-dns-config-file.sh", + "EXEC_SEQUENCE_INTERVAL=5", + "LEGO_DEBUG_ACME_HTTP_CLIENT=1", + }, + ChallSrv: &loader.CmdOption{ + Args: []string{"-dnsserver", ":8853", "-http01", ":5019", "-tlsalpn01", ":5018", "-management", ":8855"}, + }, +} + +func TestMain(m *testing.M) { + os.Exit(load.MainTest(context.Background(), m)) +} diff --git a/e2e/configuration/dns_challenge_test.go b/e2e/configuration/dns_challenge_test.go new file mode 100644 index 000000000..51fb9ac22 --- /dev/null +++ b/e2e/configuration/dns_challenge_test.go @@ -0,0 +1,32 @@ +package configuration + +import ( + "path/filepath" + "testing" + + "github.com/go-acme/lego/v5/e2e/loader" +) + +func TestChallengeDNS_Run_simple(t *testing.T) { + loader.CleanLegoFiles(t.Context()) + + err := load.RunLego(t.Context(), + "--config", filepath.Join("fixtures", "lego_dns-simple.yml"), + "--log.level", "debug", + ) + if err != nil { + t.Fatal(err) + } +} + +func TestChallengeDNS_Run_explicit_challenge(t *testing.T) { + loader.CleanLegoFiles(t.Context()) + + err := load.RunLego(t.Context(), + "--config", filepath.Join("fixtures", "lego_dns-explicit.yml"), + "--log.level", "debug", + ) + if err != nil { + t.Fatal(err) + } +} diff --git a/e2e/configuration/fixtures/lego_dns-explicit.yml b/e2e/configuration/fixtures/lego_dns-explicit.yml new file mode 100644 index 000000000..3df1f6e90 --- /dev/null +++ b/e2e/configuration/fixtures/lego_dns-explicit.yml @@ -0,0 +1,20 @@ +challenges: + mychallenge: + dns: + provider: exec + propagation: + wait: 500ms + resolvers: + - :8853 + +certificates: + 'dns.localhost': + challenge: mychallenge + domains: + - dns.localhost + - '*.dns.localhost' + +accounts: + foo: + server: https://localhost:17000/dir + acceptsTermsOfService: true diff --git a/e2e/configuration/fixtures/lego_dns-simple.yml b/e2e/configuration/fixtures/lego_dns-simple.yml new file mode 100644 index 000000000..38fabc257 --- /dev/null +++ b/e2e/configuration/fixtures/lego_dns-simple.yml @@ -0,0 +1,19 @@ +challenges: + mychallenge: + dns: + provider: exec + propagation: + wait: 500ms + resolvers: + - :8853 + +certificates: + 'dns.localhost': + domains: + - dns.localhost + - '*.dns.localhost' + +accounts: + foo: + server: https://localhost:17000/dir + acceptsTermsOfService: true diff --git a/e2e/configuration/fixtures/lego_http-server.yml b/e2e/configuration/fixtures/lego_http-server.yml new file mode 100644 index 000000000..96452d67a --- /dev/null +++ b/e2e/configuration/fixtures/lego_http-server.yml @@ -0,0 +1,19 @@ +servers: + pebble: + url: https://localhost:17000/dir + +challenges: + mychallenge: + http: + address: ":5009" + +certificates: + 'example.localhost': + challenge: mychallenge + domains: + - acme.localhost + +accounts: + foo: + server: pebble + acceptsTermsOfService: true diff --git a/e2e/configuration/fixtures/lego_http-simple.yml b/e2e/configuration/fixtures/lego_http-simple.yml new file mode 100644 index 000000000..e92ee9f02 --- /dev/null +++ b/e2e/configuration/fixtures/lego_http-simple.yml @@ -0,0 +1,15 @@ +challenges: + mychallenge: + http: + address: ":5009" + +certificates: + 'example.localhost': + challenge: mychallenge + domains: + - acme.localhost + +accounts: + foo: + server: https://localhost:17000/dir + acceptsTermsOfService: true diff --git a/e2e/configuration/fixtures/lego_tls-simple.yml b/e2e/configuration/fixtures/lego_tls-simple.yml new file mode 100644 index 000000000..0912d625d --- /dev/null +++ b/e2e/configuration/fixtures/lego_tls-simple.yml @@ -0,0 +1,15 @@ +challenges: + mychallenge: + tls: + address: ":5008" + +certificates: + 'example.localhost': + challenge: mychallenge + domains: + - acme.localhost + +accounts: + foo: + server: https://localhost:17000/dir + acceptsTermsOfService: true diff --git a/e2e/configuration/http_challenge_test.go b/e2e/configuration/http_challenge_test.go new file mode 100644 index 000000000..d66c28eaf --- /dev/null +++ b/e2e/configuration/http_challenge_test.go @@ -0,0 +1,32 @@ +package configuration + +import ( + "path/filepath" + "testing" + + "github.com/go-acme/lego/v5/e2e/loader" +) + +func TestChallengeHTTP_Run_simple(t *testing.T) { + loader.CleanLegoFiles(t.Context()) + + err := load.RunLego(t.Context(), + "--config", filepath.Join("fixtures", "lego_http-simple.yml"), + "--log.level", "debug", + ) + if err != nil { + t.Fatal(err) + } +} + +func TestChallengeHTTP_Run_file_server(t *testing.T) { + loader.CleanLegoFiles(t.Context()) + + err := load.RunLego(t.Context(), + "--config", filepath.Join("fixtures", "lego_http-server.yml"), + "--log.level", "debug", + ) + if err != nil { + t.Fatal(err) + } +} diff --git a/e2e/configuration/tls_challenge_test.go b/e2e/configuration/tls_challenge_test.go new file mode 100644 index 000000000..1644c0ad4 --- /dev/null +++ b/e2e/configuration/tls_challenge_test.go @@ -0,0 +1,20 @@ +package configuration + +import ( + "path/filepath" + "testing" + + "github.com/go-acme/lego/v5/e2e/loader" +) + +func TestChallengeTLS_Run_simple(t *testing.T) { + loader.CleanLegoFiles(t.Context()) + + err := load.RunLego(t.Context(), + "--config", filepath.Join("fixtures", "lego_tls-simple.yml"), + "--log.level", "debug", + ) + if err != nil { + t.Fatal(err) + } +} diff --git a/e2e/dnschallenge/challenges_test.go b/e2e/dnschallenge/challenges_test.go index 2947fd00a..64199638e 100644 --- a/e2e/dnschallenge/challenges_test.go +++ b/e2e/dnschallenge/challenges_test.go @@ -14,7 +14,7 @@ const caDirectory = "https://localhost:15000/dir" var load = loader.EnvLoader{ PebbleOptions: &loader.CmdOption{ HealthCheckURL: caDirectory, - Args: []string{"-strict", "-config", "fixtures/pebble-config-dns.json", "-dnsserver", "localhost:8053"}, + Args: []string{"-strict", "-config", "fixtures/pebble-config-dns.json", "-dnsserver", "localhost:8553"}, Env: []string{"PEBBLE_VA_NOSLEEP=1", "PEBBLE_WFE_NONCEREJECT=20"}, Dir: "../", }, @@ -25,7 +25,7 @@ var load = loader.EnvLoader{ "LEGO_DEBUG_ACME_HTTP_CLIENT=1", }, ChallSrv: &loader.CmdOption{ - Args: []string{"-http01", ":5012", "-tlsalpn01", ":5011"}, + Args: []string{"-dnsserver", ":8553", "-http01", ":5012", "-tlsalpn01", ":5011", "-management", ":8555"}, }, } diff --git a/e2e/dnschallenge/dns_challenge_test.go b/e2e/dnschallenge/dns_challenge_test.go index 60db0138b..6012f5aa3 100644 --- a/e2e/dnschallenge/dns_challenge_test.go +++ b/e2e/dnschallenge/dns_challenge_test.go @@ -29,7 +29,7 @@ func TestChallengeDNS_Run(t *testing.T) { "run", "--accept-tos", "--dns", "exec", - "--dns.resolvers", ":8053", + "--dns.resolvers", ":8553", "--dns.propagation.wait", "0", "-s", caDirectory, "-d", testDomain2, @@ -164,5 +164,5 @@ func mockDefault(t *testing.T) { dns01.SetDefaultClient(backup) }) - dns01.SetDefaultClient(dns01.NewClient(&dns01.Options{RecursiveNameservers: []string{":8053"}})) + dns01.SetDefaultClient(dns01.NewClient(&dns01.Options{RecursiveNameservers: []string{":8553"}})) } diff --git a/e2e/dnschallenge/dns_persist_challenge_test.go b/e2e/dnschallenge/dns_persist_challenge_test.go index 5b7c3e0d7..dd7a7c66a 100644 --- a/e2e/dnschallenge/dns_persist_challenge_test.go +++ b/e2e/dnschallenge/dns_persist_challenge_test.go @@ -49,7 +49,7 @@ func TestChallengeDNSPersist_Client_Obtain(t *testing.T) { user := &internal.FakeUser{PrivateKey: privateKey} config := lego.NewConfig(user) - config.CADirURL = "https://localhost:15000/dir" + config.CADirURL = caDirectory client, err := lego.NewClient(config) require.NoError(t, err) @@ -105,10 +105,10 @@ func TestChallengeDNSPersist_Run(t *testing.T) { "--email", testPersistCLIEmail, "--accept-tos", "--dns-persist", - "--dns-persist.resolvers", ":8053", + "--dns-persist.resolvers", ":8553", "--dns-persist.propagation.disable-ans", "--dns-persist.issuer-domain-name", testPersistIssuer, - "--server", "https://localhost:15000/dir", + "--server", caDirectory, "--domains", testPersistCLIWildcardDomain, "--domains", testPersistCLIDomain, ) @@ -120,7 +120,7 @@ func TestChallengeDNSPersist_Run_NewAccount(t *testing.T) { t.Setenv("LEGO_CA_CERTIFICATES", "../fixtures/certs/pebble.minica.pem") - client := internal.NewChallTestSrvClient() + client := internal.NewChallTestSrvClient("8555") defer func() { err := client.ClearPersistRecord(testPersistCLIDomain) @@ -174,10 +174,10 @@ func TestChallengeDNSPersist_Run_NewAccount(t *testing.T) { "--email", testPersistCLIFreshEmail, "--accept-tos", "--dns-persist", - "--dns-persist.resolvers", ":8053", + "--dns-persist.resolvers", ":8553", "--dns-persist.propagation.disable-ans", "--dns-persist.issuer-domain-name", testPersistIssuer, - "--server", "https://localhost:15000/dir", + "--server", caDirectory, "--domains", testPersistCLIWildcardDomain, "--domains", testPersistCLIDomain, ) @@ -201,10 +201,10 @@ func TestChallengeDNSPersist_Renew(t *testing.T) { "--email", testPersistCLIRenewEmail, "--accept-tos", "--dns-persist", - "--dns-persist.resolvers", ":8053", + "--dns-persist.resolvers", ":8553", "--dns-persist.propagation.disable-ans", "--dns-persist.issuer-domain-name", testPersistIssuer, - "--server", "https://localhost:15000/dir", + "--server", caDirectory, "--domains", testPersistCLIWildcardDomain, "--domains", testPersistCLIDomain, ) @@ -215,10 +215,10 @@ func TestChallengeDNSPersist_Renew(t *testing.T) { "renew", "--email", testPersistCLIRenewEmail, "--dns-persist", - "--dns-persist.resolvers", ":8053", + "--dns-persist.resolvers", ":8553", "--dns-persist.propagation.disable-ans", "--dns-persist.issuer-domain-name", testPersistIssuer, - "--server", "https://localhost:15000/dir", + "--server", caDirectory, "--domains", testPersistCLIWildcardDomain, "--domains", testPersistCLIDomain, "--renew-force", @@ -239,7 +239,7 @@ func createCLIAccountState(t *testing.T, email string) string { } config := lego.NewConfig(user) - config.CADirURL = "https://localhost:15000/dir" + config.CADirURL = caDirectory client, err := lego.NewClient(config) require.NoError(t, err) @@ -327,7 +327,7 @@ func mockDefaultPersist(t *testing.T) { dnspersist01.SetDefaultClient(backup) }) - dnspersist01.SetDefaultClient(dnspersist01.NewClient(&dnspersist01.Options{RecursiveNameservers: []string{":8053"}})) + dnspersist01.SetDefaultClient(dnspersist01.NewClient(&dnspersist01.Options{RecursiveNameservers: []string{":8553"}})) } func updateDNS(t *testing.T, accountURI, issuerDomainName string) { @@ -343,7 +343,7 @@ func updateDNS(t *testing.T, accountURI, issuerDomainName string) { info, err := dnspersist01.GetChallengeInfo(authz, testPersistIssuer, accountURI, time.Time{}) require.NoError(t, err) - client := internal.NewChallTestSrvClient() + client := internal.NewChallTestSrvClient("8555") err = client.SetPersistRecord(issuerDomainName, info.Value) require.NoError(t, err) diff --git a/e2e/fixtures/pebble-config-dns.json b/e2e/fixtures/pebble-config-dns.json index dd5b63142..ca20a12c6 100644 --- a/e2e/fixtures/pebble-config-dns.json +++ b/e2e/fixtures/pebble-config-dns.json @@ -1,6 +1,7 @@ { "pebble": { "listenAddress": "0.0.0.0:15000", + "IGNOREmanagementListenAddress": "0.0.0.0:15500", "certificate": "fixtures/certs/localhost/cert.pem", "privateKey": "fixtures/certs/localhost/key.pem", "httpPort": 5004, diff --git a/e2e/fixtures/pebble-config-file.json b/e2e/fixtures/pebble-config-file.json new file mode 100644 index 000000000..f4a322819 --- /dev/null +++ b/e2e/fixtures/pebble-config-file.json @@ -0,0 +1,20 @@ +{ + "pebble": { + "listenAddress": "0.0.0.0:17000", + "IGNOREmanagementListenAddress": "0.0.0.0:17500", + "certificate": "fixtures/certs/localhost/cert.pem", + "privateKey": "fixtures/certs/localhost/key.pem", + "httpPort": 5009, + "tlsPort": 5008, + "profiles": { + "default": { + "description": "The profile you know and love", + "validityPeriod": 7776000 + }, + "shortlived": { + "description": "A short-lived cert profile, without actual enforcement", + "validityPeriod": 518400 + } + } + } +} diff --git a/e2e/fixtures/update-dns-config-file.sh b/e2e/fixtures/update-dns-config-file.sh new file mode 100755 index 000000000..6290ada25 --- /dev/null +++ b/e2e/fixtures/update-dns-config-file.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# Simple DNS challenge exec solver. +# Use challtestsrv https://github.com/letsencrypt/pebble/tree/main/cmd/pebble-challtestsrv#dns-01 + +set -e + +case "$1" in + "present") + echo "Present" + payload="{\"host\":\"$2\", \"value\":\"$3\"}" + echo "payload=${payload}" + curl -s -X POST -d "${payload}" localhost:8855/set-txt + ;; + "cleanup") + echo "cleanup" + payload="{\"host\":\"$2\"}" + echo "payload=${payload}" + curl -s -X POST -d "${payload}" localhost:8855/clear-txt + ;; + *) + echo "OOPS" + ;; +esac diff --git a/e2e/fixtures/update-dns.sh b/e2e/fixtures/update-dns.sh index e90ee5ab8..aacb3652f 100755 --- a/e2e/fixtures/update-dns.sh +++ b/e2e/fixtures/update-dns.sh @@ -10,13 +10,13 @@ case "$1" in echo "Present" payload="{\"host\":\"$2\", \"value\":\"$3\"}" echo "payload=${payload}" - curl -s -X POST -d "${payload}" localhost:8055/set-txt + curl -s -X POST -d "${payload}" localhost:8555/set-txt ;; "cleanup") echo "cleanup" payload="{\"host\":\"$2\"}" echo "payload=${payload}" - curl -s -X POST -d "${payload}" localhost:8055/clear-txt + curl -s -X POST -d "${payload}" localhost:8555/clear-txt ;; *) echo "OOPS" diff --git a/e2e/internal/challtestsrv.go b/e2e/internal/challtestsrv.go index aea52811f..afd2b9c6b 100644 --- a/e2e/internal/challtestsrv.go +++ b/e2e/internal/challtestsrv.go @@ -17,8 +17,8 @@ type ChallTestSrvClient struct { httpClient *http.Client } -func NewChallTestSrvClient() *ChallTestSrvClient { - baseURL, _ := url.Parse("http://localhost:8055") +func NewChallTestSrvClient(port string) *ChallTestSrvClient { + baseURL, _ := url.Parse("http://localhost:" + port) return &ChallTestSrvClient{ baseURL: baseURL,