Attempt to run network tests in CI

Nitrokey · Sep 4, 2024 · d09ea8a · d09ea8a
1 parent bac9733
commit d09ea8a
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 8 deletions.
diff --git a/.github/workflows/rust-tests.yml b/.github/workflows/rust-tests.yml
@@ -93,3 +93,37 @@ jobs:
         run: cargo build --release
       - name: run fork tests
         run: cd fork-tests && make
+  test_network:
+    runs-on: ubuntu-latest
+    # container: 
+    #   image: ubuntu:24.04
+    #   options: --privileged
+    env:
+      RUST_BACKTRACE: full
+      RUST_LOG: trace
+      # NETHSM_DOCKER_HOSTNAME: nethsm
+    # services:
+    #   docker:
+    #     image: docker:dind
+    #     options: --privileged
+    #     ports:
+    #       - 2375:2375
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: install opensc and dependencies
+        run: apt-get update && apt-get install -y curl opensc openssl gcc xxd jq gnutls-bin make docker.io
+
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          components: rustfmt, clippy, llvm-tools-preview
+      - name: pull docker image
+        run: docker pull nitrokey/nethsm:testing
+
+      - uses: Swatinem/rust-cache@v2
+      - name: build release
+        run: cargo build --release
+      - name: run network tests
+        run: cargo t --features pkcs11-full-tests -p nethsm_pkcs11 --test basic
diff --git a/pkcs11/tests/basic.rs b/pkcs11/tests/basic.rs
@@ -13,6 +13,7 @@ use pkcs11::types::{
 };
 
 mod tools;
+use tools::NETHSM_DOCKER_HOSTNAME;
 
 const RSA_PRIVATE_KEY_ATTRIBUTES: &[CK_ATTRIBUTE] = &[
     CK_ATTRIBUTE {
@@ -121,13 +122,13 @@ fn multiple_instances() {
                 description: Some("Test slot".into()),
                 instances: vec![
                     InstanceConfig {
-                        url: "https://localhost:8443/api/v1".into(),
+                        url: format!("https://{NETHSM_DOCKER_HOSTNAME}:8443/api/v1"),
                         danger_insecure_cert: true,
                         sha256_fingerprints: Vec::new(),
                         max_idle_connections: None,
                     },
                     InstanceConfig {
-                        url: "https://localhost:8444/api/v1".into(),
+                        url: format!("https://{NETHSM_DOCKER_HOSTNAME}:8444/api/v1"),
                         danger_insecure_cert: true,
                         sha256_fingerprints: Vec::new(),
                         max_idle_connections: None,
@@ -302,13 +303,13 @@ fn multi_instance_retries() {
                 description: Some("Test slot".into()),
                 instances: vec![
                     InstanceConfig {
-                        url: "https://localhost:8443/api/v1".into(),
+                        url: format!("https://{NETHSM_DOCKER_HOSTNAME}:8443/api/v1"),
                         danger_insecure_cert: true,
                         sha256_fingerprints: Vec::new(),
                         max_idle_connections: None,
                     },
                     InstanceConfig {
-                        url: "https://localhost:8444/api/v1".into(),
+                        url: format!("https://{NETHSM_DOCKER_HOSTNAME}:8444/api/v1"),
                         danger_insecure_cert: true,
                         sha256_fingerprints: Vec::new(),
                         max_idle_connections: None,

diff --git a/pkcs11/tests/tools/mod.rs b/pkcs11/tests/tools/mod.rs
@@ -29,9 +29,9 @@ use tokio::sync::mpsc::{unbounded_channel, UnboundedSender};
 use tokio::task::AbortHandle;
 use ureq::AgentBuilder;
 
-pub const TEST_NETHSM_INSTANCE: &str = match option_env!("TEST_NETHSM_INSTANCE") {
+pub const NETHSM_DOCKER_HOSTNAME: &str = match option_env!("NETHSM_DOCKER_HOSTNAME") {
     Some(v) => v,
-    None => "https://localhost:8443/api/v1",
+    None => "localhost",
 };
 
 #[derive(Debug)]
@@ -307,7 +307,7 @@ pub fn run_tests(
     };
     let mut test_dropper = TestDropper {
         serialize_test,
-        command_to_kill: Command::new("podman")
+        command_to_kill: Command::new("docker")
             .args([
                 "run",
                 "--rm",
@@ -329,12 +329,17 @@ pub fn run_tests(
 
     let sdk_config = Configuration {
         client,
-        base_path: TEST_NETHSM_INSTANCE.into(),
+        base_path: format!("https://{NETHSM_DOCKER_HOSTNAME}:8443/api/v1"),
         basic_auth: Some(("admin".into(), Some("Administrator".into()))),
         ..Default::default()
     };
 
+    println!(
+        "Configuration built, waiting for test instance to be up at {}",
+        &sdk_config.base_path
+    );
     sleep(Duration::from_secs(2));
+    println!("Attempting provisionning");
 
     provision_post(
         &sdk_config,