First attempt at CI

PowerDNS · Sep 27, 2024 · a3beb65 · a3beb65
1 parent 980da7a
commit a3beb65
Show file tree

Hide file tree

Showing 6 changed files with 86 additions and 2 deletions.
diff --git a/.github/workflows/test-all.yml b/.github/workflows/test-all.yml
@@ -0,0 +1,21 @@
+name: Test features
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  runner-job:
+    runs-on: ubuntu-latest
+    services:
+      nats:
+        image: nats
+        ports:
+          - "4222:4222"
+    steps:
+      - name: Install Luarocks
+        run: sudo apt-get update && sudo apt-get -y --no-install-recommends install luarocks
+      - name: Install telescope
+        run: sudo luarocks install telescope
+      - name: Test Features
+        run: make test
diff --git a/Makefile b/Makefile
@@ -1,5 +1,5 @@
 test:
-	tsc -f tests/*.lua
+	make -C tests certs test
 
 test-deps:
 	luarocks install telescope

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -4,4 +4,14 @@ services:
   nats:
     image: nats
     ports:
-      - "4222:4222"
+      - "4222:4222"
+
+  nats-tls:
+    image: nats
+    volumes:
+      - /tmp/server.pem:/tmp/server.cert
+      - /tmp/server.key:/tmp/server.key
+      - /tmp/ca.pem:/tmp/ca.pem
+    command: "--tlscert /tmp/server.cert --tlskey /tmp/server.key --tlscacert /tmp/ca.pem"
+    ports:
+      - "4223:4222"
diff --git a/tests/Makefile b/tests/Makefile
@@ -0,0 +1,10 @@
+test:
+	tsc -f *.lua
+
+certs:
+	# Generate a new CA
+	openssl req -new -x509 -days 1 -extensions v3_ca -keyout /tmp/ca.key -out /tmp/ca.pem -nodes -config configCA.conf
+	# Generate a new server certificate request
+	openssl req -new -newkey rsa:2048 -nodes -keyout /tmp/server.key -out /tmp/server.csr -config configServer.conf
+	# Sign the server cert
+	openssl x509 -req -days 1 -CA /tmp/ca.pem -CAkey /tmp/ca.key -CAcreateserial -in /tmp/server.csr -out /tmp/server.pem -extfile configServer.conf -extensions v3_req
diff --git a/tests/configCA.conf b/tests/configCA.conf
@@ -0,0 +1,23 @@
+[req]
+default_bits = 2048
+encrypt_key = no
+x509_extensions = custom_extensions
+prompt = no
+distinguished_name = distinguished_name
+
+[v3_ca]
+subjectKeyIdentifier = hash
+authorityKeyIdentifier = keyid:always,issuer:always
+basicConstraints = critical, CA:true
+
+[distinguished_name]
+CN = lua-nats TLS regression tests CA
+OU = PowerDNS.com BV
+countryName = NL
+
+[custom_extensions]
+basicConstraints = CA:true
+keyUsage = cRLSign, keyCertSign
+
+[CA_default]
+copy_extensions = copy
diff --git a/tests/configServer.conf b/tests/configServer.conf
@@ -0,0 +1,20 @@
+[req]
+default_bits = 2048
+encrypt_key = no
+prompt = no
+distinguished_name = server_distinguished_name
+req_extensions = v3_req
+
+[server_distinguished_name]
+CN = tls.tests.lua-nats.powerdns.com
+OU = PowerDNS.com BV
+countryName = NL
+
+[v3_req]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = tls.tests.lua-nats.powerdns.com
+IP.2 = 127.0.0.1