2019-02-26 16:41:02 +02:00
package oraclecloud
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/base64"
"encoding/pem"
2019-03-05 20:57:04 +02:00
"os"
2019-02-26 16:41:02 +02:00
"testing"
"time"
2020-09-02 03:20:01 +02:00
"github.com/go-acme/lego/v4/platform/tester"
2019-02-26 16:41:02 +02:00
"github.com/oracle/oci-go-sdk/common"
"github.com/stretchr/testify/require"
)
2020-03-12 00:51:10 +02:00
const envDomain = envNamespace + "DOMAIN"
2019-02-26 16:41:02 +02:00
var envTest = tester . NewEnvTest (
2020-03-12 00:51:10 +02:00
envPrivKey ,
EnvPrivKeyFile ,
EnvPrivKeyPass ,
EnvTenancyOCID ,
EnvUserOCID ,
EnvPubKeyFingerprint ,
EnvRegion ,
EnvCompartmentOCID ) .
WithDomain ( envDomain )
2019-02-26 16:41:02 +02:00
func TestNewDNSProvider ( t * testing . T ) {
testCases := [ ] struct {
desc string
envVars map [ string ] string
expected string
} {
{
desc : "success" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret1" ) ,
EnvPrivKeyPass : "secret1" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-03-05 20:57:04 +02:00
} ,
} ,
{
desc : "success file" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
EnvPrivKeyFile : mustGeneratePrivateKeyFile ( "secret1" ) ,
EnvPrivKeyPass : "secret1" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
} ,
{
desc : "missing credentials" ,
envVars : map [ string ] string { } ,
2019-03-05 20:57:04 +02:00
expected : "oraclecloud: some credentials information are missing: OCI_PRIVKEY,OCI_TENANCY_OCID,OCI_USER_OCID,OCI_PUBKEY_FINGERPRINT,OCI_REGION,OCI_COMPARTMENT_OCID" ,
2019-02-26 16:41:02 +02:00
} ,
{
desc : "missing CompartmentID" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_COMPARTMENT_OCID" ,
} ,
{
2019-03-05 20:57:04 +02:00
desc : "missing OCI_PRIVKEY" ,
2019-02-26 16:41:02 +02:00
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : "" ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
2019-03-05 20:57:04 +02:00
expected : "oraclecloud: some credentials information are missing: OCI_PRIVKEY" ,
2019-02-26 16:41:02 +02:00
} ,
{
desc : "missing OCI_PRIVKEY_PASS" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
2020-12-09 21:52:21 +02:00
expected : "oraclecloud: can not create client, bad configuration: " ,
2019-02-26 16:41:02 +02:00
} ,
{
desc : "missing OCI_TENANCY_OCID" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_TENANCY_OCID" ,
} ,
{
desc : "missing OCI_USER_OCID" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_USER_OCID" ,
} ,
{
desc : "missing OCI_PUBKEY_FINGERPRINT" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "" ,
EnvRegion : "us-phoenix-1" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_PUBKEY_FINGERPRINT" ,
} ,
{
desc : "missing OCI_REGION" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_REGION" ,
} ,
{
desc : "missing OCI_REGION" ,
envVars : map [ string ] string {
2020-03-12 00:51:10 +02:00
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
EnvPrivKeyPass : "secret" ,
EnvTenancyOCID : "ocid1.tenancy.oc1..secret" ,
EnvUserOCID : "ocid1.user.oc1..secret" ,
EnvPubKeyFingerprint : "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" ,
EnvRegion : "" ,
EnvCompartmentOCID : "123" ,
2019-02-26 16:41:02 +02:00
} ,
expected : "oraclecloud: some credentials information are missing: OCI_REGION" ,
} ,
}
for _ , test := range testCases {
t . Run ( test . desc , func ( t * testing . T ) {
2019-03-05 20:57:04 +02:00
defer func ( ) {
2020-03-12 00:51:10 +02:00
privKeyFile := os . Getenv ( EnvPrivKeyFile )
2019-03-05 20:57:04 +02:00
if privKeyFile != "" {
_ = os . Remove ( privKeyFile )
}
envTest . RestoreEnv ( )
} ( )
2019-02-26 16:41:02 +02:00
envTest . ClearEnv ( )
envTest . Apply ( test . envVars )
p , err := NewDNSProvider ( )
2021-03-04 21:16:59 +02:00
if test . expected == "" {
2019-02-26 16:41:02 +02:00
require . NoError ( t , err )
require . NotNil ( t , p )
require . NotNil ( t , p . config )
require . NotNil ( t , p . client )
} else {
2020-12-09 21:52:21 +02:00
require . Error ( t , err )
require . Contains ( t , err . Error ( ) , test . expected )
2019-02-26 16:41:02 +02:00
}
} )
}
}
func TestNewDNSProviderConfig ( t * testing . T ) {
2021-12-23 04:37:39 +02:00
envTest . ClearEnv ( )
defer envTest . RestoreEnv ( )
2019-02-26 16:41:02 +02:00
testCases := [ ] struct {
desc string
compartmentID string
configurationProvider common . ConfigurationProvider
expected string
} {
{
2021-12-23 04:37:39 +02:00
desc : "configuration provider error" ,
configurationProvider : mockConfigurationProvider ( "wrong-secret" ) ,
2019-02-26 16:41:02 +02:00
compartmentID : "123" ,
2019-03-05 20:57:04 +02:00
expected : "oraclecloud: can not create client, bad configuration: x509: decryption password incorrect" ,
2019-02-26 16:41:02 +02:00
} ,
{
desc : "OCIConfigProvider is missing" ,
compartmentID : "123" ,
expected : "oraclecloud: OCIConfigProvider is missing" ,
} ,
{
2021-12-23 04:37:39 +02:00
desc : "missing CompartmentID" ,
configurationProvider : mockConfigurationProvider ( "secret" ) ,
expected : "oraclecloud: CompartmentID is missing" ,
2019-02-26 16:41:02 +02:00
} ,
}
for _ , test := range testCases {
t . Run ( test . desc , func ( t * testing . T ) {
config := NewDefaultConfig ( )
config . CompartmentID = test . compartmentID
config . OCIConfigProvider = test . configurationProvider
p , err := NewDNSProviderConfig ( config )
2021-03-04 21:16:59 +02:00
if test . expected == "" {
2019-02-26 16:41:02 +02:00
require . NoError ( t , err )
require . NotNil ( t , p )
require . NotNil ( t , p . config )
require . NotNil ( t , p . client )
} else {
require . EqualError ( t , err , test . expected )
}
} )
}
}
func TestLivePresent ( t * testing . T ) {
if ! envTest . IsLiveTest ( ) {
t . Skip ( "skipping live test" )
}
envTest . RestoreEnv ( )
provider , err := NewDNSProvider ( )
require . NoError ( t , err )
err = provider . Present ( envTest . GetDomain ( ) , "" , "123d==" )
require . NoError ( t , err )
}
func TestLiveCleanUp ( t * testing . T ) {
if ! envTest . IsLiveTest ( ) {
t . Skip ( "skipping live test" )
}
envTest . RestoreEnv ( )
provider , err := NewDNSProvider ( )
require . NoError ( t , err )
time . Sleep ( 1 * time . Second )
err = provider . CleanUp ( envTest . GetDomain ( ) , "" , "123d==" )
require . NoError ( t , err )
}
2021-12-23 04:37:39 +02:00
func mockConfigurationProvider ( keyPassphrase string ) * configProvider {
envTest . Apply ( map [ string ] string {
envPrivKey : mustGeneratePrivateKey ( "secret" ) ,
} )
return & configProvider {
values : map [ string ] string {
EnvCompartmentOCID : "test" ,
EnvPrivKeyPass : "test" ,
EnvTenancyOCID : "test" ,
EnvUserOCID : "test" ,
EnvPubKeyFingerprint : "test" ,
EnvRegion : "test" ,
} ,
privateKeyPassphrase : keyPassphrase ,
}
}
2019-02-26 16:41:02 +02:00
func mustGeneratePrivateKey ( pwd string ) string {
2019-03-05 20:57:04 +02:00
block , err := generatePrivateKey ( pwd )
2019-02-26 16:41:02 +02:00
if err != nil {
panic ( err )
}
2019-03-05 20:57:04 +02:00
return base64 . StdEncoding . EncodeToString ( pem . EncodeToMemory ( block ) )
}
func mustGeneratePrivateKeyFile ( pwd string ) string {
block , err := generatePrivateKey ( pwd )
if err != nil {
panic ( err )
}
2022-08-22 17:05:31 +02:00
file , err := os . CreateTemp ( "" , "lego_oci_*.pem" )
2019-03-05 20:57:04 +02:00
if err != nil {
panic ( err )
}
err = pem . Encode ( file , block )
if err != nil {
panic ( err )
}
return file . Name ( )
}
func generatePrivateKey ( pwd string ) ( * pem . Block , error ) {
key , err := rsa . GenerateKey ( rand . Reader , 512 )
if err != nil {
return nil , err
}
2019-02-26 16:41:02 +02:00
block := & pem . Block {
Type : "RSA PRIVATE KEY" ,
Bytes : x509 . MarshalPKCS1PrivateKey ( key ) ,
}
if pwd != "" {
block , err = x509 . EncryptPEMBlock ( rand . Reader , block . Type , block . Bytes , [ ] byte ( pwd ) , x509 . PEMCipherAES256 )
if err != nil {
2019-03-05 20:57:04 +02:00
return nil , err
2019-02-26 16:41:02 +02:00
}
}
2019-03-05 20:57:04 +02:00
return block , nil
2019-02-26 16:41:02 +02:00
}