Add test for TLS version metric

2025-07-15 23:54:18 +02:00 · 2020-11-19 22:53:47 +00:00
parent 8cde56ce6a
commit 44d8713091
3 changed files with 33 additions and 0 deletions
--- a/prober/https_test.go
+++ b/prober/https_test.go
@ -56,6 +56,7 @@ func TestProbeHTTPS(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSTimeout tests that the https probe respects the timeout in the
@ -164,6 +165,7 @@ func TestProbeHTTPSNoScheme(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSServername tests that the probe is successful when the
@ -206,6 +208,7 @@ func TestProbeHTTPSServerName(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSHTTP tests that the prober fails when hitting a HTTP server
@ -283,6 +286,7 @@ func TestProbeHTTPSClientAuth(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSClientAuthWrongClientCert tests that the probe fails with a bad
@ -419,6 +423,7 @@ func TestProbeHTTPSExpiredInsecure(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSProxy tests the proxy_url field in the configuration
@ -482,6 +487,7 @@ func TestProbeHTTPSProxy(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSOCSP tests a HTTPS probe with OCSP stapling
@ -527,6 +533,7 @@ func TestProbeHTTPSOCSP(t *testing.T) {
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics(resp, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeHTTPSVerifiedChains tests the verified chain metrics returned by a
@ -608,4 +615,5 @@ func TestProbeHTTPSVerifiedChains(t *testing.T) {
 	checkCertificateMetrics(serverCert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkVerifiedChainMetrics(verifiedChains, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
--- a/prober/metrics_test.go
+++ b/prober/metrics_test.go
@ -195,6 +195,23 @@ func checkOCSPMetrics(resp []byte, registry *prometheus.Registry, t *testing.T)
 	checkRegistryResults(expectedResults, mfs, t)
 }
 func checkTLSVersionMetrics(version string, registry *prometheus.Registry, t *testing.T) {
 	mfs, err := registry.Gather()
 	if err != nil {
 		t.Fatal(err)
 	}
 	expectedResults := []*registryResult{
 		&registryResult{
 			Name: "ssl_tls_version_info",
 			LabelValues: map[string]string{
 				"version": version,
 			},
 			Value: 1,
 		},
 	}
 	checkRegistryResults(expectedResults, mfs, t)
 }
 func newCertificate(certPEM []byte) (*x509.Certificate, error) {
 	block, _ := pem.Decode(certPEM)
 	return x509.ParseCertificate(block.Bytes)
--- a/prober/tcp_test.go
+++ b/prober/tcp_test.go
@ -53,6 +53,7 @@ func TestProbeTCP(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPInvalidName tests hitting the server on an address which isn't
@ -123,6 +124,7 @@ func TestProbeTCPServerName(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPExpired tests that the probe fails with an expired server cert
@ -203,6 +205,7 @@ func TestProbeTCPExpiredInsecure(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPStartTLSSMTP tests STARTTLS against a mock SMTP server
@ -241,6 +244,7 @@ func TestProbeTCPStartTLSSMTP(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPStartTLSFTP tests STARTTLS against a mock FTP server
@ -279,6 +283,7 @@ func TestProbeTCPStartTLSFTP(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPStartTLSIMAP tests STARTTLS against a mock IMAP server
@ -317,6 +322,7 @@ func TestProbeTCPStartTLSIMAP(t *testing.T) {
 	}
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPTimeout tests that the TCP probe respects the timeout in the
@ -392,6 +398,7 @@ func TestProbeTCPOCSP(t *testing.T) {
 	checkCertificateMetrics(cert, registry, t)
 	checkOCSPMetrics(resp, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }
 // TestProbeTCPVerifiedChains tests the verified chain metrics returned by a tcp
@ -473,4 +480,5 @@ func TestProbeTCPVerifiedChains(t *testing.T) {
 	checkCertificateMetrics(serverCert, registry, t)
 	checkOCSPMetrics([]byte{}, registry, t)
 	checkVerifiedChainMetrics(verifiedChains, registry, t)
 	checkTLSVersionMetrics("TLS 1.3", registry, t)
 }