prometheus/ssl_exporter
1
0
Fork 0
mirror of https://github.com/ribbybibby/ssl_exporter.git synced 2025-07-15 23:54:18 +02:00
Code Issues Releases Activity

Add test for TLS version metric

Browse Source
This commit is contained in:
Rob Best
2020-11-19 22:53:47 +00:00
parent 8cde56ce6a
commit 44d8713091
3 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
prober/https_test.go
View File

@ -56,6 +56,7 @@ func TestProbeHTTPS(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSTimeout tests that the https probe respects the timeout in the
@ -164,6 +165,7 @@ func TestProbeHTTPSNoScheme(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSServername tests that the probe is successful when the
@ -206,6 +208,7 @@ func TestProbeHTTPSServerName(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSHTTP tests that the prober fails when hitting a HTTP server
@ -283,6 +286,7 @@ func TestProbeHTTPSClientAuth(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSClientAuthWrongClientCert tests that the probe fails with a bad
@ -419,6 +423,7 @@ func TestProbeHTTPSExpiredInsecure(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSProxy tests the proxy_url field in the configuration
@ -482,6 +487,7 @@ func TestProbeHTTPSProxy(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSOCSP tests a HTTPS probe with OCSP stapling
@ -527,6 +533,7 @@ func TestProbeHTTPSOCSP(t *testing.T) {
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics(resp, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeHTTPSVerifiedChains tests the verified chain metrics returned by a
@ -608,4 +615,5 @@ func TestProbeHTTPSVerifiedChains(t *testing.T) {
checkCertificateMetrics(serverCert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkVerifiedChainMetrics(verifiedChains, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}

17
prober/metrics_test.go
View File

@ -195,6 +195,23 @@ func checkOCSPMetrics(resp []byte, registry *prometheus.Registry, t *testing.T)
checkRegistryResults(expectedResults, mfs, t)
}
func checkTLSVersionMetrics(version string, registry *prometheus.Registry, t *testing.T) {
mfs, err := registry.Gather()
if err != nil {
t.Fatal(err)
}
expectedResults := []*registryResult{
&registryResult{
Name: "ssl_tls_version_info",
LabelValues: map[string]string{
"version": version,
},
Value: 1,
},
}
checkRegistryResults(expectedResults, mfs, t)
}
func newCertificate(certPEM []byte) (*x509.Certificate, error) {
block, _ := pem.Decode(certPEM)
return x509.ParseCertificate(block.Bytes)

8
prober/tcp_test.go
View File

@ -53,6 +53,7 @@ func TestProbeTCP(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPInvalidName tests hitting the server on an address which isn't
@ -123,6 +124,7 @@ func TestProbeTCPServerName(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPExpired tests that the probe fails with an expired server cert
@ -203,6 +205,7 @@ func TestProbeTCPExpiredInsecure(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPStartTLSSMTP tests STARTTLS against a mock SMTP server
@ -241,6 +244,7 @@ func TestProbeTCPStartTLSSMTP(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPStartTLSFTP tests STARTTLS against a mock FTP server
@ -279,6 +283,7 @@ func TestProbeTCPStartTLSFTP(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPStartTLSIMAP tests STARTTLS against a mock IMAP server
@ -317,6 +322,7 @@ func TestProbeTCPStartTLSIMAP(t *testing.T) {
}
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPTimeout tests that the TCP probe respects the timeout in the
@ -392,6 +398,7 @@ func TestProbeTCPOCSP(t *testing.T) {
checkCertificateMetrics(cert, registry, t)
checkOCSPMetrics(resp, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}
// TestProbeTCPVerifiedChains tests the verified chain metrics returned by a tcp
@ -473,4 +480,5 @@ func TestProbeTCPVerifiedChains(t *testing.T) {
checkCertificateMetrics(serverCert, registry, t)
checkOCSPMetrics([]byte{}, registry, t)
checkVerifiedChainMetrics(verifiedChains, registry, t)
checkTLSVersionMetrics("TLS 1.3", registry, t)
}