Skip to content

Commit dc189e3

Browse files
JackuBJackuB
committed
fix: use-ca-for-systemcheck
CA_CERT option was ignored for /systemcheck endpoint resulting in false negatives. This fix applies CA_CERT to this endpoint as well
1 parent 08c6736 commit dc189e3

File tree

3 files changed

+21
-2
lines changed

3 files changed

+21
-2
lines changed

lib/client/index.js

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,9 @@ module.exports = ({ port = null, config = {}, filters = {} }) => {
7575
method: brokerClientValidationMethod,
7676
timeout: brokerClientValidationTimeoutMs,
7777
json: true,
78+
agentOptions: {
79+
ca: config.caCert, // Optional CA cert
80+
},
7881
}, (error, response) => {
7982
// test logic requires to surface internal data
8083
// which is best not exposed in production

test/functional/client-ca.test.js

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,13 @@ test('correctly use supplied CA cert on client for connections', t => {
2020
* 6. send request to the server and expect success
2121
*/
2222

23-
t.plan(5);
23+
t.plan(6);
2424

2525
process.env.ACCEPT = 'filters.json';
2626

2727
process.chdir(path.resolve(root, '../fixtures/server'));
2828
process.env.BROKER_TYPE = 'server';
29+
let clientPort;
2930
const serverPort = port();
3031
const server = app.main({ port: serverPort });
3132

@@ -62,7 +63,9 @@ test('correctly use supplied CA cert on client for connections', t => {
6263

6364
// Specify CA file
6465
process.env.CA_CERT = '../certs/ca/my-root-ca.crt.pem';
65-
client = app.main({ port: port() });
66+
process.env.BROKER_CLIENT_VALIDATION_URL = `https://localhost:${echoServerPort}/test`;
67+
clientPort = port();
68+
client = app.main({ port: clientPort });
6669
});
6770

6871
t.test('successfully broker POST with CA set', t => {
@@ -73,6 +76,14 @@ test('correctly use supplied CA cert on client for connections', t => {
7376
});
7477
});
7578

79+
t.test('successfully call systemcheck with CA set', t => {
80+
const url = `http://localhost:${clientPort}/systemcheck`;
81+
request({ url, json: true }, (err, res) => {
82+
t.equal(res.statusCode, 200, '200 statusCode');
83+
t.end();
84+
});
85+
});
86+
7687
t.test('clean up', t => {
7788
client.close();
7889
setTimeout(() => {

test/utils.js

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,11 @@ const { app: echoServer, server } = webserver({
1515
httpsCert: process.env.TEST_CERT, // Optional
1616
});
1717

18+
echoServer.get('/test', (req, res) => {
19+
res.status(200);
20+
res.send('All good');
21+
});
22+
1823
echoServer.get(
1924
'/test-blob/1',
2025
(req, res) => {

0 commit comments

Comments
 (0)