Skip to content

Commit

Permalink
tests: Add unit tests to verify config generation from structs
Browse files Browse the repository at this point in the history
* Add omitempty tags to all fields in the config to avoid rendering zero values in generated config

Signed-off-by: Mahendra Paipuri <[email protected]>
  • Loading branch information
mahendrapaipuri committed Feb 6, 2025
1 parent c4d055f commit 323787d
Show file tree
Hide file tree
Showing 2 changed files with 143 additions and 16 deletions.
32 changes: 16 additions & 16 deletions web/tls_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,25 +40,25 @@ var (
)

type Config struct {
TLSConfig TLSConfig `yaml:"tls_server_config"`
HTTPConfig HTTPConfig `yaml:"http_server_config"`
Users map[string]config_util.Secret `yaml:"basic_auth_users"`
TLSConfig TLSConfig `yaml:"tls_server_config,omitempty"`
HTTPConfig HTTPConfig `yaml:"http_server_config,omitempty"`
Users map[string]config_util.Secret `yaml:"basic_auth_users,omitempty"`
}

type TLSConfig struct {
TLSCert string `yaml:"cert"`
TLSKey config_util.Secret `yaml:"key"`
ClientCAsText string `yaml:"client_ca"`
TLSCertPath string `yaml:"cert_file"`
TLSKeyPath string `yaml:"key_file"`
ClientAuth string `yaml:"client_auth_type"`
ClientCAs string `yaml:"client_ca_file"`
CipherSuites []Cipher `yaml:"cipher_suites"`
CurvePreferences []Curve `yaml:"curve_preferences"`
MinVersion TLSVersion `yaml:"min_version"`
MaxVersion TLSVersion `yaml:"max_version"`
PreferServerCipherSuites bool `yaml:"prefer_server_cipher_suites"`
ClientAllowedSans []string `yaml:"client_allowed_sans"`
TLSCert string `yaml:"cert,omitempty"`
TLSKey config_util.Secret `yaml:"key,omitempty"`
ClientCAsText string `yaml:"client_ca,omitempty"`
TLSCertPath string `yaml:"cert_file,omitempty"`
TLSKeyPath string `yaml:"key_file,omitempty"`
ClientAuth string `yaml:"client_auth_type,omitempty"`
ClientCAs string `yaml:"client_ca_file,omitempty"`
CipherSuites []Cipher `yaml:"cipher_suites,omitempty"`
CurvePreferences []Curve `yaml:"curve_preferences,omitempty"`
MinVersion TLSVersion `yaml:"min_version,omitempty"`
MaxVersion TLSVersion `yaml:"max_version,omitempty"`
PreferServerCipherSuites bool `yaml:"prefer_server_cipher_suites,omitempty"`
ClientAllowedSans []string `yaml:"client_allowed_sans,omitempty"`
}

type FlagConfig struct {
Expand Down
127 changes: 127 additions & 0 deletions web/tls_config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,13 @@ import (
"net/http"
"os"
"regexp"
"strings"
"sync"
"testing"
"time"

"github.com/prometheus/common/config"
"gopkg.in/yaml.v2"
)

// Helpers for literal FlagConfig
Expand Down Expand Up @@ -693,3 +697,126 @@ func TestUsers(t *testing.T) {
t.Run(testInputs.Name, testInputs.Test)
}
}

func TestConfigGeneration(t *testing.T) {
// Secrets to be rendered without any masking
config.MarshalSecretValue = true

testTables := []struct {
Name string
Config Config
Expected string
}{
{
Name: "Only basic auth",
Config: Config{
Users: map[string]config.Secret{
"admin": config.Secret("$2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG"),
},
},
Expected: `
basic_auth_users:
admin: $2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG`,
},
{
Name: "Only TLS",
Config: Config{
TLSConfig: TLSConfig{
TLSCertPath: "cert.pem",
TLSKeyPath: "key.pem",
MinVersion: TLSVersion(tls.VersionTLS12),
CurvePreferences: []Curve{
Curve(tls.CurveP256),
Curve(tls.CurveP521),
},
CipherSuites: []Cipher{
Cipher(tls.TLS_AES_128_GCM_SHA256),
},
ClientAllowedSans: []string{
"example.com",
"example.org",
},
},
},
Expected: `
tls_server_config:
cert_file: cert.pem
key_file: key.pem
cipher_suites:
- TLS_AES_128_GCM_SHA256
curve_preferences:
- CurveP256
- CurveP521
min_version: TLS12
client_allowed_sans:
- example.com
- example.org`,
},
{
Name: "Only HTTP config",
Config: Config{
HTTPConfig: HTTPConfig{
HTTP2: true,
Header: map[string]string{
"X-Custom-Header": "value",
},
},
},
Expected: `
http_server_config:
http2: true
headers:
X-Custom-Header: value`,
},
{
Name: "Basic auth and TLS",
Config: Config{
Users: map[string]config.Secret{
"admin": config.Secret("$2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG"),
},
TLSConfig: TLSConfig{
TLSCertPath: "cert.pem",
TLSKeyPath: "key.pem",
MinVersion: TLSVersion(tls.VersionTLS12),
CurvePreferences: []Curve{
Curve(tls.CurveP256),
Curve(tls.CurveP521),
},
CipherSuites: []Cipher{
Cipher(tls.TLS_AES_128_GCM_SHA256),
},
ClientAllowedSans: []string{
"example.com",
"example.org",
},
},
},
Expected: `
tls_server_config:
cert_file: cert.pem
key_file: key.pem
cipher_suites:
- TLS_AES_128_GCM_SHA256
curve_preferences:
- CurveP256
- CurveP521
min_version: TLS12
client_allowed_sans:
- example.com
- example.org
basic_auth_users:
admin: $2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG`,
},
}

for _, test := range testTables {
yamlConfig, err := yaml.Marshal(&test.Config)
if err != nil {
t.Error(err)
}

if strings.TrimSpace(test.Expected) != strings.TrimSpace(string(yamlConfig)) {
t.Fatalf("Expected config: %s, got config: %s", test.Expected, string(yamlConfig))
}
}
}

0 comments on commit 323787d

Please sign in to comment.