-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathconftest.py
120 lines (96 loc) · 3.19 KB
/
conftest.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import os
import subprocess
import pytest
from bigacme import config
def pytest_addoption(parser):
parser.addoption(
"--lb",
action="store",
default="localhost",
help="BIG-IP hostname or IP address",
)
parser.addoption("--user", action="store", help="BIG-IP username", default="admin")
parser.addoption("--pass", action="store", help="BIG-IP password", default="admin")
parser.addoption(
"--ca", action="store", help="ACME CA directory", default="localhost"
)
parser.addoption(
"--hostname",
action="store",
help="Hostname to retrive certificate for",
default="bigacme.no",
)
parser.addoption(
"--datagroup",
action="store",
help="Datagroup for ACME challenges",
default="acme_responses_dg",
)
parser.addoption(
"--partition",
action="store",
help="Partition where datagroup is located",
default="Common",
)
parser.addoption(
"--system-user",
action="store",
help="System user to use "
"(tests must be run as root for this to have an effect)",
default="bigacme",
)
@pytest.fixture(scope="module")
def opt_lb(request):
return request.config.getoption("--lb")
@pytest.fixture(scope="module")
def opt_username(request):
return request.config.getoption("--user")
@pytest.fixture(scope="module")
def opt_password(request):
return request.config.getoption("--pass")
@pytest.fixture(scope="module")
def opt_ca(request):
return request.config.getoption("--ca")
@pytest.fixture(scope="module")
def opt_hostname(request):
return request.config.getoption("--hostname")
@pytest.fixture(scope="module")
def opt_datagroup(request):
return request.config.getoption("--datagroup")
@pytest.fixture(scope="module")
def opt_partition(request):
return request.config.getoption("--partition")
@pytest.fixture(scope="module")
def opt_user(request):
return request.config.getoption("--system-user")
# pebble is module scoped even though it is used by several
# modules, so that it is always killed by the same user as it
# was created (the user is changed in the unit tests for cert.py
# if the tests are run as root)
@pytest.fixture(scope="module")
def pebble():
# Pebble reject 15 % of nonces by default,
# turn that off to get reliable testing.
# (clients should handle that gracefully,
# and python-acme will retry requests
# once in case of bad nonce, but Pebble
# will sometimes reject two requsts in a
# row, so the tests sometimes fails anyways).
env = {"PEBBLE_WFE_NONCEREJECT": "0"}
pebble_proc = subprocess.Popen(
[
"tests/functional/pebble/pebble",
"-config",
"tests/functional/pebble/pebble-config.json",
],
stdout=subprocess.PIPE,
env=env,
)
while b"Root CA certificate available at" not in pebble_proc.stdout.readline():
pebble_proc.poll()
if pebble_proc.returncode is not None:
raise Exception("Pebble failed to start")
yield pebble_proc
pebble_proc.kill()
# for easier debugging
print(pebble_proc.communicate()[0].decode())