From bf34c6a13bafc5c5d20aed5093e737cf916f65aa Mon Sep 17 00:00:00 2001 From: Gyuho Lee Date: Wed, 13 Jun 2018 13:21:08 -0700 Subject: [PATCH 1/3] tests: run coverage tests in Semaphore Signed-off-by: Gyuho Lee --- tests/semaphore.test.bash | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/tests/semaphore.test.bash b/tests/semaphore.test.bash index 32d2717c8..ac6a54da3 100755 --- a/tests/semaphore.test.bash +++ b/tests/semaphore.test.bash @@ -5,6 +5,20 @@ if ! [[ "$0" =~ "tests/semaphore.test.bash" ]]; then exit 255 fi +<&1 | tee test-${TEST_SUFFIX}.log" -docker run \ - --rm \ - --volume=`pwd`:/go/src/github.com/coreos/etcd \ - gcr.io/etcd-development/etcd-test:go1.10.3 \ - /bin/bash -c "${TEST_OPTS} ./test 2>&1 | tee test-${TEST_SUFFIX}.log" - -! egrep "(--- FAIL:|DATA RACE|panic: test timed out|appears to have leaked)" -B50 -A10 test-${TEST_SUFFIX}.log + ! egrep "(--- FAIL:|DATA RACE|panic: test timed out|appears to have leaked)" -B50 -A10 test-${TEST_SUFFIX}.log +fi From 8b5cd847d0baa4b43836eea9ec0a6d7945b9b8d4 Mon Sep 17 00:00:00 2001 From: Gyuho Lee Date: Wed, 13 Jun 2018 13:27:43 -0700 Subject: [PATCH 2/3] tests/semaphore.test.bash: use "sudo" for docker, clean up Signed-off-by: Gyuho Lee --- tests/semaphore.test.bash | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/tests/semaphore.test.bash b/tests/semaphore.test.bash index ac6a54da3..2c427fac9 100755 --- a/tests/semaphore.test.bash +++ b/tests/semaphore.test.bash @@ -19,8 +19,6 @@ TEST_OPTS="PASSES='build grpcproxy'" bash tests/semaphore.test.bash TEST_OPTS="coverage" bash tests/semaphore.test.bash COMMENT -TEST_SUFFIX=$(date +%s | base64 | head -c 15) - if [ -z "${TEST_OPTS}" ]; then TEST_OPTS="PASSES='build release e2e' MANUAL_VER=v3.3.7" fi @@ -30,13 +28,7 @@ fi echo "Running tests with" ${TEST_OPTS} if [ "${TEST_OPTS}" == "coverage" ]; then - make docker-test-coverage + sudo HOST_TMP_DIR=/tmp make docker-test-coverage else - docker run \ - --rm \ - --volume=`pwd`:/go/src/github.com/coreos/etcd \ - gcr.io/etcd-development/etcd-test:go1.10.3 \ - /bin/bash -c "${TEST_OPTS} ./test 2>&1 | tee test-${TEST_SUFFIX}.log" - - ! egrep "(--- FAIL:|DATA RACE|panic: test timed out|appears to have leaked)" -B50 -A10 test-${TEST_SUFFIX}.log + sudo HOST_TMP_DIR=/tmp TEST_OPTS="${TEST_OPTS}" make docker-test fi From 0d13176c99ddf376cfcebab4551f8d4ca8798c89 Mon Sep 17 00:00:00 2001 From: Gyuho Lee Date: Wed, 13 Jun 2018 14:32:27 -0700 Subject: [PATCH 3/3] tests/e2e: do not run cipher suite tests in coverage tests Signed-off-by: Gyuho Lee --- tests/e2e/v3_cipher_suite_test.go | 66 +++++++++++++++++++++++++++++++ tests/e2e/v3_curl_test.go | 43 -------------------- 2 files changed, 66 insertions(+), 43 deletions(-) create mode 100644 tests/e2e/v3_cipher_suite_test.go diff --git a/tests/e2e/v3_cipher_suite_test.go b/tests/e2e/v3_cipher_suite_test.go new file mode 100644 index 000000000..39a74e1de --- /dev/null +++ b/tests/e2e/v3_cipher_suite_test.go @@ -0,0 +1,66 @@ +// Copyright 2018 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build !cov + +package e2e + +import ( + "fmt" + "testing" + + "github.com/coreos/etcd/version" +) + +func TestV3CurlCipherSuitesValid(t *testing.T) { testV3CurlCipherSuites(t, true) } +func TestV3CurlCipherSuitesMismatch(t *testing.T) { testV3CurlCipherSuites(t, false) } +func testV3CurlCipherSuites(t *testing.T, valid bool) { + cc := configClientTLS + cc.clusterSize = 1 + cc.cipherSuites = []string{ + "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", + "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", + "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", + "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", + } + testFunc := cipherSuiteTestValid + if !valid { + testFunc = cipherSuiteTestMismatch + } + testCtl(t, testFunc, withCfg(cc)) +} + +func cipherSuiteTestValid(cx ctlCtx) { + if err := cURLGet(cx.epc, cURLReq{ + endpoint: "/metrics", + expected: fmt.Sprintf(`etcd_server_version{server_version="%s"} 1`, version.Version), + metricsURLScheme: cx.cfg.metricsURLScheme, + ciphers: "ECDHE-RSA-AES128-GCM-SHA256", // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + }); err != nil { + cx.t.Fatalf("failed get with curl (%v)", err) + } +} + +func cipherSuiteTestMismatch(cx ctlCtx) { + if err := cURLGet(cx.epc, cURLReq{ + endpoint: "/metrics", + expected: "alert handshake failure", + metricsURLScheme: cx.cfg.metricsURLScheme, + ciphers: "ECDHE-RSA-DES-CBC3-SHA", // TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + }); err != nil { + cx.t.Fatalf("failed get with curl (%v)", err) + } +} diff --git a/tests/e2e/v3_curl_test.go b/tests/e2e/v3_curl_test.go index 1515cfb31..250ea61aa 100644 --- a/tests/e2e/v3_curl_test.go +++ b/tests/e2e/v3_curl_test.go @@ -26,7 +26,6 @@ import ( "github.com/coreos/etcd/etcdserver/api/v3rpc/rpctypes" pb "github.com/coreos/etcd/etcdserver/etcdserverpb" "github.com/coreos/etcd/pkg/testutil" - "github.com/coreos/etcd/version" "github.com/grpc-ecosystem/grpc-gateway/runtime" ) @@ -350,48 +349,6 @@ func testV3CurlResignMissiongLeaderKey(cx ctlCtx) { } } -func TestV3CurlCipherSuitesValid(t *testing.T) { testV3CurlCipherSuites(t, true) } -func TestV3CurlCipherSuitesMismatch(t *testing.T) { testV3CurlCipherSuites(t, false) } -func testV3CurlCipherSuites(t *testing.T, valid bool) { - cc := configClientTLS - cc.clusterSize = 1 - cc.cipherSuites = []string{ - "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", - "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", - "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", - } - testFunc := cipherSuiteTestValid - if !valid { - testFunc = cipherSuiteTestMismatch - } - testCtl(t, testFunc, withCfg(cc)) -} - -func cipherSuiteTestValid(cx ctlCtx) { - if err := cURLGet(cx.epc, cURLReq{ - endpoint: "/metrics", - expected: fmt.Sprintf(`etcd_server_version{server_version="%s"} 1`, version.Version), - metricsURLScheme: cx.cfg.metricsURLScheme, - ciphers: "ECDHE-RSA-AES128-GCM-SHA256", // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - }); err != nil { - cx.t.Fatalf("failed get with curl (%v)", err) - } -} - -func cipherSuiteTestMismatch(cx ctlCtx) { - if err := cURLGet(cx.epc, cURLReq{ - endpoint: "/metrics", - expected: "alert handshake failure", - metricsURLScheme: cx.cfg.metricsURLScheme, - ciphers: "ECDHE-RSA-DES-CBC3-SHA", // TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - }); err != nil { - cx.t.Fatalf("failed get with curl (%v)", err) - } -} - // to manually decode; JSON marshals integer fields with // string types, so can't unmarshal with epb.CampaignResponse type campaignResponse struct {