diff --git a/apache/lib/common b/apache/lib/common index 3e753fe0..69ac7c04 100644 --- a/apache/lib/common +++ b/apache/lib/common @@ -201,12 +201,22 @@ __vhost_cfg_normalize_protocol() { ssl_get_plugin_fun() { # from ssl conf, return the function that should manage SSL code creation local master_cfg="$1" cfg type keys - cfg=$(_get_ssl_option_value "$master_cfg") - [ "$cfg" ] || return 0 + cfg=$(_get_ssl_option_value "$master_cfg") || return 1 + + local cache_file="$state_tmpdir/$FUNCNAME.cache.$(H "$SERVICE_NAME" "$cfg")" + if [ -e "$cache_file" ]; then + cat "$cache_file" + return 0 + fi + + [ "$cfg" ] || { + touch "$cache_file" + return 0 + } type="$(echo "$cfg" | shyaml -y get-type 2>/dev/null)" || return 1 if [[ "$type" == "bool" ]]; then - printf "%s\0" "ssl_fallback" "" "$cfg" + printf "%s\0" "ssl_fallback" "" "$cfg" | tee "$cache_file" return 0 fi @@ -231,7 +241,7 @@ ssl_get_plugin_fun() { "in ${DARKBLUE}$relation_name${NORMAL}/${DARKYELLOW}$key${NORMAL}" ssl_cfg=$(printf "%s" "$cfg" | shyaml get-value "$key" 2>/dev/null) || true merged_config=$(merge_yaml_str "$relation_config" "$ssl_cfg") || return 1 - printf "%s\0" "$fun" "$key" "$merged_config" + printf "%s\0" "$fun" "$key" "$merged_config" | tee "$cache_file" return 0 done < <(get_service_relations "$SERVICE_NAME") || return 1 case "$key" in @@ -247,7 +257,7 @@ ssl_get_plugin_fun() { done fi ## No key of the struct seem to be declared cert-provider, so fallback - printf "%s\0" "ssl_fallback" "" "$cfg" + printf "%s\0" "ssl_fallback" "" "$cfg" | tee "$cache_file" } diff --git a/apache/test/ssl_plugin b/apache/test/ssl_plugin new file mode 100644 index 00000000..200ce12d --- /dev/null +++ b/apache/test/ssl_plugin @@ -0,0 +1,162 @@ +#!/bin/bash + +exname=$(basename $0) + +prefix_cmd=" +. /etc/shlib + +include common +include parse + +. ../lib/common + +" + +# mock +relation-get() { + local key="$1" + echo "$CFG" | shyaml get-value "$key" 2>/dev/null +} +export -f relation-get + +cfg-get-value() { + local key="$1" + shyaml get-value "$key" 2>/dev/null +} +export -f cfg-get-value + +get_service_relations() { + printf "%s\0" "${RELATIONS[@]}" +} +export -f get_service_relations + +merge_yaml_str() { + printf "" +} +export -f merge_yaml_str + + +export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX) +trap "rm -rf \"$state_tmpdir\"" EXIT + +## +## Tests +## + +try " +ssl_get_plugin_fun ' +domain: www.example.com +'" +is errlvl 1 +is err '' +is out '' + + + +try " +set -o pipefail +ssl_get_plugin_fun ' +domain: www.example.com +ssl: true +' | tr '\0' ':' +" +is errlvl 0 +is err '' +is out reg '^ssl_fallback:' + + +try " +ssl_get_plugin_fun ' +domain: www.example.com +ssl: +- a +- b +' +" +is errlvl 1 +is err part 'please provide a string or a struct' +is out '' + + +try " +ssl_get_plugin_fun ' +domain: www.example.com +ssl: +- a +- b +' +" +is errlvl 1 +is err part 'please provide a string or a struct' +is out '' + + +try " +ssl_get_plugin_fun ' +domain: www.example.com +ssl: xxx +' +" +is errlvl 1 +is err part 'no corresponding services declared in cert-provider' +is out '' + + +try " +RELATIONS=(cert-provider xxx mycfg True) +ssl_get_plugin_fun ' +domain: www.example.com +ssl: xxx +' | tr '\0' ':' +" +noerror +is out "ssl_plugin_cert-provider:xxx::" + + +try " +RELATIONS=( +cert-provider xxx mycfgxxx True +cert-provider yyy mycfgyyy True +) +ssl_get_plugin_fun ' +domain: www.example.com +ssl: yyy +' | tr '\0' ':' +" +noerror +is out "ssl_plugin_cert-provider:yyy::" + + +try " +RELATIONS=( +cert-provider xxx mycfgxxx True +cert-provider yyy mycfgyyy True +) +ssl_get_plugin_fun ' +domain: www.example.com +ssl: + cert: a +' | tr '\0' '|' +" +noerror +is out "ssl_fallback||cert: a|" + + +try " +RELATIONS=( +cert-provider xxx mycfgxxx True +cert-provider yyy mycfgyyy True +) +ssl_get_plugin_fun ' +domain: www.example.com +ssl: + popo: a +' +" +is errlvl 1 +is err part 'no corresponding services declared in cert-provider' +is out '' + +