Test password authentication in tls tests and workflow (#75)

.github/workflows/tls.yml

@@ -1,5 +1,9 @@
-# This workflow will make use of Faktory put behind NGINX to test 
-# the crate's tls feature (see docker dir in the project's root)
+# This workflow will make use of Faktory put behind NGINX to test the crate's `tls` feature
+# (see the `docker` directory in the project's root).
+#
+# We are also utilizing this dedicated workflow and Faktory deployment to test that password authentication works
+# as expected (see the password part in the `FAKTORY_URL_SECURE` connection string and the `FAKTORY_PASSWORD` environment
+# variable in the `faktory` service description in the compose file in the `docker` directory mentioned above.
 permissions:
   contents: read
 on:
@@ -28,5 +32,5 @@ jobs:
         run: cargo generate-lockfile
       - name: Run tests
         env:
-          FAKTORY_URL_SECURE: tcp://localhost:17419
+          FAKTORY_URL_SECURE: tcp://:uredinales@localhost:17419
         run: cargo test --locked --features native_tls,rustls --test tls

Makefile

@@ -3,6 +3,7 @@ FAKTORY_HOST=localhost
 FAKTORY_PORT=7419
 FAKTORY_PORT_SECURE=17419
 FAKTORY_PORT_UI=7420
+FAKTORY_PASSWORD=uredinales
 
 .PHONY: precommit
 precommit: fmt check test/doc test/e2e test/e2e/tls
@@ -57,7 +58,7 @@ test/e2e:
 
 .PHONY: test/e2e/tls
 test/e2e/tls:
-	FAKTORY_URL_SECURE=tcp://${FAKTORY_HOST}:${FAKTORY_PORT_SECURE} \
+	FAKTORY_URL_SECURE=tcp://:${FAKTORY_PASSWORD}@${FAKTORY_HOST}:${FAKTORY_PORT_SECURE} \
 	cargo test --locked --features native_tls,rustls --test tls -- --nocapture
 
 .PHONY: test/load

docker/compose.yml

@@ -7,6 +7,8 @@ services:
     build:
       context: .
       dockerfile: faktory.Dockerfile
+    environment:
+      FAKTORY_PASSWORD: uredinales
     command: "/faktory -b :7419 -w :7420"
   nginx:
     depends_on:

tests/tls/native_tls.rs

@@ -2,6 +2,7 @@ use faktory::native_tls::TlsStream;
 use faktory::{Client, Job, WorkerBuilder, WorkerId};
 use serde_json::Value;
 use std::{env, sync};
+use url::Url;
 
 #[tokio::test(flavor = "multi_thread")]
 async fn roundtrip_tls() {
@@ -31,16 +32,21 @@ async fn roundtrip_tls() {
             .unwrap()
     };
 
+    let password = Url::parse(&env::var("FAKTORY_URL_SECURE").expect("faktory url to be set..."))
+        .expect("...and be valid")
+        .password()
+        .map(|p| p.to_string());
+
     let mut worker = WorkerBuilder::default()
         .hostname("tester".to_string())
         .wid(WorkerId::new(local))
         .register(local, fixtures::JobHandler::new(tx))
-        .connect_with(tls().await, None)
+        .connect_with(tls().await, password.clone())
         .await
         .unwrap();
 
     // "one-shot" client
-    Client::connect_with(tls().await, None)
+    Client::connect_with(tls().await, password)
         .await
         .unwrap()
         .enqueue(Job::new(local, vec!["z"]).on_queue(local))

tests/tls/rustls.rs

@@ -6,6 +6,7 @@ use std::{
     sync::{self, Arc},
 };
 use tokio_rustls::rustls::{ClientConfig, SignatureScheme};
+use url::Url;
 
 #[tokio::test(flavor = "multi_thread")]
 async fn roundtrip_tls() {
@@ -23,6 +24,7 @@ async fn roundtrip_tls() {
     }
     let local = "roundtrip_tls";
     let (tx, rx) = sync::mpsc::channel();
+
     let tls = || async {
         let verifier = fixtures::TestServerCertVerifier::new(
             SignatureScheme::RSA_PSS_SHA512,
@@ -45,16 +47,21 @@ async fn roundtrip_tls() {
         .unwrap()
     };
 
+    let password = Url::parse(&env::var("FAKTORY_URL_SECURE").expect("faktory url to be set..."))
+        .expect("...and be valid")
+        .password()
+        .map(|p| p.to_string());
+
     let mut worker = WorkerBuilder::default()
         .hostname("tester".to_string())
         .wid(WorkerId::new(local))
         .register(local, fixtures::JobHandler::new(tx))
-        .connect_with(tls().await, None)
+        .connect_with(tls().await, password.clone())
         .await
         .unwrap();
 
     // "one-shot" client
-    Client::connect_with(tls().await, None)
+    Client::connect_with(tls().await, password)
         .await
         .unwrap()
         .enqueue(Job::new(local, vec!["z"]).on_queue(local))