Skip to content

Commit

Permalink
Add an integration test for the monitor-lambda-emulator
Browse files Browse the repository at this point in the history
  • Loading branch information
oskirby committed Jul 4, 2024
1 parent f2a9222 commit 438a285
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 29 deletions.
31 changes: 12 additions & 19 deletions bin/run_integration_tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -29,26 +29,19 @@ docker cp autograph-app-hsm:/tmp/normandy_dev_root_hash.txt .
APP_HSM_NORMANDY_ROOT_HASH=$(grep '[0-9A-F]' normandy_dev_root_hash.txt | tr -d '\r\n')

# start the monitor lambda emulators
docker compose up -d monitor-lambda-emulator
AUTOGRAPH_ROOT_HASH=$APP_HSM_NORMANDY_ROOT_HASH docker compose up -d monitor-hsm-lambda-emulator

echo "waiting for monitor-lambda-emulator to start"
while test "true" != "$(docker inspect -f {{.State.Running}} autograph-monitor-lambda-emulator)"; do
echo -n "."
sleep 1 # wait before checking again
done
echo "waiting for monitor-hsm-lambda-emulator to start"
while test "true" != "$(docker inspect -f {{.State.Running}} autograph-monitor-hsm-lambda-emulator)"; do
echo -n "."
sleep 1 # wait before checking again
done
echo "checking autograph monitors"
docker compose run \
--rm \
-e AUTOGRAPH_URL=http://app:8000/ \
--entrypoint /usr/local/bin/lambda-selftest-entrypoint.sh \
monitor-lambda-emulator /go/bin/autograph-monitor

echo "checking monitoring using hsm root hash:" "$APP_HSM_NORMANDY_ROOT_HASH"
# exec in containers to workaround https://circleci.com/docs/2.0/building-docker-images/#accessing-services
docker compose exec monitor-lambda-emulator "/usr/local/bin/test_monitor.sh"
docker compose logs monitor-lambda-emulator
docker compose exec monitor-hsm-lambda-emulator "/usr/local/bin/test_monitor.sh"
docker compose logs monitor-hsm-lambda-emulator
docker compose run \
--rm \
-e AUTOGRAPH_URL=http://autograph-app-hsm:8001/ \
-e AUTOGRAPH_ROOT_HASH=$APP_HSM_NORMANDY_ROOT_HASH \
--entrypoint /usr/local/bin/lambda-selftest-entrypoint.sh \
monitor-hsm-lambda-emulator /go/bin/autograph-monitor

echo "checking read-only API"
# user bob doesn't exist in the softhsm config
Expand Down
7 changes: 3 additions & 4 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -66,10 +66,7 @@ services:
monitor:
container_name: autograph-monitor
image: autograph-app
command:
[
"/go/bin/autograph-monitor",
]
command: ["/go/bin/autograph-monitor"]

monitor-lambda-emulator:
container_name: autograph-monitor-lambda-emulator
Expand All @@ -83,6 +80,7 @@ services:
# set a non-empty value to use the lambda handler
- LAMBDA_TASK_ROOT=/usr/local/bin/
- AUTOGRAPH_ROOT_HASH
command: ["/go/bin/autograph-monitor"]
ports:
- "9000:8080"
links:
Expand All @@ -104,6 +102,7 @@ services:
# set a non-empty value to use the lambda handler
- LAMBDA_TASK_ROOT=/usr/local/bin/
- AUTOGRAPH_ROOT_HASH
command: ["/go/bin/autograph-monitor"]
ports:
- "9001:8080"
links:
Expand Down
10 changes: 10 additions & 0 deletions tools/autograph-client/integration-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -58,3 +58,13 @@ services:
- TARGET=http://app:8000
- VERIFY=1
command: [ "./build_test_apks.sh" ]

test-monitor-app:
container_name: test-monitor-app
extends:
file: ../../docker-compose.yml
service: monitor-lambda-emulator
entrypoint: [ "/usr/local/bin/lambda-selftest-entrypoint.sh" ]

# TODO: Add a monitor test for the HSM lambda - tricky because we need
# a way to dynamically grab the root hash from the HSM.
2 changes: 1 addition & 1 deletion tools/autograph-client/test-entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,4 @@ fi

# Run the test
set -e
/bin/bash -c "$@"
exec "$@"
8 changes: 5 additions & 3 deletions tools/autograph-monitor/Dockerfile.lambda-emulator
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,13 @@ FROM autograph-app

USER root

RUN cp /app/src/autograph/bin/test_monitor.sh /usr/local/bin/test_monitor.sh
RUN curl -Lo /usr/local/bin/aws-lambda-rie \
https://github.com/aws/aws-lambda-runtime-interface-emulator/releases/latest/download/aws-lambda-rie \
&& \
chmod +x /usr/local/bin/aws-lambda-rie /usr/local/bin/test_monitor.sh
chmod +x /usr/local/bin/aws-lambda-rie

COPY lambda-selftest-entrypoint.sh /usr/local/bin/lambda-selftest-entrypoint.sh

USER app
CMD ["/usr/local/bin/aws-lambda-rie", "/go/bin/autograph-monitor"]
ENTRYPOINT ["/usr/local/bin/aws-lambda-rie"]
CMD ["/go/bin/autograph-monitor"]
12 changes: 10 additions & 2 deletions bin/test_monitor.sh → ...aph-monitor/lambda-selftest-entrypoint.sh
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,17 @@
set -e
set -o pipefail

# Fork to start the AWS runtime emulator
/usr/local/bin/aws-lambda-rie "$@" &
AWS_RUNTIME_PID=$!
cleanup() {
kill -TERM $AWS_RUNTIME_PID
wait $AWS_RUNTIME_PID
}
trap cleanup EXIT SIGINT SIGTERM

# invoke a test monitor run in a lambda monitor
MONITOR_ERROR=$(curl -w '\n' -X POST 'http://localhost:8080/2015-03-31/functions/function/invocations' -d '{}')
MONITOR_ERROR=$(curl -s -w '\n' -X POST 'http://localhost:8080/2015-03-31/functions/function/invocations' -d '{}')

# If the result was null - then we succeeded!
if [ "${MONITOR_ERROR}" == "null" ]; then
Expand All @@ -19,4 +28,3 @@ else
echo "${MONITOR_ERROR}" | jq >&2
fi
exit 1

0 comments on commit 438a285

Please sign in to comment.