Skip to content

Commit

Permalink
Add tests to ssl and clean up errors
Browse files Browse the repository at this point in the history
  • Loading branch information
lkysow committed Jan 23, 2018
1 parent bd682bf commit 98a11cb
Show file tree
Hide file tree
Showing 3 changed files with 60 additions and 10 deletions.
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -481,7 +481,9 @@ However, if you were to lose the data, all you would need to do is run `atlantis

**Q: How to add SSL to Atlantis server?**

A: Pass the `--ssl` option to enable SSL for incoming connections. You will need to get a trusted certificate and pass it into Atlantis server with the `--ssl-key-file` and `--ssl-cert-file` options.
A: First, you'll need to get a public/private key pair to serve over SSL.
These need to be in a directory accessible by Atlantis. Then start `atlantis server` with the `--ssl-cert-file` and `--ssl-key-file` flags.
See `atlantis server --help` for more information.


## Contributing
Expand Down
14 changes: 5 additions & 9 deletions cmd/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -260,23 +260,19 @@ func (s *ServerCmd) validate(config server.Config) error {
}

if (config.SSLKeyFile == "") != (config.SSLCertFile == "") {
return fmt.Errorf("%s and %s are required for ssl", SSLKeyFileFlag, SSLCertFileFlag)
return fmt.Errorf("--%s and --%s are both required for ssl", SSLKeyFileFlag, SSLCertFileFlag)
}

// The following combinations are valid.
// 1. github user and token
// 2. gitlab user and token
// 1. github user and token set
// 2. gitlab user and token set
// 3. all 4 set
// We validate using contradiction (I think).
vcsErr := fmt.Errorf("--%s/--%s or --%s/--%s must be set", GHUserFlag, GHTokenFlag, GitlabUserFlag, GitlabTokenFlag)
if config.GithubUser != "" && config.GithubToken == "" || config.GithubToken != "" && config.GithubUser == "" {
return vcsErr
}
if config.GitlabUser != "" && config.GitlabToken == "" || config.GitlabToken != "" && config.GitlabUser == "" {
if ((config.GithubUser == "") != (config.GithubToken == "")) || ((config.GitlabUser == "") != (config.GitlabToken == "")) {
return vcsErr
}
// At this point, we know that there can't be a single user/token without
// its pair, but we haven't checked if any user/token is set at all.
// its partner, but we haven't checked if any user/token is set at all.
if config.GithubUser == "" && config.GitlabUser == "" {
return vcsErr
}
Expand Down
52 changes: 52 additions & 0 deletions cmd/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,58 @@ func TestExecute_ValidateLogLevel(t *testing.T) {
Equals(t, "invalid log level: not one of debug, info, warn, error", err.Error())
}

func TestExecute_ValidateSSLConfig(t *testing.T) {
expErr := "ssl-key-file and ssl-cert-file are required for ssl"
cases := []struct {
description string
flags map[string]interface{}
expectError bool
}{
{
"neither option set",
make(map[string]interface{}),
false,
},
{
"just ssl-key-file set",
map[string]interface{}{
cmd.SSLKeyFileFlag: "file",
},
true,
},
{
"just ssl-cert-file set",
map[string]interface{}{
cmd.SSLCertFileFlag: "flag",
},
true,
},
{
"both flags set",
map[string]interface{}{
cmd.SSLCertFileFlag: "cert",
cmd.SSLKeyFileFlag: "key",
},
false,
},
}
for _, testCase := range cases {
t.Log("Should validate ssl config when " + testCase.description)
// Add in required flags.
testCase.flags[cmd.GHUserFlag] = "user"
testCase.flags[cmd.GHTokenFlag] = "token"

c := setup(testCase.flags)
err := c.Execute()
if testCase.expectError {
Assert(t, err != nil, "should be an error")
Equals(t, expErr, err.Error())
} else {
Ok(t, err)
}
}
}

func TestExecute_ValidateVCSConfig(t *testing.T) {
expErr := "--gh-user/--gh-token or --gitlab-user/--gitlab-token must be set"
cases := []struct {
Expand Down

0 comments on commit 98a11cb

Please sign in to comment.