Skip to content

Latest commit

 

History

History
66 lines (56 loc) · 4.77 KB

readme.md

File metadata and controls

66 lines (56 loc) · 4.77 KB
Raw

Http To Grpc Proxy - POC

Solution intended to intercept communication with external services in integration tests.

Problem

Predictable and isolated integration testing of application like in diagram is complicated. usual flow

Solution

In the following diagram HttpToGrpcMock is service hosted in docker compose with external.service.one and external.service.two names assigned to it. Edge services will have those URL's resolved to proxy service and no communication to external world will happen at this point.

proxy flow

Sequence diagram may explain better how everyting works: test_flow

Runing in docker compose and docker build

Self signed certificates to show how proxy works with https have been added to repo. Steps 1 - 5 are described here for self reference only

1. Generate self signed certificate:

New-SelfSignedCertificate -NotBefore (Get-Date) `
                          -NotAfter (Get-Date).AddYears(10) `
                          -Subject "second.example.com" `
                          -KeyAlgorithm "RSA" `
                          -KeyLength 2048 `
                          -HashAlgorithm "SHA256" `
                          -CertStoreLocation "cert:\CurrentUser\My" `
                          -KeyUsage KeyEncipherment `
                          -FriendlyName "second.example.com certificate for sample integration tests" `
                          -TextExtension @("2.5.29.19={critical}{text}","2.5.29.37={critical}{text}1.3.6.1.5.5.7.3.1","2.5.29.17={critical}{text}DNS=second.example.com")

2. Export certificate to file system:

$password = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Get-ChildItem -Path cert:\CurrentUser\My\< thumbprint > | Export-PfxCertificate -FilePath "< DockerComposeTests directory >\second.example.com.pfx" -Password $password

3. Export certificate to be trusted in linux:

$certificate = Get-ChildItem -Path "cert:\CurrentUser\My\< thumbprint >
$base64certificate = @"
-----BEGIN CERTIFICATE-----
$([Convert]::ToBase64String($certificate.Export('Cert'), [System.Base64FormattingOptions]::InsertLineBreaks))
-----END CERTIFICATE-----
"@
Set-Content -Path "< DockerComposeTests directory >\second.example.com.cer" -Value $base64certificate

4. Trust self signed certificate in client docker container (in last build step):

COPY ./second.example.com.cer ./second.example.com.crt
RUN cat ./second.example.com.crt >> /etc/ssl/certs/ca-certificates.crt

5. Pass .pfx (private and public) certificates to proxy container as shown in docker-compose.yml example

6. Build and start proxy and test app (which will be trying to call external urls)

docker compose -f .\DockerComposeTests\docker-compose-services.yml -f .\DockerComposeTests\docker-compose-proxy.yml build
docker compose -f .\DockerComposeTests\docker-compose-services.yml -f .\DockerComposeTests\docker-compose-proxy.yml -d up

7. Run tests in docker build

docker build -o . -f ./DockerComposeTests/TestApp.Tests/Dockerfile --build-arg CACHEBUST=$(date) .

Tests result xml file will be copied out of container into ./test_results folder