Integration: add proxy test for all platforms

go.mod

@@ -20,6 +20,7 @@ require (
 	github.com/cucumber/godog v0.12.5
 	github.com/cucumber/messages-go/v10 v10.0.3
 	github.com/docker/go-units v0.5.0
+	github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819
 	github.com/gorilla/handlers v1.5.1
 	github.com/h2non/filetype v1.1.3
 	github.com/hectane/go-acl v0.0.0-20230122075934-ca0b05cb1adb

go.sum

@@ -174,6 +174,10 @@ github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD
 github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
 github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
 github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
+github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0=
+github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
+github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2 h1:dWB6v3RcOy03t/bUadywsbyrQwCqZeNIEX6M1OtSZOM=
+github.com/elazarl/goproxy/ext v0.0.0-20190711103511-473e67f1d7d2/go.mod h1:gNh8nYJoAm43RfaxurUnxr+N1PwuFV3ZMl/efxlIlY8=
 github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw=
 github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
@@ -647,6 +651,7 @@ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ
 github.com/rivo/uniseg v0.4.3 h1:utMvzDsuh3suAEnhH0RdHmoPbU648o6CvXxTx4SBMOw=
 github.com/rivo/uniseg v0.4.3/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
+github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc=
 github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=

test/extended/util/proxy.go

@@ -0,0 +1,76 @@
+package util
+
+import (
+	"crypto/tls"
+	"crypto/x509"
+	_ "embed" // blanks are good
+	"flag"
+	"net/http"
+	"os"
+	"path/filepath"
+	"regexp"
+
+	"github.com/elazarl/goproxy"
+	log "github.com/sirupsen/logrus"
+)
+
+//go:embed rootCA.crt
+var caCert []byte
+
+//go:embed rootCA.key
+var caKey []byte
+
+var CACertTempLocation string
+
+func setCA() error {
+
+	certLocation, err := WriteTempFile(string(caCert), "rootCA.crt")
+	if err != nil {
+		return err
+	}
+	CACertTempLocation = certLocation
+
+	myCa, err := tls.X509KeyPair(caCert, caKey)
+	if err != nil {
+		return err
+	}
+	if myCa.Leaf, err = x509.ParseCertificate(myCa.Certificate[0]); err != nil {
+		return err
+	}
+	goproxy.GoproxyCa = myCa
+	goproxy.OkConnect = &goproxy.ConnectAction{Action: goproxy.ConnectAccept, TLSConfig: goproxy.TLSConfigFromCA(&myCa)}
+	goproxy.MitmConnect = &goproxy.ConnectAction{Action: goproxy.ConnectMitm, TLSConfig: goproxy.TLSConfigFromCA(&myCa)}
+	goproxy.HTTPMitmConnect = &goproxy.ConnectAction{Action: goproxy.ConnectHTTPMitm, TLSConfig: goproxy.TLSConfigFromCA(&myCa)}
+	goproxy.RejectConnect = &goproxy.ConnectAction{Action: goproxy.ConnectReject, TLSConfig: goproxy.TLSConfigFromCA(&myCa)}
+	return nil
+}
+
+func RunProxy() {
+
+	err := setCA()
+	if err != nil {
+		log.Fatalf("error setting up the CA: %s", err)
+	}
+
+	proxy := goproxy.NewProxyHttpServer()
+	proxy.OnRequest(goproxy.ReqHostMatches(regexp.MustCompile("^.*$"))).HandleConnect(goproxy.AlwaysMitm)
+
+	logfile := filepath.Join("test", "integration", "out", "goproxylogfile.log")
+	f, err := os.OpenFile(logfile, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0666)
+	if err != nil {
+		log.Printf("error opening file: %v", err)
+	}
+	defer f.Close()
+
+	log.SetOutput(f)
+
+	verbose := flag.Bool("v", true, "should every proxy request be logged to stdout")
+	addr := flag.String("127.0.0.1", ":8888", "proxy listen address") // using network-mode=user
+	flag.Parse()
+	proxy.Verbose = *verbose
+	proxy.Logger = log.StandardLogger()
+	err = http.ListenAndServe(*addr, proxy) // #nosec G114
+	if err != nil {
+		log.Printf("error running proxy: %s", err)
+	}
+}

test/extended/util/rootCA.crt

@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFZzCCA0+gAwIBAgIUYUgBLfOW73bbhaqO+p3+9gFv1XMwDQYJKoZIhvcNAQEL
+BQAwMDERMA8GA1UEAwwIc3F1aWQgQ0ExCzAJBgNVBAYTAkZSMQ4wDAYDVQQHDAVQ
+YXJpczAeFw0yMzA1MDgxMDU2MjVaFw0yODEyMTUxMDU2MjVaMDAxETAPBgNVBAMM
+CHNxdWlkIENBMQswCQYDVQQGEwJGUjEOMAwGA1UEBwwFUGFyaXMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDfINY+pkT5DNQzcD6dngI49PlF3BurpSrE
+wLangjismHODNYzWpHzLoaifAG287g2v1D7SIGGmWImg5Ngon/ColZ2rJp/rFEdT
+b4joH7QZUA5LMnJMXq2Ox9FzXl5dmHmk+W114hZHXeeJ2k7j3GitpMvcpO+XSneP
+fpdl7QoBGyAPVOvgWp+UDr30RYVr5BeXk+KxGnTI4JfZVLY+oF+U0alB/j5wJz1E
+1OFBYqa/WSFB4FGkszvHSD4BjWPAAYU+SSjMCiIxlfMhm74b97erAEthsO55cM/4
+ROu6Jh0XWnyPIXu3EyhF9NaCvdwKevAH4MDEluM9keELX3YCTlkD2QezJSrTsrpD
+QPl06QnF8rHKPBGa2W9RFhIT7XjmhHhwsa9yCqChMD4/+VXS24o5bsdFrtI+/JdZ
+uiYtq0hh/9F3JzQFMwkKVLW8iryD+nelIiDzSjWgtqgZQMKMm92fKRrtbdo4huZB
+0/934EE30B0vlR9tXoPnhuf1PCm3JQVVmaqOchziw8cOx3rSOuaC4BWO37kbaXHM
+IYBesjgccgfEETFG5DzHWEFU9IKap413CeRuGi0srf15mi4mSCEIVCPOWaHt4Q7E
+nBW3WqgJ4s8b8iEMSv5Ru+bDLp+91OiLq2sqv4GY59A3zc45WUCVFF53ofttyG+P
+hBTvndBKjQIDAQABo3kwdzAdBgNVHQ4EFgQU+MoRa7I7dz89Od/IGKgmN6qPj0Iw
+HwYDVR0jBBgwFoAU+MoRa7I7dz89Od/IGKgmN6qPj0IwEgYDVR0TAQH/BAgwBgEB
+/wIBAzAOBgNVHQ8BAf8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMA0GCSqGSIb3
+DQEBCwUAA4ICAQDDSlx3jhFhfYmg/7erL6fulYjfyuXg7TfFVqx9D9V+vioLHGDW
+6HvxxafcUzc3KP3ErmpXpPwwOH0Xfn0qaI/iZUO4JXe3hV4o8jYgCmED8Jxdi7ck
+83jt9yoQzmNrRuUZ9lloLrc3hU0TYhUqGlehg7w1lUVrSv1ykaxSxLyI4YPDURi2
+wazbO6mU94l83lgHBISPRENw6s7/RyBOm2wdabrYGwzA8b/F7Z8gOlGh+LWiBmtG
+CHzTU8gnK5pvIBazTuL+Toysn615umPQxoCPp7sAjeNE6iL/AJ0ZvB2YCW9mZx47
++Hv5jMW9zAD2YqH3qMuhN3GxxXt+E4n+BwcK0xf+cK3wsOiHKDTOR6HRfQ5V/hPI
+MtHlWMWb3ej+KgKGiK07W1roKWbnSCmSfgQMZeEH07b/tu7VcLAzmMT1LVbgVliP
+d1SEgIjzIftA8VSlZvQCdGj80Dwe/nkurrC4SLA7hL6z9G7et62GgzwbgX7ivLSs
+uX0hRsssJ9Bj1seoIh6DBg8lTmJdf5AHsEdDOyzDGhWlWMvXvwYlKnRA7I5Z5mI2
+jZV0k921EcYRXKpvnyNvl8ASW/IzjoDrfcJZVlZwGuhB8Jo7uugLmy7/xwcbf904
+xc3Av5HNjV3N+5uZCAvoTqCBipLFZM5ioguE5IYBoTpR6IU3kJopbBTFAw==
+-----END CERTIFICATE-----

test/extended/util/rootCA.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDfINY+pkT5DNQz
+cD6dngI49PlF3BurpSrEwLangjismHODNYzWpHzLoaifAG287g2v1D7SIGGmWImg
+5Ngon/ColZ2rJp/rFEdTb4joH7QZUA5LMnJMXq2Ox9FzXl5dmHmk+W114hZHXeeJ
+2k7j3GitpMvcpO+XSnePfpdl7QoBGyAPVOvgWp+UDr30RYVr5BeXk+KxGnTI4JfZ
+VLY+oF+U0alB/j5wJz1E1OFBYqa/WSFB4FGkszvHSD4BjWPAAYU+SSjMCiIxlfMh
+m74b97erAEthsO55cM/4ROu6Jh0XWnyPIXu3EyhF9NaCvdwKevAH4MDEluM9keEL
+X3YCTlkD2QezJSrTsrpDQPl06QnF8rHKPBGa2W9RFhIT7XjmhHhwsa9yCqChMD4/
++VXS24o5bsdFrtI+/JdZuiYtq0hh/9F3JzQFMwkKVLW8iryD+nelIiDzSjWgtqgZ
+QMKMm92fKRrtbdo4huZB0/934EE30B0vlR9tXoPnhuf1PCm3JQVVmaqOchziw8cO
+x3rSOuaC4BWO37kbaXHMIYBesjgccgfEETFG5DzHWEFU9IKap413CeRuGi0srf15
+mi4mSCEIVCPOWaHt4Q7EnBW3WqgJ4s8b8iEMSv5Ru+bDLp+91OiLq2sqv4GY59A3
+zc45WUCVFF53ofttyG+PhBTvndBKjQIDAQABAoICAAZuRa565UxWQdFqX+uer7Vg
+3hmqLS6mbSlMMpd4/yrTnqn+mPILaJYH2+Ual+RqP1ZneW4Imo029QnVk/ihGh20
+aN2+GGgn5qGxemfSQ224AHQgs+mekEWoCFHZEO2FT6WLviC3z5ORUciH1F6TLih/
+B5Ry49LfmxA1glCLjePCmosb6UvHNjKICufSOcpbwbr6e1NGY2zyCCkD3NgeOtL+
+XfCgeWqLFE7PtzRGucPpt4sqAhW18rhHd+ix4K5FJ51yx1cQyF6B0gblxwtlpCis
+sqonSsrmOkrkqvSWVPVPhCfYkQkRkhy+CzwBE9Pw1MqCqvD04P9tHRLSVq4yADUN
+4+xxQz4MekRpdJH8S/ciFgo5haNHKpUdZmav5qZDlblNYcRy/PoP3gFJlSSaY0zT
+IwL7nU1vzQcMaqPdkCOSri4CBhnHFINhnNMLi8+uEFSh8BHuMP7Fog7sBjv4u7lw
+yhfw+ov8fV75CZpRZTV4HRcRbWg15zY8KEfeppzAa6NMd1opFli3iKlo91Fn1CmZ
+5mzW2Prv+8nHdR27m4Stt9kXgsOobWxtYXTCvrYMUb4IpFQnO0FWvZAVanUNA393
+xD/UfO5A7baDAx5PsEVMZ2aVOqokiQSYqhYtkFfjJD4sT18PReaxBqBctzHjw/uJ
+b/sdPfmaHeP8xGIwG3UxAoIBAQDj2fpfOnc1kWNLDslFZS59pM5bH73tH0cgmvMM
+b94vnmOJnjc+LG68LCzdgvKCgdRDiXhLvKhXACUU81LhpVL/rFw5eUm4WvqxQJIn
+xlYjvX0ijUPVlWLkRN1x5sS8g+vZOJtVW2tg3Q5POz8TPbuGQFzdE5D2fH5cVd+H
+Y1E/Y8CRo1z86/85t9pgbXWFYKo8DR0DO2/iFu6xwHA/eEgVXCoaVFMmjexBA9ky
+6DcjfmJl+QGQdxP6Yq3nsPzsCVjgfUQIcYKiif4kT57sWEQt3QXuJvp829DHi0lh
+Jdu3smbeB4NHCzDLvw0C6JqRhzdRNnwjFiWZnHOIeQiZGwlFAoIBAQD6sXufVP9w
+INNZMoLcmKEHJ6RQ0tpaF016vNk7NbDnOr9HOwT61sSrfqN2ZF5vUY3thzMzYhFK
+YarzcZGBGne5f29tv6NxVXj/qQfpLofCcN+zOLcT6QzsDI10qZa5MZqqam7GF7Xa
+vm/jeLRFonwKoNMw4LKNYQCTJ7XB/e9NA1E0k1cTlVh5xEMoildhe597e3rteskD
+HI1B/7JaorI+SN5WY3I2ejiFvQBNoq8vPk+0ERW4e5TrJDpRZXKelm8mhnNyldsC
+tTD9O+XboXpk9DYNNGlVLAp/B0NdlyR7etyZ26Q4hMcscjOfp3D5qbGZv5HLaivG
+tqIYKAE+zzypAoIBADQMqGg2l+LRyofr4ciLe5pSGp2wW5eebIYjP2BY8b2ZBg36
+6Y23YrhzsvALKNDtTYr8DVHnz+DH9LCbgRRwyswDGLI8Zb3KcrgpEvopEaZqc/p/
+oL5auNOCc7/AQrL5w9fEWZ+fGaFv/gPVeewwTvU1IMGT5aqY99ip+T0ZUAcWB3h9
+hBF267/IowciGhWU5m5/ZGBHpKBWMsLCPiIRnQ3cFvYayz/kbdLQST6a03W1Ok8n
+GddhjFvHTQi/Ypec7wOhOfhfzcLJmRe8ZIaDB1gexGsJ1nDNWh0rUWDy4AVPqLYR
+q0iAYu44P4Wpkx2pcNaJhsQRHBfCKJZFZ9Rp260CggEBALMXxiweidmt6a7oUeqM
+M0WsQUvoRktkKFrNvRb6lWWrZ2jYtgcJFTk64EY9D+XQymbtVluX7KhJu9nswTkN
+Eoj3jEBITtgxap6iP9+K+TukbXtYwhm8PRoJIak9Wkr1L/wcywRDfgxGTiKgYZD5
+sknZeOaLL6Omr8Vw8f0jjyhifUnlFKkN4UYkOqIkqqYereGGZlxvgljxtcx3ghAT
++OhcIFJw+vAGQojwa94KocJLbp9CMVU5HDscB3mM0uSOrdtE5AbxHaQCk3vlpaFQ
+6+JhQJgQYEuTifAT3UFoL4zzSdO0wM4LtUqAT3b4JNKHMzSWUe6S67ErWgON2M3p
+OPkCggEAa4tDhkIPea4l9wsmxvuz3h+J4HSAlOgL6lHlEnM8Mw6iBQh+nwHgcJbA
+DDoxumomA24KpmGeRT4Ok1yfyEaP3rFA/+S6e4ybu99jud22A/uZQ3yc6SpHER4l
+Wdf2mg95aGziH1JAuTXWQ2Cf4/JT69qNcWjHc6oGvrzijWMob5FS3K8OdETFlnV/
+7HhJ3MlQAcVOxl9XRixMl79ivuPYo7a5e5oJfjN9gssTgJM4/zmQL0Tl6tJ3p62y
+a+wmVvsQXSiWP+O93iwJPztW4MJCQqFEsQdvNXlWM59ZlhE03EVTMGEpyGeHqsoM
+H//KfO7DqxdcKnfNv3o67mtvY1EgUg==
+-----END PRIVATE KEY-----

test/extended/util/util.go

@@ -187,3 +187,14 @@ func GetBundlePath(preset preset.Preset) string {
 	return filepath.Join(CRCHome, "cache", bundle)
 
 }
+
+// WriteTempFile returns full path of the temp file it created, and an error
+func WriteTempFile(content string, name string) (string, error) {
+	tmpFile, err := os.CreateTemp("", name)
+	if err != nil {
+		return "", err
+	}
+	defer tmpFile.Close()
+	_, err = tmpFile.WriteString(content)
+	return tmpFile.Name(), err
+}

test/integration/proxy_test.go

@@ -0,0 +1,77 @@
+package test_test
+
+import (
+	"os/exec"
+
+	"github.com/crc-org/crc/test/extended/util"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("", Label("openshift-preset", "goproxy"), func() {
+
+	go util.RunProxy()
+
+	Describe("Behind proxy", func() {
+
+		networkMode := "user"
+		httpProxy := "http://127.0.0.1:8888"
+		httpsProxy := "http://127.0.0.1:8888"
+		noProxy := ".testing"
+
+		// Start goproxy
+
+		It("configure CRC", func() {
+			Expect(RunCRCExpectSuccess("config", "set", "network-mode", networkMode), ContainSubstring("Network mode"))
+			Expect(RunCRCExpectSuccess("config", "set", "http-proxy", httpProxy), ContainSubstring("Successfully configured http-proxy"))
+			Expect(RunCRCExpectSuccess("config", "set", "https-proxy", httpsProxy), ContainSubstring("Successfully configured https-proxy"))
+			Expect(RunCRCExpectSuccess("config", "set", "no-proxy", noProxy), ContainSubstring("Successfully configured no-proxy"))
+			Expect(RunCRCExpectSuccess("config", "set", "proxy-ca-file", util.CACertTempLocation), ContainSubstring("Successfully configured proxy-ca-file"))
+		})
+
+		It("setup CRC", func() {
+			if bundlePath == "" {
+				Expect(RunCRCExpectSuccess("setup")).To(ContainSubstring("Your system is correctly setup for using CRC"))
+			} else {
+				Expect(RunCRCExpectSuccess("setup", "-b", bundlePath)).To(ContainSubstring("Your system is correctly setup for using CRC"))
+			}
+		})
+
+		It("start CRC", func() {
+			// default values: "--memory", "9216", "--cpus", "4", "disk-size", "31"
+			if bundlePath == "" {
+				Expect(RunCRCExpectSuccess("start", "-p", pullSecretPath)).To(ContainSubstring("Started the OpenShift cluster"))
+			} else {
+				Expect(RunCRCExpectSuccess("start", "-b", bundlePath, "-p", pullSecretPath)).To(ContainSubstring("Started the OpenShift cluster"))
+			}
+		})
+
+		It("login to cluster using crc-admin context", func() {
+
+			err := AddOCToPath()
+			Expect(err).NotTo(HaveOccurred())
+
+			cmd := exec.Command("oc", "config", "use-context", "crc-admin")
+			err = cmd.Run()
+			Expect(err).NotTo(HaveOccurred())
+
+			cmd = exec.Command("oc", "whoami")
+			out, err := cmd.Output()
+			Expect(err).NotTo(HaveOccurred())
+			Expect(string(out)).To(ContainSubstring("kubeadmin"))
+
+			cmd = exec.Command("oc", "get", "co")
+			err = cmd.Run()
+			Expect(err).NotTo(HaveOccurred())
+		})
+
+		It("stop CRC", func() {
+			Expect(RunCRCExpectSuccess("stop", "-f")).To(MatchRegexp("[Ss]topped the instance"))
+		})
+
+		It("cleanup CRC", func() {
+			Expect(RunCRCExpectSuccess("cleanup")).To(MatchRegexp("Cleanup finished"))
+		})
+
+	})
+})