Add TLS support for proxytest #4745
Conversation
pchila
added
enhancement
|
This pull request does not have a backport label. Could you fix it @pchila? 🙏
NOTE: |
pchila
force-pushed
the
support-mTLS-in-proxytest
branch
from
c199b8e
to
81ebe66
Compare
|
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
pchila
requested review from
cmacknz and
blakerouse
and removed request for
rdner
testing/proxytest/proxytest.go
Outdated
| p.Server.Start() | ||
| u, err := url.Parse(p.URL) | ||
| if err != nil { | ||
| panic(fmt.Sprintf("could parse fleet-server URL: %v", err)) |
There was a problem hiding this comment.
Why not make this return an error and let the caller handle it?
There was a problem hiding this comment.
Originally the Start() and StartTLS() methods were not defined for the Proxy struct as it exposed the ones from *httptest.Server. It wasn't even used in tests as the server was created and started in one go.
Now that we are overriding those methods we can return what we want, will add a small commit for that
testing/proxytest/proxytest.go
Outdated
| p.Server.StartTLS() | ||
| u, err := url.Parse(p.URL) | ||
| if err != nil { | ||
| panic(fmt.Sprintf("could parse fleet-server URL: %v", err)) |
|
What does this PR do?
This PR introduces TLS configuration for
testing/proxytestin order to be able to configure mTLS.No TLS, basic TLS (certificate server-side, no client auth) and mTLS (certificates for both client and server, common trusted CA) are tested via unit tests
Why is it important?
testing/proxytestis going to be used to test (m)TLS proxy settings forelastic-agentChecklist
[ ] I have made corresponding changes to the documentation[ ] I have made corresponding change to the default configuration files[ ] I have added an entry in./changelog/fragmentsusing the changelog tool[ ] I have added an integration test or an E2E testDisruptive User Impact
How to test this PR locally
Related issues
testing/proxytestto support mTLS #4497Questions to ask yourself