feat(web): Support TLS encryption (#322)

* Basic setup to serve HTTPS * Correctly handle the case of missing TLS configs * Documenting TLS * Refactor TLS configuration setup * Add TLS Encryption section again to README * Extending TOC in README * Moving TLS settings to subsection of web settings * Adding tests for config/web * Add test for handling TLS * Rename some variables as suggested * Corrected error formatting * Update test module import * Polishing the readme file * Error handling for TLSConfig() --------- Co-authored-by: TwiN <twin@linux.com>
2023-04-22 18:12:56 +02:00
parent 0bd0c1fd15
commit a05daeda2e
6 changed files with 241 additions and 27 deletions
--- a/config/web/web_test.go
+++ b/config/web/web_test.go
@ -2,6 +2,8 @@ package web

 import (
 	"testing"
+
+	"github.com/TwiN/gatus/v5/test"
 )

 func TestGetDefaultConfig(t *testing.T) {
@ -12,6 +14,9 @@ func TestGetDefaultConfig(t *testing.T) {
 	if defaultConfig.Address != DefaultAddress {
 		t.Error("expected default config to have the default address")
 	}
+	if defaultConfig.Tls != (TLSConfig{}) {
+		t.Error("expected default config to have TLS disabled")
+	}
 }

 func TestConfig_ValidateAndSetDefaults(t *testing.T) {
@ -63,3 +68,43 @@ func TestConfig_SocketAddress(t *testing.T) {
 		t.Errorf("expected %s, got %s", "0.0.0.0:8081", web.SocketAddress())
 	}
 }
+
+func TestConfig_TLSConfig(t *testing.T) {
+	privateKeyPath, publicKeyPath := test.UnsafeSelfSignedCertificates(t.TempDir())
+
+	scenarios := []struct {
+		name        string
+		cfg         *Config
+		expectedErr bool
+	}{
+		{
+			name:        "including TLS",
+			cfg:         &Config{Tls: (TLSConfig{CertificateFile: publicKeyPath, PrivateKeyFile: privateKeyPath})},
+			expectedErr: false,
+		},
+		{
+			name:        "TLS with missing crt file",
+			cfg:         &Config{Tls: (TLSConfig{CertificateFile: "doesnotexist", PrivateKeyFile: privateKeyPath})},
+			expectedErr: true,
+		},
+		{
+			name:        "TLS with missing key file",
+			cfg:         &Config{Tls: (TLSConfig{CertificateFile: publicKeyPath, PrivateKeyFile: "doesnotexist"})},
+			expectedErr: true,
+		},
+	}
+	for _, scenario := range scenarios {
+		t.Run(scenario.name, func(t *testing.T) {
+			cfg, err := scenario.cfg.TLSConfig()
+			if (err != nil) != scenario.expectedErr {
+				t.Errorf("expected the existence of an error to be %v, got %v", scenario.expectedErr, err)
+				return
+			}
+			if !scenario.expectedErr {
+				if cfg == nil {
+					t.Error("TLS configuration was not correctly loaded although no error was returned")
+				}
+			}
+		})
+	}
+}