Skip to content
This repository has been archived by the owner on May 15, 2024. It is now read-only.

Commit

Permalink
feat(oneAppRunner): mount NODE_EXTRA_CA_CERTS cert (#225)
Browse files Browse the repository at this point in the history
  • Loading branch information
@JAdshead
JAdshead authored Feb 23, 2021
1 parent a943d2d commit fdf1f42
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 15 deletions.
10 changes: 7 additions & 3 deletions packages/one-app-runner/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@ Or in `package.json`

### docker-network-to-join [Optional]

Connect the One App container to a network. The value gets passed to the [docker flag](https://docs.docker.com/network/bridge/) `--network`
Connect the One App container to a network. The value gets passed to the [docker flag](https://docs.docker.com/network/bridge/) `--network`

Sample usage:

Expand Down Expand Up @@ -378,6 +378,10 @@ Or in `package.json`
}
```

#### NODE_EXTRA_CA_CERTS

If `NODE_EXTRA_CA_CERTS` is set, either through the `envVars` option or as an environment variable, it will be mounted and passed to the One App docker container.

## Proxy Support

`one-app-runner` respects the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables and passes them down to the One App docker container.
Expand Down Expand Up @@ -412,14 +416,14 @@ This option is useful to run a test suite against the running One App container.

This command generates random ports and values for the following environment variables:

``` bash
``` bash
HTTP_PORT
HTTP_ONE_APP_DEV_CDN_PORT
HTTP_ONE_APP_DEV_PROXY_SERVER_PORT
HTTP_METRICS_PORT
NETWORK_NAME
```

It stores them in a `.env` file to be shared across the test environments and **one-app-runner**
It stores them in a `.env` file to be shared across the test environments and **one-app-runner**

This command should be executed before starting `one-app-runner-test`
26 changes: 15 additions & 11 deletions packages/one-app-runner/__tests__/src/__snapshots__/startApp.spec.js.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

exports[`startApp Displays an error if createNetwork fails: create network calls 1`] = `[Error: Error creating network]`;

exports[`startApp Passes the container name to the docker --name flag 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development --name=one-app-at-test -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp Passes the container name to the docker --name flag 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development --name=one-app-at-test -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp bypasses docker pull when the offline flag is passed 1`] = `" docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp bypasses docker pull when the offline flag is passed 1`] = `" docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp creates a docker network when the flag is provided: create network calls 1`] = `
Array [
Expand All @@ -16,24 +16,28 @@ Array [
]
`;

exports[`startApp mounts and serves modules in docker run if module paths are provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a -v /path/to-module-b:/opt/module-workspace/to-module-b one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a &&npm run serve-module /opt/module-workspace/to-module-b && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp forwards NODE_EXTRA_CA_CERTS from process.env 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /process/env/location/extra_certs.pem:/opt/certs.pem -e NODE_EXTRA_CA_CERTS='/opt/certs.pem' one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp mounts and serves modules in docker run if module paths are provided and moduleMapUrl is not 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a -v /path/to-module-b:/opt/module-workspace/to-module-b one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a &&npm run serve-module /opt/module-workspace/to-module-b && node lib/server/index.js --root-module-name=frank-lloyd-root \\""`;
exports[`startApp mounts and serves modules in docker run if module paths are provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a -v /path/to-module-b:/opt/module-workspace/to-module-b one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a &&npm run serve-module /opt/module-workspace/to-module-b && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp pulls one app docker image and starts one app 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp mounts and serves modules in docker run if module paths are provided and moduleMapUrl is not 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a -v /path/to-module-b:/opt/module-workspace/to-module-b one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a &&npm run serve-module /opt/module-workspace/to-module-b && node lib/server/index.js --root-module-name=frank-lloyd-root \\""`;

exports[`startApp runs docker run with environment variables 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -e MY_VAR=123 one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp pulls one app docker image and starts one app 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp runs docker run with proxy environment variables if they are set on the users system 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 9000:9000 -p 9001:9001 -p 9002:9002 -p 9005:9005 -e NODE_ENV=development -e MY_VAR=123 -e HTTP_PROXY=\\"https://example.com/proxy\\" -e HTTPS_PROXY=\\"https://example.com/proxy\\" -e NO_PROXY=\\"localhost\\" -e HTTP_PORT=\\"9000\\" -e HTTP_ONE_APP_DEV_CDN_PORT=\\"9001\\" -e HTTP_ONE_APP_DEV_PROXY_SERVER_PORT=\\"9002\\" -e HTTP_METRICS_PORT=\\"9005\\" one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp runner configs envVar NODE_EXTRA_CA_CERTS has priority over process.env 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -e NODE_EXTRA_CA_CERTS=/envVar/location/cert.pem -v /envVar/location/cert.pem:/opt/certs.pem -e NODE_EXTRA_CA_CERTS='/opt/certs.pem' one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp runs set dev endpoints command in docker run if dev endpoints file is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && npm run set-dev-endpoints /opt/module-workspace/module-a/dev.endpoints.js && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp runs docker run with environment variables 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -e MY_VAR=123 one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp runs set middleware command and starts one app with mock flag in docker run if parrot middleware file is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && npm run set-middleware /opt/module-workspace/module-a/dev.middleware.js && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json -m \\""`;
exports[`startApp runs docker run with proxy environment variables if they are set on the users system 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 9000:9000 -p 9001:9001 -p 9002:9002 -p 9005:9005 -e NODE_ENV=development -e MY_VAR=123 -e HTTP_PROXY=\\"https://example.com/proxy\\" -e HTTPS_PROXY=\\"https://example.com/proxy\\" -e NO_PROXY=\\"localhost\\" -e HTTP_PORT=\\"9000\\" -e HTTP_ONE_APP_DEV_CDN_PORT=\\"9001\\" -e HTTP_ONE_APP_DEV_PROXY_SERVER_PORT=\\"9002\\" -e HTTP_METRICS_PORT=\\"9005\\" one-app:5.0.0 /bin/sh -c \\" node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp sets the network to join if the network name is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development --network=one-test-environment-1234 -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;
exports[`startApp runs set dev endpoints command in docker run if dev endpoints file is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && npm run set-dev-endpoints /opt/module-workspace/module-a/dev.endpoints.js && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp runs set middleware command and starts one app with mock flag in docker run if parrot middleware file is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && npm run set-middleware /opt/module-workspace/module-a/dev.middleware.js && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json -m \\""`;

exports[`startApp sets the network to join if the network name is provided 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development --network=one-test-environment-1234 -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json \\""`;

exports[`startApp should throw an error if createDockerNetwork is true but dockerNetworkToJoin is not provided: create network calls 1`] = `[Error: createDockerNetwork is true but dockerNetworkToJoin is undefined, please pass a valid network name]`;

exports[`startApp throws an error if command errors: onErrorFunction 1`] = `"Error running docker. Are you sure you have it installed? For installation and setup details see https://www.docker.com/products/docker-desktop"`;

exports[`startApp uses host instead of localhost when the useHost flag is passed 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json --use-host\\""`;
exports[`startApp uses host instead of localhost when the useHost flag is passed 1`] = `"docker pull one-app:5.0.0 && docker run -t -p 3000:3000 -p 3001:3001 -p 3002:3002 -p 3005:3005 -e NODE_ENV=development -v /path/to/module-a:/opt/module-workspace/module-a one-app:5.0.0 /bin/sh -c \\"npm run serve-module /opt/module-workspace/module-a && node lib/server/index.js --root-module-name=frank-lloyd-root --module-map-url=https://example.com/module-map.json --use-host\\""`;
21 changes: 21 additions & 0 deletions packages/one-app-runner/__tests__/src/startApp.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ describe('startApp', () => {
delete process.env.HTTP_ONE_APP_DEV_CDN_PORT;
delete process.env.HTTP_ONE_APP_DEV_PROXY_SERVER_PORT;
delete process.env.HTTP_METRICS_PORT;
delete process.env.NODE_EXTRA_CA_CERTS;
jest.spyOn(process.stdout, 'write');
jest.spyOn(process.stderr, 'write');
jest.spyOn(require('fs'), 'createWriteStream');
Expand Down Expand Up @@ -220,4 +221,24 @@ describe('startApp', () => {
() => onErrorFunction()
).toThrowErrorMatchingSnapshot('onErrorFunction');
});

it('forwards NODE_EXTRA_CA_CERTS from process.env', () => {
process.env.NODE_EXTRA_CA_CERTS = '/process/env/location/extra_certs.pem';
const mockSpawn = require('mock-spawn')();
childProcess.spawn.mockImplementationOnce(mockSpawn);
startApp({
moduleMapUrl: 'https://example.com/module-map.json', rootModuleName: 'frank-lloyd-root', appDockerImage: 'one-app:5.0.0',
});
expect(mockSpawn.calls[0].command).toMatchSnapshot();
});

it('runner configs envVar NODE_EXTRA_CA_CERTS has priority over process.env', () => {
process.env.NODE_EXTRA_CA_CERTS = '/process/env/location/extra_certs.pem';
const mockSpawn = require('mock-spawn')();
childProcess.spawn.mockImplementationOnce(mockSpawn);
startApp({
moduleMapUrl: 'https://example.com/module-map.json', rootModuleName: 'frank-lloyd-root', appDockerImage: 'one-app:5.0.0', envVars: { NODE_EXTRA_CA_CERTS: '/envVar/location/cert.pem' },
});
expect(mockSpawn.calls[0].command).toMatchSnapshot();
});
});
11 changes: 10 additions & 1 deletion packages/one-app-runner/src/startApp.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,15 @@ module.exports = async function startApp({
return args;
};

const generateCaCertsCommands = (vars = {}) => {
const hostNodeExtraCaCerts = vars.NODE_EXTRA_CA_CERTS || process.env.NODE_EXTRA_CA_CERTS;
if (hostNodeExtraCaCerts) {
console.log('mounting host NODE_EXTRA_CA_CERTS');
return `-v ${hostNodeExtraCaCerts}:/opt/certs.pem -e NODE_EXTRA_CA_CERTS='/opt/certs.pem'`;
}
return '';
};

const generateSetMiddlewareCommand = (pathToMiddlewareFile) => {
if (pathToMiddlewareFile) {
const pathArray = pathToMiddlewareFile.split(path.sep);
Expand Down Expand Up @@ -122,7 +131,7 @@ module.exports = async function startApp({
const metricsPort = process.env.HTTP_METRICS_PORT || 3005;
const ports = `-p ${appPort}:${appPort} -p ${devCDNPort}:${devCDNPort} -p ${devProxyServerPort}:${devProxyServerPort} -p ${metricsPort}:${metricsPort}`;

const command = `${generatePullCommand()} docker run -t ${ports} -e NODE_ENV=development ${generateContainerNameFlag()} ${generateNetworkToJoin()} ${generateEnvironmentVariableArgs(envVars)} ${generateModuleMountsArgs(modulesToServe)} ${appDockerImage} /bin/sh -c "${generateServeModuleCommands(modulesToServe)} ${generateSetMiddlewareCommand(parrotMiddlewareFile)} ${generateSetDevEndpointsCommand(devEndpointsFile)} node lib/server/index.js --root-module-name=${rootModuleName} ${generateModuleMap()} ${generateUseMocksFlag(parrotMiddlewareFile)} ${generateUseHostFlag()}"`;
const command = `${generatePullCommand()} docker run -t ${ports} -e NODE_ENV=development ${generateContainerNameFlag()} ${generateNetworkToJoin()} ${generateEnvironmentVariableArgs(envVars)} ${generateModuleMountsArgs(modulesToServe)} ${generateCaCertsCommands(envVars)} ${appDockerImage} /bin/sh -c "${generateServeModuleCommands(modulesToServe)} ${generateSetMiddlewareCommand(parrotMiddlewareFile)} ${generateSetDevEndpointsCommand(devEndpointsFile)} node lib/server/index.js --root-module-name=${rootModuleName} ${generateModuleMap()} ${generateUseMocksFlag(parrotMiddlewareFile)} ${generateUseHostFlag()}"`;
const dockerProcess = spawn(command, { shell: true });
dockerProcess.on('error', () => {
throw new Error(
Expand Down

0 comments on commit fdf1f42

Please sign in to comment.