yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test: dashbaord api ct failed

This commit is contained in:
zhongwencool 2023-06-26 10:09:33 +08:00
parent e26c30ff0c
commit 82ea9e5a04
6 changed files with 30 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/emqx_dashboard/src/emqx_dashboard_listener.erl
View File

@ -174,17 +174,20 @@ diff_listeners(Type, Stop, Start) -> {#{Type => Stop}, #{Type => Start}}.
-define(DIR, <<"dashboard">>). -define(DIR, <<"dashboard">>).
ensure_ssl_cert(#{<<"listeners">> := #{<<"https">> := #{<<"bind">> := Bind}}} = Conf) when ensure_ssl_cert(#{<<"listeners">> := #{<<"https">> := #{<<"bind">> := Bind} = Https0}} = Conf0) when
Bind =/= 0 Bind =/= 0
-> ->
Keys = [<<"listeners">>, <<"https">>, <<"ssl_options">>], Https1 = emqx_dashboard_schema:https_converter(Https0, #{}),
Ssl = emqx_utils_maps:deep_get(Keys, Conf, undefined), Conf1 = emqx_utils_maps:deep_put([<<"listeners">>, <<"https">>], Conf0, Https1),
io:format("111~p~n", [Conf1]),
Ssl = maps:get(<<"ssl_options">>, Https1, undefined),
Opts = #{required_keys => [[<<"keyfile">>], [<<"certfile">>], [<<"cacertfile">>]]}, Opts = #{required_keys => [[<<"keyfile">>], [<<"certfile">>], [<<"cacertfile">>]]},
case emqx_tls_lib:ensure_ssl_files(?DIR, Ssl, Opts) of case emqx_tls_lib:ensure_ssl_files(?DIR, Ssl, Opts) of
{ok, undefined} -> {ok, undefined} ->
{error, <<"ssl_cert_not_found">>}; {error, <<"ssl_cert_not_found">>};
{ok, NewSsl} -> {ok, NewSsl} ->
{ok, emqx_utils_maps:deep_put(Keys, Conf, NewSsl)}; Keys = [<<"listeners">>, <<"https">>, <<"ssl_options">>],
{ok, emqx_utils_maps:deep_put(Keys, Conf1, NewSsl)};
{error, Reason} -> {error, Reason} ->
?SLOG(error, Reason#{msg => "bad_ssl_config"}), ?SLOG(error, Reason#{msg => "bad_ssl_config"}),
{error, Reason} {error, Reason}

1
apps/emqx_dashboard/src/emqx_dashboard_schema.erl
View File

@ -112,6 +112,7 @@ ssl_options() ->
?R_REF("ssl_options"), ?R_REF("ssl_options"),
#{ #{
required => true, required => true,
desc => ?DESC(ssl_options),
importance => ?IMPORTANCE_HIGH importance => ?IMPORTANCE_HIGH
} }
)}. )}.

25
apps/emqx_management/test/emqx_mgmt_api_configs_SUITE.erl
View File

@ -222,11 +222,13 @@ t_dashboard(_Config) ->
), ),
Https2 = #{ Https2 = #{
enable => true, <<"bind">> => 18084,
bind => 18084, <<"ssl_options">> =>
keyfile => "etc/certs/badkey.pem", #{
cacertfile => "etc/certs/badcacert.pem", <<"keyfile">> => "etc/certs/badkey.pem",
certfile => "etc/certs/badcert.pem" <<"cacertfile">> => "etc/certs/badcacert.pem",
<<"certfile">> => "etc/certs/badcert.pem"
}
}, },
Dashboard2 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => Https2}}, Dashboard2 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => Https2}},
?assertMatch( ?assertMatch(
@ -240,20 +242,21 @@ t_dashboard(_Config) ->
emqx, filename:join(["etc", "certs", "cacert.pem"]) emqx, filename:join(["etc", "certs", "cacert.pem"])
), ),
Https3 = #{ Https3 = #{
<<"enable">> => true,
<<"bind">> => 18084, <<"bind">> => 18084,
<<"keyfile">> => list_to_binary(KeyFile), <<"ssl_options">> => #{
<<"cacertfile">> => list_to_binary(CacertFile), <<"keyfile">> => list_to_binary(KeyFile),
<<"certfile">> => list_to_binary(CertFile) <<"cacertfile">> => list_to_binary(CacertFile),
<<"certfile">> => list_to_binary(CertFile)
}
}, },
Dashboard3 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => Https3}}, Dashboard3 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => Https3}},
?assertMatch({ok, _}, update_config("dashboard", Dashboard3)), ?assertMatch({ok, _}, update_config("dashboard", Dashboard3)),
Dashboard4 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => #{<<"enable">> => false}}}, Dashboard4 = Dashboard#{<<"listeners">> => Listeners#{<<"https">> => #{<<"bind">> => 0}}},
?assertMatch({ok, _}, update_config("dashboard", Dashboard4)), ?assertMatch({ok, _}, update_config("dashboard", Dashboard4)),
{ok, Dashboard41} = get_config("dashboard"), {ok, Dashboard41} = get_config("dashboard"),
?assertEqual( ?assertEqual(
Https3#{<<"enable">> => false}, Https3#{<<"bind">> => 0},
read_conf([<<"dashboard">>, <<"listeners">>, <<"https">>]), read_conf([<<"dashboard">>, <<"listeners">>, <<"https">>]),
Dashboard41 Dashboard41
), ),

1
changes/ce/feat-11137.en.md Normal file
View File

@ -0,0 +1 @@
Refactors the dashboard listener configuration to use a nested `ssl_options` field for ssl settings.

6
rel/i18n/emqx_dashboard_schema.hocon
View File

@ -138,4 +138,10 @@ token_expired_time.desc:
token_expired_time.label: token_expired_time.label:
"""Token expired time""" """Token expired time"""
ssl_options.desc:
"""SSL/TLS options for the dashboard listener."""
ssl_options.label:
"""SSL options"""
} }

2
scripts/conf-test/run.sh
View File

@ -23,7 +23,7 @@ function check_dashboard_https_ssl_options_depth() {
start_emqx_with_conf() { start_emqx_with_conf() {
echo "Starting $PROFILE with $1" echo "Starting $PROFILE with $1"
"$EMQX_ROOT"/bin/emqx start "$EMQX_ROOT"/bin/emqx start
check_dashboard_https_ssl_options_depth $1 check_dashboard_https_ssl_options_depth "$1"
"$EMQX_ROOT"/bin/emqx stop "$EMQX_ROOT"/bin/emqx stop
} }