-
Notifications
You must be signed in to change notification settings - Fork 2
153 lines (124 loc) · 5.03 KB
/
integration-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
name: Integration Tests
on:
pull_request:
workflow_call:
jobs:
integration-test-legacy:
name: Run Legacy Integration Tests
runs-on: [ self-hosted, linux, x64, large ]
steps:
- uses: actions/checkout@v2
- name: Build Aproxy Snap
id: snapcraft-build
uses: snapcore/action-build@v1
- name: Upload Aproxy Snap
uses: actions/upload-artifact@v3
with:
name: snap
path: aproxy*.snap
- name: Install Aproxy Snap
run: |
sudo snap install --dangerous aproxy_*_amd64.snap
- name: Configure Aproxy
run: |
sudo snap set aproxy proxy=squid.internal:3128 listen=:23403
sudo nft -f - << EOF
define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
table ip aproxy
flush table ip aproxy
table ip aproxy {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
}
chain output {
type nat hook output priority -100; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
}
}
EOF
- name: Test HTTP
run: |
curl --noproxy "*" http://example.com -svS -o /dev/null
- name: Test HTTPS
run: |
curl --noproxy "*" https://example.com -svS -o /dev/null
- name: Test Access Logs
run: |
sudo snap logs aproxy.aproxy
sudo snap logs aproxy.aproxy | grep -Fq "example.com:80"
sudo snap logs aproxy.aproxy | grep -Fq "example.com:443"
integration-test:
name: Run Integration Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install Tinyproxy
run: |
sudo apt update
sudo apt install tinyproxy -y
- name: Build Aproxy Snap
id: snapcraft-build
uses: snapcore/action-build@v1
- name: Upload Aproxy Snap
uses: actions/upload-artifact@v3
with:
name: snap
path: aproxy*.snap
- name: Install Aproxy Snap
run: |
sudo snap install --dangerous aproxy_*_amd64.snap
- name: Configure Aproxy
run: |
sudo snap connect aproxy:network-control
sudo snap set aproxy fwmark=7316 listen=:23403
sudo nft -f - << EOF
define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
table ip aproxy
flush table ip aproxy
table ip aproxy {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
mark != 7316 ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
}
chain output {
type nat hook output priority -100; policy accept;
mark != 7316 ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
}
}
EOF
- name: Test Passthrough HTTP
run: |
curl --noproxy "*" http://www.example.com -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "passthrough.*host=www.example.com"
- name: Test Passthrough HTTPS
run: |
curl --noproxy "*" https://example.com -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "passthrough.*host=example.com"
- name: Set HTTP Proxy
run: |
sudo snap set aproxy http.proxy=http://localhost:8888
- name: Test Proxy HTTP
run: |
curl --noproxy "*" http://www.example.net -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "http.*proxy.*host=www.example.net"
- name: Test Passthrough HTTPS
run: |
curl --noproxy "*" https://example.net -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "tls.*proxy.*host=example.net"
- name: Set HTTPS Proxy
run: |
sudo snap set aproxy https.proxy=http://localhost:8888
- name: Test Proxy HTTP
run: |
curl --noproxy "*" http://www.example.org -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "http.*proxy.*host=www.example.org"
- name: Test Proxy HTTPS
run: |
curl --noproxy "*" https://example.org -svS -o /dev/null
sudo snap logs aproxy.aproxy -n 1 | grep -qi "tls.*proxy.*host=example.org"
- name: Print Aproxy Logs
if: always()
run: sudo snap logs aproxy -n all