Add flags to configure secure connection client certificate

internal/feature.go

@@ -45,6 +45,7 @@ type ScriptBasedSoftwareUpdatableConfig struct {
 	FeatureID       string
 	ModuleType      string
 	ArtifactType    string
+	ServerCert      string
 	InstallCommand  command
 }
 
@@ -57,6 +58,7 @@ type ScriptBasedSoftwareUpdatable struct {
 	dittoClient    *ditto.Client
 	mqttClient     MQTT.Client
 	artifactType   string
+	serverCert     string
 	installCommand *command
 }
 
@@ -75,6 +77,7 @@ func NewScriptBasedSU(scriptSUPConfig *ScriptBasedSoftwareUpdatableConfig) (*Scr
 		store: localStorage,
 		// Build install script command
 		installCommand: &scriptSUPConfig.InstallCommand,
+		serverCert:     scriptSUPConfig.ServerCert,
 		// Define the module artifact(s) type: archive or plane
 		artifactType: scriptSUPConfig.ArtifactType,
 		// Create queue with size 10

internal/feature_download.go

@@ -123,7 +123,7 @@ Started:
 Downloading:
 	if opError = f.store.DownloadModule(toDir, module, func(percent int) {
 		setLastOS(su, newOS(cid, module, hawkbit.StatusDownloading).WithProgress(percent))
-	}); opError != nil {
+	}, f.serverCert); opError != nil {
 		opErrorMsg = errDownload
 		return opError == storage.ErrCancel
 	}

internal/feature_install.go

@@ -130,7 +130,7 @@ Started:
 Downloading:
 	if opError = f.store.DownloadModule(dir, module, func(progress int) {
 		setLastOS(su, newOS(cid, module, hawkbit.StatusDownloading).WithProgress(progress))
-	}); opError != nil {
+	}, f.serverCert); opError != nil {
 		opErrorMsg = errDownload
 		return opError == storage.ErrCancel
 	}

internal/feature_test.go

@@ -21,8 +21,11 @@ import (
 )
 
 const (
-	testDirFeature  = "_tmp-feature"
-	testDefaultHost = ":12345"
+	testDirFeature        = "_tmp-feature"
+	testDefaultHost       = ":12345"
+	testDefaultHostSecure = ":12346"
+	testCert              = "storage/testdata/valid_cert.pem"
+	testKey               = "storage/testdata/valid_key.pem"
 )
 
 // TestScriptBasedConstructor tests NewScriptBasedSU with wrong broker URL.
@@ -81,7 +84,7 @@ func TestScriptBasedInitLoadDependencies(t *testing.T) {
 
 	// 1. Try to init a new ScriptBasedSoftwareUpdatable with error for loading install dependencies
 	_, _, err := mockScriptBasedSoftwareUpdatable(t, &testConfig{
-		clientConnected: true, storageLocation: dir, featureID: defaultFeatureID})
+		clientConnected: true, storageLocation: dir, featureID: getDefaultFlagValue(flagFeatureID)})
 	if err == nil {
 		t.Fatalf("expected to fail when mandatory field is missing in insalled dept file")
 	}
@@ -96,7 +99,7 @@ func TestScriptBasedInit(t *testing.T) {
 
 	// 1. Try to init a new ScriptBasedSoftwareUpdatable with error for not connected client
 	_, _, err := mockScriptBasedSoftwareUpdatable(t, &testConfig{
-		clientConnected: false, storageLocation: dir, featureID: defaultFeatureID})
+		clientConnected: false, storageLocation: dir, featureID: getDefaultFlagValue(flagFeatureID)})
 	if err == nil {
 		t.Fatal("Ditto Client shall not be connected!")
 	}
@@ -111,23 +114,33 @@ func TestScriptBasedCore(t *testing.T) {
 	defer os.RemoveAll(dir)
 
 	// Prepare/Close simple HTTP server used to host testing artifacts
-	w := host(testDefaultHost, t).addInstallScript()
+	w := host(testDefaultHost, "", "", t).addInstallScript()
 	defer w.close()
 
+	wSecure := host(testDefaultHostSecure, testCert, testKey, t).addInstallScript()
+	defer wSecure.close()
+
 	// 1. Try to init a new ScriptBasedSoftwareUpdatable.
 	feature, mc, err := mockScriptBasedSoftwareUpdatable(t, &testConfig{
-		clientConnected: true, featureID: defaultFeatureID, storageLocation: dir})
+		clientConnected: true, featureID: getDefaultFlagValue(flagFeatureID), storageLocation: dir})
 	if err != nil {
 		t.Fatalf("failed to initialize ScriptBasedSoftwareUpdatable: %v", err)
 	}
 	defer feature.Disconnect()
 
+	testDownloadInstall(feature, mc, w.getSoftwareArtifacts(false, "install"), t)
+
+	feature.serverCert = testCert
+	testDownloadInstall(feature, mc, wSecure.getSoftwareArtifacts(true, "install"), t)
+}
+
+func testDownloadInstall(feature *ScriptBasedSoftwareUpdatable, mc *mockedClient, artifacts []*hawkbit.SoftwareArtifactAction, t *testing.T) {
 	// Preapare simple software update action.
 	sua := &hawkbit.SoftwareUpdateAction{
 		CorrelationID: "test-correlation-id",
 		SoftwareModules: []*hawkbit.SoftwareModuleAction{{
 			SoftwareModule: &hawkbit.SoftwareModuleID{Name: "test", Version: "1.0.0"},
-			Artifacts:      w.getSoftwareArtifacts("install"),
+			Artifacts:      artifacts,
 			Metadata:       map[string]string{"artifact-type": "plane"},
 		}},
 	}