test(redis): Add test for ACL connection

julienloizelet · julienloizelet · commit e25f13a8760b · 2024-12-13T15:46:15.000+09:00
diff --git a/.github/workflows/end-to-end-auto-prepend-test-suite.yml b/.github/workflows/end-to-end-auto-prepend-test-suite.yml
@@ -229,6 +229,21 @@ jobs:
           test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
           file_path: 12-appsec-timeout.js
 
+      - name: Prepare Redis ACL tests
+        run: |
+          ddev exec -s crowdsec tc qdisc del dev eth0 root netem
+          # Allow ACL tests
+          echo "requirepass ddev" >> .ddev/redis/redis.conf
+          echo "user redis_user allcommands allkeys on >redis_password" >> .ddev/redis/redis.conf
+          docker restart ddev-${{ env.WP_VERSION_CODE }}-redis
+
+      - name: Run Redis ACL tests
+        uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
+        with:
+          test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
+          file_path:
+            13-redis-acl.js
+
       - name: Check tested version
         run: |
           CURRENT_VERSION=$(ddev wp core version)
diff --git a/.github/workflows/end-to-end-multisite.yml b/.github/workflows/end-to-end-multisite.yml
@@ -222,6 +222,20 @@ jobs:
           file_path: 12-appsec-timeout.js
           subsite: ${{ matrix.subsite }}
 
+      - name: Prepare Redis ACL tests
+        run: |
+          ddev exec -s crowdsec tc qdisc del dev eth0 root netem
+          # Allow ACL tests
+          echo "requirepass ddev" >> .ddev/redis/redis.conf
+          echo "user redis_user allcommands allkeys on >redis_password" >> .ddev/redis/redis.conf
+          docker restart ddev-${{ env.WP_VERSION_CODE }}-redis
+
+      - name: Run Redis ACL tests
+        uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
+        with:
+          test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
+          file_path: 13-redis-acl.js
+
       - name: Check tested version
         run: |
           CURRENT_VERSION=$(ddev wp core version)
diff --git a/.github/workflows/end-to-end-test-suite.yml b/.github/workflows/end-to-end-test-suite.yml
@@ -205,7 +205,6 @@ jobs:
           test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
           file_path: 11-appsec.js
 
-
       - name: Prepare CrowdSec for AppSec timeout tests
         run: ddev exec -s crowdsec tc qdisc add dev eth0 root netem delay 500ms
 
@@ -215,6 +214,20 @@ jobs:
           test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
           file_path: 12-appsec-timeout.js
 
+      - name: Prepare Redis ACL tests
+        run: |
+          ddev exec -s crowdsec tc qdisc del dev eth0 root netem
+          # Allow ACL tests
+          echo "requirepass ddev" >> .ddev/redis/redis.conf
+          echo "user redis_user allcommands allkeys on >redis_password" >> .ddev/redis/redis.conf
+          docker restart ddev-${{ env.WP_VERSION_CODE }}-redis
+
+      - name: Run Redis ACL tests
+        uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
+        with:
+          test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
+          file_path: 13-redis-acl.js
+
       - name: Check tested version
         run: |
           CURRENT_VERSION=$(ddev wp core version)
diff --git a/.github/workflows/release-test.yml b/.github/workflows/release-test.yml
@@ -89,6 +89,7 @@ jobs:
           ddev get julienloizelet/ddev-tools
           ddev get julienloizelet/ddev-crowdsec-php
 
+
       - name: Start DDEV
         uses: nick-fields/retry@v3
         with:
@@ -234,6 +235,42 @@ jobs:
           test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
           file_path: 11-appsec.js
 
+      - name: Prepare CrowdSec for AppSec timeout tests
+        run: ddev exec -s crowdsec tc qdisc add dev eth0 root netem delay 500ms
+
+      - name: Run AppSec timeout tests
+        uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
+        with:
+          test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
+          file_path: 12-appsec-timeout.js
+
+      - name: Prepare Redis ACL tests
+        run: |
+          ddev exec -s crowdsec tc qdisc del dev eth0 root netem
+          # Allow ACL tests
+          echo "requirepass ddev" >> .ddev/redis/redis.conf
+          echo "user redis_user allcommands allkeys on >redis_password" >> .ddev/redis/redis.conf
+          docker restart ddev-${{ env.WP_VERSION_CODE }}-redis
+
+      - name: Run Redis ACL tests
+        uses: ./wp-content/plugins/crowdsec/.github/workflows/end-to-end/run-single-test
+        with:
+          test_path: ${{ github.workspace }}/${{ env.EXTENSION_PATH }}/tests/e2e-ddev
+          file_path: 13-redis-acl.js
+
+      - name: Check tested version
+        run: |
+          CURRENT_VERSION=$(ddev wp core version)
+          if [[ ${{ matrix.wp-version }} == $CURRENT_VERSION ]]
+          then
+              echo "Tested version was as expected"
+          else
+              echo "Tested version was not as expected"
+              echo $CURRENT_VERSION
+              echo ${{ matrix.wp-version }}
+              exit 1
+          fi    
+
       - name: tmate debugging session
         uses: mxschmitt/action-tmate@v3
         with:
diff --git a/tests/e2e-ddev/__tests__/13-redis-acl.js b/tests/e2e-ddev/__tests__/13-redis-acl.js
@@ -0,0 +1,51 @@
+/* eslint-disable no-undef */
+const {
+    wait,
+    goToAdmin,
+    onAdminGoToAdvancedPage,
+    onAdminSaveSettings,
+    publicHomepageShouldBeBanWall,
+    publicHomepageShouldBeAccessible,
+    banOwnIpForSeconds,
+    removeAllDecisions,
+    forceCronRun,
+    fillInput,
+    onLoginPageLoginAsAdmin,
+    setDefaultConfig,
+    onAdvancedPageEnableStreamMode,
+} = require("../utils/helpers");
+
+const { CURRENT_IP } = require("../utils/constants");
+
+describe(`Use Redis technology with ACL`, () => {
+    beforeAll(async () => {
+        await removeAllDecisions();
+        await goToAdmin();
+        await onLoginPageLoginAsAdmin();
+        await setDefaultConfig();
+    });
+
+    it('Should be able to use Redis cache"', async () => {
+        await goToAdmin();
+        await onAdminGoToAdvancedPage();
+        await onAdvancedPageEnableStreamMode();
+        await page.selectOption("[name=crowdsec_cache_system]", "redis");
+        await wait(200);
+        await fillInput(
+            "crowdsec_redis_dsn",
+            "redis://redis_user:redis_password@redis:6379",
+        );
+        await onAdminSaveSettings();
+        await expect(page).toHaveText(
+            "#wpbody-content > div.wrap > div.notice.notice-success",
+            "As the stream mode is enabled, the cache has just been refreshed.",
+        );
+        await publicHomepageShouldBeAccessible();
+        await banOwnIpForSeconds(15 * 60, CURRENT_IP);
+        await forceCronRun();
+        await publicHomepageShouldBeBanWall();
+        await removeAllDecisions();
+        await forceCronRun();
+        await publicHomepageShouldBeAccessible();
+    });
+});
