From 596e0c3403a8aad3473fc0df9c2923f3d8bd0f1c Mon Sep 17 00:00:00 2001 From: Gajus Date: Fri, 3 Jan 2025 09:42:40 -0600 Subject: [PATCH] refactor: move test SSLs to a package --- packages/test-ssls/Dockerfile | 22 +++++++++++++++++++ .../fixtures/ssl => test-ssls}/README.md | 13 +++++++++++ packages/test-ssls/package.json | 21 ++++++++++++++++++ .../fixtures/ssl => test-ssls}/root.crt | 0 .../fixtures/ssl => test-ssls}/root.key | 0 .../fixtures/ssl => test-ssls}/root.srl | 0 .../fixtures/ssl => test-ssls}/slonik.crt | 0 .../fixtures/ssl => test-ssls}/slonik.csr | 0 .../fixtures/ssl => test-ssls}/slonik.key | 0 packages/utilities/package.json | 1 + .../utilities/src/utilities/parseDsn.test.ts | 6 ++--- pnpm-lock.yaml | 11 +++++++++- 12 files changed, 70 insertions(+), 4 deletions(-) create mode 100644 packages/test-ssls/Dockerfile rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/README.md (73%) create mode 100644 packages/test-ssls/package.json rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/root.crt (100%) rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/root.key (100%) rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/root.srl (100%) rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/slonik.crt (100%) rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/slonik.csr (100%) rename packages/{utilities/src/utilities/fixtures/ssl => test-ssls}/slonik.key (100%) diff --git a/packages/test-ssls/Dockerfile b/packages/test-ssls/Dockerfile new file mode 100644 index 00000000..8ef04013 --- /dev/null +++ b/packages/test-ssls/Dockerfile @@ -0,0 +1,22 @@ +FROM postgres:16 + +RUN mkdir -p /etc/postgresql/certs && chown postgres:postgres /etc/postgresql/certs + +# Copy the SSL certificates into the container +COPY root.crt /etc/postgresql/certs/root.crt +COPY slonik.key /etc/postgresql/certs/server.key +COPY slonik.crt /etc/postgresql/certs/server.crt + + +RUN chmod 600 /etc/postgresql/certs/server.key && \ + chmod 644 /etc/postgresql/certs/server.crt /etc/postgresql/certs/root.crt && \ + chown postgres:postgres /etc/postgresql/certs/* + +RUN echo "ssl = on" >> /usr/share/postgresql/postgresql.conf.sample && \ + echo "ssl_cert_file = '/etc/postgresql/certs/server.crt'" >> /usr/share/postgresql/postgresql.conf.sample && \ + echo "ssl_key_file = '/etc/postgresql/certs/server.key'" >> /usr/share/postgresql/postgresql.conf.sample && \ + echo "ssl_ca_file = '/etc/postgresql/certs/root.crt'" >> /usr/share/postgresql/postgresql.conf.sample + +EXPOSE 5432 + +USER postgres \ No newline at end of file diff --git a/packages/utilities/src/utilities/fixtures/ssl/README.md b/packages/test-ssls/README.md similarity index 73% rename from packages/utilities/src/utilities/fixtures/ssl/README.md rename to packages/test-ssls/README.md index e678165e..d523b1e1 100644 --- a/packages/utilities/src/utilities/fixtures/ssl/README.md +++ b/packages/test-ssls/README.md @@ -1,3 +1,9 @@ +# Test SSLs + +SSLs used for testing Slonik. + +## Generating SSL certificates + ```bash # Generate a Root Certificate (CA) openssl genrsa -out root.key 2048 @@ -14,4 +20,11 @@ openssl x509 -req -in slonik.csr -CA root.crt -CAkey root.key -CAcreateserial -o # Verify the Certificates openssl verify -CAfile root.crt slonik.crt +``` + +## Running PostgreSQL with SSL + +```bash +docker build -t slonik-ssl-test . +docker run --name slonik-ssl-test --rm -it -e POSTGRES_PASSWORD=postgres -p 5433:5432 slonik-ssl-test ``` \ No newline at end of file diff --git a/packages/test-ssls/package.json b/packages/test-ssls/package.json new file mode 100644 index 00000000..0bf3f2e8 --- /dev/null +++ b/packages/test-ssls/package.json @@ -0,0 +1,21 @@ +{ + "author": { + "email": "gajus@gajus.com", + "name": "Gajus Kuizinas", + "url": "http://gajus.com" + }, + "description": "SSLs used for testing Slonik.", + "engines": { + "node": ">=18" + }, + "license": "BSD-3-Clause", + "name": "@slonik/test-ssls", + "peerDependencies": { + "zod": "^3" + }, + "repository": { + "type": "git", + "url": "https://github.com/gajus/slonik" + }, + "version": "46.2.0" +} diff --git a/packages/utilities/src/utilities/fixtures/ssl/root.crt b/packages/test-ssls/root.crt similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/root.crt rename to packages/test-ssls/root.crt diff --git a/packages/utilities/src/utilities/fixtures/ssl/root.key b/packages/test-ssls/root.key similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/root.key rename to packages/test-ssls/root.key diff --git a/packages/utilities/src/utilities/fixtures/ssl/root.srl b/packages/test-ssls/root.srl similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/root.srl rename to packages/test-ssls/root.srl diff --git a/packages/utilities/src/utilities/fixtures/ssl/slonik.crt b/packages/test-ssls/slonik.crt similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/slonik.crt rename to packages/test-ssls/slonik.crt diff --git a/packages/utilities/src/utilities/fixtures/ssl/slonik.csr b/packages/test-ssls/slonik.csr similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/slonik.csr rename to packages/test-ssls/slonik.csr diff --git a/packages/utilities/src/utilities/fixtures/ssl/slonik.key b/packages/test-ssls/slonik.key similarity index 100% rename from packages/utilities/src/utilities/fixtures/ssl/slonik.key rename to packages/test-ssls/slonik.key diff --git a/packages/utilities/package.json b/packages/utilities/package.json index 0fee2a45..6393ed5f 100644 --- a/packages/utilities/package.json +++ b/packages/utilities/package.json @@ -22,6 +22,7 @@ "description": "A Node.js PostgreSQL client with strict types, detailed logging and assertions.", "devDependencies": { "@slonik/eslint-config": "workspace:^", + "@slonik/test-ssls": "workspace:^", "@types/node": "^22.9.0", "ava": "^6.1.3", "cspell": "^8.16.0", diff --git a/packages/utilities/src/utilities/parseDsn.test.ts b/packages/utilities/src/utilities/parseDsn.test.ts index 81a3fde1..cd13c123 100644 --- a/packages/utilities/src/utilities/parseDsn.test.ts +++ b/packages/utilities/src/utilities/parseDsn.test.ts @@ -78,9 +78,9 @@ test('postgresql:///database-name?host=/var/lib/postgresql', testParse, { host: '/var/lib/postgresql', }); -const sslCaCertPath = resolve(__dirname, './fixtures/ssl/root.crt'); -const sslCertPath = resolve(__dirname, './fixtures/ssl/slonik.crt'); -const sslKeyPath = resolve(__dirname, './fixtures/ssl/slonik.key'); +const sslCaCertPath = require.resolve('@slonik/test-ssls/root.crt'); +const sslCertPath = require.resolve('@slonik/test-ssls/slonik.crt'); +const sslKeyPath = require.resolve('@slonik/test-ssls/slonik.key'); test(`postgresql://?sslcert=${sslCertPath}&sslkey=${sslKeyPath}`, testParse, { ssl: { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 48188fc5..e64f8d9f 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -455,6 +455,12 @@ importers: specifier: ^3.22.4 version: 3.23.8 + packages/test-ssls: + dependencies: + zod: + specifier: ^3 + version: 3.23.8 + packages/types: dependencies: zod: @@ -498,6 +504,9 @@ importers: '@slonik/eslint-config': specifier: workspace:^ version: link:../eslint-config + '@slonik/test-ssls': + specifier: workspace:^ + version: link:../test-ssls '@types/node': specifier: ^22.9.0 version: 22.9.0 @@ -6774,7 +6783,7 @@ snapshots: agent-base@6.0.2: dependencies: - debug: 4.3.5 + debug: 4.4.0 transitivePeerDependencies: - supports-color