Use httptester docker image for http tests (#15811)

* Use httptester docker image for http tests * When not running with an httptester linked container, use public test sites
2026-05-08 14:22:46 +00:00 · 2016-05-10 22:43:07 -05:00
parent 4561be00af
commit accf40d8a8
11 changed files with 111 additions and 84 deletions
--- a/test/integration/roles/test_get_url/meta/main.yml
+++ b/test/integration/roles/test_get_url/meta/main.yml
@@ -1,3 +1,4 @@
-dependencies: 
+dependencies:
  - prepare_tests
+  - prepare_http_tests

--- a/test/integration/roles/test_get_url/tasks/main.yml
+++ b/test/integration/roles/test_get_url/tasks/main.yml
@@ -66,27 +66,21 @@
        - result.failed

 - name: test https fetch
-  get_url: url="https://raw.githubusercontent.com/ansible/ansible/devel/README.md" dest={{output_dir}}/get_url.txt force=yes
+  get_url: url="https://{{ httpbin_host }}/get" dest={{output_dir}}/get_url.txt force=yes
  register: result

 - name: assert the get_url call was successful
  assert:
    that:
-    - result.changed 
+    - result.changed
    - '"OK" in result.msg'

 - name: test https fetch to a site with mismatched hostname and certificate
  get_url:
-    url: "https://www.kennethreitz.org/"
+    url: "https://{{ badssl_host }}/"
    dest: "{{ output_dir }}/shouldnotexist.html"
  ignore_errors: True
  register: result
-  # kennethreitz having trouble staying up.  Eventually need to install our own
-  # certs & web server to test this... also need to install and test it with
-  # a proxy so the complications are inevitable
-  until: "'read operation timed out' not in result.msg"
-  retries: 30
-  delay: 10

 - stat:
    path: "{{ output_dir }}/shouldnotexist.html"
@@ -101,16 +95,13 @@

 - name: test https fetch to a site with mismatched hostname and certificate and validate_certs=no
  get_url:
-    url: "https://www.kennethreitz.org/"
-    dest: "{{ output_dir }}/kreitz.html"
+    url: "https://{{ badssl_host }}/"
+    dest: "{{ output_dir }}/get_url_no_validate.html"
    validate_certs: no
  register: result
-  until: "'read operation timed out' not in result.msg"
-  retries: 30
-  delay: 10

 - stat:
-    path: "{{ output_dir }}/kreitz.html"
+    path: "{{ output_dir }}/get_url_no_validate.html"
  register: stat_result

 - name: Assert that the file was downloaded
@@ -119,48 +110,44 @@
      - "result.changed == true"
      - "stat_result.stat.exists == true"

-# At the moment, AWS can't make an https request to velox.ch... connection
-# timed out.  So we'll use a different test until/unless the problem is resolved
-## SNI Tests
-## SNI is only built into the stdlib from python-2.7.9 onwards
-#- name: Test that SNI works
-#  get_url:
-#    # A test site that returns a page with information on what SNI information
-#    # the client sent.  A failure would have the string: did not send a TLS server name indication extension
-#    url: 'https://foo.sni.velox.ch/'
-#    dest: "{{ output_dir }}/sni.html"
-#  register: get_url_result
-#  ignore_errors: True
-#
-#- command: "grep 'sent the following TLS server name indication extension' {{ output_dir}}/sni.html"
-#  register: data_result
-#  when: "{{ python_has_ssl_context }}"
-#
-#- debug: var=get_url_result
-#- name: Assert that SNI works with this python version
-#  assert:
-#    that:
-#      - 'data_result.rc == 0'
-#      - '"failed" not in get_url_result'
-#  when: "{{ python_has_ssl_context }}"
-#
-## If the client doesn't support SNI then get_url should have failed with a certificate mismatch
-#- name: Assert that hostname verification failed because SNI is not supported on this version of python
-#  assert:
-#    that:
-#      - 'get_url_result["failed"]'
-#  when: "{{ not python_has_ssl_context }}"
+# SNI Tests
+# SNI is only built into the stdlib from python-2.7.9 onwards
+- name: Test that SNI works
+  get_url:
+    url: 'https://{{ sni_host }}/'
+    dest: "{{ output_dir }}/sni.html"
+  register: get_url_result
+  ignore_errors: True
+
+- command: "grep '{{ sni_host }}' {{ output_dir}}/sni.html"
+  register: data_result
+  when: "{{ python_has_ssl_context }}"
+
+- debug: var=get_url_result
+- name: Assert that SNI works with this python version
+  assert:
+    that:
+      - 'data_result.rc == 0'
+      - '"failed" not in get_url_result'
+  when: "{{ python_has_ssl_context }}"
+
+# If the client doesn't support SNI then get_url should have failed with a certificate mismatch
+- name: Assert that hostname verification failed because SNI is not supported on this version of python
+  assert:
+    that:
+      - 'get_url_result["failed"]'
+  when: "{{ not python_has_ssl_context }}"

 # These tests are just side effects of how the site is hosted.  It's not
 # specifically a test site.  So the tests may break due to the hosting changing
 - name: Test that SNI works
  get_url:
-    url: 'https://www.mnot.net/blog/2014/05/09/if_you_can_read_this_youre_sniing'
+    url: 'https://{{ sni_host }}/'
    dest: "{{ output_dir }}/sni.html"
  register: get_url_result
  ignore_errors: True

- command: "grep '<h2>If You Can Read This, You.re SNIing</h2>' {{ output_dir}}/sni.html"
+- command: "grep '{{ sni_host }}' {{ output_dir}}/sni.html"
  register: data_result
  when: "{{ python_has_ssl_context }}"

@@ -182,12 +169,12 @@

 - name: Test get_url with redirect
  get_url:
-    url: 'http://httpbin.org/redirect/6'
+    url: 'http://{{ httpbin_host }}/redirect/6'
    dest: "{{ output_dir }}/redirect.json"

 - name: Test that setting file modes work
  get_url:
-    url: 'http://httpbin.org/'
+    url: 'http://{{ httpbin_host }}/'
    dest: '{{ output_dir }}/test'
    mode: '0707'
  register: result
@@ -204,7 +191,7 @@

 - name: Test that setting file modes on an already downlaoded file work
  get_url:
-    url: 'http://httpbin.org/'
+    url: 'http://{{ httpbin_host }}/'
    dest: '{{ output_dir }}/test'
    mode: '0070'
  register: result