Merge pull request #348 from 3scale/resource-reader-ignore-tls

verify_ssl option on resource_reader by URL

lib/3scale_toolbox/commands/activedocs_command/apply_command.rb

@@ -108,7 +108,7 @@ def activedocs_json_spec
 
           def read_activedocs_json_spec
             activedoc_spec = option_openapi_spec
-            activedoc_spec_content = load_resource(activedoc_spec)
+            activedoc_spec_content = load_resource(activedoc_spec, verify_ssl)
             JSON.pretty_generate(activedoc_spec_content)
           end
 

lib/3scale_toolbox/commands/activedocs_command/create_command.rb

@@ -52,20 +52,19 @@ def remote
           end
 
           def activedocs_json_spec
-            activedoc_spec = arguments[:activedocs_spec]
-            activedoc_spec_content = load_resource(arguments[:activedocs_spec])
+            activedoc_spec_content = load_resource(arguments[:activedocs_spec], verify_ssl)
             JSON.pretty_generate(activedoc_spec_content)
           end
 
           def activedocs_attrs
             {
-              "service_id" => options[:'service-id'],
-              "published" => options[:'published'],
-              "skip_swagger_validations" => options[:'skip-swagger-validations'],
-              "description" => options[:'description'],
-              "system_name" => options[:'system-name'],
-              "name" => activedocs_name,
-              "body" => activedocs_json_spec,
+              'service_id' => options[:'service-id'],
+              'published' => options[:'published'],
+              'skip_swagger_validations' => options[:'skip-swagger-validations'],
+              'description' => options[:'description'],
+              'system_name' => options[:'system-name'],
+              'name' => activedocs_name,
+              'body' => activedocs_json_spec,
             }.compact
           end
 

lib/3scale_toolbox/commands/import_command/openapi.rb

@@ -95,7 +95,7 @@ def create_context
           end
 
           def openapi_resource
-            @openapi_resource ||= load_resource(openapi_path)
+            @openapi_resource ||= load_resource(openapi_path, verify_ssl)
           end
 
           def openapi_path

lib/3scale_toolbox/commands/plans_command/import_command.rb

@@ -53,7 +53,7 @@ def context
 
           def create_context
             {
-              artifacts_resource: load_resource(options[:file] || '-'),
+              artifacts_resource: load_resource(options[:file] || '-', verify_ssl),
               threescale_client: threescale_client(arguments[:remote]),
               service_system_name: arguments[:service_system_name],
               plan_system_name: options[:plan],

lib/3scale_toolbox/commands/policies_command/import_command.rb

@@ -53,7 +53,7 @@ def find_product
         end
 
         def policies
-          @policies ||= load_resource(options[:file] || options[:url] || '-')
+          @policies ||= load_resource(options[:file] || options[:url] || '-', verify_ssl)
         end
       end
     end

lib/3scale_toolbox/commands/product_command/import_command.rb

@@ -106,7 +106,7 @@ def backend_resources
         end
 
         def artifacts_resource
-          @artifacts_resource ||= load_resource(options[:file] || '-')
+          @artifacts_resource ||= load_resource(options[:file] || '-', verify_ssl)
         end
 
         def report

lib/3scale_toolbox/resource_reader.rb

@@ -4,9 +4,9 @@ module ResourceReader
     # Load resource from different types of sources.
     # Supported types are: file, URL, stdin
     # Loaded content is returned
-    def load_resource(resource)
+    def load_resource(resource, verify_ssl)
       # Json format is parsed as well
-      YAML.safe_load(read_content(resource))
+      YAML.safe_load(read_content(resource, verify_ssl))
     rescue Psych::SyntaxError => e
       raise ThreeScaleToolbox::Error, "JSON/YAML validation failed: #{e.message}"
     end
@@ -15,17 +15,17 @@ def load_resource(resource)
     # Reads resources from different types of sources.
     # Supported types are: file, URL, stdin
     # Resource raw content is returned
-    def read_content(resource)
+    def read_content(resource, verify_ssl)
       case resource
       when '-'
-        method(:read_stdin)
+        read_stdin(resource)
       when /\A#{URI::DEFAULT_PARSER.make_regexp}\z/
-        method(:read_url)
+        read_url(resource, verify_ssl)
       when StringIO
-        method(:read_stringio)
+        read_stringio(resource)
       else
-        method(:read_file)
-      end.call(resource)
+        read_file(resource)
+      end
     end
 
     # Detect format from file extension
@@ -40,8 +40,17 @@ def read_stdin(_resource)
       STDIN.read
     end
 
-    def read_url(resource)
-      Net::HTTP.get(URI.parse(resource))
+    def read_url(resource, verify_ssl)
+      endpoint = URI.parse(resource)
+      http_client = Net::HTTP.new(endpoint.host, endpoint.port)
+      http_client.use_ssl = endpoint.is_a?(URI::HTTPS)
+      http_client.verify_mode = OpenSSL::SSL::VERIFY_NONE unless verify_ssl
+
+      response = http_client.get(endpoint)
+      case response
+      when Net::HTTPSuccess then response.body
+      else raise ThreeScaleToolbox::Error, "could not download resource: #{response.body}"
+      end
     end
 
     def read_stringio(resource)

spec/unit/resource_reader_spec.rb

@@ -1,5 +1,5 @@
 RSpec.shared_examples 'content is read' do
-  let(:result) { subject.read_content(resource) }
+  let(:result) { subject.read_content(resource, verify_ssl) }
 
   it 'does not return nil' do
     expect(result).not_to be_nil
@@ -12,14 +12,15 @@
 
 RSpec.describe ThreeScaleToolbox::ResourceReader do
   include_context :temp_dir
+  let(:verify_ssl) { true }
 
   subject do
     Class.new { include ThreeScaleToolbox::ResourceReader }.new
   end
 
   context '#load_resource' do
     let(:resource) { tmp_dir.join('file.ext').tap { |conf| conf.write(content) } }
-    let(:result) { subject.load_resource(resource) }
+    let(:result) { subject.load_resource(resource, verify_ssl) }
 
     context 'valid json' do
       let(:content) { '{ "some_key": "some value" }' }
@@ -89,20 +90,37 @@
       let(:resource) { tmp_dir }
 
       it 'error is raised' do
-        expect { subject.read_content(resource) }.to raise_error(ThreeScaleToolbox::Error,
-                                                                 /File not found/)
+        expect { subject.read_content(resource, verify_ssl) }.to raise_error(ThreeScaleToolbox::Error,
+                                                                             /File not found/)
       end
     end
 
     context 'from URL' do
       let(:resource) { 'https://example.com/petstore.yaml' }
+      let(:net_class_stub) { class_double(Net::HTTP).as_stubbed_const }
+      let(:net_client) { instance_double(Net::HTTP) }
+      let(:net_response) { instance_double(Net::HTTPSuccess) }
 
-      before :each do
-        net_class_stub = class_double(Net::HTTP).as_stubbed_const
-        expect(net_class_stub).to receive(:get).and_return(content)
+      context 'on HTTP success' do
+        before :each do
+          stub_request(:get, 'https://example.com/petstore.yaml').
+            to_return(status: 200, body: content, headers: {})
+        end
+
+        it_behaves_like 'content is read'
       end
 
-      it_behaves_like 'content is read'
+      context 'on HTTP error' do
+        before :each do
+          stub_request(:get, 'https://example.com/petstore.yaml').
+            to_return(status: 500, body: 'unexpected error', headers: {})
+        end
+
+        it 'error is raised' do
+          expect { subject.read_content(resource, verify_ssl) }.to raise_error(ThreeScaleToolbox::Error,
+                                                                               /could not download resource/)
+        end
+      end
     end
 
     context 'from stdin' do