feat: enable/disable ssl cert verification in test trigger (#2521)

kubeshop · May 26, 2023 · 0bcfa3a · 0bcfa3a
1 parent 05dc8dc
commit 0bcfa3a
Show file tree

Hide file tree

Showing 15 changed files with 119 additions and 31 deletions.
diff --git a/api/http.yaml b/api/http.yaml
@@ -25,6 +25,9 @@ components:
           type: string
         auth:
           $ref: "#/components/schemas/HTTPAuth"
+        sslVerification:
+          type: boolean
+          default: false
         # proxy:
         #   type: object
         #   description: TODO

diff --git a/cli/openapi/model_http_request.go b/cli/openapi/model_http_request.go
diff --git a/server/executor/trigger/http.go b/server/executor/trigger/http.go
@@ -3,6 +3,7 @@ package trigger
 import (
 	"bytes"
 	"context"
+	"crypto/tls"
 	"fmt"
 	"io"
 	"net"
@@ -24,11 +25,12 @@ func HTTP() Triggerer {
 
 type httpTriggerer struct{}
 
-func httpClient() http.Client {
+func httpClient(sslVerification bool) http.Client {
 	transport := &http.Transport{
 		DialContext: (&net.Dialer{
 			Timeout: time.Second,
 		}).DialContext,
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: !sslVerification},
 	}
 
 	return http.Client{
@@ -71,7 +73,7 @@ func (te *httpTriggerer) Trigger(ctx context.Context, test model.Test, opts *Tri
 		return response, fmt.Errorf(`trigger type "%s" not supported by HTTP triggerer`, trigger.Type)
 	}
 
-	client := httpClient()
+	client := httpClient(trigger.HTTP.SSLVerification)
 
 	ctx = trace.ContextWithSpanContext(ctx, newSpanContext(ctx))
 	ctx, cncl := context.WithTimeout(ctx, 30*time.Second)

diff --git a/server/http/mappings/http.go b/server/http/mappings/http.go
@@ -22,11 +22,12 @@ func (m OpenAPI) HTTPRequest(in *model.HTTPRequest) openapi.HttpRequest {
 	}
 
 	return openapi.HttpRequest{
-		Url:     in.URL,
-		Method:  string(in.Method),
-		Headers: m.HTTPHeaders(in.Headers),
-		Body:    in.Body,
-		Auth:    m.Auth(in.Auth),
+		Url:             in.URL,
+		Method:          string(in.Method),
+		Headers:         m.HTTPHeaders(in.Headers),
+		Body:            in.Body,
+		Auth:            m.Auth(in.Auth),
+		SslVerification: in.SSLVerification,
 	}
 }
 
@@ -89,11 +90,12 @@ func (m Model) HTTPRequest(in openapi.HttpRequest) *model.HTTPRequest {
 	}
 
 	return &model.HTTPRequest{
-		URL:     in.Url,
-		Method:  model.HTTPMethod(in.Method),
-		Headers: m.HTTPHeaders(in.Headers),
-		Body:    in.Body,
-		Auth:    m.Auth(in.Auth),
+		URL:             in.Url,
+		Method:          model.HTTPMethod(in.Method),
+		Headers:         m.HTTPHeaders(in.Headers),
+		Body:            in.Body,
+		Auth:            m.Auth(in.Auth),
+		SSLVerification: in.SslVerification,
 	}
 }
 

diff --git a/server/model/http.go b/server/model/http.go
@@ -32,11 +32,12 @@ type HTTPHeader struct {
 }
 
 type HTTPRequest struct {
-	Method  HTTPMethod         `expr_enabled:"true" json:"method,omitempty"`
-	URL     string             `expr_enabled:"true" json:"url"`
-	Body    string             `expr_enabled:"true" json:"body,omitempty"`
-	Headers []HTTPHeader       `json:"headers,omitempty"`
-	Auth    *HTTPAuthenticator `json:"auth,omitempty"`
+	Method          HTTPMethod         `expr_enabled:"true" json:"method,omitempty"`
+	URL             string             `expr_enabled:"true" json:"url"`
+	Body            string             `expr_enabled:"true" json:"body,omitempty"`
+	Headers         []HTTPHeader       `json:"headers,omitempty"`
+	Auth            *HTTPAuthenticator `json:"auth,omitempty"`
+	SSLVerification bool               `json:"sslVerification,omitempty"`
 }
 
 func (a HTTPRequest) Authenticate(req *http.Request) {

diff --git a/server/model/yaml/http.go b/server/model/yaml/http.go
@@ -5,11 +5,12 @@ import (
 )
 
 type HTTPRequest struct {
-	URL            string              `yaml:"url"`
-	Method         string              `yaml:"method"`
-	Headers        []HTTPHeader        `yaml:"headers,omitempty" dc:"headers"`
-	Authentication *HTTPAuthentication `yaml:"authentication,omitempty" dc:"auth"`
-	Body           string              `yaml:"body,omitempty"`
+	URL             string              `yaml:"url"`
+	Method          string              `yaml:"method"`
+	Headers         []HTTPHeader        `yaml:"headers,omitempty" dc:"headers"`
+	Authentication  *HTTPAuthentication `yaml:"authentication,omitempty" dc:"auth"`
+	Body            string              `yaml:"body,omitempty"`
+	SSLVerification bool                `yaml:"sslVerification,omitempty"`
 }
 
 func (r HTTPRequest) Validate() error {

diff --git a/server/openapi/model_http_request.go b/server/openapi/model_http_request.go
@@ -19,6 +19,8 @@ type HttpRequest struct {
 	Body string `json:"body,omitempty"`
 
 	Auth HttpAuth `json:"auth,omitempty"`
+
+	SslVerification bool `json:"sslVerification,omitempty"`
 }
 
 // AssertHttpRequestRequired checks if the required fields are not zero-ed

diff --git a/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/RequestDetails.styled.ts b/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/RequestDetails.styled.ts
@@ -32,3 +32,9 @@ export const DeleteIcon = styled(DeleteOutlined)`
   color: ${({theme}) => theme.color.textSecondary};
   font-size: ${({theme}) => theme.size.md};
 `;
+
+export const SSLVerificationContainer = styled.div`
+  align-items: center;
+  display: flex;
+  gap: 8px;
+`;
diff --git a/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/RequestDetailsForm.tsx b/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/RequestDetailsForm.tsx
@@ -5,6 +5,7 @@ import {BodyField} from './BodyField/BodyField';
 import RequestDetailsAuthInput from './RequestDetailsAuthInput/RequestDetailsAuthInput';
 import RequestDetailsHeadersInput from './RequestDetailsHeadersInput';
 import RequestDetailsUrlInput from './RequestDetailsUrlInput';
+import SSLVerification from './SSLVerification';
 
 export const FORM_ID = 'create-test';
 
@@ -19,6 +20,7 @@ const RequestDetailsForm = ({form}: IProps) => {
       <RequestDetailsAuthInput />
       <RequestDetailsHeadersInput />
       <BodyField setBody={body => form.setFieldsValue({body})} body={Form.useWatch('body', form)} />
+      <SSLVerification />
     </S.InputContainer>
   );
 };

diff --git a/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/SSLVerification.tsx b/web/src/components/CreateTestPlugins/Rest/steps/RequestDetails/SSLVerification.tsx
@@ -0,0 +1,17 @@
+import {Form, Switch} from 'antd';
+import {TooltipQuestion} from 'components/TooltipQuestion/TooltipQuestion';
+import * as S from './RequestDetails.styled';
+
+const SSLVerification = () => {
+  return (
+    <S.SSLVerificationContainer>
+      <label htmlFor="sslVerification">Enable SSL certificate verification</label>
+      <Form.Item name="sslVerification" valuePropName="checked">
+        <Switch />
+      </Form.Item>
+      <TooltipQuestion title="Verify SSL certificates when sending the request. Verification failures will result in the request being aborted." />
+    </S.SSLVerificationContainer>
+  );
+};
+
+export default SSLVerification;
diff --git a/web/src/models/HttpRequest.model.ts b/web/src/models/HttpRequest.model.ts
@@ -9,7 +9,14 @@ type HttpRequest = Model<
   }
 >;
 
-const HttpRequest = ({method = 'GET', url = '', headers = [], body = '', auth = {}}: TRawHTTPRequest): HttpRequest => {
+const HttpRequest = ({
+  method = 'GET',
+  url = '',
+  headers = [],
+  body = '',
+  auth = {},
+  sslVerification = false,
+}: TRawHTTPRequest): HttpRequest => {
   return {
     method,
     url,
@@ -19,6 +26,7 @@ const HttpRequest = ({method = 'GET', url = '', headers = [], body = '', auth =
     })),
     body,
     auth,
+    sslVerification,
   };
 };
 

diff --git a/web/src/services/Triggers/Curl.service.ts b/web/src/services/Triggers/Curl.service.ts
@@ -37,6 +37,7 @@ const CurlTriggerService = (): ICurlTriggerService => ({
       method: method as HTTP_METHOD,
       headers: Object.entries(headers).map(([key, value]) => ({key, value})),
       body: body === 'data' ? '' : JSON.stringify(body),
+      sslVerification: false,
     };
   },
 

diff --git a/web/src/services/Triggers/Http.service.ts b/web/src/services/Triggers/Http.service.ts
@@ -5,9 +5,9 @@ import HttpRequest from 'models/HttpRequest.model';
 
 const HttpTriggerService = (): ITriggerService => ({
   async getRequest(values) {
-    const {url, method, auth, headers, body} = values as IHttpValues;
+    const {url, method, auth, headers, body, sslVerification} = values as IHttpValues;
 
-    return HttpRequest({url, method, auth, headers, body});
+    return HttpRequest({url, method, auth, headers, body, sslVerification});
   },
 
   async validateDraft(draft): Promise<boolean> {
@@ -16,14 +16,15 @@ const HttpTriggerService = (): ITriggerService => ({
   },
 
   getInitialValues(request) {
-    const {url, method, headers, body, auth} = request as HttpRequest;
+    const {url, method, headers, body, auth, sslVerification} = request as HttpRequest;
 
     return {
       url,
       auth,
       method: method as HTTP_METHOD,
       headers,
       body,
+      sslVerification,
     };
   },
 });

diff --git a/web/src/types/Generated.types.ts b/web/src/types/Generated.types.ts
@@ -1486,6 +1486,7 @@ export interface external {
           headers?: external["http.yaml"]["components"]["schemas"]["HTTPHeader"][];
           body?: string;
           auth?: external["http.yaml"]["components"]["schemas"]["HTTPAuth"];
+          sslVerification?: boolean;
         };
         HTTPResponse: {
           status?: string;

diff --git a/web/src/types/Test.types.ts b/web/src/types/Test.types.ts
@@ -34,6 +34,7 @@ export interface IHttpValues {
   headers: HttpRequest['headers'];
   method: HTTP_METHOD;
   url: string;
+  sslVerification: boolean;
 }
 
 export interface RequestDefinitionExtended extends Request {