-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: add integ test that validates full proxy traversal #33092
Conversation
Add a CLI integ test to validate that `cdk deploy` works in a fully network-isolated environment, with only a proxy to go through. This validates that no parts of the CLI setup ignore the proxy configuration, which would otherwise be hard to test. We achieve the network isolation by running the code inside a Docker container where we use `iptables` to drop all network traffic that doesn't go through the Docker host, where we run `mitmproxy`.
➡️ PR build request submitted to A maintainer must now check the pipeline and add the |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #33092 +/- ##
==========================================
+ Coverage 81.46% 81.52% +0.06%
==========================================
Files 224 224
Lines 13748 13762 +14
Branches 2412 2414 +2
==========================================
+ Hits 11200 11220 +20
+ Misses 2273 2270 -3
+ Partials 275 272 -3
Flags with carried forward coverage won't be shown. Click here to find out more.
|
import { startProxyServer } from '../../lib/proxy'; | ||
import { TestFixture, withDefaultFixture } from '../../lib/with-cdk-app'; | ||
|
||
const docker = process.env.CDK_DOCKER ?? 'docker'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose the answer is yes, but does this work in an ECS container? Do we need any special setup?
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
This pull request has been removed from the queue for the following reason: Pull request #33092 has been dequeued, merge conditions unmatch:
You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it. If you want to requeue this pull request, you need to post a comment with the text: |
Comments on closed issues and PRs are hard for our team to see. |
Forced merged as this was blocked by Codecov and blocking the queue. |
Add a CLI integ test to validate that
cdk deploy
works in a fully network-isolated environment, with only a proxy to go through.This validates that no parts of the CLI setup ignore the proxy configuration, which would otherwise be hard to test.
We achieve the network isolation by running the code inside a Docker container where we use
iptables
to drop all network traffic that doesn't go through the Docker host, where we run a proxy.I temporarily bumped the
tsconfig
target
to try out theusing
syntax (didn't work out with Jest), but that caused some compiler errors around class member initialization that I fixed as well.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license