From 2cc36287a9004bd9d401534e120e6e3d996c7285 Mon Sep 17 00:00:00 2001
From: Vicente Eduardo Ferrer Garcia <vic798@gmail.com>
Date: Mon, 19 Aug 2024 03:54:28 +0200
Subject: [PATCH] Trying to implement local testing.

---
 .dockerignore       |  2 ++
 Dockerfile          | 15 +++++++++++++++
 proxy/.dockerignore |  2 ++
 proxy/Dockerfile    | 42 ++++++++++++++++++++++++++++++++++++++++++
 proxy/nginx.conf    | 32 ++++++++++++++++++++++++++++++++
 test.sh             | 39 +++++++++++++++++++++++++++++++++++++--
 6 files changed, 130 insertions(+), 2 deletions(-)
 create mode 100644 proxy/.dockerignore
 create mode 100644 proxy/Dockerfile
 create mode 100644 proxy/nginx.conf

diff --git a/.dockerignore b/.dockerignore
index 78036a3..da8dbd3 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,2 +1,4 @@
 **
 !test
+!proxy/nginx.conf
+!install.sh
diff --git a/Dockerfile b/Dockerfile
index 6836fc8..8c325a6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,8 @@
 #	limitations under the License.
 #
 
+ARG METACALL_INSTALL_CERTS=debian_certs_local
+
 FROM scratch AS testing
 
 # Image descriptor
@@ -27,15 +29,28 @@ LABEL copyright.name="Vicente Eduardo Ferrer Garcia" \
 	vendor="MetaCall Inc." \
 	version="0.1"
 
+# Proxy certificates
+FROM metacall/install_nginx AS debian_certs_local
+
+# Remote certificates
+FROM debian:bookworm-slim AS debian_certs_remote
+
+RUN mkdir -p /etc/ssl/certs/
+
+FROM ${METACALL_INSTALL_CERTS} AS debian_certs
+
 # Debian Base (root)
 FROM debian:bookworm-slim AS debian_root
 
+COPY --from=debian_certs /etc/ssl/certs/ /etc/ssl/certs/
+
 COPY test/ /test/
 
 # Install dependencies and set up a sudo user without password
 RUN apt-get update \
 	&& apt-get install -y --no-install-recommends sudo curl wget ca-certificates \
 	&& apt-get clean && rm -rf /var/lib/apt/lists/ \
+	&& update-ca-certificates \
 	&& adduser --disabled-password --gecos "" user \
 	&& usermod -aG sudo user \
 	&& echo "user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers \
diff --git a/proxy/.dockerignore b/proxy/.dockerignore
new file mode 100644
index 0000000..420e34b
--- /dev/null
+++ b/proxy/.dockerignore
@@ -0,0 +1,2 @@
+**
+!nginx.conf
diff --git a/proxy/Dockerfile b/proxy/Dockerfile
new file mode 100644
index 0000000..32698d3
--- /dev/null
+++ b/proxy/Dockerfile
@@ -0,0 +1,42 @@
+#
+#	MetaCall Install Script by Parra Studios
+#	Cross-platform set of scripts to install MetaCall infrastructure.
+#
+#	Copyright (C) 2016 - 2024 Vicente Eduardo Ferrer Garcia <vic798@gmail.com>
+#
+#	Licensed under the Apache License, Version 2.0 (the "License");
+#	you may not use this file except in compliance with the License.
+#	You may obtain a copy of the License at
+#
+#		http://www.apache.org/licenses/LICENSE-2.0
+#
+#	Unless required by applicable law or agreed to in writing, software
+#	distributed under the License is distributed on an "AS IS" BASIS,
+#	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#	See the License for the specific language governing permissions and
+#	limitations under the License.
+#
+
+FROM nginx:alpine-slim AS proxy
+
+# Image descriptor
+LABEL copyright.name="Vicente Eduardo Ferrer Garcia" \
+	copyright.address="vic798@gmail.com" \
+	maintainer.name="Vicente Eduardo Ferrer Garcia" \
+	maintainer.address="vic798@gmail.com" \
+	vendor="MetaCall Inc." \
+	version="0.1"
+
+COPY install.sh /usr/share/nginx/html/
+COPY proxy/nginx.conf /etc/nginx/
+
+RUN apk add openssl \
+	&& openssl req -x509 -nodes -days 365 -subj "/C=CA/ST=QC/O=Company, Inc./CN=raw.githubusercontent.com" \
+	-addext "subjectAltName=DNS:raw.githubusercontent.com" -newkey rsa:2048 \
+	-keyout /etc/ssl/private/nginx-selfsigned.key \
+	-out /etc/ssl/certs/nginx-selfsigned.crt
+
+USER root
+
+EXPOSE 80
+EXPOSE 443
diff --git a/proxy/nginx.conf b/proxy/nginx.conf
new file mode 100644
index 0000000..e5c48f0
--- /dev/null
+++ b/proxy/nginx.conf
@@ -0,0 +1,32 @@
+user root;
+worker_processes 1;
+error_log /var/log/nginx/error.log notice;
+pid /var/run/nginx.pid;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	sendfile on;
+	keepalive_timeout 65;
+
+	server {
+		listen 80;
+		listen [::]:80;
+		server_name raw.githubusercontent.com;
+
+        listen 443 ssl;
+        listen [::]:443 ssl;
+        ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+        ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+
+		location /metacall/install/master/install.sh {
+			alias /usr/share/nginx/html/install.sh;
+			types {
+				application/x-sh sh;
+			}
+			default_type application/x-sh;
+		}
+	}
+}
diff --git a/test.sh b/test.sh
index 0e61ee8..b1b406a 100755
--- a/test.sh
+++ b/test.sh
@@ -17,15 +17,47 @@
 #	See the License for the specific language governing permissions and
 #	limitations under the License.
 
+set -euox pipefail
+
 # Run with Buildkit
 export DOCKER_BUILDKIT=1
 
+# Get current root folder
+SCRIPT_DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &> /dev/null && pwd)
+
 # Get test list (any target prefixed by 'test_')
 TEST_LIST=$(cat Dockerfile | grep -v '^#' | grep 'AS test_' | awk '{print $4}')
 
+# Run a local server static file server for tricking the tests into using the
+# current version of install.sh script instead the one from GitHub URL
+docker build -t metacall/install_nginx -f proxy/Dockerfile .
+
+docker run --rm \
+	--name metacall_install_nginx \
+	-p 80:80 \
+	-p 443:443 \
+	--network host \
+	-d metacall/install_nginx
+
+# Define default certificate setup
+METACALL_INSTALL_CERTS="${METACALL_INSTALL_CERTS:-debian_certs_remote}"
+
+if [[ "${METACALL_INSTALL_CERTS}" = "debian_certs_local" ]]; then
+	METACALL_INSTALL_DNS=--add-host="raw.githubusercontent.com:127.0.0.1"
+else
+	METACALL_INSTALL_DNS=
+fi
+
 # Run tests
 for test in ${TEST_LIST}; do
-	docker build --no-cache --progress=plain --target ${test} -t metacall/install:${test} .
+	docker build \
+		--no-cache \
+		--progress=plain \
+		--target ${test} \
+		--build-arg "METACALL_INSTALL_CERTS=${METACALL_INSTALL_CERTS}" \
+		--network host \
+		${METACALL_INSTALL_DNS} \
+		-t metacall/install:${test} .
 	result=$?
 	if [[ $result -ne 0 ]]; then
 		echo "Test ${test} failed. Abort."
@@ -36,8 +68,11 @@ for test in ${TEST_LIST}; do
 	docker system prune -f --all
 done
 
+# Clear the proxy
+docker stop metacall_install_nginx
+
 # Test Docker Install
-DOCKER_HOST_PATH=`pwd`/test
+DOCKER_HOST_PATH="${SCRIPT_DIR}/test"
 
 # Run Docker install with --docker-install parameter
 docker run --rm \