Skip to content
This repository has been archived by the owner on Jan 21, 2022. It is now read-only.

Mixture of secured and non secured environment in cf itests #706

Open
georgi-lozev opened this issue Aug 8, 2017 · 2 comments
Open

Mixture of secured and non secured environment in cf itests #706

georgi-lozev opened this issue Aug 8, 2017 · 2 comments

Comments

@georgi-lozev
Copy link
Contributor

Some of the abacus integration tests(bridge-test.js#L144) validate both with secured and non-secured environment, others(test.js#L186) validate only secured and there is a third group that does not deal explicitly with security, but still sign and pass tokens inside the code(accuracy-test.js#L59).

Maybe in the third option is left as an alternative the security to be controlled from outside, but it's somehow misleading and requires from you to know the test and the code in details in order to run it in all possible scenarios.

Does it make sense to test without security at all or do we need to support both?

@cf-gitbot
Copy link
Collaborator

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/150035658

The labels on this github issue will be updated when the story is started.

@hsiliev
Copy link
Contributor

hsiliev commented Aug 8, 2017

There are CF environments that do not require security to be on, since they rely on IaaS to encrypt the traffic. Networking release can restrict the access between apps, so using it can also make https optional. I would say we need to support both secure and non-secure environments.

As for the tests: the best would be to have both secured and non-secured tests, but this takes lots of time. Therefore some of the tests do not exercise both branches since the secure aspect is covered by another test.

I would say we need to remove all secure and non-secure branching from the tests and create an explicit group that deals with this. In this way it becomes quite clear what this test does and what is the implication when it fails.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

3 participants