Audit Tools
Network & Gitlab
MicroServices
Network
Network
frontend api_gateway
bind *:80
bind *:443 ssl crt /usr/local/etc/haproxy/app.docker.pem
# MS Stock
acl PATH_STOCK path_beg -i /stock
acl PATH_STOCK path_beg -i /stores
acl PATH_STOCK path_beg -i /sites
# MS Invoice
acl PATH_INVOICE path_beg -i /vats
acl PATH_INVOICE path_beg -i /invoices
acl PATH_INVOICE path_beg -i /invoice_batch
http-request set-header Host stock.bo.app.docker if VHOST_API PATH_STOCK
http-request set-header Host invoice.bo.app.docker if VHOST_API PATH_INVOICE
use_backend backend_stock if PATH_STOCK VHOST_SSL
use_backend backend_invoice if PATH_INVOICE VHOST_SSL
Configuration #HAProxy
Zoom
Ce système permet au consomateur des WebService de ProwebCE de s'abraitre de l'architecture applicative.
Le consommateur n'a pas à connaitre les 15 domaines
Map
- 16 MicroServices
- Une moyenne de 46 URL par MicroService
- Un total de 750 web service qui doivent être redirigé sur les 16 applications
Failures ?
Failure #1
404 Not Found
Failure #2
503 Service Unavailable
Comment tester tous les WebService ?
#750_routes
#1 Récupérer toutes les routes d'une application
#2 Requêter chaque route
POC
#1 Récupérer toutes les routes d'une application
#2 Requêter chaque route
POC
/** @var RouterInterface $router */
$routes = $router->getRouteCollection()->all();/** @var HttpClientInterface $httpClient */
$httpClient->request('GET', 'https://api.xxx.com/products');public function testApiGateway(): void
{
$apiUrls = $this->router->getRouteCollection()->all();
foreach ($apiUrls as $url) {
fwrite(STDERR, print_r("Test path: $url\n", true));
// Run an HEAD request to be fase, we don't need a fully "GET" request.
$response = $this->httpClient->request('HEAD', $url);
if ($response->getStatusCode() === 503) {
$this->fail(sprintf('Fail on %s', $url));
} elseif ($response->getStatusCode() >= 500) {
$this->fail(sprintf('Something goes wrong on %s status code: %s',
$url, $response->getStatusCode()));
}
}
}POC
Converting in a test for one application
Converting for all applications !
# Makefile
phpunit-api-gateway:
$(call api_command, ./bin/phpunit --group api-gateway --testsuite $$ms)
define api_command
@ for ms in $(API_CONTAINERS); \
do \
echo "MicroService: ${GREEN}$$ms${RESET}"; \
$(DOCKER_EXEC) --user www-data $$ms $1 || exit 1; \
done
endefHelper Makefile
Conclusion
#2 Failure handled
# gitlab-ci.yaml
phpunit_tests:
<<: *template-tests
stage: tests
script:
- make pull_and_up_base_and_all_ms
- make microservices/vendor
- make -j -O phpunit-functional-exec
- make -j -O phpunit-api-gateway
Go further !
What about #1 Failure ?
HyperMedia ?
#hyperMedia
#ApiPlatform
#jsonLd
#hydra
public function testApiGateway(string $hostExcepted): void
{
$apiUrls = $this->router->getRouteCollection()->all();
foreach ($apiUrls as $url) {
fwrite(STDERR, print_r("Test path: $url\n", true));
// Run an HEAD request to be fase, we don't need a fully "GET" request.
$response = $this->httpClient->request('HEAD', $url);
if ($response->getStatusCode() === 503) {
$this->fail(sprintf('Fail on %s', $url));
} elseif ($response->getStatusCode() >= 500) {
$this->fail(sprintf('Something goes wrong on %s status code: %s',
$url, $response->getStatusCode()));
}
$this->assertTrue($this->headerLinkContainsHost($response, $hostExcepted));
}
}Test host
Demo
test-vpn-up:
bash test-vpn-up.sh#!/bin/bash
# Check if the VPN is UP
value=$(curl -s ifconfig.me | grep -c "91.134.250.162")
if [ $value -eq 0 ]; then
echo -e "\e[33mYou need to run the VPN\e[0m"
exit 1
fi
exit 0
Tips VPN
test-vpn-up:
bash test-vpn-up.sh
test-api-gateway: test-vpn-up
bash test-api-gateway.shdeck
By skigun
