From c7e36a25f19e68a283e2d23a2bfdf39ea6e58063 Mon Sep 17 00:00:00 2001 From: beardedfoo <773275+beardedfoo@users.noreply.github.com> Date: Wed, 19 Jul 2023 09:59:14 +0200 Subject: [PATCH] Add denylist e2e test (#2345) --- e2e-tests/denylist/README.md | 7 ++ e2e-tests/denylist/client-allowed.crt | 13 +++ e2e-tests/denylist/client-allowed.key | 5 + e2e-tests/denylist/client-blocked.crt | 13 +++ e2e-tests/denylist/client-blocked.key | 5 + .../denylist/defaults/docker-compose.yml | 16 +++ e2e-tests/denylist/defaults/nuts.yaml | 23 ++++ e2e-tests/denylist/defaults/run-test.sh | 100 ++++++++++++++++++ e2e-tests/denylist/github/docker-compose.yml | 16 +++ e2e-tests/denylist/github/nuts.yaml | 26 +++++ e2e-tests/denylist/github/run-test.sh | 99 +++++++++++++++++ e2e-tests/denylist/nuts-node.key | 5 + e2e-tests/denylist/nuts-node.pem | 13 +++ e2e-tests/denylist/run-tests.sh | 16 +++ e2e-tests/denylist/truststore-development.pem | 9 ++ e2e-tests/run-tests.sh | 9 +- 16 files changed, 374 insertions(+), 1 deletion(-) create mode 100644 e2e-tests/denylist/README.md create mode 100644 e2e-tests/denylist/client-allowed.crt create mode 100644 e2e-tests/denylist/client-allowed.key create mode 100644 e2e-tests/denylist/client-blocked.crt create mode 100644 e2e-tests/denylist/client-blocked.key create mode 100644 e2e-tests/denylist/defaults/docker-compose.yml create mode 100644 e2e-tests/denylist/defaults/nuts.yaml create mode 100755 e2e-tests/denylist/defaults/run-test.sh create mode 100644 e2e-tests/denylist/github/docker-compose.yml create mode 100644 e2e-tests/denylist/github/nuts.yaml create mode 100755 e2e-tests/denylist/github/run-test.sh create mode 100644 e2e-tests/denylist/nuts-node.key create mode 100644 e2e-tests/denylist/nuts-node.pem create mode 100755 e2e-tests/denylist/run-tests.sh create mode 100644 e2e-tests/denylist/truststore-development.pem diff --git a/e2e-tests/denylist/README.md b/e2e-tests/denylist/README.md new file mode 100644 index 0000000000..95d40e14b3 --- /dev/null +++ b/e2e-tests/denylist/README.md @@ -0,0 +1,7 @@ +The certificates and keys in this directory should be valid development network materials. These are generated with the following commands: +``` +git clone https://github.com/nuts-foundation/nuts-development-network-ca.git +cd nuts-development-network-ca +./issue-cert.sh development nuts-node + +The truststore should be the development network truststore. diff --git a/e2e-tests/denylist/client-allowed.crt b/e2e-tests/denylist/client-allowed.crt new file mode 100644 index 0000000000..8473049470 --- /dev/null +++ b/e2e-tests/denylist/client-allowed.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB/DCCAaKgAwIBAgIUUl5JVNfcabepdbZWYe2h/CEM4wUwCgYIKoZIzj0EAwIw +KzEpMCcGA1UEAwwgTnV0cyBEZXZlbG9wbWVudCBOZXR3b3JrIFJvb3QgQ0EwHhcN +MjMwNzExMTE1MDQ5WhcNMjQwNzEwMTE1MDQ5WjAiMSAwHgYDVQQDDBdudXRzLWZv +dW5kYXRpb24tbm9kZTAwMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJB2hkUO +591ILH35J2neFDmVjQVT/W2kXp2QHbJBJd/IWkAmWgN44RU7dJRdMe/unlQnKuPS +Lz7kagMa57obGw2jgawwgakwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MCIGA1UdEQQbMBmCF251dHMtZm91bmRhdGlvbi1ub2RlMDAxMB0GA1UdDgQWBBS5 +oo8fbDlhPSHeNjQLSzLyvi6lYzBFBgNVHSMEPjA8oS+kLTArMSkwJwYDVQQDDCBO +dXRzIERldmVsb3BtZW50IE5ldHdvcmsgUm9vdCBDQYIJAORotAUvutshMAoGCCqG +SM49BAMCA0gAMEUCIQDZKhAQG3ZfPr6n9sP+Ekrwi0eugXRTansZH/+5lbSLwwIg +aINIIA3o8NouysLQms0451NuNkhWUNWfvre9VBdq4J8= +-----END CERTIFICATE----- diff --git a/e2e-tests/denylist/client-allowed.key b/e2e-tests/denylist/client-allowed.key new file mode 100644 index 0000000000..088eec68a3 --- /dev/null +++ b/e2e-tests/denylist/client-allowed.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIMc72HeTl5OzBWOVWXXb4X7bwNImfXJ4ciBrDTatJSRboAoGCCqGSM49 +AwEHoUQDQgAEkHaGRQ7n3Ugsffknad4UOZWNBVP9baRenZAdskEl38haQCZaA3jh +FTt0lF0x7+6eVCcq49IvPuRqAxrnuhsbDQ== +-----END EC PRIVATE KEY----- diff --git a/e2e-tests/denylist/client-blocked.crt b/e2e-tests/denylist/client-blocked.crt new file mode 100644 index 0000000000..4058b50448 --- /dev/null +++ b/e2e-tests/denylist/client-blocked.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB/DCCAaKgAwIBAgIUDzkmbZKy6AO6cel74noj6k8OqOUwCgYIKoZIzj0EAwIw +KzEpMCcGA1UEAwwgTnV0cyBEZXZlbG9wbWVudCBOZXR3b3JrIFJvb3QgQ0EwHhcN +MjMwNzExMDgyODIwWhcNMjQwNzEwMDgyODIwWjAiMSAwHgYDVQQDDBdudXRzLWZv +dW5kYXRpb24tbm9kZTAwMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABA9swx4I +X3FTXg3j1DhkFUxn2hqHGMH6Ehi9iXcyJRzDBERCSqs8HKypya/Na8ycnYjsdTB2 +vqR08oCdHIRhxtKjgawwgakwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MCIGA1UdEQQbMBmCF251dHMtZm91bmRhdGlvbi1ub2RlMDAxMB0GA1UdDgQWBBTb +Y85PUsbJp4QcXpqhYX+KEBkskjBFBgNVHSMEPjA8oS+kLTArMSkwJwYDVQQDDCBO +dXRzIERldmVsb3BtZW50IE5ldHdvcmsgUm9vdCBDQYIJAORotAUvutshMAoGCCqG +SM49BAMCA0gAMEUCIQCuWSmrlFQqVN4MIjWdHSWLirBAL0fh1XEnukCDLzS99AIg +AKkm3MLYpNwRt69aLhX8c5m/HY5SfoxShPs/xlHljL0= +-----END CERTIFICATE----- diff --git a/e2e-tests/denylist/client-blocked.key b/e2e-tests/denylist/client-blocked.key new file mode 100644 index 0000000000..a56cf3d572 --- /dev/null +++ b/e2e-tests/denylist/client-blocked.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIMZDf9Aw8tmEo9dgFhpZpDiaWfUTgt+INq1/OPnE/sdVoAoGCCqGSM49 +AwEHoUQDQgAED2zDHghfcVNeDePUOGQVTGfaGocYwfoSGL2JdzIlHMMEREJKqzwc +rKnJr81rzJydiOx1MHa+pHTygJ0chGHG0g== +-----END EC PRIVATE KEY----- diff --git a/e2e-tests/denylist/defaults/docker-compose.yml b/e2e-tests/denylist/defaults/docker-compose.yml new file mode 100644 index 0000000000..03e935b5b2 --- /dev/null +++ b/e2e-tests/denylist/defaults/docker-compose.yml @@ -0,0 +1,16 @@ +version: "3.7" +services: + nuts-node: + container_name: denylist-nuts-node-defaults + image: "${IMAGE_NODE_A:-nutsfoundation/nuts-node:master}" + environment: + NUTS_CONFIGFILE: /opt/nuts/nuts.yaml + ports: + - "15555:5555" + volumes: + - "./nuts.yaml:/opt/nuts/nuts.yaml:ro" + - "../truststore-development.pem:/opt/nuts/truststore-development.pem:ro" + - "../nuts-node.pem:/opt/nuts/nuts-node.pem:ro" + - "../nuts-node.key:/opt/nuts/nuts-node.key:ro" + healthcheck: + interval: 1s # Make test run quicker by checking health status more often diff --git a/e2e-tests/denylist/defaults/nuts.yaml b/e2e-tests/denylist/defaults/nuts.yaml new file mode 100644 index 0000000000..5636650b57 --- /dev/null +++ b/e2e-tests/denylist/defaults/nuts.yaml @@ -0,0 +1,23 @@ +verbosity: trace +strictmode: false +internalratelimiter: false +http: + default: + address: :1323 +auth: + publicurl: http://nuts-node + contractvalidators: + - dummy + irma: + autoupdateschemas: false +network: + grpcaddr: :5555 + enabletls: true + v2: + gossipinterval: 500 +pki: + softfail: false +tls: + truststorefile: /opt/nuts/truststore-development.pem + certfile: /opt/nuts/nuts-node.pem + certkeyfile: /opt/nuts/nuts-node.key diff --git a/e2e-tests/denylist/defaults/run-test.sh b/e2e-tests/denylist/defaults/run-test.sh new file mode 100755 index 0000000000..5234dbfcb5 --- /dev/null +++ b/e2e-tests/denylist/defaults/run-test.sh @@ -0,0 +1,100 @@ +#!/usr/bin/env bash +source ../../util.sh + +TEST_REPEAT_COUNT=20 + +echo "------------------------------------" +echo "Cleaning up running Docker containers and volumes, and key material..." +echo "------------------------------------" +docker compose down +if [ $? -ne 0 ]; then + echo "ERROR: failed to shut down old containers" + exitWithDockerLogs 1 +fi + +docker compose rm -f -v +if [ $? -ne 0 ]; then + echo "ERROR: failed to remove old containers" + exitWithDockerLogs 1 +fi + +echo "------------------------------------" +echo "Starting Docker containers..." +echo "------------------------------------" +docker compose up --wait +if [ $? -ne 0 ]; then + echo "ERROR: failed to start containers" + exitWithDockerLogs 1 +fi + +sleep 5 + +# Simply to log this +openssl version + +echo "------------------------------------" +echo "Connecting (defaults) with allowed cert.." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a valid client certificate + #curl --fail --cert client-allowed.crt --key client-allowed.key "https://localhost:1323/status/diagnostics" + openssl s_client -connect localhost:15555 -cert ../client-allowed.crt -key ../client-allowed.key -CAfile ../truststore-development.pem -verify_return_error -tls1_2 < <(echo "Hello Nuts 🥜") + if [ $? -ne 0 ]; then + echo "ERROR: failed to contact nuts-node-defaults with valid certificate" + exitWithDockerLogs 1 + fi + + # Check the logs have the right contents + docker logs denylist-nuts-node-defaults 2>&1 | tail -n1 | grep 'Validated certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate validation log message for nuts-node-defaults (tls v1.2)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Connecting (defaults) with blocked cert (tls v1.2).." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a blocked client certificate + openssl s_client -connect localhost:15555 -cert ../client-blocked.crt -key ../client-blocked.key -CAfile ../truststore-development.pem -verify_return_error -tls1_2 < <(echo "Hello Nuts 🥜") + if [ $? -eq 0 ]; then + echo "ERROR: blocked certificate was allowed to connect to nuts-node-defaults (tls v1.2)" + exitWithDockerLogs 1 + else + echo "PASS: server rejected certificate as expected (tls v1.2)" + fi + + # Check the logs have the right contents + docker logs denylist-nuts-node-defaults 2>&1 | tail -n1 | grep 'Rejecting banned certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate rejection log message for nuts-node-defaults (tls v1.2)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Connecting (defaults) with blocked cert (tls v1.3).." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a blocked client certificate + openssl s_client -connect localhost:15555 -cert client-blocked.crt -key client-blocked.key -CAfile ../truststore-development.pem -verify_return_error -tls1_3 < <(echo "Hello Nuts 🥜") + # Ignore exit code from openssl with tls v1.3 because it is unreliable. + # Depend entirely on the log check below instead. + + # Check the logs have the right contents + docker logs denylist-nuts-node-defaults 2>&1 | tail -n1 | grep 'Rejecting banned certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate rejection log message for nuts-node-defaults (tls v1.3)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Stopping Docker containers..." +echo "------------------------------------" +docker compose stop +if [ $? -ne 0 ]; then + echo "ERROR: failed to stop docker containers" + exitWithDockerLogs 1 +fi diff --git a/e2e-tests/denylist/github/docker-compose.yml b/e2e-tests/denylist/github/docker-compose.yml new file mode 100644 index 0000000000..6a9305008d --- /dev/null +++ b/e2e-tests/denylist/github/docker-compose.yml @@ -0,0 +1,16 @@ +version: "3.7" +services: + nuts-node-github: + container_name: denylist-nuts-node-github + image: "${IMAGE_NODE_A:-nutsfoundation/nuts-node:master}" + environment: + NUTS_CONFIGFILE: /opt/nuts/nuts.yaml + ports: + - "15555:5555" + volumes: + - "./nuts.yaml:/opt/nuts/nuts.yaml:ro" + - "../truststore-development.pem:/opt/nuts/truststore-development.pem:ro" + - "../nuts-node.pem:/opt/nuts/nuts-node.pem:ro" + - "../nuts-node.key:/opt/nuts/nuts-node.key:ro" + healthcheck: + interval: 1s # Make test run quicker by checking health status more often diff --git a/e2e-tests/denylist/github/nuts.yaml b/e2e-tests/denylist/github/nuts.yaml new file mode 100644 index 0000000000..794ed11345 --- /dev/null +++ b/e2e-tests/denylist/github/nuts.yaml @@ -0,0 +1,26 @@ +verbosity: trace +strictmode: false +internalratelimiter: false +http: + default: + address: :1323 +auth: + publicurl: http://nuts-node + contractvalidators: + - dummy + irma: + autoupdateschemas: false +network: + grpcaddr: :5555 + enabletls: true + v2: + gossipinterval: 500 +pki: + softfail: false + denylist: + url: https://raw.githubusercontent.com/nuts-foundation/denylist/main/denylist/denylist.jws + trustedsigner: -----BEGIN PUBLIC KEY-----\nMCowBQYDK2VwAyEAmKjcSOrKOJR2cYd6UNbemNeusvjs930Y4nCIZ1R2zCI=\n-----END PUBLIC KEY----- +tls: + truststorefile: /opt/nuts/truststore-development.pem + certfile: /opt/nuts/nuts-node.pem + certkeyfile: /opt/nuts/nuts-node.key diff --git a/e2e-tests/denylist/github/run-test.sh b/e2e-tests/denylist/github/run-test.sh new file mode 100755 index 0000000000..39e3220b1c --- /dev/null +++ b/e2e-tests/denylist/github/run-test.sh @@ -0,0 +1,99 @@ +#!/usr/bin/env bash +source ../../util.sh + +TEST_REPEAT_COUNT=20 + +echo "------------------------------------" +echo "Cleaning up running Docker containers and volumes, and key material..." +echo "------------------------------------" +docker compose down +if [ $? -ne 0 ]; then + echo "ERROR: failed to shut down old containers" + exitWithDockerLogs 1 +fi + +docker compose rm -f -v +if [ $? -ne 0 ]; then + echo "ERROR: failed to remove old containers" + exitWithDockerLogs 1 +fi + +echo "------------------------------------" +echo "Starting Docker containers..." +echo "------------------------------------" +docker compose up --wait +if [ $? -ne 0 ]; then + echo "ERROR: failed to start containers" + exitWithDockerLogs 1 +fi + +sleep 5 + +# Simply to log this +openssl version + +echo "------------------------------------" +echo "Connecting (github) with allowed cert.." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a valid client certificate + openssl s_client -connect localhost:15555 -cert ../client-allowed.crt -key ../client-allowed.key -CAfile ../truststore-development.pem -verify_return_error -tls1_2 < <(echo "Hello Nuts 🥜") + if [ $? -ne 0 ]; then + echo "ERROR: failed to contact nuts-node-github with valid certificate" + exitWithDockerLogs 1 + fi + + # Check the logs have the right contents + docker logs denylist-nuts-node-github 2>&1 | tail -n1 | grep 'Validated certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate validation log message for nuts-node-github (tls v1.2)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Connecting (github) with blocked cert (tls v1.2).." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a blocked client certificate + openssl s_client -connect localhost:15555 -cert ../client-blocked.crt -key ../client-blocked.key -CAfile ../truststore-development.pem -verify_return_error -tls1_2 < <(echo "Hello Nuts 🥜") + if [ $? -eq 0 ]; then + echo "ERROR: blocked certificate was allowed to connect to nuts-node-github (tls v1.2)" + exitWithDockerLogs 1 + else + echo "PASS: server rejected certificate as expected (tls v1.2)" + fi + + # Check the logs have the right contents + docker logs denylist-nuts-node-github 2>&1 | tail -n1 | grep 'Rejecting banned certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate rejection log message for nuts-node-github (tls v1.2)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Connecting (github) with blocked cert (tls v1.3).." +echo "------------------------------------" +for x in $(seq ${TEST_REPEAT_COUNT}); do + # Connect to the nuts-node with a blocked client certificate + openssl s_client -connect localhost:15555 -cert ../client-blocked.crt -key ../client-blocked.key -CAfile ../truststore-development.pem -verify_return_error -tls1_3 < <(echo "Hello Nuts 🥜") + # Ignore exit code from openssl with tls v1.3 because it is unreliable. + # Depend entirely on the log check below instead. + + # Check the logs have the right contents + docker logs denylist-nuts-node-github 2>&1 | tail -n1 | grep 'Rejecting banned certificate' + if [ $? -ne 0 ]; then + echo "ERROR: Failed to find certificate rejection log message for nuts-node-github (tls v1.3)" + exitWithDockerLogs 1 + fi +done + +echo "------------------------------------" +echo "Stopping Docker containers..." +echo "------------------------------------" +docker compose stop +if [ $? -ne 0 ]; then + echo "ERROR: failed to stop docker containers" + exitWithDockerLogs 1 +fi diff --git a/e2e-tests/denylist/nuts-node.key b/e2e-tests/denylist/nuts-node.key new file mode 100644 index 0000000000..bb77826ebd --- /dev/null +++ b/e2e-tests/denylist/nuts-node.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIPIpmvRouI2GkA266ilRt6Yq9SAksWKsbhhsPZG85EoAoAoGCCqGSM49 +AwEHoUQDQgAEeFVDuvGqYVCgx8ns/YZxj90Ys9IAAFYSA940dOI3vU1iUYAZg36y +sgyS0eKQCyO0QqLyN8kRvCmGNvaY5vA6yg== +-----END EC PRIVATE KEY----- diff --git a/e2e-tests/denylist/nuts-node.pem b/e2e-tests/denylist/nuts-node.pem new file mode 100644 index 0000000000..c2710a510f --- /dev/null +++ b/e2e-tests/denylist/nuts-node.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB+zCCAaKgAwIBAgIUZzx7+PwOLRQhJQ/hkCsRlmisyFwwCgYIKoZIzj0EAwIw +KzEpMCcGA1UEAwwgTnV0cyBEZXZlbG9wbWVudCBOZXR3b3JrIFJvb3QgQ0EwHhcN +MjMwNzEyMTMwNDIzWhcNMjQwNzExMTMwNDIzWjAiMSAwHgYDVQQDDBdudXRzLWZv +dW5kYXRpb24tbm9kZTAwMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHhVQ7rx +qmFQoMfJ7P2GcY/dGLPSAABWEgPeNHTiN71NYlGAGYN+srIMktHikAsjtEKi8jfJ +Ebwphjb2mObwOsqjgawwgakwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC +MCIGA1UdEQQbMBmCF251dHMtZm91bmRhdGlvbi1ub2RlMDAxMB0GA1UdDgQWBBT4 +TR+8HxgpGS/FJYXwDNz8fKwiMTBFBgNVHSMEPjA8oS+kLTArMSkwJwYDVQQDDCBO +dXRzIERldmVsb3BtZW50IE5ldHdvcmsgUm9vdCBDQYIJAORotAUvutshMAoGCCqG +SM49BAMCA0cAMEQCIFNqxYLqGuMHTz7iNYF9Rm14exS5YbRQJaUhksNwUuowAiAi +/hmt0tUKQImuIi1LUw+9FeXmyaXCFWpIXIJLf99g0A== +-----END CERTIFICATE----- diff --git a/e2e-tests/denylist/run-tests.sh b/e2e-tests/denylist/run-tests.sh new file mode 100755 index 0000000000..3f1f497b23 --- /dev/null +++ b/e2e-tests/denylist/run-tests.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +set -e + +echo "====================================" +echo "Testing denylist with default settings" +echo "====================================" +pushd defaults +./run-test.sh +popd + +echo "====================================" +echo "Testing denylist with raw github URL" +echo "====================================" +pushd github +./run-test.sh +popd diff --git a/e2e-tests/denylist/truststore-development.pem b/e2e-tests/denylist/truststore-development.pem new file mode 100644 index 0000000000..3b7eae92f6 --- /dev/null +++ b/e2e-tests/denylist/truststore-development.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBRTCB7AIJAORotAUvutshMAoGCCqGSM49BAMCMCsxKTAnBgNVBAMMIE51dHMg +RGV2ZWxvcG1lbnQgTmV0d29yayBSb290IENBMB4XDTIyMDUzMDE0MjE1N1oXDTI3 +MDUyOTE0MjE1N1owKzEpMCcGA1UEAwwgTnV0cyBEZXZlbG9wbWVudCBOZXR3b3Jr +IFJvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATNnndfWTG++FGkXtS1 +5KgzIiGVB+E2f1xta6XgzZis8VXBAJ5RdysGweN0BAWwSXfMsN5CMrDe+M0IBIqo ++5IOMAoGCCqGSM49BAMCA0gAMEUCIQC1xRxAbdAuQO5PEjX4AvoMUVn5rkirK6t7 +k82XIGM3VAIgNproF+PdEQ1E7xT5ujRqTUk5cA0nT89KPWxlEcmzg7c= +-----END CERTIFICATE----- diff --git a/e2e-tests/run-tests.sh b/e2e-tests/run-tests.sh index ae2485ff40..27db218605 100755 --- a/e2e-tests/run-tests.sh +++ b/e2e-tests/run-tests.sh @@ -42,4 +42,11 @@ echo "!! Running test suite: Sysadmin Operations !!" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" pushd ops ./run-tests.sh -popd \ No newline at end of file +popd + +echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" +echo "!! Running test suite: Denylist !!" +echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" +pushd denylist +./run-tests.sh +popd