From 44daaa2f2e71133a884b472f44ea3d667545421f Mon Sep 17 00:00:00 2001
From: cyBerta <cyberta@riseup.net>
Date: Tue, 17 Sep 2024 22:08:47 +0200
Subject: [PATCH] pin ca-crt feature branch of menshen for now and add
 integration tests for fetching ca certs in bitmask-core via menshen

---
 pkg/mobile/bitmaskmobile_test.go | 9 +++++++++
 tests/docker-compose-ci.yml      | 7 +++----
 tests/docker-compose-local.yml   | 7 +++----
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/pkg/mobile/bitmaskmobile_test.go b/pkg/mobile/bitmaskmobile_test.go
index a8b0504..c6b9e3c 100644
--- a/pkg/mobile/bitmaskmobile_test.go
+++ b/pkg/mobile/bitmaskmobile_test.go
@@ -92,6 +92,15 @@ func TestMobileIntegrationGetProvider(t *testing.T) {
 	assert.Equal(t, provider.Domain, "demo.bitmask.net")
 }
 
+func TestMobileIntegrationGetCa(t *testing.T) {
+	bm := createBitmaskMobile()
+	ca, err := bm.GetCACert()
+	assert.NoError(t, err, "Could not call GetCACert")
+	assert.NotNil(t, ca, "ca should not be nil")
+	assert.Contains(t, ca, "-----BEGIN CERTIFICATE-----")
+	assert.Contains(t, ca, "-----END CERTIFICATE-----")
+}
+
 func TestMobileTestSetIntroducer(t *testing.T) {
 	bm := createBitmaskMobile()
 
diff --git a/tests/docker-compose-ci.yml b/tests/docker-compose-ci.yml
index 222e574..a428a12 100644
--- a/tests/docker-compose-ci.yml
+++ b/tests/docker-compose-ci.yml
@@ -2,15 +2,14 @@
 # This should only be used for the CI
 services:
   menshen:
-    image: registry.0xacab.org/leap/menshen:latest
+    image: registry.0xacab.org/leap/menshen:ca-crt
     entrypoint: ["menshen"]
     environment:
       - MENSHEN_FROM_EIP_FILE=/etc/leap/test/eip-service.json
       - MENSHEN_FROM_PROVIDER_JSON_FILE=/etc/leap/test/provider.json
-      - MENSHEN_CA_FILE=/etc/leap/test/ca.crt
       - MENSHEN_DB_FILE=/etc/leap/test/db/sqlite.db
-      - MENSHEN_OVPN_CA_CRT=/etc/leap/test/ovpn_client_ca.crt
-      - MENSHEN_OVPN_CA_KEY=/etc/leap/test/ovpn_client_ca.key
+      - MENSHEN_CA_FILE=/etc/leap/test/ovpn_client_ca.crt
+      - MENSHEN_CA_KEY_FILE=/etc/leap/test/ovpn_client_ca.key
       - MENSHEN_PORT=8443
       - MENSHEN_ALLOW_GATEWAY_LIST=true
       - MENSHEN_ALLOW_BRIDGE_LIST=true
diff --git a/tests/docker-compose-local.yml b/tests/docker-compose-local.yml
index 6615ff3..19d7262 100644
--- a/tests/docker-compose-local.yml
+++ b/tests/docker-compose-local.yml
@@ -2,15 +2,14 @@
 # This file is used for local development testing
 services:
   menshen:
-    image: registry.0xacab.org/leap/menshen:latest
+    image: registry.0xacab.org/leap/menshen:ca-crt
     entrypoint: ["menshen"]
     environment:
       - MENSHEN_FROM_EIP_FILE=/etc/leap/test/eip-service.json
       - MENSHEN_FROM_PROVIDER_JSON_FILE=/etc/leap/test/provider.json
-      - MENSHEN_CA_FILE=/etc/leap/test/ca.crt
       - MENSHEN_DB_FILE=/etc/leap/test/db/sqlite.db
-      - MENSHEN_OVPN_CA_CRT=/etc/leap/test/ovpn_client_ca.crt
-      - MENSHEN_OVPN_CA_KEY=/etc/leap/test/ovpn_client_ca.key
+      - MENSHEN_CA_FILE=/etc/leap/test/ovpn_client_ca.crt
+      - MENSHEN_CA_KEY_FILE=/etc/leap/test/ovpn_client_ca.key
       - MENSHEN_PORT=8443
       - MENSHEN_ALLOW_GATEWAY_LIST=true
       - MENSHEN_ALLOW_BRIDGE_LIST=true
-- 
GitLab