Merge pull request #14 from gripmock/tls

tls

Author: rez1dent3

Cargo.toml

@@ -2,7 +2,7 @@
 resolver = "2"
 
 [workspace.package]
-version = "1.4.1"
+version = "1.4.2"
 edition = "2024"
 authors = ["bavix"]
 license = "MIT"

src/commands/reflect.rs

@@ -3,14 +3,15 @@
 use anyhow::{Context, Result};
 
 use crate::cli::args::ReflectArgs;
+use crate::config;
 use crate::grpc::client::{GrpcClient, GrpcClientConfig};
 
 pub async fn handle_reflect(args: &ReflectArgs) -> Result<()> {
     // Determine address
     let address = if let Some(addr) = &args.address {
         addr.clone()
     } else {
-        std::env::var("GRPCTESTIFY_ADDRESS").unwrap_or_else(|_| "localhost:4770".to_string())
+        std::env::var(config::ENV_GRPCTESTIFY_ADDRESS).unwrap_or_else(|_| config::default_address())
     };
 
     // Build client config

src/config.rs

@@ -91,8 +91,14 @@ pub struct CoverageConfig {
     pub output: Option<String>,
 }
 
-// Default values
+// Environment variable names
 pub const ENV_GRPCTESTIFY_ADDRESS: &str = "GRPCTESTIFY_ADDRESS";
+pub const ENV_GRPCTESTIFY_COMPRESSION: &str = "GRPCTESTIFY_COMPRESSION";
+
+pub const ENV_GRPCTESTIFY_TLS_CERT_FILE: &str = "GRPCTESTIFY_TLS_CERT_FILE";
+pub const ENV_GRPCTESTIFY_TLS_KEY_FILE: &str = "GRPCTESTIFY_TLS_KEY_FILE";
+pub const ENV_GRPCTESTIFY_TLS_CA_FILE: &str = "GRPCTESTIFY_TLS_CA_FILE";
+pub const ENV_GRPCTESTIFY_TLS_SERVER_NAME: &str = "GRPCTESTIFY_TLS_SERVER_NAME";
 
 pub fn default_address() -> String {
     String::from("localhost:4770")

src/execution/runner.rs

@@ -461,6 +461,32 @@ pub struct TestRunner {
     assertion_handler: AssertionHandler,
 }
 
+fn parse_bool_flag(value: &str) -> bool {
+    matches!(
+        value.trim().to_ascii_lowercase().as_str(),
+        "true" | "1" | "yes" | "on"
+    )
+}
+
+fn tls_env_defaults() -> HashMap<String, String> {
+    let mut defaults = HashMap::new();
+
+    if let Ok(value) = std::env::var(crate::config::ENV_GRPCTESTIFY_TLS_CA_FILE) {
+        defaults.insert("ca_cert".to_string(), value);
+    }
+    if let Ok(value) = std::env::var(crate::config::ENV_GRPCTESTIFY_TLS_CERT_FILE) {
+        defaults.insert("client_cert".to_string(), value);
+    }
+    if let Ok(value) = std::env::var(crate::config::ENV_GRPCTESTIFY_TLS_KEY_FILE) {
+        defaults.insert("client_key".to_string(), value);
+    }
+    if let Ok(value) = std::env::var(crate::config::ENV_GRPCTESTIFY_TLS_SERVER_NAME) {
+        defaults.insert("server_name".to_string(), value);
+    }
+
+    defaults
+}
+
 impl TestRunner {
     pub fn full_service_name(package: &str, service: &str) -> String {
         if package.is_empty() {
@@ -574,28 +600,42 @@ impl TestRunner {
         // Configure Client
         let document_path = Path::new(&document.file_path);
 
-        let tls_config = document.get_tls_config().map(|tls_map| TlsConfig {
-            ca_cert_path: tls_map.get("ca_cert").map(|p| {
-                FileUtils::resolve_relative_path(document_path, p)
-                    .to_string_lossy()
-                    .to_string()
-            }),
-            client_cert_path: tls_map.get("client_cert").map(|p| {
-                FileUtils::resolve_relative_path(document_path, p)
-                    .to_string_lossy()
-                    .to_string()
-            }),
-            client_key_path: tls_map.get("client_key").map(|p| {
-                FileUtils::resolve_relative_path(document_path, p)
-                    .to_string_lossy()
-                    .to_string()
-            }),
-            server_name: tls_map.get("server_name").cloned(),
-            insecure_skip_verify: tls_map
-                .get("insecure")
-                .map(|s| s == "true")
-                .unwrap_or(false),
-        });
+        let tls_defaults = tls_env_defaults();
+        let tls_config = document
+            .get_tls_config_with_defaults(&tls_defaults)
+            .map(|tls_map| TlsConfig {
+                ca_cert_path: tls_map
+                    .get("ca_cert")
+                    .or_else(|| tls_map.get("ca_file"))
+                    .map(|p| {
+                        FileUtils::resolve_relative_path(document_path, p)
+                            .to_string_lossy()
+                            .to_string()
+                    }),
+                client_cert_path: tls_map
+                    .get("client_cert")
+                    .or_else(|| tls_map.get("cert"))
+                    .or_else(|| tls_map.get("cert_file"))
+                    .map(|p| {
+                        FileUtils::resolve_relative_path(document_path, p)
+                            .to_string_lossy()
+                            .to_string()
+                    }),
+                client_key_path: tls_map
+                    .get("client_key")
+                    .or_else(|| tls_map.get("key"))
+                    .or_else(|| tls_map.get("key_file"))
+                    .map(|p| {
+                        FileUtils::resolve_relative_path(document_path, p)
+                            .to_string_lossy()
+                            .to_string()
+                    }),
+                server_name: tls_map.get("server_name").cloned(),
+                insecure_skip_verify: tls_map
+                    .get("insecure")
+                    .map(|s| parse_bool_flag(s))
+                    .unwrap_or(false),
+            });
 
         // Check for Proto config in document
         let proto_config = if let Some(proto_map) = document.get_proto_config() {
@@ -1616,20 +1656,36 @@ impl TestRunner {
             }
         }
 
-        // Show TLS config if present
-        if let Some(tls_config) = document.get_tls_config() {
+        // Show TLS config if present (including environment defaults)
+        let tls_defaults = tls_env_defaults();
+        if let Some(tls_config) = document.get_tls_config_with_defaults(&tls_defaults) {
             println!();
             println!("🔒 TLS Configuration:");
-            if tls_config.contains_key("ca_cert") {
-                println!("   CA Cert: {}", tls_config.get("ca_cert").unwrap());
+            if let Some(ca_cert) = tls_config
+                .get("ca_cert")
+                .or_else(|| tls_config.get("ca_file"))
+            {
+                println!("   CA Cert: {}", ca_cert);
             }
-            if tls_config.contains_key("cert") {
-                println!("   Client Cert: {}", tls_config.get("cert").unwrap());
+            if let Some(client_cert) = tls_config
+                .get("client_cert")
+                .or_else(|| tls_config.get("cert"))
+                .or_else(|| tls_config.get("cert_file"))
+            {
+                println!("   Client Cert: {}", client_cert);
             }
-            if tls_config.contains_key("key") {
-                println!("   Client Key: {}", tls_config.get("key").unwrap());
+            if let Some(client_key) = tls_config
+                .get("client_key")
+                .or_else(|| tls_config.get("key"))
+                .or_else(|| tls_config.get("key_file"))
+            {
+                println!("   Client Key: {}", client_key);
             }
-            if tls_config.get("insecure") == Some(&"true".to_string()) {
+            if tls_config
+                .get("insecure")
+                .map(|s| parse_bool_flag(s))
+                .unwrap_or(false)
+            {
                 println!("   Insecure Skip Verify: true");
             }
         }
@@ -1691,6 +1747,54 @@ mod tests {
         assert!(runner.write_mode);
     }
 
+    #[test]
+    fn test_parse_bool_flag_truthy_values() {
+        assert!(parse_bool_flag("true"));
+        assert!(parse_bool_flag("1"));
+        assert!(parse_bool_flag("YES"));
+        assert!(parse_bool_flag("on"));
+    }
+
+    #[test]
+    fn test_parse_bool_flag_falsy_values() {
+        assert!(!parse_bool_flag("false"));
+        assert!(!parse_bool_flag("0"));
+        assert!(!parse_bool_flag("off"));
+        assert!(!parse_bool_flag(""));
+    }
+
+    #[test]
+    fn test_tls_env_defaults_uses_grpctestify_prefix() {
+        unsafe {
+            std::env::set_var(crate::config::ENV_GRPCTESTIFY_TLS_CA_FILE, "/tmp/ca.pem");
+            std::env::set_var(
+                crate::config::ENV_GRPCTESTIFY_TLS_CERT_FILE,
+                "/tmp/cert.pem",
+            );
+            std::env::set_var(crate::config::ENV_GRPCTESTIFY_TLS_KEY_FILE, "/tmp/key.pem");
+            std::env::set_var(crate::config::ENV_GRPCTESTIFY_TLS_SERVER_NAME, "localhost");
+        }
+
+        let defaults = tls_env_defaults();
+        assert_eq!(defaults.get("ca_cert"), Some(&"/tmp/ca.pem".to_string()));
+        assert_eq!(
+            defaults.get("client_cert"),
+            Some(&"/tmp/cert.pem".to_string())
+        );
+        assert_eq!(
+            defaults.get("client_key"),
+            Some(&"/tmp/key.pem".to_string())
+        );
+        assert_eq!(defaults.get("server_name"), Some(&"localhost".to_string()));
+
+        unsafe {
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_TLS_CA_FILE);
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_TLS_CERT_FILE);
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_TLS_KEY_FILE);
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_TLS_SERVER_NAME);
+        }
+    }
+
     #[test]
     fn test_test_runner_with_verbose() {
         let runner = TestRunner::new(false, 30, false, false, true, None);

src/grpc/client.rs

@@ -748,12 +748,25 @@ mod tests {
     fn test_compression_mode_from_env() {
         let _guard = ENV_MUTEX.lock().unwrap();
         unsafe {
-            std::env::set_var("GRPCTESTIFY_COMPRESSION", "gzip");
+            std::env::set_var(crate::config::ENV_GRPCTESTIFY_COMPRESSION, "gzip");
         }
         let mode = CompressionMode::from_env();
         assert_eq!(mode, CompressionMode::Gzip);
         unsafe {
-            std::env::remove_var("GRPCTESTIFY_COMPRESSION");
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_COMPRESSION);
+        }
+    }
+
+    #[test]
+    fn test_compression_mode_none_from_env() {
+        let _guard = ENV_MUTEX.lock().unwrap();
+        unsafe {
+            std::env::set_var(crate::config::ENV_GRPCTESTIFY_COMPRESSION, "none");
+        }
+        let mode = CompressionMode::from_env();
+        assert_eq!(mode, CompressionMode::None);
+        unsafe {
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_COMPRESSION);
         }
     }
 
@@ -762,7 +775,7 @@ mod tests {
         let _guard = ENV_MUTEX.lock().unwrap();
         // Ensure env var is not set
         unsafe {
-            std::env::remove_var("GRPCTESTIFY_COMPRESSION");
+            std::env::remove_var(crate::config::ENV_GRPCTESTIFY_COMPRESSION);
         }
         let mode = CompressionMode::from_env();
         assert_eq!(mode, CompressionMode::None);

src/grpc/tls.rs

@@ -195,12 +195,14 @@ pub enum CompressionMode {
 impl CompressionMode {
     /// Get compression mode from environment variable
     pub fn from_env() -> Self {
-        match std::env::var("GRPCTESTIFY_COMPRESSION")
+        match std::env::var(crate::config::ENV_GRPCTESTIFY_COMPRESSION)
             .unwrap_or_default()
-            .to_lowercase()
+            .trim()
+            .to_ascii_lowercase()
             .as_str()
         {
             "gzip" => Self::Gzip,
+            "" | "none" => Self::None,
             _ => Self::None,
         }
     }

src/lsp/handlers.rs

@@ -7,6 +7,7 @@ use serde_json::json;
 use std::collections::HashMap;
 use tower_lsp::lsp_types::*;
 
+use crate::config;
 use crate::parser::{self, ast::SectionType};
 use crate::plugins::{PluginManager, PluginPurity};
 
@@ -243,7 +244,7 @@ pub fn get_address_from_document(content: &str) -> Option<String> {
             return Some(addr.trim().to_string());
         }
     }
-    std::env::var("GRPCTESTIFY_ADDRESS").ok()
+    std::env::var(config::ENV_GRPCTESTIFY_ADDRESS).ok()
 }
 
 /// Convert validation error to LSP diagnostic

src/parser/ast.rs

@@ -316,6 +316,28 @@ impl GctfDocument {
         None
     }
 
+    /// Get TLS configuration merged with defaults (section values override defaults)
+    pub fn get_tls_config_with_defaults(
+        &self,
+        defaults: &HashMap<String, String>,
+    ) -> Option<HashMap<String, String>> {
+        let mut merged = defaults.clone();
+
+        if let Some(section) = self.first_section(SectionType::Tls)
+            && let SectionContent::KeyValues(config) = &section.content
+        {
+            for (key, value) in config {
+                merged.insert(key.clone(), value.clone());
+            }
+        }
+
+        if merged.is_empty() {
+            None
+        } else {
+            Some(merged)
+        }
+    }
+
     /// Get PROTO configuration
     pub fn get_proto_config(&self) -> Option<HashMap<String, String>> {
         if let Some(section) = self.first_section(SectionType::Proto)
@@ -657,6 +679,39 @@ mod tests {
         assert_eq!(result.get("ca_cert"), Some(&"/path/to/ca.pem".to_string()));
     }
 
+    #[test]
+    fn test_gctf_document_get_tls_config_with_defaults_env_only() {
+        let doc = GctfDocument::new("test.gctf".to_string());
+        let mut defaults = HashMap::new();
+        defaults.insert("server_name".to_string(), "example.com".to_string());
+
+        let result = doc.get_tls_config_with_defaults(&defaults).unwrap();
+        assert_eq!(result.get("server_name"), Some(&"example.com".to_string()));
+    }
+
+    #[test]
+    fn test_gctf_document_get_tls_config_with_defaults_section_overrides() {
+        let mut doc = GctfDocument::new("test.gctf".to_string());
+        let mut config = HashMap::new();
+        config.insert("insecure".to_string(), "true".to_string());
+        doc.sections.push(Section {
+            section_type: SectionType::Tls,
+            content: SectionContent::KeyValues(config),
+            inline_options: InlineOptions::default(),
+            raw_content: "".to_string(),
+            start_line: 1,
+            end_line: 2,
+        });
+
+        let mut defaults = HashMap::new();
+        defaults.insert("insecure".to_string(), "false".to_string());
+        defaults.insert("server_name".to_string(), "example.com".to_string());
+
+        let result = doc.get_tls_config_with_defaults(&defaults).unwrap();
+        assert_eq!(result.get("insecure"), Some(&"true".to_string()));
+        assert_eq!(result.get("server_name"), Some(&"example.com".to_string()));
+    }
+
     #[test]
     fn test_gctf_document_get_proto_config() {
         let mut doc = GctfDocument::new("test.gctf".to_string());