Fully working Integrationtest included after every component has been build with the help of docker-compose-rule - this is so freaking cool!

Author: jonashackt

README.md

@@ -9,30 +9,44 @@ In contrast the present project focusses on the configuration of more than one c
 Therefore we use several Spring Boot based microservices that provide different client certificate secured REST endpoint and a separate microservice that accesses these services:
 
 ```
-                                   ================
-                                   =              =
-                                   = server-alice =
-==============                     =              =
-=            = ------------------> ================
-= client-bob =                     
-=            = ------------------> ================
-==============                     =              =
-                                   =  server-tom  =
-                                   =              =
-                                   ================
+                 -------------------------------------------
+                | Docker Network scope                      |
+                |                         ================  |
+                |                         =              =  |
+                |                         = server-alice =  |
+============    |   ==============        =              =  |
+=  docker- =    |   =            = -----> ================  |
+= network- = -----> = client-bob =                          |
+=  client  =    |   =            = -----> ================  |
+============    |   ==============        =              =  |
+                |                         =  server-tom  =  |
+                |                         =              =  |
+                |                         ================  |
+                 -------------------------------------------
+                 
 ```
 
 
 For a general approach on how to generate private keys and certificates and create Java Keystores, have a look into https://github.com/jonashackt/spring-boot-rest-clientcertificate#generate-the-usual-key-and-crt---and-import-them-into-needed-keystore-jks-files
 
 # HowTo Use
 
+Everything you need to run a full build and __complete__ test (incl. Integrationtest of docker-network-client firing up all three microservices that´ll call each other with client certificate support) is this:
+
 ```
 mvn clean install
-docker-compose up
 ```
 
-Open your Browser with [http:localhost:8080/swagger-ui.html] and fire up a GET-Request to /secretservers with Swagger :)
+Only, if you want to check manually, you can do a `docker-compose up -d` and open your Browser with [http:localhost:8080/swagger-ui.html] and fire up a GET-Request to /secretservers with Swagger :)
+
+
+# Integrationtesting
+
+As client-bob only has access to the DNS aliases `server-alice` and `server-tom`, if it itself is part of the Docker (Compose) network and these aliases are used to access both client certificate secured endpoints, we need another way to run an Integration test inside the Docker network scope.
+
+Therefore we use the [docker-compose-rule](https://github.com/palantir/docker-compose-rule) and the __docker-network-client__ that just calls client-bob inside the Docker network.
+
+docker-compose-rule needs a special Maven repository to be added, because it is only served on Bintray.
 
 
 # TlDR: How to create multiple keys & certificates for multiple servers - and add these into one truststore / keystore
@@ -285,3 +299,5 @@ https://serverfault.com/questions/779475/openssl-add-subject-alternate-name-san-
 Look into the documentation of Tomcat in section `keyAlias`: http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL_Support
 
 https://stackoverflow.com/questions/5292074/how-to-specify-outbound-certificate-alias-for-https-calls
+
+https://stackoverflow.com/questions/6370745/can-we-load-multiple-certificates-keys-in-a-key-store

docker-network-client/pom.xml

@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>de.jonashackt</groupId>
+	<artifactId>docker-network-client</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<parent>
+		<groupId>de.jonashackt</groupId>
+		<artifactId>spring-boot-rest-clientcertificates-docker-compose</artifactId>
+		<version>0.0.1-SNAPSHOT</version>
+	</parent>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<java.version>1.8</java.version>
+		<rest-assured.version>3.0.3</rest-assured.version>
+		<docker-compose-rule-junit4.version>0.33.0</docker-compose-rule-junit4.version>
+	</properties>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+
+		<!-- Testing -->
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>io.rest-assured</groupId>
+			<artifactId>rest-assured</artifactId>
+			<version>${rest-assured.version}</version>
+			<scope>test</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>com.palantir.docker.compose</groupId>
+			<artifactId>docker-compose-rule-junit4</artifactId>
+			<version>${docker-compose-rule-junit4.version}</version>
+			<scope>test</scope>
+		</dependency>
+
+	</dependencies>
+
+	<repositories>
+		<repository>
+			<id>bintray</id>
+			<name>Bintray Maven Repository - as docker-compose-rule-junit4 is only available there</name>
+			<url>https://dl.bintray.com/palantir/releases</url>
+			<layout>default</layout>
+		</repository>
+	</repositories>
+
+</project>

docker-network-client/src/test/java/de/jonashackt/ClientTest.java

@@ -0,0 +1,37 @@
+package de.jonashackt;
+
+import com.palantir.docker.compose.DockerComposeRule;
+import com.palantir.docker.compose.connection.waiting.HealthChecks;
+import org.apache.http.HttpStatus;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import static io.restassured.RestAssured.when;
+import static org.hamcrest.Matchers.containsString;
+
+@RunWith(SpringRunner.class)
+@ContextConfiguration()
+public class ClientTest {
+
+	@ClassRule
+	public static DockerComposeRule docker = DockerComposeRule.builder()
+			.file("../docker-compose.yml")
+			.waitingForService("server-alice", HealthChecks.toHaveAllPortsOpen())
+			.waitingForService("server-tom", HealthChecks.toHaveAllPortsOpen())
+			.waitingForService("client-bob",  HealthChecks.toRespondOverHttp(8080, (port) -> port.inFormat("http://localhost:8080/swagger-ui.html")))
+			.build();
+
+	@Test
+	public void is_client_bob_able_to_call_all_servers_with_client_certs() {
+
+		when()
+			.get("http://localhost:8080/secretservers")
+		.then()
+			.statusCode(HttpStatus.SC_OK)
+			.assertThat()
+				.body(containsString("Both Servers called - Alice said 'Alice answering!' & Tom replied 'Tom answering!'."));
+	}
+}

pom.xml

@@ -25,6 +25,7 @@
         <module>server-alice</module>
         <module>server-tom</module>
         <module>client-bob</module>
+        <module>docker-network-client</module>
     </modules>
 
 </project>