From adc64c410de55f2c54225433e35b1e1fb75a988f Mon Sep 17 00:00:00 2001
From: Chao Chen <chaochn@amazon.com>
Date: Thu, 8 Jun 2023 14:12:21 -0700
Subject: [PATCH] add uds test cases into e2e TestAuthority

Signed-off-by: Chao Chen <chaochn@amazon.com>
---
 server/embed/etcd.go                   |  4 +--
 tests/e2e/cluster_test.go              | 35 +++++++++++---------------
 tests/e2e/ctl_v3_grpc_test.go          | 31 +++++++++++++++++++++++
 tests/e2e/ctl_v3_test.go               |  2 +-
 tests/e2e/etcd_release_upgrade_test.go |  4 +--
 tests/e2e/util.go                      | 18 ++++++++++++-
 tests/integration/cluster.go           |  2 +-
 7 files changed, 68 insertions(+), 28 deletions(-)

diff --git a/server/embed/etcd.go b/server/embed/etcd.go
index 43bf42341065..1d848f270a4e 100644
--- a/server/embed/etcd.go
+++ b/server/embed/etcd.go
@@ -622,10 +622,10 @@ func configureClientListeners(cfg *Config) (sctxs map[string]*serveCtx, err erro
 	for _, u := range append(cfg.ListenClientUrls, cfg.ListenClientHttpUrls...) {
 		if u.Scheme == "http" || u.Scheme == "unix" {
 			if !cfg.ClientTLSInfo.Empty() {
-				cfg.logger.Warn("scheme is HTTP while key and cert files are present; ignoring key and cert files", zap.String("client-url", u.String()))
+				cfg.logger.Warn("scheme is http or unix while key and cert files are present; ignoring key and cert files", zap.String("client-url", u.String()))
 			}
 			if cfg.ClientTLSInfo.ClientCertAuth {
-				cfg.logger.Warn("scheme is HTTP while --client-cert-auth is enabled; ignoring client cert auth for this URL", zap.String("client-url", u.String()))
+				cfg.logger.Warn("scheme is http or unix while --client-cert-auth is enabled; ignoring client cert auth for this URL", zap.String("client-url", u.String()))
 			}
 		}
 		if (u.Scheme == "https" || u.Scheme == "unixs") && cfg.ClientTLSInfo.Empty() {
diff --git a/tests/e2e/cluster_test.go b/tests/e2e/cluster_test.go
index e63e9a5d88db..84349ae8590a 100644
--- a/tests/e2e/cluster_test.go
+++ b/tests/e2e/cluster_test.go
@@ -140,8 +140,11 @@ type etcdProcessClusterConfig struct {
 
 	clusterSize int
 
-	baseScheme string
-	basePort   int
+	// basePeerScheme specifies scheme of --listen-peer-urls and --initial-advertise-peer-urls
+	basePeerScheme string
+	basePort       int
+	// baseClientScheme specifies scheme of --listen-client-urls, --listen-client-http-urls and --initial-advertise-client-urls
+	baseClientScheme string
 
 	metricsURLScheme string
 
@@ -212,21 +215,11 @@ func newEtcdProcessCluster(t testing.TB, cfg *etcdProcessClusterConfig) (*etcdPr
 }
 
 func (cfg *etcdProcessClusterConfig) clientScheme() string {
-	if cfg.clientTLS == clientTLS {
-		return "https"
-	}
-	return "http"
+	return setupScheme(cfg.baseClientScheme, cfg.clientTLS == clientTLS)
 }
 
 func (cfg *etcdProcessClusterConfig) peerScheme() string {
-	peerScheme := cfg.baseScheme
-	if peerScheme == "" {
-		peerScheme = "http"
-	}
-	if cfg.isPeerTLS {
-		peerScheme += "s"
-	}
-	return peerScheme
+	return setupScheme(cfg.basePeerScheme, cfg.isPeerTLS)
 }
 
 func (cfg *etcdProcessClusterConfig) etcdServerProcessConfigs(tb testing.TB) []*etcdServerProcessConfig {
@@ -252,10 +245,10 @@ func (cfg *etcdProcessClusterConfig) etcdServerProcessConfigs(tb testing.TB) []*
 		clientHttpPort := port + 4
 
 		if cfg.clientTLS == clientTLSAndNonTLS {
-			curl = clientURL(clientPort, clientNonTLS)
-			curls = []string{curl, clientURL(clientPort, clientTLS)}
+			curl = clientURL(cfg.clientScheme(), clientPort, clientNonTLS)
+			curls = []string{curl, clientURL(cfg.clientScheme(), clientPort, clientTLS)}
 		} else {
-			curl = clientURL(clientPort, cfg.clientTLS)
+			curl = clientURL(cfg.clientScheme(), clientPort, cfg.clientTLS)
 			curls = []string{curl}
 		}
 
@@ -279,7 +272,7 @@ func (cfg *etcdProcessClusterConfig) etcdServerProcessConfigs(tb testing.TB) []*
 		}
 		var clientHttpUrl string
 		if cfg.clientHttpSeparate {
-			clientHttpUrl = clientURL(clientHttpPort, cfg.clientTLS)
+			clientHttpUrl = clientURL(cfg.baseClientScheme, clientHttpPort, cfg.clientTLS)
 			args = append(args, "--listen-client-http-urls", clientHttpUrl)
 		}
 		args = addV2Args(args)
@@ -366,13 +359,13 @@ func (cfg *etcdProcessClusterConfig) etcdServerProcessConfigs(tb testing.TB) []*
 	return etcdCfgs
 }
 
-func clientURL(port int, connType clientConnType) string {
+func clientURL(scheme string, port int, connType clientConnType) string {
 	curlHost := fmt.Sprintf("localhost:%d", port)
 	switch connType {
 	case clientNonTLS:
-		return (&url.URL{Scheme: "http", Host: curlHost}).String()
+		return (&url.URL{Scheme: scheme, Host: curlHost}).String()
 	case clientTLS:
-		return (&url.URL{Scheme: "https", Host: curlHost}).String()
+		return (&url.URL{Scheme: toTLS(scheme), Host: curlHost}).String()
 	default:
 		panic(fmt.Sprintf("Unsupported connection type %v", connType))
 	}
diff --git a/tests/e2e/ctl_v3_grpc_test.go b/tests/e2e/ctl_v3_grpc_test.go
index b0f824552877..835497a96d09 100644
--- a/tests/e2e/ctl_v3_grpc_test.go
+++ b/tests/e2e/ctl_v3_grpc_test.go
@@ -30,6 +30,7 @@ import (
 func TestAuthority(t *testing.T) {
 	tcs := []struct {
 		name           string
+		useUnix        bool
 		useTLS         bool
 		useInsecureTLS bool
 		// Pattern used to generate endpoints for client. Fields filled
@@ -40,6 +41,33 @@ func TestAuthority(t *testing.T) {
 		// %d - will be filled with first member grpc port
 		expectAuthorityPattern string
 	}{
+		{
+			name:                   "unix:path",
+			useUnix:                true,
+			clientURLPattern:       "unix:localhost:${MEMBER_PORT}",
+			expectAuthorityPattern: "localhost:${MEMBER_PORT}",
+		},
+		{
+			name:                   "unix://absolute_path",
+			useUnix:                true,
+			clientURLPattern:       "unix://localhost:${MEMBER_PORT}",
+			expectAuthorityPattern: "localhost:${MEMBER_PORT}",
+		},
+		// "unixs" is not standard schema supported by etcd
+		{
+			name:                   "unixs:absolute_path",
+			useUnix:                true,
+			useTLS:                 true,
+			clientURLPattern:       "unixs:localhost:${MEMBER_PORT}",
+			expectAuthorityPattern: "localhost:${MEMBER_PORT}",
+		},
+		{
+			name:                   "unixs://absolute_path",
+			useUnix:                true,
+			useTLS:                 true,
+			clientURLPattern:       "unixs://localhost:${MEMBER_PORT}",
+			expectAuthorityPattern: "localhost:${MEMBER_PORT}",
+		},
 		{
 			name:                   "http://domain[:port]",
 			clientURLPattern:       "http://localhost:%d",
@@ -90,6 +118,9 @@ func TestAuthority(t *testing.T) {
 				cfg.isClientAutoTLS = tc.useInsecureTLS
 				// Enable debug mode to get logs with http2 headers (including authority)
 				cfg.envVars = map[string]string{"GODEBUG": "http2debug=2"}
+				if tc.useUnix {
+					cfg.baseClientScheme = "unix"
+				}
 
 				epc, err := newEtcdProcessCluster(t, cfg)
 				if err != nil {
diff --git a/tests/e2e/ctl_v3_test.go b/tests/e2e/ctl_v3_test.go
index a7b10d1da25b..ef56fda34abf 100644
--- a/tests/e2e/ctl_v3_test.go
+++ b/tests/e2e/ctl_v3_test.go
@@ -57,7 +57,7 @@ func TestClusterVersion(t *testing.T) {
 			cfg := newConfigNoTLS()
 			cfg.execPath = binary
 			cfg.snapshotCount = 3
-			cfg.baseScheme = "unix" // to avoid port conflict
+			cfg.basePeerScheme = "unix" // to avoid port conflict
 			cfg.rollingStart = tt.rollingStart
 
 			epc, err := newEtcdProcessCluster(t, cfg)
diff --git a/tests/e2e/etcd_release_upgrade_test.go b/tests/e2e/etcd_release_upgrade_test.go
index 78caef96facd..f0b808218b9c 100644
--- a/tests/e2e/etcd_release_upgrade_test.go
+++ b/tests/e2e/etcd_release_upgrade_test.go
@@ -38,7 +38,7 @@ func TestReleaseUpgrade(t *testing.T) {
 	copiedCfg := newConfigNoTLS()
 	copiedCfg.execPath = lastReleaseBinary
 	copiedCfg.snapshotCount = 3
-	copiedCfg.baseScheme = "unix" // to avoid port conflict
+	copiedCfg.basePeerScheme = "unix" // to avoid port conflict
 
 	epc, err := newEtcdProcessCluster(t, copiedCfg)
 	if err != nil {
@@ -124,7 +124,7 @@ func TestReleaseUpgradeWithRestart(t *testing.T) {
 	copiedCfg := newConfigNoTLS()
 	copiedCfg.execPath = lastReleaseBinary
 	copiedCfg.snapshotCount = 10
-	copiedCfg.baseScheme = "unix"
+	copiedCfg.basePeerScheme = "unix"
 
 	epc, err := newEtcdProcessCluster(t, copiedCfg)
 	if err != nil {
diff --git a/tests/e2e/util.go b/tests/e2e/util.go
index 11c2d61fe2f2..1faf35d4b4ed 100644
--- a/tests/e2e/util.go
+++ b/tests/e2e/util.go
@@ -119,8 +119,24 @@ func closeWithTimeout(p *expect.ExpectProcess, d time.Duration) error {
 	return fmt.Errorf("took longer than %v to Close process %+v", d, p)
 }
 
+func setupScheme(s string, isTLS bool) string {
+	if s == "" {
+		s = "http"
+	}
+	if isTLS {
+		s = toTLS(s)
+	}
+	return s
+}
+
 func toTLS(s string) string {
-	return strings.Replace(s, "http://", "https://", 1)
+	if strings.Contains(s, "http") && !strings.Contains(s, "https") {
+		return strings.Replace(s, "http", "https", 1)
+	}
+	if strings.Contains(s, "unix") && !strings.Contains(s, "unixs") {
+		return strings.Replace(s, "unix", "unixs", 1)
+	}
+	return s
 }
 
 func skipInShortMode(t testing.TB) {
diff --git a/tests/integration/cluster.go b/tests/integration/cluster.go
index 1bf873f06168..ddf78b035393 100644
--- a/tests/integration/cluster.go
+++ b/tests/integration/cluster.go
@@ -38,7 +38,7 @@ import (
 	"go.etcd.io/etcd/client/pkg/v3/transport"
 	"go.etcd.io/etcd/client/pkg/v3/types"
 	"go.etcd.io/etcd/client/v2"
-	"go.etcd.io/etcd/client/v3"
+	clientv3 "go.etcd.io/etcd/client/v3"
 	"go.etcd.io/etcd/pkg/v3/grpc_testing"
 	"go.etcd.io/etcd/raft/v3"
 	"go.etcd.io/etcd/server/v3/config"