chore: add HTTP/2 tests

Author: theseion

.github/workflows/verifyimage.yml

@@ -94,21 +94,80 @@ jobs:
             --name ${{ matrix.target }}-test \
             --env-file "${{ matrix.target }}.env" \
             "${{ matrix.target }}-verification"
-          sleep 30
-          docker logs ${{ matrix.target }}-test
 
       - name: Verify ${{ matrix.target }}
         run: |
-          [ $(docker inspect ${{ matrix.target }}-test --format='{{.State.Running}}') = 'true' ]
+          HOST_AND_PORT="localhost:8080"
+          counter=10
+          while [ ${counter} -gt 0 ]; do
+            printf "Checking whether container is running..."
+            if [ $(docker inspect ${{ matrix.target }}-test --format='{{.State.Running}}') = 'true' ]; then
+              echo "...ok"
+              printf "Trying to connect..."
+              if curl -s --connect-timeout 5; then
+                echo "...ok"
+                break
+              fi
+            fi
+
+            echo "...failed"
+            ((counter--))
+            if [ ${counter} -gt 0 ]; then
+              echo "Will retry in 5 seconds"
+              sleep 5
+            else
+              echo "No more retries"
+              docker logs ${{ matrix.target }}-test
+              exit 1
+            fi
+          done
+
           if grep -q  "nginx "<<< "${{ matrix.target }}"; then
-            curl -q -D headers.txt http://localhost:8080/?test=../../etc/passwd
+            echo "### nginx tests ###"
+
+            printf "Storing headers for sample attack..."
+            curl -q -D headers.txt "${HOST_AND_PORT}/?test=../../etc/passwd"
+            printf "...done\n\n"
+
+            printf "Check status 403..."
             grep -q "HTTP/1.1 403 Forbidden" headers.txt
+            printf "...yes\n\n"
+
+            printf "Check 'Access-Control-Allow-Origin' header..."
             grep -q "Access-Control-Allow-Origin: *" headers.txt
+            printf "...yes\n\n"
+
+            printf "Check 'Access-Control-Max-Age' header..."
             grep -q "Access-Control-Max-Age: 3600" headers.txt
+            printf "...yes\n\n"
+
+            printf "Check 'Access-Control-Allow-Methods' header..."
             grep -q "Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS" headers.txt
+            printf "...yes\n\n"
+
+            printf "Check 'Access-Control-Allow-Headers'..."
             grep -q "Access-Control-Allow-Headers: *" headers.txt
+            printf "...yes\n\n"
+
+            echo "### nginx tests - done ###"
           fi
 
+          echo "### generic tests ###"
+
+          echo "Test HTTP/2 upgrade..."
+          curl -v --http2 "${HOST_AND_PORT}" 2>&1 | tee out.txt
+          grep -iP "101 Switching Protocols|HTTP/2 200" < out.txt | tee out2.txt
+          wc -l out2.txt | xargs -I % test % -eq 2
+          rm out*.txt
+          echo "...yes"
+
+          echo "Test HTTP/2 prior knowledge..."
+          curl -v --http2-prior-knowledge "${HOST_AND_PORT}" 2>&1 | tee out.txt
+          grep -i "HTTP/2 200" < out.txt
+          echo "...yes"
+
+          echo "### generic tests - done ###"
+
       - name: Checkout CRS
         uses: actions/checkout@v4
         with: