39 lines
1.6 KiB
Bash
39 lines
1.6 KiB
Bash
#!/usr/bin/env bash
|
||
set -euo pipefail
|
||
|
||
BASE="${BASE:-https://dev1.aptivaai.com}"
|
||
GOOD_ORIGIN="${GOOD_ORIGIN:-https://dev1.aptivaai.com}"
|
||
BAD_ORIGIN="${BAD_ORIGIN:-https://evil.example.com}"
|
||
|
||
pass(){ echo "✅ $*"; }
|
||
fail(){ echo "❌ $*"; exit 1; }
|
||
|
||
# --- Health checks (server1/2/3) ---
|
||
for p in /livez /readyz /healthz; do
|
||
curl -fsS "$BASE$ p" >/dev/null || fail "server2 $p"
|
||
done
|
||
pass "server2 health endpoints up"
|
||
|
||
# try server1 + server3 via Nginx locations if you expose them (adjust paths if prefixed)
|
||
for SVC in server1 server3; do
|
||
curl -fsS "$BASE/$SVC/healthz" >/dev/null && pass "$SVC healthz OK" || echo "ℹ️ $SVC /healthz not routed publicly (ok if intentional)"
|
||
done
|
||
|
||
# --- CORS: allowed origin (expect 200 for a safe GET) ---
|
||
code=$(curl -s -o /dev/null -w '%{http_code}' -H "Origin: $GOOD_ORIGIN" "$BASE/api/data/career-clusters")
|
||
[[ "$code" == "200" ]] || fail "CORS allowed origin should be 200, got $code"
|
||
pass "CORS allowed origin OK"
|
||
|
||
# --- CORS: bad origin (expect 403) ---
|
||
code=$(curl -s -o /dev/null -w '%{http_code}' -H "Origin: $BAD_ORIGIN" "$BASE/api/data/career-clusters")
|
||
[[ "$code" == "403" ]] || fail "CORS bad origin should be 403, got $code"
|
||
pass "CORS bad origin blocked"
|
||
|
||
# --- Public data flows (server2) ---
|
||
curl -fsS "$BASE/api/projections/15-1252?state=GA" | jq . > /dev/null || fail "projections"
|
||
curl -fsS "$BASE/api/salary?socCode=15-1252&area=Atlanta-Sandy Springs-Roswell, GA" | jq . > /dev/null || fail "salary"
|
||
curl -fsS "$BASE/api/tuition?cipCodes=1101,1103&state=GA" | jq . > /dev/null || fail "tuition"
|
||
pass "public data endpoints OK"
|
||
|
||
echo "✓ SMOKE PASSED"
|