prof 0.29.3

data/lib/prof/external_spec/helpers/file_helper.rb

@@ -0,0 +1,35 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+require 'json'
+
+module Prof
+  module ExternalSpec
+    module Helpers
+      module FileHelper
+        def root_path
+          defined?(ROOT_PATH) ? ROOT_PATH : Dir.pwd
+        end
+
+        def file_path(relative_to_root)
+          File.expand_path(relative_to_root, root_path)
+        end
+
+        def json_contents(relative_to_root)
+          JSON.parse(file_contents(relative_to_root), symbolize_names: true)
+        end
+
+        def file_contents(relative_to_root)
+          File.read(file_path(relative_to_root))
+        end
+      end
+    end
+  end
+end

data/lib/prof/external_spec/helpers/product_path.rb

@@ -0,0 +1,23 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+module Prof
+  module ExternalSpec
+    module Helpers
+      module ProductPath
+        def product_path
+          artifact_path = ENV.fetch('TEMPEST_ARTIFACT_PATH') { raise 'Must set TEMPEST_ARTIFACT_PATH environment variable' }
+          fail "Can't find artifact at #{artifact_path}" unless File.exist?(artifact_path)
+          artifact_path
+        end
+      end
+    end
+  end
+end

data/lib/prof/external_spec/shared_examples/deployment.rb

@@ -0,0 +1,23 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+shared_examples_for 'a deployment which allows log access via bosh' do
+  it 'allows log access via bosh' do
+    log_files_by_job.each_pair do |job_name, log_files|
+      expect(bosh_director.job_logfiles(job_name)).to include(*log_files)
+    end
+  end
+end
+
+shared_examples_for 'a deployment' do
+  describe 'deployment' do
+    it_behaves_like 'a deployment which allows log access via bosh'
+  end
+end

data/lib/prof/external_spec/shared_examples/ops_manager_upgrade.rb

@@ -0,0 +1,32 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+shared_examples_for 'upgradable product' do
+  it 'persists data across product upgrades' do
+    cloud_foundry.push_app_and_bind_with_service(test_app, old_service) do |pushed_app|
+      puts 'Inserting test data into instance...'
+      pushed_app.write('test_key', 'test_value')
+      expect(pushed_app.read('test_key')).to eq('test_value')
+
+      puts "Uploading #{new_product}..."
+      ops_manager.upload_product(new_product)
+
+      puts "Upgrading to #{new_product}..."
+      ops_manager.upgrade_product(new_product)
+
+      puts "Deploying #{new_product}..."
+      ops_manager.apply_changes
+
+      puts 'Retreiving test data from instance...'
+      expect(pushed_app.read('test_key')).to eq('test_value')
+      puts 'The data survived! :)'
+    end
+  end
+end

data/lib/prof/external_spec/shared_examples/service.rb

@@ -0,0 +1,105 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+shared_examples_for 'a basic service' do
+  it 'allows a user to use the service' do
+    cloud_foundry.push_app_and_bind_with_service(test_app, service) do |pushed_app|
+      pushed_app.write('test_key', 'test_value')
+      expect(pushed_app.read('test_key')).to eq('test_value')
+    end
+  end
+end
+
+shared_examples_for 'a service that has distinct instances' do
+  it 'has distinct instances' do
+    service_broker.provision_and_bind(service.name, service.plan) do |binding_1|
+      service_client_1 = service_client_builder(binding_1)
+      service_client_1.write('test_key', 'test_value')
+
+      service_broker.provision_and_bind(service.name, service.plan) do |binding_2|
+        service_client_2 = service_client_builder(binding_2)
+        service_client_2.write('test_key', 'another_test_value')
+        expect(service_client_1.read('test_key')).to eq('test_value')
+        expect(service_client_2.read('test_key')).to eq('another_test_value')
+      end
+    end
+  end
+end
+
+shared_examples_for 'a service that can be shared by multiple applications' do
+  it 'allows two applications to share the same instance' do
+    service_broker.provision_instance(service.name, service.plan) do |service_instance|
+      service_broker.bind_instance(service_instance) do |binding_1|
+        service_client_1 = service_client_builder(binding_1)
+        service_client_1.write('shared_test_key', 'test_value')
+        expect(service_client_1.read('shared_test_key')).to eq('test_value')
+
+        service_broker.bind_instance(service_instance) do |binding_2|
+          service_client_2 = service_client_builder(binding_2)
+          expect(service_client_2.read('shared_test_key')).to eq('test_value')
+        end
+
+        expect(service_client_1.read('shared_test_key')).to eq('test_value')
+      end
+    end
+  end
+end
+
+shared_examples_for 'a service which preserves data across binding and unbinding' do
+  it 'preserves data across binding and unbinding' do
+    service_broker.provision_instance(service.name, service.plan) do |service_instance|
+      service_broker.bind_instance(service_instance) do |binding|
+        service_client_builder(binding).write('unbound_test_key', 'test_value')
+      end
+
+      service_broker.bind_instance(service_instance) do |binding|
+        expect(service_client_builder(binding).read('unbound_test_key')).to eq('test_value')
+      end
+    end
+  end
+end
+
+shared_examples_for 'a service which preserves data when recreating the broker VM' do
+  it 'preserves data when recreating vms' do
+    service_broker.provision_and_bind(service.name, service.plan) do |binding|
+      service_client = service_client_builder(binding)
+      service_client.write('test_key', 'test_value')
+      expect(service_client.read('test_key')).to eq('test_value')
+
+      bosh_director.recreate_all([environment.bosh_service_broker_job_name])
+
+      expect(service_client.read('test_key')).to eq('test_value')
+    end
+  end
+end
+
+shared_examples_for 'a persistent cloud foundry service' do
+  describe 'a persistent cloud foundry service' do
+    it_behaves_like 'a service that has distinct instances'
+    it_behaves_like 'a service that can be shared by multiple applications'
+    it_behaves_like 'a service which preserves data across binding and unbinding'
+    if !method_defined?(:manually_drain)
+      it_behaves_like 'a service which preserves data when recreating the broker VM'
+    end
+  end
+end
+
+# DEPRECATED
+shared_examples_for 'a service which preserves data when recreating VMs' do
+  it do
+    pending "switch shared example to 'a service which preserves data when recreating the broker VM'"
+  end
+end
+
+shared_examples_for 'a multi-tenant service' do
+  it do
+    pending "switch shared example to 'a persistent cloud foundry service'"
+  end
+end

data/lib/prof/external_spec/shared_examples/service_broker.rb

@@ -0,0 +1,25 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+shared_examples_for 'a service broker which logs to syslog' do
+  it 'logs to syslog' do
+    broker_ip = broker_host || environment.service_broker.url.host
+    nginx_syslog_line_count = Integer(ssh_gateway.execute_on(broker_ip, "grep -c #{syslog_tag} /var/log/syslog"))
+    expect(nginx_syslog_line_count).to be > 0
+  end
+end
+
+shared_examples_for 'a service broker' do
+  let(:syslog_tag) { "Cf#{environment.service_broker_name.capitalize}BrokerNginxAccess" }
+
+  describe 'service broker' do
+    it_behaves_like 'a service broker which logs to syslog'
+  end
+end

data/lib/prof/external_spec/spec_helper.rb

@@ -0,0 +1,35 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+require 'prof/external_spec/helpers/capybara'
+require 'prof/external_spec/helpers/debug'
+require 'prof/external_spec/helpers/file_helper'
+require 'prof/external_spec/helpers/product_path'
+
+require 'rspec_junit_formatter'
+
+RSpec.configure do |config|
+  config.include Prof::ExternalSpec::Helpers::Capybara
+  config.include Prof::ExternalSpec::Helpers::Debug
+  config.include Prof::ExternalSpec::Helpers::FileHelper
+  config.include Prof::ExternalSpec::Helpers::ProductPath
+
+  config.add_formatter RSpecJUnitFormatter, 'rspec.xml'
+
+  config.full_backtrace = true
+
+  config.before(:all) do
+    setup_browser(:webkit)
+  end
+
+  config.after(:each) do |example|
+    save_exception_output(example)
+  end
+end

data/lib/prof/marketplace_service.rb

@@ -0,0 +1,20 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+module Prof
+  class MarketplaceService
+    def initialize(name:, plan:)
+      @name = name
+      @plan = plan
+    end
+
+    attr_reader :name, :plan
+  end
+end

data/lib/prof/matchers/metadata.rb

@@ -0,0 +1,180 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+RSpec::Matchers.define :have_metadata_version do |version|
+  actual_version = 'NOT_SET'
+  match do |actual|
+    actual_version = actual['metadata_version']
+    actual_version == version.to_s
+  end
+
+  failure_message do
+    "Metadata version does not match. Expected version #{version}, actual version was #{actual_version}"
+  end
+end
+
+RSpec::Matchers.define :have_job_type do |job_name|
+  error_message = ''
+  match do |actual|
+    begin
+      metadata = MetadataWrapper.new(actual)
+
+      job = metadata.job(job_name: job_name)
+      return !!job unless @instance_name || @resource_name || @template_name
+
+      return job.has_template?(template_name: @template_name) if @template_name
+
+      definition = @instance_name ? job.instance_definition(definition_name: @instance_name) : job.resource_definition(definition_name: @resource_name)
+      return !! definition unless @attribute || @constraint
+
+      return definition.has_attribute_with_value?(@attribute, @value) if @attribute
+
+      definition.has_constraint_with_value?(@constraint, @value)
+    rescue MetadataError => error
+      error_message = error.message
+      false
+    end
+  end
+
+  chain :with_template do |template_name|
+    @template_name = template_name.to_s
+  end
+
+  chain :with_instance_definition do |instance_name|
+    @instance_name = instance_name.to_s
+  end
+
+  chain :with_resource_definition do |resource_name|
+    @resource_name = resource_name.to_s
+  end
+
+  chain :with_constraint do |constraint, value|
+    raise MetadataError.new("Can not use `with_contraint` without `with_instance_definition` or `with_resource_definition`") unless @resource_name || @instance_name
+    @constraint = constraint.to_s
+    @value = value
+  end
+
+  chain :with_attribute_value do |attribute, value|
+    raise MetadataError.new("Can not use `with_attribute_value` without `with_instance_definition` or `with_resource_definition`") unless @resource_name || @instance_name
+    @attribute = attribute.to_s
+    @value = value
+  end
+
+  chain :with_default do |value|
+    raise MetadataError.new("Can not use `with_default` without `with_instance_definition` or `with_resource_definition`") unless @resource_name || @instance_name
+    @attribute = 'default'
+    @value = value
+  end
+
+  failure_message do
+    error_message
+  end
+
+  class MetadataError < StandardError; end
+
+  class MetadataWrapper
+    def initialize(metadata)
+      @metadata = metadata
+    end
+
+    def job(job_name:)
+      job = jobs.find { |j| j['name'] == job_name.to_s }.tap do |j|
+        raise MetadataError.new("Could not find job type: #{job_name} in metadata") unless j
+      end
+
+      MetadataJob.new(job)
+    end
+
+    private
+
+    attr_reader :metadata
+
+    def jobs
+      metadata['job_types']
+    end
+  end
+
+  class MetadataJob
+    def initialize(job)
+      @job = job
+    end
+
+    def has_template?(template_name:)
+      job['job_templates'].include?(template_name).tap do |result|
+        raise MetadataError.new("Could not find template '#{template_name}' for job #{job_name} in metadata") unless result
+      end
+    end
+
+    def instance_definition(definition_name:)
+      instance_definition = instance_definitions.find { |definition| definition['name'] == definition_name }.tap do |instance|
+        raise MetadataError.new("Could not find instance type: #{definition_name} for job type: #{job_name}") unless instance
+      end
+      MetadataDefinition.new(instance_definition, job_name)
+    end
+
+    def resource_definition(definition_name:)
+      resource_definition = resource_definitions.find { |definition| definition['name'] == definition_name }.tap do |resource|
+        raise MetadataError.new("Could not find resource type: #{definition_name} for job type: #{job_name}") unless resource
+      end
+      MetadataDefinition.new(resource_definition, job_name)
+    end
+
+    private
+
+    attr_reader :job
+
+    def job_name
+      job['name']
+    end
+
+    def instance_definitions
+      job['instance_definitions']
+    end
+
+    def resource_definitions
+      job['resource_definitions']
+    end
+
+  end
+
+  class MetadataDefinition
+    def initialize(definition, job_name)
+      @job_name = job_name
+      @definition = definition
+    end
+
+    def has_attribute_with_value?(attribute, value)
+      actual_value = definition.fetch(attribute) do
+        raise MetadataError.new("Could not find attribute #{attribute} for definition #{definition_name} in job type: #{job_name}")
+      end
+
+      return true if actual_value == value
+      raise MetadataError.new("Expected attribute #{attribute} value to be #{value} but it was #{actual_value} for definition #{definition_name} in job type: #{job_name}")
+    end
+
+    def has_constraint_with_value?(constraint, value)
+      actual_value = definition['constraints'].fetch(constraint) do
+        raise MetadataError.new("Could not find constraint #{constraint} for definition #{definition_name} in job type: #{job_name}")
+      end
+
+      return true if actual_value == value
+      raise MetadataError.new("Expected constraint #{constraint} value to be #{value} but it was #{actual_value} for definition #{definition_name} in job type: #{job_name}")
+    end
+
+    private
+
+    attr_reader :definition, :job_name
+
+    def definition_name
+      definition['name']
+    end
+  end
+
+end

data/lib/prof/matchers/only_support_ssl_with_cipher_set.rb

@@ -0,0 +1,102 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+require 'ostruct'
+
+require 'prof/ssl/check'
+
+require 'rspec/matchers/pretty'
+
+module Prof
+  module Matchers
+    def only_support_ssl_with_cipher_set(*args)
+      OnlySupportSslWithCipherSet.new(*args)
+    end
+
+    # Current problems
+    # 1. The OSX openssl library may not support all of the ciphers that need to be tested for a cipher suite
+    # 2. Some of the ciphers are actually expressions (kEDH+AESGCM) these need to be expanded to the ciphers they represent
+
+    class OnlySupportSslWithCipherSet
+
+      include RSpec::Matchers::Pretty
+
+      def initialize(cipher_set)
+        @cipher_set = cipher_set
+      end
+
+      def matches?(https_url)
+        @https_url    = https_url
+        @results      = ssl_results
+        @http_enabled = http_connection_accepted?
+        results.supports_cipher_set?(cipher_set) && !@http_enabled
+      end
+
+      def with_proxy(proxy)
+        @proxy = proxy
+        self
+      end
+
+      def failure_message
+        [
+          ("The server is missing support for#{to_sentence server_missing_supported_ciphers}" if server_missing_supported_ciphers.any?),
+          ("The server supports#{to_sentence server_extra_ciphers} when it should not" if server_extra_ciphers.any?),
+          ("The server is missing support for#{to_sentence server_missing_supported_protocols}" if server_missing_supported_protocols.any?),
+          ("The server supports#{to_sentence server_extra_protocols} when it should not" if server_extra_protocols.any?),
+          ("The server supports HTTP when it should not" if http_enabled)
+        ].compact.join("\n")
+      end
+
+      private
+
+      attr_reader :cipher_set, :results, :https_url, :http_enabled
+
+      def proxy
+        @proxy ||= OpenStruct.new(:http_host => nil, :http_address => nil)
+      end
+
+      def server_missing_supported_ciphers
+        cipher_set.supported_ciphers - results.supported_ciphers
+      end
+
+      def server_extra_ciphers
+        results.supported_ciphers - cipher_set.supported_ciphers
+      end
+
+      def server_missing_supported_protocols
+        cipher_set.supported_protocols - results.supported_protocols
+      end
+
+      def server_extra_protocols
+        results.supported_protocols - cipher_set.supported_protocols
+      end
+
+      def http_connection_accepted?
+        begin
+          response = Net::HTTP.new(http_uri.host, http_uri.port, proxy.http_host, proxy.http_port).get('/')
+          !response.instance_of?(Net::HTTPGatewayTimeOut)
+        rescue Errno::ECONNREFUSED, Errno::ETIMEDOUT
+          false
+        end
+      end
+
+      def http_uri
+        http_uri = URI(https_url)
+        http_uri.scheme = 'http'
+        http_uri.port = 80
+        http_uri
+      end
+
+      def ssl_results
+        Prof::SSL::Check.new(https_url, @proxy).results
+      end
+    end
+  end
+end

data/lib/prof/matchers/ssl.rb

@@ -0,0 +1,67 @@
+# Copyright (c) 2014-2015 Pivotal Software, Inc.
+# All rights reserved.
+# THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
+# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
+# USE OR OTHER DEALINGS IN THE SOFTWARE.
+#
+
+require 'prof/ssl/check'
+
+require 'rspec/expectations'
+
+RSpec::Matchers.define :support_ssl_protocol do |expected|
+  match do |url|
+    actual = Prof::SSL::Check.new(url, @proxy).results.supported_protocols
+    actual.include?(expected)
+  end
+
+  chain :with_proxy do |proxy|
+    @proxy = proxy
+  end
+end
+
+RSpec::Matchers.define :support_ssl_protocols do |expected|
+  match do |url|
+    @results = ssl_results(url)
+
+    expected.all? do |protocol, is_supported|
+      @results.supported_protocols.include?(protocol) == is_supported
+    end
+  end
+
+  chain :with_proxy do |proxy|
+    @proxy = proxy
+  end
+
+  failure_message do |_|
+    unexpectedly_supported   = expected.reject { |_, supported| supported }.keys & @results.supported_protocols
+    unexpectedly_unsupported = expected.select { |_, supported| supported }.keys & @results.unsupported_protocols
+
+    "expected SSL support: #{expected.inspect}, but" + to_sentence(
+      [("#{unexpectedly_supported} unexpectedly supported" if unexpectedly_supported.any?),
+       ("#{unexpectedly_unsupported} unexpectedly unsupported" if unexpectedly_unsupported.any?)].compact
+    )
+  end
+
+  private
+
+  attr_reader :ssh_gateway
+
+  def ssl_results(url)
+    if ssh_gateway
+      uri = URI.parse(url)
+      ssh_gateway.with_port_forwarded_to(uri.host, uri.port) do |forwarded_port|
+        ssl_check_url("https://localhost:#{forwarded_port}")
+      end
+    else
+      ssl_check_url(url)
+    end
+  end
+
+  def ssl_check_url(url)
+    Prof::SSL::Check.new(url, @proxy).results
+  end
+end