From 2c3284acd6ab6182e3d8f808c4a6dd7daceb351c Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Tue, 22 Sep 2015 08:16:42 -0700
Subject: [PATCH 1/3] travis-ci: Initial build test

* Build and reports package version.
---
 .travis.yml    | 10 ++++++++++
 tests/basic.sh | 17 +++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 .travis.yml
 create mode 100755 tests/basic.sh

diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..291f822
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,10 @@
+services:
+    - docker
+
+before_install:
+    - docker --version
+    - docker build -t kylemanna/openvpn .
+    - docker run kylemanna/openvpn sh -c "dpkg -l openvpn openssl"
+
+script:
+    - for i in tests/*.sh; do "./$i"; done
diff --git a/tests/basic.sh b/tests/basic.sh
new file mode 100755
index 0000000..a9520cd
--- /dev/null
+++ b/tests/basic.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+set -ex
+OVPN_DATA=basic-data
+CLIENT=travis-client
+
+docker run --name $OVPN_DATA -v /etc/openvpn busybox
+
+docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_genconfig -u udp://travis-ci
+
+# nopass is insecure
+docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_REQ_CN=Travis-CI Test CA" kylemanna/openvpn ovpn_initpki nopass
+
+docker run --volumes-from $OVPN_DATA --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENT nopass
+
+docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_getclient $CLIENT
+
+

From b298eb16bc22ed48ce492dd62c5bda1d564bffca Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Tue, 22 Sep 2015 10:22:11 -0700
Subject: [PATCH 2/3] travis-ci: Extend test to actually do a connection

* Start the server
* Start the client
* Connect
* Profit
---
 .travis.yml                      | 15 +++++++--
 tests/basic.sh                   | 52 +++++++++++++++++++++++++++++---
 tests/client/wait-for-connect.sh | 35 +++++++++++++++++++++
 3 files changed, 96 insertions(+), 6 deletions(-)
 create mode 100755 tests/client/wait-for-connect.sh

diff --git a/.travis.yml b/.travis.yml
index 291f822..0c512c9 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,10 +1,21 @@
+# Disallowing packages: openvpn
+# If you require these packages, please review the package approval process at: https://github.com/travis-ci/apt-package-whitelist#package-approval-process
+#addons:
+#    apt:
+#        sources:
+#            - ubuntu-toolchain-r-test
+#        packages:
+#            - openvpn
+
 services:
     - docker
 
 before_install:
     - docker --version
     - docker build -t kylemanna/openvpn .
-    - docker run kylemanna/openvpn sh -c "dpkg -l openvpn openssl"
+    - docker inspect kylemanna/openvpn
+    - docker run kylemanna/openvpn openvpn --version || true # why does it returns 1?
+    - docker run kylemanna/openvpn openssl version
 
 script:
-    - for i in tests/*.sh; do "./$i"; done
+    - pushd tests && for i in *.sh; do "./$i"; done && popd
diff --git a/tests/basic.sh b/tests/basic.sh
index a9520cd..df2e1e1 100755
--- a/tests/basic.sh
+++ b/tests/basic.sh
@@ -2,16 +2,60 @@
 set -ex
 OVPN_DATA=basic-data
 CLIENT=travis-client
+IMG=kylemanna/openvpn
 
+#
+# Create a docker container with the config data
+#
 docker run --name $OVPN_DATA -v /etc/openvpn busybox
 
-docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_genconfig -u udp://travis-ci
+ip addr ls
+SERV_IP=$(ip -4 -o addr show scope global  | awk '{print $4}' | sed -e 's:/.*::' | head -n1)
+docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_genconfig -u udp://$SERV_IP
 
 # nopass is insecure
-docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_REQ_CN=Travis-CI Test CA" kylemanna/openvpn ovpn_initpki nopass
+docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_REQ_CN=Travis-CI Test CA" $IMG ovpn_initpki nopass
 
-docker run --volumes-from $OVPN_DATA --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENT nopass
+docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT nopass
 
-docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_getclient $CLIENT
+docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT | tee client/config.ovpn
 
+#
+# Fire up the server
+#
+sudo iptables -N DOCKER
+sudo iptables -I FORWARD -j DOCKER
+# run in shell bg to get logs
+docker run --name "ovpn-test" --volumes-from $OVPN_DATA --rm -p 1194:1194/udp --privileged $IMG &
 
+#for i in $(seq 10); do
+#    SERV_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}')
+#    test -n "$SERV_IP" && break
+#done
+#sed -ie s:SERV_IP:$SERV_IP:g client/config.ovpn
+
+#
+# Fire up a client in a container since openvpn is disallowed by Travis-CI, don't NAT
+# the host as it confuses itself:
+# "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194"
+#
+docker run --rm --net=host --privileged --volume $PWD/client:/client $IMG /client/wait-for-connect.sh
+
+#
+# Client either connected or timed out, kill server
+#
+kill %1
+
+#
+# Celebrate
+#
+cat <<EOF
+ ___________
+< it worked >
+ -----------
+        \   ^__^
+         \  (oo)\_______
+            (__)\       )\/\\
+                ||----w |
+                ||     ||
+EOF
diff --git a/tests/client/wait-for-connect.sh b/tests/client/wait-for-connect.sh
new file mode 100755
index 0000000..5d127b3
--- /dev/null
+++ b/tests/client/wait-for-connect.sh
@@ -0,0 +1,35 @@
+#!/bin/bash
+set -ex
+OPENVPN_CONFIG=${1:-/client/config.ovpn}
+
+# Run in background, rely on bash for job management
+openvpn --config "$OPENVPN_CONFIG" --management 127.0.0.1 9999 &
+
+# Spin waiting for interface to exist signifying connection
+timeout=10
+for i in $(seq $timeout); do
+
+    # Break when connected
+    #echo state | busybox nc 127.0.0.1 9999 | grep -q "CONNECTED,SUCCESS" && break;
+
+    # Bash magic for tcp sockets
+    if exec 3<>/dev/tcp/127.0.0.1/9999; then
+        # Consume all header input
+        while read -t 0.1 <&3; do true; done
+        echo "state" >&3
+        read -t 1 <&3
+        echo -n $REPLY | grep -q "CONNECTED,SUCCESS" && break || true
+        exec 3>&-
+    fi
+
+    # Else sleep
+    sleep 1
+done
+
+if [ $i -ge $timeout ]; then
+    echo "Error starting OpenVPN, i=$i, exiting."
+    exit 2;
+fi
+
+# The show is over.
+kill %1

From 9459804a1d8015866a485aa6a5a505da024a46ba Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Tue, 22 Sep 2015 14:36:19 -0700
Subject: [PATCH 3/3] README: Add Travis CI build status

* Keeps people honest
---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 5171b6d..b1d7ce5 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 # OpenVPN for Docker
 
+[![Build Status](https://travis-ci.org/kylemanna/docker-openvpn.svg)](https://travis-ci.org/kylemanna/docker-openvpn)
+
 OpenVPN server in a Docker container complete with an EasyRSA PKI CA.
 
 Extensively tested on [Digital Ocean $5/mo node](http://bit.ly/1C7cKr3) and has