allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

test: Migrate from old test scripts

Browse Source 
* Switch to upstream Docker inspired test suite.
* Major disadvantage:  Seeing the stdout log. To be researched later.
This commit is contained in:
Kyle Manna 2016-08-31 12:42:53 -07:00
parent 65bebaebd8
commit bcf8dc51eb
7 changed files with 39 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.travis.yml
View File

@ -16,6 +16,8 @@ before_install:
install: install:
- git clone https://github.com/docker-library/official-images.git official-images - git clone https://github.com/docker-library/official-images.git official-images
# Assist with ci test debugging:
# - DEBUG=1
before_script: before_script:
- image="kylemanna/openvpn" - image="kylemanna/openvpn"
- docker build -t "$image" . - docker build -t "$image" .
@ -26,7 +28,6 @@ before_script:
script: script:
- official-images/test/run.sh "$image" - official-images/test/run.sh "$image"
- test/run.sh "$image" - test/run.sh "$image"
- ./test-ci.sh
after_script: after_script:
- docker images - docker images

19
test-ci.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
set -x
cd "$(dirname "$(readlink -f "$0")")/tests"
let cnt=0
for i in *.sh; do
cnt=$(($cnt + 1))
echo -e "\n>> Running test #$cnt \"$i\"\n"
./${i}
retval=$?
if [ $retval != 0 ]; then
echo ">> FAILED test #$cnt \"$i\", exit code $retval"
exit $retval
fi
done
echo ">> All $cnt tests PASSED"

5
tests/client/wait-for-connect.sh → test/client/wait-for-connect.sh
View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -ex set -e
[ -n "${DEBUG+x}" ] && set -x
OPENVPN_CONFIG=${1:-/client/config.ovpn} OPENVPN_CONFIG=${1:-/client/config.ovpn}
# Run in background, rely on bash for job management # Run in background, rely on bash for job management

3
test/config.sh
View File

@ -9,5 +9,8 @@ imageTests+=(
[openvpn]=' [openvpn]='
paranoid paranoid
conf_options conf_options
basic
dual-proto
otp
' '
) )

12
tests/basic.sh → test/tests/basic/run.sh
View File

@ -1,8 +1,12 @@
#!/bin/bash #!/bin/bash
set -ex set -e
[ -n "${DEBUG+x}" ] && set -x
OVPN_DATA=basic-data OVPN_DATA=basic-data
CLIENT=travis-client CLIENT=travis-client
IMG=kylemanna/openvpn IMG=kylemanna/openvpn
CLIENT_DIR="$(readlink -f "$(dirname "$BASH_SOURCE")/../../client")"
# #
# Create a docker container with the config data # Create a docker container with the config data
@ -18,7 +22,7 @@ docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_R
docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT nopass docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT nopass
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT | tee client/config.ovpn docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT | tee $CLIENT_DIR/config.ovpn
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_listclients | grep $CLIENT docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_listclients | grep $CLIENT
@ -34,14 +38,14 @@ docker run --name "ovpn-test" --volumes-from $OVPN_DATA --rm -p 1194:1194/udp --
# SERV_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}') # SERV_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}')
# test -n "$SERV_IP" && break # test -n "$SERV_IP" && break
#done #done
#sed -ie s:SERV_IP:$SERV_IP:g client/config.ovpn #sed -ie s:SERV_IP:$SERV_IP:g config.ovpn
# #
# Fire up a client in a container since openvpn is disallowed by Travis-CI, don't NAT # Fire up a client in a container since openvpn is disallowed by Travis-CI, don't NAT
# the host as it confuses itself: # the host as it confuses itself:
# "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194" # "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194"
# #
docker run --rm --net=host --privileged --volume $PWD/client:/client $IMG /client/wait-for-connect.sh docker run --rm --net=host --privileged --volume $CLIENT_DIR:/client $IMG /client/wait-for-connect.sh
# #
# Client either connected or timed out, kill server # Client either connected or timed out, kill server

13
tests/dual-proto.sh → test/tests/dual-proto/run.sh
View File

@ -1,10 +1,13 @@
#!/bin/bash #!/bin/bash
set -ex set -e
[ -n "${DEBUG+x}" ] && set -x
OVPN_DATA=dual-data OVPN_DATA=dual-data
CLIENT_UDP=travis-client CLIENT_UDP=travis-client
CLIENT_TCP=travis-client-tcp CLIENT_TCP=travis-client-tcp
IMG=kylemanna/openvpn IMG=kylemanna/openvpn
CLIENT_DIR="$(readlink -f "$(dirname "$BASH_SOURCE")/../../client")"
# #
# Create a docker container with the config data # Create a docker container with the config data
@ -22,12 +25,12 @@ docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_R
# gen TCP client # gen TCP client
docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT_TCP nopass docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT_TCP nopass
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT_TCP | tee client/config-tcp.ovpn docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT_TCP | tee $CLIENT_DIR/config-tcp.ovpn
# switch to UDP config and gen UDP client # switch to UDP config and gen UDP client
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_genconfig -u udp://$SERV_IP docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_genconfig -u udp://$SERV_IP
docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT_UDP nopass docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT_UDP nopass
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT_UDP | tee client/config.ovpn docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT_UDP | tee $CLIENT_DIR/config.ovpn
#Verify client configs #Verify client configs
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_listclients | grep $CLIENT_TCP docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_listclients | grep $CLIENT_TCP
@ -48,8 +51,8 @@ docker run --name "ovpn-test-tcp" --volumes-from $OVPN_DATA --rm -p 443:1194/tcp
# the host as it confuses itself: # the host as it confuses itself:
# "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194" # "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194"
# #
docker run --rm --net=host --privileged --volume $PWD/client:/client $IMG /client/wait-for-connect.sh docker run --rm --net=host --privileged --volume $CLIENT_DIR:/client $IMG /client/wait-for-connect.sh
docker run --rm --net=host --privileged --volume $PWD/client:/client $IMG /client/wait-for-connect.sh "/client/config-tcp.ovpn" docker run --rm --net=host --privileged --volume $CLIENT_DIR:/client $IMG /client/wait-for-connect.sh "/client/config-tcp.ovpn"
# #
# Client either connected or timed out, kill server # Client either connected or timed out, kill server

23
tests/otp.sh → test/tests/otp/run.sh
View File

@ -1,9 +1,14 @@
#!/bin/bash #!/bin/bash
set -ex set -e
[ -n "${DEBUG+x}" ] && set -x
OVPN_DATA=basic-data-otp OVPN_DATA=basic-data-otp
CLIENT=travis-client CLIENT=travis-client
IMG=kylemanna/openvpn IMG=kylemanna/openvpn
OTP_USER=otp OTP_USER=otp
CLIENT_DIR="$(readlink -f "$(dirname "$BASH_SOURCE")/../../client")"
# Function to fail # Function to fail
abort() { cat <<< "$@" 1>&2; exit 1; } abort() { cat <<< "$@" 1>&2; exit 1; }
@ -23,22 +28,22 @@ docker run --volumes-from $OVPN_DATA --rm -it -e "EASYRSA_BATCH=1" -e "EASYRSA_R
docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT nopass docker run --volumes-from $OVPN_DATA --rm -it $IMG easyrsa build-client-full $CLIENT nopass
# Generate OTP credentials for user named test, should return QR code for test user # Generate OTP credentials for user named test, should return QR code for test user
docker run --volumes-from $OVPN_DATA --rm -it $IMG ovpn_otp_user $OTP_USER | tee client/qrcode.txt docker run --volumes-from $OVPN_DATA --rm -it $IMG ovpn_otp_user $OTP_USER | tee $CLIENT_DIR/qrcode.txt
# Ensure a chart link is printed in client OTP configuration # Ensure a chart link is printed in client OTP configuration
grep 'https://www.google.com/chart' client/qrcode.txt || abort 'Link to chart not generated' grep 'https://www.google.com/chart' $CLIENT_DIR/qrcode.txt || abort 'Link to chart not generated'
grep 'Your new secret key is:' client/qrcode.txt || abort 'Secret key is missing' grep 'Your new secret key is:' $CLIENT_DIR/qrcode.txt || abort 'Secret key is missing'
# Extract an emergency code from textual output, grepping for line and trimming spaces # Extract an emergency code from textual output, grepping for line and trimming spaces
OTP_TOKEN=$(grep -A1 'Your emergency scratch codes are' client/qrcode.txt | tail -1 | tr -d '[[:space:]]') OTP_TOKEN=$(grep -A1 'Your emergency scratch codes are' $CLIENT_DIR/qrcode.txt | tail -1 | tr -d '[[:space:]]')
# Token should be present # Token should be present
if [ -z $OTP_TOKEN ]; then if [ -z $OTP_TOKEN ]; then
abort "QR Emergency Code not detected" abort "QR Emergency Code not detected"
fi fi
# Store authentication credentials in config file and tell openvpn to use them # Store authentication credentials in config file and tell openvpn to use them
echo -e "$OTP_USER\n$OTP_TOKEN" > client/credentials.txt echo -e "$OTP_USER\n$OTP_TOKEN" > $CLIENT_DIR/credentials.txt
# Override the auth-user-pass directive to use a credentials file # Override the auth-user-pass directive to use a credentials file
docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT | sed 's/auth-user-pass/auth-user-pass \/client\/credentials.txt/' | tee client/config.ovpn docker run --volumes-from $OVPN_DATA --rm $IMG ovpn_getclient $CLIENT | sed 's/auth-user-pass/auth-user-pass \/client\/credentials.txt/' | tee $CLIENT_DIR/config.ovpn
# #
# Fire up the server # Fire up the server
@ -52,14 +57,14 @@ docker run --name "ovpn-test" --volumes-from $OVPN_DATA --rm -p 1194:1194/udp --
# SERV_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}') # SERV_IP=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}')
# test -n "$SERV_IP" && break # test -n "$SERV_IP" && break
#done #done
#sed -ie s:SERV_IP:$SERV_IP:g client/config.ovpn #sed -ie s:SERV_IP:$SERV_IP:g $CLIENT_DIR/config.ovpn
# #
# Fire up a client in a container since openvpn is disallowed by Travis-CI, don't NAT # Fire up a client in a container since openvpn is disallowed by Travis-CI, don't NAT
# the host as it confuses itself: # the host as it confuses itself:
# "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194" # "Incoming packet rejected from [AF_INET]172.17.42.1:1194[2], expected peer address: [AF_INET]10.240.118.86:1194"
# #
docker run --rm --net=host --privileged --volume $PWD/client:/client $IMG /client/wait-for-connect.sh docker run --rm --net=host --privileged --volume $CLIENT_DIR:/client $IMG /client/wait-for-connect.sh
# #
# Client either connected or timed out, kill server # Client either connected or timed out, kill server