Test improvements

6 years ago · 17153666f5
--- a/test/4-more-than-10-hosts.bats
+++ b/test/4-more-than-10-hosts.bats
@ -44,6 +44,6 @@ setup() {
    # Remove all the dns aliases
    cleanup_environment
    for prefix in a b c d e f g h i j k; do
        curl --silent -X POST -d '{"host":"'$prefix.$GETSSL_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/del-a
        curl --silent -X POST -d '{"host":"'$prefix.$GETSSL_HOST'"}' http://10.30.50.3:8055/clear-a
    done
 }
--- a/test/6-dual-rsa-ecdsa-copy-2-locations.bats
+++ b/test/6-dual-rsa-ecdsa-copy-2-locations.bats
@ -16,7 +16,7 @@ setup() {

 teardown() {
    if [ -z "$STAGING" ]; then
        curl --silent -X POST -d '{"host":"'a.$GETSSL_HOST'", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/del-a
        curl --silent -X POST -d '{"host":"'a.$GETSSL_HOST'"}' http://10.30.50.3:8055/clear-a
    fi
 }

--- a/test/7-duckdns-dns01.bats
+++ b/test/7-duckdns-dns01.bats
@ -38,5 +38,5 @@ setup() {
    refute_output --regexp '[Ee][Rr][Rr][Oo][Rr]'
    refute_output --regexp '[Ww][Aa][Rr][Nn][Ii][Nn][Gg]'
    cleanup_environment
    curl --silent -X POST -d '{"host":"getssl.duckdns.org", "addresses":["'$GETSSL_IP'"]}' http://10.30.50.3:8055/del-a
    curl --silent -X POST -d '{"host":"getssl.duckdns.org"}' http://10.30.50.3:8055/clear-a
 }
--- a/test/Dockerfile-alpine
+++ b/test/Dockerfile-alpine
@ -18,5 +18,5 @@ RUN git clone https://github.com/jasonkarns/bats-assert-1 /bats-assert
 RUN /bats-core/install.sh /usr/local

 # Use supervisord to run nginx in the background
 COPY ./test/alpine-supervisord.conf /etc/supervisord.conf
 COPY ./test/test-config/alpine-supervisord.conf /etc/supervisord.conf
 CMD tail -f /dev/null
--- a/test/README-Testing.md
+++ b/test/README-Testing.md
@ -0,0 +1,40 @@
 # Testing

 ## Continuous Integration

 For continuous integration testing we have the following:

 `gitactions` script which runs whenever a PR is pushed:

 1. Uses `docker-compose` to start `pebble` (letsencrypt test server) and `challtestsrv` (minimal dns client for pebble)
 2. Then runs the `bats` test scripts (all the files with a ".bats" extension) for each OS (alpine, centos6, debian, ubuntu)
 3. Runs the `bats` test script against the staging server (using nn ubuntu docker image and duckdns.org)

 ## To run all the tests locally

 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build```
 2. Run the test suite `run-all-tests.cmd`

 ## To run all the tests on a single OS

 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build```
 2. Run the test suite ```run-test.cmd [<os>]```
 3. eg. `run-test.cmd ubuntu16`

 ## To run a single bats test on a single OS

 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build```
 2. ```run-test.cmd <os> bats <bats test script>```
 3. e.g. `run-test.cmd ubuntu bats /getssl/test/1-simple-http01.bats`

 ## To debug a test

 1. Start `pebble` and `challtestsrv` using ```docker-compose up -d --build```
 2. ```run-test.cmd <os> /getssl/test/debug-test.sh <getssl config file>```
 3. e.g. `run-test.cmd ubuntu /getssl/test/debug-test.sh -d /getssl/test/test-config/getssl-http01-cfg`

 ## TODO

 1. Test wildcards
 2. Test SSH, SFTP, SCP
 3. Test change of key algorithm (should automatically delete and re-create account.key)
--- a/test/README.md
+++ b/test/README.md
@ -1,40 +0,0 @@
 # Testing

 This directory contains a simple test script which tests creating
 certificates with Pebble (testing version of the LetsEncrypt server)

 Start up pebble, the challdnstest server for DNS challenges

 ```sh
 docker-compose -f "docker-compose.yml" up -d --build
 ```

 Run the tests

 ```sh
 test/run-all-tests.sh
 ```

 Run individual test

 ```sh
 docker exec -it getssl bats /getssl/test/<filename.bats>
 ```

 Debug (uses helper script to set `CURL_CA_BUNDLE` as pebble uses a local certificate,
 otherwise you get a "unknown API version" error)

 ```sh
 docker exec -it getssl-<os> /getssl/test/debug-test.sh <config-file>`

 eg.

 ```sh
 docker exec -it getssl-ubuntu18 /getssl/test/debug-test.sh getssl-http01.cfg
 ```

 ## TODO

 1. Test wildcards
 2. Test SSH, SFTP, SCP
 3. Test change of key algorithm
--- a/test/no-ip2.conf
+++ b/test/no-ip2.conf
--- a/test/run-test.cmd
+++ b/test/run-test.cmd
@ -1,22 +1,26 @@
@echo off
 IF %1.==. GOTO NoOS
 set OS=%1
 IF %2.==. GOTO NoNGINX
 set NGINX=%2%
 IF %3.==. GOTO NoIP
 set IP=%3
 IF %4.==. GOTO NoAlias
 set ALIAS=%4

 :CheckCommand
 IF %2.==. GOTO NoCmd
 set COMMAND=%2 %3

 :CheckAlias
 IF %OS%==duckdns GOTO duckdns
 set ALIAS=%OS%.getssl.test
 GOTO Run

 :NoOS
    set OS=ubuntu
 :NoNGINX
    set NGINX=/etc/nginx/sites-enabled/default
 :NoIP
    set IP=13
 :NoAlias
    set ALIAS=%OS%.getssl.test
 set OS=ubuntu
 GOTO CheckCommand

 :NoCmd
 set COMMAND=/getssl/test/run-bats.sh
 GOTO CheckAlias

 :duckdns
 set ALIAS=%OS%.duckdns.org

 :Run

@ -24,11 +28,8 @@ docker build --rm -f "test\Dockerfile-%OS%" -t getssl-%OS% .
@echo on
 docker run -it ^
  --env GETSSL_HOST=%OS%.getssl.test ^
  --env GETSSL_IP=10.30.50.%IP% ^
  --env NGINX_CONFIG=%NGINX% ^
  -v %cd%:/getssl ^
  --network getssl-timkimber_acmenet ^
  --ip 10.30.50.%IP% ^
  --network-alias %ALIAS% ^
  --network-alias a.%OS%.getssl.test ^
  --network-alias b.%OS%.getssl.test ^
@ -42,4 +43,4 @@ docker run -it ^
  --network-alias j.%OS%.getssl.test ^
  --network-alias k.%OS%.getssl.test ^
  getssl-%OS% ^
  /getssl/test/run-bats.sh
  %COMMAND%
--- a/test/test-config/alpine-supervisord.conf
+++ b/test/test-config/alpine-supervisord.conf
--- a/test/test_helper.bash
+++ b/test/test_helper.bash
@ -8,15 +8,6 @@ setup_environment() {
        rm -r ${INSTALL_DIR}/.getssl
    fi

    if [ ! -f ${INSTALL_DIR}/pebble.minica.pem ]; then
        wget --quiet --no-clobber https://raw.githubusercontent.com/letsencrypt/pebble/master/test/certs/pebble.minica.pem 2>&1
        CERT_FILE=/etc/ssl/certs/ca-certificates.crt
        if [ ! -f $CERT_FILE ]; then
            CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt
        fi
        cat $CERT_FILE ${INSTALL_DIR}/pebble.minica.pem > ${INSTALL_DIR}/pebble-ca-bundle.crt
    fi

    curl --silent -X POST -d '{"host":"'"$GETSSL_HOST"'", "addresses":["'"$GETSSL_IP"'"]}' http://10.30.50.3:8055/add-a
    cp ${CODE_DIR}/test/test-config/nginx-ubuntu-no-ssl "${NGINX_CONFIG}"
    /getssl/test/restart-nginx
@ -24,7 +15,7 @@ setup_environment() {


 cleanup_environment() {
    curl --silent -X POST -d '{"host":"'"$GETSSL_HOST"'", "addresses":["'"$GETSSL_IP"'"]}' http://10.30.50.3:8055/del-a
    curl --silent -X POST -d '{"host":"'"$GETSSL_HOST"'"}' http://10.30.50.3:8055/clear-a
 }


@ -42,3 +33,27 @@ create_certificate() {
    # shellcheck disable=SC2086
    run ${CODE_DIR}/getssl $1 "$GETSSL_HOST"
 }



 # Find NGINX configuration directory for HTTP-01 testing (need to add SSL to config)
 if [[ -d /etc/nginx/conf.d/default.conf ]]; then
    export NGINX_CONFIG=/etc/nginx/conf.d/default.conf
 elif [[ -f /etc/nginx/sites-enabled/default ]]; then
    export NGINX_CONFIG=/etc/nginx/sites-enabled/default
 else
    echo "Can't find NGINX directory"
    exit 1
 fi

 # Find IP address
 export GETSSL_IP=$(ip address | awk '/10.30.50/ { print $2 }' | awk -F/ '{ print $1 }')

 if [ ! -f ${INSTALL_DIR}/pebble.minica.pem ]; then
    wget --quiet --no-clobber https://raw.githubusercontent.com/letsencrypt/pebble/master/test/certs/pebble.minica.pem 2>&1
    CERT_FILE=/etc/ssl/certs/ca-certificates.crt
    if [ ! -f $CERT_FILE ]; then
        CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt
    fi
    cat $CERT_FILE ${INSTALL_DIR}/pebble.minica.pem > ${INSTALL_DIR}/pebble-ca-bundle.crt
 fi