Integration testing: Cases (Basic)

.travis.yml

@@ -14,13 +14,12 @@ install:
   - docker pull ${DOCKER_REPO}/xiri-ubuntu
   - docker pull ${DOCKER_REPO}/xiri-centos
 
-before_script:
-  - chmod -R go-rwx testing/integration/ssh-keys
-
 script:
   - testing/integration.sh zero
   - testing/integration.sh basic_connectivity_with_ssh
+  - testing/integration.sh connect_with_ssh_agent
+  - testing/integration.sh connect_with_ssh_key
 
 branches:
-  except:
+  only:
-    - /^skip-ci/
+    - master

testing/integration.sh

@@ -4,6 +4,8 @@
 #
 cd $(dirname ${0})/integration
 
+chmod -R go-rwx ssh-keys
+
 declare -r DISTS=$(find . -type f -name "Dockerfile.*" | sed 's/.*\.//')
 declare -r CASES=$(ls -1 cases | sed 's/\.sh$//')
 
@@ -27,10 +29,10 @@ function run_case(){
 
     REMOTE_IP=$(make docker-ip DIST=${DIST})
 
-    SSH_EXTRA_OPTS="\
+    export SSH_EXTRA_OPTS="-oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no"
-      -oUserKnownHostsFile=/dev/null \
+
-      -oStrictHostKeyChecking=no \
+    export LANG=C
-      "
+    export LC_ALL=C
 
     set -e
     source cases/${1}.sh
@@ -39,12 +41,25 @@ function run_case(){
 }
 
 function teardown(){
+  set +e
   echo
   echo "[ TEARDOWN ]"
   for DIST in ${DISTS}; do
     make docker-stop DIST=${DIST}
     make docker-rm DIST=${DIST}
   done
+
+  if [[ "${SUCCESS}" == "true" ]]; then
+    echo
+    echo -e "\033[0;32m[ OK ]\033[0m"
+    echo
+    exit 0
+  fi
+
+  echo
+  echo -e "\033[0;31m[ FAIL ]\033[0m"
+  echo
+  exit 1
 }
 
 if [[ ${#} != 1 ]]; then
@@ -55,9 +70,12 @@ if [[ ${#} != 1 ]]; then
   exit 1
 fi
 
+trap 'teardown' EXIT
+
 echo '*'
 echo "* Case: ${1}"
 echo '*'
 setup
 run_case ${1}
-teardown
+
+SUCCESS=true

testing/integration/Dockerfile.centos

@@ -2,8 +2,13 @@ FROM centos:7
 
 LABEL maintainer "ivan.ilves@gmail.com"
 
-RUN yum -y install openssh-server && ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa && yum clean all
+RUN yum -y install openssh-server openssh-clients sudo iproute iputils iptables \
+  && ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa \
+  && mkdir -p /lib/systemd/system && touch /lib/systemd/system/ssh.service \
+  && rm /sbin/modprobe && ln -s /bin/true /sbin/modprobe \
+  && yum clean all
 
 ADD ./ssh-keys /root/.ssh
+ADD ./systemctl.mock /bin/systemctl
 
 CMD ["/usr/sbin/sshd", "-De"]

testing/integration/Dockerfile.ubuntu

@@ -2,8 +2,13 @@ FROM ubuntu:16.04
 
 LABEL maintainer "ivan.ilves@gmail.com"
 
-RUN apt-get update && apt-get --yes install openssh-server && mkdir /var/run/sshd && apt-get clean
+RUN apt-get update && apt-get --yes install openssh-server openssh-client sudo iproute2 iputils-ping iptables \
+  && mkdir /var/run/sshd \
+  && mkdir -p /lib/systemd/system && touch /lib/systemd/system/ssh.service \
+  && ln -s /bin/true /sbin/modprobe \
+  && apt-get clean
 
 ADD ./ssh-keys /root/.ssh
+ADD ./systemctl.mock /bin/systemctl
 
 CMD ["/usr/sbin/sshd", "-De"]

testing/integration/Makefile

@@ -15,10 +15,10 @@ docker-push:
 	docker push $(IMAGE)
 
 docker-start:
-	docker run -d --name $(NAME) $(IMAGE)
+	docker run --cap-add=NET_ADMIN --device=/dev/net/tun -d --name $(NAME) $(IMAGE)
 
 docker-bash:
-	docker run -ti --name $(NAME) --rm $(IMAGE) bash
+	docker run --cap-add=NET_ADMIN --device=/dev/net/tun -ti --name $(NAME) --rm $(IMAGE) bash
 
 docker-logs:
 	docker logs $(NAME)

testing/integration/README.md

@@ -5,9 +5,9 @@ We do integration testing with Docker against two platforms:
 * CentOS 7
 
 Next cases (and even more) are covered:
+* Basic connectivity and operability
 * Running with SSH agent
 * Running with SSH private key loaded directly from FS
-* With invalid SSH keys or w/o ones (predictable failure)
 * With and without route discovery
 * With and without reconnection
 * With and without propagation of server DNS configuration

testing/integration/cases/connect_with_ssh_agent.sh

@@ -0,0 +1,9 @@
+export EXIT_AFTER_CONNECT=1
+
+eval `ssh-agent -s`
+
+ssh-add ssh-keys/id_rsa
+
+${XIRI_EXE} -X ${SSH_USER}@${REMOTE_IP}
+
+kill ${SSH_AGENT_PID}

testing/integration/cases/connect_with_ssh_key.sh

@@ -0,0 +1,4 @@
+export SSH_EXTRA_OPTS="${SSH_EXTRA_OPTS} -i ${PWD}/ssh-keys/id_rsa"
+export EXIT_AFTER_CONNECT=1
+
+${XIRI_EXE} -X ${SSH_USER}@${REMOTE_IP}

testing/integration/systemctl.mock

@@ -0,0 +1,2 @@
+#!/bin/sh
+kill -HUP 1

xiringuito

@@ -12,6 +12,7 @@ function print_help() {
   echo "-C    do not check if we run outdated app version"
   echo "-R    do not reconnect after connection failure"
   echo "-D    do not fetch DNS config from server"
+  echo "-X    do not run route discovery"
   echo "-h    show this extremely helpful message"
   echo
 }
@@ -40,7 +41,7 @@ export PATH="${PATH}:."
 declare -r ORIGINAL_EXEC=${0}
 declare -r ORIGINAL_ARGS=${@}
 
-while getopts "f:CRDrh" o; do
+while getopts "f:CRDXrh" o; do
   case ${o} in
     f)
       MAX_FAILED_PINGS=${OPTARG}
@@ -62,6 +63,9 @@ while getopts "f:CRDrh" o; do
     D)
       NO_DNS=true
       ;;
+    X)
+      NO_ROUTE_DISCOVERY=true
+      ;;
     r)
       RECONNECTING=true
       ;;
@@ -93,7 +97,7 @@ declare -r SSH_SERVER=${1}; shift
 
 if [[ ${#} -gt 0 ]]; then
   declare -r NETWORKS=${@}
-elif [[ -x ./discover-routes ]]; then
+elif [[ -x ./discover-routes && ! ${NO_ROUTE_DISCOVERY} ]]; then
   declare -r NETWORKS=$(./discover-routes ${SSH_SERVER} | grep "^ROUTE:" | sed 's/.*://')
 fi
 
@@ -149,7 +153,7 @@ else
 fi
 ${SSH_TUNNEL_CMD} ${SSH_OPTS} -oStrictHostKeyChecking=no -w ${LOCAL_TUNNEL_ID}:${TUNNEL_ID} ${SSH_SERVER} ${REMOTE_PATH}/server-execute.sh ${TUNNEL_ID} ${IP_BASE} ${MAX_FAILED_PINGS} &
 SSH_PID=${!}
-sudo ./scripts/${KERNEL}/client-teardown.sh ${$} ${SSH_PID} ${LOCAL_TUNNEL_ID} &
+sudo -E ./scripts/${KERNEL}/client-teardown.sh ${$} ${SSH_PID} ${LOCAL_TUNNEL_ID} &
 
 sleep 5
 
@@ -184,6 +188,10 @@ FAILED_PINGS=0
 while [[ ${FAILED_PINGS} -lt ${MAX_FAILED_PINGS} ]]; do
   [[ $(ps -p ${SSH_PID} | wc -l) -eq 2 ]] || break
 
+  if [[ ${EXIT_AFTER_CONNECT} ]]; then
+    exit 0
+  fi
+
   ./scripts/client-ping-server.sh ${TUNNEL_ID} ${IP_BASE}
   if [[ ${?} -ne 0 ]]; then
     let FAILED_PINGS+=1