diff options
Diffstat (limited to 'tests/white-box')
| -rw-r--r-- | tests/white-box/couchdb.rb | 66 | ||||
| -rw-r--r-- | tests/white-box/network.rb | 33 | ||||
| -rw-r--r-- | tests/white-box/webapp.rb | 24 |
3 files changed, 84 insertions, 39 deletions
diff --git a/tests/white-box/couchdb.rb b/tests/white-box/couchdb.rb index 9d5da94f..6d3a7452 100644 --- a/tests/white-box/couchdb.rb +++ b/tests/white-box/couchdb.rb @@ -10,8 +10,10 @@ class CouchDB < LeapTest def test_00_Are_daemons_running? assert_running 'tapicero' - assert_running 'bin/beam' - assert_running 'bin/epmd' + if multimaster? + assert_running 'bin/beam' + assert_running 'bin/epmd' + end pass end @@ -29,6 +31,7 @@ class CouchDB < LeapTest # compare the configured nodes to the nodes that are actually listed in bigcouch # def test_02_Is_cluster_membership_ok? + return unless multimaster? url = couchdb_backend_url("/nodes/_all_docs") neighbors = assert_property('couch.bigcouch.neighbors') neighbors << assert_property('domain.full') @@ -48,7 +51,8 @@ class CouchDB < LeapTest # this seems backward to me, so it might be the other way around. # def test_03_Are_configured_nodes_online? - url = couchdb_url("/_membership") + return unless multimaster? + url = couchdb_url("/_membership", :user => 'admin') assert_get(url) do |body| response = JSON.parse(body) nodes_configured_but_not_available = response['cluster_nodes'] - response['all_nodes'] @@ -66,11 +70,11 @@ class CouchDB < LeapTest end def test_04_Do_ACL_users_exist? - acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'soledad', 'tapicero', 'webapp'] - url = couchdb_backend_url("/_users/_all_docs") + acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'soledad', 'tapicero', 'webapp', 'replication'] + url = couchdb_backend_url("/_users/_all_docs", :user => 'admin') assert_get(url) do |body| response = JSON.parse(body) - assert_equal 6, response['total_rows'] + assert_equal acl_users.count, response['total_rows'] actual_users = response['rows'].map{|row| row['id'].sub(/^org.couchdb.user:/, '') } assert_equal acl_users.sort, actual_users.sort end @@ -80,7 +84,8 @@ class CouchDB < LeapTest def test_05_Do_required_databases_exist? dbs_that_should_exist = ["customers","identities","keycache","sessions","shared","tickets","tokens","users"] dbs_that_should_exist.each do |db_name| - assert_get(couchdb_url("/"+db_name)) do |body| + url = couchdb_url("/"+db_name, :user => 'admin') + assert_get(url) do |body| assert response = JSON.parse(body) assert_equal db_name, response['db_name'] end @@ -88,22 +93,55 @@ class CouchDB < LeapTest pass end + # + # for now, this just prints warnings, since we are failing these tests. + # + def test_06_Is_ACL_enforced? + ok = assert_auth_fail( + couchdb_url('/users/_all_docs', :user => 'leap_mx'), + {:limit => 1} + ) + ok = assert_auth_fail( + couchdb_url('/users/_all_docs', :user => 'leap_mx'), + {:limit => 1} + ) && ok + pass if ok + end + + def test_07_What? + pass + end + private - def couchdb_url(path="", port=nil) + def couchdb_url(path="", options=nil) + options||={} @port ||= begin assert_property 'couch.port' $node['couch']['port'] end - @password ||= begin - assert_property 'couch.users.admin.password' - $node['couch']['users']['admin']['password'] + url = 'http://' + if options[:user] + assert_property 'couch.users.' + options[:user] + password = $node['couch']['users'][options[:user]]['password'] + url += "%s:%s@" % [options[:user], password] end - "http://admin:#{@password}@localhost:#{port || @port}#{path}" + url += "localhost:#{options[:port] || @port}#{path}" + url + end + + def couchdb_backend_url(path="", options={}) + # TODO: admin port is hardcoded for now but should be configurable. + options = {port: multimaster? && "5986"}.merge options + couchdb_url(path, options) + end + + def multimaster? + mode == "multimaster" end - def couchdb_backend_url(path="") - couchdb_url(path, "5986") # TODO: admin port is hardcoded for now but should be configurable. + def mode + assert_property('couch.mode') end end diff --git a/tests/white-box/network.rb b/tests/white-box/network.rb index e0b0339d..118861a7 100644 --- a/tests/white-box/network.rb +++ b/tests/white-box/network.rb @@ -28,29 +28,26 @@ class Network < LeapTest def test_02_Is_stunnel_running? if $node['stunnel'] good_stunnel_pids = [] - $node['stunnel'].each do |stunnel_type, stunnel_configs| - if stunnel_type =~ /_clients?$/ - stunnel_configs.each do |stunnel_name, stunnel_conf| - config_file_name = "/etc/stunnel/#{stunnel_name}.conf" - processes = pgrep(config_file_name) - assert_equal 6, processes.length, "There should be six stunnel processes running for `#{config_file_name}`" - good_stunnel_pids += processes.map{|ps| ps[:pid]} - assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' - assert_tcp_socket('localhost', port) - end - elsif stunnel_type =~ /_server$/ - config_file_name = "/etc/stunnel/#{stunnel_type}.conf" + $node['stunnel']['clients'].each do |stunnel_type, stunnel_configs| + stunnel_configs.each do |stunnel_name, stunnel_conf| + config_file_name = "/etc/stunnel/#{stunnel_name}.conf" processes = pgrep(config_file_name) assert_equal 6, processes.length, "There should be six stunnel processes running for `#{config_file_name}`" good_stunnel_pids += processes.map{|ps| ps[:pid]} - assert accept = stunnel_configs['accept'], "Field `accept` must be present in property `stunnel.#{stunnel_type}`" - assert_tcp_socket('localhost', accept) - assert connect = stunnel_configs['connect'], "Field `connect` must be present in property `stunnel.#{stunnel_type}`" - assert_tcp_socket(*connect.split(':')) - else - skip "Unknown stunnel type `#{stunnel_type}`" + assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' + assert_tcp_socket('localhost', port) end end + $node['stunnel']['servers'].each do |stunnel_name, stunnel_conf| + config_file_name = "/etc/stunnel/#{stunnel_name}.conf" + processes = pgrep(config_file_name) + assert_equal 6, processes.length, "There should be six stunnel processes running for `#{config_file_name}`" + good_stunnel_pids += processes.map{|ps| ps[:pid]} + assert accept_port = stunnel_conf['accept_port'], "Field `accept` must be present in property `stunnel.servers.#{stunnel_name}`" + assert_tcp_socket('localhost', accept_port) + assert connect_port = stunnel_conf['connect_port'], "Field `connect` must be present in property `stunnel.servers.#{stunnel_name}`" + assert_tcp_socket('localhost', connect_port) + end all_stunnel_pids = pgrep('/usr/bin/stunnel').collect{|process| process[:pid]}.uniq assert_equal good_stunnel_pids.sort, all_stunnel_pids.sort, "There should not be any extra stunnel processes that are not configured in /etc/stunnel" pass diff --git a/tests/white-box/webapp.rb b/tests/white-box/webapp.rb index 142ac2de..7df57fd7 100644 --- a/tests/white-box/webapp.rb +++ b/tests/white-box/webapp.rb @@ -14,15 +14,16 @@ class Webapp < LeapTest # example properties: # # stunnel: - # couch_client: - # couch1_5984: - # accept_port: 4000 - # connect: couch1.bitmask.i - # connect_port: 15984 + # clients: + # couch_client: + # couch1_5984: + # accept_port: 4000 + # connect: couch1.bitmask.i + # connect_port: 15984 # def test_01_Can_contact_couchdb? - assert_property('stunnel.couch_client') - $node['stunnel']['couch_client'].values.each do |stunnel_conf| + assert_property('stunnel.clients.couch_client') + $node['stunnel']['clients']['couch_client'].values.each do |stunnel_conf| assert port = stunnel_conf['accept_port'], 'Field `accept_port` must be present in `stunnel` property.' local_stunnel_url = "http://localhost:#{port}" remote_ip_address = TCPSocket.gethostbyname(stunnel_conf['connect']).last @@ -60,4 +61,13 @@ class Webapp < LeapTest pass end + # + # this is technically a black-box test. so, move this when we have support + # for black box tests. + # + def test_04_Can_access_webapp? + assert_get('https://' + $node['webapp']['domain'] + '/') + pass + end + end |