From 4d8a1bc0ce304404e4d0cab0ce6a3c51ed035e71 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 8 Nov 2016 21:05:39 +0100 Subject: New nickserver is using fully qualified ruby path now --- tests/server-tests/white-box/webapp.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index da1ec8c5..40c234d6 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -28,7 +28,7 @@ class Webapp < LeapTest def test_03_Are_daemons_running? assert_running '^/usr/sbin/apache2' - assert_running '^ruby /usr/bin/nickserver' + assert_running '^/usr/bin/ruby /usr/bin/nickserver' pass end -- cgit v1.2.3 From d8255eb07a8b96ad04fcade8486530db2e61dad4 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 9 Nov 2016 13:50:30 +0100 Subject: Don't do strict checking for nickserver Sometimes nickserver is listed with `ruby /usr/bin/nickserver start` in the process table, sometimes with `/usr/bin/ruby /usr/bin/nickserver start`. We should do proper checking with `systemctl status nickserver` to make sure the service is up though (https://leap.se/code/issues/8579). Meanwhile it's ok to not do strict checking. --- tests/server-tests/white-box/webapp.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index 40c234d6..c46c9f96 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -28,7 +28,7 @@ class Webapp < LeapTest def test_03_Are_daemons_running? assert_running '^/usr/sbin/apache2' - assert_running '^/usr/bin/ruby /usr/bin/nickserver' + assert_running 'ruby /usr/bin/nickserver' pass end -- cgit v1.2.3 From 678a211ca31a7801d8bef8a74ca30feaa16af508 Mon Sep 17 00:00:00 2001 From: drebs Date: Fri, 18 Nov 2016 18:03:26 -0200 Subject: add a timeout for the soledad sync test script (#8590) If for any reason a sync takes too long, the script will timeout and log an errro. --- tests/server-tests/helpers/soledad_sync.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/helpers/soledad_sync.py b/tests/server-tests/helpers/soledad_sync.py index f4fc81ae..b674818d 100755 --- a/tests/server-tests/helpers/soledad_sync.py +++ b/tests/server-tests/helpers/soledad_sync.py @@ -35,6 +35,7 @@ flags.set_events_enabled(False) NUMDOCS = 1 USAGE = "Usage: %s uuid token server cert_file password" % sys.argv[0] +SYNC_TIMEOUT = 60 def bail(msg, exitcode): @@ -68,12 +69,23 @@ if __name__ == '__main__': s = get_soledad_instance( uuid, passphrase, tempdir, server, cert_file, token) + def syncWithTimeout(_): + d = s.sync() + reactor.callLater(SYNC_TIMEOUT, d.cancel) + return d + def onSyncDone(sync_result): print "SYNC_RESULT:", sync_result s.close() rm_tempdir() reactor.stop() + def trap_cancel(f): + f.trap(defer.CancelledError) + log.err("sync timed out after %s seconds" % SYNC_TIMEOUT) + rm_tempdir() + reactor.stop() + def log_and_exit(f): log.err(f) rm_tempdir() @@ -81,8 +93,9 @@ if __name__ == '__main__': def start_sync(): d = create_docs(s) - d.addCallback(lambda _: s.sync()) + d.addCallback(syncWithTimeout) d.addCallback(onSyncDone) + d.addErrback(trap_cancel) d.addErrback(log_and_exit) reactor.callWhenRunning(start_sync) -- cgit v1.2.3 From 389228df6ee52ce41cc83c2b91fe0b6572d4bc50 Mon Sep 17 00:00:00 2001 From: drebs Date: Fri, 18 Nov 2016 18:16:41 -0200 Subject: use lock to avoid running multiple soledad tests (#8590) If a soledad sync test script is already running, there's no need to run another one. This avoids having multiple test script hanging and eating up resources. We have seen this situation under development circumstances, when the soledad server has been modified in a way that the client hangs and never finishes. --- tests/server-tests/helpers/soledad_sync.py | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests') diff --git a/tests/server-tests/helpers/soledad_sync.py b/tests/server-tests/helpers/soledad_sync.py index b674818d..a92ec68f 100755 --- a/tests/server-tests/helpers/soledad_sync.py +++ b/tests/server-tests/helpers/soledad_sync.py @@ -27,6 +27,7 @@ os.environ['SKIP_TWISTED_SSL_CHECK'] = '1' from twisted.internet import defer, reactor from twisted.python import log +from twisted.python.lockfile import FilesystemLock from client_side_db import get_soledad_instance from leap.common.events import flags @@ -43,6 +44,13 @@ def bail(msg, exitcode): sys.exit(exitcode) +def obtain_lock(): + scriptname = os.path.basename(__file__) + lockfile = os.path.join(tempfile.gettempdir(), scriptname + '.lock') + lock = FilesystemLock(lockfile) + return lock.lock() + + def create_docs(soledad): """ Populates the soledad database with dummy messages, so we can exercise @@ -65,6 +73,9 @@ if __name__ == '__main__': if len(sys.argv) < 6: bail(USAGE, 2) + if not obtain_lock(): + bail("another instance is already running", 1) + uuid, token, server, cert_file, passphrase = sys.argv[1:] s = get_soledad_instance( uuid, passphrase, tempdir, server, cert_file, token) -- cgit v1.2.3 From 3c4b29162e17960108a92ecc71274ecc4c9c3f76 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 8 Dec 2016 09:52:46 +0100 Subject: Use webapp/nickserver:master on leap_platform:master (#8678) --- tests/platform-ci/ci-build.sh | 3 +-- tests/platform-ci/provider/common.json | 10 ---------- 2 files changed, 1 insertion(+), 12 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 85557b3f..0dfbb5c3 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -43,8 +43,7 @@ NAME="citest${CI_BUILD_ID}" TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:master sources.nickserver.revision:master' - +SEEDS='' # # Main diff --git a/tests/platform-ci/provider/common.json b/tests/platform-ci/provider/common.json index a13f8f75..2c63c085 100644 --- a/tests/platform-ci/provider/common.json +++ b/tests/platform-ci/provider/common.json @@ -1,12 +1,2 @@ { - "sources": { - "platform": { - "apt": { - "basic": "http://deb.leap.se/experimental-0.9" - } - }, - "nickserver": { - "revision": "develop" - } - } } -- cgit v1.2.3 From da70f97f9478281c296c3412dc1f25ada989eeb2 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 20 Dec 2016 22:34:16 +0100 Subject: [Vagrant] Remove versioning of provider config --- tests/example-provider/vagrant/configure-leap.sh | 7 ------- tests/example-provider/vagrant/install-platform.pp | 3 --- tests/example-provider/vagrant/vagrant.config | 2 -- 3 files changed, 12 deletions(-) (limited to 'tests') diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh index fd34d7ea..8bd591e0 100755 --- a/tests/example-provider/vagrant/configure-leap.sh +++ b/tests/example-provider/vagrant/configure-leap.sh @@ -35,10 +35,6 @@ echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP $OPTS compile -$GIT init -$GIT add . -$GIT commit -m'configured provider' - $LEAP $OPTS node init $NODE if [ $? -eq 1 ]; then echo 'node init failed' @@ -52,9 +48,6 @@ gem install rake $LEAP $OPTS -v 2 deploy -$GIT add . -$GIT commit -m'initialized and deployed provider' - # Vagrant: leap_mx fails to start on jessie # https://leap.se/code/issues/7755 # Workaround: we stop and start leap-mx after deploy and diff --git a/tests/example-provider/vagrant/install-platform.pp b/tests/example-provider/vagrant/install-platform.pp index 223853c1..9cefcf7c 100755 --- a/tests/example-provider/vagrant/install-platform.pp +++ b/tests/example-provider/vagrant/install-platform.pp @@ -10,6 +10,3 @@ class { '::leap::cli::install': file { [ '/srv/leap', '/srv/leap/configuration', '/var/log/leap' ]: ensure => directory } - -# install prerequisites for configuring the provider -include ::git diff --git a/tests/example-provider/vagrant/vagrant.config b/tests/example-provider/vagrant/vagrant.config index 60d2a52c..ff5dd38f 100644 --- a/tests/example-provider/vagrant/vagrant.config +++ b/tests/example-provider/vagrant/vagrant.config @@ -19,5 +19,3 @@ SUDO="sudo -u ${USER}" PROVIDERDIR="/home/${USER}/leap/configuration" PLATFORMDIR="/srv/leap_platform" LEAP="$SUDO /usr/local/bin/leap" -GIT="$SUDO git" - -- cgit v1.2.3 From 6814e226d90944b4adde33ad4946ff7a400b413e Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 23 Dec 2016 13:03:33 +0100 Subject: Change regex for soledad process check --- tests/server-tests/white-box/soledad.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/soledad.rb b/tests/server-tests/white-box/soledad.rb index d41bee58..b89145bc 100644 --- a/tests/server-tests/white-box/soledad.rb +++ b/tests/server-tests/white-box/soledad.rb @@ -10,7 +10,7 @@ class Soledad < LeapTest end def test_00_Is_Soledad_running? - assert_running '.*/usr/bin/twistd.*--wsgi=leap.soledad.server.application' + assert_running '/usr/bin/python /usr/bin/twistd --uid=soledad --gid=soledad --pidfile=/var/run/soledad.pid --syslog --prefix=soledad-server web --class=leap.soledad.server.resource.SoledadResource.*' pass end -- cgit v1.2.3 From 889e206ac2dfab93adbc3ad70ab0ba4f883de2e2 Mon Sep 17 00:00:00 2001 From: drebs Date: Thu, 22 Dec 2016 20:23:21 -0200 Subject: bugfix: remove deprecated parameter from soledad test script --- tests/server-tests/helpers/client_side_db.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/server-tests/helpers/client_side_db.py b/tests/server-tests/helpers/client_side_db.py index 2f8c220f..5842c007 100644 --- a/tests/server-tests/helpers/client_side_db.py +++ b/tests/server-tests/helpers/client_side_db.py @@ -55,8 +55,7 @@ def get_soledad_instance(uuid, passphrase, basedir, server_url, cert_file, local_db_path=local_db_path, server_url=server_url, cert_file=cert_file, - auth_token=token, - defer_encryption=True) + auth_token=token) def _get_api_info(provider): -- cgit v1.2.3 From 9b8314f3d2707a80e6238bb173280de291ecd2f4 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 10 Jan 2017 19:43:30 +0100 Subject: New unbound runs with debug flag by default --- tests/server-tests/white-box/mx.rb | 2 +- tests/server-tests/white-box/openvpn.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/mx.rb b/tests/server-tests/white-box/mx.rb index 0eeaacd0..ecc8686c 100644 --- a/tests/server-tests/white-box/mx.rb +++ b/tests/server-tests/white-box/mx.rb @@ -57,7 +57,7 @@ class Mx < LeapTest assert_running '^/usr/sbin/postfwd' assert_running 'postfwd2::cache$' assert_running 'postfwd2::policy$' - assert_running '^/usr/sbin/unbound$' + assert_running '^/usr/sbin/unbound' assert_running '^/usr/bin/freshclam' assert_running '^/usr/sbin/opendkim' if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 diff --git a/tests/server-tests/white-box/openvpn.rb b/tests/server-tests/white-box/openvpn.rb index 170d4503..d5cc2265 100644 --- a/tests/server-tests/white-box/openvpn.rb +++ b/tests/server-tests/white-box/openvpn.rb @@ -9,7 +9,7 @@ class OpenVPN < LeapTest def test_01_Are_daemons_running? assert_running '^/usr/sbin/openvpn .* /etc/openvpn/tcp_config.conf$' assert_running '^/usr/sbin/openvpn .* /etc/openvpn/udp_config.conf$' - assert_running '^/usr/sbin/unbound$' + assert_running '^/usr/sbin/unbound' pass end -- cgit v1.2.3 From 98a19ce148800d0945fbddf59f5bafbb09748fd5 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 31 Jan 2017 15:53:18 +0100 Subject: Platform CI: Dont run bundle install in parallel Closes: #8684 --- tests/platform-ci/setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh index 39ef3130..99f735b7 100755 --- a/tests/platform-ci/setup.sh +++ b/tests/platform-ci/setup.sh @@ -1,4 +1,4 @@ #!/bin/sh which bundle || /usr/bin/apt install bundle -/usr/local/bin/bundle install --binstubs --path=/var/cache/gitlab-runner/ --with=test --jobs "$(nproc)" +/usr/local/bin/bundle install --binstubs --path=vendor --with=test --jobs "$(nproc)" -- cgit v1.2.3 From 9e68982b4ef8af087e8792e502d37632d1a9a0e8 Mon Sep 17 00:00:00 2001 From: elijah Date: Thu, 9 Feb 2017 16:34:56 -0800 Subject: tests: check process by either process scan or service name. closes #8753 --- tests/server-tests/helpers/os_helper.rb | 28 +++++++++++++++++++++++----- tests/server-tests/white-box/couchdb.rb | 4 ++-- tests/server-tests/white-box/mx.rb | 20 ++++++++++---------- tests/server-tests/white-box/openvpn.rb | 6 +++--- tests/server-tests/white-box/soledad.rb | 2 +- tests/server-tests/white-box/webapp.rb | 4 ++-- 6 files changed, 41 insertions(+), 23 deletions(-) (limited to 'tests') diff --git a/tests/server-tests/helpers/os_helper.rb b/tests/server-tests/helpers/os_helper.rb index 9923d5b1..6a71388c 100644 --- a/tests/server-tests/helpers/os_helper.rb +++ b/tests/server-tests/helpers/os_helper.rb @@ -20,11 +20,29 @@ class LeapTest }.compact end - def assert_running(process, options={}) - processes = pgrep(process) - assert processes.any?, "No running process for #{process}" - if options[:single] - assert processes.length == 1, "More than one process for #{process}" + # + # passes if the specified process is runnin. + # + # arguments: + # + # match => VALUE -- scan process table for VALUE + # service => VALUE -- call systemctl is-active VALUE + # + # single => true|false -- if true, there must be one result + # + def assert_running(match:nil, service:nil, single:false) + if match + processes = pgrep(match) + assert processes.any?, "No running process for #{match}" + if single + assert processes.length == 1, "More than one process for #{match}" + end + elsif service + `systemctl is-active #{service} 2>&1` + if $?.exitstatus != 0 + output = `systemctl status #{service} 2>&1` + fail "Service '#{service}' is not running:\n#{output}" + end end end diff --git a/tests/server-tests/white-box/couchdb.rb b/tests/server-tests/white-box/couchdb.rb index 44a2769b..dcf71bc7 100644 --- a/tests/server-tests/white-box/couchdb.rb +++ b/tests/server-tests/white-box/couchdb.rb @@ -9,9 +9,9 @@ class CouchDB < LeapTest end def test_00_Are_daemons_running? - assert_running 'bin/beam' + assert_running match: 'bin/beam' if multimaster? - assert_running 'bin/epmd' + assert_running match: 'bin/epmd' end pass end diff --git a/tests/server-tests/white-box/mx.rb b/tests/server-tests/white-box/mx.rb index ecc8686c..432f4e54 100644 --- a/tests/server-tests/white-box/mx.rb +++ b/tests/server-tests/white-box/mx.rb @@ -52,17 +52,17 @@ class Mx < LeapTest end def test_04_Are_MX_daemons_running? - assert_running '.*/usr/bin/twistd.*mx.tac' - assert_running '^/usr/lib/postfix/master$' - assert_running '^/usr/sbin/postfwd' - assert_running 'postfwd2::cache$' - assert_running 'postfwd2::policy$' - assert_running '^/usr/sbin/unbound' - assert_running '^/usr/bin/freshclam' - assert_running '^/usr/sbin/opendkim' + assert_running match: '.*/usr/bin/twistd.*mx.tac' + assert_running match: '^/usr/lib/postfix/master$' + assert_running match: '^/usr/sbin/postfwd' + assert_running match: 'postfwd2::cache$' + assert_running match: 'postfwd2::policy$' + assert_running match: '^/usr/sbin/unbound' + assert_running match: '^/usr/bin/freshclam' + assert_running match: '^/usr/sbin/opendkim' if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 - assert_running '^/usr/sbin/clamd' - assert_running '^/usr/sbin/clamav-milter' + assert_running match: '^/usr/sbin/clamd' + assert_running match: '^/usr/sbin/clamav-milter' pass else skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running." diff --git a/tests/server-tests/white-box/openvpn.rb b/tests/server-tests/white-box/openvpn.rb index d5cc2265..4eed7eb9 100644 --- a/tests/server-tests/white-box/openvpn.rb +++ b/tests/server-tests/white-box/openvpn.rb @@ -7,9 +7,9 @@ class OpenVPN < LeapTest end def test_01_Are_daemons_running? - assert_running '^/usr/sbin/openvpn .* /etc/openvpn/tcp_config.conf$' - assert_running '^/usr/sbin/openvpn .* /etc/openvpn/udp_config.conf$' - assert_running '^/usr/sbin/unbound' + assert_running match: '^/usr/sbin/openvpn .* /etc/openvpn/tcp_config.conf$' + assert_running match: '^/usr/sbin/openvpn .* /etc/openvpn/udp_config.conf$' + assert_running match: '^/usr/sbin/unbound' pass end diff --git a/tests/server-tests/white-box/soledad.rb b/tests/server-tests/white-box/soledad.rb index b89145bc..112d6b9b 100644 --- a/tests/server-tests/white-box/soledad.rb +++ b/tests/server-tests/white-box/soledad.rb @@ -10,7 +10,7 @@ class Soledad < LeapTest end def test_00_Is_Soledad_running? - assert_running '/usr/bin/python /usr/bin/twistd --uid=soledad --gid=soledad --pidfile=/var/run/soledad.pid --syslog --prefix=soledad-server web --class=leap.soledad.server.resource.SoledadResource.*' + assert_running service: 'soledad-server' pass end diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index c46c9f96..e48df524 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -27,8 +27,8 @@ class Webapp < LeapTest end def test_03_Are_daemons_running? - assert_running '^/usr/sbin/apache2' - assert_running 'ruby /usr/bin/nickserver' + assert_running match: '^/usr/sbin/apache2' + assert_running match: 'ruby /usr/bin/nickserver' pass end -- cgit v1.2.3 From 5035b80537d4f6d4f4d57a3a429d12fc4ca04d54 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 23 Feb 2017 11:52:10 +0100 Subject: [8144] Remove Haproxy tests --- tests/server-tests/helpers/couchdb_helper.rb | 31 +--------------------------- tests/server-tests/helpers/http_helper.rb | 4 ++-- tests/server-tests/white-box/mx.rb | 10 --------- tests/server-tests/white-box/webapp.rb | 10 --------- 4 files changed, 3 insertions(+), 52 deletions(-) (limited to 'tests') diff --git a/tests/server-tests/helpers/couchdb_helper.rb b/tests/server-tests/helpers/couchdb_helper.rb index efb2c2bf..0b6671ee 100644 --- a/tests/server-tests/helpers/couchdb_helper.rb +++ b/tests/server-tests/helpers/couchdb_helper.rb @@ -30,35 +30,6 @@ class LeapTest end end - # - # generates a couchdb url for accessing couchdb via haproxy - # - # example properties: - # - # haproxy: - # couch: - # listen_port: 4096 - # servers: - # panda: - # backup: false - # host: localhost - # port: 4000 - # weight: 100 - # writable: true - # - def couchdb_url_via_haproxy(path="", options=nil) - path = path.gsub('"', '%22') - if options && options[:username] && options[:password] - userpart = "%{username}:%{password}@" % options - else - userpart = "" - end - port = assert_property('haproxy.couch.listen_port') - return URLString.new("http://#{userpart}localhost:#{port}#{path}").tap { |url| - url.memo = '(via haproxy)' - } - end - # # generates a couchdb url for when couchdb is running locally. # @@ -140,4 +111,4 @@ class LeapTest end end -end \ No newline at end of file +end diff --git a/tests/server-tests/helpers/http_helper.rb b/tests/server-tests/helpers/http_helper.rb index 0d0bb7d5..3a1df9e7 100644 --- a/tests/server-tests/helpers/http_helper.rb +++ b/tests/server-tests/helpers/http_helper.rb @@ -5,7 +5,7 @@ class LeapTest # # In order to easily provide detailed error messages, it is useful # to append a memo to a url string that details what this url is for - # (e.g. stunnel, haproxy, etc). + # (e.g. stunnel, etc). # # So, the url happens to be a UrlString, the memo field is used # if there is an error in assert_get. @@ -154,4 +154,4 @@ class LeapTest request end -end \ No newline at end of file +end diff --git a/tests/server-tests/white-box/mx.rb b/tests/server-tests/white-box/mx.rb index 432f4e54..dfad0eed 100644 --- a/tests/server-tests/white-box/mx.rb +++ b/tests/server-tests/white-box/mx.rb @@ -24,16 +24,6 @@ class Mx < LeapTest pass end - def test_02_Can_contact_couchdb_via_haproxy? - if property('haproxy.couch') - url = couchdb_url_via_haproxy("", couch_url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - end - # # this test picks a random identity document, then queries # using the by_address view for that same document again. diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index e48df524..b1ceddb1 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -16,16 +16,6 @@ class Webapp < LeapTest pass end - def test_02_Can_contact_couchdb_via_haproxy? - if property('haproxy.couch') - url = couchdb_url_via_haproxy("", url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - end - def test_03_Are_daemons_running? assert_running match: '^/usr/sbin/apache2' assert_running match: 'ruby /usr/bin/nickserver' -- cgit v1.2.3 From 4dbb2c726b7594685ed7857a3f2f89d9a08f36ff Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 14 Mar 2017 00:04:47 +0100 Subject: Use http://deb.leap.se/platform jessie snapshots for platform CI --- tests/platform-ci/provider/common.json | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/provider/common.json b/tests/platform-ci/provider/common.json index 2c63c085..e5096c47 100644 --- a/tests/platform-ci/provider/common.json +++ b/tests/platform-ci/provider/common.json @@ -1,2 +1,10 @@ { + "sources": { + "platform": { + "apt": { + "basic": "http://deb.leap.se/platform", + "component": "snapshots" + } + } + } } -- cgit v1.2.3 From 747d3e9b55c8b7b7d98a63474b6de82d7114c389 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 29 Mar 2017 12:46:39 +0200 Subject: Run leap info after deploy --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 0dfbb5c3..af1dba0f 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -78,10 +78,10 @@ $LEAP_CMD compile "$TAG" $LEAP_CMD vm status "$TAG" $LEAP_CMD node init "$TAG" -$LEAP_CMD info "${TAG}" # Deploy and test $LEAP_CMD deploy "$TAG" +$LEAP_CMD info "${TAG}" $LEAP_CMD test "$TAG" # if everything succeeds, destroy the vm -- cgit v1.2.3 From b6d23b4051587cd4dd69259ef7ead680fc66ce95 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Apr 2017 14:32:39 -0400 Subject: Ensure leap command is setup properly for CI Add a `leap help` command at the end of the CI setup.sh to ensure that the command is setup properly before continuing --- tests/platform-ci/setup.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh index 99f735b7..e92dddc7 100755 --- a/tests/platform-ci/setup.sh +++ b/tests/platform-ci/setup.sh @@ -2,3 +2,4 @@ which bundle || /usr/bin/apt install bundle /usr/local/bin/bundle install --binstubs --path=vendor --with=test --jobs "$(nproc)" +/usr/local/bin/bundle exec leap -v2 --yes help -- cgit v1.2.3 From 92f069fc456260c0cc394ab280e61a560ccb3345 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Apr 2017 14:35:03 -0400 Subject: Enhance ci-build.sh for latest CI builds. . Reorganize script to allow for multiple builds . Add latest build, pulling from the ibex provider . Run the build as the cirunner unprivileged user . Set pipefail because job is run within a pipe . Change name of 'build' stage to 'deploy' . Setup an environment for the latest CI deployment --- tests/platform-ci/ci-build.sh | 118 ++++++++++++++++++++++++++---------------- 1 file changed, 74 insertions(+), 44 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index af1dba0f..869e7517 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -15,75 +15,105 @@ # * ssh private key used to login to remove vm # * `SSH_PRIVATE_KEY` # -# Todo: -# - Running locally works fine, now use it in gitlab CI ( which ssh-key ? create cloud.json from env vars ) -# - Speed up vm boot if possible ( right now 3-4mins ) # exit if any commands returns non-zero status set -e +# because the ci-build is running in a pipe we need to also set the following +# so exit codes will be caught correctly. +set -o pipefail # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") -# leap_platform/tests/platform-ci/provider -PROVIDERDIR="${ROOTDIR}/provider" - # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") -LEAP_CMD="/usr/local/bin/bundle exec leap -v2 --yes" +LEAP_CMD() { + /usr/local/bin/bundle exec leap -v2 --yes "$@" +} + +deploy() { + LEAP_CMD deploy "$TAG" +} + +test() { + LEAP_CMD test "$TAG" +} + +build_from_scratch() { + # leap_platform/tests/platform-ci/provider + PROVIDERDIR="${ROOTDIR}/provider" + /bin/echo "Provider directory: ${PROVIDERDIR}" + cd "$PROVIDERDIR" -# create node(s) with unique id so we can run tests in parallel -NAME="citest${CI_BUILD_ID}" -# when using gitlab-runner locally, CI_BUILD_ID is always 1 which -# will conflict with running/terminating AWS instances in subsequent runs -# therefore we pick a random number in this case -[ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + # Create cloud.json needed for `leap vm` commands using AWS credentials + which jq || ( apt-get update -y && apt-get install jq -y ) + /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json -TAG='single' -SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -SEEDS='' + [ -d "./tags" ] || mkdir "./tags" + /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" + + pwd + LEAP_CMD vm status "$TAG" + # shellcheck disable=SC2086 + LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS + LEAP_CMD compile "$TAG" + LEAP_CMD vm status "$TAG" + + LEAP_CMD node init "$TAG" + LEAP_CMD info "${TAG}" +} # # Main # - /bin/echo "CI directory: ${ROOTDIR}" -/bin/echo "Provider directory: ${PROVIDERDIR}" /bin/echo "Platform directory: ${PLATFORMDIR}" -cd "$PROVIDERDIR" # Ensure we don't output secret stuff to console even when running in verbose mode with -x set +x -# Create cloud.json needed for `leap vm` commands using AWS credentials -which jq || ( apt-get update -y && apt-get install jq -y ) -/usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json - # Configure ssh keypair [ -d ~/.ssh ] || /bin/mkdir ~/.ssh /bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa /bin/chmod 600 ~/.ssh/id_rsa -/bin/cp users/gitlab-runner/gitlab-runner_ssh.pub ~/.ssh/id_rsa.pub - -[ -d "./tags" ] || mkdir "./tags" -/bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" - -$LEAP_CMD vm status "$TAG" -# shellcheck disable=SC2086 -$LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS -$LEAP_CMD compile "$TAG" -$LEAP_CMD vm status "$TAG" - -$LEAP_CMD node init "$TAG" - -# Deploy and test -$LEAP_CMD deploy "$TAG" -$LEAP_CMD info "${TAG}" -$LEAP_CMD test "$TAG" - -# if everything succeeds, destroy the vm -$LEAP_CMD vm rm "${TAG}" -[ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" +/bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub + +case "$CI_BUILD_STAGE" in + build) + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_BUILD_ID}" + # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # will conflict with running/terminating AWS instances in subsequent runs + # therefore we pick a random number in this case + [ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + + TAG='single' + SERVICES='couchdb,soledad,mx,webapp,tor,monitor' + SEEDS='' + build_from_scratch + # Deploy and test + deploy + test + # if everything succeeds, destroy the vm + LEAP_CMD vm rm "${TAG}" + [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" + ;; + latest) + TAG='latest' + echo "Cloning ibex provider..." + git clone -q --depth 1 ssh://gitolite@leap.se/ibex + cd ibex + git rev-parse HEAD + echo -n "Operating in the ibex directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test + ;; +esac -- cgit v1.2.3 From 9ab23ac448d629a362bdba142b685217b2103f07 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Apr 2017 14:59:51 -0400 Subject: switch to using CI_ENVIRONMENT_NAME and defaulting to the basic deployment --- tests/platform-ci/ci-build.sh | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 869e7517..a9731fca 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -81,8 +81,23 @@ set +x /bin/chmod 600 ~/.ssh/id_rsa /bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub -case "$CI_BUILD_STAGE" in - build) +case "$CI_ENVIRONMENT_NAME" in + latest) + TAG='latest' + echo "Cloning ibex provider..." + git clone -q --depth 1 ssh://gitolite@leap.se/ibex + cd ibex + git rev-parse HEAD + echo -n "Operating in the ibex directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test + ;; + *) # create node(s) with unique id so we can run tests in parallel NAME="citest${CI_BUILD_ID}" # when using gitlab-runner locally, CI_BUILD_ID is always 1 which @@ -101,19 +116,4 @@ case "$CI_BUILD_STAGE" in LEAP_CMD vm rm "${TAG}" [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; - latest) - TAG='latest' - echo "Cloning ibex provider..." - git clone -q --depth 1 ssh://gitolite@leap.se/ibex - cd ibex - git rev-parse HEAD - echo -n "Operating in the ibex directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test - ;; esac -- cgit v1.2.3 From f5d1850e7b3831b1ee6374627bb403aa3858a320 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Apr 2017 13:42:14 -0400 Subject: Fix the pipefail by putting ts inside of ci-build.sh --- tests/platform-ci/ci-build.sh | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index a9731fca..b39f6874 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -22,6 +22,11 @@ set -e # so exit codes will be caught correctly. set -o pipefail +# we wrap the whole script in curly braces so we can pipe it all through ts to +# get timestamps. If we put it outside of the script, then we can't get proper +# pipefail results. + +{ # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") @@ -117,3 +122,4 @@ case "$CI_ENVIRONMENT_NAME" in [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; esac +} | /usr/bin/ts -s -- cgit v1.2.3 From 9d096ace3692f67fe82a97d648c930c2da19a830 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Apr 2017 19:40:28 -0400 Subject: Add a production environment for demovpn, demomail Pull duplicated bits into a function --- tests/platform-ci/ci-build.sh | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b39f6874..e25b8096 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -70,6 +70,21 @@ build_from_scratch() { LEAP_CMD info "${TAG}" } +run() { + echo "Cloning $1 repo: $2" + git clone -q --depth 1 "$2" + cd "$1" + git rev-parse HEAD + echo -n "Operating in the $1 directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test +} + # # Main # @@ -89,18 +104,15 @@ set +x case "$CI_ENVIRONMENT_NAME" in latest) TAG='latest' - echo "Cloning ibex provider..." - git clone -q --depth 1 ssh://gitolite@leap.se/ibex - cd ibex - git rev-parse HEAD - echo -n "Operating in the ibex directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test + run ibex ssh://gitolite@leap.se/ibex + ;; + production/mail) + TAG='demomail' + run bitmask ssh://gitolite@leap.se/bitmask + ;; + production/vpn) + TAG='demovpn' + run bitmask ssh://gitolite@leap.se/bitmask ;; *) # create node(s) with unique id so we can run tests in parallel -- cgit v1.2.3 From a577fbf20357ae1bc611da975cde001ef9dfa310 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Apr 2017 11:59:57 +0200 Subject: Improve ci-build.sh (Closes #8771) * Change environment names for clarity: . Use staging for deploying to latest . Use production environments to deploy to demo: production/vpn production/mail * Install leap_cli if not present and define default values * Remove old nodes from cached runs * Remove no longer used SEEDS variable * Debugging improvements: . Hide secrets when calling ci-build.sh with xtrace enabled . Use unbuffer to we can add debug output locally . Add debugging to build_from_scratch() --- tests/platform-ci/ci-build.sh | 66 +++++++++++++++++++++++++++++++++---------- 1 file changed, 51 insertions(+), 15 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index e25b8096..747e09a7 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -22,11 +22,16 @@ set -e # so exit codes will be caught correctly. set -o pipefail -# we wrap the whole script in curly braces so we can pipe it all through ts to -# get timestamps. If we put it outside of the script, then we can't get proper -# pipefail results. +# Check if scipt is run in debug mode so we can hide secrets +if [[ "$-" =~ 'x' ]] +then + echo 'Running with xtrace enabled!' + xtrace=true +else + echo 'Running with xtrace disabled!' + xtrace=false +fi -{ # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") @@ -34,9 +39,20 @@ ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") -LEAP_CMD() { - /usr/local/bin/bundle exec leap -v2 --yes "$@" -} +# In the gitlab CI pipeline leap is installed in a different +# stage by bundle. To debug you can run a single CI job locally +# so we install leap_cli as gem here. +if /usr/local/bin/bundle exec leap >/dev/null 2>&1 +then + LEAP_CMD() { + /usr/local/bin/bundle exec leap -v2 --yes "$@" + } +else + sudo gem install leap_cli + LEAP_CMD() { + leap -v2 --yes "$@" + } +fi deploy() { LEAP_CMD deploy "$TAG" @@ -54,19 +70,38 @@ build_from_scratch() { # Create cloud.json needed for `leap vm` commands using AWS credentials which jq || ( apt-get update -y && apt-get install jq -y ) + + # Dsiable xtrace + set +x /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json + # Enable xtrace again only if it was set at beginning of script + [[ $xtrace == true ]] && set -x [ -d "./tags" ] || mkdir "./tags" /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" pwd + +# remove old cached nodes + echo "Removing old cached nodes..." + find nodes -name 'citest*' -exec rm {} \; + + echo "Listing current VM status..." LEAP_CMD vm status "$TAG" # shellcheck disable=SC2086 - LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS + echo "Adding VM $NAME with the services: $SERVICES and the tags: $TAG" + LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" + echo "Compiling $TAG..." LEAP_CMD compile "$TAG" + echo "Listing current VM status for TAG: $TAG..." LEAP_CMD vm status "$TAG" + echo "Running leap list..." + LEAP_CMD list + + echo "Running leap node init on TAG: $TAG" LEAP_CMD node init "$TAG" + echo "Running leap info on $TAG" LEAP_CMD info "${TAG}" } @@ -101,30 +136,32 @@ set +x /bin/chmod 600 ~/.ssh/id_rsa /bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub +# Enable xtrace again only if it was set at beginning of script +[[ $xtrace == true ]] && set -x + case "$CI_ENVIRONMENT_NAME" in - latest) + staging) TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - production/mail) + demo/mail) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - production/vpn) + demo/vpn) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; *) # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID}" + NAME="citest${CI_BUILD_ID:-0}" # when using gitlab-runner locally, CI_BUILD_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case - [ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' - SEEDS='' build_from_scratch # Deploy and test deploy @@ -134,4 +171,3 @@ case "$CI_ENVIRONMENT_NAME" in [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; esac -} | /usr/bin/ts -s -- cgit v1.2.3 From 8bc60685875e2eb289d0d860ebe7ba7839eb20e2 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 27 Apr 2017 13:41:22 -0400 Subject: change environment names to match ci-build.sh --- tests/platform-ci/ci-build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 747e09a7..34876a73 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -144,11 +144,11 @@ case "$CI_ENVIRONMENT_NAME" in TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - demo/mail) + production/demo/mail) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - demo/vpn) + production/demo/vpn) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; -- cgit v1.2.3 From 04a1c0bc3ed7173836ed790776be1a13437310a7 Mon Sep 17 00:00:00 2001 From: Tulio Casagrande Date: Wed, 10 May 2017 14:43:46 -0300 Subject: Remove pixelated submodule from the example provider --- tests/example-provider/vagrant/add-pixelated.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/example-provider/vagrant/add-pixelated.sh b/tests/example-provider/vagrant/add-pixelated.sh index f9908947..38a7ea47 100755 --- a/tests/example-provider/vagrant/add-pixelated.sh +++ b/tests/example-provider/vagrant/add-pixelated.sh @@ -6,8 +6,8 @@ cd "$PROVIDERDIR" -if ! git submodule status files/puppet/modules/pixelated > /dev/null 2>&1; then - git submodule add https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated +if ! [ -d files/puppet/modules/pixelated ]; then + git clone https://github.com/pixelated/puppet-pixelated.git files/puppet/modules/pixelated fi echo '{}' > services/pixelated.json @@ -26,7 +26,7 @@ $LEAP $OPTS -v 2 test --continue echo -e '\n===========================================================================================================\n\n' echo -e 'You are now ready to use your vagrant Pixelated provider.\n' -echo -e 'The LEAP webapp is available at https://localhost:4443. Use it to register an account before using the Pixelated Useragent.\n' -echo -e 'The Pixelated Useragent is available at https://localhost:8080\n' +echo -e 'The LEAP webapp is available at https://localhost:4443. Use it to register an account before using the Pixelated User Agent.\n' +echo -e 'The Pixelated User Agent is available at https://localhost:8080\n' echo -e 'Please add an exception for both sites in your browser dialog to allow the self-signed certificate.\n' -- cgit v1.2.3 From 9be35a2aaee59f8d78b620a5b1f02ea08ec3bc78 Mon Sep 17 00:00:00 2001 From: varac Date: Sun, 21 May 2017 23:29:34 +0200 Subject: [vagrant] Use private networking for direct acces Without private networking, the box cannot get directly accessed, only via port forwardings. https://www.vagrantup.com/docs/networking/private_network.html - Resolves: #7769 --- tests/example-provider/Vagrantfile | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'tests') diff --git a/tests/example-provider/Vagrantfile b/tests/example-provider/Vagrantfile index 1e410f5e..e909e79b 100644 --- a/tests/example-provider/Vagrantfile +++ b/tests/example-provider/Vagrantfile @@ -42,6 +42,10 @@ Vagrant.configure("2") do |config| config.ssh.username = "vagrant" + # Enable private networking so the box can be accessed directly, + # not only via port forwaring + config.vm.network "private_network", type: "dhcp" + # forward leap_web ports config.vm.network "forwarded_port", guest: 443, host:4443 # forward pixelated ports -- cgit v1.2.3 From 10164a2651cb9ca07442e8382b7e238c8a8939c1 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 23 May 2017 12:07:44 +0200 Subject: Lint configure-leap.sh --- tests/example-provider/vagrant/configure-leap.sh | 54 ++++++++++++------------ 1 file changed, 27 insertions(+), 27 deletions(-) (limited to 'tests') diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh index 8bd591e0..a8c0ff20 100755 --- a/tests/example-provider/vagrant/configure-leap.sh +++ b/tests/example-provider/vagrant/configure-leap.sh @@ -1,41 +1,41 @@ -#!/bin/bash - +#!/bin/sh +# shellcheck disable=SC1091 . /vagrant/vagrant/vagrant.config echo '===============================================' -echo 'configuring leap' +echo "Configuring LEAP in ${PROVIDERDIR}" echo '===============================================' # purge $PROVIDERDIR so this script can be run multiple times -[ -e $PROVIDERDIR ] && rm -rf $PROVIDERDIR +[ -e "$PROVIDERDIR" ] && rm -rf "$PROVIDERDIR" -mkdir -p $PROVIDERDIR -chown ${USER}:${USER} ${PROVIDERDIR} -cd $PROVIDERDIR +mkdir -p "$PROVIDERDIR" +chown "${USER}:${USER}" "${PROVIDERDIR}" +cd "$PROVIDERDIR" || exit -$LEAP $OPTS new --contacts "$contacts" --domain "$provider_domain" --name "$provider_name" --platform="$PLATFORMDIR" . -echo -e '\n@log = "./deploy.log"' >> Leapfile +$LEAP "$OPTS" new --contacts "${contacts:?}" --domain "${provider_domain:?}" --name "${provider_name:?}" --platform="$PLATFORMDIR" . +printf '\n@log = "./deploy.log"' >> Leapfile -if [ ! -e /home/${USER}/.ssh/id_rsa ]; then - $SUDO ssh-keygen -f /home/${USER}/.ssh/id_rsa -P '' +if [ ! -e "/home/${USER}/.ssh/id_rsa" ]; then + $SUDO ssh-keygen -f "/home/${USER}/.ssh/id_rsa" -P '' [ -d /root/.ssh ] || mkdir /root/.ssh - cat /home/${USER}/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys + cat "/home/${USER}/.ssh/id_rsa.pub" >> /root/.ssh/authorized_keys fi -$SUDO mkdir -p ${PROVIDERDIR}/files/nodes/${NODE} +$SUDO mkdir -p "${PROVIDERDIR}/files/nodes/${NODE}" sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" -chown ${USER}:${USER} ${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub +chown "${USER}:${USER}" "${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub" -$LEAP $OPTS add-user --self -$LEAP $OPTS cert ca -$LEAP $OPTS cert csr -$LEAP $OPTS node add $NODE ip_address:"$(facter ipaddress)" couch.mode:plain services:"$services" tags:production +$LEAP "$OPTS" add-user --self +$LEAP "$OPTS" cert ca +$LEAP "$OPTS" cert csr +$LEAP "$OPTS" node add "$NODE" ip_address:"$(facter ipaddress)" couch.mode:plain services:"${services:?}" tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json -$LEAP $OPTS compile +$LEAP "$OPTS" compile -$LEAP $OPTS node init $NODE +$LEAP "$OPTS" node init "$NODE" if [ $? -eq 1 ]; then echo 'node init failed' exit 1 @@ -46,7 +46,7 @@ fi # workaround is to install rake as gem gem install rake -$LEAP $OPTS -v 2 deploy +$LEAP "$OPTS" -v 2 deploy # Vagrant: leap_mx fails to start on jessie # https://leap.se/code/issues/7755 @@ -62,7 +62,7 @@ echo '===============================================' echo 'testing the platform' echo '===============================================' -$LEAP $OPTS -v 2 test --continue +$LEAP "$OPTS" -v 2 test --continue echo '===============================================' echo 'setting node to demo-mode' @@ -73,13 +73,13 @@ postconf -e default_transport='error: in demo mode' curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testuser&user%5Bpassword_salt%5D=7d4880237a038e0e&user%5Bpassword_verifier%5D=b98dc393afcd16e5a40fb57ce9cddfa6a978b84be326196627c111d426cada898cdaf3a6427e98b27daf4b0ed61d278bc856515aeceb2312e50c8f816659fcaa4460d839a1e2d7ffb867d32ac869962061368141c7571a53443d58dc84ca1fca34776894414c1090a93e296db6cef12c2cc3f7a991b05d49728ed358fd868286" curl -s -k https://localhost/1/users.json -d "user%5Blogin%5D=testadmin&user%5Bpassword_salt%5D=ece1c457014d8282&user%5Bpassword_verifier%5D=9654d93ab409edf4ff1543d07e08f321107c3fd00de05c646c637866a94f28b3eb263ea9129dacebb7291b3374cc6f0bf88eb3d231eb3a76eed330a0e8fd2a5c477ed2693694efc1cc23ae83c2ae351a21139701983dd595b6c3225a1bebd2a4e6122f83df87606f1a41152d9890e5a11ac3749b3bfcf4407fc83ef60b4ced68" -echo -e '\n===========================================================================================================\n\n' -echo -e 'You are now ready to use your local LEAP provider.\n' +printf '\n===========================================================================================================\n\n' +printf 'You are now ready to use your local LEAP provider.\n' echo 'If you want to use the *Bitmask client* with your provider, please update your /etc/hosts with following dns overrides:' $LEAP list --print ip_address,domain.full,dns.aliases | sed 's/^.* //' | sed 's/, null//g' | tr -d '\]\[",' echo 'Please see https://leap.se/en/docs/platform/tutorials/vagrant#use-the-bitmask-client-to-do-an-initial-soledad-sync for more details how to use and test your LEAP provider.' -echo -e "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" -echo -e 'The LEAP webapp is now available at https://localhost:4443\n' -echo -e 'Please add an exception in your browser dialog to allow the self-signed certificate.\n' +printf "\nIf you don't want to use the Bitmask client, please ignore the above instructions.\n" +printf 'The LEAP webapp is now available at https://localhost:4443\n' +printf 'Please add an exception in your browser dialog to allow the self-signed certificate.\n' -- cgit v1.2.3 From d2dc27738a26b824f42da3fdea527be072867678 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 23 May 2017 13:23:43 +0200 Subject: [vagrant] Move $OPTS to vagrant config --- tests/example-provider/vagrant/configure-leap.sh | 21 ++++++++++++--------- tests/example-provider/vagrant/vagrant.config | 2 +- 2 files changed, 13 insertions(+), 10 deletions(-) (limited to 'tests') diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh index a8c0ff20..2ea2f178 100755 --- a/tests/example-provider/vagrant/configure-leap.sh +++ b/tests/example-provider/vagrant/configure-leap.sh @@ -1,5 +1,8 @@ #!/bin/sh +# Exit on failure +set -e + # shellcheck disable=SC1091 . /vagrant/vagrant/vagrant.config @@ -14,7 +17,7 @@ mkdir -p "$PROVIDERDIR" chown "${USER}:${USER}" "${PROVIDERDIR}" cd "$PROVIDERDIR" || exit -$LEAP "$OPTS" new --contacts "${contacts:?}" --domain "${provider_domain:?}" --name "${provider_name:?}" --platform="$PLATFORMDIR" . +$LEAP new --contacts "${contacts:?}" --domain "${provider_domain:?}" --name "${provider_name:?}" --platform="$PLATFORMDIR" . printf '\n@log = "./deploy.log"' >> Leapfile if [ ! -e "/home/${USER}/.ssh/id_rsa" ]; then @@ -27,15 +30,15 @@ $SUDO mkdir -p "${PROVIDERDIR}/files/nodes/${NODE}" sh -c "cat /etc/ssh/ssh_host_rsa_key.pub | cut -d' ' -f1,2 >> $PROVIDERDIR/files/nodes/$NODE/${NODE}_ssh.pub" chown "${USER}:${USER}" "${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub" -$LEAP "$OPTS" add-user --self -$LEAP "$OPTS" cert ca -$LEAP "$OPTS" cert csr -$LEAP "$OPTS" node add "$NODE" ip_address:"$(facter ipaddress)" couch.mode:plain services:"${services:?}" tags:production +$LEAP add-user --self +$LEAP cert ca +$LEAP cert csr +$LEAP node add "$NODE" ip_address:"$(facter ipaddress)" couch.mode:plain services:"${services:?}" tags:production echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json -$LEAP "$OPTS" compile +$LEAP compile -$LEAP "$OPTS" node init "$NODE" +$LEAP node init "$NODE" if [ $? -eq 1 ]; then echo 'node init failed' exit 1 @@ -46,7 +49,7 @@ fi # workaround is to install rake as gem gem install rake -$LEAP "$OPTS" -v 2 deploy +$LEAP -v 2 deploy # Vagrant: leap_mx fails to start on jessie # https://leap.se/code/issues/7755 @@ -62,7 +65,7 @@ echo '===============================================' echo 'testing the platform' echo '===============================================' -$LEAP "$OPTS" -v 2 test --continue +$LEAP -v 2 test --continue echo '===============================================' echo 'setting node to demo-mode' diff --git a/tests/example-provider/vagrant/vagrant.config b/tests/example-provider/vagrant/vagrant.config index ff5dd38f..07222c3f 100644 --- a/tests/example-provider/vagrant/vagrant.config +++ b/tests/example-provider/vagrant/vagrant.config @@ -18,4 +18,4 @@ NODE='node1' SUDO="sudo -u ${USER}" PROVIDERDIR="/home/${USER}/leap/configuration" PLATFORMDIR="/srv/leap_platform" -LEAP="$SUDO /usr/local/bin/leap" +LEAP="$SUDO /usr/local/bin/leap $OPTS" -- cgit v1.2.3 From 85c0f8a67188902c36558d97651c2801849112f1 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 23 May 2017 13:28:54 +0200 Subject: [vagrant] Use private networking IP from eth1 if present --- tests/example-provider/vagrant/configure-leap.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/example-provider/vagrant/configure-leap.sh b/tests/example-provider/vagrant/configure-leap.sh index 2ea2f178..7a1efc71 100755 --- a/tests/example-provider/vagrant/configure-leap.sh +++ b/tests/example-provider/vagrant/configure-leap.sh @@ -33,7 +33,16 @@ chown "${USER}:${USER}" "${PROVIDERDIR}/files/nodes/${NODE}/${NODE}_ssh.pub" $LEAP add-user --self $LEAP cert ca $LEAP cert csr -$LEAP node add "$NODE" ip_address:"$(facter ipaddress)" couch.mode:plain services:"${services:?}" tags:production + +# Try to see if there's a private IP for eth1 +# Otherwise take eth0 +# (virtualbox and libvirt backends behave differenently setting up +# direct accessible private networks. +# see https://www.vagrantup.com/docs/networking/private_network.html +IP="$(facter ipaddress_eth1)" +[ "$IP" = '' ] && IP="$(facter ipaddress_eth0)" +$LEAP node add "$NODE" ip_address:"${IP}" couch.mode:plain services:"${services:?}" tags:production + echo '{ "webapp": { "admins": ["testadmin"] } }' > services/webapp.json $LEAP compile -- cgit v1.2.3 From f89abb94469717e7c35ba01b30b17a320eba4c72 Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 16 Jun 2017 13:49:35 +0200 Subject: [CI] Use master branch of leap_cli We moved from develop to master some time ago so we should use master for CI testing as well. --- tests/platform-ci/Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile index 36f556e5..6ec76b2e 100644 --- a/tests/platform-ci/Gemfile +++ b/tests/platform-ci/Gemfile @@ -13,5 +13,5 @@ group :test do # Use puppet-catalog-test from git because last released gem 0.4.2 gives a deprecation # warning: "[DEPRECATION] `last_comment` is deprecated. Please use `last_description` instead." gem "puppet-catalog-test", :git => 'https://github.com/invadersmustdie/puppet-catalog-test.git' - gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git', :branch => 'develop' + gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git' end -- cgit v1.2.3 From c6ffb01f98f5c78bf25634d57cd05fb57f25c085 Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 16 Jun 2017 13:44:08 +0200 Subject: [CI] Use older commit for puppet-catalog-test After `puppet-catalog-test` has been recently updated it failed in our CI with: File[/etc/apt/sources.list] has notify relationship to invalid resource Exec[apt_updated] See #8814 for more details. Resolves: #8814 https://github.com/invadersmustdie/puppet-catalog-test/commit/ac386793c2c456d2071dd0adda716224128f0bb3 --- tests/platform-ci/Gemfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile index 6ec76b2e..51e2c17b 100644 --- a/tests/platform-ci/Gemfile +++ b/tests/platform-ci/Gemfile @@ -12,6 +12,6 @@ group :test do gem "mocha" # Use puppet-catalog-test from git because last released gem 0.4.2 gives a deprecation # warning: "[DEPRECATION] `last_comment` is deprecated. Please use `last_description` instead." - gem "puppet-catalog-test", :git => 'https://github.com/invadersmustdie/puppet-catalog-test.git' + gem "puppet-catalog-test", :git => 'https://github.com/invadersmustdie/puppet-catalog-test.git', :ref => 'ac386793c2c456d2071dd0adda716224128f0bb3' gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git' end -- cgit v1.2.3 From eb904e99e5f2a8ec77feca52f2a076bec1d0383a Mon Sep 17 00:00:00 2001 From: Varac Date: Sat, 17 Jun 2017 18:05:58 +0200 Subject: Renewed commercial cert for platform CI --- .../provider/files/cert/example.org.crt | 58 ++++++------- .../provider/files/cert/example.org.csr | 46 +++++----- .../provider/files/cert/example.org.key | 98 +++++++++++----------- 3 files changed, 101 insertions(+), 101 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/provider/files/cert/example.org.crt b/tests/platform-ci/provider/files/cert/example.org.crt index 7de2982d..174cac51 100644 --- a/tests/platform-ci/provider/files/cert/example.org.crt +++ b/tests/platform-ci/provider/files/cert/example.org.crt @@ -1,31 +1,31 @@ -----BEGIN CERTIFICATE----- -MIIFbDCCA1SgAwIBAgIRAJW2X9xbiBvmbN1kMlRVKtQwDQYJKoZIhvcNAQELBQAw -SjEQMA4GA1UECgwHRXhhbXBsZTEcMBoGA1UECwwTaHR0cHM6Ly9leGFtcGxlLm9y -ZzEYMBYGA1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDYxMTAwMDAwMFoXDTE3 -MDYxMTAwMDAwMFowKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs -ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU -m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz -rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m -CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 -YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd -qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm -CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP -+2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 -vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g -TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc -dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR -2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABo28wbTAdBgNVHQ4EFgQUS7rm3WfC -psxoh4i7q0YbTbMZWuIwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMB -MAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUlhC2wfrVFzGrtuzcA0mkO+yn9bgwDQYJ -KoZIhvcNAQELBQADggIBAKxeVSMEpUOdBO1zmwd5NtugOlYV3/Gu9GqmUQdlB4FF -Wt6sKJmYYByNquKT79oJLb9dgUPw8qQiHCB+MAsjB4PpHvMRlpgrcDGsI8+esnfG -dJny+82aRIFZ2KnNbH8FchcCh4bviaY+DE9kyJNHILk0ujICXabR0G6ArVISTbyB -C+6BdFyKTT5zj9mtkiTgvZchlKCmOmvh/HeCONu6MGYbqcqp41RA3g1eEjFoROKO -wmf65VvfOBeb9VydOTICh/bJWRSmAMJqWxbOiV8+Ldufi0vXMcOhEfsyo316xxRq -1GMb5xVihtCxj/+qBKNoun4k9LTmUvComuPakbtEPT2QbxiTvqCbXsWHPoRwCKEj -RcFPsxWAnUslzqSl1b0oLaE1zNjBmB/Zd82i2MC4PncLC2hLHtAU1imRZKP6rnHx -cb1NyFLS0FmIPqZUz9qcY2Tj3GbjqYqRi/sXNKrR2axAUx+jGI/Ie7Zsqa4VZA0A -ZsiF0BGN3RTCYHuoJbXfEVFQ3o97JGNC3t07u9XhVuC0fjCiQu5PBbMRHSSvtBdN -+LSrhR5j4aiCmppgQSeTtoKSIS3EiOzDtawdewxhffK+co0pGnO3nox+iINvSIQ5 -IevAREmZ2ytjFDU/kVFFlINesFsLRouO37DUf2Kjxaa0RgkCBHpOnTAAD7bXiSaJ +MIIFazCCA1OgAwIBAgIQbk9ZqiquHG3E0IiLALe2pjANBgkqhkiG9w0BAQsFADBK +MRAwDgYDVQQKDAdFeGFtcGxlMRwwGgYDVQQLDBNodHRwczovL2V4YW1wbGUub3Jn +MRgwFgYDVQQDDA9FeGFtcGxlIFJvb3QgQ0EwHhcNMTcwNjE3MDAwMDAwWhcNMTgw +NjE3MDAwMDAwWjAoMRAwDgYDVQQKDAdFeGFtcGxlMRQwEgYDVQQDDAtleGFtcGxl +Lm9yZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL3GmkcYpqzivoha +Fc1G2DgRpm658t27ELp6qk4iwjZ8IZMnQl3N9ZMmbU+jFWg+ZvNETZoi91bOgnPh +PtXnGEP71Cgt47+rJ5WvwcvlAvizlvMf7mqrDhFzAqKX7kLdP+akFfC/Wjf9wh3M +FvTxZOb3uhNHUesPMe/OORU0i2r3QzHwCTXc99c8FR0xYRdX9Cr6ig4irdbgmwbd +BKRE3q23dVJXUTqNzHc46a3j9KlfE9k1hJy0k0gpuDOliZslicIG/BljbeJqH2tW +GeJrovnO6THOft7SaUV1hJQtIxAj0YY2a0MMUbKitvmRZ+oPZusGQFl+RA7b0vxe +UK3hTO6oSGGVqBhSe4T52EBJ74c0FOJdG1Hp65t6DN/HS0rO8cQRA7EVFxwMnnvo +tf9E1O7Zv6URY+lU8Pr3aBIzYVE1XIvmZIj60Bst87mRz1tGsWf99hDxWyFaesVq +g5EI5G9rKf1CZyQyTTwhfLbr4wsJo+S3Y4zSP0xyOypaTiZwydWVb/4J5MBlaNs7 +ZMU3gugp9hEn4BzYzk8lxcqChKMl3rFdjWPkSl2/tP39WvVo/T088vKS6v/1Rq4n +0Iz33d3FbayBNlHMZjHPmwgbvL5YKjnEtkQyi+6isBt8g/4KLxZZbN5udyrCJW7n +3xGj3DYokhOZVt7rpiMAgqHAEB0VAgMBAAGjbzBtMB0GA1UdDgQWBBSvA0QXoIqX +2Pf+Gb+va4aEdTxTsTALBgNVHQ8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw +CQYDVR0TBAIwADAfBgNVHSMEGDAWgBSWELbB+tUXMau27NwDSaQ77Kf1uDANBgkq +hkiG9w0BAQsFAAOCAgEAAfI9WvIw+HdtcNtnmpIqNP9o2S+QfVd75jEnslV/NDIS +chZOeS2OnGLsV2oxh4EypRnAAIUTRF49k9gE6i9g+E4YGEOCmLzwHHm8VAiz1UNP +Gubn1vNUfwk5Ct4lZWgb4QxrJQ+7AjIX+742D9fvfb3aP8sEWxmq4kfTZDxbjtGz +mIUQ9Dtd5Ck00LU/eJv4dcsTf6vSjkc/QL+aan3o2J/6wUXWLH00kOHnXex4eofd +DJok7rL9E5HbFlCup2bmUgeQEx8keegG2TEQgt61JMrwQjh9EsuA69AMLiDSlfhv +WOreUjPZCHRDtLhZJD54AvMuDWo7p8lcKyVBo4jkwx80qkfnZgh81lWIuYxIOB+y +VfyEy0+jSCc9Jub/57HADMj29hxkpT6FYPzMPk+tInxL8Z5iwb0UQ/fVNX2mgXwp +U5E+M4OYaNi9xo2992xd6rok8Lnkaq27tUVV0ZiMLfe8Njv1UQLV2hTiPzSntwsK +SYHtN8mavrl6tdqU5F5V+GydAXfcmEKQnV3AxOYTFsfjotSbipBRGfAoRksmRGiH +8dT5jWpi/Nvta+azn55029ej1AVuD7nWMhT+7mYvfmiSqzItorI28+g0P2jSBOTf +t4MfXLecy4mnqIWM4ciHAVF6UMWJbnTSc0DwEQAgpdw21CoPp6/BERLI9frvU7o= -----END CERTIFICATE----- diff --git a/tests/platform-ci/provider/files/cert/example.org.csr b/tests/platform-ci/provider/files/cert/example.org.csr index 95e8b65d..5d1dfc77 100644 --- a/tests/platform-ci/provider/files/cert/example.org.csr +++ b/tests/platform-ci/provider/files/cert/example.org.csr @@ -1,27 +1,27 @@ -----BEGIN CERTIFICATE REQUEST----- MIIEqzCCApMCAQAwKDEQMA4GA1UECgwHRXhhbXBsZTEUMBIGA1UEAwwLZXhhbXBs -ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDFuKIL//hf5cjU -m18q5fSUyvwtmWREJPaVp+CiWiGJHmxFAiWMGuAFRRChhZ4SYmnEscNda0f6ntPz -rO+XjhQeA05bIYD9JcFT25Jg4kSX4pQ0+pK2vuHqk4ascZgOOaq4fN8SXD6ZiL3m -CONDRzbnZVR2LqsdCbEqIuHlo7VK7MO8/9A+rF7wKLVatBtk25uSWMQPt0Q41gw6 -YTV447SltFH3fgUZnNR6p7Oxpsi3qEWlt2vZMIa5xdq4ge2dx1GgC8oSBx1XT/Yd -qu//GECAH5XsZsAaPXDuor1iTbWELzHyGrQ7V80e67lE2lxoaHxRCOE/NDUU6UXm -CqXwhdBHarHehOCGSDXvHEwAH5zpV77XOm2bIoZmCjM1fRk5p2S3GmXteCdvCxBP -+2wECnRXuwN2aICrBk7sZ9FieRsYao8GZN/A7ZY24pf7CMEBsgjYktTjAwUb21m6 -vmmzt93dEVJgkd8LASFmoXn+YAIGF0/fD5ZutlsAsBfodoCH9JKBi25nVVTEQW8g -TzUegTC3PUqnathWv4gZIYDG1ZUDxjk30beNmXV2XudASmP7NG4uSlQwGAEWn+cc -dzOnRxR0BQpkMMNEV/HmJVuSV5Ak4DkruSXGjLpzi30BjJ8obx85YAusIrhWRUrR -2oz6gqDUnwq3Nkr3Nk45iOEDC0cZnwIDAQABoD4wPAYJKoZIhvcNAQkOMS8wLTAJ +ZS5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9xppHGKas4r6I +WhXNRtg4EaZuufLduxC6eqpOIsI2fCGTJ0JdzfWTJm1PoxVoPmbzRE2aIvdWzoJz +4T7V5xhD+9QoLeO/qyeVr8HL5QL4s5bzH+5qqw4RcwKil+5C3T/mpBXwv1o3/cId +zBb08WTm97oTR1HrDzHvzjkVNItq90Mx8Ak13PfXPBUdMWEXV/Qq+ooOIq3W4JsG +3QSkRN6tt3VSV1E6jcx3OOmt4/SpXxPZNYSctJNIKbgzpYmbJYnCBvwZY23iah9r +Vhnia6L5zukxzn7e0mlFdYSULSMQI9GGNmtDDFGyorb5kWfqD2brBkBZfkQO29L8 +XlCt4UzuqEhhlagYUnuE+dhASe+HNBTiXRtR6eubegzfx0tKzvHEEQOxFRccDJ57 +6LX/RNTu2b+lEWPpVPD692gSM2FRNVyL5mSI+tAbLfO5kc9bRrFn/fYQ8VshWnrF +aoORCORvayn9QmckMk08IXy26+MLCaPkt2OM0j9McjsqWk4mcMnVlW/+CeTAZWjb +O2TFN4LoKfYRJ+Ac2M5PJcXKgoSjJd6xXY1j5Epdv7T9/Vr1aP09PPLykur/9Uau +J9CM993dxW2sgTZRzGYxz5sIG7y+WCo5xLZEMovuorAbfIP+Ci8WWWzebncqwiVu +598Ro9w2KJITmVbe66YjAIKhwBAdFQIDAQABoD4wPAYJKoZIhvcNAQkOMS8wLTAJ BgNVHRMEAjAAMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq -hkiG9w0BAQsFAAOCAgEAG0IpXLHZpgXtBZHEnGBghrucWnAuhRf0sXauboBVWnwA -5noESIIX/hNq9DdaBba684u1Qga+lZcFsO1Zh/K1Guu74FTNxV2jCLKcX1T+Ymx4 -uRJ1jcdCc+YB/f+ce+pAhFJei/6sKP//MtYIBHlbe8aGQx1yVPJ5oSb4yS9Hloe4 -DuM0bp6ZXhXFv4YxxxDbaTMs9D46AKnqXV0rLe8WwHH1Mbdxl0bi7roZ3/1NPYsg -diUMWQlnrR1d1xxUG7x+PJRpPcN3GmZQ0WyZoNrIQA7OLEg6nM8T4sQX5OZFdQrQ -KQJyX8+Cc8j/UtPrPIPgch6iYX32e+1wTAP82npw1KMELxRsxjX6ERl65apkADFa -w6LrCFtUQApWY/vZPz88udzSxVytJL4ZrHJxuZEG1WFE3kPY2Ak5LYw/IVxCDFsL -GVfhb92zkn5iUkULXbwjcTytK3IqXZHl05PW+etGtqbkdh99m8eH1HxolKEgtehm -l7FMD/JrC0GJWhI4Dl0CpvhAsV61pa8f1KmfGFTt+zpS4epSIItWTuSd4tzaXwNq -3K1zJaKHs16VWBFuhH5kle4QGRIuDRPHchBQQg0wgy/sfHuzqbcVNotGZ7qzvnRL -x5eXmWm1HaVKl1NpxbntMY4o9u0WgyzmU0VVsv+oWJj6J88T97rqTNg1Q1Uj8ic= +hkiG9w0BAQsFAAOCAgEAif8FifpW2oup62+Wq/bYozwotreb7UOkaCMo+6ZsTyY3 +XcLoUa/7lM4dX7ZDPujOB3MyvF8mw2fsl7DJO605bjERbjzwyKXKPn4TFpHopPKm +qMJzZT7KHqIdkVUnitsOKysLoIHYV7fTdjspnt4UlyYoJji6lCtAmsVt4mxO3jmf +6EVVyR5fr+cz0n6qwmhjRXGNDHA3CkAV77rLtiK3oYQ7fQ4VY2/3uZpu62nP4u77 +HAuEj4mBsPq5I0+oxFPoM6Yx5dyVrHlPsfl8SzrFbXBCrSQkvEEbbsE3MAuQ+SJS +MVwngXxnpViNHYYl97Lmxc4c2ZxG9eyusFIamDN62adGUkkZqvg0ZQzyVzMnIVYC +jc8h8MxxeQNHSrcPu8wziavA8xRMj0c51Q09gvlVBQmDNxZqib9MSH6U464zilZZ +E/1tEAoNWqmDq0mzzdgY8ShRBOcVfaU+S/K0nRJWKLF/g84d7n5j+P2eJXE7aDkw +6dzqPVjbZk/0BrkTuh895BgjzqjAVvKONdFpZ4ugcYMZX75IqE7ta4DskXD2Fd6v +OQdDqRFhHLS/xVPiLRr981qT3NZMDaezLU/VfJFAsTf8wmgGqtBQqM/N1JWrUU/N +b0ouLa3CohZoM7dY44a137r5/rDTpsv33gES2BVumY8XZzaN+RLJ45I7BqMpLOo= -----END CERTIFICATE REQUEST----- diff --git a/tests/platform-ci/provider/files/cert/example.org.key b/tests/platform-ci/provider/files/cert/example.org.key index 7ca1c512..13adeb7c 100644 --- a/tests/platform-ci/provider/files/cert/example.org.key +++ b/tests/platform-ci/provider/files/cert/example.org.key @@ -1,51 +1,51 @@ -----BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAxbiiC//4X+XI1JtfKuX0lMr8LZlkRCT2lafgolohiR5sRQIl -jBrgBUUQoYWeEmJpxLHDXWtH+p7T86zvl44UHgNOWyGA/SXBU9uSYOJEl+KUNPqS -tr7h6pOGrHGYDjmquHzfElw+mYi95gjjQ0c252VUdi6rHQmxKiLh5aO1SuzDvP/Q -Pqxe8Ci1WrQbZNubkljED7dEONYMOmE1eOO0pbRR934FGZzUeqezsabIt6hFpbdr -2TCGucXauIHtncdRoAvKEgcdV0/2Harv/xhAgB+V7GbAGj1w7qK9Yk21hC8x8hq0 -O1fNHuu5RNpcaGh8UQjhPzQ1FOlF5gql8IXQR2qx3oTghkg17xxMAB+c6Ve+1zpt -myKGZgozNX0ZOadktxpl7XgnbwsQT/tsBAp0V7sDdmiAqwZO7GfRYnkbGGqPBmTf -wO2WNuKX+wjBAbII2JLU4wMFG9tZur5ps7fd3RFSYJHfCwEhZqF5/mACBhdP3w+W -brZbALAX6HaAh/SSgYtuZ1VUxEFvIE81HoEwtz1Kp2rYVr+IGSGAxtWVA8Y5N9G3 -jZl1dl7nQEpj+zRuLkpUMBgBFp/nHHczp0cUdAUKZDDDRFfx5iVbkleQJOA5K7kl -xoy6c4t9AYyfKG8fOWALrCK4VkVK0dqM+oKg1J8KtzZK9zZOOYjhAwtHGZ8CAwEA -AQKCAgAht6KquTP55o2g8/3+qshSt2rZu9bFaChEzSQZi5U8dNuxyPPuOIcLXwO/ -B7I1IGM5D7dpLupPatZqL4uMJMZ5d8bc85GzmcSmMEN+EhfwbssnXbO3RkXwYsgM -kDKF+n+KhoDj+KcUN6VqnQlkZ7iNLVKB9ONpSEXWEazEJG6+IDIhAN7aUTq/abHD -jgM959VX15tXssEHkDj1m64qt2oO9/kiY3MrMvtpD0Atg2unJiL6Z5UUrJnNBFiQ -Llf/GAZrbJdBC8WNJi2qUYQr1E7rindeoQcRcnjXuRjisq3JpOK3jqY9mHN6Wmh1 -vWcUxvysNP90b8q9jipFWHuD0M37kq+BLn5Bub0ypiIkId0CUnAB9MBYcBJlYhai -ZwI1fe0uGFD7XlJbHexTgnLreDAo3FR9CIUDo2HUWqmUNWadAl/rPNRe6+QDDvmP -5v4HiFmSuCjZJOu9x2z/ly1JzM+iCUp+q6BxYYYW/5tDLYAw7sl1uaiLTzZuhrrM -PlO6DNLAQhMn29jeszPHt7iXHdHAHAuYSeHpfeqnAV1qB+6x7UFVZjbDxXkt/Sn0 -+LvCzJUQOwQNlnnzIwVdn8phS3r9TN2rI3dtlvPMWJqgBiheJ9qn2tHjjoPETt9I -hfvw949Gi65D+AFSzowjNUFwDXzphOwETv5tpKCRROhdBRBdwQKCAQEA+L9RsVqT -F+7HyGza+F53mgED5SQoS52vRA2OiAbCgiNjY7JH7bqIpuO4RlgqKo+GKoboCP6D -1CmVGUm/Z8wYspzQs15O/jUO1bZ8KFREt8TquxFtikwyvIXQhUdJhZYUnhfMzV3O -sH1blWhJnSX21rxJWlrkN0I8Zdkl6mjvFa97Kr9UA/pdZd0qgIw5Vi7MFLPC7j2Q -YmTPhNsb0oZMJHGvwENUmuCQDhGiRhQV06R963mTMvxY7LWqUVf6dr7xg89Qt5Yo -AdSHllOxHOMTAa+kZNF1N8UM9S2iJSn6ZeUEOXOJEuosghpE/QIuvo81Txm63G7e -BjU3H7cFqDetfQKCAQEAy3xy2cQ/+GlSIbwXrzBr483Z0jXnvknlCJMh+NCTXObk -idOhhnIuZu+JoAovv2AfKNPvYXotmb1xxmws5RSrlZDGiQQzEwvJPeLN2DnUGqzc -ZPenu64Je6v9L35iRMF8vyx3xf27FC4zmR6nLuZbgfEfQdModqCbTpzh23Cl3mkM -IZFYPhhfnh/pcwccuqfOn0Adt+1X3jvp3QzCh1jkEjhaRB5qjt58nlmxA2EKYv1w -OzSTH9owqsCMmdrqzR7iKh59LrfOfggJbhHCyrORZ/S8h5lwqIk3+zLMrwGSvkXL -tuKLXtkX/Xy98cbHwk5M/bf3hH6I5njlsssFsS8+SwKCAQEAxCzu2raaJ1fUDAd9 -sj+eh8ChN8gKV4hmv38Jl9Hs+QG70ta5z407VJNns2K47pP+te9rdBx2D48z3ZvB -7rSSDduK5MtN9UIXDwk6Zfv/rgcJMLuP7nAl23SVfWc5Xrd8TypqBNUkuyBCaFS1 -KdDVGYmpOC9SqRn91D0rn/FeDXY15wK52eFMY5fHe1YbqhKCNRmIdKftBQyIdTjw -elocFunqN/Fh+jt8oPvbRPV2OVITVPCu3JkT8KtdRYXjLF9uzgtkl0U/DCJ3RGGA -301eogfJ2REwJumrTHnO1QyERHQXns+1nUs+CuV43ykngHYlDts1+b8eLzss3EBV -n9M5aQKCAQEArqKmmtg/on0ZPNSFaxfecEq5lxwmQHyAsMQ9UqIG5qNOHi9fn9gc -lMEdVxmG8vKWq16AQiMuQZSBsa4jNZNw0tLGYM8W2lCyLIea6+htbVtPZuPYs0zg -3J+1ke4gfiukWRnbzTM+PEqOg+n3x1txy2pZzg9f2bdqsqQXflIGOIPlImXv2pLm -dPmkS9Edyd+8h5XqK3DpiVPYGJsb1Dbove5ZIb8M6oJtZyVIssK0vFIP4O/1GFAU -lmbcBCsKenH33ff+rXqYIDfbh/h8OaS0tQgoSSPZuPrS7aYiXku2Wc/izplMzWD5 -otZM2dQkmlDC6LjbF33VFh9J2xE8WF1YUwKCAQAeJYro7nBxM0eOmof1ty24UPfg -jx72sH/FpgKIyvZ4yQoreNUc4TVsy5QMIVd0G966CRgvzaE0vcBHm//7YCXHtIa9 -ihqmYDo7SoaF7nZNjxJIxyQVPY0+Kntkwz0XAX0IbJ0nMx+3x6d5UhbQbxFVKe7X -5WmOMb0ro9NLaCvh5IUxSHsG/a8hYRqoX3tZbPRvTJMZMTMxWslsscWINNu/80KS -ggpD9Uu9hdVwT7yavl6JKC3ypRdBzmpKZfiLt5CTFex+XGIgKLHVqbHxXu487YsL -AlexBvk1/RKMTHIgUl7uMmaJsUSD+ME4SWuU9cW115kwp+JBMXES4ZfWnRHZ +MIIJKAIBAAKCAgEAvcaaRximrOK+iFoVzUbYOBGmbrny3bsQunqqTiLCNnwhkydC +Xc31kyZtT6MVaD5m80RNmiL3Vs6Cc+E+1ecYQ/vUKC3jv6snla/By+UC+LOW8x/u +aqsOEXMCopfuQt0/5qQV8L9aN/3CHcwW9PFk5ve6E0dR6w8x7845FTSLavdDMfAJ +Ndz31zwVHTFhF1f0KvqKDiKt1uCbBt0EpETerbd1UldROo3MdzjpreP0qV8T2TWE +nLSTSCm4M6WJmyWJwgb8GWNt4mofa1YZ4mui+c7pMc5+3tJpRXWElC0jECPRhjZr +QwxRsqK2+ZFn6g9m6wZAWX5EDtvS/F5QreFM7qhIYZWoGFJ7hPnYQEnvhzQU4l0b +Uenrm3oM38dLSs7xxBEDsRUXHAyee+i1/0TU7tm/pRFj6VTw+vdoEjNhUTVci+Zk +iPrQGy3zuZHPW0axZ/32EPFbIVp6xWqDkQjkb2sp/UJnJDJNPCF8tuvjCwmj5Ldj +jNI/THI7KlpOJnDJ1ZVv/gnkwGVo2ztkxTeC6Cn2ESfgHNjOTyXFyoKEoyXesV2N +Y+RKXb+0/f1a9Wj9PTzy8pLq//VGrifQjPfd3cVtrIE2UcxmMc+bCBu8vlgqOcS2 +RDKL7qKwG3yD/govFlls3m53KsIlbuffEaPcNiiSE5lW3uumIwCCocAQHRUCAwEA +AQKCAgAq/Vhpjp4DQAIlZTLXI5tLaEQphRoNPJkXhT4bISiZqxj3+sa/9S4SPXw5 +tBnfWXN83BYwOoeJNJK8qWPQlN8cV2nCCFM1UhJPiFcAV0qLCDPDs5IQu9sd/M22 +A3DH2NLm7njB5rcLRAK7OUZiCmTvJWMThu55ryGCz1aDBTon6wdfwp5zgzDpowSt +bkguP5BiRAsOFLEIoiy8K0kn5SoEdDCxjHIsL38H6u6Uo7UCwTT/2W3HCejrSfge +SvuXF7PTLj3hinKT/bJMYF7Quc1bhZGx5LM8yrFqOKrl3iu5NkP6gU1fDOVc8Bs/ +Ab9meEK6LtpY64+DRizPWpYwLX99lMlGS1v8GsLuAPCbQ4RGJLRl2nUsrowk8xI1 +BSVEv+QcYB0Tp5CeOa+ejsI23HczmSBW6j4sqx1/vTu5tKxtvxppKOjkV4rrbAnv +mK6NPpUo3bVtUJIejVALE2PlXLM6XlZJinLPKFfOGRQ9VTdgVsQS6oHfoxknzxCy +MHtzxNt/ZLCzWa0uszta6kjta0qburn/q9DAGwC65W/BeSzc79qaEOf2bdNSHxeD +1ENnKGN3G3PUGCH9/Fs6bEX6/bX0WihfOq2XTxBNs0jcjCycHXvOGTp7jRFjbaIs +a87b6whFLL52oKEqpq6o7JqXa8I/Pn0eBp07Soos5WWfHtLsgQKCAQEA56U80Jjt +iAZMoxLDRNY0WsYavvLlarZISbHy51eYl54c1YNvnmPheSddRoRW+AWQQ1iQ710z +p/KMm7D81PArUplIe8GutbqqvmezsIQqvCUbWC672KiA7xH6zGKlnRmqryefare6 +nvR48sEcsfwywoW7v6yg2ZzY9uz6FcHuN27pHk+b2oMd1qGeSSVuhqZ1XUPFqAF2 +IcxVMd4upsFLCVz94kqOcyYHAUNHZ8ANaT6EATF4bRbccmGzjo8PiS0mhUCL8nVh +2tcB6fsT1i0sJ19e1cPBgmxy2pOc25D8aldt6Bds0lQl0Zhfl63/R1o00S0z4Mgt +9/LycTKuL0fTZQKCAQEA0bpwQHNLF7nwtfsLNZifXApHNNmiiyBvK/SQqqn2wdA3 +l8Ol6hcborYfuwvL+5dTi79DIROF9RqpWoRwlMq0XIAldW4H46KUWuZrtfDD0T2B +VFB4nlihMCZT2lOsDrNMcykZGLAb49u0GKeyNE1z2RiLR/zTQvD2mVXSt7UVNsgA +xnInCF3wN1oMZOu2N5paXAfiw7L91ZVpacV8LtZhGaby6Y0hjy9Oh1/DjjQb+aFH +r2A7AIMFtUtKIpy4ymBBcJWH952fVdImAZWcYUTMILj/eOML9KIc/iAdaLZzgPA+ +cged1qGIEDjq1pjyhgB83NHPjQwN9+qnuJ6KD5d/8QKCAQBCKQGLmoINHa95y/wV +hxCA9J/i9cDsj49p7Pcxd+VPOIuHt/iDRoe5cLLFVzr3r68abQtIMlh0mWPre8ta +jhXxi3IWVqUtpljp9Phva/BAuGBs+TwRj17z6TC2e15N1mzXhfuUIVGd4LlCrEEj +3KIqyMNs5UMzpAabz+dFm5QMJRNT4uziphw5lwN8ZMKClrxinN6xM2moEZIroge0 +/PQPgo3Iuf6hiLTreWnFiibKbl6JcLWygpsH2DvOdbG8PjcIS/0sjLYcKNiVGW76 +9v/rZuPRLg3w0ESlhQ+B7pEJVls/tKESGZKLoHd8/OcyW+NF8yEkDEiEztDL3+u7 ++Um5AoIBAEQZZZmH1jo+BgsRGPKuPBCGxdhDUqQaQ/7hypef2J/WHDcLMDRyjGao +/GSfz/xBhr85u3JiBH0xywu5NVUa/LWMZp1avPUNNV7OsurA4tRuRDA8cO35mV0p +FNEvmg6r6Yb7MUry5Bt4m2HmEdcpzxQPBCq7zV1PIMNpOqKsCddf2eCV8FanKfjP +JHcgkmo7lFuNs/QXipRvj2ro1QngUmch7n4ndV4o3jbWwYjLIspLtBseBAqGgLP9 +XnUermIIHzePVjbw12vmcLDTA5QR4rY9W7bFAnzMpt1dUC9QDvEvERe1oWqvyJ57 +3MURpK4eOmz5M4t4/pAhgZRQ5kNpzgECggEBANT1KAU4EvXxYXpYaq9O9YTQnSbH +8HBxsN2TeKEb29EyFHRhd5TxdV1/wDcRY4uqopIN8/xsLFqoOWyPLn/23bwpAuU9 +YskLKnQspN4w2Eyn0b9K4cF3SigwmlEEqDk8sxTtZ5iv7olE5GaeoZiQQ8yS3oZc +QWVe6gierK0XdwnuPvE4Yio3gMFxuy1PrMPJj9JyKjWIvT6ODF7nWYRdnwPTfqKA +cxXoPKajyk2LVAXt9qQao/o6/AWeyZhgPhFiT9NUEFiBcmnUTq8xblOXpbZev6eC +nUKF5Oy9r4aI9eafeLWhVqTmXLUtExLjfL6rmLu+HlOdd9SYpYEIdCzMIe8= -----END RSA PRIVATE KEY----- -- cgit v1.2.3 From 16c8f00a6a6e388f8a8f8b831d7e507f8cb67c78 Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 23 Jun 2017 20:13:18 +0200 Subject: Use default apt component for CI Resolves: #8828 --- tests/platform-ci/provider/common.json | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 tests/platform-ci/provider/common.json (limited to 'tests') diff --git a/tests/platform-ci/provider/common.json b/tests/platform-ci/provider/common.json deleted file mode 100644 index e5096c47..00000000 --- a/tests/platform-ci/provider/common.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "sources": { - "platform": { - "apt": { - "basic": "http://deb.leap.se/platform", - "component": "snapshots" - } - } - } -} -- cgit v1.2.3 From ef455a41d6529898a2d8848e65e464705729e661 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 28 Jun 2017 15:26:11 -0700 Subject: platform test - pin ruby version to 2.1.10 when using rbenv, since that is the latests that will work. --- tests/platform-ci/.ruby-version | 1 + 1 file changed, 1 insertion(+) create mode 100644 tests/platform-ci/.ruby-version (limited to 'tests') diff --git a/tests/platform-ci/.ruby-version b/tests/platform-ci/.ruby-version new file mode 100644 index 00000000..8dbb0f26 --- /dev/null +++ b/tests/platform-ci/.ruby-version @@ -0,0 +1 @@ +2.1.10 -- cgit v1.2.3 From 30a4bc4eba4654de8e5bd56a083a78b474a2a6ff Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 15:30:52 +0200 Subject: [CI] Pin leap_cli so fog-aws is installed --- tests/platform-ci/Gemfile | 2 ++ 1 file changed, 2 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile index 51e2c17b..44a8637d 100644 --- a/tests/platform-ci/Gemfile +++ b/tests/platform-ci/Gemfile @@ -13,5 +13,7 @@ group :test do # Use puppet-catalog-test from git because last released gem 0.4.2 gives a deprecation # warning: "[DEPRECATION] `last_comment` is deprecated. Please use `last_description` instead." gem "puppet-catalog-test", :git => 'https://github.com/invadersmustdie/puppet-catalog-test.git', :ref => 'ac386793c2c456d2071dd0adda716224128f0bb3' + # Install fog-aws because the gem dependency of leap_cli is now optional + gem "fog-aws" gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git' end -- cgit v1.2.3 From 9f315d37968f0135deb3fadcdf6cf54278153de0 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:20:30 +0200 Subject: [CI] Check for mandatory env variables on platform builds --- tests/platform-ci/ci-build.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 34876a73..e2485c0a 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -54,6 +54,11 @@ else } fi +fail() { + echo "$*" + exit 1 +} + deploy() { LEAP_CMD deploy "$TAG" } @@ -73,6 +78,11 @@ build_from_scratch() { # Dsiable xtrace set +x + + [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." + [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." + [ -z "$SSH_PRIVATE_KEY" ] && fail "\$SSH_PRIVATE_KEY is not set - please provide it as env variable." + /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x -- cgit v1.2.3 From a3fc434020da4ea8fb447536fd37906ca0a8d890 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:40:57 +0200 Subject: [CI] Use CI_JOB_NAME to determine what action to take --- tests/platform-ci/ci-build.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index e2485c0a..b554b1d3 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -92,7 +92,7 @@ build_from_scratch() { pwd -# remove old cached nodes + # remove old cached nodes echo "Removing old cached nodes..." find nodes -name 'citest*' -exec rm {} \; @@ -149,16 +149,16 @@ set +x # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x -case "$CI_ENVIRONMENT_NAME" in - staging) +case "$CI_JOB_NAME" in + ci.leap.se) TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - production/demo/mail) + mail.bitmask.net) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - production/demo/vpn) + demo.bitmask.net) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; -- cgit v1.2.3 From 6e7b18f8732e79957aaa2e536b368aef8a9d6ab9 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:47:54 +0200 Subject: [CI] Move more commands into functions --- tests/platform-ci/ci-build.sh | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b554b1d3..abc5fec8 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -68,6 +68,16 @@ test() { } build_from_scratch() { + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_BUILD_ID:-0}" + # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # will conflict with running/terminating AWS instances in subsequent runs + # therefore we pick a random number in this case + [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" + + TAG='single' + SERVICES='couchdb,soledad,mx,webapp,tor,monitor' + # leap_platform/tests/platform-ci/provider PROVIDERDIR="${ROOTDIR}/provider" /bin/echo "Provider directory: ${PROVIDERDIR}" @@ -130,6 +140,12 @@ run() { test } +cleanup() { + # if everything succeeds, destroy the vm + LEAP_CMD vm rm "${TAG}" + [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" +} + # # Main # @@ -163,21 +179,9 @@ case "$CI_JOB_NAME" in run bitmask ssh://gitolite@leap.se/bitmask ;; *) - # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID:-0}" - # when using gitlab-runner locally, CI_BUILD_ID is always 1 which - # will conflict with running/terminating AWS instances in subsequent runs - # therefore we pick a random number in this case - [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" - - TAG='single' - SERVICES='couchdb,soledad,mx,webapp,tor,monitor' build_from_scratch - # Deploy and test deploy test - # if everything succeeds, destroy the vm - LEAP_CMD vm rm "${TAG}" - [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" + cleanup ;; esac -- cgit v1.2.3 From 1bcd200ec20a28a1c360afdf097dc4fcaa9c00a8 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:51:58 +0200 Subject: [CI] Fail when CI_JOB_NAME is not recognized --- tests/platform-ci/ci-build.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index abc5fec8..b02fe89d 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -178,10 +178,13 @@ case "$CI_JOB_NAME" in TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; - *) + deploy_test*) build_from_scratch deploy test cleanup ;; + *) + fail "Don't know what to do for \$CI_JOB_NAME \"$CI_JOB_NAME\"!" + ;; esac -- cgit v1.2.3 From 5816661ab20f2b2641bc3c19dc495b28e531213e Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 17:14:45 +0200 Subject: [CI] Add upgrade tests to ci-build.sh --- tests/platform-ci/ci-build.sh | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b02fe89d..256164ac 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -140,6 +140,29 @@ run() { test } +upgrade_test() { + # Checkout stable branch containing last release + # and deploy this + cd "$PLATFORMDIR" + git remote add leap https://leap.se/git/leap_platform + git fetch leap + git checkout -b leap_stable remotes/leap/stable + cd "$PROVIDERDIR" + build_from_scratch + deploy + test + + # Checkout HEAD of current branch and re-deploy + cd "$PLATFORMDIR" + git checkout "$CI_COMMIT_REF" + cd "$PROVIDERDIR" + deploy + test + + cleanup + +} + cleanup() { # if everything succeeds, destroy the vm LEAP_CMD vm rm "${TAG}" @@ -184,6 +207,9 @@ case "$CI_JOB_NAME" in test cleanup ;; + upgrade_test) + upgrade_test + ;; *) fail "Don't know what to do for \$CI_JOB_NAME \"$CI_JOB_NAME\"!" ;; -- cgit v1.2.3 From c232b863172a4f5b511e64f02882e5a4804c337e Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 17:37:02 +0200 Subject: [CI] Run bundle install after checking out different platform branch --- tests/platform-ci/ci-build.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 256164ac..88856511 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -147,7 +147,13 @@ upgrade_test() { git remote add leap https://leap.se/git/leap_platform git fetch leap git checkout -b leap_stable remotes/leap/stable + # After checking out a different platform branch + # bundle install is needed again + cd "$ROOTDIR" + /usr/local/bin/bundle install + cd "$PROVIDERDIR" + build_from_scratch deploy test @@ -155,6 +161,11 @@ upgrade_test() { # Checkout HEAD of current branch and re-deploy cd "$PLATFORMDIR" git checkout "$CI_COMMIT_REF" + # After checking out a different platform branch + # bundle install is needed again + cd "$ROOTDIR" + /usr/local/bin/bundle install + cd "$PROVIDERDIR" deploy test -- cgit v1.2.3 From 0d304e582d643893f5e139eb5126c793bc82ae6d Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 20:05:17 +0200 Subject: [CI] Fix node name for local tests --- tests/platform-ci/ci-build.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 88856511..9332c12c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -68,12 +68,14 @@ test() { } build_from_scratch() { - # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID:-0}" - # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # when using gitlab-runner locally, CI_JOB_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case - [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" + [ "${CI_JOB_ID}" == "1" ] && CI_JOB_ID="000${RANDOM}" + + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_JOB_ID:-0}" + TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -- cgit v1.2.3 From f365b914662491ab33e6af18e1b02046f6b99538 Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 28 Jun 2017 13:24:39 -0700 Subject: leap_cli - make fog gem optional --- tests/platform-ci/Gemfile | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/platform-ci/Gemfile b/tests/platform-ci/Gemfile index 44a8637d..4cf14e43 100644 --- a/tests/platform-ci/Gemfile +++ b/tests/platform-ci/Gemfile @@ -16,4 +16,5 @@ group :test do # Install fog-aws because the gem dependency of leap_cli is now optional gem "fog-aws" gem "leap_cli", :git => 'https://leap.se/git/leap_cli.git' + gem "fog-aws" end -- cgit v1.2.3 From 9adaa316050e3eed971fe316eb545ba74c562cca Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 12:00:20 -0700 Subject: Fix upgrade_test failure. See https://0xacab.org/leap/platform/-/jobs/14029 for an example. --- tests/platform-ci/ci-build.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 9332c12c..1c9cc416 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -146,7 +146,8 @@ upgrade_test() { # Checkout stable branch containing last release # and deploy this cd "$PLATFORMDIR" - git remote add leap https://leap.se/git/leap_platform + # due to cache, this remote is sometimes already added + git remote add leap https://leap.se/git/leap_platform || true git fetch leap git checkout -b leap_stable remotes/leap/stable # After checking out a different platform branch -- cgit v1.2.3 From b9f562813b5005577bed3f2a40c5eb147696e18c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 13:54:43 -0700 Subject: Additional fix for CI cache failure --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 1c9cc416..5c21bfb7 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -149,7 +149,7 @@ upgrade_test() { # due to cache, this remote is sometimes already added git remote add leap https://leap.se/git/leap_platform || true git fetch leap - git checkout -b leap_stable remotes/leap/stable + git checkout -b leap_stable remotes/leap/stable || true # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" -- cgit v1.2.3 From ff3878a70235206d182116c74c4ac7b3cc1a478f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 14:31:38 -0700 Subject: Fix non-existent CI variable CI_COMMIT_REF (#8844) --- tests/platform-ci/ci-build.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 5c21bfb7..1445f562 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -149,7 +149,10 @@ upgrade_test() { # due to cache, this remote is sometimes already added git remote add leap https://leap.se/git/leap_platform || true git fetch leap + echo "Checking out leap/stable" git checkout -b leap_stable remotes/leap/stable || true + echo -n "Current version: " + git rev-parse HEAD # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" @@ -163,7 +166,10 @@ upgrade_test() { # Checkout HEAD of current branch and re-deploy cd "$PLATFORMDIR" - git checkout "$CI_COMMIT_REF" + echo "Checking out: $CI_COMMIT_SHA" + git checkout "$CI_COMMIT_SHA" + echo -n "Current version: " + git rev-parse HEAD # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" -- cgit v1.2.3 From d3c88e6c1dfca8c5e5804a1b543d50b9f45c05a8 Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 23 Jun 2017 16:33:18 +0200 Subject: Use unqualified path to bundler So users can run it locally when they have `bundler` installed as debian package. --- tests/platform-ci/setup.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/setup.sh b/tests/platform-ci/setup.sh index e92dddc7..c10cb4c8 100755 --- a/tests/platform-ci/setup.sh +++ b/tests/platform-ci/setup.sh @@ -1,5 +1,5 @@ #!/bin/sh which bundle || /usr/bin/apt install bundle -/usr/local/bin/bundle install --binstubs --path=vendor --with=test --jobs "$(nproc)" -/usr/local/bin/bundle exec leap -v2 --yes help +bundle install --binstubs --path=vendor --with=test --jobs "$(nproc)" +bundle exec leap -v2 --yes help -- cgit v1.2.3 From a34d1b14a9a0874bfd6a0c84fa6ac64f2bc3f55a Mon Sep 17 00:00:00 2001 From: Varac Date: Fri, 23 Jun 2017 19:35:52 +0200 Subject: Update tests/platform-ci/README.md how to run platform tests --- tests/platform-ci/README.md | 48 ++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 43 insertions(+), 5 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/README.md b/tests/platform-ci/README.md index 60c17e41..7a44a2fe 100644 --- a/tests/platform-ci/README.md +++ b/tests/platform-ci/README.md @@ -1,15 +1,53 @@ -Continuous integration tests for the leap_platform code. +# Continuous integration tests for the leap_platform code -Usage: +# Setup + cd tests/platform-ci ./setup.sh + +# Run syntax checks and test if catalog compiles + bin/rake test:syntax - bin/rake test:catalog + bin/rake catalog For a list of all tasks: bin/rake -T -To create a virtual provider, run tests on it, then tear it down: +# Full integration test + +You can create a virtual provider using AWS, run tests on it, then tear it down +when the tests succeed. +In order to do so, you need to set your AWS credentials as environment variables: + + export AWS_ACCESS_KEY='...' + export AWS_SECRET_KEY='...' + +If you want to login to this machine during or after the deploy you need to + + export SSH_PRIVATE_KEY=$(cat ~/.ssh/id_rsa) + +then start the deply test with + + ./ci-build.sh + +# Running tests with docker and gitlab-runner + +Another possibility to run the platform tests is to use [gitlab-runner](https://docs.gitlab.com/runner/) +together with [Docker](https://www.docker.com/). + +Export `AWS_ACCESS_KEY`, `AWS_SECRET_KEY` and `SSH_PRIVATE_KEY` as shown above. +From the root dir of this repo run: + + gitlab-runner exec docker --env AWS_ACCESS_KEY="$AWS_ACCESS_KEY" --env AWS_SECRET_KEY="$AWS_SECRET_KEY" --env SSH_PRIVATE_KEY="$SSH_PRIVATE_KEY" deploy_test + +See `.gitlab-ci.yml` for all the different test jobs. + +To ssh into the VM you first need to enter the docker container: + + docker exec -u cirunner -it $(docker ps --latest -q) bash + +From there you can access the test provider config directory and ssh into the VM: - ./ci-build.sh + cd /builds/project-0/tests/platform-ci/provider/ + leap ssh citest0 -- cgit v1.2.3 From 55b784f2ccd6336db4bab9157a8498cb87c562ff Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Jul 2017 15:49:46 -0700 Subject: CI: Cleanup and enhance to specify platform branch Fix indentation; setup some more clear variables. Add a third variable to ensure the proper platform branch is checked out. This is necessary because otherwise environment deploys get stuck because the platform directory is in a detached state and then the environment deploys will not proceed because the branch check fails. This will fix #8843. --- tests/platform-ci/ci-build.sh | 42 +++++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 1445f562..57b874f9 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -128,18 +128,34 @@ build_from_scratch() { } run() { - echo "Cloning $1 repo: $2" - git clone -q --depth 1 "$2" - cd "$1" - git rev-parse HEAD - echo -n "Operating in the $1 directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test + provider_name=$1 + provider_URI=$2 + platform_branch=$3 + + # If the third argument is set make sure we are on that platform branch + if [[ -n $platform_branch ]] + then + echo "Checking out $platform_branch branch of platform" + cd "$PLATFORMDIR" + git checkout -B "$platform_branch" + fi + + # Setup the provider repository + echo "Setting up the provider repository: $provider_name by cloning $provider_URI" + git clone -q --depth 1 "$provider_URI" "$ROOTDIR" + cd "$provider_name" + echo -n "$provider_name repo at revision: " + git rev-parse HEAD + echo -n "Operating in the $provider_name directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + + # Do the deployment + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test } upgrade_test() { @@ -215,7 +231,7 @@ case "$CI_JOB_NAME" in ;; mail.bitmask.net) TAG='demomail' - run bitmask ssh://gitolite@leap.se/bitmask + run bitmask ssh://gitolite@leap.se/bitmask master ;; demo.bitmask.net) TAG='demovpn' -- cgit v1.2.3 From 33b56edf683b82acb3f3d077c1b2e907a1dc02dd Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 27 Jul 2017 14:18:46 -0700 Subject: CI: fix provider checkout Provider checkout was being done to a pre-existing directory, which resulted in an error about the directory already existing (see https://0xacab.org/leap/platform/-/jobs/15730), this should fix that problem. --- tests/platform-ci/ci-build.sh | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 57b874f9..459264d5 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -132,6 +132,16 @@ run() { provider_URI=$2 platform_branch=$3 + # Setup the provider repository + echo "Setting up the provider repository: $provider_name by cloning $provider_URI" + git clone -q --depth 1 "$provider_URI" + cd "$provider_name" + echo -n "$provider_name repo at revision: " + git rev-parse HEAD + echo -n "Operating in the $provider_name directory: " + pwd + + # If the third argument is set make sure we are on that platform branch if [[ -n $platform_branch ]] then @@ -140,14 +150,7 @@ run() { git checkout -B "$platform_branch" fi - # Setup the provider repository - echo "Setting up the provider repository: $provider_name by cloning $provider_URI" - git clone -q --depth 1 "$provider_URI" "$ROOTDIR" - cd "$provider_name" - echo -n "$provider_name repo at revision: " - git rev-parse HEAD - echo -n "Operating in the $provider_name directory: " - pwd + cd "${ROOTDIR}/${provider_name}" echo "Listing current node information..." LEAP_CMD list -- cgit v1.2.3 From 6482a4ccb3d72773cc6d00d5fa7933fa83c4cafe Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 5 Sep 2017 18:24:31 -0700 Subject: Bug: fix vpn network problem caused by vagrant fact Boolean facts must be escaped with str2bool. This commit includes new tests to catch VPN problems like this in the future. --- tests/server-tests/white-box/openvpn.rb | 36 +++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'tests') diff --git a/tests/server-tests/white-box/openvpn.rb b/tests/server-tests/white-box/openvpn.rb index 4eed7eb9..adda34a9 100644 --- a/tests/server-tests/white-box/openvpn.rb +++ b/tests/server-tests/white-box/openvpn.rb @@ -13,4 +13,40 @@ class OpenVPN < LeapTest pass end + def test_02_Can_connect_to_openvpn? + # because of the way the firewall rules are currently set up, you can only + # connect to the standard 1194 openvpn port when you are connecting + # from the same host as openvpn is running on. + # + # so, this is disabled for now: + # $node['openvpn']['ports'].each {|port| ...} + # + + $node['openvpn']['protocols'].each do |protocol| + assert_openvpn_is_bound_to_port($node['openvpn']['gateway_address'], protocol, 1194) + end + pass + end + + private + + # + # asserting succeeds if openvpn appears to be correctly bound and we can + # connect to it. we don't actually try to establish a vpn connection in this + # test, we just check to see that it sort of looks like it is openvpn running + # on the port. + # + def assert_openvpn_is_bound_to_port(ip_address, protocol, port) + protocol = protocol.downcase + if protocol == 'udp' + # this sends a magic string to openvpn to attempt to start the protocol. + nc_output = `/bin/echo -e "\\x38\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00" | timeout 0.5 nc -u #{ip_address} #{port}`.strip + assert !nc_output.empty?, "Could not connect to OpenVPN daemon at #{ip_address} on port #{port} (#{protocol})." + elsif protocol == 'tcp' + assert system("openssl s_client -connect #{ip_address}:#{port} 2>&1 | grep -q CONNECTED"), + "Could not connect to OpenVPN daemon at #{ip_address} on port #{port} (#{protocol})." + else + assert false, "invalid openvpn protocol #{protocol}" + end + end end -- cgit v1.2.3 From d66bbeb065c2f8f38b946e45e77607629a96f2dc Mon Sep 17 00:00:00 2001 From: Varac Date: Wed, 13 Sep 2017 22:53:53 +0200 Subject: CI: Use master branch for demo.bitmask.net deploy Commit 55b784f2 fixed this for mail.bitmask.net, but not for demo.bitmask.net. See https://0xacab.org/leap/platform/commit/55b784f2ccd6336db4bab9157a8498cb87c562ff This fixes #8843. --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 459264d5..58e2bcc5 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -238,7 +238,7 @@ case "$CI_JOB_NAME" in ;; demo.bitmask.net) TAG='demovpn' - run bitmask ssh://gitolite@leap.se/bitmask + run bitmask ssh://gitolite@leap.se/bitmask master ;; deploy_test*) build_from_scratch -- cgit v1.2.3 From e2e3fa4ea0c26b4ccf226f4a3b692ce0f78f5bf5 Mon Sep 17 00:00:00 2001 From: Varac Date: Tue, 26 Sep 2017 20:36:06 +0200 Subject: Add cert renewal to production deployments --- tests/platform-ci/ci-build.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 58e2bcc5..3c6a1ff4 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -156,6 +156,7 @@ run() { # Do the deployment echo "Attempting a deploy..." + LEAP_CMD cert renew "$provider_name" deploy echo "Attempting to run tests..." test -- cgit v1.2.3 From b566104d04ebe89d724c089491d9ba478b20d1a6 Mon Sep 17 00:00:00 2001 From: Varac Date: Tue, 26 Sep 2017 20:44:41 +0200 Subject: Use right domain name to renew certs --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 3c6a1ff4..120e2858 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -156,7 +156,7 @@ run() { # Do the deployment echo "Attempting a deploy..." - LEAP_CMD cert renew "$provider_name" + LEAP_CMD cert renew "$CI_JOB_NAME" deploy echo "Attempting to run tests..." test -- cgit v1.2.3 From d9d38bb283ff1c94cbf4bd488175cb77ae3fa3a4 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 28 Sep 2017 20:12:08 +0200 Subject: CI: Test staging deb repo component Resolves: #8871 --- tests/platform-ci/ci-build.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 120e2858..4710bc88 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -39,6 +39,9 @@ ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") +# deb repo component to configure +COMPONENT=${COMPONENT:-"master"} + # In the gitlab CI pipeline leap is installed in a different # stage by bundle. To debug you can run a single CI job locally # so we install leap_cli as gem here. @@ -88,7 +91,7 @@ build_from_scratch() { # Create cloud.json needed for `leap vm` commands using AWS credentials which jq || ( apt-get update -y && apt-get install jq -y ) - # Dsiable xtrace + # Disable xtrace set +x [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." @@ -102,7 +105,8 @@ build_from_scratch() { [ -d "./tags" ] || mkdir "./tags" /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" - pwd + # configure deb repo component + echo '{}' | jq ".sources.platform.apt |= { \"source\": \"http://deb.leap.se/platform\", \"component\": \"${COMPONENT}\" }" > common.json # remove old cached nodes echo "Removing old cached nodes..." -- cgit v1.2.3 From 5b10def43d134e5735bfcec1237c04cf66e8610b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 19 Sep 2017 15:36:06 -0400 Subject: Feat: Refactor tor services In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864. --- tests/platform-ci/ci-build.sh | 17 +++++++++++++---- tests/platform-ci/provider/nodes/catalogtest.json | 2 +- 2 files changed, 14 insertions(+), 5 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 4710bc88..06af59ca 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -71,6 +71,13 @@ test() { } build_from_scratch() { + # allow passing into the function the services, use a default set if empty + SERVICES=$1 + if [ -z "$SERVICES" ] + then + SERVICES='couchdb,soledad,mx,webapp,tor_relay,monitor' + fi + # when using gitlab-runner locally, CI_JOB_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case @@ -78,10 +85,7 @@ build_from_scratch() { # create node(s) with unique id so we can run tests in parallel NAME="citest${CI_JOB_ID:-0}" - - TAG='single' - SERVICES='couchdb,soledad,mx,webapp,tor,monitor' # leap_platform/tests/platform-ci/provider PROVIDERDIR="${ROOTDIR}/provider" @@ -184,7 +188,7 @@ upgrade_test() { cd "$PROVIDERDIR" - build_from_scratch + build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy test @@ -200,6 +204,11 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" + + # due to the 'tor' service no longer being valid in 0.10, we need to change + # that service to 'tor_relay'. This is done by changing the services array + # with jq to be set to the full correct list of services + jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy test diff --git a/tests/platform-ci/provider/nodes/catalogtest.json b/tests/platform-ci/provider/nodes/catalogtest.json index 05703666..bbf79d9e 100644 --- a/tests/platform-ci/provider/nodes/catalogtest.json +++ b/tests/platform-ci/provider/nodes/catalogtest.json @@ -10,7 +10,7 @@ "webapp", "monitor", "openvpn", - "tor", + "tor_relay", "obfsproxy", "static" ], -- cgit v1.2.3 From 6998301b6fa9485b940e23a9c753d32a76a98fc5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 17 Oct 2017 16:28:17 -0400 Subject: Bug: replace single provider key with an unique one For the CI, we were using the gitlab-runner ssh key for all provider builds, this replaces it with an unique one for each provider. --- tests/platform-ci/ci-build.sh | 21 +++++++++++---------- .../gitlab-runner-bitmask_ssh.pub | 1 + .../gitlab-runner-ibex/gitlab-runner-ibex_ssh.pub | 1 + .../users/gitlab-runner/gitlab-runner_ssh.pub | 1 - 4 files changed, 13 insertions(+), 11 deletions(-) create mode 100644 tests/platform-ci/provider/users/gitlab-runner-bitmask/gitlab-runner-bitmask_ssh.pub create mode 100644 tests/platform-ci/provider/users/gitlab-runner-ibex/gitlab-runner-ibex_ssh.pub delete mode 100644 tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 06af59ca..39fc513b 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -12,9 +12,9 @@ # * AWS credentials as environment variables: # * `AWS_ACCESS_KEY` # * `AWS_SECRET_KEY` -# * ssh private key used to login to remove vm -# * `SSH_PRIVATE_KEY` -# +# * ssh private keys used to clone providers: +# * `BITMASK_PROVIDER_SSH_PRIVATE_KEY` +# * `IBEX_PROVIDER_SSH_PRIVATE_KEY` # exit if any commands returns non-zero status set -e @@ -100,7 +100,8 @@ build_from_scratch() { [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." - [ -z "$SSH_PRIVATE_KEY" ] && fail "\$SSH_PRIVATE_KEY is not set - please provide it as env variable." + [ -z "$BITMASK_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$BITMASK_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." + [ -z "$IBEX_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$IBEX_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script @@ -140,6 +141,12 @@ run() { provider_URI=$2 platform_branch=$3 + # Configure ssh keypair + [ -d ~/.ssh ] || /bin/mkdir ~/.ssh + /bin/echo "${provider_name}_PROVIDER_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa + /bin/chmod 600 ~/.ssh/id_rsa + /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub + # Setup the provider repository echo "Setting up the provider repository: $provider_name by cloning $provider_URI" git clone -q --depth 1 "$provider_URI" @@ -232,12 +239,6 @@ cleanup() { # Ensure we don't output secret stuff to console even when running in verbose mode with -x set +x -# Configure ssh keypair -[ -d ~/.ssh ] || /bin/mkdir ~/.ssh -/bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa -/bin/chmod 600 ~/.ssh/id_rsa -/bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub - # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x diff --git a/tests/platform-ci/provider/users/gitlab-runner-bitmask/gitlab-runner-bitmask_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner-bitmask/gitlab-runner-bitmask_ssh.pub new file mode 100644 index 00000000..eb206639 --- /dev/null +++ b/tests/platform-ci/provider/users/gitlab-runner-bitmask/gitlab-runner-bitmask_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8ICt9oOuuuP7Rt1nIy1qcUV/xW7mDmCb0fcKkFDeAo+7UerEMcA+68oDNw+crc1nfoaW++lnDRIYnyJY43hX0P72u8mzIbt7YB0XgrQiofoygp5c72jQGbeV/59HoKiHI/PUsAG8Sy1oynBpzSd9OWi+h9dBdGq/Wisjdw1/0cILCmNZp0bKDnYfAgEUNmtxd6FFs+dx9x9hHBlquXYzOnMq0XBZiKvxdsnK1gFkNp34y3id7flXyOD5ecTNZJlhPwLTo2z22Re2GCqCh2og8tE58eIQXDeKNyyvmslgyJr2GxKpnjWOlNXW+SCX+bCx02GFuAiww5CcDWu1QuowL micah@muck diff --git a/tests/platform-ci/provider/users/gitlab-runner-ibex/gitlab-runner-ibex_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner-ibex/gitlab-runner-ibex_ssh.pub new file mode 100644 index 00000000..25f085d2 --- /dev/null +++ b/tests/platform-ci/provider/users/gitlab-runner-ibex/gitlab-runner-ibex_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1PAycLznUiMoWyEnb3e4AXT8EaAMW+K3of8EA1+NLQMYots35hmCFG/T9fUMV/j3pf0afG8A6uaJc00gc7otph2DWMboVB9cjvqgSQSZ9VZEy7aoc85jX0RyeKONE1N/aIWu2/8vsFInx4iBS+Sh0/H3nQEMxekOTSeyz3tWN4gLZK5n8i65PpwzlpynGyILq0pdMobfPPuRiCT9Xx4/2NbIYgKZJDYcZeis5FyY6M/TO2u4StDBin8+056NLpS4Q9z5/8K9oT0b7pzx66ebd33Yon4pP2I7Bm2cW+2h4F5bJ7gM8WaiZzuPhEZGzmFiD7XLTvGaoR43jdw6cJP05 micah@muck diff --git a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub deleted file mode 100644 index 3e72b70f..00000000 --- a/tests/platform-ci/provider/users/gitlab-runner/gitlab-runner_ssh.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDEtniDgIYEm4WtGgiQsZKBpY8x3tbzDBIoMLbZT496juCu4c3f+F5KkMPLmYRPcAupF8tVf+j7Fns7z69PuTjdGfe/cA9CTw/4sNAu3iLpunGR0d2Wtctez5mwz13bKRu9fck3H9p2F9Z47vMKtRTJJ6iIgaUVWU/eFd/MSMJeUVd2ns4Wr7SkHCBB3PV+QL1xl4+AZsUtnGVQ5cE4MZZFia/g6SlrKQYFtLRVIIpDuuaDSvULg1BFMhSCBDNygts8dKTJsCEQYeGVvHZaDwtKTnMqEIwBP4TkIoP+YWnZTPrGywFEJOlZ8b+4HdgdUAFLcFCycWMM9nVcWX7P2lIN gitlab-runner_ssh -- cgit v1.2.3 From 2c50305985f171f80e406e5e430911cd3e9e0f07 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 19 Oct 2017 10:00:45 -0400 Subject: CI: fix variable names, abstract ssh setup --- tests/platform-ci/ci-build.sh | 32 ++++++++++++++++------ .../gitlab-runner-platform_ssh.pub | 1 + 2 files changed, 24 insertions(+), 9 deletions(-) create mode 100644 tests/platform-ci/provider/users/gitlab-runner-platform/gitlab-runner-platform_ssh.pub (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 39fc513b..843642a4 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -13,8 +13,8 @@ # * `AWS_ACCESS_KEY` # * `AWS_SECRET_KEY` # * ssh private keys used to clone providers: -# * `BITMASK_PROVIDER_SSH_PRIVATE_KEY` -# * `IBEX_PROVIDER_SSH_PRIVATE_KEY` +# * `bitmask_PROVIDER_SSH_PRIVATE_KEY` +# * `ibex_PROVIDER_SSH_PRIVATE_KEY` # exit if any commands returns non-zero status set -e @@ -70,7 +70,26 @@ test() { LEAP_CMD test "$TAG" } +ssh_setup() { + # set the provider name from the first argument passed to the function + provider_name=$1 + # set CI_SSH_SECRET_PRIVATE_KEY to the variable name keyed off of the provider_name + CI_SSH_SECRET_PRIVATE_KEY=${provider_name}_PROVIDER_SSH_PRIVATE_KEY + # Set the SSH_PRIVATE_KEY to the value provided in the CI runner secret variable setting in gitlab + SSH_PRIVATE_KEY=${!CI_SSH_SECRET_PRIVATE_KEY} + echo "Working with provider: $provider_name" + [ -z "$SSH_PRIVATE_KEY" ] && fail "${provider_name}_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." + # Configure ssh keypair + [ -d ~/.ssh ] || /bin/mkdir ~/.ssh + /bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa + /bin/chmod 600 ~/.ssh/id_rsa + /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub +} + build_from_scratch() { + # setup ssh keys + ssh_setup platform + # allow passing into the function the services, use a default set if empty SERVICES=$1 if [ -z "$SERVICES" ] @@ -100,8 +119,6 @@ build_from_scratch() { [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." - [ -z "$BITMASK_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$BITMASK_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." - [ -z "$IBEX_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$IBEX_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script @@ -141,11 +158,8 @@ run() { provider_URI=$2 platform_branch=$3 - # Configure ssh keypair - [ -d ~/.ssh ] || /bin/mkdir ~/.ssh - /bin/echo "${provider_name}_PROVIDER_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - /bin/chmod 600 ~/.ssh/id_rsa - /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub + # setup ssh keys + ssh_setup "$provider_name" # Setup the provider repository echo "Setting up the provider repository: $provider_name by cloning $provider_URI" diff --git a/tests/platform-ci/provider/users/gitlab-runner-platform/gitlab-runner-platform_ssh.pub b/tests/platform-ci/provider/users/gitlab-runner-platform/gitlab-runner-platform_ssh.pub new file mode 100644 index 00000000..3347e621 --- /dev/null +++ b/tests/platform-ci/provider/users/gitlab-runner-platform/gitlab-runner-platform_ssh.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDCctVP6O1R6x0KnNpCyIJq7B/M5BWVeCNq1FexHqWBlOabJN+GeUKRkxAjIdPLf3J6Wki7q9hMyIAvKoqaIu3kQ9EHbRwc0znt/ofF9abZ8g+d3v0eg+WFVWopUktp97SfOfHkUUjlWJQUMh4HCl5SStaIBUgrB+l8FGmLYGZvGgoA86AWNo7Zr7D1RHfNYKYAC1uPa+RnxfzGgiy+hz8PmVjaRFmH7UcgsiwinTUSzDsEXVx8NXlEwv1NV86/RZ/EB2nOhYoKOn1WFXVVhtOtqlzoi0M4jLD3nylzyAnX4HdslTIuDB1aoawfTfvdcuqCzs6Z7dFAo0OqUGo7faO1 platform_provider -- cgit v1.2.3 From a0eea43cbb93665d9d1ac96765d1abdf2a665d15 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Nov 2017 11:54:19 -0500 Subject: CI: do soledad migration during upgrade test Updating platfrom 0.9 (soledad 0.8.0) to 0.10 (soledad 0.10.3) requires a soledad-server migration. This integrates the migration in the CI upgrade_test. Fixes #8881 --- tests/platform-ci/ci-build.sh | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 843642a4..4c9a516c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -191,8 +191,32 @@ run() { test } +soledad_migration() { + # check the version of soledad installed + # if the version is not greater than 0.9, we need to do the migration + if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.9" vm |grep -q oops + then + echo "Need to migrate from soledad 0.9!" + if ! LEAP_CMD run 'systemctl stop leap-mx' vm + then fail + fi + if ! LEAP_CMD run 'systemctl stop soledad-server' vm + then fail + fi + if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --verbose --log-file /var/log/leap/soledad_migration.log --do-migrate' vm + then fail + fi + if ! LEAP_CMD run 'systemctl start leap-mx' vm + then fail + fi + if ! LEAP_CMD run 'systemctl start soledad-server' vm + then fail + fi + fi +} + upgrade_test() { - # Checkout stable branch containing last release + # Checkout stable branch containing previous stable release # and deploy this cd "$PLATFORMDIR" # due to cache, this remote is sometimes already added @@ -208,7 +232,7 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" - + LEAP_CMD --version build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy test @@ -225,12 +249,17 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" - + LEAP_CMD --version + # due to the 'tor' service no longer being valid in 0.10, we need to change # that service to 'tor_relay'. This is done by changing the services array # with jq to be set to the full correct list of services jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy + + # check for soledad migration, and run it if necessary + soledad_migration + test cleanup -- cgit v1.2.3 From a2959d8696348220cc171da436c6703e1a2cb5fd Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Nov 2017 10:43:21 -0500 Subject: CI: produce CI-useful output for soledad test --- tests/platform-ci/ci-build.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 4c9a516c..2b665749 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -203,7 +203,7 @@ soledad_migration() { if ! LEAP_CMD run 'systemctl stop soledad-server' vm then fail fi - if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --verbose --log-file /var/log/leap/soledad_migration.log --do-migrate' vm + if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --log-file /dev/stdout --verbose --do-migrate | tee /var/log/leap/soledad_migration.log' vm then fail fi if ! LEAP_CMD run 'systemctl start leap-mx' vm @@ -257,9 +257,13 @@ upgrade_test() { jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy + # pre-migration test + test + # check for soledad migration, and run it if necessary soledad_migration + # run the test again, this should succeed test cleanup -- cgit v1.2.3 From 67b73969cbc5fc4d98f096d47e5c19169c60592e Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 16 Nov 2017 18:13:29 +0100 Subject: Docs: Fixed gitlab-runner ssh-key env variable --- tests/platform-ci/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/README.md b/tests/platform-ci/README.md index 7a44a2fe..2eae5ca0 100644 --- a/tests/platform-ci/README.md +++ b/tests/platform-ci/README.md @@ -39,7 +39,7 @@ together with [Docker](https://www.docker.com/). Export `AWS_ACCESS_KEY`, `AWS_SECRET_KEY` and `SSH_PRIVATE_KEY` as shown above. From the root dir of this repo run: - gitlab-runner exec docker --env AWS_ACCESS_KEY="$AWS_ACCESS_KEY" --env AWS_SECRET_KEY="$AWS_SECRET_KEY" --env SSH_PRIVATE_KEY="$SSH_PRIVATE_KEY" deploy_test + gitlab-runner exec docker --env AWS_ACCESS_KEY="$AWS_ACCESS_KEY" --env AWS_SECRET_KEY="$AWS_SECRET_KEY" --env platform_PROVIDER_SSH_PRIVATE_KEY="$SSH_PRIVATE_KEY" deploy_test See `.gitlab-ci.yml` for all the different test jobs. -- cgit v1.2.3 From 6cc86459acccc915cb3dd4c9700dd5b64aef50c2 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 16 Nov 2017 13:10:41 -0500 Subject: CI: Change the soledad test to run before webapp It is more useful to check to see if Soledad is running before running the webapp tests that require soledad to be running. --- tests/server-tests/white-box/webapp.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'tests') diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index b1ceddb1..b0285e2e 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -4,6 +4,7 @@ require 'json' class Webapp < LeapTest depends_on "Network" + depends_on "Soledad" def setup end -- cgit v1.2.3 From 5a25afe09665693f08f74d139cd52a671d0d05b6 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 16 Nov 2017 13:12:13 -0500 Subject: CI: fix soledad version number --- tests/platform-ci/ci-build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 2b665749..909ed1b1 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -194,9 +194,9 @@ run() { soledad_migration() { # check the version of soledad installed # if the version is not greater than 0.9, we need to do the migration - if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.9" vm |grep -q oops + if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.8" vm |grep -q oops then - echo "Need to migrate from soledad 0.9!" + echo "Need to migrate from soledad 0.8!" if ! LEAP_CMD run 'systemctl stop leap-mx' vm then fail fi -- cgit v1.2.3 From 464da0db5abe5008b281412548d4f85e1710ba43 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 16 Nov 2017 18:41:58 +0100 Subject: CI: Run leap info,allow pre-migration test to fail --- tests/platform-ci/ci-build.sh | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 909ed1b1..b2958f7c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -66,6 +66,11 @@ deploy() { LEAP_CMD deploy "$TAG" } +leap_info() { + echo "Running leap info on $TAG" + LEAP_CMD info "${TAG}" +} + test() { LEAP_CMD test "$TAG" } @@ -149,8 +154,6 @@ build_from_scratch() { echo "Running leap node init on TAG: $TAG" LEAP_CMD node init "$TAG" - echo "Running leap info on $TAG" - LEAP_CMD info "${TAG}" } run() { @@ -235,6 +238,7 @@ upgrade_test() { LEAP_CMD --version build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy + leap_info test # Checkout HEAD of current branch and re-deploy @@ -250,7 +254,7 @@ upgrade_test() { cd "$PROVIDERDIR" LEAP_CMD --version - + # due to the 'tor' service no longer being valid in 0.10, we need to change # that service to 'tor_relay'. This is done by changing the services array # with jq to be set to the full correct list of services @@ -258,11 +262,14 @@ upgrade_test() { deploy # pre-migration test - test + # allowed to fail because when a migration is needed, soledad-server refuses to start + test || /bin/true # check for soledad migration, and run it if necessary soledad_migration + leap_info + # run the test again, this should succeed test @@ -305,6 +312,7 @@ case "$CI_JOB_NAME" in deploy_test*) build_from_scratch deploy + leap_info test cleanup ;; -- cgit v1.2.3 From 87896a7d79ecfe06d2538e719061d6e75e1d7952 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 21 Nov 2017 10:05:14 -0500 Subject: Docs: Update docs to prepare for 0.10.0 release Fixes: #8427, #8812 --- tests/platform-ci/ci-build.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tests') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b2958f7c..9bdf75fb 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -239,6 +239,9 @@ upgrade_test() { build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy leap_info + # In 0.9 leap info did not output apt sources, so we do it manually + # but can remove it for next release + cat /etc/apt/sources.list.d/* test # Checkout HEAD of current branch and re-deploy -- cgit v1.2.3 From 2d58cae32e87f94a1294265da547892fe21fe7a6 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 23 Nov 2017 10:56:44 -0500 Subject: CI: set a contact email for CI tests Because this is used in some places, such as tor configuration, it can be useful to have this set to something real for contact purposes. --- tests/platform-ci/provider/provider.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/platform-ci/provider/provider.json b/tests/platform-ci/provider/provider.json index 218ff529..687f662a 100644 --- a/tests/platform-ci/provider/provider.json +++ b/tests/platform-ci/provider/provider.json @@ -10,7 +10,7 @@ "en": "You really should change this text" }, "contacts": { - "default": "root@example.org" + "default": "sysdevs@leap.se" }, "languages": ["en"], "default_language": "en", -- cgit v1.2.3 From 88a95ce8d6a3a151c20cbfa0ddfff7ca75f78751 Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 27 Nov 2017 10:52:45 -0800 Subject: fix tests - webapp test should only depend on soledad if soledad service is present --- tests/server-tests/white-box/webapp.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/server-tests/white-box/webapp.rb b/tests/server-tests/white-box/webapp.rb index b0285e2e..42adf219 100644 --- a/tests/server-tests/white-box/webapp.rb +++ b/tests/server-tests/white-box/webapp.rb @@ -4,7 +4,7 @@ require 'json' class Webapp < LeapTest depends_on "Network" - depends_on "Soledad" + depends_on "Soledad" if service?(:soledad) def setup end -- cgit v1.2.3