Skip to content

Commit

Permalink
Add options (and tests) for skipping tcp-bootstrap & port 443 tests
Browse files Browse the repository at this point in the history
  • Loading branch information
JanneKiiskila committed May 30, 2024
1 parent 273bc8b commit 229b45f
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 22 deletions.
12 changes: 11 additions & 1 deletion .github/workflows/pr-checker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -71,10 +71,20 @@ jobs:
fi
- name: Check if it works with a custom domain
run: |
if ! fw-tools/edge-testnet --domain -pr-tester.pdm-sandbox.io; then
if ! fw-tools/edge-testnet --domain -pr-tester.pdm-sandbox.io -s --skip443 --skiptcp; then
echo "Failed to run edge-testnet -d example.com"
exit 1
fi
- name: Check if it works with a custom domain & snap
run: |
if ! SNAP=snap fw-tools/edge-testnet --domain -pr-tester.pdm-sandbox.io -s --skip443 --skiptcp; then
echo "Failed to run edge-testnet -d example.com with SNAP env defined"
exit 1
fi
- name: Check if it works with expected failures
run: |
fw-tools/edge-testnet --domain -pr-tester.pdm-sandbox.io -s --skiptcp > expect-some-fails.txt || true
grep "Some tests failed." expect-some-fails.txt
versions-check:
runs-on: [ "self-hosted", "client" ]
Expand Down
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
## Izuma Edge utilities 2.3.6
1. [fw-tools] - fix handling `-h` (help) option.
1. [fw-tools] - support for custom domains added.
1. [fw-tools] - support for custom domains (--domain) added, options to skip https/port443 check (--skip443) and tcp-bootstrap (--skiptcp).

## Izuma Edge utilities 2.3.5
1. [fw-tools] - remove `ping` test from `serial-vault-partners.canonical.com`, it is not responding to `ping` anymore.
Expand Down
62 changes: 42 additions & 20 deletions fw-tools/edge-testnet
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ L4T=$temp/layer4.txt

VERBOSE=0
DONTDELETE=0
SKIPHTTPS=0
SKIPTCP=0

NORM="\u001b[0m"
#BOLD="\u001b[1m"
Expand Down Expand Up @@ -147,9 +149,9 @@ test_server_with_openssl() {

COMMAND="openssl s_client -CAfile ${CRED_DIR}/${SERVER_NAME}.pem \
-key ${CRED_DIR}/device01_key.pem -cert ${CRED_DIR}/device01_cert.pem \
-connect ${URL}:${PORT} > ${LOG_FILE_NAME} 2>&1"
-connect ${URL}:${PORT} > ${LOG_FILE_NAME} 2>&1" || true
else
COMMAND="openssl s_client -connect ${URL}:${PORT} > ${LOG_FILE_NAME} 2>&1"
COMMAND="openssl s_client -connect ${URL}:${PORT} > ${LOG_FILE_NAME} 2>&1" || true
fi

# If the SKIP_CERT_VALID flag is off or the service is not bootstrap/lwm2m
Expand All @@ -166,11 +168,11 @@ test_server_with_openssl() {
return
fi
else
eval "$COMMAND"
eval "$COMMAND" || true
fi

# get openssl return code
RESULT=$(grep 'Verify return code' "$LOG_FILE_NAME")
RESULT=$(grep 'Verify return code' "$LOG_FILE_NAME") || true
if [ -z "$RESULT" ]; then
clihelp::failure "TLS to $URL server (port $PORT)"
if [[ "$VERBOSE" -eq 1 ]]; then
Expand Down Expand Up @@ -219,7 +221,9 @@ test_L3() {
local SERVER_NAME=$1

_url "$SERVER_NAME""$DOMAIN_NAME"
_url tcp-"$SERVER_NAME""$DOMAIN_NAME"
if [[ "$SKIPTCP" -eq 0 ]]; then
_url tcp-"$SERVER_NAME""$DOMAIN_NAME"
fi
if [[ "$TEST_UDP" -eq 1 ]]; then
_url udp-"$SERVER_NAME""$DOMAIN_NAME"
fi
Expand Down Expand Up @@ -258,7 +262,11 @@ test_L4() {

_nc_test_server_tcp_udp() {
local SERVER_NAME=$1
local PORTS=(5684 443)
if [[ "$SKIPHTTPS" -eq 1 ]]; then
local PORTS=(5684)
else
local PORTS=(5684 443)
fi

for PORT in "${PORTS[@]}"; do
_nc "$SERVER_NAME""$DOMAIN_NAME" "$PORT"
Expand All @@ -274,8 +282,11 @@ test_L4() {
verbose "--------------------------"

_nc_test_server_tcp_udp bootstrap
_nc_test_server_tcp_udp lwm2m
_nc_test_server_tcp_udp lwm2m

if [[ "$SKIPHTTPS" -eq 1 ]]; then
return
fi
_nc edge-k8s"$DOMAIN_NAME_EDGE" 443
_nc gateways"$DOMAIN_NAME_EDGE" 443
_nc containers"$DOMAIN_NAME_EDGE" 443
Expand All @@ -296,7 +307,11 @@ test_L4() {
test_TLS() {
_TLS_test_server_tcp_udp() {
local SERVER_NAME=$1
local PORTS=(5684 443)
if [[ "$SKIPHTTPS" -eq 1 ]]; then
local PORTS=(5684)
else
local PORTS=(5684 443)
fi

for PORT in "${PORTS[@]}"; do
test_server_with_openssl "$SERVER_NAME""$DOMAIN_NAME" "$PORT"
Expand All @@ -311,10 +326,11 @@ test_TLS() {

_TLS_test_server_tcp_udp bootstrap
_TLS_test_server_tcp_udp lwm2m

test_server_with_openssl gateways"$DOMAIN_NAME_EDGE" 443
test_server_with_openssl edge-k8s"$DOMAIN_NAME_EDGE" 443
test_server_with_openssl containers"$DOMAIN_NAME_EDGE" 443
if [[ "$SKIPHTTPS" -eq 0 ]]; then
test_server_with_openssl gateways"$DOMAIN_NAME_EDGE" 443
test_server_with_openssl edge-k8s"$DOMAIN_NAME_EDGE" 443
test_server_with_openssl containers"$DOMAIN_NAME_EDGE" 443
fi
}

main() {
Expand Down Expand Up @@ -349,20 +365,22 @@ main() {

displayHelp() {
echo "Usage: $0 -options"
echo " -d do not delete temporary storage"
echo " -v verbose output"
echo " -e debug"
echo " -s skip cert validation in TLS tests"
echo " -h/-H show this help dialog"
echo " --domain domain name"
echo " --env environment. Can be integration/os2/production"
echo " -d do not delete temporary storage"
echo " -v verbose output"
echo " -e debug"
echo " -s skip cert validation in TLS tests"
echo " --skip443 skip tests for port 443"
echo " --skiptcp skip testing tcp-bootstrap URL"
echo " -h/-H show this help dialog"
echo " --domain domain name"
echo " --env environment. Can be integration/os2/production"
echo " if neither --domain or --env aren't supplied, the default is production env."
echo " --domain and --env can't be supplied together."
exit
}

argprocessor() {
args=$(getopt -o hHdevs --l udp,env:,domain: -- "$@")
args=$(getopt -o hHdevs --l skip443,skiptcp,udp,env:,domain: -- "$@")
if [[ -z "$args" ]]; then
usage
fi
Expand Down Expand Up @@ -392,6 +410,10 @@ argprocessor() {
#
--domain) DOMAIN_NAME="$2"; shift 2 ;;
#
--skip443) SKIPHTTPS=1; shift 1;;
#
--skiptcp) SKIPTCP=1; shift 1;;
#
--) shift; break ;;
#
*) >&2 echo Unsupported option: "$1"
Expand Down

0 comments on commit 229b45f

Please sign in to comment.