nix-bitcoin/test/base.py

is_interactive = "is_interactive" in vars()


def succeed(*cmds):
    """Returns the concatenated output of all cmds"""
    return machine.succeed(*cmds)


def assert_matches(cmd, regexp):
    out = succeed(cmd)
    if not re.search(regexp, out):
        raise Exception(f"Pattern '{regexp}' not found in '{out}'")


def assert_full_match(cmd, regexp):
    out = succeed(cmd)
    if not re.fullmatch(regexp, out):
        raise Exception(f"Pattern '{regexp}' doesn't match '{out}'")


def log_has_string(unit, str):
    return f"journalctl -b --output=cat -u {unit} --grep='{str}'"


def assert_no_failure(unit):
    """Unit should not have failed since the system is running"""
    machine.fail(log_has_string(unit, "Failed with result"))


def assert_running(unit):
    machine.wait_for_unit(unit)
    assert_no_failure(unit)


def run_tests(extra_tests):
    """
    :param extra_tests: Test functions that hook into the testing code below
    :type extra_tests: Dict[str, Callable[]]
    """
    # Don't execute the following test suite when this script is running in interactive mode
    if is_interactive:
        raise Exception()

    test_security()

    assert_running("bitcoind")
    machine.wait_until_succeeds("bitcoin-cli getnetworkinfo")
    assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' | jq", '"version"')
    # Test RPC Whitelist
    machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")
    # Restating rpcuser & rpcpassword overrides privileged credentials
    machine.fail(
        "bitcoin-cli -rpcuser=public -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"
    )
    machine.wait_until_succeeds(
        log_has_string("bitcoind", "RPC User public not allowed to call method help")
    )

    assert_running("electrs")
    extra_tests.pop("electrs")()
    # Check RPC connection to bitcoind
    machine.wait_until_succeeds(log_has_string("electrs", "NetworkInfo"))
    # Stop electrs from spamming the test log with 'wait for bitcoind sync' messages
    succeed("systemctl stop electrs")

    assert_running("liquidd")
    machine.wait_until_succeeds("elements-cli getnetworkinfo")
    assert_matches("su operator -c 'elements-cli getnetworkinfo' | jq", '"version"')
    succeed("su operator -c 'liquidswap-cli --help'")

    assert_running("clightning")
    assert_matches("su operator -c 'lightning-cli getinfo' | jq", '"id"')

    assert_running("lnd")
    assert_matches("su operator -c 'lncli getinfo' | jq", '"version"')
    assert_no_failure("lnd")

    succeed("systemctl start lightning-loop")
    assert_matches("su operator -c 'loop --version'", "version")
    # Check that lightning-loop fails with the right error, making sure
    # lightning-loop can connect to lnd
    machine.wait_until_succeeds(
        log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
    )

    assert_running("spark-wallet")
    extra_tests.pop("spark-wallet")()

    assert_running("lightning-charge")
    extra_tests.pop("lightning-charge")()

    assert_running("nanopos")
    extra_tests.pop("nanopos")()

    assert_running("onion-chef")

    # FIXME: use 'wait_for_unit' because 'create-web-index' always fails during startup due
    # to incomplete unit dependencies.
    # 'create-web-index' implicitly tests 'nodeinfo'.
    machine.wait_for_unit("create-web-index")
    assert_running("nginx")
    extra_tests.pop("web-index")()

    machine.wait_until_succeeds(log_has_string("bitcoind-import-banlist", "Importing node banlist"))
    assert_no_failure("bitcoind-import-banlist")

    ### Additional tests

    # Current time in µs
    pre_restart = succeed("date +%s.%6N").rstrip()

    # Sanity-check system by restarting all services
    succeed(
        "systemctl restart bitcoind clightning lnd lightning-loop spark-wallet lightning-charge nanopos liquidd"
    )

    # Now that the bitcoind restart triggered a banlist import restart, check that
    # re-importing already banned addresses works
    machine.wait_until_succeeds(
        log_has_string(f"bitcoind-import-banlist --since=@{pre_restart}", "Importing node banlist")
    )
    assert_no_failure("bitcoind-import-banlist")

    extra_tests.pop("prestop")()

    ### Test duplicity

    succeed("systemctl stop bitcoind")
    succeed("systemctl start duplicity")
    machine.wait_until_succeeds(log_has_string("duplicity", "duplicity.service: Succeeded."))
    # Make sure files in duplicity backup and /var/lib are identical
    assert_matches(
        "export $(cat /secrets/backup-encryption-env); duplicity verify '--archive-dir' '/var/lib/duplicity' 'file:///var/lib/localBackups' '/var/lib'",
        "0 differences found",
    )
    # Make sure duplicity backup includes important files
    assert_matches(
        "export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",
        "var/lib/clightning/bitcoin/hsm_secret",
    )
    assert_matches(
        "export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",
        "secrets/lnd-seed-mnemonic",
    )
    assert_matches(
        "export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",
        "var/lib/bitcoind/wallet.dat",
    )

    ### Check that all extra_tests have been run
    assert len(extra_tests) == 0


def test_security():
    assert_running("setup-secrets")
    # Unused secrets should be inaccessible
    succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')

    # Access to '/proc' should be restricted
    machine.succeed("grep -Fq hidepid=2 /proc/mounts")

    machine.wait_for_unit("bitcoind")
    # `systemctl status` run by unprivileged users shouldn't leak cgroup info
    assert_matches(
        "sudo -u electrs systemctl status bitcoind 2>&1 >/dev/null",
        "Failed to dump process list for 'bitcoind.service', ignoring: Access denied",
    )
    # The 'operator' with group 'proc' has full access
    assert_full_match("sudo -u operator systemctl status bitcoind 2>&1 >/dev/null", "")
test: load complete test environment in debug mode Stop just before executing actual tests. This makes all test functions accessible in debug mode. 2020-08-21 13:36:11 -07:00			`is_interactive = "is_interactive" in vars()`


tests: allow running integration tests with different configurations 2020-07-16 07:48:41 -07:00			`def succeed(*cmds):`
			`"""Returns the concatenated output of all cmds"""`
			`return machine.succeed(*cmds)`


			`def assert_matches(cmd, regexp):`
			`out = succeed(cmd)`
			`if not re.search(regexp, out):`
			`raise Exception(f"Pattern '{regexp}' not found in '{out}'")`


test: rename assert_matches_exactly -> assert_full_match More precise, needed in a later commit. 2020-08-20 04:11:05 -07:00			`def assert_full_match(cmd, regexp):`
tests: allow running integration tests with different configurations 2020-07-16 07:48:41 -07:00			`out = succeed(cmd)`
			`if not re.fullmatch(regexp, out):`
			`raise Exception(f"Pattern '{regexp}' doesn't match '{out}'")`


			`def log_has_string(unit, str):`
			`return f"journalctl -b --output=cat -u {unit} --grep='{str}'"`


			`def assert_no_failure(unit):`
			`"""Unit should not have failed since the system is running"""`
			`machine.fail(log_has_string(unit, "Failed with result"))`


			`def assert_running(unit):`
			`machine.wait_for_unit(unit)`
			`assert_no_failure(unit)`


tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`def run_tests(extra_tests):`
test: use pydoc docstring 2020-08-21 13:36:08 -07:00			`"""`
			`:param extra_tests: Test functions that hook into the testing code below`
			`:type extra_tests: Dict[str, Callable[]]`
			`"""`
test: load complete test environment in debug mode Stop just before executing actual tests. This makes all test functions accessible in debug mode. 2020-08-21 13:36:11 -07:00			`# Don't execute the following test suite when this script is running in interactive mode`
			`if is_interactive:`
			`raise Exception()`

test: move security tests to separate function 2020-08-20 04:11:09 -07:00			`test_security()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`assert_running("bitcoind")`
			`machine.wait_until_succeeds("bitcoin-cli getnetworkinfo")`
			`assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' \| jq", '"version"')`
			`# Test RPC Whitelist`
			`machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")`
			`# Restating rpcuser & rpcpassword overrides privileged credentials`
			`machine.fail(`
bitcoind: remove custom rpc user names Simpler. We've just removed option 'bitcoind.rpcuser', so we can also remove the old name 'bitcoinrpc'. 2020-08-26 12:15:36 -07:00			`"bitcoin-cli -rpcuser=public -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00			`)`
			`machine.wait_until_succeeds(`
bitcoind: remove custom rpc user names Simpler. We've just removed option 'bitcoind.rpcuser', so we can also remove the old name 'bitcoinrpc'. 2020-08-26 12:15:36 -07:00			`log_has_string("bitcoind", "RPC User public not allowed to call method help")`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00			`)`

			`assert_running("electrs")`
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`extra_tests.pop("electrs")()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00			`# Check RPC connection to bitcoind`
			`machine.wait_until_succeeds(log_has_string("electrs", "NetworkInfo"))`
			`# Stop electrs from spamming the test log with 'wait for bitcoind sync' messages`
			`succeed("systemctl stop electrs")`

			`assert_running("liquidd")`
			`machine.wait_until_succeeds("elements-cli getnetworkinfo")`
			`assert_matches("su operator -c 'elements-cli getnetworkinfo' \| jq", '"version"')`
			`succeed("su operator -c 'liquidswap-cli --help'")`

			`assert_running("clightning")`
			`assert_matches("su operator -c 'lightning-cli getinfo' \| jq", '"id"')`

tests: make lnd & clightning tests run concurrently 2020-08-04 01:24:49 -07:00			`assert_running("lnd")`
			`assert_matches("su operator -c 'lncli getinfo' \| jq", '"version"')`
			`assert_no_failure("lnd")`

			`succeed("systemctl start lightning-loop")`
			`assert_matches("su operator -c 'loop --version'", "version")`
			`# Check that lightning-loop fails with the right error, making sure`
			`# lightning-loop can connect to lnd`
			`machine.wait_until_succeeds(`
			`log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")`
			`)`

tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00			`assert_running("spark-wallet")`
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`extra_tests.pop("spark-wallet")()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`assert_running("lightning-charge")`
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`extra_tests.pop("lightning-charge")()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`assert_running("nanopos")`
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`extra_tests.pop("nanopos")()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`assert_running("onion-chef")`

			`# FIXME: use 'wait_for_unit' because 'create-web-index' always fails during startup due`
			`# to incomplete unit dependencies.`
			`# 'create-web-index' implicitly tests 'nodeinfo'.`
			`machine.wait_for_unit("create-web-index")`
tests: move nginx check in scenarios lib 2020-08-04 05:17:15 -07:00			`assert_running("nginx")`
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`extra_tests.pop("web-index")()`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`machine.wait_until_succeeds(log_has_string("bitcoind-import-banlist", "Importing node banlist"))`
			`assert_no_failure("bitcoind-import-banlist")`

			`### Additional tests`

			`# Current time in µs`
			`pre_restart = succeed("date +%s.%6N").rstrip()`

			`# Sanity-check system by restarting all services`
tests: make lnd & clightning tests run concurrently 2020-08-04 01:24:49 -07:00			`succeed(`
			`"systemctl restart bitcoind clightning lnd lightning-loop spark-wallet lightning-charge nanopos liquidd"`
			`)`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
			`# Now that the bitcoind restart triggered a banlist import restart, check that`
			`# re-importing already banned addresses works`
			`machine.wait_until_succeeds(`
			`log_has_string(f"bitcoind-import-banlist --since=@{pre_restart}", "Importing node banlist")`
			`)`
			`assert_no_failure("bitcoind-import-banlist")`

backups: add feature test 2020-06-23 04:03:16 -07:00			`extra_tests.pop("prestop")()`

			`### Test duplicity`

			`succeed("systemctl stop bitcoind")`
			`succeed("systemctl start duplicity")`
			`machine.wait_until_succeeds(log_has_string("duplicity", "duplicity.service: Succeeded."))`
			`# Make sure files in duplicity backup and /var/lib are identical`
			`assert_matches(`
			`"export $(cat /secrets/backup-encryption-env); duplicity verify '--archive-dir' '/var/lib/duplicity' 'file:///var/lib/localBackups' '/var/lib'",`
			`"0 differences found",`
			`)`
			`# Make sure duplicity backup includes important files`
			`assert_matches(`
			`"export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",`
			`"var/lib/clightning/bitcoin/hsm_secret",`
			`)`
			`assert_matches(`
			`"export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",`
			`"secrets/lnd-seed-mnemonic",`
			`)`
			`assert_matches(`
			`"export $(cat /secrets/backup-encryption-env); duplicity list-current-files 'file:///var/lib/localBackups'",`
			`"var/lib/bitcoind/wallet.dat",`
			`)`
tests: create run_tests() function in the scenario lib 2020-08-02 14:20:51 -07:00
tests: add extra_tests argument to scenario lib run_tests() 2020-08-02 14:36:08 -07:00			`### Check that all extra_tests have been run`
			`assert len(extra_tests) == 0`
test: move security tests to separate function 2020-08-20 04:11:09 -07:00

			`def test_security():`
			`assert_running("setup-secrets")`
			`# Unused secrets should be inaccessible`
			`succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')`

			`# Access to '/proc' should be restricted`
			`machine.succeed("grep -Fq hidepid=2 /proc/mounts")`

			`machine.wait_for_unit("bitcoind")`
			# `systemctl status` run by unprivileged users shouldn't leak cgroup info
			`assert_matches(`
			`"sudo -u electrs systemctl status bitcoind 2>&1 >/dev/null",`
			`"Failed to dump process list for 'bitcoind.service', ignoring: Access denied",`
			`)`
			`# The 'operator' with group 'proc' has full access`
			`assert_full_match("sudo -u operator systemctl status bitcoind 2>&1 >/dev/null", "")`