tests: add post-clightning extra tests to scenarios
This commit is contained in:
parent
5fa0602a18
commit
5c0170c6b8
@ -25,12 +25,17 @@ def web_index():
|
|||||||
assert_matches("curl -L localhost/store", "tshirt")
|
assert_matches("curl -L localhost/store", "tshirt")
|
||||||
|
|
||||||
|
|
||||||
|
def post_clightning():
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
extra_tests = {
|
extra_tests = {
|
||||||
"electrs": electrs,
|
"electrs": electrs,
|
||||||
"spark-wallet": spark_wallet,
|
"spark-wallet": spark_wallet,
|
||||||
"lightning-charge": lightning_charge,
|
"lightning-charge": lightning_charge,
|
||||||
"nanopos": nanopos,
|
"nanopos": nanopos,
|
||||||
"web-index": web_index,
|
"web-index": web_index,
|
||||||
|
"post-clightning": post_clightning,
|
||||||
}
|
}
|
||||||
|
|
||||||
run_tests(extra_tests)
|
run_tests(extra_tests)
|
||||||
|
@ -113,6 +113,8 @@ def run_tests(extra_tests):
|
|||||||
)
|
)
|
||||||
assert_no_failure("bitcoind-import-banlist")
|
assert_no_failure("bitcoind-import-banlist")
|
||||||
|
|
||||||
|
extra_tests.pop("post-clightning")()
|
||||||
|
|
||||||
### Test lnd
|
### Test lnd
|
||||||
|
|
||||||
stopped_services = "nanopos lightning-charge spark-wallet clightning"
|
stopped_services = "nanopos lightning-charge spark-wallet clightning"
|
||||||
@ -131,9 +133,5 @@ def run_tests(extra_tests):
|
|||||||
log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
|
log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
|
||||||
)
|
)
|
||||||
|
|
||||||
### Stop lnd and restart clightning
|
|
||||||
succeed("systemctl stop lnd")
|
|
||||||
succeed("systemctl start " + stopped_services)
|
|
||||||
|
|
||||||
### Check that all extra_tests have been run
|
### Check that all extra_tests have been run
|
||||||
assert len(extra_tests) == 0
|
assert len(extra_tests) == 0
|
||||||
|
@ -10,7 +10,7 @@ nanopos_ip = "169.254.1.19"
|
|||||||
recurringdonations_ip = "169.254.1.20"
|
recurringdonations_ip = "169.254.1.20"
|
||||||
nginx_ip = "169.254.1.21"
|
nginx_ip = "169.254.1.21"
|
||||||
|
|
||||||
## electrs
|
|
||||||
def electrs():
|
def electrs():
|
||||||
machine.wait_until_succeeds(
|
machine.wait_until_succeeds(
|
||||||
"ip netns exec nb-electrs nc -z localhost 4224"
|
"ip netns exec nb-electrs nc -z localhost 4224"
|
||||||
@ -46,33 +46,22 @@ def web_index():
|
|||||||
assert_matches("ip netns exec nb-nginx curl -L localhost/store", "tshirt")
|
assert_matches("ip netns exec nb-nginx curl -L localhost/store", "tshirt")
|
||||||
|
|
||||||
|
|
||||||
extra_tests = {
|
def post_clightning():
|
||||||
"electrs": electrs,
|
ping_bitcoind = "ip netns exec nb-bitcoind ping -c 1 -w 1"
|
||||||
"spark-wallet": spark_wallet,
|
ping_nanopos = "ip netns exec nb-nanopos ping -c 1 -w 1"
|
||||||
"lightning-charge": lightning_charge,
|
|
||||||
"nanopos": nanopos,
|
|
||||||
"web-index": web_index,
|
|
||||||
}
|
|
||||||
|
|
||||||
run_tests(extra_tests)
|
# Positive ping tests (non-exhaustive)
|
||||||
|
machine.succeed(
|
||||||
### Security tests
|
|
||||||
|
|
||||||
ping_bitcoind = "ip netns exec nb-bitcoind ping -c 1 -w 1"
|
|
||||||
ping_nanopos = "ip netns exec nb-nanopos ping -c 1 -w 1"
|
|
||||||
|
|
||||||
# Positive ping tests (non-exhaustive)
|
|
||||||
machine.succeed(
|
|
||||||
"%s %s &&" % (ping_bitcoind, bitcoind_ip)
|
"%s %s &&" % (ping_bitcoind, bitcoind_ip)
|
||||||
+ "%s %s &&" % (ping_bitcoind, clightning_ip)
|
+ "%s %s &&" % (ping_bitcoind, clightning_ip)
|
||||||
+ "%s %s &&" % (ping_bitcoind, liquidd_ip)
|
+ "%s %s &&" % (ping_bitcoind, liquidd_ip)
|
||||||
+ "%s %s &&" % (ping_nanopos, lightningcharge_ip)
|
+ "%s %s &&" % (ping_nanopos, lightningcharge_ip)
|
||||||
+ "%s %s &&" % (ping_nanopos, nanopos_ip)
|
+ "%s %s &&" % (ping_nanopos, nanopos_ip)
|
||||||
+ "%s %s" % (ping_nanopos, nginx_ip)
|
+ "%s %s" % (ping_nanopos, nginx_ip)
|
||||||
)
|
)
|
||||||
|
|
||||||
# Negative ping tests (non-exhaustive)
|
# Negative ping tests (non-exhaustive)
|
||||||
machine.fail(
|
machine.fail(
|
||||||
"%s %s ||" % (ping_bitcoind, sparkwallet_ip)
|
"%s %s ||" % (ping_bitcoind, sparkwallet_ip)
|
||||||
+ "%s %s ||" % (ping_bitcoind, lightningcharge_ip)
|
+ "%s %s ||" % (ping_bitcoind, lightningcharge_ip)
|
||||||
+ "%s %s ||" % (ping_bitcoind, nanopos_ip)
|
+ "%s %s ||" % (ping_bitcoind, nanopos_ip)
|
||||||
@ -85,15 +74,27 @@ machine.fail(
|
|||||||
+ "%s %s ||" % (ping_nanopos, electrs_ip)
|
+ "%s %s ||" % (ping_nanopos, electrs_ip)
|
||||||
+ "%s %s ||" % (ping_nanopos, sparkwallet_ip)
|
+ "%s %s ||" % (ping_nanopos, sparkwallet_ip)
|
||||||
+ "%s %s" % (ping_nanopos, recurringdonations_ip)
|
+ "%s %s" % (ping_nanopos, recurringdonations_ip)
|
||||||
)
|
)
|
||||||
|
|
||||||
# test that netns-exec can't be run for unauthorized namespace
|
# test that netns-exec can't be run for unauthorized namespace
|
||||||
machine.fail("netns-exec nb-electrs ip a")
|
machine.fail("netns-exec nb-electrs ip a")
|
||||||
|
|
||||||
# test that netns-exec drops capabilities
|
# test that netns-exec drops capabilities
|
||||||
assert_matches_exactly(
|
assert_matches_exactly(
|
||||||
"su operator -c 'netns-exec nb-bitcoind capsh --print | grep Current '", "Current: =\n"
|
"su operator -c 'netns-exec nb-bitcoind capsh --print | grep Current '", "Current: =\n"
|
||||||
)
|
)
|
||||||
|
|
||||||
# test that netns-exec can not be executed by users that are not operator
|
# test that netns-exec can not be executed by users that are not operator
|
||||||
machine.fail("sudo -u clightning netns-exec nb-bitcoind ip a")
|
machine.fail("sudo -u clightning netns-exec nb-bitcoind ip a")
|
||||||
|
|
||||||
|
|
||||||
|
extra_tests = {
|
||||||
|
"electrs": electrs,
|
||||||
|
"spark-wallet": spark_wallet,
|
||||||
|
"lightning-charge": lightning_charge,
|
||||||
|
"nanopos": nanopos,
|
||||||
|
"web-index": web_index,
|
||||||
|
"post-clightning": post_clightning,
|
||||||
|
}
|
||||||
|
|
||||||
|
run_tests(extra_tests)
|
||||||
|
Loading…
Reference in New Issue
Block a user