tests: add post-clightning extra tests to scenarios

This commit is contained in:
Jonas Nick 2020-08-02 22:02:09 +00:00
parent 5fa0602a18
commit 5c0170c6b8
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
3 changed files with 51 additions and 47 deletions

View File

@ -25,12 +25,17 @@ def web_index():
assert_matches("curl -L localhost/store", "tshirt")
def post_clightning():
pass
extra_tests = {
"electrs": electrs,
"spark-wallet": spark_wallet,
"lightning-charge": lightning_charge,
"nanopos": nanopos,
"web-index": web_index,
"post-clightning": post_clightning,
}
run_tests(extra_tests)

View File

@ -113,6 +113,8 @@ def run_tests(extra_tests):
)
assert_no_failure("bitcoind-import-banlist")
extra_tests.pop("post-clightning")()
### Test lnd
stopped_services = "nanopos lightning-charge spark-wallet clightning"
@ -131,9 +133,5 @@ def run_tests(extra_tests):
log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
)
### Stop lnd and restart clightning
succeed("systemctl stop lnd")
succeed("systemctl start " + stopped_services)
### Check that all extra_tests have been run
assert len(extra_tests) == 0

View File

@ -10,7 +10,7 @@ nanopos_ip = "169.254.1.19"
recurringdonations_ip = "169.254.1.20"
nginx_ip = "169.254.1.21"
## electrs
def electrs():
machine.wait_until_succeeds(
"ip netns exec nb-electrs nc -z localhost 4224"
@ -46,33 +46,22 @@ def web_index():
assert_matches("ip netns exec nb-nginx curl -L localhost/store", "tshirt")
extra_tests = {
"electrs": electrs,
"spark-wallet": spark_wallet,
"lightning-charge": lightning_charge,
"nanopos": nanopos,
"web-index": web_index,
}
def post_clightning():
ping_bitcoind = "ip netns exec nb-bitcoind ping -c 1 -w 1"
ping_nanopos = "ip netns exec nb-nanopos ping -c 1 -w 1"
run_tests(extra_tests)
### Security tests
ping_bitcoind = "ip netns exec nb-bitcoind ping -c 1 -w 1"
ping_nanopos = "ip netns exec nb-nanopos ping -c 1 -w 1"
# Positive ping tests (non-exhaustive)
machine.succeed(
# Positive ping tests (non-exhaustive)
machine.succeed(
"%s %s &&" % (ping_bitcoind, bitcoind_ip)
+ "%s %s &&" % (ping_bitcoind, clightning_ip)
+ "%s %s &&" % (ping_bitcoind, liquidd_ip)
+ "%s %s &&" % (ping_nanopos, lightningcharge_ip)
+ "%s %s &&" % (ping_nanopos, nanopos_ip)
+ "%s %s" % (ping_nanopos, nginx_ip)
)
)
# Negative ping tests (non-exhaustive)
machine.fail(
# Negative ping tests (non-exhaustive)
machine.fail(
"%s %s ||" % (ping_bitcoind, sparkwallet_ip)
+ "%s %s ||" % (ping_bitcoind, lightningcharge_ip)
+ "%s %s ||" % (ping_bitcoind, nanopos_ip)
@ -85,15 +74,27 @@ machine.fail(
+ "%s %s ||" % (ping_nanopos, electrs_ip)
+ "%s %s ||" % (ping_nanopos, sparkwallet_ip)
+ "%s %s" % (ping_nanopos, recurringdonations_ip)
)
)
# test that netns-exec can't be run for unauthorized namespace
machine.fail("netns-exec nb-electrs ip a")
# test that netns-exec can't be run for unauthorized namespace
machine.fail("netns-exec nb-electrs ip a")
# test that netns-exec drops capabilities
assert_matches_exactly(
# test that netns-exec drops capabilities
assert_matches_exactly(
"su operator -c 'netns-exec nb-bitcoind capsh --print | grep Current '", "Current: =\n"
)
)
# test that netns-exec can not be executed by users that are not operator
machine.fail("sudo -u clightning netns-exec nb-bitcoind ip a")
# test that netns-exec can not be executed by users that are not operator
machine.fail("sudo -u clightning netns-exec nb-bitcoind ip a")
extra_tests = {
"electrs": electrs,
"spark-wallet": spark_wallet,
"lightning-charge": lightning_charge,
"nanopos": nanopos,
"web-index": web_index,
"post-clightning": post_clightning,
}
run_tests(extra_tests)