tests: create run_tests() function in the scenario lib

This commit is contained in:
Jonas Nick 2020-08-02 21:20:51 +00:00
parent 3d2b366156
commit 6f9349b0a4
No known key found for this signature in database
GPG Key ID: 4861DBF262123605
3 changed files with 81 additions and 73 deletions

View File

@ -1,3 +1,5 @@
run_tests()
## electrs ## electrs
# the main test body stops electrs # the main test body stops electrs
succeed("systemctl start electrs") succeed("systemctl start electrs")
@ -5,10 +7,12 @@ machine.wait_for_open_port(4224) # prometeus metrics provider
## spark-wallet ## spark-wallet
machine.wait_for_open_port(9737) machine.wait_for_open_port(9737)
spark_auth = re.search("login=(.*)", succeed("cat /secrets/spark-wallet-login"))[1]
assert_matches(f"curl -s {spark_auth}@localhost:9737", "Spark") assert_matches(f"curl -s {spark_auth}@localhost:9737", "Spark")
## lightning-charge ## lightning-charge
machine.wait_for_open_port(9112) machine.wait_for_open_port(9112)
charge_auth = re.search("API_TOKEN=(.*)", succeed("cat /secrets/lightning-charge-env"))[1]
assert_matches(f"curl -s api-token:{charge_auth}@localhost:9112/info | jq", '"id"') assert_matches(f"curl -s api-token:{charge_auth}@localhost:9112/info | jq", '"id"')
## nanopos ## nanopos

View File

@ -35,96 +35,96 @@ if "is_interactive" in vars():
### Tests ### Tests
assert_running("setup-secrets")
# Unused secrets should be inaccessible
succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')
assert_running("bitcoind") def run_tests():
machine.wait_until_succeeds("bitcoin-cli getnetworkinfo") assert_running("setup-secrets")
assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' | jq", '"version"') # Unused secrets should be inaccessible
# Test RPC Whitelist succeed('[[ $(stat -c "%U:%G %a" /secrets/dummy) = "root:root 440" ]]')
machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")
# Restating rpcuser & rpcpassword overrides privileged credentials
machine.fail(
"bitcoin-cli -rpcuser=publicrpc -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"
)
machine.wait_until_succeeds(
log_has_string("bitcoind", "RPC User publicrpc not allowed to call method help")
)
assert_running("electrs") assert_running("bitcoind")
# Check RPC connection to bitcoind machine.wait_until_succeeds("bitcoin-cli getnetworkinfo")
machine.wait_until_succeeds(log_has_string("electrs", "NetworkInfo")) assert_matches("su operator -c 'bitcoin-cli getnetworkinfo' | jq", '"version"')
assert_running("nginx") # Test RPC Whitelist
# Stop electrs from spamming the test log with 'wait for bitcoind sync' messages machine.wait_until_succeeds("su operator -c 'bitcoin-cli help'")
succeed("systemctl stop electrs") # Restating rpcuser & rpcpassword overrides privileged credentials
machine.fail(
"bitcoin-cli -rpcuser=publicrpc -rpcpassword=$(cat /secrets/bitcoin-rpcpassword-public) help"
)
machine.wait_until_succeeds(
log_has_string("bitcoind", "RPC User publicrpc not allowed to call method help")
)
assert_running("liquidd") assert_running("electrs")
machine.wait_until_succeeds("elements-cli getnetworkinfo") # Check RPC connection to bitcoind
assert_matches("su operator -c 'elements-cli getnetworkinfo' | jq", '"version"') machine.wait_until_succeeds(log_has_string("electrs", "NetworkInfo"))
succeed("su operator -c 'liquidswap-cli --help'") assert_running("nginx")
# Stop electrs from spamming the test log with 'wait for bitcoind sync' messages
succeed("systemctl stop electrs")
assert_running("clightning") assert_running("liquidd")
assert_matches("su operator -c 'lightning-cli getinfo' | jq", '"id"') machine.wait_until_succeeds("elements-cli getnetworkinfo")
assert_matches("su operator -c 'elements-cli getnetworkinfo' | jq", '"version"')
succeed("su operator -c 'liquidswap-cli --help'")
assert_running("spark-wallet") assert_running("clightning")
spark_auth = re.search("login=(.*)", succeed("cat /secrets/spark-wallet-login"))[1] assert_matches("su operator -c 'lightning-cli getinfo' | jq", '"id"')
assert_running("lightning-charge") assert_running("spark-wallet")
charge_auth = re.search("API_TOKEN=(.*)", succeed("cat /secrets/lightning-charge-env"))[1]
assert_running("nanopos") assert_running("lightning-charge")
assert_running("onion-chef") assert_running("nanopos")
# FIXME: use 'wait_for_unit' because 'create-web-index' always fails during startup due assert_running("onion-chef")
# to incomplete unit dependencies.
# 'create-web-index' implicitly tests 'nodeinfo'.
machine.wait_for_unit("create-web-index")
machine.wait_until_succeeds(log_has_string("bitcoind-import-banlist", "Importing node banlist")) # FIXME: use 'wait_for_unit' because 'create-web-index' always fails during startup due
assert_no_failure("bitcoind-import-banlist") # to incomplete unit dependencies.
# 'create-web-index' implicitly tests 'nodeinfo'.
machine.wait_for_unit("create-web-index")
# test that `systemctl status` can't leak credentials machine.wait_until_succeeds(log_has_string("bitcoind-import-banlist", "Importing node banlist"))
assert_matches( assert_no_failure("bitcoind-import-banlist")
"sudo -u electrs systemctl status clightning 2>&1 >/dev/null",
"Failed to dump process list for 'clightning.service', ignoring: Access denied",
)
machine.succeed("grep -Fq hidepid=2 /proc/mounts")
### Additional tests # test that `systemctl status` can't leak credentials
assert_matches(
"sudo -u electrs systemctl status clightning 2>&1 >/dev/null",
"Failed to dump process list for 'clightning.service', ignoring: Access denied",
)
machine.succeed("grep -Fq hidepid=2 /proc/mounts")
# Current time in µs ### Additional tests
pre_restart = succeed("date +%s.%6N").rstrip()
# Sanity-check system by restarting all services # Current time in µs
succeed("systemctl restart bitcoind clightning spark-wallet lightning-charge nanopos liquidd") pre_restart = succeed("date +%s.%6N").rstrip()
# Now that the bitcoind restart triggered a banlist import restart, check that # Sanity-check system by restarting all services
# re-importing already banned addresses works succeed("systemctl restart bitcoind clightning spark-wallet lightning-charge nanopos liquidd")
machine.wait_until_succeeds(
log_has_string(f"bitcoind-import-banlist --since=@{pre_restart}", "Importing node banlist")
)
assert_no_failure("bitcoind-import-banlist")
### Test lnd # Now that the bitcoind restart triggered a banlist import restart, check that
# re-importing already banned addresses works
machine.wait_until_succeeds(
log_has_string(f"bitcoind-import-banlist --since=@{pre_restart}", "Importing node banlist")
)
assert_no_failure("bitcoind-import-banlist")
stopped_services = "nanopos lightning-charge spark-wallet clightning" ### Test lnd
succeed("systemctl stop " + stopped_services)
succeed("systemctl start lnd")
assert_matches("su operator -c 'lncli getinfo' | jq", '"version"')
assert_no_failure("lnd")
### Test loopd stopped_services = "nanopos lightning-charge spark-wallet clightning"
succeed("systemctl stop " + stopped_services)
succeed("systemctl start lnd")
assert_matches("su operator -c 'lncli getinfo' | jq", '"version"')
assert_no_failure("lnd")
succeed("systemctl start lightning-loop") ### Test loopd
assert_matches("su operator -c 'loop --version'", "version")
# Check that lightning-loop fails with the right error, making sure
# lightning-loop can connect to lnd
machine.wait_until_succeeds(
log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
)
### Stop lnd and restart clightning succeed("systemctl start lightning-loop")
succeed("systemctl stop lnd") assert_matches("su operator -c 'loop --version'", "version")
succeed("systemctl start " + stopped_services) # Check that lightning-loop fails with the right error, making sure
# lightning-loop can connect to lnd
machine.wait_until_succeeds(
log_has_string("lightning-loop", "chain notifier RPC isstill in the process of starting")
)
### Stop lnd and restart clightning
succeed("systemctl stop lnd")
succeed("systemctl start " + stopped_services)

View File

@ -1,3 +1,5 @@
run_tests()
# netns IP addresses # netns IP addresses
bitcoind_ip = "169.254.1.12" bitcoind_ip = "169.254.1.12"
clightning_ip = "169.254.1.13" clightning_ip = "169.254.1.13"
@ -19,12 +21,14 @@ machine.wait_until_succeeds(
## spark-wallet ## spark-wallet
machine.wait_until_succeeds("ip netns exec nb-spark-wallet nc -z %s 9737" % sparkwallet_ip) machine.wait_until_succeeds("ip netns exec nb-spark-wallet nc -z %s 9737" % sparkwallet_ip)
spark_auth = re.search("login=(.*)", succeed("cat /secrets/spark-wallet-login"))[1]
assert_matches( assert_matches(
f"ip netns exec nb-spark-wallet curl -s {spark_auth}@%s:9737" % sparkwallet_ip, "Spark" f"ip netns exec nb-spark-wallet curl -s {spark_auth}@%s:9737" % sparkwallet_ip, "Spark"
) )
## lightning-charge ## lightning-charge
machine.wait_until_succeeds("ip netns exec nb-nanopos nc -z %s 9112" % lightningcharge_ip) machine.wait_until_succeeds("ip netns exec nb-nanopos nc -z %s 9112" % lightningcharge_ip)
charge_auth = re.search("API_TOKEN=(.*)", succeed("cat /secrets/lightning-charge-env"))[1]
assert_matches( assert_matches(
f"ip netns exec nb-nanopos curl -s api-token:{charge_auth}@%s:9112/info | jq" f"ip netns exec nb-nanopos curl -s api-token:{charge_auth}@%s:9112/info | jq"
% lightningcharge_ip, % lightningcharge_ip,