From 0831c666891506d26cf6b4730c88c2e900121d6a Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 28 Aug 2020 21:14:00 +0200 Subject: nat: T2813: translation address is mandatory if rule is not excluded --- smoketest/scripts/cli/test_nat.py | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index 416810e40..b06fa239d 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -23,6 +23,8 @@ from vyos.configsession import ConfigSession, ConfigSessionError from vyos.util import cmd base_path = ['nat'] +source_path = base_path + ['source'] + snat_pattern = 'nftables[?rule].rule[?chain].{chain: chain, comment: comment, address: { network: expr[].match.right.prefix.addr | [0], prefix: expr[].match.right.prefix.len | [0]}}' class TestNAT(unittest.TestCase): @@ -39,16 +41,15 @@ class TestNAT(unittest.TestCase): def test_source_nat(self): """ Configure and validate source NAT rule(s) """ - path = base_path + ['source'] network = '192.168.0.0/16' - self.session.set(path + ['rule', '1', 'destination', 'address', network]) - self.session.set(path + ['rule', '1', 'exclude']) + self.session.set(source_path + ['rule', '1', 'destination', 'address', network]) + self.session.set(source_path + ['rule', '1', 'exclude']) # check validate() - outbound-interface must be defined with self.assertRaises(ConfigSessionError): self.session.commit() - self.session.set(path + ['rule', '1', 'outbound-interface', 'any']) + self.session.set(source_path + ['rule', '1', 'outbound-interface', 'any']) self.session.commit() tmp = cmd('sudo nft -j list table nat') @@ -59,5 +60,15 @@ class TestNAT(unittest.TestCase): self.assertEqual(condensed_json['address']['network'], network.split('/')[0]) self.assertEqual(str(condensed_json['address']['prefix']), network.split('/')[1]) + + def test_validation(self): + """ T2813: Ensure translation address is specified """ + self.session.set(source_path + ['rule', '100', 'outbound-interface', 'eth0']) + + # check validate() - translation address not specified + with self.assertRaises(ConfigSessionError): + self.session.commit() + + if __name__ == '__main__': unittest.main() -- cgit v1.2.3 From 1e632d7d01f6d418754ee62d3b154ee50ec842f2 Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Sun, 30 Aug 2020 13:05:36 -0500 Subject: https: add simple smoketest to check nginx config integrity --- smoketest/scripts/cli/test_service_https.py | 61 +++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100755 smoketest/scripts/cli/test_service_https.py (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/test_service_https.py b/smoketest/scripts/cli/test_service_https.py new file mode 100755 index 000000000..5f073b6d2 --- /dev/null +++ b/smoketest/scripts/cli/test_service_https.py @@ -0,0 +1,61 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2019-2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import unittest + +from vyos.configsession import ConfigSession +from vyos.util import run + +base_path = ['service', 'https'] + +class TestHTTPSService(unittest.TestCase): + def setUp(self): + self.session = ConfigSession(os.getpid()) + # ensure we can also run this test on a live system - so lets clean + # out the current configuration :) + self.session.delete(base_path) + + def tearDown(self): + self.session.delete(base_path) + self.session.commit() + + def test_default(self): + self.session.set(base_path) + self.session.commit() + + ret = run('sudo /usr/sbin/nginx -t') + self.assertEqual(ret, 0) + + def test_server_block(self): + vhost_id = 'example' + address = '0.0.0.0' + port = '8443' + name = 'example.org' + + test_path = base_path + ['virtual-host', vhost_id] + + self.session.set(test_path + ['listen-address', address]) + self.session.set(test_path + ['listen-port', port]) + self.session.set(test_path + ['server-name', name]) + + self.session.commit() + + ret = run('sudo /usr/sbin/nginx -t') + self.assertEqual(ret, 0) + +if __name__ == '__main__': + unittest.main() -- cgit v1.2.3 From 050f16e5c92ebb341913942ebedc6fa0c2c677bf Mon Sep 17 00:00:00 2001 From: John Estabrook Date: Fri, 28 Aug 2020 15:50:44 -0500 Subject: configd: T2808: add smoketest to ensure script consistency with daemon --- smoketest/scripts/cli/test_configd_inspect.py | 107 ++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100755 smoketest/scripts/cli/test_configd_inspect.py (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/test_configd_inspect.py b/smoketest/scripts/cli/test_configd_inspect.py new file mode 100755 index 000000000..5181187e9 --- /dev/null +++ b/smoketest/scripts/cli/test_configd_inspect.py @@ -0,0 +1,107 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import json +import unittest +import warnings +import importlib.util +from inspect import signature, getsource +from functools import wraps + +from vyos.defaults import directories + +INC_FILE = '/usr/share/vyos/configd-include.json' +CONF_DIR = directories['conf_mode'] + +f_list = ['get_config', 'verify', 'generate', 'apply'] + +def import_script(s): + path = os.path.join(CONF_DIR, s) + name = os.path.splitext(s)[0].replace('-', '_') + spec = importlib.util.spec_from_file_location(name, path) + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) + return module + +# importing conf_mode scripts imports jinja2 with deprecation warning +def ignore_deprecation_warning(f): + @wraps(f) + def decorated_function(*args, **kwargs): + with warnings.catch_warnings(): + warnings.simplefilter("ignore") + f(*args, **kwargs) + return decorated_function + +class TestConfigdInclude(unittest.TestCase): + def setUp(self): + with open(INC_FILE) as f: + self.inc_list = json.load(f) + + @ignore_deprecation_warning + def test_signatures(self): + for s in self.inc_list: + m = import_script(s) + for i in f_list: + f = getattr(m, i, None) + if not f: + continue + sig = signature(f) + par = sig.parameters + l = len(par) + self.assertEqual(l, 1, + f"'{s}': '{i}' incorrect signature") + if i == 'get_config': + for p in par.values(): + self.assertTrue(p.default is None, + f"'{s}': '{i}' incorrect signature") + + @ignore_deprecation_warning + def test_function_instance(self): + for s in self.inc_list: + m = import_script(s) + for i in f_list: + f = getattr(m, i, None) + if not f: + continue + str_f = getsource(f) + n = str_f.count('Config()') + if i == 'get_config': + self.assertEqual(n, 1, + f"'{s}': '{i}' no instance of Config") + if i != 'get_config': + self.assertEqual(n, 0, + f"'{s}': '{i}' instance of Config") + + @ignore_deprecation_warning + def test_file_instance(self): + for s in self.inc_list: + m = import_script(s) + str_m = getsource(m) + n = str_m.count('Config()') + self.assertEqual(n, 1, + f"'{s}' more than one instance of Config") + + @ignore_deprecation_warning + def test_config_modification(self): + for s in self.inc_list: + m = import_script(s) + str_m = getsource(m) + n = str_m.count('my_set') + self.assertEqual(n, 0, f"'{s}' modifies config") + +if __name__ == '__main__': + unittest.main() -- cgit v1.2.3 From 0952b62baf878a9d4abcfc777beaa19c1cf9e47b Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Tue, 1 Sep 2020 07:35:07 +0200 Subject: T2636: ssh: add smoketest for XML defaultValue node --- smoketest/scripts/cli/test_service_ssh.py | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/test_service_ssh.py b/smoketest/scripts/cli/test_service_ssh.py index 3ee498f3d..1038b8775 100755 --- a/smoketest/scripts/cli/test_service_ssh.py +++ b/smoketest/scripts/cli/test_service_ssh.py @@ -30,6 +30,9 @@ def get_config_value(key): tmp = re.findall(r'\n?{}\s+(.*)'.format(key), tmp) return tmp +def is_service_running(): + return 'sshd' in (p.name() for p in process_iter()) + class TestServiceSSH(unittest.TestCase): def setUp(self): self.session = ConfigSession(os.getpid()) @@ -46,6 +49,21 @@ class TestServiceSSH(unittest.TestCase): self.session.commit() del self.session + def test_ssh_default(self): + """ Check if SSH service runs with default settings - used for checking + behavior of in XML definition """ + self.session.set(base_path) + + # commit changes + self.session.commit() + + # Check configured port + port = get_config_value('Port')[0] + self.assertEqual('22', port) + + # Check for running process + self.assertTrue(is_service_running()) + def test_ssh_single(self): """ Check if SSH service can be configured and runs """ self.session.set(base_path + ['port', '1234']) @@ -83,7 +101,7 @@ class TestServiceSSH(unittest.TestCase): self.assertTrue("100" in keepalive) # Check for running process - self.assertTrue("sshd" in (p.name() for p in process_iter())) + self.assertTrue(is_service_running()) def test_ssh_multi(self): """ Check if SSH service can be configured and runs with multiple @@ -110,7 +128,7 @@ class TestServiceSSH(unittest.TestCase): self.assertIn(address, tmp) # Check for running process - self.assertTrue("sshd" in (p.name() for p in process_iter())) + self.assertTrue(is_service_running()) if __name__ == '__main__': unittest.main() -- cgit v1.2.3