tests: Adjusted files not directly related to tests

`tls.bash` helper was adapted to the new helper scripts location. The `setup.bash` helper saw a bugfix (expanding the array properly) and updates the container default config to configure for IPv4 explicitly. The IPv4 default was added after recent Docker pushes and I saw weird IPv6 related errors in the logs.. now we're sure IPv4 is the default during tests. Added functionality to check if a process is running: - This change adds a helper function to check whether a program is running inside a container or not. - This added the need for a function like `_run_in_container` but allowing for providing an explicit container name. - Future PRs can use this helper function now to check whether a process is running or not. This was done for the tests of Fail2Ban, but can be used for other tests in the future as well. --- chore: Restructured BATS flags in `Makefile` The `Makefile` has seen a bit of a restructuring when it comes to flags: 1. The `MAKEFLAGS` variables is used by `make`, and allows for adding additional flags that can be used within in recursive calls (via `$(MAKE)`) too, thus DRY approach. 2. The flags for calling BATS were adjusted. `--no-parallelize-within-files` has been added as well to ensure tests _inside_ a single file are run sequentially. `dms-test` prefix matching changed to expect a `_` suffix as a delimiter. --- docs: Add a note regarding output from running tests in parallel
2025-08-08 23:06:49 +02:00 · 2023-01-03 19:00:13 +13:00
parent a81de22819
commit 306592fcad
5 changed files with 50 additions and 24 deletions
--- a/test/helper/tls.bash
+++ b/test/helper/tls.bash
@ -1,21 +1,17 @@
 #!/bin/bash

-load "${REPOSITORY_ROOT}/test/test_helper/common"
+load "${REPOSITORY_ROOT}/test/helper/common"

-# Helper methods for testing TLS.
 # `_should_*` methods are useful for common high-level functionality.

-
 # ? --------------------------------------------- Negotiate TLS

-
 # For certs actually provisioned from LetsEncrypt the Root CA cert should not need to be provided,
 # as it would already be available by default in `/etc/ssl/certs`, requiring only the cert chain (fullchain.pem).
 function _should_succesfully_negotiate_tls() {
  local FQDN=${1}
-  local CONTAINER_NAME=${2:-${TEST_NAME}}
  # shellcheck disable=SC2031
-  local CA_CERT=${3:-${TEST_CA_CERT}}
+  local CA_CERT=${2:-${TEST_CA_CERT}}

  # Postfix and Dovecot are ready:
  wait_for_smtp_port_in_container_to_respond "${CONTAINER_NAME}"
@ -36,9 +32,8 @@ function _should_succesfully_negotiate_tls() {
 function _negotiate_tls() {
  local FQDN=${1}
  local PORT=${2}
-  local CONTAINER_NAME=${3:-${TEST_NAME}}
  # shellcheck disable=SC2031
-  local CA_CERT=${4:-${TEST_CA_CERT}}
+  local CA_CERT=${3:-${TEST_CA_CERT}}

  local CMD_OPENSSL_VERIFY
  CMD_OPENSSL_VERIFY=$(_generate_openssl_cmd "${PORT}")
@ -83,7 +78,6 @@ function _generate_openssl_cmd() {
  echo "${CMD_OPENSSL} ${EXTRA_ARGS} 2>/dev/null"
 }

-
 # ? --------------------------------------------- Verify FQDN

 function _get_fqdn_match_query() {
@ -115,9 +109,8 @@ function escape_fqdn() {
 function _get_fqdns_for_cert() {
  local FQDN=${1}
  local PORT=${2:-'25'}
-  local CONTAINER_NAME=${3:-${TEST_NAME}}
  # shellcheck disable=SC2031
-  local CA_CERT=${4:-${TEST_CA_CERT}}
+  local CA_CERT=${3:-${TEST_CA_CERT}}

  # `-servername` is for SNI, where the port may be for a service that serves multiple certs,
  # and needs a specific FQDN to return the correct cert. Such as a reverse-proxy.