docker-mailserver/test/helper/common.bash

256 lines
8.2 KiB
Bash
Raw Normal View History

#!/bin/bash
function __load_bats_helper() {
load "${REPOSITORY_ROOT}/test/test_helper/bats-support/load"
load "${REPOSITORY_ROOT}/test/test_helper/bats-assert/load"
}
__load_bats_helper
# -------------------------------------------------------------------
# like _run_in_container_explicit but infers ${1} by using the ENV CONTAINER_NAME
refactor: Parallel Tests - `disabled_clamav_spamassassin`: - Just shuffling the test order around, and removing the restart test at the end which doesn't make sense. - `postscreen`: - Now uses common helper for getting container IP - Does not appear to need the `NET_ADMIN` capability? - Reduced startup time for the 2nd container + additional context about it's relevance. - Test cases are largely the same, but refactored the `nc` alternative that properly waits it's turn. This only needs to run once. Added additional commentary and made into a generic method if needed in other tests. - `fail2ban`: - Use the common container IP helper method. - Postscreen isn't affecting this test, it's not required to do the much slower exchange with the mail server when sending a login failure. - IP being passed into ENV is no longer necessary. - `sleep 5` in the related test cases doesn't seem necessary, can better rely on polling with timeout. - `sleep 10` for `setup.sh` also doesn't appear to be necessary. - `postgrey`: - Reduced POSTGREY_DELAY to 3, which shaves a fair amount of wasted time while still verifying the delay works. - One of the checks in `main.cf` doesn't seem to need to know about the earlier spamhaus portion of the line to work, removed. - Better test case descriptions. - Improved log matching via standard method that better documents the expected triplet under test. - Removed a redundant whitelist file and test that didn't seem to have any relevance. Added a TODO with additional notes about a concern with these tests. - Reduced test time as 8 second timeouts from `-w 8` don't appear to be required, better to poll with grep instead. - Replaced `wc -l` commands with a new method to assert expected line count, better enabling assertions on the actual output. - `undef_spam_subject`: - Split to two separate test cases, and initialize each container in their case instead of `setup_file()`, allowing for using the default `teardown()` method (and slight benefit if running in parallel). - `permit_docker`: - Not a parallel test, but I realized that the repeat helper methods don't necessarily play well with `run` as the command (can cause false positive of what was successful).
2023-01-03 06:11:36 +00:00
# WARNING: Careful using this with _until_success_or_timeout methods,
# which can be misleading in the success of `run`, not the command given to `run`.
function _run_in_container() {
run docker exec "${CONTAINER_NAME}" "${@}"
}
# @param ${1} container name [REQUIRED]
# @param ... command to execute
function _run_in_container_explicit() {
local CONTAINER_NAME=${1:?Container name must be given when using explicit}
shift 1
run docker exec "${CONTAINER_NAME}" "${@}"
}
function _default_teardown() {
docker rm -f "${CONTAINER_NAME}"
}
function _reload_postfix() {
local CONTAINER_NAME=${1:-${CONTAINER_NAME}}
# Reloading Postfix config after modifying it in <2 sec will cause Postfix to delay, workaround that:
docker exec "${CONTAINER_NAME}" touch -d '2 seconds ago' /etc/postfix/main.cf
docker exec "${CONTAINER_NAME}" postfix reload
}
# -------------------------------------------------------------------
# @param ${1} program name [REQUIRED]
# @param ${2} container name [IF UNSET: ${CONTAINER_NAME}]
function check_if_process_is_running() {
local PROGRAM_NAME=${1:?Program name must be provided explicitly}
local CONTAINER_NAME=${2:-${CONTAINER_NAME}}
docker exec "${CONTAINER_NAME}" pgrep "${PROGRAM_NAME}"
}
refactor: Parallel Tests - `disabled_clamav_spamassassin`: - Just shuffling the test order around, and removing the restart test at the end which doesn't make sense. - `postscreen`: - Now uses common helper for getting container IP - Does not appear to need the `NET_ADMIN` capability? - Reduced startup time for the 2nd container + additional context about it's relevance. - Test cases are largely the same, but refactored the `nc` alternative that properly waits it's turn. This only needs to run once. Added additional commentary and made into a generic method if needed in other tests. - `fail2ban`: - Use the common container IP helper method. - Postscreen isn't affecting this test, it's not required to do the much slower exchange with the mail server when sending a login failure. - IP being passed into ENV is no longer necessary. - `sleep 5` in the related test cases doesn't seem necessary, can better rely on polling with timeout. - `sleep 10` for `setup.sh` also doesn't appear to be necessary. - `postgrey`: - Reduced POSTGREY_DELAY to 3, which shaves a fair amount of wasted time while still verifying the delay works. - One of the checks in `main.cf` doesn't seem to need to know about the earlier spamhaus portion of the line to work, removed. - Better test case descriptions. - Improved log matching via standard method that better documents the expected triplet under test. - Removed a redundant whitelist file and test that didn't seem to have any relevance. Added a TODO with additional notes about a concern with these tests. - Reduced test time as 8 second timeouts from `-w 8` don't appear to be required, better to poll with grep instead. - Replaced `wc -l` commands with a new method to assert expected line count, better enabling assertions on the actual output. - `undef_spam_subject`: - Split to two separate test cases, and initialize each container in their case instead of `setup_file()`, allowing for using the default `teardown()` method (and slight benefit if running in parallel). - `permit_docker`: - Not a parallel test, but I realized that the repeat helper methods don't necessarily play well with `run` as the command (can cause false positive of what was successful).
2023-01-03 06:11:36 +00:00
# @param ${1} target container name [IF UNSET: ${CONTAINER_NAME}]
function get_container_ip() {
local TARGET_CONTAINER_NAME=${1:-${CONTAINER_NAME}}
docker inspect --format '{{ .NetworkSettings.IPAddress }}' "${TARGET_CONTAINER_NAME}"
}
# -------------------------------------------------------------------
# @param ${1} timeout
# @param --fatal-test <command eval string> additional test whose failure aborts immediately
# @param ... test to run
function repeat_until_success_or_timeout {
local FATAL_FAILURE_TEST_COMMAND
if [[ "${1}" == "--fatal-test" ]]; then
FATAL_FAILURE_TEST_COMMAND="${2}"
shift 2
fi
if ! [[ "${1}" =~ ^[0-9]+$ ]]; then
echo "First parameter for timeout must be an integer, received \"${1}\""
return 1
fi
local TIMEOUT=${1}
local STARTTIME=${SECONDS}
shift 1
until "${@}"
do
if [[ -n ${FATAL_FAILURE_TEST_COMMAND} ]] && ! eval "${FATAL_FAILURE_TEST_COMMAND}"; then
echo "\`${FATAL_FAILURE_TEST_COMMAND}\` failed, early aborting repeat_until_success of \`${*}\`" >&2
return 1
fi
sleep 1
if [[ $(( SECONDS - STARTTIME )) -gt ${TIMEOUT} ]]; then
echo "Timed out on command: ${*}" >&2
return 1
fi
done
}
# like repeat_until_success_or_timeout but with wrapping the command to run into `run` for later bats consumption
# @param ${1} timeout
# @param ... test command to run
function run_until_success_or_timeout {
if ! [[ ${1} =~ ^[0-9]+$ ]]; then
echo "First parameter for timeout must be an integer, received \"${1}\""
return 1
fi
local TIMEOUT=${1}
local STARTTIME=${SECONDS}
shift 1
until run "${@}" && [[ $status -eq 0 ]]
do
sleep 1
if (( SECONDS - STARTTIME > TIMEOUT )); then
echo "Timed out on command: ${*}" >&2
return 1
fi
done
}
# @param ${1} timeout
# @param ${2} container name
# @param ... test command for container
function repeat_in_container_until_success_or_timeout() {
local TIMEOUT="${1}"
local CONTAINER_NAME="${2}"
shift 2
repeat_until_success_or_timeout --fatal-test "container_is_running ${CONTAINER_NAME}" "${TIMEOUT}" docker exec "${CONTAINER_NAME}" "${@}"
}
function container_is_running() {
[[ "$(docker inspect -f '{{.State.Running}}' "${1}")" == "true" ]]
}
# @param ${1} port
# @param ${2} container name
function wait_for_tcp_port_in_container() {
repeat_until_success_or_timeout --fatal-test "container_is_running ${2}" "${TEST_TIMEOUT_IN_SECONDS}" docker exec "${2}" /bin/sh -c "nc -z 0.0.0.0 ${1}"
}
# @param ${1} name of the postfix container
function wait_for_smtp_port_in_container() {
wait_for_tcp_port_in_container 25 "${1}"
}
# @param ${1} name of the postfix container
function wait_for_smtp_port_in_container_to_respond() {
local COUNT=0
until [[ $(docker exec "${1}" timeout 10 /bin/sh -c "echo QUIT | nc localhost 25") == *"221 2.0.0 Bye"* ]]; do
if [[ $COUNT -eq 20 ]]
then
echo "Unable to receive a valid response from 'nc localhost 25' within 20 seconds"
return 1
fi
sleep 1
((COUNT+=1))
done
}
# @param ${1} name of the postfix container
function wait_for_amavis_port_in_container() {
wait_for_tcp_port_in_container 10024 "${1}"
}
# get the private config path for the given container or test file, if no container name was given
function private_config_path() {
echo "${PWD}/test/duplicate_configs/${1:-$(basename "${BATS_TEST_FILENAME}")}"
}
function container_has_service_running() {
local CONTAINER_NAME="${1}"
local SERVICE_NAME="${2}"
docker exec "${CONTAINER_NAME}" /usr/bin/supervisorctl status "${SERVICE_NAME}" | grep RUNNING >/dev/null
}
function wait_for_service() {
local CONTAINER_NAME="${1}"
local SERVICE_NAME="${2}"
repeat_until_success_or_timeout --fatal-test "container_is_running ${CONTAINER_NAME}" "${TEST_TIMEOUT_IN_SECONDS}" \
container_has_service_running "${CONTAINER_NAME}" "${SERVICE_NAME}"
}
function wait_for_changes_to_be_detected_in_container() {
local CONTAINER_NAME="${1}"
local TIMEOUT=${TEST_TIMEOUT_IN_SECONDS}
# shellcheck disable=SC2016
repeat_in_container_until_success_or_timeout "${TIMEOUT}" "${CONTAINER_NAME}" bash -c 'source /usr/local/bin/helpers/index.sh; _obtain_hostname_and_domainname; cmp --silent -- <(_monitored_files_checksums) "${CHKSUM_FILE}" >/dev/null'
}
# NOTE: Relies on ENV `LOG_LEVEL=debug` or higher
function wait_until_change_detection_event_completes() {
local CONTAINER_NAME="${1}"
# Ensure early failure if arg is missing:
assert_not_equal "${CONTAINER_NAME}" ""
# Ensure the container is configured with the required `LOG_LEVEL` ENV:
assert_regex \
$(docker exec "${CONTAINER_NAME}" env | grep '^LOG_LEVEL=') \
'=(debug|trace)$'
# NOTE: Change events can start and finish all within < 1 sec,
# Reliably track the completion of a change event by comparing the before/after count:
function __change_event_count() {
docker exec "${CONTAINER_NAME}" grep --count "${CHANGE_EVENT_END}" /var/log/supervisor/changedetector.log
}
function __is_changedetector_finished() {
[[ $(__change_event_count) -gt "${NUM_CHANGE_EVENTS_BEFORE}" ]]
}
# Count by completions of this debug log line from `check-for-changes.sh`:
local CHANGE_EVENT_END='Completed handling of detected change'
local NUM_CHANGE_EVENTS_BEFORE=$(__change_event_count)
repeat_until_success_or_timeout 60 __is_changedetector_finished
}
# An account added to `postfix-accounts.cf` must wait for the `changedetector` service
# to process the update before Dovecot creates the mail account and associated storage dir:
function wait_until_account_maildir_exists() {
local CONTAINER_NAME=$1
local MAIL_ACCOUNT=$2
local LOCAL_PART="${MAIL_ACCOUNT%@*}"
local DOMAIN_PART="${MAIL_ACCOUNT#*@}"
local MAIL_ACCOUNT_STORAGE_DIR="/var/mail/${DOMAIN_PART}/${LOCAL_PART}"
repeat_in_container_until_success_or_timeout 60 "${CONTAINER_NAME}" bash -c "[[ -d ${MAIL_ACCOUNT_STORAGE_DIR} ]]"
}
function add_mail_account_then_wait_until_ready() {
local CONTAINER_NAME=$1
local MAIL_ACCOUNT=$2
# Password is optional (omit when the password is not needed during the test)
local MAIL_PASS="${3:-password_not_relevant_to_test}"
run docker exec "${CONTAINER_NAME}" setup email add "${MAIL_ACCOUNT}" "${MAIL_PASS}"
assert_success
wait_until_account_maildir_exists "${CONTAINER_NAME}" "${MAIL_ACCOUNT}"
}
function wait_for_empty_mail_queue_in_container() {
local CONTAINER_NAME="${1}"
local TIMEOUT=${TEST_TIMEOUT_IN_SECONDS}
# shellcheck disable=SC2016
repeat_in_container_until_success_or_timeout "${TIMEOUT}" "${CONTAINER_NAME}" bash -c '[[ $(mailq) == *"Mail queue is empty"* ]]'
}
tests: Extract some test cases out from `tests.bats` (#2980) While working on tests, I noticed that some of the configs being mounted were adding a few seconds to the start-up time of each container. Notably `postfix-*` and `dovecot.conf` config files, which have been extracted out into their own tests with those files moved into a separate config folder. `tests.bats` has been adapted to the common setup helper, and removed ENV no longer required to run those tests. Future PRs will extract out more tests. Review may be easier via individual commit diffs and their associated commit messages describing relevant changes. <details> <summary>Commit message history for reference</summary> ```markdown tests(chore): `tests.bats` - Remove redundant config === - ONEDIR volume support no longer relevant, this should have been dropped. - ClamAV ENV no longer relevant as related tests have been extracted already. - Same with the some of the SpamAssassin ENV config. - `VIRUSMAILS_DELETE_DELAY` is tested in the file, but doesn't use this ENV at all? (runs a separate instance to test the ENV instead) - Hostname updated in preparation for migrating to new test helpers. Relevant test lines referencing the hostname have likewise been updated. ``` ```markdown tests(chore): `tests.bats` - Convert to common setup === ENV remains the same, but required adding `ENABLE_AMAVIS=1` to bring that back, while the following became redundant as they're now defaulting to explicitly disabled in the helper method: - `ENABLE_CLAMAV=0` - `LOG_LEVEL=debug` - `ENABLE_UPDATE_CHECK=0` - `--hostname` + `--tty` + standard `--volume` lines - `-e` option expanded to long-name `--env`, and all `\` dropped as no longer necessary. `wait_for_finished_setup_in_container` is now redundant thanks to `common_container_setup`. ``` ```markdown tests(refactor): `tests.bats` - Extract out Dovecot Sieve tests === Sieve test files relocated into `test/config/dovecot-sieve/` for better isolation. `dovecot.sieve` was not using the `reject` import, and we should not encourage it? (docs still do): https://support.tigertech.net/sieve#the-sieve-reject-jmp ``` ```markdown tests: `tests.bats` - Extract out `checking smtp` tests === Migrated to the standard template and copied over the original test cases with `_run_in_container` adjustment only. Identified minimum required ENV along with which mail is required for each test case. ``` ```markdown tests(refactor): `smtp-delivery.bats` === - Disabled `ENABLE_SRS=1`, not necessary for these tests. - Added a SpamAssassin related test (X-SPAM headers) which requires `SA_TAG` to properly pass (or `ENABLE_SRS=1` to deliver into inbox). - Many lines with double quotes changed to single quote wrapping, and moving out `grep` filters into `assert_output --partial` lines instead. - Instead of `wc -l` making failures less helpful, switch to the helper method `_should_output_number_of_lines` - x2 `assert_output` with different EOF style of usage was not actually failing on tests when it should. Changed to assert partial output of each expected line, and count the number of lines instead. - Added additional comments related to the test cases with a `TODO` note about `SPAMASSASSIN_SPAM_TO_INBOX=1`. - Revised test case names, including using the common prefix var. - `tests.bats` no longer needs to send all these emails, no other test cases require them. This affects a test checking a `/mail` folder exists which has been corrected, and a quotas test case adjusted to expect an empty quota size output. ``` ```markdown tests: `tests.bats` - Extract out test cases for config overrides === Slight improvement by additionally matching `postconf` output to verify the setting is properly applied. ``` ```markdown tests: `tests.bats` - Extract out Amavis SpamAssassin test case === Removes the need for SpamAssassin ENV in `tests.bats`. ``` </details>
2023-01-06 22:36:20 +00:00
# `lines` is a special BATS variable updated via `run`:
function _should_output_number_of_lines() {
assert_equal "${#lines[@]}" $1
}