mirror of
https://github.com/docker-mailserver/docker-mailserver.git
synced 2024-01-19 02:48:50 +00:00
update BATS & helper + minor updates to BATS variables (#2988)
This commit is contained in:
parent
2b4105ef0a
commit
41c44cb91d
4
Makefile
4
Makefile
|
@ -8,7 +8,6 @@ export NAME ?= $(IMAGE_NAME)
|
||||||
MAKEFLAGS += --no-print-directory
|
MAKEFLAGS += --no-print-directory
|
||||||
BATS_FLAGS ?= --timing
|
BATS_FLAGS ?= --timing
|
||||||
BATS_PARALLEL_JOBS ?= 2
|
BATS_PARALLEL_JOBS ?= 2
|
||||||
BATS_FLAGS_PARALLEL ?= $(BATS_FLAGS) --no-parallelize-within-files --jobs $(BATS_PARALLEL_JOBS)
|
|
||||||
|
|
||||||
.PHONY: ALWAYS_RUN
|
.PHONY: ALWAYS_RUN
|
||||||
|
|
||||||
|
@ -53,7 +52,8 @@ tests/serial: ALWAYS_RUN
|
||||||
@ shopt -s globstar ; ./test/bats/bin/bats $(BATS_FLAGS) test/$@/*.bats
|
@ shopt -s globstar ; ./test/bats/bin/bats $(BATS_FLAGS) test/$@/*.bats
|
||||||
|
|
||||||
tests/parallel/set%: ALWAYS_RUN
|
tests/parallel/set%: ALWAYS_RUN
|
||||||
@ shopt -s globstar ; ./test/bats/bin/bats $(BATS_FLAGS_PARALLEL) test/$@/**/*.bats
|
@ shopt -s globstar ; ./test/bats/bin/bats $(BATS_FLAGS) \
|
||||||
|
--no-parallelize-within-files --jobs $(BATS_PARALLEL_JOBS) test/$@/**/*.bats
|
||||||
|
|
||||||
test/%: ALWAYS_RUN
|
test/%: ALWAYS_RUN
|
||||||
@ shopt -s globstar nullglob ; ./test/bats/bin/bats $(BATS_FLAGS) test/tests/**/{$*,}.bats
|
@ shopt -s globstar nullglob ; ./test/bats/bin/bats $(BATS_FLAGS) test/tests/**/{$*,}.bats
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit 410dd229a5ed005c68167cc90ed0712ad2a1c909
|
Subproject commit e8c840b58f0833e23461c682655fe540aa923f85
|
|
@ -1 +1 @@
|
||||||
Subproject commit ffe84ea5dd43b568851549b3e241db150c12929c
|
Subproject commit 78fa631d1370562d2cd4a1390989e706158e7bf0
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='[Relay] ENV:'
|
BATS_TEST_NAME_PREFIX='[Relay] (ENV) '
|
||||||
CONTAINER_NAME='dms-test_default-relay-host'
|
CONTAINER_NAME='dms-test_default-relay-host'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -17,7 +17,7 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'DEFAULT_RELAY_HOST' should configure 'main.cf:relayhost'" {
|
@test "'DEFAULT_RELAY_HOST' should configure 'main.cf:relayhost'" {
|
||||||
_run_in_container bash -c 'grep -e "^relayhost =" /etc/postfix/main.cf'
|
_run_in_container bash -c 'grep -e "^relayhost =" /etc/postfix/main.cf'
|
||||||
assert_output 'relayhost = default.relay.host.invalid:25'
|
assert_output 'relayhost = default.relay.host.invalid:25'
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Amavis:'
|
BATS_TEST_NAME_PREFIX='[Amavis] '
|
||||||
CONTAINER_NAME='dms-test_amavis'
|
CONTAINER_NAME='dms-test_amavis'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -18,8 +18,10 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} Amavis integration should be active" {
|
@test "SpamAssassin integration should be active" {
|
||||||
_run_in_container grep 'ANTI-SPAM-SA' /var/log/mail/mail.log
|
# give Amavis just a bit of time to print out its full debug log
|
||||||
|
run repeat_in_container_until_success_or_timeout 5 "${CONTAINER_NAME}" grep 'ANTI-SPAM-SA' /var/log/mail/mail.log
|
||||||
|
assert_success
|
||||||
assert_output --partial 'loaded'
|
assert_output --partial 'loaded'
|
||||||
refute_output --partial 'NOT loaded'
|
refute_output --partial 'NOT loaded'
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='ClamAV:'
|
BATS_TEST_NAME_PREFIX='[ClamAV] '
|
||||||
CONTAINER_NAME='dms-test_clamav'
|
CONTAINER_NAME='dms-test_clamav'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -34,38 +34,38 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} process clamd is running" {
|
@test "process clamd is running" {
|
||||||
run check_if_process_is_running 'clamd'
|
run check_if_process_is_running 'clamd'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} log files exist at /var/log/mail directory" {
|
@test "log files exist at /var/log/mail directory" {
|
||||||
_run_in_container bash -c "ls -1 /var/log/mail/ | grep -E 'clamav|freshclam|mail.log' | wc -l"
|
_run_in_container bash -c "ls -1 /var/log/mail/ | grep -E 'clamav|freshclam|mail.log' | wc -l"
|
||||||
assert_success
|
assert_success
|
||||||
assert_output 3
|
assert_output 3
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should be identified by Amavis" {
|
@test "should be identified by Amavis" {
|
||||||
_run_in_container grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
_run_in_container grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} freshclam cron is enabled" {
|
@test "freshclam cron is enabled" {
|
||||||
_run_in_container bash -c "grep '/usr/bin/freshclam' -r /etc/cron.d"
|
_run_in_container bash -c "grep '/usr/bin/freshclam' -r /etc/cron.d"
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} env CLAMAV_MESSAGE_SIZE_LIMIT is set correctly" {
|
@test "env CLAMAV_MESSAGE_SIZE_LIMIT is set correctly" {
|
||||||
_run_in_container grep -q '^MaxFileSize 30M$' /etc/clamav/clamd.conf
|
_run_in_container grep -q '^MaxFileSize 30M$' /etc/clamav/clamd.conf
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} rejects virus" {
|
@test "rejects virus" {
|
||||||
_run_in_container bash -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | grep '<virus@external.tld> -> <user1@localhost.localdomain>'"
|
_run_in_container bash -c "grep 'Blocked INFECTED' /var/log/mail/mail.log | grep '<virus@external.tld> -> <user1@localhost.localdomain>'"
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} process clamd restarts when killed" {
|
@test "process clamd restarts when killed" {
|
||||||
_run_in_container pkill 'clamd'
|
_run_in_container pkill 'clamd'
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='[ClamAV + SA] (disabled):'
|
BATS_TEST_NAME_PREFIX='[ClamAV + SA] (disabled) '
|
||||||
CONTAINER_NAME='dms-test_clamav-spamassasin_disabled'
|
CONTAINER_NAME='dms-test_clamav-spamassasin_disabled'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -24,22 +24,22 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} ClamAV - should be disabled by ENV 'ENABLED_CLAMAV=0'" {
|
@test "ClamAV - should be disabled by ENV 'ENABLED_CLAMAV=0'" {
|
||||||
run check_if_process_is_running 'clamd'
|
run check_if_process_is_running 'clamd'
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} ClamAV - Amavis integration should not be active" {
|
@test "ClamAV - Amavis integration should not be active" {
|
||||||
_run_in_container grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
_run_in_container grep -i 'Found secondary av scanner ClamAV-clamscan' /var/log/mail/mail.log
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} SA - Amavis integration should not be active" {
|
@test "SA - Amavis integration should not be active" {
|
||||||
_run_in_container bash -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'"
|
_run_in_container bash -c "grep -i 'ANTI-SPAM-SA code' /var/log/mail/mail.log | grep 'NOT loaded'"
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} SA - should not have been called" {
|
@test "SA - should not have been called" {
|
||||||
_run_in_container grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log
|
_run_in_container grep -i 'connect to /var/run/clamav/clamd.ctl failed' /var/log/mail/mail.log
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='DNSBLs:'
|
BATS_TEST_NAME_PREFIX='[DNSBLs] '
|
||||||
|
|
||||||
CONTAINER1_NAME='dms-test_dnsbl_enabled'
|
CONTAINER1_NAME='dms-test_dnsbl_enabled'
|
||||||
CONTAINER2_NAME='dms-test_dnsbl_disabled'
|
CONTAINER2_NAME='dms-test_dnsbl_disabled'
|
||||||
|
|
||||||
|
@ -29,33 +28,33 @@ function teardown_file() {
|
||||||
}
|
}
|
||||||
|
|
||||||
# ENABLE_DNSBL=1
|
# ENABLE_DNSBL=1
|
||||||
@test "${TEST_NAME_PREFIX} (enabled) Postfix DNS block list zen.spamhaus.org" {
|
@test "(enabled) Postfix DNS block list zen.spamhaus.org" {
|
||||||
run docker exec "${CONTAINER1_NAME}" postconf smtpd_recipient_restrictions
|
run docker exec "${CONTAINER1_NAME}" postconf smtpd_recipient_restrictions
|
||||||
assert_output --partial 'reject_rbl_client zen.spamhaus.org'
|
assert_output --partial 'reject_rbl_client zen.spamhaus.org'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (enabled) Postscreen DNS block lists -> postscreen_dnsbl_action" {
|
@test "(enabled) Postscreen DNS block lists -> postscreen_dnsbl_action" {
|
||||||
run docker exec "${CONTAINER1_NAME}" postconf postscreen_dnsbl_action
|
run docker exec "${CONTAINER1_NAME}" postconf postscreen_dnsbl_action
|
||||||
assert_output 'postscreen_dnsbl_action = enforce'
|
assert_output 'postscreen_dnsbl_action = enforce'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (enabled) Postscreen DNS block lists -> postscreen_dnsbl_sites" {
|
@test "(enabled) Postscreen DNS block lists -> postscreen_dnsbl_sites" {
|
||||||
run docker exec "${CONTAINER1_NAME}" postconf postscreen_dnsbl_sites
|
run docker exec "${CONTAINER1_NAME}" postconf postscreen_dnsbl_sites
|
||||||
assert_output 'postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 bl.mailspike.net=127.0.0.[2;14;13;12;11;10] b.barracudacentral.org*2 bl.spameatingmonkey.net=127.0.0.2 dnsbl.sorbs.net psbl.surriel.com list.dnswl.org=127.0.[0..255].0*-2 list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].[2..3]*-4'
|
assert_output 'postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]*3 bl.mailspike.net=127.0.0.[2;14;13;12;11;10] b.barracudacentral.org*2 bl.spameatingmonkey.net=127.0.0.2 dnsbl.sorbs.net psbl.surriel.com list.dnswl.org=127.0.[0..255].0*-2 list.dnswl.org=127.0.[0..255].1*-3 list.dnswl.org=127.0.[0..255].[2..3]*-4'
|
||||||
}
|
}
|
||||||
|
|
||||||
# ENABLE_DNSBL=0
|
# ENABLE_DNSBL=0
|
||||||
@test "${TEST_NAME_PREFIX} (disabled) Postfix DNS block list zen.spamhaus.org" {
|
@test "(disabled) Postfix DNS block list zen.spamhaus.org" {
|
||||||
run docker exec "${CONTAINER2_NAME}" postconf smtpd_recipient_restrictions
|
run docker exec "${CONTAINER2_NAME}" postconf smtpd_recipient_restrictions
|
||||||
refute_output --partial 'reject_rbl_client zen.spamhaus.org'
|
refute_output --partial 'reject_rbl_client zen.spamhaus.org'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (disabled) Postscreen DNS block lists -> postscreen_dnsbl_action" {
|
@test "(disabled) Postscreen DNS block lists -> postscreen_dnsbl_action" {
|
||||||
run docker exec "${CONTAINER2_NAME}" postconf postscreen_dnsbl_action
|
run docker exec "${CONTAINER2_NAME}" postconf postscreen_dnsbl_action
|
||||||
assert_output 'postscreen_dnsbl_action = ignore'
|
assert_output 'postscreen_dnsbl_action = ignore'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (disabled) Postscreen DNS block lists -> postscreen_dnsbl_sites" {
|
@test "(disabled) Postscreen DNS block lists -> postscreen_dnsbl_sites" {
|
||||||
run docker exec "${CONTAINER2_NAME}" postconf postscreen_dnsbl_sites
|
run docker exec "${CONTAINER2_NAME}" postconf postscreen_dnsbl_sites
|
||||||
assert_output 'postscreen_dnsbl_sites ='
|
assert_output 'postscreen_dnsbl_sites ='
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Fail2Ban:'
|
BATS_TEST_NAME_PREFIX='[Fail2Ban] '
|
||||||
CONTAINER1_NAME='dms-test_fail2ban'
|
CONTAINER1_NAME='dms-test_fail2ban'
|
||||||
CONTAINER2_NAME='dms-test_fail2ban_fail-auth-mailer'
|
CONTAINER2_NAME='dms-test_fail2ban_fail-auth-mailer'
|
||||||
|
|
||||||
|
@ -33,12 +33,12 @@ function teardown_file() {
|
||||||
docker rm -f "${CONTAINER1_NAME}" "${CONTAINER2_NAME}"
|
docker rm -f "${CONTAINER1_NAME}" "${CONTAINER2_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} Fail2Ban is running" {
|
@test "Fail2Ban is running" {
|
||||||
run check_if_process_is_running 'fail2ban-server'
|
run check_if_process_is_running 'fail2ban-server'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} localhost is not banned because ignored" {
|
@test "localhost is not banned because ignored" {
|
||||||
_run_in_container fail2ban-client status postfix-sasl
|
_run_in_container fail2ban-client status postfix-sasl
|
||||||
assert_success
|
assert_success
|
||||||
refute_output --regexp '.*IP list:.*127\.0\.0\.1.*'
|
refute_output --regexp '.*IP list:.*127\.0\.0\.1.*'
|
||||||
|
@ -47,13 +47,13 @@ function teardown_file() {
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} fail2ban-fail2ban.cf overrides" {
|
@test "fail2ban-fail2ban.cf overrides" {
|
||||||
_run_in_container fail2ban-client get loglevel
|
_run_in_container fail2ban-client get loglevel
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'DEBUG'
|
assert_output --partial 'DEBUG'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} fail2ban-jail.cf overrides" {
|
@test "fail2ban-jail.cf overrides" {
|
||||||
for FILTER in 'dovecot' 'postfix' 'postfix-sasl'
|
for FILTER in 'dovecot' 'postfix' 'postfix-sasl'
|
||||||
do
|
do
|
||||||
_run_in_container fail2ban-client get "${FILTER}" bantime
|
_run_in_container fail2ban-client get "${FILTER}" bantime
|
||||||
|
@ -76,7 +76,7 @@ function teardown_file() {
|
||||||
# - After multiple login fails and a slight delay, f2b will ban that IP.
|
# - After multiple login fails and a slight delay, f2b will ban that IP.
|
||||||
# - You could hard-code `sleep 5` on both cases to avoid the alternative assertions,
|
# - You could hard-code `sleep 5` on both cases to avoid the alternative assertions,
|
||||||
# but the polling + piping into grep approach here reliably minimizes the delay.
|
# but the polling + piping into grep approach here reliably minimizes the delay.
|
||||||
@test "${TEST_NAME_PREFIX} ban ip on multiple failed login" {
|
@test "ban ip on multiple failed login" {
|
||||||
CONTAINER1_IP=$(get_container_ip ${CONTAINER1_NAME})
|
CONTAINER1_IP=$(get_container_ip ${CONTAINER1_NAME})
|
||||||
# Trigger a ban by failing to login twice:
|
# Trigger a ban by failing to login twice:
|
||||||
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
|
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt"
|
||||||
|
@ -95,7 +95,7 @@ function teardown_file() {
|
||||||
}
|
}
|
||||||
|
|
||||||
# NOTE: Depends on previous test case, if no IP was banned at this point, it passes regardless..
|
# NOTE: Depends on previous test case, if no IP was banned at this point, it passes regardless..
|
||||||
@test "${TEST_NAME_PREFIX} unban ip works" {
|
@test "unban ip works" {
|
||||||
CONTAINER2_IP=$(get_container_ip ${CONTAINER2_NAME})
|
CONTAINER2_IP=$(get_container_ip ${CONTAINER2_NAME})
|
||||||
_run_in_container fail2ban-client set postfix-sasl unbanip "${CONTAINER2_IP}"
|
_run_in_container fail2ban-client set postfix-sasl unbanip "${CONTAINER2_IP}"
|
||||||
assert_success
|
assert_success
|
||||||
|
@ -110,7 +110,7 @@ function teardown_file() {
|
||||||
refute_output --partial "${CONTAINER2_IP}"
|
refute_output --partial "${CONTAINER2_IP}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} bans work properly (single IP)" {
|
@test "bans work properly (single IP)" {
|
||||||
_run_in_container fail2ban ban 192.0.66.7
|
_run_in_container fail2ban ban 192.0.66.7
|
||||||
assert_success
|
assert_success
|
||||||
assert_output 'Banned custom IP: 1'
|
assert_output 'Banned custom IP: 1'
|
||||||
|
@ -131,7 +131,7 @@ function teardown_file() {
|
||||||
refute_output --partial '192.0.66.7'
|
refute_output --partial '192.0.66.7'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} bans work properly (subnet)" {
|
@test "bans work properly (subnet)" {
|
||||||
_run_in_container fail2ban ban 192.0.66.0/24
|
_run_in_container fail2ban ban 192.0.66.0/24
|
||||||
assert_success
|
assert_success
|
||||||
assert_output 'Banned custom IP: 1'
|
assert_output 'Banned custom IP: 1'
|
||||||
|
@ -152,7 +152,7 @@ function teardown_file() {
|
||||||
refute_output --partial '192.0.66.0/24'
|
refute_output --partial '192.0.66.0/24'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} FAIL2BAN_BLOCKTYPE is really set to drop" {
|
@test "FAIL2BAN_BLOCKTYPE is really set to drop" {
|
||||||
# ban IPs here manually so we can be sure something is inside the jails
|
# ban IPs here manually so we can be sure something is inside the jails
|
||||||
for JAIL in dovecot postfix-sasl custom; do
|
for JAIL in dovecot postfix-sasl custom; do
|
||||||
_run_in_container fail2ban-client set "${JAIL}" banip 192.33.44.55
|
_run_in_container fail2ban-client set "${JAIL}" banip 192.33.44.55
|
||||||
|
@ -172,7 +172,7 @@ function teardown_file() {
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} setup.sh fail2ban" {
|
@test "setup.sh fail2ban" {
|
||||||
_run_in_container fail2ban-client set dovecot banip 192.0.66.4
|
_run_in_container fail2ban-client set dovecot banip 192.0.66.4
|
||||||
_run_in_container fail2ban-client set dovecot banip 192.0.66.5
|
_run_in_container fail2ban-client set dovecot banip 192.0.66.5
|
||||||
|
|
||||||
|
@ -194,7 +194,7 @@ function teardown_file() {
|
||||||
assert_output --partial 'You need to specify an IP address: Run'
|
assert_output --partial 'You need to specify an IP address: Run'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} restart of Fail2Ban" {
|
@test "restart of Fail2Ban" {
|
||||||
_run_in_container pkill fail2ban
|
_run_in_container pkill fail2ban
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Postgrey (enabled):'
|
BATS_TEST_NAME_PREFIX='[Postgrey] (enabled) '
|
||||||
CONTAINER_NAME='dms-test_postgrey_enabled'
|
CONTAINER_NAME='dms-test_postgrey_enabled'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -24,13 +24,13 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should have added Postgrey to 'main.cf:check_policy_service'" {
|
@test "should have added Postgrey to 'main.cf:check_policy_service'" {
|
||||||
_run_in_container grep -F 'check_policy_service inet:127.0.0.1:10023' /etc/postfix/main.cf
|
_run_in_container grep -F 'check_policy_service inet:127.0.0.1:10023' /etc/postfix/main.cf
|
||||||
assert_success
|
assert_success
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should have configured /etc/default/postgrey with default values and ENV overrides" {
|
@test "should have configured /etc/default/postgrey with default values and ENV overrides" {
|
||||||
_run_in_container grep -F 'POSTGREY_OPTS="--inet=127.0.0.1:10023 --delay=3 --max-age=35 --auto-whitelist-clients=5"' /etc/default/postgrey
|
_run_in_container grep -F 'POSTGREY_OPTS="--inet=127.0.0.1:10023 --delay=3 --max-age=35 --auto-whitelist-clients=5"' /etc/default/postgrey
|
||||||
assert_success
|
assert_success
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
|
@ -40,12 +40,12 @@ function teardown_file() { _default_teardown ; }
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} Postgrey is running" {
|
@test "Postgrey is running" {
|
||||||
run check_if_process_is_running 'postgrey'
|
run check_if_process_is_running 'postgrey'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should initially reject (greylist) mail from 'user@external.tld'" {
|
@test "should initially reject (greylist) mail from 'user@external.tld'" {
|
||||||
# Modify the postfix config in order to ensure that postgrey handles the test e-mail.
|
# Modify the postfix config in order to ensure that postgrey handles the test e-mail.
|
||||||
# The other spam checks in `main.cf:smtpd_recipient_restrictions` would interfere with testing postgrey.
|
# The other spam checks in `main.cf:smtpd_recipient_restrictions` would interfere with testing postgrey.
|
||||||
_run_in_container bash -c "sed -ie 's/permit_sasl_authenticated.*policyd-spf,$//g' /etc/postfix/main.cf"
|
_run_in_container bash -c "sed -ie 's/permit_sasl_authenticated.*policyd-spf,$//g' /etc/postfix/main.cf"
|
||||||
|
@ -69,7 +69,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
}
|
}
|
||||||
|
|
||||||
# NOTE: This test case depends on the previous one
|
# NOTE: This test case depends on the previous one
|
||||||
@test "${TEST_NAME_PREFIX} should accept mail from 'user@external.tld' after POSTGREY_DELAY duration" {
|
@test "should accept mail from 'user@external.tld' after POSTGREY_DELAY duration" {
|
||||||
# Wait until `$POSTGREY_DELAY` seconds pass before trying again:
|
# Wait until `$POSTGREY_DELAY` seconds pass before trying again:
|
||||||
sleep 3
|
sleep 3
|
||||||
# Retry delivering test mail (it should be trusted this time):
|
# Retry delivering test mail (it should be trusted this time):
|
||||||
|
@ -90,7 +90,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
# - However this does not help verify that the actual client HELO address is properly whitelisted?
|
# - However this does not help verify that the actual client HELO address is properly whitelisted?
|
||||||
# - It'd also cause the earlier greylist test to fail.
|
# - It'd also cause the earlier greylist test to fail.
|
||||||
# - TODO: Actually confirm whitelist feature works correctly as these test cases are using a workaround:
|
# - TODO: Actually confirm whitelist feature works correctly as these test cases are using a workaround:
|
||||||
@test "${TEST_NAME_PREFIX} should whitelist sender 'user@whitelist.tld'" {
|
@test "should whitelist sender 'user@whitelist.tld'" {
|
||||||
_send_test_mail '/tmp/docker-mailserver-test/nc_templates/postgrey_whitelist.txt' '10023'
|
_send_test_mail '/tmp/docker-mailserver-test/nc_templates/postgrey_whitelist.txt' '10023'
|
||||||
|
|
||||||
_should_have_log_entry \
|
_should_have_log_entry \
|
||||||
|
@ -99,7 +99,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
'client_address=127.0.0.1/32, sender=test@whitelist.tld, recipient=user1@localhost.localdomain'
|
'client_address=127.0.0.1/32, sender=test@whitelist.tld, recipient=user1@localhost.localdomain'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should whitelist recipient 'user2@otherdomain.tld'" {
|
@test "should whitelist recipient 'user2@otherdomain.tld'" {
|
||||||
_send_test_mail '/tmp/docker-mailserver-test/nc_templates/postgrey_whitelist_recipients.txt' '10023'
|
_send_test_mail '/tmp/docker-mailserver-test/nc_templates/postgrey_whitelist_recipients.txt' '10023'
|
||||||
|
|
||||||
_should_have_log_entry \
|
_should_have_log_entry \
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Postscreen:'
|
BATS_TEST_NAME_PREFIX='[Postscreen] '
|
||||||
CONTAINER1_NAME='dms-test_postscreen_enforce'
|
CONTAINER1_NAME='dms-test_postscreen_enforce'
|
||||||
CONTAINER2_NAME='dms-test_postscreen_sender'
|
CONTAINER2_NAME='dms-test_postscreen_sender'
|
||||||
|
|
||||||
|
@ -37,7 +37,7 @@ function teardown_file() {
|
||||||
docker rm -f "${CONTAINER1_NAME}" "${CONTAINER2_NAME}"
|
docker rm -f "${CONTAINER1_NAME}" "${CONTAINER2_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should fail login when talking out of turn" {
|
@test "should fail login when talking out of turn" {
|
||||||
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt"
|
_run_in_container_explicit "${CONTAINER2_NAME}" bash -c "nc ${CONTAINER1_IP} 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt"
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial '502 5.5.2 Error: command not recognized'
|
assert_output --partial '502 5.5.2 Error: command not recognized'
|
||||||
|
@ -47,7 +47,7 @@ function teardown_file() {
|
||||||
assert_output --partial 'COMMAND PIPELINING'
|
assert_output --partial 'COMMAND PIPELINING'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should successfully login (respecting postscreen_greet_wait time)" {
|
@test "should successfully login (respecting postscreen_greet_wait time)" {
|
||||||
# NOTE: Sometimes fails on first attempt (trying too soon?),
|
# NOTE: Sometimes fails on first attempt (trying too soon?),
|
||||||
# Instead of a `run` + asserting partial, Using repeat + internal grep match:
|
# Instead of a `run` + asserting partial, Using repeat + internal grep match:
|
||||||
repeat_until_success_or_timeout 10 _should_wait_turn_speaking_smtp \
|
repeat_until_success_or_timeout 10 _should_wait_turn_speaking_smtp \
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Spam bounced:'
|
BATS_TEST_NAME_PREFIX='[Spam] (bounced) '
|
||||||
CONTAINER_NAME='dms-test_spam-bounced'
|
CONTAINER_NAME='dms-test_spam-bounced'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -25,7 +25,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
# When SPAMASSASSIN_SPAM_TO_INBOX=0, spam messages must be bounced (rejected).
|
# When SPAMASSASSIN_SPAM_TO_INBOX=0, spam messages must be bounced (rejected).
|
||||||
# SPAMASSASSIN_SPAM_TO_INBOX=1 is covered in `mail_spam_junk_folder.bats`.
|
# SPAMASSASSIN_SPAM_TO_INBOX=1 is covered in `mail_spam_junk_folder.bats`.
|
||||||
# Original test PR: https://github.com/docker-mailserver/docker-mailserver/pull/1485
|
# Original test PR: https://github.com/docker-mailserver/docker-mailserver/pull/1485
|
||||||
@test "${TEST_NAME_PREFIX} spam message is bounced (rejected)" {
|
@test "spam message is bounced (rejected)" {
|
||||||
# send a spam message
|
# send a spam message
|
||||||
_run_in_container /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
_run_in_container /bin/sh -c "nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/amavis-spam.txt"
|
||||||
assert_success
|
assert_success
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Spam junk folder:'
|
BATS_TEST_NAME_PREFIX='[Spam] (junk folder) '
|
||||||
CONTAINER1_NAME='dms-test_spam-junk-folder_1'
|
CONTAINER1_NAME='dms-test_spam-junk-folder_1'
|
||||||
CONTAINER2_NAME='dms-test_spam-junk-folder_2'
|
CONTAINER2_NAME='dms-test_spam-junk-folder_2'
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ function teardown() { _default_teardown ; }
|
||||||
# When SPAMASSASSIN_SPAM_TO_INBOX=1, spam messages must be delivered
|
# When SPAMASSASSIN_SPAM_TO_INBOX=1, spam messages must be delivered
|
||||||
# and eventually (MOVE_SPAM_TO_JUNK=1) moved to the Junk folder.
|
# and eventually (MOVE_SPAM_TO_JUNK=1) moved to the Junk folder.
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (Amavis) spam message delivered & moved to Junk folder" {
|
@test "(Amavis) spam message delivered & moved to Junk folder" {
|
||||||
export CONTAINER_NAME=${CONTAINER1_NAME}
|
export CONTAINER_NAME=${CONTAINER1_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(
|
local CUSTOM_SETUP_ARGUMENTS=(
|
||||||
--env ENABLE_AMAVIS=1
|
--env ENABLE_AMAVIS=1
|
||||||
|
@ -39,7 +39,7 @@ function teardown() { _default_teardown ; }
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} (Amavis) spam message delivered to INBOX" {
|
@test "(Amavis) spam message delivered to INBOX" {
|
||||||
export CONTAINER_NAME=${CONTAINER2_NAME}
|
export CONTAINER_NAME=${CONTAINER2_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(
|
local CUSTOM_SETUP_ARGUMENTS=(
|
||||||
--env ENABLE_AMAVIS=1
|
--env ENABLE_AMAVIS=1
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Undefined spam subject:'
|
BATS_TEST_NAME_PREFIX='[Spam] (undefined subject) '
|
||||||
|
|
||||||
CONTAINER1_NAME='dms-test_spam-undef-subject_1'
|
CONTAINER1_NAME='dms-test_spam-undef-subject_1'
|
||||||
CONTAINER2_NAME='dms-test_spam-undef-subject_2'
|
CONTAINER2_NAME='dms-test_spam-undef-subject_2'
|
||||||
|
@ -9,7 +9,7 @@ CONTAINER_NAME=${CONTAINER2_NAME}
|
||||||
|
|
||||||
function teardown() { _default_teardown ; }
|
function teardown() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'SA_SPAM_SUBJECT=undef' should update Amavis config" {
|
@test "'SA_SPAM_SUBJECT=undef' should update Amavis config" {
|
||||||
export CONTAINER_NAME=${CONTAINER1_NAME}
|
export CONTAINER_NAME=${CONTAINER1_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(
|
local CUSTOM_SETUP_ARGUMENTS=(
|
||||||
--env ENABLE_AMAVIS=1
|
--env ENABLE_AMAVIS=1
|
||||||
|
@ -24,7 +24,7 @@ function teardown() { _default_teardown ; }
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO: Unclear why some of these ENV are relevant for the test?
|
# TODO: Unclear why some of these ENV are relevant for the test?
|
||||||
@test "${TEST_NAME_PREFIX} Docker env variables are set correctly (custom)" {
|
@test "Docker env variables are set correctly (custom)" {
|
||||||
export CONTAINER_NAME=${CONTAINER2_NAME}
|
export CONTAINER_NAME=${CONTAINER2_NAME}
|
||||||
|
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(
|
local CUSTOM_SETUP_ARGUMENTS=(
|
||||||
|
|
|
@ -4,7 +4,7 @@ load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
# ? global variable initialization
|
# ? global variable initialization
|
||||||
# ? to identify the test easily
|
# ? to identify the test easily
|
||||||
TEST_NAME_PREFIX='template:'
|
BATS_TEST_NAME_PREFIX='[no-op template] '
|
||||||
# ? must be unique
|
# ? must be unique
|
||||||
CONTAINER_NAME='dms-test_template'
|
CONTAINER_NAME='dms-test_template'
|
||||||
|
|
||||||
|
@ -33,7 +33,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
# ? actual unit tests
|
# ? actual unit tests
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} default check" {
|
@test "default check" {
|
||||||
_run_in_container bash -c "true"
|
_run_in_container bash -c "true"
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='[Security] TLS (cipher lists):'
|
BATS_TEST_NAME_PREFIX='[Security] (TLS) (cipher lists) '
|
||||||
CONTAINER_PREFIX='dms-test_tls-cipherlists'
|
CONTAINER_PREFIX='dms-test_tls-cipherlists'
|
||||||
|
|
||||||
# NOTE: Tests cases here cannot be run concurrently:
|
# NOTE: Tests cases here cannot be run concurrently:
|
||||||
|
@ -38,34 +38,34 @@ function teardown_file() {
|
||||||
|
|
||||||
function teardown() { _default_teardown ; }
|
function teardown() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=intermediate' + RSA" {
|
@test "'TLS_LEVEL=intermediate' + RSA" {
|
||||||
configure_and_run_dms_container 'intermediate' 'rsa'
|
configure_and_run_dms_container 'intermediate' 'rsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=intermediate' + ECDSA" {
|
@test "'TLS_LEVEL=intermediate' + ECDSA" {
|
||||||
configure_and_run_dms_container 'intermediate' 'ecdsa'
|
configure_and_run_dms_container 'intermediate' 'ecdsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
||||||
# Only ECDSA with an RSA fallback is tested.
|
# Only ECDSA with an RSA fallback is tested.
|
||||||
# There isn't a situation where RSA with an ECDSA fallback would make sense.
|
# There isn't a situation where RSA with an ECDSA fallback would make sense.
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=intermediate' + ECDSA with RSA fallback" {
|
@test "'TLS_LEVEL=intermediate' + ECDSA with RSA fallback" {
|
||||||
configure_and_run_dms_container 'intermediate' 'ecdsa' 'rsa'
|
configure_and_run_dms_container 'intermediate' 'ecdsa' 'rsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=modern' + RSA" {
|
@test "'TLS_LEVEL=modern' + RSA" {
|
||||||
configure_and_run_dms_container 'modern' 'rsa'
|
configure_and_run_dms_container 'modern' 'rsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=modern' + ECDSA" {
|
@test "'TLS_LEVEL=modern' + ECDSA" {
|
||||||
configure_and_run_dms_container 'modern' 'ecdsa'
|
configure_and_run_dms_container 'modern' 'ecdsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} 'TLS_LEVEL=modern' + ECDSA with RSA fallback" {
|
@test "'TLS_LEVEL=modern' + ECDSA with RSA fallback" {
|
||||||
configure_and_run_dms_container 'modern' 'ecdsa' 'rsa'
|
configure_and_run_dms_container 'modern' 'ecdsa' 'rsa'
|
||||||
should_support_expected_cipherlists
|
should_support_expected_cipherlists
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,7 @@ load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/tls"
|
load "${REPOSITORY_ROOT}/test/helper/tls"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='[Security] TLS (SSL_TYPE=letsencrypt):'
|
BATS_TEST_NAME_PREFIX='[Security] (TLS) (SSL_TYPE=letsencrypt) '
|
||||||
CONTAINER1_NAME='dms-test_tls-letsencrypt_default-hostname'
|
CONTAINER1_NAME='dms-test_tls-letsencrypt_default-hostname'
|
||||||
CONTAINER2_NAME='dms-test_tls-letsencrypt_fallback-domainname'
|
CONTAINER2_NAME='dms-test_tls-letsencrypt_fallback-domainname'
|
||||||
CONTAINER3_NAME='dms-test_tls-letsencrypt_support-acme-json'
|
CONTAINER3_NAME='dms-test_tls-letsencrypt_support-acme-json'
|
||||||
|
@ -30,7 +30,7 @@ function _initial_setup() {
|
||||||
}
|
}
|
||||||
|
|
||||||
# Should detect and choose the cert for FQDN `mail.example.test` (HOSTNAME):
|
# Should detect and choose the cert for FQDN `mail.example.test` (HOSTNAME):
|
||||||
@test "${TEST_NAME_PREFIX} Should default to HOSTNAME (${TEST_FQDN})" {
|
@test "Should default to HOSTNAME (${TEST_FQDN})" {
|
||||||
export CONTAINER_NAME=${CONTAINER1_NAME}
|
export CONTAINER_NAME=${CONTAINER1_NAME}
|
||||||
_initial_setup
|
_initial_setup
|
||||||
|
|
||||||
|
@ -50,7 +50,7 @@ function _initial_setup() {
|
||||||
|
|
||||||
# Should detect and choose cert for FQDN `example.test` (DOMAINNAME),
|
# Should detect and choose cert for FQDN `example.test` (DOMAINNAME),
|
||||||
# as fallback when no cert for FQDN `mail.example.test` (HOSTNAME) exists:
|
# as fallback when no cert for FQDN `mail.example.test` (HOSTNAME) exists:
|
||||||
@test "${TEST_NAME_PREFIX} Should fallback to DOMAINNAME (example.test)" {
|
@test "Should fallback to DOMAINNAME (example.test)" {
|
||||||
export CONTAINER_NAME=${CONTAINER2_NAME}
|
export CONTAINER_NAME=${CONTAINER2_NAME}
|
||||||
_initial_setup
|
_initial_setup
|
||||||
|
|
||||||
|
@ -75,7 +75,7 @@ function _initial_setup() {
|
||||||
# all Subject CN (`main` in acme.json) are `Smallstep Leaf` which is not an FQDN.
|
# all Subject CN (`main` in acme.json) are `Smallstep Leaf` which is not an FQDN.
|
||||||
# While not using a FQDN is valid for that field,
|
# While not using a FQDN is valid for that field,
|
||||||
# it does mean there is no test coverage against the `acme.json` field `main`.
|
# it does mean there is no test coverage against the `acme.json` field `main`.
|
||||||
@test "${TEST_NAME_PREFIX} Traefik 'acme.json' (*.example.test)" {
|
@test "Traefik 'acme.json' (*.example.test)" {
|
||||||
export CONTAINER_NAME=${CONTAINER3_NAME}
|
export CONTAINER_NAME=${CONTAINER3_NAME}
|
||||||
_initial_setup
|
_initial_setup
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='[Security] TLS (SSL_TYPE=manual):'
|
BATS_TEST_NAME_PREFIX='[Security] (TLS) (SSL_TYPE=manual) '
|
||||||
CONTAINER_NAME='dms-test_tls-manual'
|
CONTAINER_NAME='dms-test_tls-manual'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -38,7 +38,7 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} ENV vars provided are valid files" {
|
@test "ENV vars provided are valid files" {
|
||||||
_run_in_container [ -f "${SSL_CERT_PATH}" ]
|
_run_in_container [ -f "${SSL_CERT_PATH}" ]
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -52,7 +52,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} manual configuration is correct" {
|
@test "manual configuration is correct" {
|
||||||
local DOVECOT_CONFIG_SSL='/etc/dovecot/conf.d/10-ssl.conf'
|
local DOVECOT_CONFIG_SSL='/etc/dovecot/conf.d/10-ssl.conf'
|
||||||
|
|
||||||
_run_in_container grep '^smtpd_tls_chain_files =' '/etc/postfix/main.cf'
|
_run_in_container grep '^smtpd_tls_chain_files =' '/etc/postfix/main.cf'
|
||||||
|
@ -76,7 +76,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_output "ssl_alt_cert = <${FALLBACK_CERT}"
|
assert_output "ssl_alt_cert = <${FALLBACK_CERT}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} manual configuration copied files correctly " {
|
@test "manual configuration copied files correctly " {
|
||||||
_run_in_container cmp -s "${PRIMARY_KEY}" "${SSL_KEY_PATH}"
|
_run_in_container cmp -s "${PRIMARY_KEY}" "${SSL_KEY_PATH}"
|
||||||
assert_success
|
assert_success
|
||||||
_run_in_container cmp -s "${PRIMARY_CERT}" "${SSL_CERT_PATH}"
|
_run_in_container cmp -s "${PRIMARY_CERT}" "${SSL_CERT_PATH}"
|
||||||
|
@ -89,7 +89,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} manual cert works correctly" {
|
@test "manual cert works correctly" {
|
||||||
wait_for_tcp_port_in_container 587 "${CONTAINER_NAME}"
|
wait_for_tcp_port_in_container 587 "${CONTAINER_NAME}"
|
||||||
|
|
||||||
local TEST_COMMAND=(timeout 1 openssl s_client -connect mail.example.test:587 -starttls smtp)
|
local TEST_COMMAND=(timeout 1 openssl s_client -connect mail.example.test:587 -starttls smtp)
|
||||||
|
@ -106,7 +106,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_equal "${RESULT}" 'Verification: OK'
|
assert_equal "${RESULT}" 'Verification: OK'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} manual cert changes are picked up by check-for-changes" {
|
@test "manual cert changes are picked up by check-for-changes" {
|
||||||
printf '%s' 'someThingsChangedHere' \
|
printf '%s' 'someThingsChangedHere' \
|
||||||
>>"$(pwd)/test/test-files/ssl/${TEST_DOMAIN}/with_ca/ecdsa/key.ecdsa.pem"
|
>>"$(pwd)/test/test-files/ssl/${TEST_DOMAIN}/with_ca/ecdsa/key.ecdsa.pem"
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Override Configs:'
|
BATS_TEST_NAME_PREFIX='[Configuration] (overrides) '
|
||||||
CONTAINER_NAME='dms-test_config-overrides'
|
CONTAINER_NAME='dms-test_config-overrides'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -15,7 +15,7 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX}: Postfix - 'postfix-main.cf' overrides applied to '/etc/postfix/main.cf'" {
|
@test "Postfix - 'postfix-main.cf' overrides applied to '/etc/postfix/main.cf'" {
|
||||||
_run_in_container grep -q 'max_idle = 600s' /tmp/docker-mailserver/postfix-main.cf
|
_run_in_container grep -q 'max_idle = 600s' /tmp/docker-mailserver/postfix-main.cf
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_output --partial 'readme_directory = /tmp'
|
assert_output --partial 'readme_directory = /tmp'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX}: Postfix - 'postfix-master.cf' overrides applied to '/etc/postfix/master.cf'" {
|
@test "Postfix - 'postfix-master.cf' overrides applied to '/etc/postfix/master.cf'" {
|
||||||
_run_in_container grep -q 'submission/inet/smtpd_sasl_security_options=noanonymous' /tmp/docker-mailserver/postfix-master.cf
|
_run_in_container grep -q 'submission/inet/smtpd_sasl_security_options=noanonymous' /tmp/docker-mailserver/postfix-master.cf
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -37,7 +37,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
assert_output --partial '-o smtpd_sasl_security_options=noanonymous'
|
assert_output --partial '-o smtpd_sasl_security_options=noanonymous'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX}: Dovecot - 'dovecot.cf' overrides applied to '/etc/dovecot/local.conf'" {
|
@test "Dovecot - 'dovecot.cf' overrides applied to '/etc/dovecot/local.conf'" {
|
||||||
_run_in_container grep -q 'mail_max_userip_connections = 69' /tmp/docker-mailserver/dovecot.cf
|
_run_in_container grep -q 'mail_max_userip_connections = 69' /tmp/docker-mailserver/dovecot.cf
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@ load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
# Docs:
|
# Docs:
|
||||||
# https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-sieve/
|
# https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-sieve/
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Dovecot [Sieve Support]:'
|
BATS_TEST_NAME_PREFIX='[Dovecot] (Sieve support) '
|
||||||
CONTAINER_NAME='dms-test_dovecot-sieve'
|
CONTAINER_NAME='dms-test_dovecot-sieve'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -36,20 +36,20 @@ function setup_file() {
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
# dovecot-sieve/dovecot.sieve
|
# dovecot-sieve/dovecot.sieve
|
||||||
@test "${TEST_NAME_PREFIX} User Sieve - should store mail from 'spam@spam.com' into recipient (user1) mailbox 'INBOX.spam'" {
|
@test "User Sieve - should store mail from 'spam@spam.com' into recipient (user1) mailbox 'INBOX.spam'" {
|
||||||
_run_in_container bash -c 'ls -A /var/mail/localhost.localdomain/user1/.INBOX.spam/new'
|
_run_in_container bash -c 'ls -A /var/mail/localhost.localdomain/user1/.INBOX.spam/new'
|
||||||
assert_success
|
assert_success
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
# dovecot-sieve/before.dovecot.sieve
|
# dovecot-sieve/before.dovecot.sieve
|
||||||
@test "${TEST_NAME_PREFIX} Global Sieve - should have copied mail from 'spam@spam.com' to recipient (user1) inbox" {
|
@test "Global Sieve - should have copied mail from 'spam@spam.com' to recipient (user1) inbox" {
|
||||||
_run_in_container grep 'Spambot <spam@spam.com>' -R /var/mail/localhost.localdomain/user1/new/
|
_run_in_container grep 'Spambot <spam@spam.com>' -R /var/mail/localhost.localdomain/user1/new/
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
# dovecot-sieve/sieve-pipe + dovecot-sieve/user2@otherdomain.tld.dovecot.sieve
|
# dovecot-sieve/sieve-pipe + dovecot-sieve/user2@otherdomain.tld.dovecot.sieve
|
||||||
@test "${TEST_NAME_PREFIX} Sieve Pipe - should pipe mail received for user2 into '/tmp/pipe-test.out'" {
|
@test "Sieve Pipe - should pipe mail received for user2 into '/tmp/pipe-test.out'" {
|
||||||
_run_in_container bash -c 'ls -A /tmp/pipe-test.out'
|
_run_in_container bash -c 'ls -A /tmp/pipe-test.out'
|
||||||
assert_success
|
assert_success
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
|
@ -57,7 +57,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
# Only test coverage for feature is to check that the service is listening on the expected port:
|
# Only test coverage for feature is to check that the service is listening on the expected port:
|
||||||
# https://doc.dovecot.org/admin_manual/pigeonhole_managesieve_server/
|
# https://doc.dovecot.org/admin_manual/pigeonhole_managesieve_server/
|
||||||
@test "${TEST_NAME_PREFIX} ENV 'ENABLE_MANAGESIEVE' - should have enabled service on port 4190" {
|
@test "ENV 'ENABLE_MANAGESIEVE' - should have enabled service on port 4190" {
|
||||||
_run_in_container bash -c 'nc -z 0.0.0.0 4190'
|
_run_in_container bash -c 'nc -z 0.0.0.0 4190'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='Dovecot protocols:'
|
BATS_TEST_NAME_PREFIX='[Dovecot] (protocols) '
|
||||||
CONTAINER1_NAME='dms-test_dovecot_protocols_all'
|
CONTAINER1_NAME='dms-test_dovecot_protocols_all'
|
||||||
CONTAINER2_NAME='dms-test_dovecot_protocols_ipv4'
|
CONTAINER2_NAME='dms-test_dovecot_protocols_ipv4'
|
||||||
CONTAINER3_NAME='dms-test_dovecot_protocols_ipv6'
|
CONTAINER3_NAME='dms-test_dovecot_protocols_ipv6'
|
||||||
|
|
||||||
function teardown() { _default_teardown ; }
|
function teardown() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} dual-stack IP configuration" {
|
@test "dual-stack IP configuration" {
|
||||||
export CONTAINER_NAME=${CONTAINER1_NAME}
|
export CONTAINER_NAME=${CONTAINER1_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=)
|
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=)
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@ function teardown() { _default_teardown ; }
|
||||||
assert_output '#listen = *, ::'
|
assert_output '#listen = *, ::'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} IPv4 configuration" {
|
@test "IPv4 configuration" {
|
||||||
export CONTAINER_NAME=${CONTAINER2_NAME}
|
export CONTAINER_NAME=${CONTAINER2_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=ipv4)
|
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=ipv4)
|
||||||
|
|
||||||
|
@ -32,7 +32,7 @@ function teardown() { _default_teardown ; }
|
||||||
assert_output 'listen = *'
|
assert_output 'listen = *'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} IPv6 configuration" {
|
@test "IPv6 configuration" {
|
||||||
export CONTAINER_NAME=${CONTAINER3_NAME}
|
export CONTAINER_NAME=${CONTAINER3_NAME}
|
||||||
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=ipv6)
|
local CUSTOM_SETUP_ARGUMENTS=(--env DOVECOT_INET_PROTOCOLS=ipv6)
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='helper functions inside container:'
|
BATS_TEST_NAME_PREFIX='[Scripts] (helper functions inside container) '
|
||||||
CONTAINER_NAME='dms-test_helper_functions'
|
CONTAINER_NAME='dms-test_helper_functions'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -11,7 +11,7 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} _sanitize_ipv4_to_subnet_cidr" {
|
@test "_sanitize_ipv4_to_subnet_cidr" {
|
||||||
_run_in_container bash -c "source /usr/local/bin/helpers/index.sh; _sanitize_ipv4_to_subnet_cidr 255.255.255.255/0"
|
_run_in_container bash -c "source /usr/local/bin/helpers/index.sh; _sanitize_ipv4_to_subnet_cidr 255.255.255.255/0"
|
||||||
assert_output "0.0.0.0/0"
|
assert_output "0.0.0.0/0"
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
load "${REPOSITORY_ROOT}/test/helper/common"
|
load "${REPOSITORY_ROOT}/test/helper/common"
|
||||||
load "${REPOSITORY_ROOT}/test/helper/setup"
|
load "${REPOSITORY_ROOT}/test/helper/setup"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='SMTP Delivery:'
|
BATS_TEST_NAME_PREFIX='[SMTP] (delivery) '
|
||||||
CONTAINER_NAME='dms-test_smtp-delivery'
|
CONTAINER_NAME='dms-test_smtp-delivery'
|
||||||
|
|
||||||
function setup_file() {
|
function setup_file() {
|
||||||
|
@ -86,56 +86,56 @@ function setup_file() {
|
||||||
|
|
||||||
function teardown_file() { _default_teardown ; }
|
function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should successfully authenticate with good password (plain)" {
|
@test "should successfully authenticate with good password (plain)" {
|
||||||
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain.txt'
|
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'Authentication successful'
|
assert_output --partial 'Authentication successful'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should fail to authenticate with wrong password (plain)" {
|
@test "should fail to authenticate with wrong password (plain)" {
|
||||||
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain-wrong.txt'
|
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-plain-wrong.txt'
|
||||||
assert_output --partial 'authentication failed'
|
assert_output --partial 'authentication failed'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should successfully authenticate with good password (login)" {
|
@test "should successfully authenticate with good password (login)" {
|
||||||
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt'
|
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'Authentication successful'
|
assert_output --partial 'Authentication successful'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} should fail to authenticate with wrong password (login)" {
|
@test "should fail to authenticate with wrong password (login)" {
|
||||||
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt'
|
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/smtp-auth-login-wrong.txt'
|
||||||
assert_output --partial 'authentication failed'
|
assert_output --partial 'authentication failed'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} [user: 'added'] should successfully authenticate with good password (plain)" {
|
@test "[user: 'added'] should successfully authenticate with good password (plain)" {
|
||||||
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-plain.txt'
|
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-plain.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'Authentication successful'
|
assert_output --partial 'Authentication successful'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} [user: 'added'] should fail to authenticate with wrong password (plain)" {
|
@test "[user: 'added'] should fail to authenticate with wrong password (plain)" {
|
||||||
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-plain-wrong.txt'
|
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-plain-wrong.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'authentication failed'
|
assert_output --partial 'authentication failed'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} [user: 'added'] should successfully authenticate with good password (login)" {
|
@test "[user: 'added'] should successfully authenticate with good password (login)" {
|
||||||
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-login.txt'
|
_run_in_container bash -c 'nc -w 5 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-login.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'Authentication successful'
|
assert_output --partial 'Authentication successful'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} [user: 'added'] should fail to authenticate with wrong password (login)" {
|
@test "[user: 'added'] should fail to authenticate with wrong password (login)" {
|
||||||
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-login-wrong.txt'
|
_run_in_container bash -c 'nc -w 20 0.0.0.0 25 < /tmp/docker-mailserver-test/auth/added-smtp-auth-login-wrong.txt'
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'authentication failed'
|
assert_output --partial 'authentication failed'
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO: Add a test covering case SPAMASSASSIN_SPAM_TO_INBOX=1 (default)
|
# TODO: Add a test covering case SPAMASSASSIN_SPAM_TO_INBOX=1 (default)
|
||||||
@test "${TEST_NAME_PREFIX} delivers mail to existing account" {
|
@test "delivers mail to existing account" {
|
||||||
_run_in_container bash -c "grep 'postfix/lmtp' /var/log/mail/mail.log | grep 'status=sent' | grep ' Saved)' | sed 's/.* to=</</g' | sed 's/, relay.*//g' | sort | uniq -c | tr -s \" \""
|
_run_in_container bash -c "grep 'postfix/lmtp' /var/log/mail/mail.log | grep 'status=sent' | grep ' Saved)' | sed 's/.* to=</</g' | sed 's/, relay.*//g' | sort | uniq -c | tr -s \" \""
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -152,14 +152,14 @@ function teardown_file() { _default_teardown ; }
|
||||||
# _should_output_number_of_lines 7
|
# _should_output_number_of_lines 7
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} delivers mail to existing alias" {
|
@test "delivers mail to existing alias" {
|
||||||
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail/mail.log
|
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<alias1@localhost.localdomain>' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'status=sent'
|
assert_output --partial 'status=sent'
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} delivers mail to existing alias with recipient delimiter" {
|
@test "delivers mail to existing alias with recipient delimiter" {
|
||||||
_run_in_container grep 'to=<user1~test@localhost.localdomain>, orig_to=<alias1~test@localhost.localdomain>' /var/log/mail/mail.log
|
_run_in_container grep 'to=<user1~test@localhost.localdomain>, orig_to=<alias1~test@localhost.localdomain>' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'status=sent'
|
assert_output --partial 'status=sent'
|
||||||
|
@ -170,21 +170,21 @@ function teardown_file() { _default_teardown ; }
|
||||||
refute_output --partial 'status=bounced'
|
refute_output --partial 'status=bounced'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} delivers mail to existing catchall" {
|
@test "delivers mail to existing catchall" {
|
||||||
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<wildcard@localdomain2.com>' /var/log/mail/mail.log
|
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<wildcard@localdomain2.com>' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'status=sent'
|
assert_output --partial 'status=sent'
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} delivers mail to regexp alias" {
|
@test "delivers mail to regexp alias" {
|
||||||
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<test123@localhost.localdomain>' /var/log/mail/mail.log
|
_run_in_container grep 'to=<user1@localhost.localdomain>, orig_to=<test123@localhost.localdomain>' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial 'status=sent'
|
assert_output --partial 'status=sent'
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} user1 should have received 8 mails" {
|
@test "user1 should have received 8 mails" {
|
||||||
_run_in_container bash -c "grep Subject /var/mail/localhost.localdomain/user1/new/* | sed 's/.*Subject: //g' | sed 's/\.txt.*//g' | sed 's/VIRUS.*/VIRUS/g' | sort"
|
_run_in_container bash -c "grep Subject /var/mail/localhost.localdomain/user1/new/* | sed 's/.*Subject: //g' | sed 's/\.txt.*//g' | sed 's/VIRUS.*/VIRUS/g' | sort"
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -205,13 +205,13 @@ function teardown_file() { _default_teardown ; }
|
||||||
# _should_output_number_of_lines 11
|
# _should_output_number_of_lines 11
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} rejects mail to unknown user" {
|
@test "rejects mail to unknown user" {
|
||||||
_run_in_container grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail/mail.log
|
_run_in_container grep '<nouser@localhost.localdomain>: Recipient address rejected: User unknown in virtual mailbox table' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
_should_output_number_of_lines 1
|
_should_output_number_of_lines 1
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} redirects mail to external aliases" {
|
@test "redirects mail to external aliases" {
|
||||||
_run_in_container bash -c "grep 'Passed CLEAN {RelayedInbound}' /var/log/mail/mail.log | grep -- '-> <external1@otherdomain.tld>'"
|
_run_in_container bash -c "grep 'Passed CLEAN {RelayedInbound}' /var/log/mail/mail.log | grep -- '-> <external1@otherdomain.tld>'"
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial '<user@external.tld> -> <external1@otherdomain.tld>'
|
assert_output --partial '<user@external.tld> -> <external1@otherdomain.tld>'
|
||||||
|
@ -220,7 +220,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO: Add a test covering case SPAMASSASSIN_SPAM_TO_INBOX=1 (default)
|
# TODO: Add a test covering case SPAMASSASSIN_SPAM_TO_INBOX=1 (default)
|
||||||
@test "${TEST_NAME_PREFIX} rejects spam" {
|
@test "rejects spam" {
|
||||||
_run_in_container grep 'Blocked SPAM {NoBounceInbound,Quarantined}' /var/log/mail/mail.log
|
_run_in_container grep 'Blocked SPAM {NoBounceInbound,Quarantined}' /var/log/mail/mail.log
|
||||||
assert_success
|
assert_success
|
||||||
assert_output --partial '<spam@external.tld> -> <user1@localhost.localdomain>'
|
assert_output --partial '<spam@external.tld> -> <user1@localhost.localdomain>'
|
||||||
|
@ -234,7 +234,7 @@ function teardown_file() { _default_teardown ; }
|
||||||
# assert_output --partial 'external.tld=spam@example.test> -> <user1@localhost.localdomain>'
|
# assert_output --partial 'external.tld=spam@example.test> -> <user1@localhost.localdomain>'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} SA - All registered domains should receive mail with spam headers (X-Spam)" {
|
@test "SA - All registered domains should receive mail with spam headers (X-Spam)" {
|
||||||
_run_in_container grep -ir 'X-Spam-' /var/mail/localhost.localdomain/user1/new
|
_run_in_container grep -ir 'X-Spam-' /var/mail/localhost.localdomain/user1/new
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -244,13 +244,13 @@ function teardown_file() { _default_teardown ; }
|
||||||
|
|
||||||
# Dovecot does not support SMTPUTF8, so while we can send we cannot receive
|
# Dovecot does not support SMTPUTF8, so while we can send we cannot receive
|
||||||
# Better disable SMTPUTF8 support entirely if we can't handle it correctly
|
# Better disable SMTPUTF8 support entirely if we can't handle it correctly
|
||||||
@test "${TEST_NAME_PREFIX} not advertising smtputf8" {
|
@test "not advertising smtputf8" {
|
||||||
_run_in_container bash -c 'nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/smtp-ehlo.txt'
|
_run_in_container bash -c 'nc 0.0.0.0 25 < /tmp/docker-mailserver-test/email-templates/smtp-ehlo.txt'
|
||||||
assert_success
|
assert_success
|
||||||
refute_output --partial 'SMTPUTF8'
|
refute_output --partial 'SMTPUTF8'
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} mail for root was delivered" {
|
@test "mail for root was delivered" {
|
||||||
_run_in_container grep -R 'Subject: Root Test Message' /var/mail/localhost.localdomain/user1/new/
|
_run_in_container grep -R 'Subject: Root Test Message' /var/mail/localhost.localdomain/user1/new/
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,14 +1,14 @@
|
||||||
load "${REPOSITORY_ROOT}/test/test_helper/common"
|
load "${REPOSITORY_ROOT}/test/test_helper/common"
|
||||||
|
|
||||||
TEST_NAME_PREFIX='test helper functions:'
|
BATS_TEST_NAME_PREFIX='test helper functions:'
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_until_success_or_timeout returns instantly on success" {
|
@test "repeat_until_success_or_timeout returns instantly on success" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
repeat_until_success_or_timeout 1 true
|
repeat_until_success_or_timeout 1 true
|
||||||
[[ ${SECONDS} -le 1 ]]
|
[[ ${SECONDS} -le 1 ]]
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_until_success_or_timeout waits for timeout on persistent failure" {
|
@test "repeat_until_success_or_timeout waits for timeout on persistent failure" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
run repeat_until_success_or_timeout 2 false
|
run repeat_until_success_or_timeout 2 false
|
||||||
[[ ${SECONDS} -ge 2 ]]
|
[[ ${SECONDS} -ge 2 ]]
|
||||||
|
@ -16,7 +16,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_output --partial "Timed out on command"
|
assert_output --partial "Timed out on command"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_until_success_or_timeout aborts immediately on fatal failure" {
|
@test "repeat_until_success_or_timeout aborts immediately on fatal failure" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
run repeat_until_success_or_timeout --fatal-test false 2 false
|
run repeat_until_success_or_timeout --fatal-test false 2 false
|
||||||
[[ ${SECONDS} -le 1 ]]
|
[[ ${SECONDS} -le 1 ]]
|
||||||
|
@ -24,7 +24,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_output --partial "early aborting"
|
assert_output --partial "early aborting"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_until_success_or_timeout expects integer timeout" {
|
@test "repeat_until_success_or_timeout expects integer timeout" {
|
||||||
run repeat_until_success_or_timeout 1 true
|
run repeat_until_success_or_timeout 1 true
|
||||||
assert_success
|
assert_success
|
||||||
|
|
||||||
|
@ -35,27 +35,27 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} run_until_success_or_timeout returns instantly on success" {
|
@test "run_until_success_or_timeout returns instantly on success" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
run_until_success_or_timeout 2 true
|
run_until_success_or_timeout 2 true
|
||||||
[[ ${SECONDS} -le 1 ]]
|
[[ ${SECONDS} -le 1 ]]
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} run_until_success_or_timeout waits for timeout on persistent failure" {
|
@test "run_until_success_or_timeout waits for timeout on persistent failure" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
! run_until_success_or_timeout 2 false
|
! run_until_success_or_timeout 2 false
|
||||||
[[ ${SECONDS} -ge 2 ]]
|
[[ ${SECONDS} -ge 2 ]]
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_in_container_until_success_or_timeout fails immediately for non-running container" {
|
@test "repeat_in_container_until_success_or_timeout fails immediately for non-running container" {
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
! repeat_in_container_until_success_or_timeout 10 name-of-non-existing-container true
|
! repeat_in_container_until_success_or_timeout 10 name-of-non-existing-container true
|
||||||
[[ ${SECONDS} -le 1 ]]
|
[[ ${SECONDS} -le 1 ]]
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} repeat_in_container_until_success_or_timeout run command in container" {
|
@test "repeat_in_container_until_success_or_timeout run command in container" {
|
||||||
local CONTAINER_NAME
|
local CONTAINER_NAME
|
||||||
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
|
@ -65,7 +65,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_output "${CONTAINER_NAME}"
|
assert_output "${CONTAINER_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} container_is_running" {
|
@test "container_is_running" {
|
||||||
local CONTAINER_NAME
|
local CONTAINER_NAME
|
||||||
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
||||||
container_is_running "${CONTAINER_NAME}"
|
container_is_running "${CONTAINER_NAME}"
|
||||||
|
@ -73,7 +73,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
! container_is_running "${CONTAINER_NAME}"
|
! container_is_running "${CONTAINER_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_smtp_port_in_container aborts wait after timeout" {
|
@test "wait_for_smtp_port_in_container aborts wait after timeout" {
|
||||||
local CONTAINER_NAME
|
local CONTAINER_NAME
|
||||||
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
CONTAINER_NAME=$(docker run --rm -d alpine sleep 100)
|
||||||
SECONDS=0
|
SECONDS=0
|
||||||
|
@ -84,7 +84,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
}
|
}
|
||||||
|
|
||||||
# NOTE: Test requires external network access available
|
# NOTE: Test requires external network access available
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_smtp_port_in_container returns immediately when port found" {
|
@test "wait_for_smtp_port_in_container returns immediately when port found" {
|
||||||
local CONTAINER_NAME
|
local CONTAINER_NAME
|
||||||
CONTAINER_NAME=$(docker run --rm -d alpine sh -c "sleep 100")
|
CONTAINER_NAME=$(docker run --rm -d alpine sh -c "sleep 100")
|
||||||
|
|
||||||
|
@ -97,7 +97,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_success
|
assert_success
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_finished_setup_in_container" {
|
@test "wait_for_finished_setup_in_container" {
|
||||||
# variable not local to make visible to teardown
|
# variable not local to make visible to teardown
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
||||||
|
@ -119,7 +119,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
[[ ${SECONDS} -gt 0 ]]
|
[[ ${SECONDS} -gt 0 ]]
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} duplicate_config_for_container" {
|
@test "duplicate_config_for_container" {
|
||||||
local path
|
local path
|
||||||
path=$(duplicate_config_for_container duplicate_config_test)
|
path=$(duplicate_config_for_container duplicate_config_test)
|
||||||
|
|
||||||
|
@ -130,7 +130,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} container_has_service_running/wait_for_service" {
|
@test "container_has_service_running/wait_for_service" {
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
||||||
|
|
||||||
|
@ -158,7 +158,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
assert_failure
|
assert_failure
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_changes_to_be_detected_in_container fails when timeout is reached" {
|
@test "wait_for_changes_to_be_detected_in_container fails when timeout is reached" {
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
||||||
|
|
||||||
|
@ -184,7 +184,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
! TEST_TIMEOUT_IN_SECONDS=0 wait_for_changes_to_be_detected_in_container "${CONTAINER_NAME}"
|
! TEST_TIMEOUT_IN_SECONDS=0 wait_for_changes_to_be_detected_in_container "${CONTAINER_NAME}"
|
||||||
}
|
}
|
||||||
|
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_changes_to_be_detected_in_container succeeds within timeout" {
|
@test "wait_for_changes_to_be_detected_in_container succeeds within timeout" {
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
PRIVATE_CONFIG=$(duplicate_config_for_container .)
|
||||||
|
|
||||||
|
@ -210,7 +210,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO investigate why this test fails
|
# TODO investigate why this test fails
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_empty_mail_queue_in_container fails when timeout reached" {
|
@test "wait_for_empty_mail_queue_in_container fails when timeout reached" {
|
||||||
skip 'disabled as it fails randomly: https://github.com/docker-mailserver/docker-mailserver/pull/2177'
|
skip 'disabled as it fails randomly: https://github.com/docker-mailserver/docker-mailserver/pull/2177'
|
||||||
|
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
|
@ -242,7 +242,7 @@ TEST_NAME_PREFIX='test helper functions:'
|
||||||
}
|
}
|
||||||
|
|
||||||
# TODO investigate why this test fails
|
# TODO investigate why this test fails
|
||||||
@test "${TEST_NAME_PREFIX} wait_for_empty_mail_queue_in_container succeeds within timeout" {
|
@test "wait_for_empty_mail_queue_in_container succeeds within timeout" {
|
||||||
skip 'disabled as it fails randomly: https://github.com/docker-mailserver/docker-mailserver/pull/2177'
|
skip 'disabled as it fails randomly: https://github.com/docker-mailserver/docker-mailserver/pull/2177'
|
||||||
|
|
||||||
local PRIVATE_CONFIG
|
local PRIVATE_CONFIG
|
||||||
|
|
Loading…
Reference in a new issue